antispam 0.1.4 → 0.1.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '06962cddbbfd16f9f59e18277630d9c597865483df7f72a5b33bdeccfab15c98'
-  data.tar.gz: ce7b03a25d08d79271e61f7081d73922602c84201f7867d32a818fc9ff3b67e2
+  metadata.gz: 636c6cfd1e3a5c84182eaa1e19966e553a2098c4f3a01a049cdbe4613165a52e
+  data.tar.gz: 8a53d23ef78da214962bd81411a97a720d5eba3a15817d3f7ccd5bfac81719ec
 SHA512:
-  metadata.gz: 63cb93116a4a5d5409ce5a6643071f5edc267f245251a97e06be683ec036126b245ca621c57656848812436a4761f3adc7c8e1980b451264a6942c3e8442d14b
-  data.tar.gz: 04ca386da73cd5b9d273476ecbe624c1045f1d2933c58eab9bd4948b49806745d399b5aa4351d575ce9ad2bc75a945d8d4732336663bf13be7dd74972320dcf2
+  metadata.gz: b4d6e23e0432af6b62b7cd9e469c2393a9e4f4513b13d93d282e6841062bd706d70fa44dd6bed0d79658da80ff52827ee8ba9d63baa0a84df2112a7fd313b3dd
+  data.tar.gz: 9ca4921062395565e50fa29daf9d56bd3e691b5a675fb34bc4d6ec5e1378da1f3be5b19bdc73294be7fcb55b8e3d766819c140ef45b602d8904818eccf10f187

data/README.md

@@ -1,72 +1,113 @@
-# Antispam
-The antispam gem helps prevent spam in your Rails applications by
-checking against various antispam blacklists on the web.
-You can configure which spam blacklists are checked in your application configuration.
-
-## Usage
-
-The gem is used by adding this to your ApplicationController.rb
-
-```
-before_action do
-  check_ip_against_database(ip_blacklists: {default: 'yourcodehere'}, verbose: true)
-end
-```
-
-Once the filter is setup, everything else is handled for your application.
-The gem will run during any request that is not a GET request.
-
-Blacklist database lookups are cached for 24 hours, and cached results won't need
-to slowdown your app by additional http requests on the backend.
-
-The gem needs to create some database tables to function; these store the cached
-blacklist database lookups, and any actions caused by the gem.
-
-You need to add this to your routes.rb
-```
-  mount Antispam::Engine => "/antispam"
-```
-You can see what IP addresses have been blocked by going to /antispam/blocks
-but your applicationcontroller must respond to ```is_admin?``` function.
-
-
-## Installation
-Add this line to your application's Gemfile:
-
-```ruby
-gem 'antispam'
-```
-
-And then execute:
-```bash
-$ bundle
-```
-
-Or install it yourself as:
-```bash
-$ gem install antispam
-$ rails antispam:install:migrations
-$ rails db:migrate SCOPE=antispam
-```
-The gem depends on image_processing, which depends on vips. We are using vips to
-generate captcha images.
-```
-sudo apt install libvips-tools
-```
-
-## Development
-
-After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
-
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
-
-## Contributing
-
-Bug reports and pull requests are welcome on GitHub at https://github.com/ryankopf/antispam. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/antispam/blob/master/CODE_OF_CONDUCT.md).
-
-## License
-The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
-
-## Code of Conduct
-
-Everyone interacting in the Antispam project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/ryankopf/antispam/blob/master/CODE_OF_CONDUCT.md).
+# Antispam
+The antispam gem helps prevent spam in your Rails applications by
+providing tools that check spam against powerful spam-prevention
+databases, accessible for free.
+
+The first feature checks against an IP database of spam, allowing you
+to stop spammers who are prolific and have been detected on other websites.
+It uses the blazing fast Defendium API to quickly determine if submitted
+content is spam or not.
+
+The second feature allows you to submit user-provided content to a spam
+checking service that uses machine learning and a database of content to
+determine whether the user's submitted content is spam.
+
+## Spam Content Checking - Usage
+
+```
+result = Antispam::Checker.check(content: @comment.body)
+if result.is_spam?
+  @comment.save
+else
+  redirect_to "/access_denied"
+end
+```
+
+## Bad IP Checking - Usage
+
+The gem is used by adding this to your ApplicationController.rb
+
+```
+before_action do
+  check_ip_against_database(ip_blacklists: {default: 'yourcodehere'}, verbose: true)
+end
+```
+
+Codes are from the [httpbl](https://www.projecthoneypot.org/httpbl.php) at projecthoneypot.org
+
+Once the filter is setup, everything else is handled for your application.
+By default the gem will run during any request that is not a GET request.
+
+You can change the filter to run during other requests.
+
+```
+before_action do
+  check_ip_against_database(ip_blacklists: {default: 'yourcodehere'}, methods: [:get,:post,:put,:patch,:delete])
+end
+```
+
+Blacklist database lookups are cached for 24 hours, and cached results won't need
+to slowdown your app by additional http requests on the backend.
+
+The gem needs to create some database tables to function; these store the cached
+blacklist database lookups, and any actions caused by the gem.
+
+You need to add this to your routes.rb
+```
+  mount Antispam::Engine => "/antispam"
+```
+You can see what IP addresses have been blocked by going to /antispam/blocks
+but your ApplicationController.rb must respond to ```is_admin?``` function.
+
+
+## Installation
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'antispam'
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+```bash
+$ gem install antispam
+$ rails antispam:install:migrations
+$ rails db:migrate SCOPE=antispam
+```
+The gem depends on image_processing, which depends on vips. We are using vips to
+generate captcha images.
+```
+sudo apt install libvips-tools
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/ryankopf/antispam. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/antispam/blob/master/CODE_OF_CONDUCT.md).
+
+## License
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+
+## Code of Conduct
+
+Everyone interacting in the Antispam project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/ryankopf/antispam/blob/master/CODE_OF_CONDUCT.md).
+
+## NO WARRANTY
+
+THE SUBJECT SOFTWARE IS PROVIDED "AS IS" WITHOUT ANY WARRANTY OF ANY KIND,
+EITHER EXPRESSED, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT LIMITED TO,
+ANY WARRANTY THAT THE SUBJECT SOFTWARE WILL CONFORM TO SPECIFICATIONS,
+ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
+OR FREEDOM FROM INFRINGEMENT, ANY WARRANTY THAT THE SUBJECT SOFTWARE WILL BE
+ERROR FREE, OR ANY WARRANTY THAT DOCUMENTATION, IF PROVIDED, WILL CONFORM TO
+THE SUBJECT SOFTWARE. THIS SOFTWARE IS PROVIDED "AS IS." IF YOUR JURISDICTION
+DOES NOT ALLOW THESE LIMITATIONS THEN YOU MAY NOT USE THE SOFTWARE.

