From 4c9f9a8c49e9f25096ee3b6982b197e9efa6dd60 Mon Sep 17 00:00:00 2001
From: Mary Umoh <umohm12@gmail.com>
Date: Thu, 29 Jun 2017 16:03:46 -0700
Subject: Bug 1355169 - Add rate-limiting to show_bug.cgi and rest.cgi

* fix mistake

* Update

* Updates

* remove other file
---
 Bugzilla/Config/Admin.pm | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

(limited to 'Bugzilla/Config')

diff --git a/Bugzilla/Config/Admin.pm b/Bugzilla/Config/Admin.pm
index 74748d3d8..5f10bfef3 100644
--- a/Bugzilla/Config/Admin.pm
+++ b/Bugzilla/Config/Admin.pm
@@ -12,6 +12,9 @@ use strict;
 use warnings;
 
 use Bugzilla::Config::Common;
+use JSON::XS qw(decode_json);
+use List::MoreUtils qw(all);
+use Scalar::Util qw(looks_like_number);
 
 our $sortkey = 200;
 
@@ -43,6 +46,19 @@ sub get_param_list {
    checker => \&check_numeric
   },
 
+  {
+    name => 'rate_limit_active',
+    type => 'b',
+    default => 1,
+  },
+
+  {
+    name => 'rate_limit_rules',
+    type => 'l',
+    default => '{"get_bug": [75, 60], "show_bug": [75, 60]}',
+    checker => \&check_rate_limit_rules,
+  },
+
   {
     name => 'log_user_requests',
     type => 'b',
@@ -51,4 +67,21 @@ sub get_param_list {
   return @param_list;
 }
 
+sub check_rate_limit_rules {
+    my $rules = shift;
+
+    my $val = eval { decode_json($rules) };
+    return "failed to parse json" unless defined $val;
+    return "value is not HASH"    unless ref $val && ref($val) eq 'HASH';
+    return "rules are invalid"    unless all {
+        ref($_) eq 'ARRAY' && looks_like_number( $_->[0] ) && looks_like_number( $_->[1] )
+    } values %$val;
+
+    foreach my $required (qw( show_bug get_bug )) {
+        return "missing $required" unless exists $val->{$required};
+    }
+
+    return "";
+}
+
 1;
-- 
cgit v1.2.3-24-g4f1b