antispam 0.1.5 → 0.1.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 278c21161c08ebd08f8376df6ddb57fcda33d20d7ae9e9d804a7b3785c23cbae
-  data.tar.gz: dab176fb46e3d5ecaa6d2c304262adfc4bf612f413b392270e3b44ef03de7147
+  metadata.gz: 636c6cfd1e3a5c84182eaa1e19966e553a2098c4f3a01a049cdbe4613165a52e
+  data.tar.gz: 8a53d23ef78da214962bd81411a97a720d5eba3a15817d3f7ccd5bfac81719ec
 SHA512:
-  metadata.gz: 3491eb8c49c91b0cc468440cde3b965ac359d6e3d561e8893a5e48079da0441a2128dd9cb118d30b79e147b8ad79d87ce2df78fcd074217880b1c6f9c4e60748
-  data.tar.gz: b1d49d286f4bc2d6885e40e7f20b0bd9cdec2f57c608dd443b9c060a8a49ca7799e69f05a0e3e5f422071f385a34fcd39e442a2ee5b5a89f0dfd56425574da5c
+  metadata.gz: b4d6e23e0432af6b62b7cd9e469c2393a9e4f4513b13d93d282e6841062bd706d70fa44dd6bed0d79658da80ff52827ee8ba9d63baa0a84df2112a7fd313b3dd
+  data.tar.gz: 9ca4921062395565e50fa29daf9d56bd3e691b5a675fb34bc4d6ec5e1378da1f3be5b19bdc73294be7fcb55b8e3d766819c140ef45b602d8904818eccf10f187

data/README.md

@@ -1,9 +1,29 @@
 # Antispam
 The antispam gem helps prevent spam in your Rails applications by
-checking against various antispam blacklists on the web.
-You can configure which spam blacklists are checked in your application configuration.
+providing tools that check spam against powerful spam-prevention
+databases, accessible for free.
 
-## Usage
+The first feature checks against an IP database of spam, allowing you
+to stop spammers who are prolific and have been detected on other websites.
+It uses the blazing fast Defendium API to quickly determine if submitted
+content is spam or not.
+
+The second feature allows you to submit user-provided content to a spam
+checking service that uses machine learning and a database of content to
+determine whether the user's submitted content is spam.
+
+## Spam Content Checking - Usage
+
+```
+result = Antispam::Checker.check(content: @comment.body)
+if result.is_spam?
+  @comment.save
+else
+  redirect_to "/access_denied"
+end
+```
+
+## Bad IP Checking - Usage
 
 The gem is used by adding this to your ApplicationController.rb
 
@@ -13,8 +33,18 @@ before_action do
 end
 ```
 
+Codes are from the [httpbl](https://www.projecthoneypot.org/httpbl.php) at projecthoneypot.org
+
 Once the filter is setup, everything else is handled for your application.
-The gem will run during any request that is not a GET request.
+By default the gem will run during any request that is not a GET request.
+
+You can change the filter to run during other requests.
+
+```
+before_action do
+  check_ip_against_database(ip_blacklists: {default: 'yourcodehere'}, methods: [:get,:post,:put,:patch,:delete])
+end
+```
 
 Blacklist database lookups are cached for 24 hours, and cached results won't need
 to slowdown your app by additional http requests on the backend.
@@ -27,7 +57,7 @@ You need to add this to your routes.rb
   mount Antispam::Engine => "/antispam"
 ```
 You can see what IP addresses have been blocked by going to /antispam/blocks
-but your applicationcontroller must respond to ```is_admin?``` function.
+but your ApplicationController.rb must respond to ```is_admin?``` function.
 
