Avoid race conditions when creating backups (#10234)

Under load, multiple backups for a single user could be planned, which
is very expensive.

diff --git a/app/controllers/settings/exports_controller.rb b/app/controllers/settings/exports_controller.rb
index 0135f21890dd0e81bd0bbd9290b669603e1388f1..3012fbf775600ad3a9dfb6149fab2e2eaf11ff04 100644 (file)
--- a/app/controllers/settings/exports_controller.rb
+++ b/app/controllers/settings/exports_controller.rb
@@ -13,11 +13,25 @@ class Settings::ExportsController < Settings::BaseController
   end
 
   def create
-    authorize :backup, :create?
+    raise Mastodon::NotPermittedError unless user_signed_in?
+
+    backup = nil
+
+    RedisLock.acquire(lock_options) do |lock|
+      if lock.acquired?
+        authorize :backup, :create?
+        backup = current_user.backups.create!
+      else
+        raise Mastodon::RaceConditionError
+      end
+    end
 
-    backup = current_user.backups.create!
     BackupWorker.perform_async(backup.id)
 
     redirect_to settings_export_path
   end
+
+  def lock_options
+    { redis: Redis.current, key: "backup:#{current_user.id}" }
+  end
 end