data/app/controllers/antispam/application_controller.rb

@@ -1,11 +1,11 @@
-module Antispam
-  class ApplicationController < ::ApplicationController
-    def must_be_admin
-      begin
-        render plain: 'Not available.' unless is_admin?
-      rescue
-        render plain: 'Not available.'
-      end
-    end
-  end
-end
+module Antispam
+  class ApplicationController < ::ApplicationController
+    def must_be_admin
+      begin
+        render plain: 'Not available.' unless is_admin?
+      rescue
+        render plain: 'Not available.'
+      end
+    end
+  end
+end

data/app/controllers/antispam/blocks_controller.rb

@@ -1,28 +1,28 @@
-require_dependency "antispam/application_controller"
-
-module Antispam
-  class BlocksController < ApplicationController
-    before_action :must_be_admin
-    before_action :set_block, only: [:show]
-
-    # GET /blocks
-    def index
-      @blocks = Block.all
-    end
-
-    # GET /blocks/1
-    def show
-    end
-
-    private
-      # Use callbacks to share common setup or constraints between actions.
-      def set_block
-        @block = Block.find(params[:id])
-      end
-
-      # Only allow a list of trusted parameters through.
-      def block_params
-        params.require(:block).permit(:ip, :provider, :controllername, :actionname)
-      end
-  end
-end
+require_dependency "antispam/application_controller"
+
+module Antispam
+  class BlocksController < ApplicationController
+    before_action :must_be_admin
+    before_action :set_block, only: [:show]
+
+    # GET /blocks
+    def index
+      @blocks = Block.all
+    end
+
+    # GET /blocks/1
+    def show
+    end
+
+    private
+      # Use callbacks to share common setup or constraints between actions.
+      def set_block
+        @block = Block.find(params[:id])
+      end
+
+      # Only allow a list of trusted parameters through.
+      def block_params
+        params.require(:block).permit(:ip, :provider, :controllername, :actionname)
+      end
+  end
+end

