What does this MR do?
Moves protected paths to GitLab-Rails:
- Adds 4 columns to
application_settings- 3 to mimic the configuration of existing throttles
- 1 to store the protected paths on database
- Set default protected paths (taken from Omnibus)
- Add new section on admin panel to personalize protected paths configuration
- This new throttle is active by default.
- Includes additional protected paths throttles
- Rack Attack file was renamed to 'rack_attack_gitlab_rails'.rb, otherwise the Omnibus file will overwrite this file.
- If the settings are enabled, they will take precedence over the Omnibus settings
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/64278
Documentation MR - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32773
Screenshots
| Protected paths configuration |
|---|
 |
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry for user-facing changes, or community contribution. Check the link for other scenarios. -
Documentation created/updated or follow-up review issue created - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32773 -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content - https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16463
Performance and testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/64278
To do - backend
-
Move Protected Paths to config/gitlab.yml -
Handle the throttle on RackAttackGlobal -
Add specs -
Log error on auth.log -
Add new application_settings to UI -
Refactor -
Configure protected paths on UI -
EE port - https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16463