From e1e54d9e26c99cd29daf071e6274a3c35b06df9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C3=ABl=20Gangloff?= <contact@maelgangloff.fr>
Date: Sun, 18 Aug 2024 18:25:11 +0200
Subject: [PATCH] feat: limit the maximum number of webhooks per Watchlist

---
 .env                                   |  1 +
 config/services.yaml                   |  1 +
 src/Controller/WatchListController.php | 16 +++++++++++++++-
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/.env b/.env
index cc68264..05ef05e 100644
--- a/.env
+++ b/.env
@@ -70,3 +70,4 @@ OAUTH_SCOPE=
 LIMITED_FEATURES=false
 LIMIT_MAX_WATCHLIST=0
 LIMIT_MAX_WATCHLIST_DOMAINS=0
+LIMIT_MAX_WATCHLIST_WEBHOOKS=0
diff --git a/config/services.yaml b/config/services.yaml
index bc8ea08..422f837 100644
--- a/config/services.yaml
+++ b/config/services.yaml
@@ -12,6 +12,7 @@ parameters:
     limited_features: '%env(bool:LIMITED_FEATURES)%'
     limit_max_watchlist: '%env(int:LIMIT_MAX_WATCHLIST)%'
     limit_max_watchlist_domains: '%env(int:LIMIT_MAX_WATCHLIST_DOMAINS)%'
+    limit_max_watchlist_webhooks: '%env(int:LIMIT_MAX_WATCHLIST_DOMAINS)%'
 
 services:
     # default configuration for services in *this* file
diff --git a/src/Controller/WatchListController.php b/src/Controller/WatchListController.php
index b8e076f..cfc9e0a 100644
--- a/src/Controller/WatchListController.php
+++ b/src/Controller/WatchListController.php
@@ -102,7 +102,7 @@ class WatchListController extends AbstractController
          */
         if ($this->getParameter('limited_features')) {
             if ($watchList->getDomains()->count() > (int) $this->getParameter('limit_max_watchlist_domains')) {
-                $this->logger->notice('User {username} tried to create a Watchlist. The maximum number of domains has been reached for this Watchlist', [
+                $this->logger->notice('User {username} tried to create a Watchlist. The maximum number of domains has been reached.', [
                     'username' => $user->getUserIdentifier(),
                 ]);
                 throw new AccessDeniedHttpException('You have exceeded the maximum number of domain names allowed in this Watchlist');
@@ -132,6 +132,13 @@ class WatchListController extends AbstractController
                     throw new AccessDeniedHttpException("It is forbidden to register the same domain name twice in your watchlists with limited mode ($ldhName)");
                 }
             }
+
+            if (null !== $watchList->getWebhookDsn() && count($watchList->getWebhookDsn()) > (int) $this->getParameter('limit_max_watchlist_webhooks')) {
+                $this->logger->notice('User {username} tried to create a Watchlist. The maximum number of webhooks has been reached.', [
+                    'username' => $user->getUserIdentifier(),
+                ]);
+                throw new AccessDeniedHttpException('You have exceeded the maximum number of webhooks allowed in this Watchlist');
+            }
         }
 
         $user = $this->getUser();
@@ -211,6 +218,13 @@ class WatchListController extends AbstractController
                     throw new AccessDeniedHttpException("It is forbidden to register the same domain name twice in your watchlists with limited mode ($ldhName)");
                 }
             }
+
+            if (null !== $watchList->getWebhookDsn() && count($watchList->getWebhookDsn()) > (int) $this->getParameter('limit_max_watchlist_webhooks')) {
+                $this->logger->notice('User {username} tried to update a Watchlist. The maximum number of webhooks has been reached.', [
+                    'username' => $user->getUserIdentifier(),
+                ]);
+                throw new AccessDeniedHttpException('You have exceeded the maximum number of webhooks allowed in this Watchlist');
+            }
         }
 
         $this->logger->info('User {username} updates a Watchlist ({token}).', [