diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-11 15:08:52 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-11 15:08:52 +0300 |
commit | 9f5ac379c76c278ee9ee1662e26c4612b0a117bd (patch) | |
tree | 49cd59544c083678fefd1e77340ca5e2b6e3565c /app/controllers/projects | |
parent | 7240fb1a06c9e1b254719426b1ac96ec2f00fe35 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers/projects')
-rw-r--r-- | app/controllers/projects/notes_controller.rb | 7 | ||||
-rw-r--r-- | app/controllers/projects/project_members_controller.rb | 2 |
2 files changed, 6 insertions, 3 deletions
diff --git a/app/controllers/projects/notes_controller.rb b/app/controllers/projects/notes_controller.rb index 0b1d7d24d21..71a93701dc4 100644 --- a/app/controllers/projects/notes_controller.rb +++ b/app/controllers/projects/notes_controller.rb @@ -94,8 +94,7 @@ class Projects::NotesController < Projects::ApplicationController def create_rate_limit key = :notes_create - - return unless rate_limiter.throttled?(key, scope: [current_user]) + return unless rate_limiter.throttled?(key, scope: [current_user], users_allowlist: rate_limit_users_allowlist) rate_limiter.log_request(request, "#{key}_request_limit".to_sym, current_user) render plain: _('This endpoint has been requested too many times. Try again later.'), status: :too_many_requests @@ -104,4 +103,8 @@ class Projects::NotesController < Projects::ApplicationController def rate_limiter ::Gitlab::ApplicationRateLimiter end + + def rate_limit_users_allowlist + Gitlab::CurrentSettings.current_application_settings.notes_create_limit_allowlist + end end diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb index 463b989c493..a7c7839dc9f 100644 --- a/app/controllers/projects/project_members_controller.rb +++ b/app/controllers/projects/project_members_controller.rb @@ -9,7 +9,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController before_action :authorize_admin_project_member!, except: [:index, :leave, :request_access] before_action do - push_frontend_feature_flag(:vue_project_members_list, @project) + push_frontend_feature_flag(:vue_project_members_list, @project, default_enabled: :yaml) end feature_category :authentication_and_authorization |