summaryrefslogtreecommitdiff
path: root/lib/gitlab/application_rate_limiter.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/application_rate_limiter.rb')
-rw-r--r--lib/gitlab/application_rate_limiter.rb18
1 files changed, 15 insertions, 3 deletions
diff --git a/lib/gitlab/application_rate_limiter.rb b/lib/gitlab/application_rate_limiter.rb
index fbba86d1253..0a69a9c503d 100644
--- a/lib/gitlab/application_rate_limiter.rb
+++ b/lib/gitlab/application_rate_limiter.rb
@@ -20,6 +20,7 @@ module Gitlab
def rate_limits
{
issues_create: { threshold: -> { application_settings.issues_create_limit }, interval: 1.minute },
+ notes_create: { threshold: -> { application_settings.notes_create_limit }, interval: 1.minute },
project_export: { threshold: -> { application_settings.project_export_limit }, interval: 1.minute },
project_download_export: { threshold: -> { application_settings.project_download_export_limit }, interval: 1.minute },
project_repositories_archive: { threshold: 5, interval: 1.minute },
@@ -46,15 +47,17 @@ module Gitlab
# @option scope [Array<ActiveRecord>] Array of ActiveRecord models to scope throttling to a specific request (e.g. per user per project)
# @option threshold [Integer] Optional threshold value to override default one registered in `.rate_limits`
# @option interval [Integer] Optional interval value to override default one registered in `.rate_limits`
+ # @option users_allowlist [Array<String>] Optional list of usernames to excepted from the limit. This param will only be functional if Scope includes a current user.
#
# @return [Boolean] Whether or not a request should be throttled
- def throttled?(key, scope: nil, interval: nil, threshold: nil)
+ def throttled?(key, **options)
return unless rate_limits[key]
- threshold_value = threshold || threshold(key)
+ return if scoped_user_in_allowlist?(options)
+ threshold_value = options[:threshold] || threshold(key)
threshold_value > 0 &&
- increment(key, scope, interval) > threshold_value
+ increment(key, options[:scope], options[:interval]) > threshold_value
end
# Increments the given cache key and increments the value by 1 with the
@@ -140,6 +143,15 @@ module Gitlab
def application_settings
Gitlab::CurrentSettings.current_application_settings
end
+
+ def scoped_user_in_allowlist?(options)
+ return unless options[:users_allowlist].present?
+
+ scoped_user = [options[:scope]].flatten.find { |s| s.is_a?(User) }
+ return unless scoped_user
+
+ scoped_user.username.downcase.in?(options[:users_allowlist])
+ end
end
end
end
View Lorry Controller Status