ntfy/server/visitor.go

package server

import (
	"errors"
	"fmt"
	"heckel.io/ntfy/user"
	"net/netip"
	"sync"
	"time"

	"golang.org/x/time/rate"
	"heckel.io/ntfy/util"
)

const (
	// visitorExpungeAfter defines how long a visitor is active before it is removed from memory. This number
	// has to be very high to prevent e-mail abuse, but it doesn't really affect the other limits anyway, since
	// they are replenished faster (typically).
	visitorExpungeAfter = 24 * time.Hour

	// visitorDefaultReservationsLimit is the amount of topic names a user without a tier is allowed to reserve.
	// This number is zero, and changing it may have unintended consequences in the web app, or otherwise
	visitorDefaultReservationsLimit = int64(0)
)

var (
	errVisitorLimitReached = errors.New("limit reached")
)

// visitor represents an API user, and its associated rate.Limiter used for rate limiting
type visitor struct {
	config              *Config
	messageCache        *messageCache
	userManager         *user.Manager // May be nil!
	ip                  netip.Addr
	user                *user.User
	messages            int64         // Number of messages sent, reset every day
	emails              int64         // Number of emails sent, reset every day
	requestLimiter      *rate.Limiter // Rate limiter for (almost) all requests (including messages)
	messagesLimiter     util.Limiter  // Rate limiter for messages, may be nil
	emailsLimiter       *rate.Limiter // Rate limiter for emails
	subscriptionLimiter util.Limiter  // Fixed limiter for active subscriptions (ongoing connections)
	bandwidthLimiter    util.Limiter  // Limiter for attachment bandwidth downloads
	accountLimiter      *rate.Limiter // Rate limiter for account creation
	firebase            time.Time     // Next allowed Firebase message
	seen                time.Time     // Last seen time of this visitor (needed for removal of stale visitors)
	mu                  sync.Mutex
}

type visitorInfo struct {
	Limits *visitorLimits
	Stats  *visitorStats
}

type visitorLimits struct {
	Basis                    visitorLimitBasis
	MessagesLimit            int64
	MessagesExpiryDuration   time.Duration
	EmailsLimit              int64
	ReservationsLimit        int64
	AttachmentTotalSizeLimit int64
	AttachmentFileSizeLimit  int64
	AttachmentExpiryDuration time.Duration
}

type visitorStats struct {
	Messages                     int64
	MessagesRemaining            int64
	Emails                       int64
	EmailsRemaining              int64
	Reservations                 int64
	ReservationsRemaining        int64
	AttachmentTotalSize          int64
	AttachmentTotalSizeRemaining int64
}

// visitorLimitBasis describes how the visitor limits were derived, either from a user's
// IP address (default config), or from its tier
type visitorLimitBasis string

const (
	visitorLimitBasisIP   = visitorLimitBasis("ip")
	visitorLimitBasisTier = visitorLimitBasis("tier")
)

func newVisitor(conf *Config, messageCache *messageCache, userManager *user.Manager, ip netip.Addr, user *user.User) *visitor {
	var messagesLimiter util.Limiter
	var requestLimiter, emailsLimiter, accountLimiter *rate.Limiter
	var messages, emails int64
	if user != nil {
		messages = user.Stats.Messages
		emails = user.Stats.Emails
	} else {
		accountLimiter = rate.NewLimiter(rate.Every(conf.VisitorAccountCreateLimitReplenish), conf.VisitorAccountCreateLimitBurst)
	}
	if user != nil && user.Tier != nil {
		requestLimiter = rate.NewLimiter(dailyLimitToRate(user.Tier.MessagesLimit), conf.VisitorRequestLimitBurst)
		messagesLimiter = util.NewFixedLimiter(user.Tier.MessagesLimit)
		emailsLimiter = rate.NewLimiter(dailyLimitToRate(user.Tier.EmailsLimit), conf.VisitorEmailLimitBurst)
	} else {
		requestLimiter = rate.NewLimiter(rate.Every(conf.VisitorRequestLimitReplenish), conf.VisitorRequestLimitBurst)
		emailsLimiter = rate.NewLimiter(rate.Every(conf.VisitorEmailLimitReplenish), conf.VisitorEmailLimitBurst)
	}
	return &visitor{
		config:              conf,
		messageCache:        messageCache,
		userManager:         userManager, // May be nil
		ip:                  ip,
		user:                user,
		messages:            messages,
		emails:              emails,
		requestLimiter:      requestLimiter,
		messagesLimiter:     messagesLimiter, // May be nil
		emailsLimiter:       emailsLimiter,
		subscriptionLimiter: util.NewFixedLimiter(int64(conf.VisitorSubscriptionLimit)),
		bandwidthLimiter:    util.NewBytesLimiter(conf.VisitorAttachmentDailyBandwidthLimit, 24*time.Hour),
		accountLimiter:      accountLimiter, // May be nil
		firebase:            time.Unix(0, 0),
		seen:                time.Now(),
	}
}

