Database layer for deprecated API throttle settings

We need to track and set these settings in the DB

Database layer for deprecated API throttle settings
We need to track and set these settings in the DB
9d10ef96 · Nick Thomas · 75c06be4 · 9d10ef96 · 9d10ef96 · 9d10ef96
Commit 9d10ef96 authored Sep 14, 2021 by Nick Thomas
8 changed files
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -333,6 +333,9 @@ module ApplicationSettingsHelper
      :throttle_authenticated_files_api_enabled,
      :throttle_authenticated_files_api_period_in_seconds,
      :throttle_authenticated_files_api_requests_per_period,
+      :throttle_authenticated_deprecated_api_enabled,
+      :throttle_authenticated_deprecated_api_period_in_seconds,
+      :throttle_authenticated_deprecated_api_requests_per_period,
      :throttle_unauthenticated_api_enabled,
      :throttle_unauthenticated_api_period_in_seconds,
      :throttle_unauthenticated_api_requests_per_period,
@@ -345,6 +348,9 @@ module ApplicationSettingsHelper
      :throttle_unauthenticated_files_api_enabled,
      :throttle_unauthenticated_files_api_period_in_seconds,
      :throttle_unauthenticated_files_api_requests_per_period,
+      :throttle_unauthenticated_deprecated_api_enabled,
+      :throttle_unauthenticated_deprecated_api_period_in_seconds,
+      :throttle_unauthenticated_deprecated_api_requests_per_period,
      :throttle_protected_paths_enabled,
      :throttle_protected_paths_period_in_seconds,
      :throttle_protected_paths_requests_per_period,

--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -479,6 +479,8 @@ class ApplicationSetting < ApplicationRecord
    validates :throttle_unauthenticated_packages_api_period_in_seconds
    validates :throttle_unauthenticated_files_api_requests_per_period
    validates :throttle_unauthenticated_files_api_period_in_seconds
+    validates :throttle_unauthenticated_deprecated_api_requests_per_period
+    validates :throttle_unauthenticated_deprecated_api_period_in_seconds
    validates :throttle_authenticated_api_requests_per_period
    validates :throttle_authenticated_api_period_in_seconds
    validates :throttle_authenticated_git_lfs_requests_per_period
@@ -489,6 +491,8 @@ class ApplicationSetting < ApplicationRecord
    validates :throttle_authenticated_packages_api_period_in_seconds
    validates :throttle_authenticated_files_api_requests_per_period
    validates :throttle_authenticated_files_api_period_in_seconds
+    validates :throttle_authenticated_deprecated_api_requests_per_period
+    validates :throttle_authenticated_deprecated_api_period_in_seconds
    validates :throttle_protected_paths_requests_per_period
    validates :throttle_protected_paths_period_in_seconds
  end

--- a/app/models/application_setting_implementation.rb
+++ b/app/models/application_setting_implementation.rb
@@ -175,6 +175,9 @@ module ApplicationSettingImplementation
        throttle_authenticated_files_api_enabled: false,
        throttle_authenticated_files_api_period_in_seconds: 15,
        throttle_authenticated_files_api_requests_per_period: 500,
+        throttle_authenticated_deprecated_api_enabled: false,
+        throttle_authenticated_deprecated_api_period_in_seconds: 3600,
+        throttle_authenticated_deprecated_api_requests_per_period: 3600,
        throttle_incident_management_notification_enabled: false,
        throttle_incident_management_notification_per_period: 3600,
        throttle_incident_management_notification_period_in_seconds: 3600,
@@ -193,6 +196,9 @@ module ApplicationSettingImplementation
        throttle_unauthenticated_files_api_enabled: false,
        throttle_unauthenticated_files_api_period_in_seconds: 15,
        throttle_unauthenticated_files_api_requests_per_period: 125,
+        throttle_unauthenticated_deprecated_api_enabled: false,
+        throttle_unauthenticated_deprecated_api_period_in_seconds: 3600,
+        throttle_unauthenticated_deprecated_api_requests_per_period: 1800,
        time_tracking_limit_to_hours: false,
        two_factor_grace_period: 48,
        unique_ips_limit_enabled: false,

