decidim-spam_signal 0.3.1

data/lib/decidim/spam_signal/engine.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require "rails"
+require "decidim/core"
+require "deface"
+
+module Decidim
+  module SpamSignal
+    # This is the engine that runs on the public interface of spam_signal.
+    class Engine < ::Rails::Engine
+      isolate_namespace Decidim::SpamSignal
+      
+      config.to_prepare do
+        Decidim::User.include(ProfileSpamValidator)
+        Decidim::Comments::CommentForm.include(CommentSpamValidator)
+      end
+
+      initializer "decidim_spam_signal.webpacker.assets_path" do
+        Decidim.register_assets_path File.expand_path("#{Decidim::SpamSignal::Engine.root}/app/packs")
+      end
+    end
+  end
+end

data/lib/decidim/spam_signal/extractors/comment_extractor.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Decidim
+  module SpamSignal
+    module Extractors
+      class CommentExtractor < Extractor
+        def self.extract(comment, config)
+          body = comment.attributes[:body]
+          return "" unless body.present?
+          body
+        end
+      end
+    end
+  end
+end

data/lib/decidim/spam_signal/extractors/extractor.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Decidim
+  module SpamSignal
+    module Extractors
+      class Extractor
+        def self.extract(model, config)
+          raise Error, "not implemented"
+        end
+      end
+    end
+  end
+end

data/lib/decidim/spam_signal/extractors/profile_extractor.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Decidim
+  module SpamSignal
+    module Extractors
+      class ProfileExtractor < Extractor
+        def self.extract(user, _config)
+          "#{user.about}" + (user.personal_url ? "
+===
+#{user.personal_url}" : "")
+        end
+      end
+    end
+  end
+end

data/lib/decidim/spam_signal/scans/scans_repository.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require "singleton"
+
+module Decidim
+  module SpamSignal
+    module Scans
+      ##
+      # Strategies repository
+      class ScansRepository
+        include Singleton
+        attr_reader :strategies
+
+        def initialize
+          @_strategies = {}
+        end
+
+        def register(strategy, command_klass)
+          @_strategies[strategy.to_sym] = command_klass
+        end
+
+        def unset_strategy(strategy)
+          key = strategy.to_sym
+          raise Error, "Cop's Strategy #{strategy} does not exists" unless @_strategies.key? key
+          @_strategies.except!(key)
+        end
+
+        def strategies
+          @_strategies.keys
+        end
+
+        def form_for(strategy)
+          strategy(strategy).form
+        end
+
+        def strategy(strategy)
+          key = "#{strategy}".to_sym
+          return @_strategies[key] if @_strategies.key? key
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/decidim/spam_signal/spam_settings_form_builder.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Decidim
+  module SpamSignal
+    class SpamSettingsFormBuilder < Decidim::AuthorizationFormBuilder
+      def input_field(name, type, **options)
+        return hidden_field(name) if name.to_s == "handler_name"
+        case type
+        when :date, :datetime, :time, :"decidim/attributes/localized_date"
+          date_field name
+        when :integer, Integer
+          number_field name
+        else
+          return text_area name, rows: 5 if name.to_s.ends_with? "_csv"
+          return number_field name if name.to_s.starts_with? "num_"
+          return check_box name if name.to_s.starts_with?("is_") || name.to_s.ends_with?("enabled")
+          text_field name
+        end
+      end
+    end
+  end
+end

data/lib/decidim/spam_signal/test/factories.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+require "decidim/faker/localized"
+require "decidim/faker/internet"
+require "decidim/dev"
+require "decidim/core/test/factories"
+require_relative "scan_factories"
+FactoryBot.define do
+  factory :spam_signal_config, class: "Decidim::SpamSignal::Config" do
+    organization { create(:organization) }
+    comment_settings { {
+      "scans" => {},
+      "rules" => {},
+      "spam_cop" => {},
+      "suspicious_cop" => {}
+    } }
+    profile_settings { {
+      "scans" => {},
+      "rules" => {},
+      "spam_cop" => {},
+      "suspicious_cop" => {}
+    }}
+  end
+end

data/lib/decidim/spam_signal/test/scan_factories.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class SpamScan < Decidim::SpamSignal::Scans::ScanHandler
+  def call
+    broadcast(:spam)
+  end
+end
+class SuspiciousScan < Decidim::SpamSignal::Scans::ScanHandler
+  def call
+    broadcast(:suspicious)
+  end
+end
+class OkScan < Decidim::SpamSignal::Scans::ScanHandler
+  def call
+    broadcast(:ok)
+  end
+end