func (v *visitor) String() string {
	v.mu.Lock()
	defer v.mu.Unlock()
	if v.user != nil && v.user.Billing.StripeCustomerID != "" {
		return fmt.Sprintf("%s/%s/%s", v.ip.String(), v.user.ID, v.user.Billing.StripeCustomerID)
	} else if v.user != nil {
		return fmt.Sprintf("%s/%s", v.ip.String(), v.user.ID)
	}
	return v.ip.String()
}

func (v *visitor) RequestAllowed() error {
	if !v.requestLimiter.Allow() {
		return errVisitorLimitReached
	}
	return nil
}

func (v *visitor) FirebaseAllowed() error {
	v.mu.Lock()
	defer v.mu.Unlock()
	if time.Now().Before(v.firebase) {
		return errVisitorLimitReached
	}
	return nil
}

func (v *visitor) FirebaseTemporarilyDeny() {
	v.mu.Lock()
	defer v.mu.Unlock()
	v.firebase = time.Now().Add(v.config.FirebaseQuotaExceededPenaltyDuration)
}

func (v *visitor) MessageAllowed() error {
	if v.messagesLimiter != nil && v.messagesLimiter.Allow(1) != nil {
		return errVisitorLimitReached
	}
	return nil
}

func (v *visitor) EmailAllowed() error {
	if !v.emailsLimiter.Allow() {
		return errVisitorLimitReached
	}
	return nil
}

func (v *visitor) SubscriptionAllowed() error {
	v.mu.Lock()
	defer v.mu.Unlock()
	if err := v.subscriptionLimiter.Allow(1); err != nil {
		return errVisitorLimitReached
	}
	return nil
}

func (v *visitor) RemoveSubscription() {
	v.mu.Lock()
	defer v.mu.Unlock()
	v.subscriptionLimiter.Allow(-1)
}

func (v *visitor) Keepalive() {
	v.mu.Lock()
	defer v.mu.Unlock()
	v.seen = time.Now()
}

func (v *visitor) BandwidthLimiter() util.Limiter {
	return v.bandwidthLimiter
}

func (v *visitor) Stale() bool {
	v.mu.Lock()
	defer v.mu.Unlock()
	return time.Since(v.seen) > visitorExpungeAfter
}

func (v *visitor) IncrementMessages() {
	v.mu.Lock()
	defer v.mu.Unlock()
	v.messages++
	if v.user != nil {
		v.user.Stats.Messages = v.messages
	}
}

func (v *visitor) IncrementEmails() {
	v.mu.Lock()
	defer v.mu.Unlock()
	v.emails++
	if v.user != nil {
		v.user.Stats.Emails = v.emails
	}
}

func (v *visitor) ResetStats() {
	v.mu.Lock()
	defer v.mu.Unlock()
	v.messages = 0
	v.emails = 0
	if v.user != nil {
		v.user.Stats.Messages = 0
		v.user.Stats.Emails = 0
		// v.messagesLimiter = ... // FIXME
	}
}

// SetUser sets the visitors user to the given value
func (v *visitor) SetUser(u *user.User) {
	v.mu.Lock()
	defer v.mu.Unlock()
	v.user = u
}

// MaybeUserID returns the user ID of the visitor (if any). If this is an anonymous visitor,
// an empty string is returned.
func (v *visitor) MaybeUserID() string {
	v.mu.Lock()
	defer v.mu.Unlock()
	if v.user != nil {
		return v.user.ID
	}
	return ""
}

func (v *visitor) Limits() *visitorLimits {
	v.mu.Lock()
	defer v.mu.Unlock()
	limits := defaultVisitorLimits(v.config)
	if v.user != nil && v.user.Tier != nil {
		limits.Basis = visitorLimitBasisTier
		limits.MessagesLimit = v.user.Tier.MessagesLimit
		limits.MessagesExpiryDuration = v.user.Tier.MessagesExpiryDuration
		limits.EmailsLimit = v.user.Tier.EmailsLimit
		limits.ReservationsLimit = v.user.Tier.ReservationsLimit
		limits.AttachmentTotalSizeLimit = v.user.Tier.AttachmentTotalSizeLimit
		limits.AttachmentFileSizeLimit = v.user.Tier.AttachmentFileSizeLimit
		limits.AttachmentExpiryDuration = v.user.Tier.AttachmentExpiryDuration
	}
	return limits
}

func (v *visitor) Info() (*visitorInfo, error) {
	v.mu.Lock()
	messages := v.messages
	emails := v.emails
	v.mu.Unlock()
	var attachmentsBytesUsed int64
	var err error
	if v.user != nil {
		attachmentsBytesUsed, err = v.messageCache.AttachmentBytesUsedByUser(v.user.ID)
	} else {
		attachmentsBytesUsed, err = v.messageCache.AttachmentBytesUsedBySender(v.ip.String())
	}
	if err != nil {
		return nil, err
	}
	var reservations int64
	if v.user != nil && v.userManager != nil {
		reservations, err = v.userManager.ReservationsCount(v.user.Name)
		if err != nil {
			return nil, err
		}
	}
	limits := v.Limits()
	stats := &visitorStats{
		Messages:                     messages,
		MessagesRemaining:            zeroIfNegative(limits.MessagesLimit - messages),
		Emails:                       emails,
		EmailsRemaining:              zeroIfNegative(limits.EmailsLimit - emails),
		Reservations:                 reservations,
		ReservationsRemaining:        zeroIfNegative(limits.ReservationsLimit - reservations),
		AttachmentTotalSize:          attachmentsBytesUsed,
		AttachmentTotalSizeRemaining: zeroIfNegative(limits.AttachmentTotalSizeLimit - attachmentsBytesUsed),
	}
	return &visitorInfo{
		Limits: limits,
		Stats:  stats,
	}, nil
}

func zeroIfNegative(value int64) int64 {
	if value < 0 {
		return 0
	}
	return value
}

func replenishDurationToDailyLimit(duration time.Duration) int64 {
	return int64(24 * time.Hour / duration)
}

func dailyLimitToRate(limit int64) rate.Limit {
	return rate.Limit(limit) * rate.Every(24*time.Hour)
}

func defaultVisitorLimits(conf *Config) *visitorLimits {
	return &visitorLimits{
		Basis:                    visitorLimitBasisIP,
		MessagesLimit:            replenishDurationToDailyLimit(conf.VisitorRequestLimitReplenish),
		MessagesExpiryDuration:   conf.CacheDuration,
		EmailsLimit:              replenishDurationToDailyLimit(conf.VisitorEmailLimitReplenish),
		ReservationsLimit:        visitorDefaultReservationsLimit,
		AttachmentTotalSizeLimit: conf.VisitorAttachmentTotalSizeLimit,
		AttachmentFileSizeLimit:  conf.AttachmentFileSizeLimit,
		AttachmentExpiryDuration: conf.AttachmentExpiryDuration,
	}
}
Subscription limit 2021-11-01 22:21:38 +03:00			`package server`

