diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-18 08:17:02 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-18 08:17:02 +0000 |
commit | b39512ed755239198a9c294b6a45e65c05900235 (patch) | |
tree | d234a3efade1de67c46b9e5a38ce813627726aa7 /lib/api/internal/base.rb | |
parent | d31474cf3b17ece37939d20082b07f6657cc79a9 (diff) | |
download | gitlab-ce-b39512ed755239198a9c294b6a45e65c05900235.tar.gz |
Add latest changes from gitlab-org/gitlab@15-3-stable-eev15.3.0-rc42
Diffstat (limited to 'lib/api/internal/base.rb')
-rw-r--r-- | lib/api/internal/base.rb | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/api/internal/base.rb b/lib/api/internal/base.rb index b53f855c3a2..6f475fa8d74 100644 --- a/lib/api/internal/base.rb +++ b/lib/api/internal/base.rb @@ -39,6 +39,7 @@ module API container.lfs_http_url_to_repo end + # rubocop: disable Metrics/AbcSize def check_allowed(params) # This is a separate method so that EE can alter its behaviour more # easily. @@ -47,6 +48,14 @@ module API check_rate_limit!(:gitlab_shell_operation, scope: [params[:action], params[:project], actor.key_or_user]) end + if Feature.enabled?(:rate_limit_gitlab_shell_by_ip, actor.user) + rate_limiter = Gitlab::Auth::IpRateLimiter.new(request.ip) + + unless rate_limiter.trusted_ip? + check_rate_limit!(:gitlab_shell_operation, scope: [params[:action], params[:project], rate_limiter.ip]) + end + end + # Stores some Git-specific env thread-safely env = parse_env Gitlab::Git::HookEnv.set(gl_repository, env) if container @@ -101,6 +110,7 @@ module API response_with_status(code: 500, success: false, message: UNKNOWN_CHECK_RESULT_ERROR) end end + # rubocop: enable Metrics/AbcSize def send_git_audit_streaming_event(msg) # Defined in EE |