From 4e96047e908fae11b0eff08466bda329dd51ca7e Mon Sep 17 00:00:00 2001
From: Stefan Zermatten <stefanzermatten@gmail.com>
Date: Tue, 26 Sep 2017 14:59:41 +0200
Subject: [PATCH] Added rate limiting to heavy subscriptions

---
 rpg-docs/.meteor/packages                       |  1 +
 rpg-docs/Model/Character/Characters.js          |  1 +
 rpg-docs/server/publications/characterList.js   |  7 +++++++
 rpg-docs/server/publications/singleCharacter.js | 16 +++++++++++-----
 4 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/rpg-docs/.meteor/packages b/rpg-docs/.meteor/packages
index 9baf9dae..0a0338e8 100644
--- a/rpg-docs/.meteor/packages
+++ b/rpg-docs/.meteor/packages
@@ -52,3 +52,4 @@ ongoworks:speakingurl
 service-configuration@1.0.11
 google-config-ui
 dynamic-import
+ddp-rate-limiter
diff --git a/rpg-docs/Model/Character/Characters.js b/rpg-docs/Model/Character/Characters.js
index 85778c30..740d7cea 100644
--- a/rpg-docs/Model/Character/Characters.js
+++ b/rpg-docs/Model/Character/Characters.js
@@ -185,6 +185,7 @@ Schemas.Character = new SimpleSchema({
 		type: String,
 		defaultValue: "whitelist",
 		allowedValues: ["whitelist", "public"],
+		index: 1,
 	},
 	"settings.swapStatAndModifier": {type: Boolean, defaultValue: false},
 	"settings.exportFeatures": {type: Boolean, defaultValue: true},
diff --git a/rpg-docs/server/publications/characterList.js b/rpg-docs/server/publications/characterList.js
index a33dd71d..cfabd4c4 100644
--- a/rpg-docs/server/publications/characterList.js
+++ b/rpg-docs/server/publications/characterList.js
@@ -25,3 +25,10 @@ Meteor.publish("characterList", function(){
 		Parties.find({owner: userId}),
 	];
 });
+
+DDPRateLimiter.addRule({
+	name: "characterList",
+	type: "subscription",
+	userId(){ return true; },
+	connectionId(){ return true; },
+}, 8, 5000);
diff --git a/rpg-docs/server/publications/singleCharacter.js b/rpg-docs/server/publications/singleCharacter.js
index 771375b6..32e6f6a6 100644
--- a/rpg-docs/server/publications/singleCharacter.js
+++ b/rpg-docs/server/publications/singleCharacter.js
@@ -35,9 +35,16 @@ Meteor.publish("singleCharacter", function(characterId){
 	}
 });
 
+DDPRateLimiter.addRule({
+	name: "singleCharacter",
+	type: "subscription",
+	userId(){ return true; },
+	connectionId(){ return true; },
+}, 8, 5000);
+
 Meteor.publish("singleCharacterName", function(characterId){
 	userId = this.userId;
-	var char = Characters.findOne({
+	return Characters.find({
 		_id: characterId,
 		$or: [
 			{readers: userId},
@@ -45,8 +52,7 @@ Meteor.publish("singleCharacterName", function(characterId){
 			{owner: userId},
 			{"settings.viewPermission": "public"},
 		],
+	}, {
+		fields:{"name": 1}
 	});
-	if (char) {
-		return Characters.find(characterId, {fields:{"name": 1}});
-	}
-});
\ No newline at end of file
+});