data/app/controllers/antispam/challenges_controller.rb

@@ -1,49 +1,50 @@
-require_dependency "antispam/application_controller"
-
-module Antispam
-  class ChallengesController < ApplicationController
-    before_action :set_challenge, only: [:show, :edit, :update, :destroy]
-
-    # GET /challenges/1
-    def show
-      respond_to do |format|
-        format.jpeg do
-          image = @challenge.get_image
-          render content_type: 'image/jpeg', plain: image.jpegsave_buffer
-        end
-      end
-    end
-
-    # GET /challenges/new
-    def new
-      # use in the future for changing code
-    end
-
-    # PATCH/PUT /challenges/1
-    def update
-      if @challenge.validate?(params[:challenge][:answer])
-        a = Antispam::Ip.find_or_create_by(address: request.remote_ip, provider: 'httpbl')
-        before = a.threat
-        a.threat = [(a.threat || 0) - 25, 0].max
-        c = Clear.create(ip: request.remote_ip, answer: params[:challenge][:answer], result: 'Passed', threat_before: before, threat_after: a.threat)
-        a.expires_at = 1.hour.from_now
-        a.save
-        redirect_to '/'
-      else
-        c = Clear.create(ip: request.remote_ip, answer: params[:challenge][:answer], result: 'Failed')
-        redirect_to '/antispam/validate', notice: 'Invalid answer.'
-      end
-    end
-
-    private
-      # Use callbacks to share common setup or constraints between actions.
-      def set_challenge
-        @challenge = Challenge.find(params[:id])
-      end
-
-      # Only allow a list of trusted parameters through.
-      def challenge_params
-        params.require(:challenge).permit(:answer, :code)
-      end
-  end
-end
+require_dependency "antispam/application_controller"
+
+module Antispam
+  class ChallengesController < ApplicationController
+    before_action :set_challenge, only: [:show, :edit, :update, :destroy]
+
+    # GET /challenges/1
+    def show
+      respond_to do |format|
+        format.jpeg do
+          image = @challenge.get_image
+          render content_type: 'image/jpeg', plain: image.jpegsave_buffer
+        end
+      end
+    end
+
+    # GET /challenges/new
+    def new
+      # use in the future for changing code
+      head :ok
+    end
+
+    # PATCH/PUT /challenges/1
+    def update
+      if @challenge.validate?(params[:challenge][:answer])
+        a = Antispam::Ip.find_or_create_by(address: request.remote_ip, provider: 'httpbl')
+        before = a.threat
+        a.threat = [(a.threat || 0) - 25, 0].max
+        c = Clear.create(ip: request.remote_ip, answer: params[:challenge][:answer], result: 'Passed', threat_before: before, threat_after: a.threat)
+        a.expires_at = 1.hour.from_now
+        a.save
+        redirect_to '/'
+      else
+        c = Clear.create(ip: request.remote_ip, answer: params[:challenge][:answer], result: 'Failed')
+        redirect_to '/antispam/validate', notice: 'Invalid answer.'
+      end
+    end
+
+    private
+      # Use callbacks to share common setup or constraints between actions.
+      def set_challenge
+        @challenge = Challenge.find(params[:id])
+      end
+
+      # Only allow a list of trusted parameters through.
+      def challenge_params
+        params.require(:challenge).permit(:answer, :code)
+      end
+  end
+end

data/app/controllers/antispam/clears_controller.rb

@@ -1,28 +1,28 @@
-require_dependency "antispam/application_controller"
-
-module Antispam
-  class ClearsController < ApplicationController
-    before_action :must_be_admin
-    before_action :set_clear, only: [:show, :edit, :update, :destroy]
-
-    # GET /clears
-    def index
-      @clears = Clear.all
-    end
-
-    # GET /clears/1
-    def show
-    end
-
-    private
-      # Use callbacks to share common setup or constraints between actions.
-      def set_clear
-        @clear = Clear.find(params[:id])
-      end
-
-      # Only allow a list of trusted parameters through.
-      def clear_params
-        params.require(:clear).permit(:ip, :result, :answer, :threat_before, :threat_after)
-      end
-  end
-end
+require_dependency "antispam/application_controller"
+
+module Antispam
+  class ClearsController < ApplicationController
+    before_action :must_be_admin
+    before_action :set_clear, only: [:show, :edit, :update, :destroy]
+
+    # GET /clears
+    def index
+      @clears = Clear.all
+    end
+
+    # GET /clears/1
+    def show
+    end
+
+    private
+      # Use callbacks to share common setup or constraints between actions.
+      def set_clear
+        @clear = Clear.find(params[:id])
+      end
+
+      # Only allow a list of trusted parameters through.
+      def clear_params
+        params.require(:clear).permit(:ip, :result, :answer, :threat_before, :threat_after)
+      end
+  end
+end

