Skip to content

Commit dba5b6c

Browse files
keshav-spacekeshav-space
committed
Enable throttling for v2 API endpoint
Signed-off-by: Keshav Priyadarshi <git@keshav.space>
1 parent 8e9607b commit dba5b6c

File tree

1 file changed

+6
-0
lines changed

1 file changed

+6
-0
lines changed

vulnerabilities/api_v2.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@
2323
from rest_framework.permissions import BasePermission
2424
from rest_framework.response import Response
2525
from rest_framework.reverse import reverse
26+
from rest_framework.throttling import AnonRateThrottle
2627

2728
from vulnerabilities.models import AdvisoryReference
2829
from vulnerabilities.models import AdvisorySeverity
@@ -38,6 +39,7 @@
3839
from vulnerabilities.models import VulnerabilityReference
3940
from vulnerabilities.models import VulnerabilitySeverity
4041
from vulnerabilities.models import Weakness
42+
from vulnerabilities.throttling import PermissionBasedUserRateThrottle
4143

4244

4345
class WeaknessV2Serializer(serializers.ModelSerializer):
@@ -199,6 +201,7 @@ class VulnerabilityV2ViewSet(viewsets.ReadOnlyModelViewSet):
199201
queryset = Vulnerability.objects.all()
200202
serializer_class = VulnerabilityV2Serializer
201203
lookup_field = "vulnerability_id"
204+
throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle]
202205

203206
def get_queryset(self):
204207
queryset = super().get_queryset()
@@ -394,6 +397,7 @@ class PackageV2ViewSet(viewsets.ReadOnlyModelViewSet):
394397
serializer_class = PackageV2Serializer
395398
filter_backends = (filters.DjangoFilterBackend,)
396399
filterset_class = PackageV2FilterSet
400+
throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle]
397401

398402
def get_queryset(self):
399403
queryset = super().get_queryset()
@@ -721,6 +725,7 @@ class CodeFixViewSet(viewsets.ReadOnlyModelViewSet):
721725

722726
queryset = CodeFix.objects.all()
723727
serializer_class = CodeFixSerializer
728+
throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle]
724729

725730
def get_queryset(self):
726731
"""
@@ -863,6 +868,7 @@ class PipelineScheduleV2ViewSet(CreateListRetrieveUpdateViewSet):
863868
serializer_class = PipelineScheduleAPISerializer
864869
lookup_field = "pipeline_id"
865870
lookup_value_regex = r"[\w.]+"
871+
throttle_classes = [AnonRateThrottle, PermissionBasedUserRateThrottle]
866872

867873
def get_serializer_class(self):
868874
if self.action == "create":

0 commit comments

Comments
 (0)