0019261: Throttle number of bugs and comments that users can submit

ID	Project	Category	View Status	Date Submitted	Last Update
0019261	mantisbt	bugtracker	public	2015-01-24 16:20	2018-07-27 16:35

Reporter	vboctor	Assigned To	vboctor
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Product Version	1.2.19
Target Version	1.3.0-beta.3	Fixed in Version	1.3.0-beta.3

Summary	0019261: Throttle number of bugs and comments that users can submit
Description	Users should have a limit on number of write actions that they can do in a period of time. For example, reporting issues, updating issues, adding comments, copying issues, etc.
Tags	No tags attached.

dregad 2015-01-26 08:39 developer ~0048693	+1 to that. The limit should be configurable (e.g. nb of updates per minute) and maybe be associated with a threshold above which the restriction is waived; not sure if the latter should be ($g_default_new_account_access_level + 1) or a new distinct config (default to UPDATER ?). It should apply to any update, whether coming from UI (including mass update, not sure how to handle that) or from SOAP API.

MantisBT: master 292db255 2015-04-17 22:42 vboctor Details Diff	Protect against malicious REPORTERs This is a proposal against enabling spammers to signup and spam the bug tracker. The changes limits the number of possible changes by signed up users to 10 per hour. Although the feature and limits are configurable. This check doesn't apply when signup feature is not enabled or when users have access level above the default was assigned on signup. Issue 0019261	Affected Issues 0019261
	mod - config_defaults_inc.php	Diff File
	add - core/antispam_api.php	Diff File
	mod - core/bug_api.php	Diff File
	mod - core/bugnote_api.php	Diff File
	mod - core/constant_inc.php	Diff File
	mod - core/history_api.php	Diff File
	mod - core/tag_api.php	Diff File
	mod - docbook/Admin_Guide/en-US/Configuration.xml	Diff File
	add - docbook/Admin_Guide/en-US/config/antispam.xml	Diff File
	mod - lang/strings_english.txt	Diff File
MantisBT: master 56859c9e 2015-04-18 08:18 vboctor Details Diff	Rename spam_check() to antispam_check() This matches our naming convention for APIs.	Affected Issues 0019261
	mod - core/antispam_api.php	Diff File
	mod - core/bug_api.php	Diff File
	mod - core/bugnote_api.php	Diff File
	mod - core/tag_api.php	Diff File
MantisBT: master 6a90613f 2015-04-18 08:19 vboctor Details Diff	Update phpdoc for uses antispam_api	Affected Issues 0019261
	mod - core/bug_api.php	Diff File
	mod - core/bugnote_api.php	Diff File
	mod - core/tag_api.php	Diff File
MantisBT: master ba6b8422 2015-04-18 08:22 vboctor Details Diff	Anti-spam check when uploading files Fixes 0019261	Affected Issues 0019261
	mod - core/file_api.php	Diff File

View Issue Details

Activities

Related Changesets