			`import (`
JSON API errors 2021-12-25 17:15:05 +03:00			`"errors"`
Delayed deletion 2023-01-23 06:21:30 +03:00			`"fmt"`
Rename auth package to user; add extendToken feature 2022-12-25 19:41:38 +03:00			`"heckel.io/ntfy/user"`
refactor visitor IPs and allow exempting IP Ranges Use netip.Addr instead of storing addresses as strings. This requires conversions at the database level and in tests, but is more memory efficient otherwise, and facilitates the following. Parse rate limit exemptions as netip.Prefix. This allows storing IP ranges in the exemption list. Regular IP addresses (entered explicitly or resolved from hostnames) are IPV4/32, denoting a range of one address. 2022-10-05 23:42:07 +03:00			`"net/netip"`
Subscription limit 2021-11-01 22:21:38 +03:00			`"sync"`
			`"time"`
refactor visitor IPs and allow exempting IP Ranges Use netip.Addr instead of storing addresses as strings. This requires conversions at the database level and in tests, but is more memory efficient otherwise, and facilitates the following. Parse rate limit exemptions as netip.Prefix. This allows storing IP ranges in the exemption list. Regular IP addresses (entered explicitly or resolved from hostnames) are IPV4/32, denoting a range of one address. 2022-10-05 23:42:07 +03:00
			`"golang.org/x/time/rate"`
			`"heckel.io/ntfy/util"`
Subscription limit 2021-11-01 22:21:38 +03:00			`)`

			`const (`
Email rate limiting + tests 2021-12-24 02:03:04 +03:00			`// visitorExpungeAfter defines how long a visitor is active before it is removed from memory. This number`
			`// has to be very high to prevent e-mail abuse, but it doesn't really affect the other limits anyway, since`
			`// they are replenished faster (typically).`
			`visitorExpungeAfter = 24 * time.Hour`
Payments webhook test, delete attachments/messages when reservations are removed, 2023-01-21 06:47:37 +03:00
			`// visitorDefaultReservationsLimit is the amount of topic names a user without a tier is allowed to reserve.`
			`// This number is zero, and changing it may have unintended consequences in the web app, or otherwise`
			`visitorDefaultReservationsLimit = int64(0)`
Subscription limit 2021-11-01 22:21:38 +03:00			`)`

JSON API errors 2021-12-25 17:15:05 +03:00			`var (`
			`errVisitorLimitReached = errors.New("limit reached")`
			`)`

Subscription limit 2021-11-01 22:21:38 +03:00			`// visitor represents an API user, and its associated rate.Limiter used for rate limiting`
			`type visitor struct {`
Limits 2022-12-19 17:59:32 +03:00			`config *Config`
			`messageCache *messageCache`
Introduce Reservation 2023-01-03 04:08:37 +03:00			`userManager *user.Manager // May be nil!`
Limits 2022-12-19 17:59:32 +03:00			`ip netip.Addr`
Rename auth package to user; add extendToken feature 2022-12-25 19:41:38 +03:00			`user *user.User`
Tier based tests 2023-01-09 04:46:46 +03:00			`messages int64 // Number of messages sent, reset every day`
			`emails int64 // Number of emails sent, reset every day`
Write stats to user table asynchronously 2022-12-21 05:18:33 +03:00			`requestLimiter *rate.Limiter // Rate limiter for (almost) all requests (including messages)`
Tier based tests 2023-01-09 04:46:46 +03:00			`messagesLimiter util.Limiter // Rate limiter for messages, may be nil`
Write stats to user table asynchronously 2022-12-21 05:18:33 +03:00			`emailsLimiter *rate.Limiter // Rate limiter for emails`
			`subscriptionLimiter util.Limiter // Fixed limiter for active subscriptions (ongoing connections)`
Tier based tests 2023-01-09 04:46:46 +03:00			`bandwidthLimiter util.Limiter // Limiter for attachment bandwidth downloads`
Sign up rate limit 2022-12-24 20:10:51 +03:00			`accountLimiter *rate.Limiter // Rate limiter for account creation`
			`firebase time.Time // Next allowed Firebase message`
Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`seen time.Time // Last seen time of this visitor (needed for removal of stale visitors)`
Limits 2022-12-19 17:59:32 +03:00			`mu sync.Mutex`
Subscription limit 2021-11-01 22:21:38 +03:00			`}`

