Search Rate Limits Configuration Does Not Apply

Summary

Hit This endpoint has been requested too many times. Try again later. before the number configured in Search Rate Limit.

Issue report by GitLab Premium Customer (Internal ticket)

Steps to reproduce

  1. Set the Search Rate Limit from Admin > Network > Search Rate Limit
  2. Set Maximum number of requests per minute for an authenticated user to a large number like 60.
  3. Search a keyboard at Global Search, click next page incrementally within a minute
  4. Hit This endpoint has been requested too many times. Try again later. error before 60.
    • In my case, it was 15.

Example Project

This happens on Self-Managed GitLab Instance. In my test instance, it was v14.9.2-ee. Customer hitting this issue is on v14.9.5-ee.

What is the current bug behavior?

Hit This endpoint has been requested too many times. Try again later. error before number configured in Admin > Network > Search Rate Limit

Scenario faced by Customer:

So if I understand correctly, as I'm connected as a user the only parameter that is relevant for me (as a connected user) is : Maximum number of requests per minute for an authenticated user.

I have redone the test with :

Maximum number of requests per minute for an authenticated user = 60

And I was able to search through 7 to 9 pages only. We are far from the 60 max requests set up.

What is the expected correct behavior?

The search rate limit should follow the configured value in Admin > Network > Search Rate Limit

Relevant logs and/or screenshots

Screenshot_2022-07-07_at_3.52.46_PM

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info 
(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)

(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)

```

System information
System:         Ubuntu 20.04
Proxy:          no
Current User:   git
Using RVM:      no
Ruby Version:   2.7.5p203
Gem Version:    3.1.4
Bundler Version:2.2.33
Rake Version:   13.0.6
Redis Version:  6.2.6
Sidekiq Version:6.4.0
Go Version:     unknown

GitLab information
Version:        14.9.2-ee
Revision:       3034418fb31
Directory:      /opt/gitlab/embedded/service/gitlab-rails
DB Adapter:     PostgreSQL
DB Version:     12.7
URL:            https://omnibus-instance.0c91420b.gcp.gitlabsandbox.net
HTTP Clone URL: https://omnibus-instance.0c91420b.gcp.gitlabsandbox.net/some-group/some-project.git
SSH Clone URL:  git@omnibus-instance.0c91420b.gcp.gitlabsandbox.net:some-group/some-project.git
Elasticsearch:  no
Geo:            no
Using LDAP:     no
Using Omniauth: yes
Omniauth Providers: 

GitLab Shell
Version:        13.24.0
Repository storage paths:
- default:      /var/opt/gitlab/git-data/repositories
GitLab Shell path:              /opt/gitlab/embedded/service/gitlab-shell
```

Results of GitLab application Check

Expand for output related to the GitLab application check 
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)


(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)




Checking GitLab subtasks ...

Checking GitLab Shell ...

GitLab Shell: ... GitLab Shell version >= 13.24.0 ? ... OK (13.24.0)
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Internal API available: OK
Redis available via internal API: OK
gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Gitaly ...

Gitaly: ... default ... OK

Checking Gitaly ... Finished

Checking Sidekiq ...

Sidekiq: ... Running? ... yes
Number of Sidekiq processes (cluster/worker) ... 1/1

Checking Sidekiq ... Finished

Checking Incoming Email ...

Incoming Email: ... Reply by email is disabled in config/gitlab.yml

Checking Incoming Email ... Finished

Checking LDAP ...

LDAP: ... LDAP is disabled in config/gitlab.yml

Checking LDAP ... Finished

Checking GitLab App ...

Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Systemd unit files or init script exist? ... skipped (omnibus-gitlab has neither init script nor systemd units)
Systemd unit files or init script up-to-date? ... skipped (omnibus-gitlab has neither init script nor systemd units)
Projects have namespace: ... 
2/1 ... yes
12/2 ... yes
12/3 ... yes
13/4 ... yes
13/5 ... yes
14/6 ... yes
14/7 ... yes
14/8 ... yes
15/9 ... yes
15/10 ... yes
27/11 ... yes
Redis version >= 5.0.0? ... yes
Ruby version >= 2.7.2 ? ... yes (2.7.5)
Git user has default SSH configuration? ... yes
Active users: ... 9
Is authorized keys file accessible? ... yes
GitLab configured to store new projects in hashed storage? ... yes
All projects are in hashed storage? ... yes
Elasticsearch version 7.x (6.4 - 6.x deprecated to be removed in 13.8)? ... skipped (elasticsearch is disabled)

Checking GitLab App ... Finished


Checking GitLab subtasks ... Finished

Possible fixes

Unsure, but this is the MR that implemented the function Add configurable search rate limits (!80631 - merged)

Edited by Emily Chang