Add raw_blob_request_limit to settings api

- Add raw_blob_request_limit as an optional
param to application/settings endpoint
- Add field validation to ApplicationSetting model
- Add raw_blob_request_limit to setting specs
- Update Application settings API docs

app/helpers/application_settings_helper.rb

@@ -311,7 +311,8 @@ module ApplicationSettingsHelper
       :snippet_size_limit,
       :email_restrictions_enabled,
       :email_restrictions,
-      :issues_create_limit
+      :issues_create_limit,
+      :raw_blob_request_limit
     ]
   end
 

app/models/application_setting.rb

@@ -144,7 +144,7 @@ class ApplicationSetting < ApplicationRecord
   validates :default_artifacts_expire_in, presence: true, duration: true
 
   validates :container_expiration_policies_enable_historic_entries,
-             inclusion: { in: [true, false], message: 'must be a boolean value' }
+            inclusion: { in: [true, false], message: 'must be a boolean value' }
 
   validates :container_registry_token_expire_delay,
             presence: true,
@@ -346,7 +346,10 @@ class ApplicationSetting < ApplicationRecord
             numericality: { only_integer: true, greater_than_or_equal_to: 0 }
 
   validates :issues_create_limit,
-            numericality: { greater_than_or_equal_to: 0 }
+            numericality: { only_integer: true, greater_than_or_equal_to: 0 }
+
+  validates :raw_blob_request_limit,
+            numericality: { only_integer: true, greater_than_or_equal_to: 0 }
 
   attr_encrypted :asset_proxy_secret_key,
                  mode: :per_attribute_iv,

changelogs/unreleased/215308-follow-up-from-add-issues_create_limit-to-settings-api.yml

+---
+title: Add raw_blob_request_limit to Application Settings API
+merge_request: 30211
+author:
+type: added

doc/api/settings.md

@@ -70,7 +70,8 @@ Example response:
    "asset_proxy_url": "https://assets.example.com",
    "asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"],
    "npm_package_requests_forwarding": true,
-   "issues_create_limit": 300
+   "issues_create_limit": 300,
+   "raw_blob_request_limit": 300
 }
 ```
 
@@ -158,7 +159,8 @@ Example response:
   "allow_local_requests_from_web_hooks_and_services": true,
   "allow_local_requests_from_system_hooks": false,
   "npm_package_requests_forwarding": true,
-  "issues_create_limit": 300
+  "issues_create_limit": 300,
+  "raw_blob_request_limit": 300
 }
 ```
 
@@ -364,4 +366,5 @@ are listed in the descriptions of the relevant settings.
 | `version_check_enabled`                  | boolean          | no                                   | Let GitLab inform you when an update is available. |
 | `web_ide_clientside_preview_enabled`     | boolean          | no                                   | Client side evaluation (allow live previews of JavaScript projects in the Web IDE using CodeSandbox client side evaluation). |
 | `snippet_size_limit`                     | integer          | no                                   | Max snippet content size in **bytes**. Default: 52428800 Bytes (50MB).|
-| `issues_create_limit`                    | integer          | no                                   | Max number of issue creation requests allowed per minute per user.|
+| `issues_create_limit`                    | integer          | no                                   | Max number of issue creation requests per minute per user. Default: 300. To disable throttling set to 0.|
+| `raw_blob_request_limit`                 | integer          | no                                   | Max number of requests per minute for each raw path. Default: 300. To disable throttling set to 0.|

lib/api/settings.rb

@@ -154,6 +154,7 @@ module API
         optional :snowplow_app_id, type: String, desc: 'The Snowplow site name / application id'
       end
       optional :issues_create_limit, type: Integer, desc: "Maximum number of issue creation requests allowed per minute per user. Set to 0 for unlimited requests per minute."
+      optional :raw_blob_request_limit, type: Integer, desc: "Maximum number of requests per minute for each raw path. Set to 0 for unlimited requests per minute."
 
       ApplicationSetting::SUPPORTED_KEY_TYPES.each do |type|
         optional :"#{type}_key_restriction",

spec/models/application_setting_spec.rb

@@ -94,6 +94,14 @@ describe ApplicationSetting do
     it { is_expected.to allow_value(300).for(:issues_create_limit) }
     it { is_expected.not_to allow_value('three').for(:issues_create_limit) }
     it { is_expected.not_to allow_value(nil).for(:issues_create_limit) }
+    it { is_expected.not_to allow_value(10.5).for(:issues_create_limit) }
+    it { is_expected.not_to allow_value(-1).for(:issues_create_limit) }
+
+    it { is_expected.to allow_value(0).for(:raw_blob_request_limit) }
+    it { is_expected.not_to allow_value('abc').for(:raw_blob_request_limit) }
+    it { is_expected.not_to allow_value(nil).for(:raw_blob_request_limit) }
+    it { is_expected.not_to allow_value(10.5).for(:raw_blob_request_limit) }
+    it { is_expected.not_to allow_value(-1).for(:raw_blob_request_limit) }
 
     context 'grafana_url validations' do
       before do

spec/requests/api/settings_spec.rb

@@ -89,7 +89,8 @@ describe API::Settings, 'Settings' do
             push_event_hooks_limit: 2,
             push_event_activities_limit: 2,
             snippet_size_limit: 5,
-            issues_create_limit: 300
+            issues_create_limit: 300,
+            raw_blob_request_limit: 300
           }
 
         expect(response).to have_gitlab_http_status(:ok)
@@ -127,6 +128,7 @@ describe API::Settings, 'Settings' do
         expect(json_response['push_event_activities_limit']).to eq(2)
         expect(json_response['snippet_size_limit']).to eq(5)
         expect(json_response['issues_create_limit']).to eq(300)
+        expect(json_response['raw_blob_request_limit']).to eq(300)
       end
     end