Fix almost all tests 2022-12-28 06:14:14 +03:00			`type visitorInfo struct {`
Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`Limits *visitorLimits`
			`Stats *visitorStats`
			`}`

			`type visitorLimits struct {`
			`Basis visitorLimitBasis`
			`MessagesLimit int64`
			`MessagesExpiryDuration time.Duration`
			`EmailsLimit int64`
			`ReservationsLimit int64`
			`AttachmentTotalSizeLimit int64`
			`AttachmentFileSizeLimit int64`
			`AttachmentExpiryDuration time.Duration`
			`}`

			`type visitorStats struct {`
Restructure limits 2022-12-20 00:22:13 +03:00			`Messages int64`
			`MessagesRemaining int64`
			`Emails int64`
			`EmailsRemaining int64`
Rename plan->tier, topics->reservations, more tests, more todos 2023-01-08 05:04:13 +03:00			`Reservations int64`
			`ReservationsRemaining int64`
Restructure limits 2022-12-20 00:22:13 +03:00			`AttachmentTotalSize int64`
			`AttachmentTotalSizeRemaining int64`
Attachment behavior fix for Firefox 2022-04-03 19:39:52 +03:00			`}`

Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`// visitorLimitBasis describes how the visitor limits were derived, either from a user's`
			`// IP address (default config), or from its tier`
			`type visitorLimitBasis string`

			`const (`
			`visitorLimitBasisIP = visitorLimitBasis("ip")`
			`visitorLimitBasisTier = visitorLimitBasis("tier")`
			`)`

Introduce Reservation 2023-01-03 04:08:37 +03:00			`func newVisitor(conf Config, messageCache messageCache, userManager user.Manager, ip netip.Addr, user user.User) *visitor {`
Tier based tests 2023-01-09 04:46:46 +03:00			`var messagesLimiter util.Limiter`
Sign up rate limit 2022-12-24 20:10:51 +03:00			`var requestLimiter, emailsLimiter, accountLimiter *rate.Limiter`
Write stats to user table asynchronously 2022-12-21 05:18:33 +03:00			`var messages, emails int64`
			`if user != nil {`
			`messages = user.Stats.Messages`
			`emails = user.Stats.Emails`
Sign up rate limit 2022-12-24 20:10:51 +03:00			`} else {`
			`accountLimiter = rate.NewLimiter(rate.Every(conf.VisitorAccountCreateLimitReplenish), conf.VisitorAccountCreateLimitBurst)`
Write stats to user table asynchronously 2022-12-21 05:18:33 +03:00			`}`
Rename plan->tier, topics->reservations, more tests, more todos 2023-01-08 05:04:13 +03:00			`if user != nil && user.Tier != nil {`
			`requestLimiter = rate.NewLimiter(dailyLimitToRate(user.Tier.MessagesLimit), conf.VisitorRequestLimitBurst)`
Tier based tests 2023-01-09 04:46:46 +03:00			`messagesLimiter = util.NewFixedLimiter(user.Tier.MessagesLimit)`
Rename plan->tier, topics->reservations, more tests, more todos 2023-01-08 05:04:13 +03:00			`emailsLimiter = rate.NewLimiter(dailyLimitToRate(user.Tier.EmailsLimit), conf.VisitorEmailLimitBurst)`
v1/account API response, rate limiting bla 2022-12-18 07:54:19 +03:00			`} else {`
Limit work 2022-12-18 22:35:05 +03:00			`requestLimiter = rate.NewLimiter(rate.Every(conf.VisitorRequestLimitReplenish), conf.VisitorRequestLimitBurst)`
Restructure limits 2022-12-20 00:22:13 +03:00			`emailsLimiter = rate.NewLimiter(rate.Every(conf.VisitorEmailLimitReplenish), conf.VisitorEmailLimitBurst)`
v1/account API response, rate limiting bla 2022-12-18 07:54:19 +03:00			`}`
Subscription limit 2021-11-01 22:21:38 +03:00			`return &visitor{`
Limits 2022-12-19 17:59:32 +03:00			`config: conf,`
			`messageCache: messageCache,`
Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`userManager: userManager, // May be nil`
Limits 2022-12-19 17:59:32 +03:00			`ip: ip,`
			`user: user,`
Write stats to user table asynchronously 2022-12-21 05:18:33 +03:00			`messages: messages,`
			`emails: emails,`
Limits 2022-12-19 17:59:32 +03:00			`requestLimiter: requestLimiter,`
Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`messagesLimiter: messagesLimiter, // May be nil`
Restructure limits 2022-12-20 00:22:13 +03:00			`emailsLimiter: emailsLimiter,`
Limits 2022-12-19 17:59:32 +03:00			`subscriptionLimiter: util.NewFixedLimiter(int64(conf.VisitorSubscriptionLimit)),`
			`bandwidthLimiter: util.NewBytesLimiter(conf.VisitorAttachmentDailyBandwidthLimit, 24*time.Hour),`
Sign up rate limit 2022-12-24 20:10:51 +03:00			`accountLimiter: accountLimiter, // May be nil`
Limits 2022-12-19 17:59:32 +03:00			`firebase: time.Unix(0, 0),`
			`seen: time.Now(),`
Subscription limit 2021-11-01 22:21:38 +03:00			`}`
			`}`