data/app/views/antispam/blocks/index.html.erb

@@ -1,39 +1,39 @@
-<p id="notice"><%= notice %></p>
-
-<div class="row">
-  <div class="cx">
-    <h1>Blocks</h1>
-
-    <table>
-      <thead>
-        <tr>
-          <th>Ip</th>
-          <th>Provider</th>
-          <th>Controllername</th>
-          <th>Actionname</th>
-          <th>Threat</th>
-          <th colspan="3"></th>
-        </tr>
-      </thead>
-
-      <tbody>
-        <% Antispam::Block.all.order(created_at: :desc).limit(50).each do |block| %>
-          <tr>
-            <td><%= block.ip %></td>
-            <td><%= block.provider %></td>
-            <td><%= block.controllername %></td>
-            <td><%= block.actionname %></td>
-            <td><%= block.threat %></td>
-            <td><%= time_ago_in_words block.created_at %> ago</td>
-<!--            <td><%#= link_to 'Show', block %></td>-->
-<!--            <td><%#= link_to 'Edit', edit_block_path(block) %></td>-->
-<!--            <td><%#= link_to 'Destroy', block, method: :delete, data: { confirm: 'Are you sure?' } %></td>-->
-          </tr>
-        <% end %>
-      </tbody>
-    </table>
-  </div>
-  <div class="cx">
-    <%= render template: '/antispam/clears/index.html' %>
-  </div>
+<p id="notice"><%= notice %></p>
+
+<div class="row">
+  <div class="cx">
+    <h1>Blocks</h1>
+
+    <table>
+      <thead>
+        <tr>
+          <th>Ip</th>
+          <th>Provider</th>
+          <th>Controllername</th>
+          <th>Actionname</th>
+          <th>Threat</th>
+          <th colspan="3"></th>
+        </tr>
+      </thead>
+
+      <tbody>
+        <% Antispam::Block.all.order(created_at: :desc).limit(50).each do |block| %>
+          <tr>
+            <td><%= block.ip %></td>
+            <td><%= block.provider %></td>
+            <td><%= block.controllername %></td>
+            <td><%= block.actionname %></td>
+            <td><%= block.threat %></td>
+            <td><%= time_ago_in_words block.created_at %> ago</td>
+<!--            <td><%#= link_to 'Show', block %></td>-->
+<!--            <td><%#= link_to 'Edit', edit_block_path(block) %></td>-->
+<!--            <td><%#= link_to 'Destroy', block, method: :delete, data: { confirm: 'Are you sure?' } %></td>-->
+          </tr>
+        <% end %>
+      </tbody>
+    </table>
+  </div>
+  <div class="cx">
+    <%= render template: '/antispam/clears/index', formats: :html %>
+  </div>
 </div>

