Merge branch '55241-add-issues-create-limit-to-settings-api' into 'master'

Add issues_create_limit to settings api

Closes #55241

See merge request gitlab-org/gitlab!29960

app/helpers/application_settings_helper.rb

@@ -310,7 +310,8 @@ module ApplicationSettingsHelper
       :custom_http_clone_url_root,
       :snippet_size_limit,
       :email_restrictions_enabled,
-      :email_restrictions
+      :email_restrictions,
+      :issues_create_limit
     ]
   end
 

app/models/application_setting.rb

@@ -345,6 +345,9 @@ class ApplicationSetting < ApplicationRecord
             presence: true,
             numericality: { only_integer: true, greater_than_or_equal_to: 0 }
 
+  validates :issues_create_limit,
+            numericality: { greater_than_or_equal_to: 0 }
+
   attr_encrypted :asset_proxy_secret_key,
                  mode: :per_attribute_iv,
                  key: Settings.attr_encrypted_db_key_base_truncated,

changelogs/unreleased/55241-add-issues-create-limit-to-settings-api.yml

+---
+title: Add issues_create_limit to settings api
+merge_request: 29960
+author:
+type: added

doc/api/settings.md

@@ -69,7 +69,8 @@ Example response:
    "asset_proxy_enabled": true,
    "asset_proxy_url": "https://assets.example.com",
    "asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"],
-   "npm_package_requests_forwarding": true
+   "npm_package_requests_forwarding": true,
+   "issues_create_limit": 300
 }
 ```
 
@@ -156,7 +157,8 @@ Example response:
   "allow_local_requests_from_hooks_and_services": true,
   "allow_local_requests_from_web_hooks_and_services": true,
   "allow_local_requests_from_system_hooks": false,
-  "npm_package_requests_forwarding": true
+  "npm_package_requests_forwarding": true,
+  "issues_create_limit": 300
 }
 ```
 
@@ -362,3 +364,4 @@ are listed in the descriptions of the relevant settings.
 | `version_check_enabled`                  | boolean          | no                                   | Let GitLab inform you when an update is available. |
 | `web_ide_clientside_preview_enabled`     | boolean          | no                                   | Client side evaluation (allow live previews of JavaScript projects in the Web IDE using CodeSandbox client side evaluation). |
 | `snippet_size_limit`                     | integer          | no                                   | Max snippet content size in **bytes**. Default: 52428800 Bytes (50MB).|
+| `issues_create_limit`                    | integer          | no                                   | Max number of issue creation requests allowed per minute per user.|

lib/api/settings.rb

@@ -153,6 +153,7 @@ module API
         optional :snowplow_cookie_domain, type: String, desc: 'The Snowplow cookie domain'
         optional :snowplow_app_id, type: String, desc: 'The Snowplow site name / application id'
       end
+      optional :issues_create_limit, type: Integer, desc: "Maximum number of issue creation requests allowed per minute per user. Set to 0 for unlimited requests per minute."
 
       ApplicationSetting::SUPPORTED_KEY_TYPES.each do |type|
         optional :"#{type}_key_restriction",

spec/features/admin/admin_settings_spec.rb

@@ -382,6 +382,18 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
         expect(current_settings.allow_local_requests_from_system_hooks).to be false
         expect(current_settings.dns_rebinding_protection_enabled).to be false
       end
+
+      it 'Changes Issues rate limits settings' do
+        visit network_admin_application_settings_path
+
+        page.within('.as-issue-limits') do
+          fill_in 'Max requests per second per user', with: 0
+          click_button 'Save changes'
+        end
+
+        expect(page).to have_content "Application settings saved successfully"
+        expect(current_settings.issues_create_limit).to eq(0)
+      end
     end
 
     context 'Preferences page' do

spec/models/application_setting_spec.rb

@@ -91,6 +91,10 @@ describe ApplicationSetting do
     it { is_expected.not_to allow_value(nil).for(:namespace_storage_size_limit) }
     it { is_expected.not_to allow_value(-1).for(:namespace_storage_size_limit) }
 
+    it { is_expected.to allow_value(300).for(:issues_create_limit) }
+    it { is_expected.not_to allow_value('three').for(:issues_create_limit) }
+    it { is_expected.not_to allow_value(nil).for(:issues_create_limit) }
+
     context 'grafana_url validations' do
       before do
         subject.instance_variable_set(:@parsed_grafana_url, nil)

spec/requests/api/settings_spec.rb

@@ -88,7 +88,8 @@ describe API::Settings, 'Settings' do
             allow_local_requests_from_system_hooks: false,
             push_event_hooks_limit: 2,
             push_event_activities_limit: 2,
-            snippet_size_limit: 5
+            snippet_size_limit: 5,
+            issues_create_limit: 300
           }
 
         expect(response).to have_gitlab_http_status(:ok)
@@ -125,6 +126,7 @@ describe API::Settings, 'Settings' do
         expect(json_response['push_event_hooks_limit']).to eq(2)
         expect(json_response['push_event_activities_limit']).to eq(2)
         expect(json_response['snippet_size_limit']).to eq(5)
+        expect(json_response['issues_create_limit']).to eq(300)
       end
     end