opdavies/drupalcampbristol
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Drupal 8.0.0 beta 12. More info: https://www.drupal.org/node/2514176

Browse source
This commit is contained in:
Pantheon Automation 2015-08-17 17:00:26 -07:00 committed by Greg Anderson
commit 9921556621
13277 changed files with 1459781 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

102
core/lib/Drupal/Core/Flood/DatabaseBackend.php Normal file
View file

@ -0,0 +1,102 @@
<?php
/**
* @file
* Contains \Drupal\Core\Flood\DatabaseBackend.
*/
namespace Drupal\Core\Flood;
use Symfony\Component\HttpFoundation\RequestStack;
use Drupal\Core\Database\Connection;
/**
* Defines the database flood backend. This is the default Drupal backend.
*/
class DatabaseBackend implements FloodInterface {
/**
* The database connection used to store flood event information.
*
* @var \Drupal\Core\Database\Connection
*/
protected $connection;
/**
* The request stack.
*
* @var \Symfony\Component\HttpFoundation\RequestStack
*/
protected $requestStack;
/**
* Construct the DatabaseBackend.
*
* @param \Drupal\Core\Database\Connection $connection
* The database connection which will be used to store the flood event
* information.
* @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
* The request stack used to retrieve the current request.
*/
public function __construct(Connection $connection, RequestStack $request_stack) {
$this->connection = $connection;
$this->requestStack = $request_stack;
}
/**
* Implements Drupal\Core\Flood\FloodInterface::register().
*/
public function register($name, $window = 3600, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack->getCurrentRequest()->getClientIp();
}
$this->connection->insert('flood')
->fields(array(
'event' => $name,
'identifier' => $identifier,
'timestamp' => REQUEST_TIME,
'expiration' => REQUEST_TIME + $window,
))
->execute();
}
/**
* Implements Drupal\Core\Flood\FloodInterface::clear().
*/
public function clear($name, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack->getCurrentRequest()->getClientIp();
}
$this->connection->delete('flood')
->condition('event', $name)
->condition('identifier', $identifier)
->execute();
}
/**
* Implements Drupal\Core\Flood\FloodInterface::isAllowed().
*/
public function isAllowed($name, $threshold, $window = 3600, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack->getCurrentRequest()->getClientIp();
}
$number = $this->connection->select('flood', 'f')
->condition('event', $name)
->condition('identifier', $identifier)
->condition('timestamp', REQUEST_TIME - $window, '>')
->countQuery()
->execute()
->fetchField();
return ($number < $threshold);
}
/**
* Implements Drupal\Core\Flood\FloodInterface::garbageCollection().
*/
public function garbageCollection() {
return $this->connection->delete('flood')
->condition('expiration', REQUEST_TIME, '<')
->execute();
}
}

76
core/lib/Drupal/Core/Flood/FloodInterface.php Normal file
View file

@ -0,0 +1,76 @@
<?php
/**
* @file
* Contains \Drupal\Core\Flood\FloodInterface.
*/
namespace Drupal\Core\Flood;
/**
* Defines an interface for flood controllers.
*/
interface FloodInterface {
/**
* Registers an event for the current visitor to the flood control mechanism.
*
* @param string $name
* The name of an event. To prevent unintended name clashes, it is recommended
* to use the module name first in the event name, optionally followed by
* a dot and the actual event name (e.g. "mymodule.my_event").
* @param int $window
* (optional) Number of seconds before this event expires. Defaults to 3600
* (1 hour). Typically uses the same value as the isAllowed() $window
* parameter. Expired events are purged on cron run to prevent the flood
* table from growing indefinitely.
* @param string $identifier
* (optional) Unique identifier of the current user. Defaults to the current
* user's IP address).
*/
public function register($name, $window = 3600, $identifier = NULL);
/**
* Makes the flood control mechanism forget an event for the current visitor.
*
* @param string $name
* The name of an event.
* @param string $identifier
* (optional) Unique identifier of the current user. Defaults to the current
* user's IP address).
*/
public function clear($name, $identifier = NULL);
/**
* Checks whether a user is allowed to proceed with the specified event.
*
* Events can have thresholds saying that each user can only do that event
* a certain number of times in a time window. This function verifies that
* the current user has not exceeded this threshold.
*
* @param string $name
* The name of an event.
* @param int $threshold
* The maximum number of times each user can do this event per time window.
* @param int $window
* (optional) Number of seconds in the time window for this event (default is 3600
* seconds, or 1 hour).
* @param string $identifier
* (optional) Unique identifier of the current user. Defaults to the current
* user's IP address).
*
* @return
* TRUE if the user is allowed to proceed. FALSE if they have exceeded the
* threshold and should not be allowed to proceed.
*/
public function isAllowed($name, $threshold, $window = 3600, $identifier = NULL);
/**
* Cleans up expired flood events. This method is called automatically on
* cron run.
*
* @see system_cron()
*/
public function garbageCollection();
}

91
core/lib/Drupal/Core/Flood/MemoryBackend.php Normal file
View file

@ -0,0 +1,91 @@
<?php
/**
* @file
* Contains \Drupal\Core\Flood\MemoryBackend.
*/
namespace Drupal\Core\Flood;
use Symfony\Component\HttpFoundation\RequestStack;
/**
* Defines the memory flood backend. This is used for testing.
*/
class MemoryBackend implements FloodInterface {
/**
* The request stack.
*
* @var \Symfony\Component\HttpFoundation\RequestStack
*/
protected $requestStack;
/**
* An array holding flood events, keyed by event name and identifier.
*/
protected $events = array();
/**
* Construct the MemoryBackend.
*
* @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
* The request stack used to retrieve the current request.
*/
public function __construct(RequestStack $request_stack) {
$this->requestStack = $request_stack;
}
/**
* Implements Drupal\Core\Flood\FloodInterface::register().
*/
public function register($name, $window = 3600, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack->getCurrentRequest()->getClientIp();
}
// We can't use REQUEST_TIME here, because that would not guarantee
// uniqueness.
$time = microtime(TRUE);
$this->events[$name][$identifier][$time + $window] = $time;
}
/**
* Implements Drupal\Core\Flood\FloodInterface::clear().
*/
public function clear($name, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack->getCurrentRequest()->getClientIp();
}
unset($this->events[$name][$identifier]);
}
/**
* Implements Drupal\Core\Flood\FloodInterface::isAllowed().
*/
public function isAllowed($name, $threshold, $window = 3600, $identifier = NULL) {
if (!isset($identifier)) {
$identifier = $this->requestStack->getCurrentRequest()->getClientIp();
}
$limit = microtime(TRUE) - $window;
$number = count(array_filter($this->events[$name][$identifier], function ($timestamp) use ($limit) {
return $timestamp > $limit;
}));
return ($number < $threshold);
}
/**
* Implements Drupal\Core\Flood\FloodInterface::garbageCollection().
*/
public function garbageCollection() {
foreach ($this->events as $name => $identifiers) {
foreach ($this->events[$name] as $identifier => $timestamps) {
// Filter by key (expiration) but preserve key => value associations.
$this->events[$name][$identifier] = array_filter($timestamps, function () use (&$timestamps) {
$expiration = key($timestamps);
next($timestamps);
return $expiration > microtime(TRUE);
});
}
}
}
}