Moves Protected paths throttling from Omnibus to GitLab Rails
What does this MR do?
Moves protected paths to GitLab-Rails:
- Adds 4 columns to
- 3 to mimic the configuration of existing throttles
- 1 to store the protected paths on database
- Set default protected paths (taken from Omnibus)
- Add new section on admin panel to personalize protected paths configuration
- This new throttle is active by default.
- Includes additional protected paths throttles
- Rack Attack file was renamed to 'rack_attack_gitlab_rails'.rb, otherwise the Omnibus file will overwrite this file.
- If the settings are enabled, they will take precedence over the Omnibus settings
Documentation MR - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32773
|Protected paths configuration|
Does this MR meet the acceptance criteria?
- Changelog entry for user-facing changes, or community contribution. Check the link for other scenarios.
- Documentation created/updated or follow-up review issue created - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32773
- Code review guidelines
- Merge request performance guidelines
- Style guides
- Database guides
- Separation of EE specific content - https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16463
Performance and testing
- Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
- [-] Tested in all supported browsers
To do - backend
Move Protected Paths to
Handle the throttle on
- Add specs
Log error on
- Add new application_settings to UI
- Configure protected paths on UI
- EE port - https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16463