diff options
| author | Mayra Cabrera <mcabrera@gitlab.com> | 2019-07-24 19:49:31 +0000 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2019-07-24 19:49:31 +0000 |
| commit | 3cefc5d7df09dbc21cd9c892bc6c62b5b583ca6a (patch) | |
| tree | 2e996ca71e4e16c74f1be94d1f7143ac3e49dad6 /db | |
| parent | b70dbabb6373e7624e3bcb7a6d78049621db891c (diff) | |
| download | gitlab-ce-3cefc5d7df09dbc21cd9c892bc6c62b5b583ca6a.tar.gz | |
Add RateLimiter to RawController
* Limits raw requests to 300 per minute and per raw path.
* Add a new attribute to ApplicationSettings so user can change this
value on their instance.
* Uses Gitlab::ActionRateLimiter to limit the raw requests.
* Add a new method into ActionRateLimiter to log the event into auth.log
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/48717
Diffstat (limited to 'db')
| -rw-r--r-- | db/migrate/20190715142138_add_raw_blob_request_limit_to_application_settings.rb | 9 | ||||
| -rw-r--r-- | db/schema.rb | 3 |
2 files changed, 11 insertions, 1 deletions
diff --git a/db/migrate/20190715142138_add_raw_blob_request_limit_to_application_settings.rb b/db/migrate/20190715142138_add_raw_blob_request_limit_to_application_settings.rb new file mode 100644 index 00000000000..e8198e11ea7 --- /dev/null +++ b/db/migrate/20190715142138_add_raw_blob_request_limit_to_application_settings.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +class AddRawBlobRequestLimitToApplicationSettings < ActiveRecord::Migration[5.2] + DOWNTIME = false + + def change + add_column :application_settings, :raw_blob_request_limit, :integer, default: 300, null: false + end +end diff --git a/db/schema.rb b/db/schema.rb index 7a25d6cf769..430fdd8f708 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2019_07_15_114644) do +ActiveRecord::Schema.define(version: 2019_07_15_142138) do # These are extensions that must be enabled in order to support this database enable_extension "pg_trgm" @@ -229,6 +229,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do t.boolean "time_tracking_limit_to_hours", default: false, null: false t.string "grafana_url", default: "/-/grafana", null: false t.string "outbound_local_requests_whitelist", limit: 255, array: true + t.integer "raw_blob_request_limit", default: 300, null: false t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id" t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id" t.index ["usage_stats_set_by_user_id"], name: "index_application_settings_on_usage_stats_set_by_user_id" |