zulip/zerver/management/commands/rate_limit.py

73 lines
3.0 KiB
Python

from __future__ import absolute_import
from __future__ import print_function
from typing import Any
from argparse import ArgumentParser
from zerver.models import UserProfile
from zerver.lib.rate_limiter import block_access, unblock_access, RateLimitedUser
from zerver.lib.management import ZulipBaseCommand
from optparse import make_option
class Command(ZulipBaseCommand):
help = """Manually block or unblock a user from accessing the API"""
def add_arguments(self, parser):
# type: (ArgumentParser) -> None
parser.add_argument('-e', '--email',
dest='email',
help="Email account of user.")
parser.add_argument('-a', '--api-key',
dest='api_key',
help="API key of user.")
parser.add_argument('-s', '--seconds',
dest='seconds',
default=60,
type=int,
help="Seconds to block for.")
parser.add_argument('-d', '--domain',
dest='domain',
default='all',
help="Rate-limiting domain. Defaults to 'all'.")
parser.add_argument('-b', '--all-bots',
dest='bots',
action='store_true',
default=False,
help="Whether or not to also block all bots for this user.")
parser.add_argument('operation', metavar='<operation>', type=str, choices=['block', 'unblock'],
help="operation to perform (block or unblock)")
self.add_realm_args(parser)
def handle(self, *args, **options):
# type: (*Any, **Any) -> None
if (not options['api_key'] and not options['email']) or \
(options['api_key'] and options['email']):
print("Please enter either an email or API key to manage")
exit(1)
realm = self.get_realm(options)
if options['email']:
user_profile = self.get_user(options['email'], realm)
else:
try:
user_profile = UserProfile.objects.get(api_key=options['api_key'])
except Exception:
print("Unable to get user profile for api key %s" % (options['api_key'],))
exit(1)
users = [user_profile]
if options['bots']:
users.extend(bot for bot in UserProfile.objects.filter(is_bot=True,
bot_owner=user_profile))
operation = options['operation']
for user in users:
print("Applying operation to User ID: %s: %s" % (user.id, operation))
if operation == 'block':
block_access(RateLimitedUser(user, domain=options['domain']),
options['seconds'])
elif operation == 'unblock':
unblock_access(RateLimitedUser(user, domain=options['domain']))