Skip to content

Commit eb929dc

Browse files
keshav-spacekeshav-space
committed
Enable throttling for v2 API endpoint
Signed-off-by: Keshav Priyadarshi <git@keshav.space>
1 parent 0b44758 commit eb929dc

1 file changed

Lines changed: 6 additions & 0 deletions

File tree

vulnerabilities/api_v2.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@
2323
from rest_framework.permissions import BasePermission
2424
from rest_framework.response import Response
2525
from rest_framework.reverse import reverse
26+
from rest_framework.throttling import AnonRateThrottle
2627

2728
from vulnerabilities.models import CodeFix
2829
from vulnerabilities.models import Package
@@ -32,6 +33,7 @@
3233
from vulnerabilities.models import VulnerabilityReference
3334
from vulnerabilities.models import VulnerabilitySeverity
3435
from vulnerabilities.models import Weakness
36+
from vulnerabilities.throttling import PermissionBasedUserRateThrottle
3537

3638

3739
class WeaknessV2Serializer(serializers.ModelSerializer):
@@ -134,6 +136,7 @@ class VulnerabilityV2ViewSet(viewsets.ReadOnlyModelViewSet):
134136
queryset = Vulnerability.objects.all()
135137
serializer_class = VulnerabilityV2Serializer
136138
lookup_field = "vulnerability_id"
139+
throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle]
137140

138141
def get_queryset(self):
139142
queryset = super().get_queryset()
@@ -272,6 +275,7 @@ class PackageV2ViewSet(viewsets.ReadOnlyModelViewSet):
272275
serializer_class = PackageV2Serializer
273276
filter_backends = (filters.DjangoFilterBackend,)
274277
filterset_class = PackageV2FilterSet
278+
throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle]
275279

276280
def get_queryset(self):
277281
queryset = super().get_queryset()
@@ -599,6 +603,7 @@ class CodeFixViewSet(viewsets.ReadOnlyModelViewSet):
599603

600604
queryset = CodeFix.objects.all()
601605
serializer_class = CodeFixSerializer
606+
throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle]
602607

603608
def get_queryset(self):
604609
"""
@@ -741,6 +746,7 @@ class PipelineScheduleV2ViewSet(CreateListRetrieveUpdateViewSet):
741746
serializer_class = PipelineScheduleAPISerializer
742747
lookup_field = "pipeline_id"
743748
lookup_value_regex = r"[\w.]+"
749+
throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle]
744750

745751
def get_serializer_class(self):
746752
if self.action == "create":

0 commit comments

Comments
 (0)