 
 ## Installation
@@ -70,3 +100,14 @@ The gem is available as open source under the terms of the [MIT License](https:/
 ## Code of Conduct
 
 Everyone interacting in the Antispam project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/ryankopf/antispam/blob/master/CODE_OF_CONDUCT.md).
+
+## NO WARRANTY
+
+THE SUBJECT SOFTWARE IS PROVIDED "AS IS" WITHOUT ANY WARRANTY OF ANY KIND,
+EITHER EXPRESSED, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT LIMITED TO,
+ANY WARRANTY THAT THE SUBJECT SOFTWARE WILL CONFORM TO SPECIFICATIONS,
+ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
+OR FREEDOM FROM INFRINGEMENT, ANY WARRANTY THAT THE SUBJECT SOFTWARE WILL BE
+ERROR FREE, OR ANY WARRANTY THAT DOCUMENTATION, IF PROVIDED, WILL CONFORM TO
+THE SUBJECT SOFTWARE. THIS SOFTWARE IS PROVIDED "AS IS." IF YOUR JURISDICTION
+DOES NOT ALLOW THESE LIMITATIONS THEN YOU MAY NOT USE THE SOFTWARE.

data/app/controllers/antispam/challenges_controller.rb

@@ -17,6 +17,7 @@ module Antispam
     # GET /challenges/new
     def new
       # use in the future for changing code
+      head :ok
     end
 
     # PATCH/PUT /challenges/1

data/app/views/antispam/blocks/index.html.erb

@@ -34,6 +34,6 @@
     </table>
   </div>
   <div class="cx">
-    <%= render template: '/antispam/clears/index.html' %>
+    <%= render template: '/antispam/clears/index', formats: :html %>
   </div>
 </div>

data/lib/antispam/blacklists/httpbl.rb

@@ -15,19 +15,20 @@ module Antispam
           address = Resolv::getaddress(host)
           z,days,threat,iptype = address.split('.')
           Rails.logger.info "Spam located: #{iptype} type at #{threat} threat. (#{ip} - #{address})" if verbose
+          threat = threat.to_i
           # Create or update
-          if (threat.to_i > 30)
-            Rails.logger.info "Spamcheck: Very high, over 30!"
+          if (threat > 30)
+            Rails.logger.info "Spamcheck: Very high, over 30!" if verbose
           end
         rescue Exception => e
           case e
           when Resolv::ResolvError #Not spam! This blacklist gives an error when there's no spam threat.
-            Rails.logger.info "Spamcheck: OK! Resolve error means the httpbl does not consider this spam."
+            Rails.logger.info "Spamcheck: OK! Resolve error means the httpbl does not consider this spam." if verbose
           when Interrupt #Something broke while trying to check blacklist.
-            Rails.logger.info "Spamcheck: Interrupt when trying to resolve http blacklist. Possible timeout?"
+            Rails.logger.info "Spamcheck: Interrupt when trying to resolve http blacklist. Possible timeout?" if verbose
           else # Time Out
-            Rails.logger.info "Spamcheck: There was an error, possibly a time out, when checking this IP."
-            Rails.logger.info e.to_s
+            Rails.logger.info "Spamcheck: There was an error, possibly a time out, when checking this IP." if verbose
+            Rails.logger.info e.to_s if verbose
           end
         end
         update_old_result(ip, threat)

data/lib/antispam/checker.rb

@@ -0,0 +1,20 @@
+module Antispam
+  module Checker
+    # Checks content for spam
+    # check(options, spamcheck_providers)
+    # Usage: check({content: "No spam here"}, {defendium: 'MY_API_KEY'}})
+    def self.check(options = {}, spamcheck_providers = {defendium: 'YOUR_KEY'})
+      Rails.logger.info "Content was nil for spamcheck." if options[:content].nil? && options[:verbose]
+      return if options[:content].nil?
+      Rails.logger.info "Spamcheckers should be a hash" if (!(options[:spamcheck_providers].is_a? Hash)) && options[:verbose]
+      results = []
+      spamcheck_providers.each do |spamchecker_name, spamchecker_api_key|
+        if spamchecker_name == :defendium
+          results.append Antispam::Spamcheckers::Defendium.check(options[:content], spamchecker_api_key, options[:verbose])
+        end
+      end
+      result = Antispam::SpamcheckResult.new(results)
+      return result
+    end
+  end
+end

