diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-09 21:09:19 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-09 21:09:19 +0000 |
commit | b5944525b015e4efb4cd2c1d09ec37566d7691a0 (patch) | |
tree | 23134355a45b69298483e6c08b65ef6b23b8bd26 /app/graphql/mutations/notes/create/base.rb | |
parent | 16cfd85bcf0046ae97d7ea84dae7eea3eafafe99 (diff) | |
download | gitlab-ce-b5944525b015e4efb4cd2c1d09ec37566d7691a0.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/graphql/mutations/notes/create/base.rb')
-rw-r--r-- | app/graphql/mutations/notes/create/base.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/app/graphql/mutations/notes/create/base.rb b/app/graphql/mutations/notes/create/base.rb index 2351af01813..ad90e6598c1 100644 --- a/app/graphql/mutations/notes/create/base.rb +++ b/app/graphql/mutations/notes/create/base.rb @@ -25,6 +25,7 @@ module Mutations def resolve(args) noteable = authorized_find!(id: args[:noteable_id]) + verify_rate_limit!(current_user) note = ::Notes::CreateService.new( noteable.project, @@ -54,6 +55,14 @@ module Mutations confidential: args[:confidential] } end + + def verify_rate_limit!(current_user) + rate_limiter, key = ::Gitlab::ApplicationRateLimiter, :notes_create + return unless rate_limiter.throttled?(key, scope: [current_user]) + + raise Gitlab::Graphql::Errors::ResourceNotAvailable, + 'This endpoint has been requested too many times. Try again later.' + end end end end |