--- a/db/migrate/20210914145810_add_throttle_deprecated_api_columns.rb
+++ b/db/migrate/20210914145810_add_throttle_deprecated_api_columns.rb
+# frozen_string_literal: true
+
+class AddThrottleDeprecatedApiColumns < Gitlab::Database::Migration[1.0]
+  def change
+    add_column :application_settings, :throttle_unauthenticated_deprecated_api_requests_per_period, :integer, default: 3600, null: false
+    add_column :application_settings, :throttle_unauthenticated_deprecated_api_period_in_seconds, :integer, default: 3600, null: false
+    add_column :application_settings, :throttle_unauthenticated_deprecated_api_enabled, :boolean, default: false, null: false
+
+    add_column :application_settings, :throttle_authenticated_deprecated_api_requests_per_period, :integer, default: 3600, null: false
+    add_column :application_settings, :throttle_authenticated_deprecated_api_period_in_seconds, :integer, default: 1800, null: false
+    add_column :application_settings, :throttle_authenticated_deprecated_api_enabled, :boolean, default: false, null: false
+  end
+end
--- a/db/schema_migrations/20210914145810
+++ b/db/schema_migrations/20210914145810
+a30acb6d2a3772be29dfefc7d8cda2f2df94002556fa5de85483b7fca245be86
\ No newline at end of file
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -10338,6 +10338,12 @@ CREATE TABLE application_settings (
    sidekiq_job_limiter_compression_threshold_bytes integer DEFAULT 100000 NOT NULL,
    sidekiq_job_limiter_limit_bytes integer DEFAULT 0 NOT NULL,
    suggest_pipeline_enabled boolean DEFAULT true NOT NULL,
+    throttle_unauthenticated_deprecated_api_requests_per_period integer DEFAULT 1800 NOT NULL,
+    throttle_unauthenticated_deprecated_api_period_in_seconds integer DEFAULT 3600 NOT NULL,
+    throttle_unauthenticated_deprecated_api_enabled boolean DEFAULT false NOT NULL,
+    throttle_authenticated_deprecated_api_requests_per_period integer DEFAULT 3600 NOT NULL,
+    throttle_authenticated_deprecated_api_period_in_seconds integer DEFAULT 3600 NOT NULL,
+    throttle_authenticated_deprecated_api_enabled boolean DEFAULT false NOT NULL,
    CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)),
    CONSTRAINT app_settings_ext_pipeline_validation_service_url_text_limit CHECK ((char_length(external_pipeline_validation_service_url) <= 255)),
    CONSTRAINT app_settings_registry_exp_policies_worker_capacity_positive CHECK ((container_registry_expiration_policies_worker_capacity >= 0)),
--- a/spec/models/application_setting_spec.rb
+++ b/spec/models/application_setting_spec.rb
@@ -946,6 +946,10 @@ RSpec.describe ApplicationSetting do
          throttle_unauthenticated_files_api_period_in_seconds
          throttle_authenticated_files_api_requests_per_period
          throttle_authenticated_files_api_period_in_seconds
+          throttle_unauthenticated_deprecated_api_requests_per_period
+          throttle_unauthenticated_deprecated_api_period_in_seconds
+          throttle_authenticated_deprecated_api_requests_per_period
+          throttle_authenticated_deprecated_api_period_in_seconds
          throttle_authenticated_git_lfs_requests_per_period
          throttle_authenticated_git_lfs_period_in_seconds
        ]

--- a/spec/services/application_settings/update_service_spec.rb
+++ b/spec/services/application_settings/update_service_spec.rb
@@ -413,6 +413,32 @@ RSpec.describe ApplicationSettings::UpdateService do
    end
  end

+  context 'when deprecated API rate limits are passed' do
+    let(:params) do
+      {
+        throttle_unauthenticated_deprecated_api_enabled: 1,
+        throttle_unauthenticated_deprecated_api_period_in_seconds: 500,
+        throttle_unauthenticated_deprecated_api_requests_per_period: 20,
+        throttle_authenticated_deprecated_api_enabled: 1,
+        throttle_authenticated_deprecated_api_period_in_seconds: 600,
+        throttle_authenticated_deprecated_api_requests_per_period: 10
+      }
+    end
+
+    it 'updates deprecated API throttle settings' do
+      subject.execute
+
+      application_settings.reload
+
+      expect(application_settings.throttle_unauthenticated_deprecated_api_enabled).to be_truthy
+      expect(application_settings.throttle_unauthenticated_deprecated_api_period_in_seconds).to eq(500)
+      expect(application_settings.throttle_unauthenticated_deprecated_api_requests_per_period).to eq(20)
+      expect(application_settings.throttle_authenticated_deprecated_api_enabled).to be_truthy
+      expect(application_settings.throttle_authenticated_deprecated_api_period_in_seconds).to eq(600)
+      expect(application_settings.throttle_authenticated_deprecated_api_requests_per_period).to eq(10)
+    end
+  end
+
  context 'when git lfs rate limits are passed' do
    let(:params) do
      {