FEATURE: don't limit registration from an IP address if a staff member has that IP address

config/locales/server.en.yml

@@ -941,7 +941,7 @@ en:
     staff_like_weight: "How much extra weighting factor to give staff likes."
 
     levenshtein_distance_spammer_emails: "When matching spammer emails, number of characters difference that will still allow a fuzzy match."
-    max_new_accounts_per_registration_ip: "If there are already (n) trust level 0 accounts from this IP (and none at TL2 or higher), stop accepting new signups from that IP."
+    max_new_accounts_per_registration_ip: "If there are already (n) trust level 0 accounts from this IP (and none is a staff member or at TL2 or higher), stop accepting new signups from that IP."
 
     reply_by_email_enabled: "Enable replying to topics via email."
     reply_by_email_address: "Template for reply by email incoming email address, for example: %{reply_key}@reply.example.com or replies+%{reply_key}@example.com"

lib/spam_handler.rb

@@ -9,6 +9,13 @@ class SpamHandler
 
     return false if tl2_plus_accounts_with_same_ip > 0
 
+    staff_user_ids = Group[:staff].user_ids - [-1]
+    staff_members_with_same_ip = User.where(id: staff_user_ids)
+                                     .where("ip_address = ?", ip_address.to_s)
+                                     .count
+
+    return false if staff_members_with_same_ip > 0
+
     tl0_accounts_with_same_ip = User.unscoped
                                     .where(trust_level: TrustLevel[0])
                                     .where("ip_address = ?", ip_address.to_s)

spec/components/spam_handler_spec.rb

@@ -22,13 +22,26 @@ describe SpamHandler do
       -> { Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0]) }.should raise_error(ActiveRecord::RecordInvalid)
     end
 
-    it "only limit new registrations from an IP if *all* the users from that IP are TL1 or TL0" do
+    it "doesn't limit registrations since there is a TL2+ user with that IP" do
       # setup
       SiteSetting.stubs(:max_new_accounts_per_registration_ip).returns(0)
       Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0])
       Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[2])
 
-      # should not limit registrations since there is a TL2 user with that IP
+      # should not limit registration
+      SiteSetting.stubs(:max_new_accounts_per_registration_ip).returns(1)
+      Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0])
+    end
+
+    it "doesn't limit registrations since there is a staff member with that IP" do
+      # setup
+      SiteSetting.stubs(:max_new_accounts_per_registration_ip).returns(0)
+      Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0])
+      Fabricate(:moderator, ip_address: "42.42.42.42", trust_level: TrustLevel[0])
+
+      Group.refresh_automatic_groups!(:staff)
+
+      # should not limit registration
       SiteSetting.stubs(:max_new_accounts_per_registration_ip).returns(1)
       Fabricate(:user, ip_address: "42.42.42.42", trust_level: TrustLevel[0])
     end