cartodb/CartoDB-SQL-API
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #546 from CartoDB/unique-query-ratelimit

Browse Source 
Unique query ratelimit
This commit is contained in:
Simon Martín 2019-01-09 09:14:50 +01:00 committed by GitHub
commit 68b2b1970a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 11 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS.md
View File

@ -10,6 +10,7 @@ Announcements:
* Set platform limits message also on streaming responses * Set platform limits message also on streaming responses
* Consider cancelled queries as platform limits. * Consider cancelled queries as platform limits.
* Report fine-grained Garbage Collector stats * Report fine-grained Garbage Collector stats
* Both query endpoints as the same one in rate limits terms
## 2.3.1 ## 2.3.1
Released 2018-12-23 Released 2018-12-23

8
app/controllers/query_controller.js
View File

@ -35,12 +35,12 @@ QueryController.prototype.route = function (app) {
const { base_url } = global.settings; const { base_url } = global.settings;
const forceToBeMaster = false; const forceToBeMaster = false;
const queryMiddlewares = endpointGroup => { const queryMiddlewares = () => {
return [ return [
bodyParserMiddleware(), bodyParserMiddleware(),
initializeProfilerMiddleware('query'), initializeProfilerMiddleware('query'),
userMiddleware(this.metadataBackend), userMiddleware(this.metadataBackend),
rateLimitsMiddleware(this.userLimitsService, endpointGroup), rateLimitsMiddleware(this.userLimitsService, RATE_LIMIT_ENDPOINTS_GROUPS.QUERY),
authorizationMiddleware(this.metadataBackend, forceToBeMaster), authorizationMiddleware(this.metadataBackend, forceToBeMaster),
connectionParamsMiddleware(this.userDatabaseService), connectionParamsMiddleware(this.userDatabaseService),
timeoutLimitsMiddleware(this.metadataBackend), timeoutLimitsMiddleware(this.metadataBackend),
@ -49,8 +49,8 @@ QueryController.prototype.route = function (app) {
]; ];
}; };
app.all(`${base_url}/sql`, queryMiddlewares(RATE_LIMIT_ENDPOINTS_GROUPS.QUERY)); app.all(`${base_url}/sql`, queryMiddlewares());
app.all(`${base_url}/sql.:f`, queryMiddlewares(RATE_LIMIT_ENDPOINTS_GROUPS.QUERY_FORMAT)); app.all(`${base_url}/sql.:f`, queryMiddlewares());
}; };
// jshint maxcomplexity:21 // jshint maxcomplexity:21

13
app/middlewares/rate-limit.js
View File

@ -2,7 +2,6 @@
const RATE_LIMIT_ENDPOINTS_GROUPS = { const RATE_LIMIT_ENDPOINTS_GROUPS = {
QUERY: 'query', QUERY: 'query',
QUERY_FORMAT: 'query_format',
JOB_CREATE: 'job_create', JOB_CREATE: 'job_create',
JOB_GET: 'job_get', JOB_GET: 'job_get',
JOB_DELETE: 'job_delete', JOB_DELETE: 'job_delete',
@ -21,23 +20,23 @@ function rateLimit(userLimits, endpointGroup = null) {
if (err) { if (err) {
return next(err); return next(err);
} }
if (!userRateLimit) { if (!userRateLimit) {
return next(); return next();
} }
const [isBlocked, limit, remaining, retry, reset] = userRateLimit; const [isBlocked, limit, remaining, retry, reset] = userRateLimit;
res.set({ res.set({
'Carto-Rate-Limit-Limit': limit, 'Carto-Rate-Limit-Limit': limit,
'Carto-Rate-Limit-Remaining': remaining, 'Carto-Rate-Limit-Remaining': remaining,
'Carto-Rate-Limit-Reset': reset 'Carto-Rate-Limit-Reset': reset
}); });
if (isBlocked) { if (isBlocked) {
// retry is floor rounded in seconds by redis-cell // retry is floor rounded in seconds by redis-cell
res.set('Retry-After', retry + 1); res.set('Retry-After', retry + 1);
const rateLimitError = new Error( const rateLimitError = new Error(
'You are over platform\'s limits. Please contact us to know more details' 'You are over platform\'s limits. Please contact us to know more details'
); );
@ -46,7 +45,7 @@ function rateLimit(userLimits, endpointGroup = null) {
rateLimitError.detail = 'rate-limit'; rateLimitError.detail = 'rate-limit';
return next(rateLimitError); return next(rateLimitError);
} }
return next(); return next();
}); });
}; };

1
app/server.js
View File

@ -74,7 +74,6 @@ function App(statsClient) {
rateLimitsEnabled: false, rateLimitsEnabled: false,
endpoints: { endpoints: {
query: false, query: false,
query_format: false,
job_create: false, job_create: false,
job_get: false, job_get: false,
job_delete: false job_delete: false

1
config/environments/development.js.example
View File

@ -117,7 +117,6 @@ module.exports.ratelimits = {
// whether it should rate limit one or more endpoints (only if rateLimitsEnabled = true) // whether it should rate limit one or more endpoints (only if rateLimitsEnabled = true)
endpoints: { endpoints: {
query: false, query: false,
query_format: false,
job_create: false, job_create: false,
job_get: false, job_get: false,
job_delete: false job_delete: false

1
config/environments/production.js.example
View File

@ -121,7 +121,6 @@ module.exports.ratelimits = {
// whether it should rate limit one or more endpoints (only if rateLimitsEnabled = true) // whether it should rate limit one or more endpoints (only if rateLimitsEnabled = true)
endpoints: { endpoints: {
query: false, query: false,
query_format: false,
job_create: false, job_create: false,
job_get: false, job_get: false,
job_delete: false job_delete: false

1
config/environments/staging.js.example
View File

@ -118,7 +118,6 @@ module.exports.ratelimits = {
// whether it should rate limit one or more endpoints (only if rateLimitsEnabled = true) // whether it should rate limit one or more endpoints (only if rateLimitsEnabled = true)
endpoints: { endpoints: {
query: false, query: false,
query_format: false,
job_create: false, job_create: false,
job_get: false, job_get: false,
job_delete: false job_delete: false

1
config/environments/test.js.example
View File

@ -118,7 +118,6 @@ module.exports.ratelimits = {
// whether it should rate limit one or more endpoints (only if rateLimitsEnabled = true) // whether it should rate limit one or more endpoints (only if rateLimitsEnabled = true)
endpoints: { endpoints: {
query: false, query: false,
query_format: false,
job_create: false, job_create: false,
job_get: false, job_get: false,
job_delete: false job_delete: false