Delayed deletion 2023-01-23 06:21:30 +03:00			`func (v *visitor) String() string {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`if v.user != nil && v.user.Billing.StripeCustomerID != "" {`
			`return fmt.Sprintf("%s/%s/%s", v.ip.String(), v.user.ID, v.user.Billing.StripeCustomerID)`
			`} else if v.user != nil {`
			`return fmt.Sprintf("%s/%s", v.ip.String(), v.user.ID)`
			`}`
			`return v.ip.String()`
			`}`

Subscription limit 2021-11-01 22:21:38 +03:00			`func (v *visitor) RequestAllowed() error {`
Limit work 2022-12-18 22:35:05 +03:00			`if !v.requestLimiter.Allow() {`
JSON API errors 2021-12-25 17:15:05 +03:00			`return errVisitorLimitReached`
Email rate limiting + tests 2021-12-24 02:03:04 +03:00			`}`
			`return nil`
			`}`

Firebase quota limit 2022-06-01 03:38:56 +03:00			`func (v *visitor) FirebaseAllowed() error {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`if time.Now().Before(v.firebase) {`
			`return errVisitorLimitReached`
			`}`
			`return nil`
			`}`

			`func (v *visitor) FirebaseTemporarilyDeny() {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
Refining, changelog 2022-06-01 06:27:24 +03:00			`v.firebase = time.Now().Add(v.config.FirebaseQuotaExceededPenaltyDuration)`
Firebase quota limit 2022-06-01 03:38:56 +03:00			`}`

Tier based tests 2023-01-09 04:46:46 +03:00			`func (v *visitor) MessageAllowed() error {`
			`if v.messagesLimiter != nil && v.messagesLimiter.Allow(1) != nil {`
			`return errVisitorLimitReached`
			`}`
			`return nil`
			`}`

Email rate limiting + tests 2021-12-24 02:03:04 +03:00			`func (v *visitor) EmailAllowed() error {`
Limits 2022-12-19 17:59:32 +03:00			`if !v.emailsLimiter.Allow() {`
JSON API errors 2021-12-25 17:15:05 +03:00			`return errVisitorLimitReached`
Subscription limit 2021-11-01 22:21:38 +03:00			`}`
			`return nil`
			`}`

JSON API errors 2021-12-25 17:15:05 +03:00			`func (v *visitor) SubscriptionAllowed() error {`
Subscription limit 2021-11-01 22:21:38 +03:00			`v.mu.Lock()`
			`defer v.mu.Unlock()`
Limits 2022-12-19 17:59:32 +03:00			`if err := v.subscriptionLimiter.Allow(1); err != nil {`
JSON API errors 2021-12-25 17:15:05 +03:00			`return errVisitorLimitReached`
Subscription limit 2021-11-01 22:21:38 +03:00			`}`
			`return nil`
			`}`