data/lib/decidim/spam_signal/validators/comment_spam_validator.rb

@@ -0,0 +1,119 @@
+# frozen_string_literal: true
+
+module Decidim
+  module SpamSignal
+    module CommentSpamValidator
+      extend ActiveSupport::Concern
+
+      included do
+        validate :scan_spam
+
+        def scan_spam
+          return if body.empty?
+          tested_content = Extractors::CommentExtractor.extract(self, spam_config)
+          # Collect fired symbols
+          symboles = spam_scanners.map do |scan_command, scan_option|
+            scan_command.call(
+              tested_content,
+              scan_option
+            )
+          end.map(&:keys).flatten.filter { |s| s != :ok && s != :valid }
+          return if !symboles || symboles.empty?
+
+          # Check the rules
+          suspicious_rules = spam_ruleset("suspicious")
+          spam_rules = spam_ruleset("spam")
+          fire_suspicious_cop = suspicious_rules.map do |ruleset|
+            ruleset.map do |rule|
+              symboles.include? rule
+            end.all?
+          end.any?
+          fire_spam_cop = spam_rules.map do |ruleset|
+            ruleset.map do |rule|
+              symboles.include? rule
+            end.all?
+          end.any?
+          # If it's a cop fire it, else if it's a suspicous, fire it.
+          if fire_spam_cop && obvious_spam_cop
+            obvious_spam_cop.call(
+              errors: errors,
+              suspicious_user: author,
+              config: obvious_spam_cop_options,
+              reportable: author,
+              justification: "comment: " + tested_content
+            )
+          elsif fire_suspicious_cop && suspicious_spam_cop
+            suspicious_spam_cop.call(
+              errors: errors,
+              suspicious_user: author,
+              reportable: author,
+              config: suspicious_spam_cop_options,
+              justification:  "comment: " + tested_content
+            )
+          end
+        end
+
+        def obvious_spam_cop_options
+          cop = spam_config.comments.spam_cop
+          return nil unless cop
+          cop
+        end
+
+        def obvious_spam_cop
+          cop_key = obvious_spam_cop_options["handler_name"]
+          return nil unless cop_key
+          Cops::CopsRepository.instance.strategy(
+            cop_key
+          )
+        end
+
+        def suspicious_spam_cop_options
+          cop = spam_config.comments.suspicious_cop
+          return nil unless cop
+          cop
+        end
+
+        def suspicious_spam_cop
+          cop_key = suspicious_spam_cop_options["handler_name"]
+          return nil unless cop_key
+          Cops::CopsRepository.instance.strategy(
+            cop_key
+          )
+        end
+
+        def spam_config
+          @config ||= Config.get_config(context.current_organization)
+        end
+
+        def author
+          context.author || nil
+        end
+
+        def scan_context
+          {
+            validator: commentable.commentable_type == "Decidim::Comments::Comment" ? "comment-reply" : "comment",
+            is_updating: id.present?,
+            date: id.present? ? updated_at : DateTime.now,
+            current_organization: context.current_organization,
+            author: context.author
+          }
+        end
+
+        def spam_scanners
+          spam_config.comments.scans.map do |s, options|
+            options["context"] = scan_context
+            [Scans::ScansRepository.instance.strategy(s), options]
+          end
+        end
+
+        def spam_ruleset(handler_name = "spam")
+          spam_config.comments.rules.map do |rule_id, rule|
+            rule
+          end.filter { |r| r["handler_name"] == handler_name }.map do |r|
+            r["rules"].symbolize_keys.keys
+          end
+        end
+      end
+    end
+  end
+end

