debian-mirror-gitlab/app/services/spam/spam_verdict_service.rb

110 lines
3.3 KiB
Ruby
Raw Normal View History

2020-05-24 23:13:21 +05:30
# frozen_string_literal: true
module Spam
class SpamVerdictService
include AkismetMethods
include SpamConstants
2020-06-23 00:09:42 +05:30
def initialize(user:, target:, request:, options:, context: {})
2020-05-24 23:13:21 +05:30
@target = target
@request = request
2020-06-23 00:09:42 +05:30
@user = user
2020-05-24 23:13:21 +05:30
@options = options
2021-06-08 01:23:25 +05:30
@context = context
2020-05-24 23:13:21 +05:30
end
def execute
2021-06-08 01:23:25 +05:30
spamcheck_result = nil
spamcheck_attribs = {}
spamcheck_error = false
external_spam_check_round_trip_time = Benchmark.realtime do
spamcheck_result, spamcheck_attribs, spamcheck_error = spamcheck_verdict
end
label = spamcheck_error ? 'ERROR' : spamcheck_result.to_s.upcase
histogram.observe( { result: label }, external_spam_check_round_trip_time )
# assign result to a var for logging it before reassigning to nil when monitorMode is true
original_spamcheck_result = spamcheck_result
spamcheck_result = nil if spamcheck_attribs&.fetch("monitorMode", "false") == "true"
2020-06-23 00:09:42 +05:30
akismet_result = akismet_verdict
# filter out anything we don't recognise, including nils.
2021-06-08 01:23:25 +05:30
valid_results = [spamcheck_result, akismet_result].compact.select { |r| SUPPORTED_VERDICTS.key?(r) }
2020-06-23 00:09:42 +05:30
# Treat nils - such as service unavailable - as ALLOW
return ALLOW unless valid_results.any?
# Favour the most restrictive result.
2021-06-08 01:23:25 +05:30
final_verdict = valid_results.min_by { |v| SUPPORTED_VERDICTS[v][:priority] }
logger.info(class: self.class.name,
akismet_verdict: akismet_verdict,
spam_check_verdict: original_spamcheck_result,
extra_attributes: spamcheck_attribs,
spam_check_rtt: external_spam_check_round_trip_time.real,
final_verdict: final_verdict,
username: user.username,
user_id: user.id,
target_type: target.class.to_s,
project_id: target.project_id
)
final_verdict
2020-06-23 00:09:42 +05:30
end
private
2021-06-08 01:23:25 +05:30
attr_reader :user, :target, :request, :options, :context
2020-06-23 00:09:42 +05:30
def akismet_verdict
2020-05-24 23:13:21 +05:30
if akismet.spam?
2020-06-23 00:09:42 +05:30
Gitlab::Recaptcha.enabled? ? CONDITIONAL_ALLOW : DISALLOW
2020-05-24 23:13:21 +05:30
else
ALLOW
end
end
2021-06-08 01:23:25 +05:30
def spamcheck_verdict
2020-06-23 00:09:42 +05:30
return unless Gitlab::CurrentSettings.spam_check_endpoint_enabled
begin
2021-06-08 01:23:25 +05:30
result, attribs, _error = spamcheck_client.issue_spam?(spam_issue: target, user: user, context: context)
return [nil, attribs] unless result
# @TODO log if error is not nil https://gitlab.com/gitlab-org/gitlab/-/issues/329545
return [result, attribs] if result == NOOP || attribs["monitorMode"] == "true"
# Duplicate logic with Akismet logic in #akismet_verdict
if Gitlab::Recaptcha.enabled? && result != ALLOW
[CONDITIONAL_ALLOW, attribs]
else
[result, attribs]
end
rescue StandardError => e
2020-06-23 00:09:42 +05:30
Gitlab::ErrorTracking.log_exception(e)
2021-06-08 01:23:25 +05:30
# Default to ALLOW if any errors occur
[ALLOW, attribs, true]
2020-06-23 00:09:42 +05:30
end
end
2021-06-08 01:23:25 +05:30
def spamcheck_client
@spamcheck_client ||= Gitlab::Spamcheck::Client.new
end
def logger
@logger ||= Gitlab::AppJsonLogger.build
2020-06-23 00:09:42 +05:30
end
2021-06-08 01:23:25 +05:30
def histogram
@histogram ||= Gitlab::Metrics.histogram(:gitlab_spamcheck_request_duration_seconds, 'Request duration to the anti-spam service')
2020-06-23 00:09:42 +05:30
end
2020-05-24 23:13:21 +05:30
end
end