			`func (v *visitor) RemoveSubscription() {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
Limits 2022-12-19 17:59:32 +03:00			`v.subscriptionLimiter.Allow(-1)`
Subscription limit 2021-11-01 22:21:38 +03:00			`}`

			`func (v *visitor) Keepalive() {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`v.seen = time.Now()`
			`}`

CLI; docs docs docs 2022-01-13 05:24:48 +03:00			`func (v *visitor) BandwidthLimiter() util.Limiter {`
Limits 2022-12-19 17:59:32 +03:00			`return v.bandwidthLimiter`
Daily traffic limit 2022-01-13 02:52:07 +03:00			`}`

Subscription limit 2021-11-01 22:21:38 +03:00			`func (v *visitor) Stale() bool {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`return time.Since(v.seen) > visitorExpungeAfter`
			`}`
Attachment behavior fix for Firefox 2022-04-03 19:39:52 +03:00
Stats resetter at midnight UTC 2023-01-11 06:51:51 +03:00			`func (v *visitor) IncrementMessages() {`
Limits 2022-12-19 17:59:32 +03:00			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`v.messages++`
Write stats to user table asynchronously 2022-12-21 05:18:33 +03:00			`if v.user != nil {`
			`v.user.Stats.Messages = v.messages`
			`}`
Limits 2022-12-19 17:59:32 +03:00			`}`

Stats resetter at midnight UTC 2023-01-11 06:51:51 +03:00			`func (v *visitor) IncrementEmails() {`
Limits 2022-12-19 17:59:32 +03:00			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`v.emails++`
Write stats to user table asynchronously 2022-12-21 05:18:33 +03:00			`if v.user != nil {`
			`v.user.Stats.Emails = v.emails`
			`}`
Limits 2022-12-19 17:59:32 +03:00			`}`

Stats resetter at midnight UTC 2023-01-11 06:51:51 +03:00			`func (v *visitor) ResetStats() {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`v.messages = 0`
			`v.emails = 0`
			`if v.user != nil {`
			`v.user.Stats.Messages = 0`
			`v.user.Stats.Emails = 0`
A little polishing, make upgrade banner work when not logged in 2023-01-18 21:46:40 +03:00			`// v.messagesLimiter = ... // FIXME`
Stats resetter at midnight UTC 2023-01-11 06:51:51 +03:00			`}`
			`}`

Kill existing subscribers when topic is reserved 2023-01-23 22:05:41 +03:00			`// SetUser sets the visitors user to the given value`
Delayed deletion 2023-01-23 06:21:30 +03:00			`func (v visitor) SetUser(u user.User) {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`v.user = u`
			`}`

Kill existing subscribers when topic is reserved 2023-01-23 22:05:41 +03:00			`// MaybeUserID returns the user ID of the visitor (if any). If this is an anonymous visitor,`
			`// an empty string is returned.`
			`func (v *visitor) MaybeUserID() string {`
			`v.mu.Lock()`
			`defer v.mu.Unlock()`
			`if v.user != nil {`
			`return v.user.ID`
			`}`
			`return ""`
			`}`

Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`func (v visitor) Limits() visitorLimits {`
Deleting account deletes subscription 2023-01-19 22:03:39 +03:00			`v.mu.Lock()`
			`defer v.mu.Unlock()`
Upgrade dialog looks nice now 2023-01-18 03:40:03 +03:00			`limits := defaultVisitorLimits(v.config)`
Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`if v.user != nil && v.user.Tier != nil {`
			`limits.Basis = visitorLimitBasisTier`
			`limits.MessagesLimit = v.user.Tier.MessagesLimit`
			`limits.MessagesExpiryDuration = v.user.Tier.MessagesExpiryDuration`
			`limits.EmailsLimit = v.user.Tier.EmailsLimit`
			`limits.ReservationsLimit = v.user.Tier.ReservationsLimit`
			`limits.AttachmentTotalSizeLimit = v.user.Tier.AttachmentTotalSizeLimit`
			`limits.AttachmentFileSizeLimit = v.user.Tier.AttachmentFileSizeLimit`
			`limits.AttachmentExpiryDuration = v.user.Tier.AttachmentExpiryDuration`
			`}`
			`return limits`
			`}`