data/lib/antispam/results.rb

@@ -0,0 +1,10 @@
+module Antispam
+  class SpamcheckResult
+    def initialize(results)
+      @results = results
+    end
+    def is_spam?
+      @results.select{|x| x > 0}.present?
+    end
+  end
+end

data/lib/antispam/spamcheckers/defendium.rb

@@ -0,0 +1,29 @@
+#require 'resolv'
+module Antispam
+  module Spamcheckers
+    class Defendium
+      def self.check(content, key, verbose)
+        # nethttp2.rb
+        require 'uri'
+        require 'net/http'
+
+        uri = URI('https://api.defendium.com/check')
+        params = { secret_key: key, content: content }
+        uri.query = URI.encode_www_form(params)
+
+        res = Net::HTTP.get_response(uri)
+        if res.is_a?(Net::HTTPSuccess)
+          result = res.body.to_json
+          if result["warnings"]
+            Rails.logger.info result["warnings"]
+          end
+          if result["result"]
+            return 1
+          else
+            return 0
+          end
+        end
+      end
+    end
+  end
+end

data/lib/antispam/tools.rb

@@ -1,6 +1,7 @@
 module Antispam
   module Tools
-    # before_action :check_ip_against_database
+    # Checks spam against an IP database of spammers.
+    # Usage: before_action :check_ip_against_database
     def check_ip_against_database(options = {ip_blacklists: {default: ''}})
       if (options[:methods])
         return if request.get? unless options[:methods].include?(:get)
@@ -28,9 +29,10 @@ module Antispam
       end
       Rails.logger.info "Completed IP database check. #{ip}" if options[:verbose]
     end
+    # Checks the specific blacklists
     def check_ip_against_blacklists(ip, lists, verbose)
       lists.each do |provider_name, provider_api_key|
-        puts "Checking provider: #{provider_name}" if verbose
+        Rails.logger.info "Checking provider: #{provider_name}" if verbose
         if provider_name == :httpbl
           result = Antispam::Blacklists::Httpbl.check(ip, provider_api_key, verbose)
           Rails.logger.info(result) if verbose

data/lib/antispam/version.rb

@@ -1,3 +1,3 @@
 module Antispam
-  VERSION = '0.1.5'
+  VERSION = '0.1.7'
 end

data/lib/antispam.rb

@@ -1,7 +1,10 @@
 require "antispam/version"
 require "antispam/engine"
 require "antispam/tools"
+require "antispam/checker"
 require "antispam/blacklists/httpbl"
+require "antispam/spamcheckers/defendium"
+require "antispam/results"
 
 module Antispam
   ActiveSupport.on_load(:action_controller) do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: antispam
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.7
 platform: ruby
 authors:
 - Ryan Kopf
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-26 00:00:00.000000000 Z
+date: 2023-01-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: 6.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: 6.1.0
 - !ruby/object:Gem::Dependency
   name: image_processing
   requirement: !ruby/object:Gem::Requirement
@@ -38,6 +38,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: net-http
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Antispam checks DNS blacklists and helps prevent spam on your site.
 email:
 - antispam@ryankopf.com
@@ -102,7 +116,10 @@ files:
 - db/migrate/20210131165122_add_threat_to_antispam_blocks.rb
 - lib/antispam.rb
 - lib/antispam/blacklists/httpbl.rb
+- lib/antispam/checker.rb
 - lib/antispam/engine.rb
+- lib/antispam/results.rb
+- lib/antispam/spamcheckers/defendium.rb
 - lib/antispam/tools.rb
 - lib/antispam/version.rb
 - lib/tasks/antispam_tasks.rake
@@ -129,7 +146,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.4.4
 signing_key: 
 specification_version: 4
 summary: A spam prevention gem.