data/lib/decidim/spam_signal/validators/profile_spam_validator.rb

@@ -0,0 +1,133 @@
+# frozen_string_literal: true
+
+module Decidim
+  module SpamSignal
+    module ProfileSpamValidator
+      extend ActiveSupport::Concern
+
+      included do
+        validate :scan_spam
+        def scan_spam
+          return if !about || about.empty?
+          return if blocked_at_changed?(from: nil) # we are blocking the user, don't validate if it is spam.
+          current_user = self
+          tested_content = Extractors::ProfileExtractor.extract(self, spam_config)
+
+          # Collect fired symbols
+          symboles = spam_scanners.map do |scan_command, scan_option|
+            scan_command.call(
+              tested_content,
+              scan_option
+            )
+          end.map(&:keys).flatten.filter { |s| s != :ok && s != :valid }
+          return if !symboles || symboles.empty?
+
+          # Check the rules
+          suspicious_rules = spam_ruleset("suspicious")
+          spam_rules = spam_ruleset("spam")
+          fire_suspicious_cop = suspicious_rules.map do |ruleset|
+            ruleset.map do |rule|
+              symboles.include? rule
+            end.all?
+          end.any?
+          fire_spam_cop = spam_rules.map do |ruleset|
+            ruleset.map do |rule|
+              symboles.include? rule
+            end.all?
+          end.any?
+
+          # If it's a cop fire it, else if it's a suspicous, fire it.
+          if fire_spam_cop && obvious_spam_cop
+            obvious_spam_cop.call(
+              errors: errors,
+              error_key: :about,
+              suspicious_user: current_user,
+              config: obvious_spam_cop_options,
+              justification: "profile: " + tested_content
+            ) do |on|
+              on(:save) {}
+              on(:restore_value) { restore_values(current_user) }
+            end
+          elsif fire_suspicious_cop && suspicious_spam_cop
+            suspicious_spam_cop.call(
+              errors: errors,
+              error_key: :about,
+              suspicious_user: current_user,
+              config: suspicious_spam_cop_options,
+              justification:  "profile: " + tested_content
+            ) do |on|
+              on(:save) {}
+              on(:restore_value) { restore_values(current_user) }
+            end
+          end
+        end
+
+        # Case the lock cop is there,
+        # it will save the user without validation,
+        # we should then update the attributes to before
+        # state
+        def restore_values(user)
+          user.about = user.about_was
+          user.personal_url = user.personal_url_was
+        end
+
+        def obvious_spam_cop_options
+          cop = spam_config.profiles.spam_cop
+          return nil unless cop
+          cop
+        end
+
+        def scan_context
+          {
+            validator: "profile",
+            is_updating: true,
+            date: updated_at,
+            current_organization: organization,
+            author: self
+          }
+        end
+
+        def obvious_spam_cop
+          cop_key = obvious_spam_cop_options["handler_name"]
+          return nil unless cop_key
+          Cops::CopsRepository.instance.strategy(
+            cop_key
+          )
+        end
+
+        def suspicious_spam_cop_options
+          cop = spam_config.profiles.suspicious_cop
+          return nil unless cop
+          cop
+        end
+
+        def suspicious_spam_cop
+          cop_key = suspicious_spam_cop_options["handler_name"]
+          return nil unless cop_key
+          Cops::CopsRepository.instance.strategy(
+            cop_key
+          )
+        end
+
+        def spam_config
+          @config ||= Config.get_config(organization)
+        end
+
+        def spam_scanners
+          spam_config.profiles.scans.map do |s, options|
+            options["context"] = scan_context
+            [Scans::ScansRepository.instance.strategy(s), options]
+          end
+        end
+
+        def spam_ruleset(handler_name = "spam")
+          spam_config.profiles.rules.map do |rule_id, rule|
+            rule
+          end.filter { |r| r["handler_name"] == handler_name }.map do |r|
+            r["rules"].symbolize_keys.keys
+          end
+        end
+      end
+    end
+  end
+end

data/lib/decidim/spam_signal/version.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Decidim
+  # This holds the decidim-meetings version.
+  module SpamSignal
+    def self.version
+      "0.3.1"
+    end
+
+    def self.decidim_version
+      [">= 0.26","<0.28"].freeze
+    end
+  end
+end

data/lib/decidim/spam_signal.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require_relative "spam_signal/admin"
+require_relative "spam_signal/engine"
+require_relative "spam_signal/admin_engine"
+
+require_relative "spam_signal/cop_bot"
+require_relative "spam_signal/spam_settings_form_builder"
+
+require_relative "spam_signal/validators/profile_spam_validator"
+require_relative "spam_signal/validators/comment_spam_validator"
+
+require_relative "spam_signal/extractors/extractor"
+require_relative "spam_signal/extractors/comment_extractor"
+require_relative "spam_signal/extractors/profile_extractor"
+
+require_relative "spam_signal/cops/cops_repository"
+require_relative "spam_signal/scans/scans_repository"
+
+module Decidim
+  # This namespace holds the logic of the `SpamSignal` component. This component
+  # allows users to create spam_signal in a participatory space.
+  module SpamSignal
+    class Error < StandardError; end
+    autoload :CopsRepository, "decidim/spam_signal/cops/cops_repository"
+    autoload :ScansRepository, "decidim/spam_signal/scans/scans_repository"
+
+    autoload :WordScanCommand, "decidim/spam_signal/scans/word_scan_command"
+    autoload :LockCopCommand, "decidim/spam_signal/cops/lock_cop_command"
+  end
+end

data/lib/tasks/antispam.rb

@@ -0,0 +1,23 @@
+
+now_tag = "\n[#{DateTime.now.strftime("%d/%m/%Y %H:%M")}]"
+Decidim::User.where.not(blocked_at: nil).each do |suspicious_user| 
+  admin_reporter = CopBot.get(suspicious_user.organization)
+  suspicious_comments = Decidim::Comments::Comment.where(author: suspicious_user)
+  suspicious_comments.each do |spam|
+    moderation = Decidim::Moderation.find_or_create_by!(
+      reportable: spam,
+      participatory_space: spam.participatory_space
+    )
+    is_new = moderation.report_count == 0
+    moderation.update(reported_content: spam.body[admin_reporter.locale]) if !moderation.reported_content && spam.body[admin_reporter.locale]
+    report = Decidim::Report.find_or_create_by!(
+      moderation: moderation.reload,
+      user: admin_reporter) do |report|
+        report.locale = admin_reporter.locale
+        report.reason = "spam"
+        report.details = "#{now_tag}cascade: #{spam}"
+    end
+    report.update(details: "#{report.details}#{now_tag}cascade: #{spam}")unless is_new
+    moderation.update!(report_count: moderation.report_count + 1, hidden_at: Time.current)
+
+end