data/app/views/antispam/clears/index.html.erb

@@ -1,32 +1,32 @@
-<p id="notice"><%= notice %></p>
-
-<h1>Clears</h1>
-
-<table>
-  <thead>
-    <tr>
-      <th>Ip</th>
-      <th>Result</th>
-      <th>Answer</th>
-      <th>Threat before</th>
-      <th>Threat after</th>
-      <th colspan="3"></th>
-    </tr>
-  </thead>
-
-  <tbody>
-    <% Antispam::Clear.all.order(created_at: :desc).limit(50).each do |clear| %>
-      <tr>
-        <td><%= clear.ip %></td>
-        <td><%= clear.result %></td>
-        <td><%= clear.answer %></td>
-        <td><%= clear.threat_before %></td>
-        <td><%= clear.threat_after %></td>
-        <td><%= time_ago_in_words clear.created_at %> ago</td>
-<!--        <td><%#= link_to 'Show', clear %></td>-->
-<!--        <td><%#= link_to 'Edit', edit_clear_path(clear) %></td>-->
-<!--        <td><%#= link_to 'Destroy', clear, method: :delete, data: { confirm: 'Are you sure?' } %></td>-->
-      </tr>
-    <% end %>
-  </tbody>
-</table>
+<p id="notice"><%= notice %></p>
+
+<h1>Clears</h1>
+
+<table>
+  <thead>
+    <tr>
+      <th>Ip</th>
+      <th>Result</th>
+      <th>Answer</th>
+      <th>Threat before</th>
+      <th>Threat after</th>
+      <th colspan="3"></th>
+    </tr>
+  </thead>
+
+  <tbody>
+    <% Antispam::Clear.all.order(created_at: :desc).limit(50).each do |clear| %>
+      <tr>
+        <td><%= clear.ip %></td>
+        <td><%= clear.result %></td>
+        <td><%= clear.answer %></td>
+        <td><%= clear.threat_before %></td>
+        <td><%= clear.threat_after %></td>
+        <td><%= time_ago_in_words clear.created_at %> ago</td>
+<!--        <td><%#= link_to 'Show', clear %></td>-->
+<!--        <td><%#= link_to 'Edit', edit_clear_path(clear) %></td>-->
+<!--        <td><%#= link_to 'Destroy', clear, method: :delete, data: { confirm: 'Are you sure?' } %></td>-->
+      </tr>
+    <% end %>
+  </tbody>
+</table>

data/app/views/layouts/antispam/application.html.erb

@@ -1,15 +1,15 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <title>Antispam</title>
-  <%= csrf_meta_tags %>
-  <%= csp_meta_tag %>
-  <style>.row { width:100%;display: flex;} .cx { width: 50%; }</style>
-  <%#= stylesheet_link_tag    "antispam/application", media: "all" %>
-</head>
-<body>
-
-<%= yield %>
-
-</body>
-</html>
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Antispam</title>
+  <%= csrf_meta_tags %>
+  <%= csp_meta_tag %>
+  <style>.row { width:100%;display: flex;} .cx { width: 50%; }</style>
+  <%#= stylesheet_link_tag    "antispam/application", media: "all" %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/db/migrate/20210131165122_add_threat_to_antispam_blocks.rb

@@ -1,5 +1,5 @@
-class AddThreatToAntispamBlocks < ActiveRecord::Migration[6.1]
-  def change
-    add_column :antispam_blocks, :threat, :integer
-  end
-end
+class AddThreatToAntispamBlocks < ActiveRecord::Migration[6.1]
+  def change
+    add_column :antispam_blocks, :threat, :integer
+  end
+end

data/lib/antispam/blacklists/httpbl.rb

@@ -2,28 +2,33 @@ require 'resolv'
 module Antispam
   module Blacklists
     class Httpbl
-      def self.check(ip, key)
+      def self.check(ip, key, verbose)
         threat = 0
         begin
-          return get_old_result(ip) if get_old_result(ip)
+          old_result = get_old_result(ip)
+          if old_result
+            Rails.logger.info "Returning old result for #{ip}." if verbose
+            return get_old_result(ip)
+          end
           check = ip.split('.').reverse.join('.')
           host = key + '.' + check + ".dnsbl.httpbl.org"
           address = Resolv::getaddress(host)
           z,days,threat,iptype = address.split('.')
-          Rails.logger.info "Spam located: #{iptype} type at #{threat} threat. (#{ip} - #{address})"
+          Rails.logger.info "Spam located: #{iptype} type at #{threat} threat. (#{ip} - #{address})" if verbose
+          threat = threat.to_i
           # Create or update
-          if (threat.to_i > 30)
-            Rails.logger.info "Spamcheck: Very high, over 30!"
+          if (threat > 30)
+            Rails.logger.info "Spamcheck: Very high, over 30!" if verbose
           end
         rescue Exception => e
           case e
           when Resolv::ResolvError #Not spam! This blacklist gives an error when there's no spam threat.
-            Rails.logger.info "Spamcheck: OK! Resolve error means the httpbl does not consider this spam."
+            Rails.logger.info "Spamcheck: OK! Resolve error means the httpbl does not consider this spam." if verbose
           when Interrupt #Something broke while trying to check blacklist.
-            Rails.logger.info "Spamcheck: Interrupt when trying to resolve http blacklist. Possible timeout?"
+            Rails.logger.info "Spamcheck: Interrupt when trying to resolve http blacklist. Possible timeout?" if verbose
           else # Time Out
-            Rails.logger.info "Spamcheck: There was an error, possibly a time out, when checking this IP."
-            Rails.logger.info e.to_s
+            Rails.logger.info "Spamcheck: There was an error, possibly a time out, when checking this IP." if verbose
+            Rails.logger.info e.to_s if verbose
           end
         end
         update_old_result(ip, threat)

