summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorMichael Kozono <mkozono@gmail.com>2017-10-12 17:49:22 -0700
committerFrancisco Lopez <fjlopez@gitlab.com>2017-11-17 09:58:18 +0100
commitd87030714a654b0dfa47aa6b38eb970731e7a04e (patch)
treec6657d86eebd10aea3372826e42712394c339735 /config
parent143369e45b5c32c21d9abd315662eca186d95ab6 (diff)
downloadgitlab-ce-d87030714a654b0dfa47aa6b38eb970731e7a04e.tar.gz
Allow throttling code in test environment
This code should not break other tests because the rate limits are off by default.
Diffstat (limited to 'config')
-rw-r--r--config/initializers/rack_attack_global.rb32
1 files changed, 14 insertions, 18 deletions
diff --git a/config/initializers/rack_attack_global.rb b/config/initializers/rack_attack_global.rb
index 0b51fadbd02..3073ba06ac1 100644
--- a/config/initializers/rack_attack_global.rb
+++ b/config/initializers/rack_attack_global.rb
@@ -21,27 +21,23 @@ class Rack::Attack
{ limit: limit_proc, period: period_proc }
end
- def self.define_throttles
- throttle('throttle_unauthenticated', throttle_unauthenticated_options) do |req|
- settings.throttle_unauthenticated_enabled &&
- req.unauthenticated? &&
- req.ip
- end
-
- throttle('throttle_authenticated_api', throttle_authenticated_api_options) do |req|
- settings.throttle_authenticated_api_enabled &&
- req.api_request? &&
- req.authenticated_user_id
- end
+ throttle('throttle_unauthenticated', throttle_unauthenticated_options) do |req|
+ settings.throttle_unauthenticated_enabled &&
+ req.unauthenticated? &&
+ req.ip
+ end
- throttle('throttle_authenticated_web', throttle_authenticated_web_options) do |req|
- settings.throttle_authenticated_web_enabled &&
- req.web_request? &&
- req.authenticated_user_id
- end
+ throttle('throttle_authenticated_api', throttle_authenticated_api_options) do |req|
+ settings.throttle_authenticated_api_enabled &&
+ req.api_request? &&
+ req.authenticated_user_id
end
- define_throttles unless Rails.env.test?
+ throttle('throttle_authenticated_web', throttle_authenticated_web_options) do |req|
+ settings.throttle_authenticated_web_enabled &&
+ req.web_request? &&
+ req.authenticated_user_id
+ end
class Request
def unauthenticated?