enh(quota) Add a config option 'duniter.user.profile.quota.maxPerHour…

…' to change the quota on user profile creation

cesium-plus-pod-core/src/main/java/org/duniter/elasticsearch/rest/security/RestQuotaController.java

@@ -90,12 +90,17 @@ public RestQuotaController quota(RestRequest.Method method, String regexPath, in
 
         if (!quotaByRequest.containsKey(regexPath)) {
             // On max exceed: log the request
-            QuotaMap.MaxExceededListener onMaxExceededListener = !trace && !logRejectedRequests ? null :
-                (address) -> {
-                    if (trace) log.info(String.format("Reject %s request [%s] from address {%s} - maxCallCount: %s, duration: '%s%s'",
+            QuotaMap.MaxExceededListener onMaxExceededListener = !trace && !logRejectedRequests
+                ? null // No listener, when log has been disabled
+                : (address) -> {
+                    if (trace) log.trace(String.format("Reject %s request [%s] from address {%s} - maxCallCount: %s, duration: '%s%s'",
                         method, regexPath, address,
                         maxCount, duration, unit.name()));
                     if (logRejectedRequests) {
+                        if (!trace) log.warn(String.format("Reject %s request [%s] from address {%s} - maxCallCount: %s, duration: '%s%s'",
+                            method, regexPath, address,
+                            maxCount, duration, unit.name()));
+
                         RequestLog request = new RequestLog();
                         request.setHost(address);
                         request.setMethod(method.name());
@@ -146,13 +151,13 @@ public boolean isAllow(RestRequest request) {
             // Check if whitelisted
             if (ipWhiteList.contains(ip)) {
                 if (trace)
-                    log.trace(String.format("Checking quota for %s request [%s]: OK (%s is whitelisted)", method, path, ip));
+                    log.trace(String.format("Checking quota for %s request [%s]: OK (address {%s} is whitelisted)", method, path, ip));
                 return true;
             }
             // Check if blacklisted
             if (ipBlackList.contains(ip)) {
                 if (trace)
-                    log.trace(String.format("Checking quota for %s request [%s]: KO (%s is blacklisted)", method, path, ip));
+                    log.trace(String.format("Checking quota for %s request [%s]: KO (address {%s} is blacklisted)", method, path, ip));
                 return false;
             }
         }
@@ -182,6 +187,7 @@ public boolean isAllow(RestRequest request) {
 
                 // If cannot increment: NOT allow
                 if (!quota.increment(ip)) {
+                    if (trace) log.trace(String.format("Reject %s request [%s] - Too many requests from address {%s}", method, path, ip));
                     return false;
                 }
 

cesium-plus-pod-user/src/main/java/org/duniter/elasticsearch/user/PluginSettings.java

@@ -23,15 +23,13 @@
  */
 
 
-import com.google.common.collect.ImmutableSet;
 import org.duniter.core.client.model.bma.EndpointApi;
 import org.duniter.core.util.StringUtils;
 import org.duniter.core.util.crypto.KeyPair;
 import org.elasticsearch.common.component.AbstractLifecycleComponent;
 import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.settings.Settings;
 
-import java.util.Collection;
 import java.util.Locale;
 import java.util.Set;
 
@@ -185,6 +183,9 @@ public int getUserMapExecuteHour() {
         return settings.getAsInt("duniter.user.map.hourOfDay", 2);
     }
 
+    public int getUserProfileQuotaPerHour() {
+        return settings.getAsInt("duniter.user.profile.quota.maxPerHour", 5);
+    }
 
     /* -- delegate methods -- */
 

cesium-plus-pod-user/src/main/java/org/duniter/elasticsearch/user/rest/user/RestUserProfileIndexAction.java

@@ -25,6 +25,7 @@
 import org.duniter.elasticsearch.rest.AbstractRestPostIndexAction;
 import org.duniter.elasticsearch.rest.security.RestQuotaController;
 import org.duniter.elasticsearch.rest.security.RestSecurityController;
+import org.duniter.elasticsearch.user.PluginSettings;
 import org.duniter.elasticsearch.user.service.UserService;
 import org.elasticsearch.client.Client;
 import org.elasticsearch.common.inject.Inject;
@@ -38,6 +39,7 @@ public class RestUserProfileIndexAction extends AbstractRestPostIndexAction {
 
     @Inject
     public RestUserProfileIndexAction(Settings settings, RestController controller, Client client,
+                                      PluginSettings pluginSettings,
                                       RestSecurityController securityController,
                                       RestQuotaController quotaController,
                                       UserService service) {
@@ -46,11 +48,12 @@ public RestUserProfileIndexAction(Settings settings, RestController controller,
                 UserService.PROFILE_TYPE,
                 service::indexProfileFromJson);
 
+        // Max of 5 profiles per hour
+        int maxProfilePerHour = pluginSettings.getUserProfileQuotaPerHour();
         quotaController.quota(RestRequest.Method.POST,
-                String.format("/%s/%s", UserService.INDEX, UserService.PROFILE_TYPE),
-                5,
-                1,
-                TimeUnit.HOURS
-                );
+            String.format("/%s/%s", UserService.INDEX, UserService.PROFILE_TYPE),
+            maxProfilePerHour,
+            1, TimeUnit.HOURS
+        );
     }
 }

cesium-plus-pod-user/src/main/java/org/duniter/elasticsearch/user/rest/user/RestUserProfileUpdateAction.java

@@ -46,6 +46,7 @@ public RestUserProfileUpdateAction(Settings settings, RestController controller,
                 UserService.PROFILE_TYPE,
                 service::updateProfileFromJson);
 
+        // Max of 5 update per minutes
         quotaController.quota(RestRequest.Method.POST,
                 String.format("/%s/%s/[^/]+/_update", UserService.INDEX, UserService.PROFILE_TYPE),
                 5,