Added parallel limiting to creating custom domains, directories, mailboxes and subdomains (#1525)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
This commit is contained in:
parent
38c93e7f85
commit
92de307c75
|
@ -3,6 +3,7 @@ from flask_login import login_required, current_user
|
||||||
from flask_wtf import FlaskForm
|
from flask_wtf import FlaskForm
|
||||||
from wtforms import StringField, validators
|
from wtforms import StringField, validators
|
||||||
|
|
||||||
|
from app import parallel_limiter
|
||||||
from app.config import EMAIL_SERVERS_WITH_PRIORITY
|
from app.config import EMAIL_SERVERS_WITH_PRIORITY
|
||||||
from app.dashboard.base import dashboard_bp
|
from app.dashboard.base import dashboard_bp
|
||||||
from app.db import Session
|
from app.db import Session
|
||||||
|
@ -19,6 +20,7 @@ class NewCustomDomainForm(FlaskForm):
|
||||||
|
|
||||||
@dashboard_bp.route("/custom_domain", methods=["GET", "POST"])
|
@dashboard_bp.route("/custom_domain", methods=["GET", "POST"])
|
||||||
@login_required
|
@login_required
|
||||||
|
@parallel_limiter.lock(only_when=lambda: request.method == "POST")
|
||||||
def custom_domain():
|
def custom_domain():
|
||||||
custom_domains = CustomDomain.filter_by(
|
custom_domains = CustomDomain.filter_by(
|
||||||
user_id=current_user.id, is_sl_subdomain=False
|
user_id=current_user.id, is_sl_subdomain=False
|
||||||
|
|
|
@ -9,6 +9,7 @@ from wtforms import (
|
||||||
IntegerField,
|
IntegerField,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
from app import parallel_limiter
|
||||||
from app.config import (
|
from app.config import (
|
||||||
EMAIL_DOMAIN,
|
EMAIL_DOMAIN,
|
||||||
ALIAS_DOMAINS,
|
ALIAS_DOMAINS,
|
||||||
|
@ -45,6 +46,7 @@ class DeleteDirForm(FlaskForm):
|
||||||
|
|
||||||
@dashboard_bp.route("/directory", methods=["GET", "POST"])
|
@dashboard_bp.route("/directory", methods=["GET", "POST"])
|
||||||
@login_required
|
@login_required
|
||||||
|
@parallel_limiter.lock(only_when=lambda: request.method == "POST")
|
||||||
def directory():
|
def directory():
|
||||||
dirs = (
|
dirs = (
|
||||||
Directory.filter_by(user_id=current_user.id)
|
Directory.filter_by(user_id=current_user.id)
|
||||||
|
|
|
@ -6,6 +6,7 @@ from itsdangerous import Signer
|
||||||
from wtforms import validators
|
from wtforms import validators
|
||||||
from wtforms.fields.html5 import EmailField
|
from wtforms.fields.html5 import EmailField
|
||||||
|
|
||||||
|
from app import parallel_limiter
|
||||||
from app.config import MAILBOX_SECRET, URL, JOB_DELETE_MAILBOX
|
from app.config import MAILBOX_SECRET, URL, JOB_DELETE_MAILBOX
|
||||||
from app.dashboard.base import dashboard_bp
|
from app.dashboard.base import dashboard_bp
|
||||||
from app.db import Session
|
from app.db import Session
|
||||||
|
@ -29,6 +30,7 @@ class NewMailboxForm(FlaskForm):
|
||||||
|
|
||||||
@dashboard_bp.route("/mailbox", methods=["GET", "POST"])
|
@dashboard_bp.route("/mailbox", methods=["GET", "POST"])
|
||||||
@login_required
|
@login_required
|
||||||
|
@parallel_limiter.lock(only_when=lambda: request.method == "POST")
|
||||||
def mailbox_route():
|
def mailbox_route():
|
||||||
mailboxes = (
|
mailboxes = (
|
||||||
Mailbox.filter_by(user_id=current_user.id)
|
Mailbox.filter_by(user_id=current_user.id)
|
||||||
|
|
|
@ -3,6 +3,7 @@ import re
|
||||||
from flask import render_template, request, redirect, url_for, flash
|
from flask import render_template, request, redirect, url_for, flash
|
||||||
from flask_login import login_required, current_user
|
from flask_login import login_required, current_user
|
||||||
|
|
||||||
|
from app import parallel_limiter
|
||||||
from app.config import MAX_NB_SUBDOMAIN
|
from app.config import MAX_NB_SUBDOMAIN
|
||||||
from app.dashboard.base import dashboard_bp
|
from app.dashboard.base import dashboard_bp
|
||||||
from app.errors import SubdomainInTrashError
|
from app.errors import SubdomainInTrashError
|
||||||
|
@ -15,6 +16,7 @@ _SUBDOMAIN_PATTERN = r"[0-9a-z-]{1,}"
|
||||||
|
|
||||||
@dashboard_bp.route("/subdomain", methods=["GET", "POST"])
|
@dashboard_bp.route("/subdomain", methods=["GET", "POST"])
|
||||||
@login_required
|
@login_required
|
||||||
|
@parallel_limiter.lock(only_when=lambda: request.method == "POST")
|
||||||
def subdomain_route():
|
def subdomain_route():
|
||||||
if not current_user.subdomain_is_available():
|
if not current_user.subdomain_is_available():
|
||||||
flash("Unknown error, redirect to the home page", "error")
|
flash("Unknown error, redirect to the home page", "error")
|
||||||
|
|
Loading…
Reference in a new issue