Add RateLimiter to RawController

* Limits raw requests to 300 per minute and per raw path. * Add a new attribute to ApplicationSettings so user can change this value on their instance. * Uses Gitlab::ActionRateLimiter to limit the raw requests. * Add a new method into ActionRateLimiter to log the event into auth.log Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/48717
author: Mayra Cabrera <mcabrera@gitlab.com> 2019-07-24 19:49:31 +0000
committer: Stan Hu <stanhu@gmail.com> 2019-07-24 19:49:31 +0000
commit: 3cefc5d7df09dbc21cd9c892bc6c62b5b583ca6a (patch)
tree: 2e996ca71e4e16c74f1be94d1f7143ac3e49dad6 /spec/services
parent: b70dbabb6373e7624e3bcb7a6d78049621db891c (diff)
download: gitlab-ce-3cefc5d7df09dbc21cd9c892bc6c62b5b583ca6a.tar.gz
1 files changed, 16 insertions, 0 deletions
diff --git a/spec/services/application_settings/update_service_spec.rb b/spec/services/application_settings/update_service_spec.rb
index a641828faa5..33cd1f37ff6 100644
--- a/spec/services/application_settings/update_service_spec.rb
+++ b/spec/services/application_settings/update_service_spec.rb
@@ -180,4 +180,20 @@ describe ApplicationSettings::UpdateService do
       described_class.new(application_settings, admin, { home_page_url: 'http://foo.bar' }).execute
     end
   end
+
+  context 'when raw_blob_request_limit is passsed' do
+    let(:params) do
+      {
+        raw_blob_request_limit: 600
+      }
+    end
+
+    it 'updates raw_blob_request_limit value' do
+      subject.execute
+
+      application_settings.reload
+
+      expect(application_settings.raw_blob_request_limit).to eq(600)
+    end
+  end
 end
author	Mayra Cabrera <mcabrera@gitlab.com>	2019-07-24 19:49:31 +0000
committer	Stan Hu <stanhu@gmail.com>	2019-07-24 19:49:31 +0000
commit	3cefc5d7df09dbc21cd9c892bc6c62b5b583ca6a (patch)
tree	2e996ca71e4e16c74f1be94d1f7143ac3e49dad6 /spec/services
parent	b70dbabb6373e7624e3bcb7a6d78049621db891c (diff)
download	gitlab-ce-3cefc5d7df09dbc21cd9c892bc6c62b5b583ca6a.tar.gz