fix(reminder): disallow reminder in the past (#51)

* fix(reminder): disallow reminder in the past Signed-off-by: Reinaldy Rafli <aldy505@proton.me> * fix(reminder): sanitize object input --------- Signed-off-by: Reinaldy Rafli <aldy505@proton.me>
teknologi-umum · Dec 26, 2023 · 37fcba2 · 37fcba2
1 parent c603e00
commit 37fcba2
Show file tree

Hide file tree

Showing 5 changed files with 33 additions and 28 deletions.
diff --git a/cmd/captcha/main.go b/cmd/captcha/main.go
@@ -63,12 +63,18 @@ func main() {
 
 	// Setup Sentry for error handling.
 	err = sentry.Init(sentry.ClientOptions{
-		Dsn:                configuration.SentryDSN,
-		Debug:              configuration.Environment == "development",
-		Environment:        configuration.Environment,
-		SampleRate:         1.0,
-		EnableTracing:      true,
-		TracesSampleRate:   0.2,
+		Dsn:           configuration.SentryDSN,
+		Debug:         configuration.Environment == "development",
+		Environment:   configuration.Environment,
+		SampleRate:    1.0,
+		EnableTracing: true,
+		TracesSampler: func(ctx sentry.SamplingContext) float64 {
+			if ctx.Span.Name == "GET /" {
+				return 0
+			}
+
+			return 0.2
+		},
 		ProfilesSampleRate: 0.05,
 		Release:            version,
 	})

diff --git a/reminder/handler.go b/reminder/handler.go
@@ -14,7 +14,7 @@ import (
 )
 
 func (d *Dependency) Handler(ctx context.Context, c tb.Context) error {
-	input := strings.TrimPrefix(c.Text(), "/remind")
+	input := strings.TrimPrefix(strings.TrimPrefix(c.Text(), "/remind@TeknumCaptchaBot"), "/remind")
 	if input == "" {
 		err := c.Reply(
 			"To use /remind properly, you should add with the remaining text including the normal human grammatical that I can understand.\n\n"+
@@ -64,23 +64,22 @@ func (d *Dependency) Handler(ctx context.Context, c tb.Context) error {
 		Category: "reminder.handler",
 		Message:  "A reminder input just came in",
 		Data: map[string]interface{}{
-			"Reminder Text": input,
+			"Reminder Text":    input,
+			"Chat ID":          c.Chat().ID,
+			"Chat Username":    c.Chat().Username,
+			"Chat Full Name":   c.Chat().FirstName + " " + c.Chat().LastName,
+			"Chat Title":       c.Chat().Title,
+			"Message ID":       c.Message().ID,
+			"Sender ID":        c.Sender().ID,
+			"Sender Username":  c.Sender().Username,
+			"Sender Full Name": c.Sender().FirstName + " " + c.Sender().LastName,
+			"From Group":       c.Message().FromGroup(),
+			"From Channel":     c.Message().FromChannel(),
+			"Is Forwarded":     c.Message().IsForwarded(),
 		},
 		Level:     "debug",
 		Timestamp: time.Now(),
-	}, &sentry.BreadcrumbHint{
-		"Chat ID":          c.Chat().ID,
-		"Chat Username":    c.Chat().Username,
-		"Chat Full Name":   c.Chat().FirstName + " " + c.Chat().LastName,
-		"Chat Title":       c.Chat().Title,
-		"Message ID":       c.Message().ID,
-		"Sender ID":        c.Sender().ID,
-		"Sender Username":  c.Sender().Username,
-		"Sender Full Name": c.Sender().FirstName + " " + c.Sender().LastName,
-		"From Group":       c.Message().FromGroup(),
-		"From Channel":     c.Message().FromChannel(),
-		"Is Forwarded":     c.Message().IsForwarded(),
-	})
+	}, &sentry.BreadcrumbHint{})
 
 	// Parse text
 	reminder, err := ParseText(ctx, input)
@@ -108,7 +107,7 @@ func (d *Dependency) Handler(ctx context.Context, c tb.Context) error {
 		return nil
 	}
 
-	if reminder.Time.IsZero() || len(reminder.Subject) == 0 || reminder.Object == "" {
+	if reminder.Time.IsZero() || len(reminder.Subject) == 0 || reminder.Object == "" || reminder.Time.Unix() < time.Now().Unix() {
 		err := c.Reply(
 			"Sorry, I'm unable to parse the reminder text that you just sent. Send /remind and see the guide for this command.",
 			&tb.SendOptions{ParseMode: tb.ModeHTML, AllowWithoutReply: true},
@@ -136,7 +135,7 @@ func (d *Dependency) Handler(ctx context.Context, c tb.Context) error {
 		template := fmt.Sprintf(
 			"Hi %s! I'm reminding you to %s. Have a great day!",
 			strings.Join(reminder.Subject, ", "),
-			reminder.Object,
+			utils.SanitizeInput(reminder.Object),
 		)
 		_, err := c.Bot().Send(c.Chat(), template, &tb.SendOptions{ParseMode: tb.ModeHTML, AllowWithoutReply: true})
 		if err != nil {

diff --git a/underattack/are_we.go b/underattack/are_we.go
@@ -14,7 +14,7 @@ import (
 
 // AreWe ...on under attack mode?
 func (d *Dependency) AreWe(ctx context.Context, chatID int64) (bool, error) {
-	span := sentry.StartSpan(ctx, "UnderAttack.are_we", sentry.WithTransactionName("Are we under attack?"))
+	span := sentry.StartSpan(ctx, "underattack.are_we", sentry.WithTransactionName("Are we under attack?"))
 	defer span.Finish()
 	ctx = span.Context()
 

diff --git a/underattack/handler.go b/underattack/handler.go
@@ -203,7 +203,7 @@ func (d *Dependency) EnableUnderAttackModeHandler(ctx context.Context, c tb.Cont
 
 	sentry.GetHubFromContext(ctx).AddBreadcrumb(&sentry.Breadcrumb{
 		Type:     "debug",
-		Category: "UnderAttack.state",
+		Category: "underattack.state",
 		Message:  "Under attack mode is enabled",
 		Data: map[string]interface{}{
 			"user": c.Sender(),
@@ -219,7 +219,7 @@ func (d *Dependency) EnableUnderAttackModeHandler(ctx context.Context, c tb.Cont
 
 		sentry.GetHubFromContext(ctx).AddBreadcrumb(&sentry.Breadcrumb{
 			Type:     "debug",
-			Category: "UnderAttack.state",
+			Category: "underattack.state",
 			Message:  "Under attack mode ends",
 			Data: map[string]interface{}{
 				"user": c.Sender(),
@@ -319,7 +319,7 @@ func (d *Dependency) DisableUnderAttackModeHandler(ctx context.Context, c tb.Con
 
 	sentry.GetHubFromContext(ctx).AddBreadcrumb(&sentry.Breadcrumb{
 		Type:     "debug",
-		Category: "UnderAttack.state",
+		Category: "underattack.state",
 		Message:  "Under attack mode is disabled",
 		Data: map[string]interface{}{
 			"user": c.Sender(),

diff --git a/underattack/kicker.go b/underattack/kicker.go
@@ -13,7 +13,7 @@ import (
 )
 
 func (d *Dependency) Kicker(ctx context.Context, c tb.Context) error {
-	span := sentry.StartSpan(ctx, "UnderAttack.kicker")
+	span := sentry.StartSpan(ctx, "underattack.kicker")
 	defer span.Finish()
 
 	for {