diff options
Diffstat (limited to 'lib/gitlab/application_rate_limiter.rb')
-rw-r--r-- | lib/gitlab/application_rate_limiter.rb | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/lib/gitlab/application_rate_limiter.rb b/lib/gitlab/application_rate_limiter.rb index fbba86d1253..0a69a9c503d 100644 --- a/lib/gitlab/application_rate_limiter.rb +++ b/lib/gitlab/application_rate_limiter.rb @@ -20,6 +20,7 @@ module Gitlab def rate_limits { issues_create: { threshold: -> { application_settings.issues_create_limit }, interval: 1.minute }, + notes_create: { threshold: -> { application_settings.notes_create_limit }, interval: 1.minute }, project_export: { threshold: -> { application_settings.project_export_limit }, interval: 1.minute }, project_download_export: { threshold: -> { application_settings.project_download_export_limit }, interval: 1.minute }, project_repositories_archive: { threshold: 5, interval: 1.minute }, @@ -46,15 +47,17 @@ module Gitlab # @option scope [Array<ActiveRecord>] Array of ActiveRecord models to scope throttling to a specific request (e.g. per user per project) # @option threshold [Integer] Optional threshold value to override default one registered in `.rate_limits` # @option interval [Integer] Optional interval value to override default one registered in `.rate_limits` + # @option users_allowlist [Array<String>] Optional list of usernames to excepted from the limit. This param will only be functional if Scope includes a current user. # # @return [Boolean] Whether or not a request should be throttled - def throttled?(key, scope: nil, interval: nil, threshold: nil) + def throttled?(key, **options) return unless rate_limits[key] - threshold_value = threshold || threshold(key) + return if scoped_user_in_allowlist?(options) + threshold_value = options[:threshold] || threshold(key) threshold_value > 0 && - increment(key, scope, interval) > threshold_value + increment(key, options[:scope], options[:interval]) > threshold_value end # Increments the given cache key and increments the value by 1 with the @@ -140,6 +143,15 @@ module Gitlab def application_settings Gitlab::CurrentSettings.current_application_settings end + + def scoped_user_in_allowlist?(options) + return unless options[:users_allowlist].present? + + scoped_user = [options[:scope]].flatten.find { |s| s.is_a?(User) } + return unless scoped_user + + scoped_user.username.downcase.in?(options[:users_allowlist]) + end end end end |