data/lib/antispam/checker.rb

@@ -0,0 +1,20 @@
+module Antispam
+  module Checker
+    # Checks content for spam
+    # check(options, spamcheck_providers)
+    # Usage: check({content: "No spam here"}, {defendium: 'MY_API_KEY'}})
+    def self.check(options = {}, spamcheck_providers = {defendium: 'YOUR_KEY'})
+      Rails.logger.info "Content was nil for spamcheck." if options[:content].nil? && options[:verbose]
+      return if options[:content].nil?
+      Rails.logger.info "Spamcheckers should be a hash" if (!(options[:spamcheck_providers].is_a? Hash)) && options[:verbose]
+      results = []
+      spamcheck_providers.each do |spamchecker_name, spamchecker_api_key|
+        if spamchecker_name == :defendium
+          results.append Antispam::Spamcheckers::Defendium.check(options[:content], spamchecker_api_key, options[:verbose])
+        end
+      end
+      result = Antispam::SpamcheckResult.new(results)
+      return result
+    end
+  end
+end

data/lib/antispam/results.rb

@@ -0,0 +1,10 @@
+module Antispam
+  class SpamcheckResult
+    def initialize(results)
+      @results = results
+    end
+    def is_spam?
+      @results.select{|x| x > 0}.present?
+    end
+  end
+end

data/lib/antispam/spamcheckers/defendium.rb

@@ -0,0 +1,29 @@
+#require 'resolv'
+module Antispam
+  module Spamcheckers
+    class Defendium
+      def self.check(content, key, verbose)
+        # nethttp2.rb
+        require 'uri'
+        require 'net/http'
+
+        uri = URI('https://api.defendium.com/check')
+        params = { secret_key: key, content: content }
+        uri.query = URI.encode_www_form(params)
+
+        res = Net::HTTP.get_response(uri)
+        if res.is_a?(Net::HTTPSuccess)
+          result = res.body.to_json
+          if result["warnings"]
+            Rails.logger.info result["warnings"]
+          end
+          if result["result"]
+            return 1
+          else
+            return 0
+          end
+        end
+      end
+    end
+  end
+end

