diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-14 18:09:44 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-14 18:09:44 +0300 |
| commit | 874ead9c3a50de4c4ca4551eaf5b7eb976d26b50 (patch) | |
| tree | 637ee9f2da5e251bc08ebf3e972209d51966bf7c /app/controllers/projects/issues_controller.rb | |
| parent | 2e4c4055181eec9186458dd5dd3219c937032ec7 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers/projects/issues_controller.rb')
| -rw-r--r-- | app/controllers/projects/issues_controller.rb | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index f552c471eb2..96650e2cae9 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -42,6 +42,9 @@ class Projects::IssuesController < Projects::ApplicationController before_action :authorize_import_issues!, only: [:import_csv] before_action :authorize_download_code!, only: [:related_branches] + # Limit the amount of issues created per minute + before_action :create_rate_limit, only: [:create] + before_action do push_frontend_feature_flag(:vue_issuable_sidebar, project.group) push_frontend_feature_flag(:save_issuable_health_status, project.group, default_enabled: true) @@ -296,6 +299,22 @@ class Projects::IssuesController < Projects::ApplicationController # 3. https://gitlab.com/gitlab-org/gitlab-foss/issues/42426 Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-foss/issues/42422') end + + private + + def create_rate_limit + key = :issues_create + + if rate_limiter.throttled?(key, scope: [@project, @current_user]) + rate_limiter.log_request(request, "#{key}_request_limit".to_sym, current_user) + + render plain: _('This endpoint has been requested too many times. Try again later.'), status: :too_many_requests + end + end + + def rate_limiter + ::Gitlab::ApplicationRateLimiter + end end Projects::IssuesController.prepend_if_ee('EE::Projects::IssuesController') |