Draft: [1/5] Rename `throttle_unauthenticated_*` columns in application settings
requested to merge 335300-rate-limit-for-unauthenticated-api-requests-1-rename-web-columns into master
What does this MR do?
In preparation for adding new rate limits for unauthenticated API
requests, we add _web_ to the columns for the current general
unauthenticated rate limits:
throttle_unauthenticated(_web)_enabledthrottle_unauthenticated(_web)_period_in_secondsthrottle_unauthenticated(_web)_requests_per_period
The API is changed to accept and return both the old and new names.
Issue: #335300 (closed)
Roadmap
-
Rename columns for unauthenticated rate limit:
👈 This MR - Add columns for unauthenticated API rate limit: !69384 (merged)
- Apply unauthenticated API rate limit in Rack Attack configuration: !69388 (merged)
- Update settings form in admin area: !69486 (merged)
- Documentation update: !69487 (merged)
Migration output
Up
$ rails db:migrate:up VERSION=20210826171731
== 20210826171731 RenameThrottleUnauthenticatedColumns: migrating =============
-- column_exists?(:application_settings, :id)
-> 0.0859s
-- transaction_open?()
-> 0.0000s
-- columns(:application_settings)
-> 0.0789s
-- add_column(:application_settings, "throttle_unauthenticated_web_enabled", :boolean, {:limit=>nil, :precision=>nil, :scale=>nil})
-> 0.0025s
-- change_column_default(:application_settings, "throttle_unauthenticated_web_enabled", "false")
-> 0.0848s
-- transaction_open?()
-> 0.0000s
-- exec_query("SELECT COUNT(*) AS count FROM \"application_settings\"")
-> 0.0019s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" ORDER BY \"application_settings\".\"id\" ASC LIMIT 1")
-> 0.0009s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" WHERE \"application_settings\".\"id\" >= 1 ORDER BY \"application_settings\".\"id\" ASC LIMIT 1 OFFSET 1")
-> 0.0008s
-- execute("UPDATE \"application_settings\" SET \"throttle_unauthenticated_web_enabled\" = \"application_settings\".\"throttle_unauthenticated_enabled\" WHERE \"application_settings\".\"id\" >= 1")
-> 0.0015s
-- current_schema()
-> 0.0002s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0003s
-- execute("ALTER TABLE application_settings\nADD CONSTRAINT check_a070ea435f\nCHECK ( throttle_unauthenticated_web_enabled IS NOT NULL )\nNOT VALID;\n")
-> 0.0013s
-- current_schema()
-> 0.0002s
-- execute("SET statement_timeout TO 0")
-> 0.0008s
-- execute("ALTER TABLE application_settings VALIDATE CONSTRAINT check_a070ea435f;")
-> 0.0020s
-- execute("RESET statement_timeout")
-> 0.0006s
-- indexes(:application_settings)
-> 0.0063s
-- foreign_keys(:application_settings)
-> 0.0028s
-- transaction_open?()
-> 0.0000s
-- column_exists?(:application_settings, "throttle_unauthenticated_enabled")
-> 0.0924s
-- column_exists?(:application_settings, "throttle_unauthenticated_web_enabled")
-> 0.0825s
-- current_schema()
-> 0.0003s
-- column_exists?(:application_settings, :id)
-> 0.0822s
-- transaction_open?()
-> 0.0000s
-- columns(:application_settings)
-> 0.0796s
-- add_column(:application_settings, "throttle_unauthenticated_web_requests_per_period", :integer, {:limit=>4, :precision=>nil, :scale=>nil})
-> 0.0026s
-- change_column_default(:application_settings, "throttle_unauthenticated_web_requests_per_period", "3600")
-> 0.0908s
-- transaction_open?()
-> 0.0000s
-- exec_query("SELECT COUNT(*) AS count FROM \"application_settings\"")
-> 0.0012s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" ORDER BY \"application_settings\".\"id\" ASC LIMIT 1")
