diff options
author | Dan McGee <dpmcgee@gmail.com> | 2011-06-19 11:56:23 -0500 |
---|---|---|
committer | Dan McGee <dpmcgee@gmail.com> | 2011-06-19 11:56:23 -0500 |
commit | 4211a47bbe697429eb138d407110bd69bdcaf61a (patch) | |
tree | 803fc2bf0842496972eea24fd8a071e8e3ebecc6 | |
parent | e9cbba0e42701647e0a437dcfe7830e03fe278fb (diff) | |
download | website-4211a47bbe697429eb138d407110bd69bdcaf61a.tar.gz website-4211a47bbe697429eb138d407110bd69bdcaf61a.zip |
Ensure rewriten IP address is checked against ban list
Signed-off-by: Dan McGee <dpmcgee@gmail.com>
-rw-r--r-- | mycomments/models.py | 4 | ||||
-rw-r--r-- | mycomments/signals.py | 22 |
2 files changed, 16 insertions, 10 deletions
diff --git a/mycomments/models.py b/mycomments/models.py index 1728088..aad81a0 100644 --- a/mycomments/models.py +++ b/mycomments/models.py @@ -32,7 +32,7 @@ from django.contrib.comments.signals import (comment_was_posted, comment_will_be_posted) from django.db.models.signals import pre_save from mycomments.signals import (send_comment_by_mail, check_spam_comment, - rewrite_ip_address) + set_comment_ip_address) comment_was_posted.connect(send_comment_by_mail, dispatch_uid='mycomments.models') @@ -40,7 +40,7 @@ comment_will_be_posted.connect(check_spam_comment, dispatch_uid='mycomments.models') # Note: why I have to connect to 'Comment' and not 'MyComment' is beyond me and # probably a bug, but this does the job. -pre_save.connect(rewrite_ip_address, sender=Comment, +pre_save.connect(set_comment_ip_address, sender=Comment, dispatch_uid='mycomments.models') # vim: set ts=4 sw=4 et: diff --git a/mycomments/signals.py b/mycomments/signals.py index 774bfcd..15efcc4 100644 --- a/mycomments/signals.py +++ b/mycomments/signals.py @@ -14,7 +14,7 @@ def send_comment_by_mail(sender, **kwargs): # if the comment has a logged-in user, we don't need an email if comment.user: return - post = Post.objects.get(id__exact = comment.object_pk) + post = comment.content_object commenturl = 'https://%s%s' % ( Site.objects.get_current().domain, comment.get_absolute_url() ) @@ -47,13 +47,14 @@ def check_spam_comment(sender, **kwargs): # we shouldn't have comments on anything except Post objects... if comment.content_type.model_class() != Post: return False - post = Post.objects.get(id__exact = comment.object_pk) - if not post.comments_enabled: + content_obj = comment.content_object + if not getattr(content_obj, 'comments_enabled', True): return False # if the comment has a logged-in user, we don't to check it if comment.user: return True - ip_exists = BannedIP.objects.filter(ip_address=comment.ip_address).exists() + ip_addr = rewrite_ip_address(comment.ip_address) + ip_exists = BannedIP.objects.filter(ip_address=ip_addr).exists() un_exists = BannedUserName.objects.filter(user_name=comment.user_name).exists() if ip_exists or un_exists: # If we found the IP or name in the ban table, this comment is bogus. @@ -66,19 +67,24 @@ def check_spam_comment(sender, **kwargs): # mark the comment as non-public/bogus comment.is_public = False -def rewrite_ip_address(sender, **kwargs): +def rewrite_ip_address(addr): """ Coerce an IPv6 address to IPv4 if possible. Examples: ::ffff:1.2.3.4 --> 1.2.3.4 ::1 --> 127.0.0.1 """ - comment = kwargs['instance'] - addr = comment.ip_address if addr.startswith('::ffff:'): addr = addr[7:] if addr == '::1': addr = '127.0.0.1' - comment.ip_address = addr + return addr + +def set_comment_ip_address(sender, **kwargs): + """ + Run comment.ip_adddress field through the IPv6 rewriter. + """ + comment = kwargs['instance'] + comment.ip_address = rewrite_ip_address(comment.ip_address) # vim: set ts=4 sw=4 et: |