WIP: Refactor Rack Attack settings to be more clear, enable whitelist/blacklist (!9363) · Merge requests · GitLab.org / GitLab FOSS

Brian Neel requested to merge upgrade-rack-attack into master Feb 19, 2017

What does this MR do?

Refactor the Rack Attack settings to (hopefully) be more obvious and allow more flexible use of whitelists, blacklists, throttling, and Allow2Ban.

Are there points in the code the reviewer needs to double check?

This is my first attempt at changing application settings.

Why was this MR needed?

Rack Attack settings are not obvious. Enabling the git_basic_auth setting also enables throttling. The git_basic_auth whitelist, limits, and time period only apply to Allow2Ban and not to throttling. There is no way to blacklist.

Does this MR meet the acceptance criteria?

Changelog entry added
Documentation created/updated
Tests
- Added for this feature/bug
- All builds are passing
Conform by the merge request performance guides
Conform by the style guides
Branch has no merge conflicts with master (if it does - rebase it please)
Squashed related commits together

What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab-ce/issues/24664 https://gitlab.com/gitlab-org/gitlab-ce/issues/17653 https://gitlab.com/gitlab-org/gitlab-ce/issues/17822 https://gitlab.com/gitlab-org/gitlab-ce/issues/26686 (confidential)

Admin message