From 01393faf0bce3a2bca29f72b9596e4d9d448148d Mon Sep 17 00:00:00 2001 From: Christy Jacob Date: Wed, 18 Dec 2024 11:58:34 +0530 Subject: [PATCH] feat: update abuse library --- app/controllers/api/functions.php | 9 +++--- app/controllers/shared/api.php | 8 ++--- app/init.php | 8 +++++ app/realtime.php | 13 ++++++-- composer.json | 2 +- composer.lock | 39 ++++++++++++++--------- src/Appwrite/Platform/Workers/Deletes.php | 16 +++++----- 7 files changed, 60 insertions(+), 35 deletions(-) diff --git a/app/controllers/api/functions.php b/app/controllers/api/functions.php index 5934258037..b997d79733 100644 --- a/app/controllers/api/functions.php +++ b/app/controllers/api/functions.php @@ -24,7 +24,7 @@ use Appwrite\Utopia\Response\Model\Rule; use Executor\Executor; use MaxMind\Db\Reader; use Utopia\Abuse\Abuse; -use Utopia\Abuse\Adapters\Database\TimeLimit; +use Utopia\Abuse\Adapters\TimeLimit; use Utopia\App; use Utopia\CLI\Console; use Utopia\Config\Config; @@ -180,22 +180,23 @@ App::post('/v1/functions') ->inject('request') ->inject('response') ->inject('dbForProject') + ->inject('adapterForAbuse') ->inject('project') ->inject('user') ->inject('queueForEvents') ->inject('queueForBuilds') ->inject('dbForPlatform') ->inject('gitHub') - ->action(function (string $functionId, string $name, string $runtime, array $execute, array $events, string $schedule, int $timeout, bool $enabled, bool $logging, string $entrypoint, string $commands, array $scopes, string $installationId, string $providerRepositoryId, string $providerBranch, bool $providerSilentMode, string $providerRootDirectory, string $templateRepository, string $templateOwner, string $templateRootDirectory, string $templateVersion, string $specification, Request $request, Response $response, Database $dbForProject, Document $project, Document $user, Event $queueForEvents, Build $queueForBuilds, Database $dbForPlatform, GitHub $github) use ($redeployVcs) { + ->action(function (string $functionId, string $name, string $runtime, array $execute, array $events, string $schedule, int $timeout, bool $enabled, bool $logging, string $entrypoint, string $commands, array $scopes, string $installationId, string $providerRepositoryId, string $providerBranch, bool $providerSilentMode, string $providerRootDirectory, string $templateRepository, string $templateOwner, string $templateRootDirectory, string $templateVersion, string $specification, Request $request, Response $response, Database $dbForProject, TimeLimit $adapterForAbuse, Document $project, Document $user, Event $queueForEvents, Build $queueForBuilds, Database $dbForPlatform, GitHub $github) use ($redeployVcs) { $functionId = ($functionId == 'unique()') ? ID::unique() : $functionId; // Temporary abuse check - $abuseCheck = function () use ($project, $dbForProject, $response) { + $abuseCheck = function () use ($project, $adapterForAbuse, $response) { $abuseKey = "projectId:{projectId},url:{url}"; $abuseLimit = App::getEnv('_APP_FUNCTIONS_CREATION_ABUSE_LIMIT', 50); $abuseTime = 86400; // 1 day - $timeLimit = new TimeLimit($abuseKey, $abuseLimit, $abuseTime, $dbForProject); + $timeLimit = $adapterForAbuse($abuseKey, $abuseLimit, $abuseTime); $timeLimit ->setParam('{projectId}', $project->getId()) ->setParam('{url}', '/v1/functions'); diff --git a/app/controllers/shared/api.php b/app/controllers/shared/api.php index 9a15467ec0..59e5012fe9 100644 --- a/app/controllers/shared/api.php +++ b/app/controllers/shared/api.php @@ -19,7 +19,7 @@ use Appwrite\Extend\Exception as AppwriteException; use Appwrite\Utopia\Request; use Appwrite\Utopia\Response; use Utopia\Abuse\Abuse; -use