Skip to content

E
edx-platform
Switch branch/tag
Find file
Normal viewHistoryPermalink
disable_rate_limit.py 2.58 KB
Newer Older
Can disable rate limiting for enrollment API end-points using model-based configuration.
305f0c33
 
Will Daly committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 
"""Utilities for disabling Django Rest Framework rate limiting.

This is useful for performance tests in which we need to generate
a lot of traffic from a particular IP address.  By default,
Django Rest Framework uses the IP address to throttle traffic
for users who are not authenticated.

To disable rate limiting:

1) Decorate the Django Rest Framework APIView with `@can_disable_rate_limit`
2) In Django's admin interface, set `RateLimitConfiguration.enabled` to False.

Note: You should NEVER disable rate limiting in production.

"""
from functools import wraps
import logging
from rest_framework.views import APIView
from util.models import RateLimitConfiguration


LOGGER = logging.getLogger(__name__)


def _check_throttles_decorator(func):
    """Decorator for `APIView.check_throttles`.

    The decorated function will first check model-based config
    to see if rate limiting is disabled; if so, it skips
    the throttle check.  Otherwise, it calls the original
    function to enforce rate-limiting.

    Arguments:
        func (function): The function to decorate.

    Returns:
        The decorated function.

    """
    @wraps(func)
    def _decorated(*args, **kwargs):
        # Skip the throttle check entirely if we've disabled rate limiting.
        # Otherwise, perform the checks (as usual)
        if RateLimitConfiguration.current().enabled:
            return func(*args, **kwargs)
        else:
            msg = "Rate limiting is disabled because `RateLimitConfiguration` is not enabled."
            LOGGER.info(msg)
            return

    return _decorated


def can_disable_rate_limit(clz):
    """Class decorator that allows rate limiting to be disabled.

    Arguments:
        clz (class): The APIView subclass to decorate.

    Returns:
        class: the decorated class.

    Example Usage:
        >>> from rest_framework.views import APIView
        >>> @can_disable_rate_limit
        >>> class MyApiView(APIView):
        >>>     pass

    """
    # No-op if the class isn't a Django Rest Framework view.
    if not issubclass(clz, APIView):
        msg = (
            u"{clz} is not a Django Rest Framework APIView subclass."
        ).format(clz=clz)
        LOGGER.warning(msg)
        return clz

    # If we ARE explicitly disabling rate limiting,
    # modify the class to always allow requests.
    # Note that this overrides both rate limiting applied
    # for the particular view, as well as global rate limits
    # configured in Django settings.
    if hasattr(clz, 'check_throttles'):
        clz.check_throttles = _check_throttles_decorator(clz.check_throttles)

    return clz