-> 0.0008s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" WHERE \"application_settings\".\"id\" >= 1 ORDER BY \"application_settings\".\"id\" ASC LIMIT 1 OFFSET 1")
-> 0.0008s
-- execute("UPDATE \"application_settings\" SET \"throttle_unauthenticated_web_requests_per_period\" = \"application_settings\".\"throttle_unauthenticated_requests_per_period\" WHERE \"application_settings\".\"id\" >= 1")
-> 0.0016s
-- current_schema()
-> 0.0002s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0003s
-- execute("ALTER TABLE application_settings\nADD CONSTRAINT check_216f2f91dc\nCHECK ( throttle_unauthenticated_web_requests_per_period IS NOT NULL )\nNOT VALID;\n")
-> 0.0011s
-- current_schema()
-> 0.0003s
-- execute("ALTER TABLE application_settings VALIDATE CONSTRAINT check_216f2f91dc;")
-> 0.0016s
-- indexes(:application_settings)
-> 0.0062s
-- foreign_keys(:application_settings)
-> 0.0025s
-- transaction_open?()
-> 0.0000s
-- column_exists?(:application_settings, "throttle_unauthenticated_requests_per_period")
-> 0.0853s
-- column_exists?(:application_settings, "throttle_unauthenticated_web_requests_per_period")
-> 0.0808s
-- current_schema()
-> 0.0005s
-- column_exists?(:application_settings, :id)
-> 0.0950s
-- transaction_open?()
-> 0.0000s
-- columns(:application_settings)
-> 0.0806s
-- add_column(:application_settings, "throttle_unauthenticated_web_period_in_seconds", :integer, {:limit=>4, :precision=>nil, :scale=>nil})
-> 0.0018s
-- change_column_default(:application_settings, "throttle_unauthenticated_web_period_in_seconds", "3600")
-> 0.0856s
-- transaction_open?()
-> 0.0000s
-- exec_query("SELECT COUNT(*) AS count FROM \"application_settings\"")
-> 0.0011s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" ORDER BY \"application_settings\".\"id\" ASC LIMIT 1")
-> 0.0008s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" WHERE \"application_settings\".\"id\" >= 1 ORDER BY \"application_settings\".\"id\" ASC LIMIT 1 OFFSET 1")
-> 0.0008s
-- execute("UPDATE \"application_settings\" SET \"throttle_unauthenticated_web_period_in_seconds\" = \"application_settings\".\"throttle_unauthenticated_period_in_seconds\" WHERE \"application_settings\".\"id\" >= 1")
-> 0.0015s
-- current_schema()
-> 0.0002s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE application_settings\nADD CONSTRAINT check_22f1b45ddd\nCHECK ( throttle_unauthenticated_web_period_in_seconds IS NOT NULL )\nNOT VALID;\n")
-> 0.0010s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE application_settings VALIDATE CONSTRAINT check_22f1b45ddd;")
-> 0.0016s
-- indexes(:application_settings)
-> 0.0064s
-- foreign_keys(:application_settings)
-> 0.0024s
-- transaction_open?()
-> 0.0000s
-- column_exists?(:application_settings, "throttle_unauthenticated_period_in_seconds")
-> 0.0884s
-- column_exists?(:application_settings, "throttle_unauthenticated_web_period_in_seconds")
-> 0.0894s
-- current_schema()
-> 0.0005s
== 20210826171731 RenameThrottleUnauthenticatedColumns: migrated (1.4218s) ====
$ rails db:migrate:up VERSION=20210826171740
== 20210826171740 CleanUpRenameThrottleUnauthenticatedColumns: migrating ======
-- remove_column(:application_settings, "throttle_unauthenticated_enabled")
-> 0.0029s
-- remove_column(:application_settings, "throttle_unauthenticated_requests_per_period")
-> 0.0023s
-- remove_column(:application_settings, "throttle_unauthenticated_period_in_seconds")
-> 0.0021s
== 20210826171740 CleanUpRenameThrottleUnauthenticatedColumns: migrated (0.0231s)Down
$ rails db:migrate:down VERSION=20210826171740
== 20210826171740 CleanUpRenameThrottleUnauthenticatedColumns: reverting ======
