Skip to content

Notifications rate limiter #1671

Ben requested to merge feat/notifications-cached-rate-limiter-1671 into master

Closes #1671 (closed)

Summary

Abstracted out the old-style cache checks for tag notifications and added a few new notification types that have been abused recently.

Testing

First, open two browsers and login to this sandbox with (users) A and B

Downvote Spam
  1. Make a post with A
  2. Downvote the post with B
  3. Notification should trigger for A - if sockets are down on sandbox try refreshing to see.
  4. With B, spam downvote, un-downvote, downvote... etc
  5. No more notifications should arrive for A than the first.
Tag spam
  1. With B, tag A in a comment.
  2. A should receive a notification.
  3. With B, spam tags to A.
  4. A should only have one notification.
Subscribe spam
  1. With B, go to A's channel and subscribe.
  2. With A, check the notification came through.
  3. With B, spam subscribe, unsubscribe, subscribe, unsubscribe ...etc
  4. A should only receive the initial notification.

Repeat and ensure that users that you subscribe to can still tag you multiple times.

Regression Scope

Affects the event loop that dispatches notifications, specifically notifications of types:

  • tag
  • downvote
  • friends
Edited by Ben

Merge request reports