31 lines
1 KiB
Ruby
31 lines
1 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module SearchRateLimitable
|
|
extend ActiveSupport::Concern
|
|
|
|
private
|
|
|
|
def check_search_rate_limit!
|
|
if current_user
|
|
# Because every search in the UI typically runs concurrent searches with different
|
|
# scopes to get counts, we apply rate limits on the search scope if it is present.
|
|
#
|
|
# If abusive search is detected, we have stricter limits and ignore the search scope.
|
|
check_rate_limit!(:search_rate_limit, scope: [current_user, safe_search_scope].compact)
|
|
else
|
|
check_rate_limit!(:search_rate_limit_unauthenticated, scope: [request.ip])
|
|
end
|
|
end
|
|
|
|
def safe_search_scope
|
|
# Sometimes search scope can have abusive length or invalid keyword. We don't want
|
|
# to send those to redis for rate limit checks, so we guard against that here.
|
|
return if Feature.disabled?(:search_rate_limited_scopes) || abuse_detected?
|
|
|
|
params[:scope]
|
|
end
|
|
|
|
def abuse_detected?
|
|
Gitlab::Search::Params.new(params, detect_abuse: true).abusive?
|
|
end
|
|
end
|