-- column_exists?(:application_settings, :id)
-> 0.1248s
-- transaction_open?()
-> 0.0000s
-- columns(:application_settings)
-> 0.1021s
-- add_column(:application_settings, "throttle_unauthenticated_enabled", :boolean, {:limit=>nil, :precision=>nil, :scale=>nil})
-> 0.0023s
-- change_column_default(:application_settings, "throttle_unauthenticated_enabled", "false")
-> 0.0907s
-- transaction_open?()
-> 0.0000s
-- exec_query("SELECT COUNT(*) AS count FROM \"application_settings\"")
-> 0.0021s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" ORDER BY \"application_settings\".\"id\" ASC LIMIT 1")
-> 0.0015s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" WHERE \"application_settings\".\"id\" >= 1 ORDER BY \"application_settings\".\"id\" ASC LIMIT 1 OFFSET 1")
-> 0.0012s
-- execute("UPDATE \"application_settings\" SET \"throttle_unauthenticated_enabled\" = \"application_settings\".\"throttle_unauthenticated_web_enabled\" WHERE \"application_settings\".\"id\" >= 1")
-> 0.0016s
-- indexes(:application_settings)
-> 0.0055s
-- foreign_keys(:application_settings)
-> 0.0034s
-- transaction_open?()
-> 0.0000s
-- column_exists?(:application_settings, "throttle_unauthenticated_web_enabled")
-> 0.0836s
-- column_exists?(:application_settings, "throttle_unauthenticated_enabled")
-> 0.0799s
-- current_schema()
-> 0.0005s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0004s
-- execute("ALTER TABLE application_settings\nADD CONSTRAINT check_5ecc8b4797\nCHECK ( (throttle_unauthenticated_enabled IS NOT NULL) )\nNOT VALID;\n")
-> 0.0015s
-- current_schema()
-> 0.0002s
-- execute("SET statement_timeout TO 0")
-> 0.0006s
-- execute("ALTER TABLE application_settings VALIDATE CONSTRAINT check_5ecc8b4797;")
-> 0.0019s
-- execute("RESET statement_timeout")
-> 0.0007s
-- column_exists?(:application_settings, :id)
-> 0.0883s
-- transaction_open?()
-> 0.0000s
-- columns(:application_settings)
-> 0.0823s
-- add_column(:application_settings, "throttle_unauthenticated_requests_per_period", :integer, {:limit=>4, :precision=>nil, :scale=>nil})
-> 0.0020s
-- change_column_default(:application_settings, "throttle_unauthenticated_requests_per_period", "3600")
-> 0.0892s
-- transaction_open?()
-> 0.0000s
-- exec_query("SELECT COUNT(*) AS count FROM \"application_settings\"")
-> 0.0016s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" ORDER BY \"application_settings\".\"id\" ASC LIMIT 1")
-> 0.0013s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" WHERE \"application_settings\".\"id\" >= 1 ORDER BY \"application_settings\".\"id\" ASC LIMIT 1 OFFSET 1")
-> 0.0012s
-- execute("UPDATE \"application_settings\" SET \"throttle_unauthenticated_requests_per_period\" = \"application_settings\".\"throttle_unauthenticated_web_requests_per_period\" WHERE \"application_settings\".\"id\" >= 1")
-> 0.0028s
-- indexes(:application_settings)
-> 0.0064s
-- foreign_keys(:application_settings)
-> 0.0027s
-- transaction_open?()
-> 0.0000s
-- column_exists?(:application_settings, "throttle_unauthenticated_web_requests_per_period")
-> 0.0878s
-- column_exists?(:application_settings, "throttle_unauthenticated_requests_per_period")
-> 0.0828s
-- current_schema()
-> 0.0004s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0003s
-- execute("ALTER TABLE application_settings\nADD CONSTRAINT check_95ef56a463\nCHECK ( (throttle_unauthenticated_requests_per_period IS NOT NULL) )\nNOT VALID;\n")
-> 0.0011s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE application_settings VALIDATE CONSTRAINT check_95ef56a463;")
