further cleanups to filtering code

Gemfile

@@ -80,5 +80,6 @@ group :test do
 
   platform :mri, :rbx do
     gem 'simplecov',        require: nil
+    gem 'm'
   end
 end

Gemfile.lock

@@ -96,6 +96,9 @@ GEM
     kgio (2.9.2)
     launchy (2.4.2)
       addressable (~> 2.3)
+    m (1.3.4)
+      method_source (>= 0.6.7)
+      rake (>= 0.9.2.2)
     magic (0.2.6)
       ffi (>= 0.6.3)
     mail (2.5.4)
@@ -274,6 +277,7 @@ DEPENDENCIES
   jdbc-postgres
   jruby-openssl
   json
+  m
   magic
   mail
   minitest

app/create.rb

@@ -54,7 +54,15 @@ end
 
 post '/create' do
   content_type :json
-  require_unbanned_ip
+
+  if banned?(true)
+    signout
+    session[:banned] = true if !session[:banned]
+
+    flash[:error] = 'There was an error, please <a href="/contact">contact support</a> to log in.'
+    redirect '/'
+  end
+
   dashboard_if_signed_in
 
   @site = Site.new(

app_helpers.rb

@@ -14,7 +14,7 @@ end
 
 def require_login_ajax
   halt 'You are not logged in!' unless signed_in?
-  halt 'You are banned.' if current_site.is_banned? || parent_site.is_banned?
+  halt 'Please contact support.' if banned?
 end
 
 def csrf_safe?
@@ -31,11 +31,7 @@ end
 
 def require_login
   redirect '/' unless signed_in?
-  if session[:banned] || current_site.is_banned || parent_site.is_banned
+  enforce_ban if banned?
-    signout
-    session[:banned] = true
-    redirect '/'
-  end
 end
 
 def signed_in?
@@ -52,15 +48,18 @@ def parent_site
   current_site.parent? ? current_site : current_site.parent
 end
 
-def require_unbanned_ip
+def banned?(ip_check=false)
-  if session[:banned] || (is_banned_ip = Site.banned_ip?(request.ip))
+  return true if session[:banned]
-    signout
+  return true if current_site && (current_site.is_banned || parent_site.is_banned)
-    session[:banned] = request.ip if !session[:banned]
 
-    flash[:error] = 'Site creation has been banned due to a Terms of Service violation from your location. '+
+  return true if ip_check && Site.banned_ip?(request.ip)
-    'If you believe this to be in error, <a href="/contact">contact the site admin</a>.'
+  false
-    return {result: 'error'}.to_json
+end
-  end
+
+def enforce_ban
+  signout
+  session[:banned] = true
+  redirect '/'
 end
 
 def title

models/site.rb

@@ -294,6 +294,7 @@ class Site < Sequel::Model
     end
 
     def banned_ip?(ip)
+      return false if ENV['RACK_ENV'] == 'production' && ip == '127.0.0.1'
       return true if Site.where(is_banned: true).
         where(ip: hash_ip(ip)).
         where(['updated_at > ?', Time.now-BANNED_TIME]).

tests/acceptance/signup_tests.rb

@@ -35,12 +35,14 @@ describe 'signup' do
 
   after do
     Capybara.default_driver = :rack_test
+    BlockedIp.where(ip: '127.0.0.1').delete
+    DB[:sites].where(is_banned: true).delete
   end
 
   it 'succeeds with valid data' do
     fill_in_valid
     click_signup_button
-    site_created?.must_equal true
+    site_created?
 
     index_file_path = File.join Site::SITE_FILES_ROOT, @site[:username], 'index.html'
     File.exist?(index_file_path).must_equal true
@@ -54,6 +56,27 @@ describe 'signup' do
     site.ip.must_equal Site.hash_ip('127.0.0.1')
   end
 
+  it 'fails if site with same ip has been banned' do
+    @banned_site = Fabricate :site
+    @banned_site.is_banned = true
+    @banned_site.save_changes
+
+    fill_in_valid
+    click_signup_button
+    Site[username: @site[:username]].must_be_nil
+    current_path.must_equal '/'
+    page.wont_have_content 'Welcome to Neocities'
+  end
+
+  it 'fails if IP is banned from blocked ips list' do
+    DB[:blocked_ips].insert(ip: '127.0.0.1', created_at: Time.now)
+    fill_in_valid
+    click_signup_button
+    Site[username: @site[:username]].must_be_nil
+    current_path.must_equal '/'
+    page.wont_have_content 'Welcome to Neocities'
+  end
+
   it 'fails to create for existing site' do
     @existing_site = Fabricate :site
     fill_in_valid