Rate limit mail message.

2026-04-29 02:53:05 +00:00 · 2026-03-13 04:12:32 +01:00
parent 45d623e0c1
commit 190050d6cf
3 changed files with 90 additions and 1 deletions
--- a/app/Console/Commands/SendTestEmail.php
+++ b/app/Console/Commands/SendTestEmail.php
@@ -0,0 +1,80 @@
+<?php
+
+
+/*
+ * SendTestEmail.php
+ * Copyright (c) 2026 james@firefly-iii.org
+ *
+ * This file is part of Firefly III (https://github.com/firefly-iii).
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+declare(strict_types=1);
+
+namespace FireflyIII\Console\Commands;
+
+use FireflyIII\Events\Test\OwnerTestsNotificationChannel;
+use FireflyIII\Notifications\Notifiables\OwnerNotifiable;
+use FireflyIII\Support\Facades\FireflyConfig;
+use Illuminate\Console\Command;
+
+class SendTestEmail extends Command
+{
+    use ShowsFriendlyMessages;
+    use VerifiesAccessToken;
+
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'firefly-iii:send-test-email
+                            {--user=1 : The user ID.}
+                            {--token= : The user\'s access token.}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Send test email';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle(): int
+    {
+        $user = $this->getUser();
+        if (!$user->hasRole('owner')) {
+            $this->friendlyError((string)trans('firefly.must_be_owner'));
+
+            return Command::FAILURE;
+        }
+
+        /** @var int $lastNotification */
+        $lastNotification = FireflyConfig::get('last_test_notification', 123)->data;
+        if (time() - $lastNotification < 120) {
+            $this->friendlyError((string)trans('firefly.test_rate_limited'));
+
+            return Command::FAILURE;
+        }
+
+
+        $owner = new OwnerNotifiable();
+        event(new OwnerTestsNotificationChannel('email', $owner));
+        FireflyConfig::set('last_test_notification',time());
+        return Command::SUCCESS;
+    }
+}
--- a/app/Http/Controllers/Admin/NotificationController.php
+++ b/app/Http/Controllers/Admin/NotificationController.php
@@ -123,6 +123,13 @@ final class NotificationController extends Controller

            return redirect(route('settings.notification.index'));
        }
+        /** @var int $lastNotification */
+        $lastNotification = FireflyConfig::get('last_test_notification', 123)->data;
+        if (time() - $lastNotification < 120) {
+            session()->flash('error', (string) trans('firefly.test_rate_limited'));
+
+            return redirect(route('settings.notification.index'));
+        }

        $all     = $request->all();
        $channel = $all['test_submit'] ?? '';
@@ -142,7 +149,7 @@ final class NotificationController extends Controller
                event(new OwnerTestsNotificationChannel($channel, $owner));
                session()->flash('success', (string) trans('firefly.notification_test_executed', ['channel' => $channel]));
        }
-
+        FireflyConfig::set('last_test_notification',time());
        return redirect(route('settings.notification.index'));
    }
 }
--- a/resources/lang/en_US/firefly.php
+++ b/resources/lang/en_US/firefly.php
@@ -197,6 +197,7 @@ return [
    'journals_in_period_for_category'                     => 'All transactions for category :name between :start and :end',
    'journals_in_period_for_tag'                          => 'All transactions for tag :tag between :start and :end',
    'not_available_demo_user'                             => 'The feature you try to access is not available to demo users.',
+    'test_rate_limited' => 'Please wait a moment before trying again',
    'exchange_rate_instructions'                          => 'Asset account "@name" only accepts transactions in @primary_currency. If you wish to use @foreign_currency instead, make sure that the amount in @primary_currency is known as well:',
    'transfer_exchange_rate_instructions'                 => 'Source asset account "@source_name" only accepts transactions in @source_currency. Destination asset account "@dest_name" only accepts transactions in @dest_currency. You must provide the transferred amount correctly in both currencies.',
    'transaction_data'                                    => 'Transaction data',
@@ -1526,6 +1527,7 @@ return [
    'administration_role_mng_currencies'                  => 'Manage currencies',
    'administration_role_view_reports'                    => 'View reports',
    'administration_role_full'                            => 'Full access',
+    'must_be_owner' => 'You must be system owner to do this',

    // mfa
    'enable_mfa'                                          => 'Enable multi-factor authentication',