diff --git a/Gemfile b/Gemfile
index 77b9c743be82bb71a94f82a6ee240412da763a83..fbc3ad9e298fdb92602e87acd79fc66b31f4b256 100644
--- a/Gemfile
+++ b/Gemfile
@@ -58,10 +58,13 @@ group :development do
gem 'rubocop', require: false
gem 'better_errors'
gem 'binding_of_caller'
- gem 'rack-mini-profiler'
gem 'letter_opener'
end
group :production do
gem 'rails_12factor'
end
+
+group :development, :production do
+ gem 'rack-mini-profiler'
+end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d83690e1b9a6bdd8a08754b38231799acefcb2ab..d5eaecdb169edfd8031d5a7545d803d66c5fdd28 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -2,4 +2,11 @@ class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
+
+ # Profiling
+ before_action do
+ if current_user && current_user.admin?
+ Rack::MiniProfiler.authorize_request
+ end
+ end
end
diff --git a/app/lib/feed_manager.rb b/app/lib/feed_manager.rb
index eaa9393d5e29064cfad3e27e3bf7046b3033cb27..a19d06a85a10853464a3ad41b9df72e9b1a314b2 100644
--- a/app/lib/feed_manager.rb
+++ b/app/lib/feed_manager.rb
@@ -6,6 +6,7 @@ class FeedManager
end
def self.filter_status?(status, follower)
+ replied_to_user = status.reply? ? status.thread.account : nil
(status.reply? && !(follower.id = replied_to_user.id || follower.following?(replied_to_user)))
end
end
diff --git a/app/models/user.rb b/app/models/user.rb
index b17eabcc4d8ef9011584aeeb669ef85685afd6eb..a80efb50d195ad84869d916ac904fc8cf69f755b 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -7,4 +7,8 @@ class User < ActiveRecord::Base
validates :account, presence: true
has_many :oauth_applications, class_name: 'Doorkeeper::Application', as: :owner
+
+ def admin?
+ self.admin
+ end
end
diff --git a/app/services/fan_out_on_write_service.rb b/app/services/fan_out_on_write_service.rb
index 4bb3f0a10c0adf6be48ed3ce915b0216d92a884b..c8c775b9376c26a671c3140ad1b22dc293819b5a 100644
--- a/app/services/fan_out_on_write_service.rb
+++ b/app/services/fan_out_on_write_service.rb
@@ -3,7 +3,7 @@ class FanOutOnWriteService < BaseService
# @param [Status] status
def call(status)
deliver_to_self(status) if status.account.local?
- deliver_to_followers(status, status.reply? ? status.thread.account : nil)
+ deliver_to_followers(status)
deliver_to_mentioned(status)
end
@@ -13,7 +13,7 @@ class FanOutOnWriteService < BaseService
push(:home, status.account.id, status)
end
- def deliver_to_followers(status, replied_to_user)
+ def deliver_to_followers(status)
status.account.followers.each do |follower|
next if !follower.local? || FeedManager.filter_status?(status, follower)
push(:home, follower.id, status)
diff --git a/config/database.yml b/config/database.yml
index 259244e6f462b92ccf421965f4621074d37a3b68..de67804d2ab7692800e5f22fd13a567e6a2a5bbe 100644
--- a/config/database.yml
+++ b/config/database.yml
@@ -1,6 +1,6 @@
default: &default
adapter: postgresql
- pool: 5
+ pool: 25
timeout: 5000
encoding: unicode
diff --git a/config/initializers/rack-attack.rb b/config/initializers/rack-attack.rb
index fc2b56c875b06cfb6093f47c1bb4123648a50a16..15fc6b351df956e22c99818a1baa1da6a391071c 100644
--- a/config/initializers/rack-attack.rb
+++ b/config/initializers/rack-attack.rb
@@ -1,3 +1,5 @@
class Rack::Attack
- # TODO
+ throttle('req/ip', limit: 300, period: 5.minutes) do |req|
+ req.ip
+ end
end
diff --git a/config/routes.rb b/config/routes.rb
index 0dde9f111e95fe6505c5669b5fb852b1746c2577..e9e662ed0c8810c4450da2b7936ddb18df4b2d5b 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,7 +1,7 @@
require 'sidekiq/web'
Rails.application.routes.draw do
- authenticate :user do
+ authenticate :user, lambda { |u| u.admin? } do
mount Sidekiq::Web => '/sidekiq'
end
diff --git a/db/migrate/20160325130944_add_admin_to_users.rb b/db/migrate/20160325130944_add_admin_to_users.rb
new file mode 100644
index 0000000000000000000000000000000000000000..e386d33dda74a009fa4b9d985e54911b154a3e38
--- /dev/null
+++ b/db/migrate/20160325130944_add_admin_to_users.rb
@@ -0,0 +1,5 @@
+class AddAdminToUsers < ActiveRecord::Migration
+ def change
+ add_column :users, :admin, :boolean, default: false
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index d6702b36e90e1a84b030882e2ebc6663fcc5c67f..03d336d5a862526ba01700207666bda9903f6430 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20160322193748) do
+ActiveRecord::Schema.define(version: 20160325130944) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
@@ -143,19 +143,20 @@ ActiveRecord::Schema.define(version: 20160322193748) do
add_index "stream_entries", ["activity_id", "activity_type"], name: "index_stream_entries_on_activity_id_and_activity_type", using: :btree
create_table "users", force: :cascade do |t|
- t.string "email", default: "", null: false
- t.integer "account_id", null: false
- t.datetime "created_at", null: false
- t.datetime "updated_at", null: false
- t.string "encrypted_password", default: "", null: false
+ t.string "email", default: "", null: false
+ t.integer "account_id", null: false
+ t.datetime "created_at", null: false
+ t.datetime "updated_at", null: false
+ t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
- t.integer "sign_in_count", default: 0, null: false
+ t.integer "sign_in_count", default: 0, null: false
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.inet "current_sign_in_ip"
t.inet "last_sign_in_ip"
+ t.boolean "admin", default: false
end
add_index "users", ["account_id"], name: "index_users_on_account_id", using: :btree