Moves Protected paths throttling from Omnibus to GitLab Rails
What does this MR do?
Moves protected paths to GitLab-Rails:
- Adds 4 columns to
application_settings- 3 to mimic the configuration of existing throttles
- 1 to store the protected paths on database
- Set default protected paths (taken from Omnibus)
- Add new section on admin panel to personalize protected paths configuration
- This new throttle is active by default.
- Includes additional protected paths throttles
- Rack Attack file was renamed to 'rack_attack_gitlab_rails'.rb, otherwise the Omnibus file will overwrite this file.
- If the settings are enabled, they will take precedence over the Omnibus settings
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/64278
Documentation MR - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32773
Screenshots
| Protected paths configuration |
|---|
![]() |
Does this MR meet the acceptance criteria?
Conformity
- Changelog entry for user-facing changes, or community contribution. Check the link for other scenarios.
- Documentation created/updated or follow-up review issue created - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32773
- Code review guidelines
- Merge request performance guidelines
- Style guides
- Database guides
- Separation of EE specific content - https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16463
Performance and testing
- Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
- [-] Tested in all supported browsers
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/64278
To do - backend
- Move Protected Paths to
config/gitlab.yml - Handle the throttle on
RackAttackGlobal - Add specs
- Log error on
auth.log - Add new application_settings to UI
- Refactor
- Configure protected paths on UI
- EE port - https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16463
Edited by Mayra Cabrera
