Commit c3b45429 authored by Eugenia Grieff's avatar Eugenia Grieff

Add issues_create_limit to settings api

- Add issues_create_limit as an optional param to
application/settings endpoint
- Add params to setting specs
- Update Application settings API docs
- Add missing feature spec for admin settings
parent 629b71b0
...@@ -310,7 +310,8 @@ module ApplicationSettingsHelper ...@@ -310,7 +310,8 @@ module ApplicationSettingsHelper
:custom_http_clone_url_root, :custom_http_clone_url_root,
:snippet_size_limit, :snippet_size_limit,
:email_restrictions_enabled, :email_restrictions_enabled,
:email_restrictions :email_restrictions,
:issues_create_limit
] ]
end end
......
...@@ -345,6 +345,9 @@ class ApplicationSetting < ApplicationRecord ...@@ -345,6 +345,9 @@ class ApplicationSetting < ApplicationRecord
presence: true, presence: true,
numericality: { only_integer: true, greater_than_or_equal_to: 0 } numericality: { only_integer: true, greater_than_or_equal_to: 0 }
validates :issues_create_limit,
numericality: { greater_than_or_equal_to: 0 }
attr_encrypted :asset_proxy_secret_key, attr_encrypted :asset_proxy_secret_key,
mode: :per_attribute_iv, mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base_truncated, key: Settings.attr_encrypted_db_key_base_truncated,
......
---
title: Add issues_create_limit to settings api
merge_request: 29960
author:
type: added
...@@ -69,7 +69,8 @@ Example response: ...@@ -69,7 +69,8 @@ Example response:
"asset_proxy_enabled": true, "asset_proxy_enabled": true,
"asset_proxy_url": "https://assets.example.com", "asset_proxy_url": "https://assets.example.com",
"asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"], "asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"],
"npm_package_requests_forwarding": true "npm_package_requests_forwarding": true,
"issues_create_limit": 300
} }
``` ```
...@@ -156,7 +157,8 @@ Example response: ...@@ -156,7 +157,8 @@ Example response:
"allow_local_requests_from_hooks_and_services": true, "allow_local_requests_from_hooks_and_services": true,
"allow_local_requests_from_web_hooks_and_services": true, "allow_local_requests_from_web_hooks_and_services": true,
"allow_local_requests_from_system_hooks": false, "allow_local_requests_from_system_hooks": false,
"npm_package_requests_forwarding": true "npm_package_requests_forwarding": true,
"issues_create_limit": 300
} }
``` ```
...@@ -362,3 +364,4 @@ are listed in the descriptions of the relevant settings. ...@@ -362,3 +364,4 @@ are listed in the descriptions of the relevant settings.
| `version_check_enabled` | boolean | no | Let GitLab inform you when an update is available. | | `version_check_enabled` | boolean | no | Let GitLab inform you when an update is available. |
| `web_ide_clientside_preview_enabled` | boolean | no | Client side evaluation (allow live previews of JavaScript projects in the Web IDE using CodeSandbox client side evaluation). | | `web_ide_clientside_preview_enabled` | boolean | no | Client side evaluation (allow live previews of JavaScript projects in the Web IDE using CodeSandbox client side evaluation). |
| `snippet_size_limit` | integer | no | Max snippet content size in **bytes**. Default: 52428800 Bytes (50MB).| | `snippet_size_limit` | integer | no | Max snippet content size in **bytes**. Default: 52428800 Bytes (50MB).|
| `issues_create_limit` | integer | no | Max number of issue creation requests allowed per minute per user.|
...@@ -153,6 +153,7 @@ module API ...@@ -153,6 +153,7 @@ module API
optional :snowplow_cookie_domain, type: String, desc: 'The Snowplow cookie domain' optional :snowplow_cookie_domain, type: String, desc: 'The Snowplow cookie domain'
optional :snowplow_app_id, type: String, desc: 'The Snowplow site name / application id' optional :snowplow_app_id, type: String, desc: 'The Snowplow site name / application id'
end end
optional :issues_create_limit, type: Integer, desc: "Maximum number of issue creation requests allowed per minute per user. Set to 0 for unlimited requests per minute."
ApplicationSetting::SUPPORTED_KEY_TYPES.each do |type| ApplicationSetting::SUPPORTED_KEY_TYPES.each do |type|
optional :"#{type}_key_restriction", optional :"#{type}_key_restriction",
......
...@@ -382,6 +382,18 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc ...@@ -382,6 +382,18 @@ describe 'Admin updates settings', :clean_gitlab_redis_shared_state, :do_not_moc
expect(current_settings.allow_local_requests_from_system_hooks).to be false expect(current_settings.allow_local_requests_from_system_hooks).to be false
expect(current_settings.dns_rebinding_protection_enabled).to be false expect(current_settings.dns_rebinding_protection_enabled).to be false
end end
it 'Changes Issues rate limits settings' do
visit network_admin_application_settings_path
page.within('.as-issue-limits') do
fill_in 'Max requests per second per user', with: 0
click_button 'Save changes'
end
expect(page).to have_content "Application settings saved successfully"
expect(current_settings.issues_create_limit).to eq(0)
end
end end
context 'Preferences page' do context 'Preferences page' do
......
...@@ -91,6 +91,10 @@ describe ApplicationSetting do ...@@ -91,6 +91,10 @@ describe ApplicationSetting do
it { is_expected.not_to allow_value(nil).for(:namespace_storage_size_limit) } it { is_expected.not_to allow_value(nil).for(:namespace_storage_size_limit) }
it { is_expected.not_to allow_value(-1).for(:namespace_storage_size_limit) } it { is_expected.not_to allow_value(-1).for(:namespace_storage_size_limit) }
it { is_expected.to allow_value(300).for(:issues_create_limit) }
it { is_expected.not_to allow_value('three').for(:issues_create_limit) }
it { is_expected.not_to allow_value(nil).for(:issues_create_limit) }
context 'grafana_url validations' do context 'grafana_url validations' do
before do before do
subject.instance_variable_set(:@parsed_grafana_url, nil) subject.instance_variable_set(:@parsed_grafana_url, nil)
......
...@@ -88,7 +88,8 @@ describe API::Settings, 'Settings' do ...@@ -88,7 +88,8 @@ describe API::Settings, 'Settings' do
allow_local_requests_from_system_hooks: false, allow_local_requests_from_system_hooks: false,
push_event_hooks_limit: 2, push_event_hooks_limit: 2,
push_event_activities_limit: 2, push_event_activities_limit: 2,
snippet_size_limit: 5 snippet_size_limit: 5,
issues_create_limit: 300
} }
expect(response).to have_gitlab_http_status(:ok) expect(response).to have_gitlab_http_status(:ok)
...@@ -125,6 +126,7 @@ describe API::Settings, 'Settings' do ...@@ -125,6 +126,7 @@ describe API::Settings, 'Settings' do
expect(json_response['push_event_hooks_limit']).to eq(2) expect(json_response['push_event_hooks_limit']).to eq(2)
expect(json_response['push_event_activities_limit']).to eq(2) expect(json_response['push_event_activities_limit']).to eq(2)
expect(json_response['snippet_size_limit']).to eq(5) expect(json_response['snippet_size_limit']).to eq(5)
expect(json_response['issues_create_limit']).to eq(300)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment