einundzwanzig/einundzwanzig-app
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git synced 2026-01-23 23:53:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

🗓️ Add MeetupEventFactory, implement rate limiting for calendar downloads, and enhance test coverage

Browse Source 
- **Added:** `MeetupEventFactory` for generating test data.
- **Implemented:** Rate limiting (`throttle:calendar`) for `stream-calendar` routes to prevent abuse.
- **Enhanced:** `DownloadMeetupCalendar` controller with validation and cleaner query structure.
- **Added:** Feature tests for calendar downloading, invalid input handling, and rate limiting.
This commit is contained in:
HolgerHatGarKeineNode
2026-01-17 21:18:55 +01:00
parent d3acc365fd
commit da1324adda
5 changed files with 140 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
app/Http/Controllers/DownloadMeetupCalendar.php
View File

@@ -17,46 +17,50 @@ class DownloadMeetupCalendar extends Controller
public function __invoke(Request $request): Response
{
if ($request->has('meetup')) {
$validated = $request->validate([
'meetup' => ['required', 'integer'],
]);
$meetup = Meetup::query()
->with([
'meetupEvents.meetup',
])
->findOrFail($request->input('meetup'));
->with([
'meetupEvents.meetup',
])
->findOrFail($validated['meetup']);
$events = $meetup->meetupEvents()->where('start', '>=', now())->get();
$image = $meetup->getFirstMediaUrl('logo');
} elseif ($request->has('my')) {
$ids = $request->input('my');
$events = MeetupEvent::query()
->with([
'meetup',
])
->where('start', '>=', now())
->whereHas('meetup', fn($query) => $query->whereIn('meetups.id', $ids))
->get();
->with([
'meetup',
])
->where('start', '>=', now())
->whereHas('meetup', fn ($query) => $query->whereIn('meetups.id', $ids))
->get();
$image = asset('img/einundzwanzig-horizontal.png');
} else {
$events = MeetupEvent::query()
->with([
'meetup',
])
->where('start', '>=', now())
->get();
->with([
'meetup',
])
->where('start', '>=', now())
->get();
$image = asset('img/einundzwanzig-horizontal.png');
}
$entries = [];
foreach ($events as $event) {
$entries[] = Event::create($event->meetup->name)
->uniqueIdentifier(str($event->meetup->name)->slug().$event->id)
->address($event->location ?? __('no location set'))
->description(str_replace(["\r", "\n"], '', $event->description).' Link: '.$event->link)
->image($event->meetup->getFirstMedia('logo') ? $event->meetup->getFirstMediaUrl('logo') : $image)
->startsAt($event->start);
->uniqueIdentifier(str($event->meetup->name)->slug().$event->id)
->address($event->location ?? __('no location set'))
->description(str_replace(["\r", "\n"], '', $event->description).' Link: '.$event->link)
->image($event->meetup->getFirstMedia('logo') ? $event->meetup->getFirstMediaUrl('logo') : $image)
->startsAt($event->start);
}
$calendar = Calendar::create()
->refreshInterval(5)
->event($entries);
->refreshInterval(5)
->event($entries);
return response($calendar->get())
->header('Content-Type', 'text/calendar; charset=utf-8');

15
app/Providers/AppServiceProvider.php
View File

@@ -3,11 +3,14 @@
namespace App\Providers;
use App\Support\Carbon;
use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Foundation\Events\DiagnosingHealth;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Date;
use Illuminate\Support\Facades\Event;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\ServiceProvider;
use Laravel\Nightwatch\Facades\Nightwatch;
@@ -31,6 +34,8 @@ class AppServiceProvider extends ServiceProvider
*/
public function boot(): void
{
$this->configureRateLimiting();
Livewire::setUpdateRoute(function ($handle) {
return Route::post('/livewire/update', $handle)
->middleware(['web', Sample::rate(0)]);
@@ -46,4 +51,14 @@ class AppServiceProvider extends ServiceProvider
Model::preventLazyLoading(app()->environment('local'));
}
/**
* Configure the rate limiters for the application.
*/
protected function configureRateLimiting(): void
{
RateLimiter::for('calendar', function (Request $request) {
return Limit::perMinute(60)->by($request->ip());
});
}
}

30
database/factories/MeetupEventFactory.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\MeetupEvent>
*/
class MeetupEventFactory extends Factory
{
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'meetup_id' => \App\Models\Meetup::factory(),
'start' => now()->addWeek(),
'location' => fake()->address(),
'description' => fake()->paragraph(),
'link' => fake()->url(),
'attendees' => [],
'might_attendees' => [],
'created_by' => \App\Models\User::factory(),
];
}
}

6
routes/web.php
View File

@@ -56,7 +56,8 @@ Route::livewire('/welcome', 'welcome')->name('welcome');
// Stream calendar route to download meetup calendar as ICS file
Route::get('stream-calendar', \App\Http\Controllers\DownloadMeetupCalendar::class)
->name('ics');
->name('ics')
->middleware('throttle:calendar');
// Dashboard redirect route for authenticated users, redirects to German dashboard
Route::middleware(['auth'])
@@ -78,7 +79,8 @@ Route::middleware([])
/* OLD URLS - redirects for legacy URLs */
// Redirect old meetup calendar route to new one
Route::get('meetup/stream-calendar', \App\Http\Controllers\DownloadMeetupCalendar::class)
->name('ics');
->name('ics')
->middleware('throttle:calendar');
// Redirect old meetup overview URL to new meetups page
Route::get('/meetup/overview', function ($country) {
return redirect("/{$country}/meetups");

65
tests/Feature/DownloadMeetupCalendarTest.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
use App\Models\Country;
use App\Models\Meetup;
use App\Models\MeetupEvent;
use function Pest\Laravel\get;
it('redirects when meetup parameter contains invalid characters', function () {
$response = get('/stream-calendar?meetup=49)');
$response->assertRedirect();
});
it('redirects when meetup parameter is not an integer', function () {
$response = get('/stream-calendar?meetup=abc');
$response->assertRedirect();
});
it('returns 404 when meetup ID does not exist', function () {
$response = get('/stream-calendar?meetup=999999');
$response->assertStatus(404);
});
it('returns calendar for valid meetup ID', function () {
$country = Country::factory()->create();
$city = \App\Models\City::factory()->create([
'country_id' => $country->id,
]);
$meetup = Meetup::factory()->create([
'city_id' => $city->id,
]);
MeetupEvent::factory()->create([
'meetup_id' => $meetup->id,
'start' => now()->addDay(),
]);
$response = get("/stream-calendar?meetup={$meetup->id}");
$response->assertStatus(200);
$response->assertHeader('Content-Type', 'text/calendar; charset=utf-8');
});
it('returns 429 when rate limit is exceeded', function () {
$country = Country::factory()->create();
$city = \App\Models\City::factory()->create([
'country_id' => $country->id,
]);
$meetup = Meetup::factory()->create([
'city_id' => $city->id,
]);
MeetupEvent::factory()->create([
'meetup_id' => $meetup->id,
'start' => now()->addDay(),
]);
// Make 61 requests to exceed the 60 per minute limit
for ($i = 0; $i < 61; $i++) {
$response = get("/stream-calendar?meetup={$meetup->id}");
}
// The last request should be rate limited
$response->assertStatus(429);
});