Fix almost all tests 2022-12-28 06:14:14 +03:00			`func (v visitor) Info() (visitorInfo, error) {`
Limits 2022-12-19 17:59:32 +03:00			`v.mu.Lock()`
Associate messages with a user 2022-12-20 05:42:36 +03:00			`messages := v.messages`
			`emails := v.emails`
			`v.mu.Unlock()`
Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`var attachmentsBytesUsed int64`
Associate messages with a user 2022-12-20 05:42:36 +03:00			`var err error`
			`if v.user != nil {`
Introduce text IDs for everything (esp user), to avoid security and accounting issues 2023-01-22 07:15:22 +03:00			`attachmentsBytesUsed, err = v.messageCache.AttachmentBytesUsedByUser(v.user.ID)`
Associate messages with a user 2022-12-20 05:42:36 +03:00			`} else {`
			`attachmentsBytesUsed, err = v.messageCache.AttachmentBytesUsedBySender(v.ip.String())`
			`}`
			`if err != nil {`
			`return nil, err`
			`}`
Rename plan->tier, topics->reservations, more tests, more todos 2023-01-08 05:04:13 +03:00			`var reservations int64`
Introduce Reservation 2023-01-03 04:08:37 +03:00			`if v.user != nil && v.userManager != nil {`
Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`reservations, err = v.userManager.ReservationsCount(v.user.Name)`
Introduce Reservation 2023-01-03 04:08:37 +03:00			`if err != nil {`
			`return nil, err`
TopicsLimit 2023-01-02 04:42:33 +03:00			`}`
			`}`
Tiers make sense for admins now 2023-01-09 23:40:46 +03:00			`limits := v.Limits()`
			`stats := &visitorStats{`
			`Messages: messages,`
			`MessagesRemaining: zeroIfNegative(limits.MessagesLimit - messages),`
			`Emails: emails,`
			`EmailsRemaining: zeroIfNegative(limits.EmailsLimit - emails),`
			`Reservations: reservations,`
			`ReservationsRemaining: zeroIfNegative(limits.ReservationsLimit - reservations),`
			`AttachmentTotalSize: attachmentsBytesUsed,`
			`AttachmentTotalSizeRemaining: zeroIfNegative(limits.AttachmentTotalSizeLimit - attachmentsBytesUsed),`
			`}`
			`return &visitorInfo{`
			`Limits: limits,`
			`Stats: stats,`
			`}, nil`
Restructure limits 2022-12-20 00:22:13 +03:00			`}`

			`func zeroIfNegative(value int64) int64 {`
			`if value < 0 {`
			`return 0`
			`}`
			`return value`
			`}`

			`func replenishDurationToDailyLimit(duration time.Duration) int64 {`
			`return int64(24 * time.Hour / duration)`
			`}`

			`func dailyLimitToRate(limit int64) rate.Limit {`
			`return rate.Limit(limit) * rate.Every(24*time.Hour)`
Attachment behavior fix for Firefox 2022-04-03 19:39:52 +03:00			`}`
Upgrade dialog looks nice now 2023-01-18 03:40:03 +03:00
			`func defaultVisitorLimits(conf Config) visitorLimits {`
			`return &visitorLimits{`
			`Basis: visitorLimitBasisIP,`
			`MessagesLimit: replenishDurationToDailyLimit(conf.VisitorRequestLimitReplenish),`
			`MessagesExpiryDuration: conf.CacheDuration,`
			`EmailsLimit: replenishDurationToDailyLimit(conf.VisitorEmailLimitReplenish),`
Payments webhook test, delete attachments/messages when reservations are removed, 2023-01-21 06:47:37 +03:00			`ReservationsLimit: visitorDefaultReservationsLimit,`
Upgrade dialog looks nice now 2023-01-18 03:40:03 +03:00			`AttachmentTotalSizeLimit: conf.VisitorAttachmentTotalSizeLimit,`
			`AttachmentFileSizeLimit: conf.AttachmentFileSizeLimit,`
			`AttachmentExpiryDuration: conf.AttachmentExpiryDuration,`
			`}`
			`}`