diff --git a/config/initializers/100-lograge.rb b/config/initializers/100-lograge.rb index 36416683ae9..8971aa9512d 100644 --- a/config/initializers/100-lograge.rb +++ b/config/initializers/100-lograge.rb @@ -49,6 +49,9 @@ if (Rails.env.production? && SiteSetting.logging_provider == 'lograge') || ENV[" end output + rescue RateLimiter::LimitExceeded + # no idea who this is, but they are limited + {} rescue => e Rails.logger.warn("Failed to append custom options: #{e.message}\n#{e.backtrace.join("\n")}") {} diff --git a/config/initializers/100-logster.rb b/config/initializers/100-logster.rb index 40abf94b1fb..a3ba1e860a6 100644 --- a/config/initializers/100-logster.rb +++ b/config/initializers/100-logster.rb @@ -35,7 +35,11 @@ if Rails.env.production? /^ActionController::BadRequest/, # we can't do anything about invalid parameters - /Rack::QueryParser::InvalidParameterError/ + /Rack::QueryParser::InvalidParameterError/, + + # we handle this cleanly in the message bus middleware + # no point logging to logster + /RateLimiter::LimitExceeded.*/m ] end diff --git a/spec/integration/rate_limiting_spec.rb b/spec/integration/rate_limiting_spec.rb new file mode 100644 index 00000000000..e3211fa55ba --- /dev/null +++ b/spec/integration/rate_limiting_spec.rb @@ -0,0 +1,37 @@ +# encoding: UTF-8 + +require 'rails_helper' + +describe 'admin rate limit' do + + before do + RateLimiter.enable + end + + after do + RateLimiter.disable + end + + it 'can cleanly limit requests' do + + admin = Fabricate(:admin) + api_key = Fabricate(:api_key, key: SecureRandom.hex, user: admin) + + global_setting :max_admin_api_reqs_per_key_per_minute, 1 + + get '/admin/users.json', params: { + api_key: api_key.key, + api_username: admin.username + } + + expect(response.status).to eq(200) + + get '/admin/users.json', params: { + api_key: api_key.key, + api_username: admin.username + } + + expect(response.status).to eq(429) + + end +end