Add IP-based rules (#14963)

spec/fabricators/ip_block_fabricator.rb

@@ -0,0 +1,6 @@
+Fabricator(:ip_block) do
+  ip         ""
+  severity   ""
+  expires_at "2020-10-08 22:20:37"
+  comment    "MyText"
+end

spec/lib/fast_ip_map_spec.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe FastIpMap do
+  describe '#include?' do
+    subject { described_class.new([IPAddr.new('20.4.0.0/16'), IPAddr.new('145.22.30.0/24'), IPAddr.new('189.45.86.3')])}
+
+    it 'returns true for an exact match' do
+      expect(subject.include?(IPAddr.new('189.45.86.3'))).to be true
+    end
+
+    it 'returns true for a range match' do
+      expect(subject.include?(IPAddr.new('20.4.45.7'))).to be true
+    end
+
+    it 'returns false for no match' do
+      expect(subject.include?(IPAddr.new('145.22.40.64'))).to be false
+    end
+  end
+end

spec/models/ip_block_spec.rb

@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe IpBlock, type: :model do
+  pending "add some examples to (or delete) #{__FILE__}"
+end

spec/services/app_sign_up_service_spec.rb

@@ -3,6 +3,7 @@ require 'rails_helper'
 RSpec.describe AppSignUpService, type: :service do
   let(:app) { Fabricate(:application, scopes: 'read write') }
   let(:good_params) { { username: 'alice', password: '12345678', email: 'good@email.com', agreement: true } }
+  let(:remote_ip) { IPAddr.new('198.0.2.1') }
 
   subject { described_class.new }
 
@@ -10,16 +11,16 @@ RSpec.describe AppSignUpService, type: :service do
     it 'returns nil when registrations are closed' do
       tmp = Setting.registrations_mode
       Setting.registrations_mode = 'none'
-      expect(subject.call(app, good_params)).to be_nil
+      expect(subject.call(app, remote_ip, good_params)).to be_nil
       Setting.registrations_mode = tmp
     end
 
     it 'raises an error when params are missing' do
-      expect { subject.call(app, {}) }.to raise_error ActiveRecord::RecordInvalid
+      expect { subject.call(app, remote_ip, {}) }.to raise_error ActiveRecord::RecordInvalid
     end
 
     it 'creates an unconfirmed user with access token' do
-      access_token = subject.call(app, good_params)
+      access_token = subject.call(app, remote_ip, good_params)
       expect(access_token).to_not be_nil
       user = User.find_by(id: access_token.resource_owner_id)
       expect(user).to_not be_nil
@@ -27,13 +28,13 @@ RSpec.describe AppSignUpService, type: :service do
     end
 
     it 'creates access token with the app\'s scopes' do
-      access_token = subject.call(app, good_params)
+      access_token = subject.call(app, remote_ip, good_params)
       expect(access_token).to_not be_nil
       expect(access_token.scopes.to_s).to eq 'read write'
     end
 
     it 'creates an account' do
-      access_token = subject.call(app, good_params)
+      access_token = subject.call(app, remote_ip, good_params)
       expect(access_token).to_not be_nil
       user = User.find_by(id: access_token.resource_owner_id)
       expect(user).to_not be_nil
@@ -42,7 +43,7 @@ RSpec.describe AppSignUpService, type: :service do
     end
 
     it 'creates an account with invite request text' do
-      access_token = subject.call(app, good_params.merge(reason: 'Foo bar'))
+      access_token = subject.call(app, remote_ip, good_params.merge(reason: 'Foo bar'))
       expect(access_token).to_not be_nil
       user = User.find_by(id: access_token.resource_owner_id)
       expect(user).to_not be_nil