[RHIDP-13061] Add Rate Limiting for Lightspeed Plugin#3531
Conversation
|
Important This PR includes changes that affect public-facing API. Please ensure you are adding/updating documentation for new features or behavior. Changed Packages
|
599e82e to
b137cdb
Compare
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #3531 +/- ##
==========================================
+ Coverage 54.21% 54.24% +0.02%
==========================================
Files 2312 2313 +1
Lines 88532 88572 +40
Branches 24661 24675 +14
==========================================
+ Hits 48000 48045 +45
+ Misses 39040 39035 -5
Partials 1492 1492
*This pull request uses carry forward flags. Click here to find out more. Continue to review full report in Codecov by Harness.
🚀 New features to boost your workflow:
|
PR Summary by QodoAdd per-user rate limiting to Lightspeed backend (incl. Notebooks) Description
Diagram
High-Level Assessment
Files changed (12)
|
Code Review by Qodo
Context used✅ Tickets:
RHIDP-13061 1.
|
The architecture of Lightspeed should be revisited in the future to look into implementing non-memory only solutions for rate limiting. Currently it is assumed RHDH/Lightspeed is running in a single instance, but extending it to allow for a configurable redis store would be nice to have. |
4154c15 to
b039138
Compare
|
/fs-review |
|
🤖 Finished Review · ❌ Failure · Started 1:24 PM UTC · Completed 1:39 PM UTC |
ReviewFindingsCritical
High
Medium
Low
Labels: PR adds rate limiting security feature to the lightspeed backend plugin |
b039138 to
3dbe16b
Compare
The design-smell is not appropriate. Moving to per-route application lets us maintain the ordering, and makes each route's design intentional. While there is a risk that a new route is missed, that is a review and testing problem. |
| * Per-user rate limiting for Lightspeed API endpoints. | ||
| * @visibility backend | ||
| */ | ||
| rateLimit?: { |
There was a problem hiding this comment.
I would add some commented out configs in the app-config file so we have an easy reference directly..
There was a problem hiding this comment.
But i see you updated the README
There was a problem hiding this comment.
Yeah I updated the readme but missed this section, I updated it with an example in f2cf76d
Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
… rate limit -> permission check ordering to reduce redundant permission checks Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
3dbe16b to
f2cf76d
Compare
|



Hey, I just made a Pull Request!
Fixes https://redhat.atlassian.net/browse/RHIDP-13061
✔️ Checklist