From 54f13b1ec8542dc5085e0367734e8344c2c3d01e Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Sat, 9 Dec 2017 01:01:42 -0800
Subject: Add rate limiting to guard against excessive scheduling of pipelines

---
 lib/gitlab/action_rate_limiter.rb | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 lib/gitlab/action_rate_limiter.rb

(limited to 'lib/gitlab/action_rate_limiter.rb')

diff --git a/lib/gitlab/action_rate_limiter.rb b/lib/gitlab/action_rate_limiter.rb
new file mode 100644
index 00000000000..c3af583a3ed
--- /dev/null
+++ b/lib/gitlab/action_rate_limiter.rb
@@ -0,0 +1,31 @@
+module Gitlab
+  # This class implements a simple rate limiter that can be used to throttle
+  # certain actions. Unlike Rack Attack and Rack::Throttle, which operate at
+  # the middleware level, this can be used at the controller level.
+  class ActionRateLimiter
+    TIME_TO_EXPIRE = 60 # 1 min
+
+    attr_accessor :action, :expiry_time
+
+    def initialize(action:, expiry_time: TIME_TO_EXPIRE)
+      @action = action
+      @expiry_time = expiry_time
+    end
+
+    def increment(key)
+      value = 0
+
+      Gitlab::Redis::Cache.with do |redis|
+        cache_key = "action_rate_limiter:#{action}:#{key}"
+        value = redis.incr(cache_key)
+        redis.expire(cache_key, expiry_time) if value == 1
+      end
+
+      value.to_i
+    end
+
+    def throttled?(key, threshold_value)
+      self.increment(key) > threshold_value
+    end
+  end
+end
-- 
cgit v1.2.3