data/lib/antispam/tools.rb

@@ -1,48 +1,57 @@
-module Antispam
-  module Tools
-    # before_action :check_ip_against_database
-    def check_ip_against_database(options = {ip_blacklists: {default: ''}})
-      return if request.get?
-      return if skip_if_user_whitelisted
-      return if controller_name == "validate"
-      ip = request.remote_ip
-      # First, check IP blacklists.
-      if (options[:ip_blacklists])
-        if options[:ip_blacklists][:default]
-          options[:ip_blacklists][:httpbl] = options[:ip_blacklists][:default]
-          options[:ip_blacklists].delete(:default)
-        end
-        check_ip_against_blacklists(ip, options[:ip_blacklists], options[:verbose])
-      end
-      # Second, check for weird countries.
-      if (options[:scrutinize_countries_except])
-
-      end
-      Rails.logger.info "Got to this function. #{ip}"
-      puts "Got to this function. #{ip}"
-    end
-    def check_ip_against_blacklists(ip, lists, verbose)
-      lists.each do |provider_name, provider_api_key|
-        puts "Checking provider: #{provider_name}" if verbose
-        if provider_name == :httpbl
-          result = Antispam::Blacklists::Httpbl.check(ip, provider_api_key)
-          puts result if verbose
-          if (result > 30)
-            Block.create(ip: ip, provider: provider_name, threat: result)
-            redirect_to '/antispam/validate'
-          end
-        end
-      end
-    end
-
-    def skip_if_user_whitelisted
-      if respond_to? :current_user
-        if current_user && current_user.respond_to?(:antispam_whitelisted?)
-          return true if current_user.antispam_whitelisted?
-        end
-      end
-    end
-
-
-  end
-end
+module Antispam
+  module Tools
+    # Checks spam against an IP database of spammers.
+    # Usage: before_action :check_ip_against_database
+    def check_ip_against_database(options = {ip_blacklists: {default: ''}})
+      if (options[:methods])
+        return if request.get? unless options[:methods].include?(:get)
+        return if request.post? unless options[:methods].include?(:post)
+        return if request.put? unless options[:methods].include?(:put)
+        return if request.patch? unless options[:methods].include?(:patch)
+        return if request.delete? unless options[:methods].include?(:delete)
+      else
+        return if request.get?
+      end
+      return if skip_if_user_whitelisted
+      return if controller_name == "validate"
+      ip = request.remote_ip
+      # First, check IP blacklists.
+      if (options[:ip_blacklists])
+        if options[:ip_blacklists][:default]
+          options[:ip_blacklists][:httpbl] = options[:ip_blacklists][:default]
+          options[:ip_blacklists].delete(:default)
+        end
+        check_ip_against_blacklists(ip, options[:ip_blacklists], options[:verbose])
+      end
+      # Second, check for weird countries.
+      if (options[:scrutinize_countries_except])
+
+      end
+      Rails.logger.info "Completed IP database check. #{ip}" if options[:verbose]
+    end
+    # Checks the specific blacklists
+    def check_ip_against_blacklists(ip, lists, verbose)
+      lists.each do |provider_name, provider_api_key|
+        Rails.logger.info "Checking provider: #{provider_name}" if verbose
+        if provider_name == :httpbl
+          result = Antispam::Blacklists::Httpbl.check(ip, provider_api_key, verbose)
+          Rails.logger.info(result) if verbose
+          if (result > 30)
+            Block.create(ip: ip, provider: provider_name, threat: result)
+            redirect_to '/antispam/validate'
+          end
+        end
+      end
+    end
+
+    def skip_if_user_whitelisted
+      if respond_to? :current_user
+        if current_user && current_user.respond_to?(:antispam_whitelisted?)
+          return true if current_user.antispam_whitelisted?
+        end
+      end
+    end
+
+
+  end
+end

data/lib/antispam/version.rb

@@ -1,3 +1,3 @@
-module Antispam
-  VERSION = '0.1.4'
-end
+module Antispam
+  VERSION = '0.1.7'
+end

data/lib/antispam.rb

@@ -1,11 +1,17 @@
-require "antispam/version"
-require "antispam/engine"
-require "antispam/tools"
-require "antispam/blacklists/httpbl"
-
-module Antispam
-  ActiveSupport.on_load(:action_controller) do
-    # self refers to ActionController::Base here
-    self.include Antispam::Tools
-  end
-end
+require "antispam/version"
+require "antispam/engine"
+require "antispam/tools"
+require "antispam/checker"
+require "antispam/blacklists/httpbl"
+require "antispam/spamcheckers/defendium"
+require "antispam/results"
+
+module Antispam
+  ActiveSupport.on_load(:action_controller) do
+    # self refers to ActionController::Base here
+    # This way is removed because below may be more compatible.
+    # self.include Antispam::Tools
+    # Would the below be a better (clearer? more compatible?) way to do this?
+    ActionController::Base.send(:include, Antispam::Tools)
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: antispam
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.7
 platform: ruby
 authors:
 - Ryan Kopf
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-01-31 00:00:00.000000000 Z
+date: 2023-01-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: 6.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: 6.1.0
 - !ruby/object:Gem::Dependency
   name: image_processing
   requirement: !ruby/object:Gem::Requirement
@@ -38,6 +38,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: net-http
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Antispam checks DNS blacklists and helps prevent spam on your site.
 email:
 - antispam@ryankopf.com
@@ -83,20 +97,14 @@ files:
 - app/models/antispam/challenge.rb
 - app/models/antispam/clear.rb
 - app/models/antispam/ip.rb
-- app/views/antispam/blocks/_form.html.erb
-- app/views/antispam/blocks/edit.html.erb
 - app/views/antispam/blocks/index.html.erb
-- app/views/antispam/blocks/new.html.erb
 - app/views/antispam/blocks/show.html.erb
 - app/views/antispam/challenges/_form.html.erb
 - app/views/antispam/challenges/edit.html.erb
 - app/views/antispam/challenges/index.html.erb
 - app/views/antispam/challenges/new.html.erb
 - app/views/antispam/challenges/show.html.erb
-- app/views/antispam/clears/_form.html.erb
-- app/views/antispam/clears/edit.html.erb
 - app/views/antispam/clears/index.html.erb
-- app/views/antispam/clears/new.html.erb
 - app/views/antispam/clears/show.html.erb
 - app/views/antispam/validate/index.html.erb
 - app/views/layouts/antispam/application.html.erb
@@ -108,7 +116,10 @@ files:
 - db/migrate/20210131165122_add_threat_to_antispam_blocks.rb
 - lib/antispam.rb
 - lib/antispam/blacklists/httpbl.rb
+- lib/antispam/checker.rb
 - lib/antispam/engine.rb
+- lib/antispam/results.rb
+- lib/antispam/spamcheckers/defendium.rb
 - lib/antispam/tools.rb
 - lib/antispam/version.rb
 - lib/tasks/antispam_tasks.rake
@@ -135,7 +146,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.4.4
 signing_key: 
 specification_version: 4
 summary: A spam prevention gem.

