summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authorDylan William Hardison <dylan@hardison.net>2018-01-03 20:22:04 +0100
committerDylan William Hardison <dylan@hardison.net>2018-01-04 14:13:12 +0100
commit09e1bbfee2f997261d24acb37d95bdb638467c02 (patch)
treec56e7b931edb0c918f8cc8f8c10e5435338fd46e /Bugzilla
parent51605fb0ae3ce7d85b6037e0ac4b22676766ad0c (diff)
downloadbugzilla-09e1bbfee2f997261d24acb37d95bdb638467c02.tar.gz
bugzilla-09e1bbfee2f997261d24acb37d95bdb638467c02.tar.xz
Bug 1426409 - github_secret key has no rate limiting
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/Config.pm14
-rw-r--r--Bugzilla/Config/Admin.pm14
2 files changed, 25 insertions, 3 deletions
diff --git a/Bugzilla/Config.pm b/Bugzilla/Config.pm
index f93992f91..d050ff9e0 100644
--- a/Bugzilla/Config.pm
+++ b/Bugzilla/Config.pm
@@ -193,6 +193,20 @@ sub update_params {
$param->{$name} = $item->{'default'};
}
}
+ else {
+ my $checker = $item->{'checker'};
+ my $updater = $item->{'updater'};
+ if ($checker) {
+ my $error = $checker->($param->{$name}, $item);
+ if ($error && $updater) {
+ my $new_val = $updater->( $param->{$name} );
+ $param->{$name} = $new_val unless $checker->($new_val, $item);
+ }
+ elsif ($error) {
+ warn "Invalid parameter: $name\n";
+ }
+ }
+ }
}
# Generate unique Duo integration secret key
diff --git a/Bugzilla/Config/Admin.pm b/Bugzilla/Config/Admin.pm
index ad24f7112..ac1c4ca0e 100644
--- a/Bugzilla/Config/Admin.pm
+++ b/Bugzilla/Config/Admin.pm
@@ -12,7 +12,7 @@ use strict;
use warnings;
use Bugzilla::Config::Common;
-use JSON::XS qw(decode_json);
+use JSON::XS qw(decode_json encode_json);
use List::MoreUtils qw(all);
use Scalar::Util qw(looks_like_number);
@@ -55,8 +55,9 @@ sub get_param_list {
{
name => 'rate_limit_rules',
type => 'l',
- default => '{"get_bug": [75, 60], "show_bug": [75, 60]}',
+ default => '{"get_bug": [75, 60], "show_bug": [75, 60], "github": [10, 60]}',
checker => \&check_rate_limit_rules,
+ updater => \&update_rate_limit_rules,
},
{
@@ -78,11 +79,18 @@ sub check_rate_limit_rules {
ref($_) eq 'ARRAY' && looks_like_number( $_->[0] ) && looks_like_number( $_->[1] )
} values %$val;
- foreach my $required (qw( show_bug get_bug )) {
+ foreach my $required (qw( show_bug get_bug github )) {
return "missing $required" unless exists $val->{$required};
}
return "";
}
+sub update_rate_limit_rules {
+ my ($rules) = @_;
+ my $val = decode_json($rules);
+ $val->{github} = [10, 60];
+ return encode_json($val);
+}
+
1;