6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
# File 'app/controllers/votes_controller.rb', line 6
def create
post = Post.find(params[:post_id])
if post.user == current_user && !SiteSetting['AllowSelfVotes']
render(json: { status: 'failed', message: 'You may not vote on your own posts.' }, status: :forbidden) && return
end
recent_votes = Vote.where(created_at: 24.hours.ago..DateTime.now, user: current_user) \
.where.not(post: Post.includes(:parent).where(parents_posts: { user_id: current_user.id })).count
max_votes_per_day = SiteSetting[current_user.privilege?('unrestricted') ? 'RL_Votes' : 'RL_NewUserVotes']
if !post.parent&.user_id == current_user.id && recent_votes >= max_votes_per_day
vote_limit_msg = "You have used your daily vote limit of #{recent_votes} votes. " \
'Come back tomorrow to continue voting. Votes on answers to own posts ' \
'are exempt.'
AuditLog.rate_limit_log(event_type: 'vote', related: post, user: current_user,
comment: "limit: #{max_votes_per_day}\n\nvote:\n#{params[:vote_type].to_i}")
render json: { status: 'failed', message: vote_limit_msg }, status: :forbidden
return
end
destroyed = post.votes.where(user: current_user).destroy_all
vote = post.votes.create(user: current_user, vote_type: params[:vote_type].to_i, recv_user: post.user)
if vote.errors.any?
render json: { status: 'failed', message: vote.errors.full_messages.join('. ') }, status: :forbidden
return
end
Rails.cache.delete "community_user/#{current_user..id}/metric/V"
['s', 'v'].each do |key|
Rails.cache.delete "community_user/#{post.user..id}/metric/#{key}"
end
AbilityQueue.add(post.user, "Vote Change on ##{post.id}")
modified = !destroyed.empty?
state = { status: (modified ? 'modified' : 'OK'),
vote_id: vote.id,
upvotes: post.upvote_count,
downvotes: post.downvote_count,
score: post.score }
render json: state
end
|