t/tetratto
1
0
Fork 0
Code Issues Pull requests Projects Releases 5 Packages Wiki Activity Actions

add: use RemoteAddr for ip blocks as well

Browse source
This commit is contained in:
trisua 2025-06-30 15:35:18 -04:00
parent 14936b8b90
commit f5faed7762
12 changed files with 127 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

45
crates/app/src/routes/pages/communities.rs
View file

@ -3,14 +3,16 @@ use crate::{
assets::initial_context, check_user_blocked_or_private, get_lang, get_user_from_token, State,
};
use axum::{
Extension,
extract::{Path, Query},
http::{HeaderMap, HeaderValue},
response::{Html, IntoResponse},
Extension,
};
use axum_extra::extract::CookieJar;
use serde::Deserialize;
use tera::Context;
use tetratto_core::model::{
addr::RemoteAddr,
auth::User,
communities::Community,
communities_permissions::CommunityPermission,
@ -642,6 +644,7 @@ pub async fn settings_request(
/// `/post/{id}`
pub async fn post_request(
jar: CookieJar,
headers: HeaderMap,
Path(id): Path<usize>,
Query(props): Query<PaginatedQuery>,
Extension(data): Extension<State>,
@ -751,6 +754,46 @@ pub async fn post_request(
check_user_blocked_or_private!(user, owner, data, jar);
}
// get real ip
let real_ip = headers
.get(data.0.0.0.security.real_ip_header.to_owned())
.unwrap_or(&HeaderValue::from_static(""))
.to_str()
.unwrap_or("")
.to_string();
// check for ip ban
let addr = RemoteAddr::from(real_ip.as_str());
if data.0.get_ipban_by_addr(&addr).await.is_ok() {
return Err(Html(
render_error(
Error::GeneralNotFound("post".to_string()),
&jar,
&data,
&user,
)
.await,
));
}
// check for ip block
if data
.0
.get_ipblock_by_initiator_receiver(post.owner, &addr)
.await
.is_ok()
{
return Err(Html(
render_error(
Error::GeneralNotFound("post".to_string()),
&jar,
&data,
&user,
)
.await,
));
}
// check repost
let (_, reposting) = data.0.get_post_reposting(&post, &ignore_users, &user).await;