diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-12-05 21:07:40 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-12-05 21:07:40 +0000 |
| commit | 134fe182008dc13a16f12d723aa73771efb1a6a2 (patch) | |
| tree | 727c94937346d31a5e2692546d16296f069d09fe /lib/api/project_export.rb | |
| parent | 6a7cc8c14727f6fac64a5be6838764d8d5d41468 (diff) | |
| download | gitlab-ce-134fe182008dc13a16f12d723aa73771efb1a6a2.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/api/project_export.rb')
| -rw-r--r-- | lib/api/project_export.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/lib/api/project_export.rb b/lib/api/project_export.rb index e34ed0bdb44..ef6a8f1a396 100644 --- a/lib/api/project_export.rb +++ b/lib/api/project_export.rb @@ -2,6 +2,15 @@ module API class ProjectExport < Grape::API + helpers do + def throttled?(action) + rate_limiter.throttled?(action, scope: [current_user, action, user_project]) + end + + def rate_limiter + ::Gitlab::ApplicationRateLimiter + end + end before do not_found! unless Gitlab::CurrentSettings.project_export_enabled? authorize_admin_project @@ -23,6 +32,10 @@ module API detail 'This feature was introduced in GitLab 10.6.' end get ':id/export/download' do + if throttled?(:project_download_export) + render_api_error!({ error: 'This endpoint has been requested too many times. Try again later.' }, 429) + end + if user_project.export_file_exists? present_carrierwave_file!(user_project.export_file) else @@ -41,6 +54,10 @@ module API end end post ':id/export' do + if throttled?(:project_export) + render_api_error!({ error: 'This endpoint has been requested too many times. Try again later.' }, 429) + end + project_export_params = declared_params(include_missing: false) after_export_params = project_export_params.delete(:upload) || {} |