Moves Protected paths throttling from Omnibus to GitLab Rails
What does this MR do?
Moves protected paths to GitLab-Rails:
- Adds 4 columns to
application_settings
- 3 to mimic the configuration of existing throttles
- 1 to store the protected paths on database
- Set default protected paths (taken from Omnibus)
- Add new section on admin panel to personalize protected paths configuration
- This new throttle is active by default.
- Includes additional protected paths throttles
- Rack Attack file was renamed to 'rack_attack_gitlab_rails'.rb, otherwise the Omnibus file will overwrite this file.
- If the settings are enabled, they will take precedence over the Omnibus settings
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/64278
Documentation MR - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32773
Screenshots
Protected paths configuration |
---|
![]() |
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry for user-facing changes, or community contribution. Check the link for other scenarios. -
Documentation created/updated or follow-up review issue created - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32773 -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content - https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16463
Performance and testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/64278
To do - backend
-
Move Protected Paths to config/gitlab.yml
-
Handle the throttle on RackAttackGlobal
-
Add specs -
Log error on auth.log
-
Add new application_settings to UI -
Refactor -
Configure protected paths on UI -
EE port - https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16463
Merge request reports
Activity
changed milestone to %12.2
added backend backstage [DEPRECATED] gitlab.com + 1 deleted label
1 Message This merge request adds or changes files that require a review from the Database team. This merge request requires a database review. To make sure these changes are reviewed, take the following steps:
- Ensure the merge request has database and databasereview pending labels. If the merge request modifies database files, Danger will do this for you.
- Use the Database changes checklist template or add the appropriate items to the MR description.
- Assign and mention the database reviewer suggested by Reviewer Roulette.
The following files require a review from the Database team:
db/migrate/20190801142441_add_throttle_protected_path_columns.rb
db/schema.rb
Reviewer roulette
Changes that require review have been detected! A merge request is normally reviewed by both a reviewer and a maintainer in its primary category (e.g. frontend or backend), and by a maintainer in all other categories.
To spread load more evenly across eligible reviewers, Danger has randomly picked a candidate for each review slot. Feel free to override this selection if you think someone else would be better-suited, or the chosen person is unavailable.
Once you've decided who will review this merge request, mention them as you normally would! Danger does not (yet?) automatically notify them for you.
Category Reviewer Maintainer backend Shinya Maeda ( @dosuken123
)Peter Leitzen ( @splattael
)frontend Dennis Tang ( @dennis
)Mike Greiling ( @mikegreiling
)database Toon Claes ( @toon
)Andreas Brandl ( @abrandl
)Generated by
DangerEdited by 🤖 GitLab Bot 🤖added 203 commits
-
22e2c6c7...2e7f4bbb - 202 commits from branch
master
- 93b6dc32 - Configures protected paths on initializers
-
22e2c6c7...2e7f4bbb - 202 commits from branch
- Resolved by Mayra Cabrera
added 1 commit
- a731ba66 - Moves protected paths rack attack to gitlab-rails
added 84 commits
-
a731ba66...cbe51cce - 83 commits from branch
master
- 52ce7aa9 - Moves protected paths rack attack to gitlab-rails
-
a731ba66...cbe51cce - 83 commits from branch
added database databasereview pending labels
added 596 commits
-
52ce7aa9...d2ecbd74 - 595 commits from branch
master
- 8983a679 - Moves protected paths rack attack to gitlab-rails
-
52ce7aa9...d2ecbd74 - 595 commits from branch
added 398 commits
-
8983a679...4d4e88df - 397 commits from branch
master
- fb29949b - Moves protected paths rack attack to gitlab-rails
-
8983a679...4d4e88df - 397 commits from branch
mentioned in issue #66471 (moved)
mentioned in issue #66619 (closed)
changed milestone to %12.3
added missed:12.2 label
added 420 commits
-
fb29949b...336ef2a9 - 419 commits from branch
master
- 18e19738 - Moves protected paths rack attack to gitlab-rails
-
fb29949b...336ef2a9 - 419 commits from branch
added 666 commits
-
dc7ac58f...8326e84e - 665 commits from branch
master
- 24897e91 - [WIP] Moves protected path to gitlab-rails
-
dc7ac58f...8326e84e - 665 commits from branch
added 72 commits
-
eddff87f...ab2d5fdd - 71 commits from branch
master
- 750caa5e - [WIP] Moves protected path to gitlab-rails
-
eddff87f...ab2d5fdd - 71 commits from branch
added 112 commits
-
750caa5e...4aeb9f87 - 111 commits from branch
master
- 772871d9 - [WIP] Moves protected path to gitlab-rails
-
750caa5e...4aeb9f87 - 111 commits from branch
mentioned in merge request !32708 (merged)
added 110 commits
-
87ed144a...222d9e62 - 109 commits from branch
master
- ec461027 - [WIP] Moves protected path to gitlab-rails
-
87ed144a...222d9e62 - 109 commits from branch
marked the checklist item Changelog entry for user-facing changes, or community contribution. Check the link for other scenarios. as completed
marked the checklist item Code review guidelines as completed
marked the checklist item Merge request performance guidelines as completed
marked the checklist item Style guides as completed