Utopia\Abuse\Adapters\Redis\TimeLimit; +use Utopia\Abuse\Adapters\TimeLimit; use Utopia\App; use Utopia\Cache\Adapter\Filesystem; use Utopia\Cache\Cache; @@ -420,9 +420,9 @@ App::init() ->inject('queueForBuilds') ->inject('queueForUsage') ->inject('dbForProject') - ->inject('redis') + ->inject('adapterForAbuse') ->inject('mode') - ->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Connection $queue, Event $queueForEvents, Messaging $queueForMessaging, Audit $queueForAudits, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Usage $queueForUsage, Database $dbForProject, \Redis $redis, string $mode) use ($usageDatabaseListener, $eventDatabaseListener) { + ->action(function (App $utopia, Request $request, Response $response, Document $project, Document $user, Connection $queue, Event $queueForEvents, Messaging $queueForMessaging, Audit $queueForAudits, Delete $queueForDeletes, EventDatabase $queueForDatabase, Build $queueForBuilds, Usage $queueForUsage, Database $dbForProject, TimeLimit $adapterForAbuse, string $mode) use ($usageDatabaseListener, $eventDatabaseListener) { $route = $utopia->getRoute(); @@ -445,7 +445,7 @@ App::init() foreach ($abuseKeyLabel as $abuseKey) { $start = $request->getContentRangeStart(); $end = $request->getContentRangeEnd(); - $timeLimit = new TimeLimit($abuseKey, $route->getLabel('abuse-limit', 0), $route->getLabel('abuse-time', 3600), $redis); + $timeLimit = $adapterForAbuse($abuseKey, $route->getLabel('abuse-limit', 0), $route->getLabel('abuse-time', 3600)); $timeLimit ->setParam('{projectId}', $project->getId()) ->setParam('{userId}', $user->getId()) diff --git a/app/init.php b/app/init.php index 056e8ed3d5..0c6ff1f57b 100644 --- a/app/init.php +++ b/app/init.php @@ -48,6 +48,7 @@ use Appwrite\Utopia\Request; use MaxMind\Db\Reader; use PHPMailer\PHPMailer\PHPMailer; use Swoole\Database\PDOProxy; +use Utopia\Abuse\Adapters\TimeLimit\Redis as TimeLimitRedis; use Utopia\App; use Utopia\Cache\Adapter\Redis as RedisCache; use Utopia\Cache\Adapter\Sharding; @@ -93,6 +94,7 @@ use Utopia\Validator\Range; use Utopia\Validator\URL; use Utopia\Validator\WhiteList; use Utopia\VCS\Adapter\Git\GitHub as VcsGitHub; +use Redis; const APP_NAME = 'Appwrite'; const APP_DOMAIN = 'appwrite.io'; @@ -1546,6 +1548,12 @@ App::setResource('redis', function () { return $redis; }); +App::setResource('adapterForAbuse', function (\Redis $redis) { + return function (string $key, int $limit, int $time) use ($redis) { + return new TimeLimitRedis($key, $limit, $time, $redis); + }; +}, ['redis']); + App::setResource('deviceForLocal', function () { return new Local(); }); diff --git a/app/realtime.php b/app/realtime.php index 2df8abfbfa..59212e14f1 100644 --- a/app/realtime.php +++ b/app/realtime.php @@ -13,7 +13,7 @@ use Swoole\Runtime; use Swoole\Table; use Swoole\Timer; use Utopia\Abuse\Abuse; -use Utopia\Abuse\Adapters\Redis\TimeLimit; +use Utopia\Abuse\Adapters\TimeLimit; use Utopia\App; use Utopia\Cache\Adapter\Sharding; use Utopia\Cache\Cache; @@ -157,6 +157,13 @@ if (!function_exists('getRedis')) { } } +if (!function_exists('getAdapterForAbuse')) { + function getAdapterForAbuse(): TimeLimit + { + return new TimeLimit("", 0, 1, getRedis()); + } +} + if (!function_exists('getRealtime')) { function getRealtime(): Realtime { @@ -500,7 +507,7 @@ $server->onOpen(function (int $connection, SwooleRequest $request) use ($server, throw new AppwriteException(AppwriteException::GENERAL_API_DISABLED); } - $redis = $app->getResource('redis'); + $adapterForAbuse = $app->getResource('adapterForAbuse'); $console = $app->getResource('console'); /** @var Document $console */ $user = $app->getResource('user'); /** @var Document $user */ @@ -509,7 +516,7 @@ $server->onOpen(function (int $connection, SwooleRequest $request) use ($server, * * Abuse limits are connecting 128 times per minute and ip address. */ - $timeLimit = new TimeLimit('url:{url},ip:{ip}', 128, 60, $redis); + $timeLimit = $adapterForAbuse('url:{url},ip:{ip}', 128, 60); $timeLimit ->setParam('{ip}', $request->getIP()) ->setParam('{url}', $request->getURI()); diff --git a/composer.json b/composer.json index 512e203a5e..c4d4bfeb75 100644 --- a/composer.json +++ b/composer.json @@ -45,7 +45,7 @@ "ext-sockets": "*", "appwrite/php-runtimes": "0.16.*", "appwrite/php-clamav": "2.0.*", - "utopia-php/abuse": "0.43.*", + "utopia-php/abuse": "dev-add-support-for-sharding-adapter as 0.43.1000", "utopia-php/analytics": "0.10.*", "utopia-php/audit": "0.43.*", "utopia-php/cache": "0.11.*", diff --git a/composer.lock b/composer.lock index 37a5c81436..14135bc27f 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "fae350df93342992edd8f639948e1570", + "content-hash": "2dd50e9cf2c2b74a56ea42d8593ffc0a", "packages": [ { "name": "adhocore/jwt", @@ -3136,16 +3136,16 @@ }, { "name": "utopia-php/abuse", - "version": "0.43.2", + "version": "dev-add-support-for-sharding-adapter", "source": { "type": "git", "url": "https://github.com/utopia-php/abuse.git", - "reference": "374536b86d8d39066960a7da161d444a099bbc56" + "reference": "627d1ba56451dd70ca26a1253c42e039b4bfc1a7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/utopia-php/abuse/zipball/374536b86d8d39066960a7da161d444a099bbc56", - "reference": "374536b86d8d39066960a7da161d444a099bbc56", + "url": "https://api.github.com/repos/utopia-php/abuse/zipball/627d1ba56451dd70ca26a1253c42e039b4bfc1a7", + "reference": "627d1ba56451dd70ca26a1253c42e039b4bfc1a7", "shasum": "" }, "require": { @@ -3181,9 +3181,9 @@ ], "support": { "issues": "https://github.com/utopia-php/abuse/issues", - "source": "https://github.com/utopia-php/abuse/tree/0.43.2" + "source": "https://github.com/utopia-php/abuse/tree/add-support-for-sharding-adapter" }, - "time": "2024-12-12T19:43:24+00:00" + "time": "2024-12-18T06:08:34+00:00" }, { "name": "utopia-php/analytics", @@ -4807,16 +4807,16 @@ "packages-dev": [ { "name": "appwrite/sdk-generator", - "version": "0.39.26", + "version": "0.39.27", "source": { "type": "git", "url": "https://github.com/appwrite/sdk-generator.git", - "reference": "39768deacb4913f93548c46fa0149c3fadc62d0c" + "reference": "27d8ecde30e40cbfe1124cc0430c406d3e144849" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/appwrite/sdk-generator/zipball/39768deacb4913f93548c46fa0149c3fadc62d0c", - "reference": "39768deacb4913f93548c46fa0149c3fadc62d0c", + "url": "https://api.github.com/repos/appwrite/sdk-generator/zipball/27d8ecde30e40cbfe1124cc0430c406d3e144849", + "reference": "27d8ecde30e40cbfe1124cc0430c406d3e144849", "shasum": "" }, "require": { @@ -4852,9 +4852,9 @@ "description": "Appwrite PHP library for generating API SDKs for multiple programming languages and platforms", "support": { "issues": "https://github.com/appwrite/sdk-generator/issues", - "source": "https://github.com/appwrite/sdk-generator/tree/0.39.26" + "source": "https://github.com/appwrite/sdk-generator/tree/0.39.27" }, - "time": "2024-12-12T10:51:34+00:00" + "time": "2024-12-16T11:32:02+00:00" }, { "name": "doctrine/annotations", @@ -8554,9 +8554,18 @@ "time": "2024-03-07T20:33:40+00:00" } ], - "aliases": [], + "aliases": [ + { + "package": "utopia-php/abuse", + "version": "dev-add-support-for-sharding-adapter", + "alias": "0.43.1000", + "alias_normalized": "0.43.1000.0" + } + ], "minimum-stability": "stable", - "stability-flags": {}, + "stability-flags": { + "utopia-php/abuse": 