-> 0.0015s
-- column_exists?(:application_settings, :id)
-> 0.0878s
-- transaction_open?()
-> 0.0000s
-- columns(:application_settings)
-> 0.0882s
-- add_column(:application_settings, "throttle_unauthenticated_period_in_seconds", :integer, {:limit=>4, :precision=>nil, :scale=>nil})
-> 0.0024s
-- change_column_default(:application_settings, "throttle_unauthenticated_period_in_seconds", "3600")
-> 0.0881s
-- transaction_open?()
-> 0.0000s
-- exec_query("SELECT COUNT(*) AS count FROM \"application_settings\"")
-> 0.0014s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" ORDER BY \"application_settings\".\"id\" ASC LIMIT 1")
-> 0.0012s
-- exec_query("SELECT \"application_settings\".\"id\" FROM \"application_settings\" WHERE \"application_settings\".\"id\" >= 1 ORDER BY \"application_settings\".\"id\" ASC LIMIT 1 OFFSET 1")
-> 0.0010s
-- execute("UPDATE \"application_settings\" SET \"throttle_unauthenticated_period_in_seconds\" = \"application_settings\".\"throttle_unauthenticated_web_period_in_seconds\" WHERE \"application_settings\".\"id\" >= 1")
-> 0.0019s
-- indexes(:application_settings)
-> 0.0056s
-- foreign_keys(:application_settings)
-> 0.0028s
-- transaction_open?()
-> 0.0000s
-- column_exists?(:application_settings, "throttle_unauthenticated_web_period_in_seconds")
-> 0.0907s
-- column_exists?(:application_settings, "throttle_unauthenticated_period_in_seconds")
-> 0.0822s
-- current_schema()
-> 0.0003s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE application_settings\nADD CONSTRAINT check_15a607dbf2\nCHECK ( (throttle_unauthenticated_period_in_seconds IS NOT NULL) )\nNOT VALID;\n")
-> 0.0010s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE application_settings VALIDATE CONSTRAINT check_15a607dbf2;")
-> 0.0018s
== 20210826171740 CleanUpRenameThrottleUnauthenticatedColumns: reverted (1.4763s)
$ rails db:migrate:down VERSION=20210826171731
== 20210826171731 RenameThrottleUnauthenticatedColumns: reverting =============
-- remove_column(:application_settings, "throttle_unauthenticated_web_enabled")
-> 0.0026s
-- remove_column(:application_settings, "throttle_unauthenticated_web_requests_per_period")
-> 0.0019s
-- remove_column(:application_settings, "throttle_unauthenticated_web_period_in_seconds")
-> 0.0027s
== 20210826171731 RenameThrottleUnauthenticatedColumns: reverted (0.0185s) ====Does this MR meet the acceptance criteria?
Conformity
-
I have included changelog trailers, or none are needed. (Does this MR need a changelog?) - [-] I have added/updated documentation, or it's not needed. (Is documentation required?)
- [-] I have properly separated EE content from FOSS, or this MR is FOSS only. (Where should EE code go?)
-
I have added information for database reviewers in the MR description, or it's not needed. (Does this MR have database related changes?) -
I have self-reviewed this MR per code review guidelines. -
This MR does not harm performance, or I have asked a reviewer to help assess the performance impact. (Merge request performance guidelines) -
I have followed the style guides. -
This change is backwards compatible across updates, or this does not apply.
Availability and Testing
-
I have added/updated tests following the Testing Guide, or it's not needed. (Consider all test levels. See the Test Planning Process.) - [-] I have tested this MR in all supported browsers, or it's not needed.
- [-] I have informed the Infrastructure department of a default or new setting change per definition of done, or it's not needed.
Related to #335300 (closed)
Edited by Markus Koller