Add throttle application settings

2017-10-06 16:33:49 -07:00 · 2017-10-06 16:33:49 -07:00 · 732b122644
parent 10c216dabb
commit 732b122644
3 changed files with 56 additions and 0 deletions
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@ -295,6 +295,15 @@ class ApplicationSetting < ActiveRecord::Base
      sign_in_text: nil,
      signup_enabled: Settings.gitlab['signup_enabled'],
      terminal_max_session_time: 0,
+      throttle_unauthenticated_enabled: false,
+      throttle_unauthenticated_requests_per_period: 3600,
+      throttle_unauthenticated_period_in_seconds: 3600,
+      throttle_authenticated_web_enabled: false,
+      throttle_authenticated_web_requests_per_period: 7200,
+      throttle_authenticated_web_period_in_seconds: 3600,
+      throttle_authenticated_api_enabled: false,
+      throttle_authenticated_api_requests_per_period: 7200,
+      throttle_authenticated_api_period_in_seconds: 3600,
      two_factor_grace_period: 48,
      user_default_external: false,
      polling_interval_multiplier: 1,
--- a/db/migrate/20171006220837_add_global_rate_limits_to_application_settings.rb
+++ b/db/migrate/20171006220837_add_global_rate_limits_to_application_settings.rb
@ -0,0 +1,38 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddGlobalRateLimitsToApplicationSettings < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_column_with_default :application_settings, :throttle_unauthenticated_enabled, :boolean, default: false, allow_null: false
+    add_column_with_default :application_settings, :throttle_unauthenticated_requests_per_period, :integer, default: 3600, allow_null: false
+    add_column_with_default :application_settings, :throttle_unauthenticated_period_in_seconds, :integer, default: 3600, allow_null: false
+
+    add_column_with_default :application_settings, :throttle_authenticated_api_enabled, :boolean, default: false, allow_null: false
+    add_column_with_default :application_settings, :throttle_authenticated_api_requests_per_period, :integer, default: 7200, allow_null: false
+    add_column_with_default :application_settings, :throttle_authenticated_api_period_in_seconds, :integer, default: 3600, allow_null: false
+
+    add_column_with_default :application_settings, :throttle_authenticated_web_enabled, :boolean, default: false, allow_null: false
+    add_column_with_default :application_settings, :throttle_authenticated_web_requests_per_period, :integer, default: 7200, allow_null: false
+    add_column_with_default :application_settings, :throttle_authenticated_web_period_in_seconds, :integer, default: 3600, allow_null: false
+  end
+
+  def down
+    remove_column :application_settings, :throttle_authenticated_web_period_in_seconds
+    remove_column :application_settings, :throttle_authenticated_web_requests_per_period
+    remove_column :application_settings, :throttle_authenticated_web_enabled
+
+    remove_column :application_settings, :throttle_authenticated_api_period_in_seconds
+    remove_column :application_settings, :throttle_authenticated_api_requests_per_period
+    remove_column :application_settings, :throttle_authenticated_api_enabled
+
+    remove_column :application_settings, :throttle_unauthenticated_period_in_seconds
+    remove_column :application_settings, :throttle_unauthenticated_requests_per_period
+    remove_column :application_settings, :throttle_unauthenticated_enabled
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -140,6 +140,15 @@ ActiveRecord::Schema.define(version: 20171106180641) do
    t.integer "circuitbreaker_storage_timeout", default: 30
    t.integer "circuitbreaker_access_retries", default: 3
    t.integer "circuitbreaker_backoff_threshold", default: 80
+    t.boolean "throttle_unauthenticated_enabled", default: false, null: false
+    t.integer "throttle_unauthenticated_requests_per_period", default: 3600, null: false
+    t.integer "throttle_unauthenticated_period_in_seconds", default: 3600, null: false
+    t.boolean "throttle_authenticated_api_enabled", default: false, null: false
+    t.integer "throttle_authenticated_api_requests_per_period", default: 7200, null: false
+    t.integer "throttle_authenticated_api_period_in_seconds", default: 3600, null: false
+    t.boolean "throttle_authenticated_web_enabled", default: false, null: false
+    t.integer "throttle_authenticated_web_requests_per_period", default: 7200, null: false
+    t.integer "throttle_authenticated_web_period_in_seconds", default: 3600, null: false
  end

  create_table "audit_events", force: :cascade do |t|