Check if user has exceeded git rate limits before forking project (!115638) · Merge requests · GitLab.org / GitLab · GitLab

Hinam Mehra requested to merge 384576-add-rate-limiting-to-forking into master Mar 23, 2023

What does this MR do and why?

Adds git abuse rate-limiting to forking of projects. We had already implemented this for cloning & downloading of projects.

Screenshots or screen recordings

Screen_Recording_2023-03-24_at_1.25.19_pm

How to set up and validate locally

Log-in as root and create a group with 2 private projects, each with their own repositories
Add another user to that group as a Developer
Configure the git rate limit settings on
Configure the git rate limit settings on <GROUP-PATH>/-/settings/reporting page

Lastly, log-in as the other user and try to fork both projects. You will be able to fork the first one, but you will be rate-limited when you try to fork the 2nd one.
This can also be configured on an application-level, so forking across the entire application can be rate-limited. For this, the exact same settings can be configured on http://localhost:3000/admin/application_settings/reporting

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #384576 (closed)

Edited Mar 27, 2023 by Hinam Mehra