taiga
/
taiga-back
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[Backport] Add user update throttling

remotes/origin/3.4.0rc
Jesús Espino 2017-08-23 09:55:29 +02:00 committed by Alejandro Alonso
parent 61c0653898
commit 33833d027a
5 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
settings/common.py
View File

@ -446,6 +446,7 @@ REST_FRAMEWORK = {
"login-fail": None, "login-fail": None,
"register-success": None, "register-success": None,
"user-detail": None, "user-detail": None,
"user-update": None,
}, },
"DEFAULT_THROTTLE_WHITELIST": [], "DEFAULT_THROTTLE_WHITELIST": [],
"FILTER_BACKEND": "taiga.base.filters.FilterBackend", "FILTER_BACKEND": "taiga.base.filters.FilterBackend",

1
settings/local.py.example
View File

@ -73,6 +73,7 @@ DATABASES = {
# "login-fail": None, # "login-fail": None,
# "register-success": None, # "register-success": None,
# "user-detail": None, # "user-detail": None,
# "user-update": None,
#} #}
# This list should containt: # This list should containt:

1
settings/testing.py
View File

@ -38,6 +38,7 @@ REST_FRAMEWORK["DEFAULT_THROTTLE_RATES"] = {
"login-fail": None, "login-fail": None,
"register-success": None, "register-success": None,
"user-detail": None, "user-detail": None,
"user-update": None,
} }

4
taiga/users/api.py
View File

@ -49,7 +49,7 @@ from . import services
from . import utils as user_utils from . import utils as user_utils
from .signals import user_cancel_account as user_cancel_account_signal from .signals import user_cancel_account as user_cancel_account_signal
from .signals import user_change_email as user_change_email_signal from .signals import user_change_email as user_change_email_signal
from .throttling import UserDetailRateThrottle from .throttling import UserDetailRateThrottle, UserUpdateRateThrottle
class UsersViewSet(ModelCrudViewSet): class UsersViewSet(ModelCrudViewSet):
permission_classes = (permissions.UserPermission,) permission_classes = (permissions.UserPermission,)
@ -58,7 +58,7 @@ class UsersViewSet(ModelCrudViewSet):
admin_validator_class = validators.UserAdminValidator admin_validator_class = validators.UserAdminValidator
validator_class = validators.UserValidator validator_class = validators.UserValidator
filter_backends = (MembersFilterBackend,) filter_backends = (MembersFilterBackend,)
throttle_classes = (UserDetailRateThrottle,) throttle_classes = (UserDetailRateThrottle, UserUpdateRateThrottle)
model = models.User model = models.User
def get_serializer_class(self): def get_serializer_class(self):

5
taiga/users/throttling.py
View File

@ -22,3 +22,8 @@ from taiga.base import throttling
class UserDetailRateThrottle(throttling.GlobalThrottlingMixin, throttling.ThrottleByActionMixin, throttling.SimpleRateThrottle): class UserDetailRateThrottle(throttling.GlobalThrottlingMixin, throttling.ThrottleByActionMixin, throttling.SimpleRateThrottle):
scope = "user-detail" scope = "user-detail"
throttled_actions = ["by_username", "retrieve"] throttled_actions = ["by_username", "retrieve"]
class UserUpdateRateThrottle(throttling.UserRateThrottle, throttling.ThrottleByActionMixin):
scope = "user-update"
throttled_actions = ["update", "partial_update"]