20 + }, "prefer-stable": false, "prefer-lowest": false, "platform": { diff --git a/src/Appwrite/Platform/Workers/Deletes.php b/src/Appwrite/Platform/Workers/Deletes.php index 6fa65ec842..d6bba4b88a 100644 --- a/src/Appwrite/Platform/Workers/Deletes.php +++ b/src/Appwrite/Platform/Workers/Deletes.php @@ -8,7 +8,7 @@ use Appwrite\Extend\Exception; use Executor\Executor; use Throwable; use Utopia\Abuse\Abuse; -use Utopia\Abuse\Adapters\Redis\TimeLimit; +use Utopia\Abuse\Adapters\TimeLimit; use Utopia\Audit\Audit; use Utopia\Cache\Adapter\Filesystem; use Utopia\Cache\Cache; @@ -47,7 +47,7 @@ class Deletes extends Action ->inject('message') ->inject('dbForPlatform') ->inject('getProjectDB') - ->inject('redis') + ->inject('adapterForAbuse') ->inject('deviceForFiles') ->inject('deviceForFunctions') ->inject('deviceForBuilds') @@ -58,8 +58,8 @@ class Deletes extends Action ->inject('auditRetention') ->inject('log') ->callback( - fn ($message, $dbForPlatform, callable $getProjectDB, \Redis $redis, Device $deviceForFiles, Device $deviceForFunctions, Device $deviceForBuilds, Device $deviceForCache, CertificatesAdapter $certificates, string $abuseRetention, string $executionRetention, string $auditRetention, Log $log) => - $this->action($message, $dbForPlatform, $getProjectDB, $redis, $deviceForFiles, $deviceForFunctions, $deviceForBuilds, $deviceForCache, $certificates, $abuseRetention, $executionRetention, $auditRetention, $log) + fn ($message, $dbForPlatform, callable $getProjectDB, TimeLimit $adapterForAbuse, Device $deviceForFiles, Device $deviceForFunctions, Device $deviceForBuilds, Device $deviceForCache, CertificatesAdapter $certificates, string $abuseRetention, string $executionRetention, string $auditRetention, Log $log) => + $this->action($message, $dbForPlatform, $getProjectDB, $adapterForAbuse, $deviceForFiles, $deviceForFunctions, $deviceForBuilds, $deviceForCache, $certificates, $abuseRetention, $executionRetention, $auditRetention, $log) ); } @@ -67,7 +67,7 @@ class Deletes extends Action * @throws Exception * @throws Throwable */ - public function action(Message $message, Database $dbForPlatform, callable $getProjectDB, \Redis $redis, Device $deviceForFiles, Device $deviceForFunctions, Device $deviceForBuilds, Device $deviceForCache, CertificatesAdapter $certificates, string $abuseRetention, string $executionRetention, string $auditRetention, Log $log): void + public function action(Message $message, Database $dbForPlatform, callable $getProjectDB, TimeLimit $adapterForAbuse, Device $deviceForFiles, Device $deviceForFunctions, Device $deviceForBuilds, Device $deviceForCache, CertificatesAdapter $certificates, string $abuseRetention, string $executionRetention, string $auditRetention, Log $log): void { $payload = $message->getPayload() ?? []; @@ -127,7 +127,7 @@ class Deletes extends Action } break; case DELETE_TYPE_ABUSE: - $this->deleteAbuseLogs($project, $redis, $abuseRetention); + $this->deleteAbuseLogs($project, $adapterForAbuse, $abuseRetention); break; case DELETE_TYPE_REALTIME: $this->deleteRealtimeUsage($dbForPlatform, $datetime); @@ -708,10 +708,10 @@ class Deletes extends Action * @return void * @throws Exception */ - private function deleteAbuseLogs(Document $project, \Redis $redis, string $abuseRetention): void + private function deleteAbuseLogs(Document $project, TimeLimit $adapterForAbuse, string $abuseRetention): void { $projectId = $project->getId(); - $timeLimit = new TimeLimit("", 0, 1, $redis); + $timeLimit = $adapterForAbuse("", 0, 1); $abuse = new Abuse($timeLimit); try {