From 9665f240eb2dd248f38a6748074466f98c430802 Mon Sep 17 00:00:00 2001
From: Ryan Kelly <rkelly@mozilla.com>
Date: Fri, 10 Oct 2014 16:40:37 +1100
Subject: [PATCH] Block all actions for emails that are explicitly banned

---
 email_record.js                  |  9 ++++++---
 test/local/email_record_tests.js | 13 +++++++++++++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/email_record.js b/email_record.js
index 50f4c9d..a01d3c7 100644
--- a/email_record.js
+++ b/email_record.js
@@ -81,8 +81,11 @@ module.exports = function (RATE_LIMIT_INTERVAL_MS, BLOCK_INTERVAL_MS, MAX_EMAILS
 
   EmailRecord.prototype.isBlocked = function () {
     var rateLimited = !!(this.rl && (now() - this.rl < RATE_LIMIT_INTERVAL_MS))
-    var banned = !!(this.bk && (now() - this.bk < BLOCK_INTERVAL_MS))
-    return rateLimited || banned
+    return rateLimited || this.isBanned()
+  }
+
+  EmailRecord.prototype.isBanned = function () {
+    return !!(this.bk && (now() - this.bk < BLOCK_INTERVAL_MS))
   }
 
   EmailRecord.prototype.block = function () {
@@ -105,7 +108,7 @@ module.exports = function (RATE_LIMIT_INTERVAL_MS, BLOCK_INTERVAL_MS, MAX_EMAILS
   }
 
   EmailRecord.prototype.update = function (action) {
-    if (EMAIL_ACTIONS.indexOf(action) === -1) {
+    if (!this.isBanned() && EMAIL_ACTIONS.indexOf(action) === -1) {
       return 0
     }
 
diff --git a/test/local/email_record_tests.js b/test/local/email_record_tests.js
index 3b5c936..8a91ebc 100644
--- a/test/local/email_record_tests.js
+++ b/test/local/email_record_tests.js
@@ -208,6 +208,19 @@ test(
     t.equal(er.update('accountCreate'), 0, 'email action above the email limit')
     t.equal(er.isBlocked(), true, 'account is now blocked')
     t.equal(er.update('accountCreate'), 0, 'email action in a blocked account')
+
+    er.rl = 2000
+    t.equal(er.isBlocked(), true, 'account is blocked')
+    t.equal(er.isBanned(), false, 'account is not outright banned')
+    t.equal(er.update('accountCreate'), 1, 'email action is blocked')
+    t.equal(er.update('accountLogin'), 0, 'non-email action is not blocked')
+    er.rl = 0
+    er.bk = 2000
+    t.equal(er.isBlocked(), true, 'account is blocked')
+    t.equal(er.isBanned(), true, 'account is outright banned')
+    t.equal(er.update('accountCreate'), 1, 'email action is blocked')
+    t.equal(er.update('accountLogin'), 1, 'non-email action is blocked')
+
     t.end()
   }
 )