data/app/views/antispam/blocks/_form.html.erb

@@ -1,37 +0,0 @@
-<%= form_with(model: block) do |form| %>
-  <% if block.errors.any? %>
-    <div id="error_explanation">
-      <h2><%= pluralize(block.errors.count, "error") %> prohibited this block from being saved:</h2>
-
-      <ul>
-        <% block.errors.each do |error| %>
-          <li><%= error.full_message %></li>
-        <% end %>
-      </ul>
-    </div>
-  <% end %>
-
-  <div class="field">
-    <%= form.label :ip %>
-    <%= form.text_field :ip %>
-  </div>
-
-  <div class="field">
-    <%= form.label :provider %>
-    <%= form.text_field :provider %>
-  </div>
-
-  <div class="field">
-    <%= form.label :controllername %>
-    <%= form.text_field :controllername %>
-  </div>
-
-  <div class="field">
-    <%= form.label :actionname %>
-    <%= form.text_field :actionname %>
-  </div>
-
-  <div class="actions">
-    <%= form.submit %>
-  </div>
-<% end %>

data/app/views/antispam/blocks/edit.html.erb

@@ -1,6 +0,0 @@
-<h1>Editing Block</h1>
-
-<%= render 'form', block: @block %>
-
-<%= link_to 'Show', @block %> |
-<%= link_to 'Back', blocks_path %>

data/app/views/antispam/blocks/new.html.erb

@@ -1,5 +0,0 @@
-<h1>New Block</h1>
-
-<%= render 'form', block: @block %>
-
-<%= link_to 'Back', blocks_path %>

data/app/views/antispam/clears/_form.html.erb

@@ -1,42 +0,0 @@
-<%= form_with(model: clear) do |form| %>
-  <% if clear.errors.any? %>
-    <div id="error_explanation">
-      <h2><%= pluralize(clear.errors.count, "error") %> prohibited this clear from being saved:</h2>
-
-      <ul>
-        <% clear.errors.each do |error| %>
-          <li><%= error.full_message %></li>
-        <% end %>
-      </ul>
-    </div>
-  <% end %>
-
-  <div class="field">
-    <%= form.label :ip %>
-    <%= form.text_field :ip %>
-  </div>
-
-  <div class="field">
-    <%= form.label :result %>
-    <%= form.text_field :result %>
-  </div>
-
-  <div class="field">
-    <%= form.label :answer %>
-    <%= form.text_field :answer %>
-  </div>
-
-  <div class="field">
-    <%= form.label :threat_before %>
-    <%= form.number_field :threat_before %>
-  </div>
-
-  <div class="field">
-    <%= form.label :threat_after %>
-    <%= form.number_field :threat_after %>
-  </div>
-
-  <div class="actions">
-    <%= form.submit %>
-  </div>
-<% end %>

data/app/views/antispam/clears/edit.html.erb

@@ -1,6 +0,0 @@
-<h1>Editing Clear</h1>
-
-<%= render 'form', clear: @clear %>
-
-<%= link_to 'Show', @clear %> |
-<%= link_to 'Back', clears_path %>

data/app/views/antispam/clears/new.html.erb

@@ -1,5 +0,0 @@
-<h1>New Clear</h1>
-
-<%= render 'form', clear: @clear %>
-
-<%= link_to 'Back', clears_path %>