bc02d030b6
Data Explorer can run arbitrary SQL queries which can be costly for us if over-used. Because of that we want to add the ability to rate limit the query run endpoint, in particular when requested programmatically using API. This commit introduces a rate limit to the `QueryController#run` endpoint. It heavily leans on the existing `RateLimiter` implementation, and the ability of `ApplicationController` to turn rate limit exceptions into nicely formatted JSON responses. The rate limit (per 10 seconds) can be configured through the global setting `max_data_explorer_api_reqs_per_10_seconds`, and defaults to 2. Handling can be configured through `max_data_explorer_api_req_mode`, and can be set to warn, block, or both warn and block. We will default to warn for now and monitor the logs for a while. |
||
|---|---|---|
| .. | ||
| automation | ||
| fabricators | ||
| integration | ||
| jobs/scheduled | ||
| lib/data_explorer | ||
| requests | ||
| system | ||
| tasks | ||
| data_explorer_spec.rb | ||
| guardian_spec.rb | ||
| report_generator_spec.rb | ||