mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-24 08:41:33 +00:00
5823fdbef9
* project quota added * project quota removed * add periods table * make log record generic * accumulate usage * query usage * count action run seconds * fix filter in ReportQuotaUsage * fix existing tests * fix logstore tests * fix typo * fix: add quota unit tests command side * fix: add quota unit tests command side * fix: add quota unit tests command side * move notifications into debouncer and improve limit querying * cleanup * comment * fix: add quota unit tests command side * fix remaining quota usage query * implement InmemLogStorage * cleanup and linting * improve test * fix: add quota unit tests command side * fix: add quota unit tests command side * fix: add quota unit tests command side * fix: add quota unit tests command side * action notifications and fixes for notifications query * revert console prefix * fix: add quota unit tests command side * fix: add quota integration tests * improve accountable requests * improve accountable requests * fix: add quota integration tests * fix: add quota integration tests * fix: add quota integration tests * comment * remove ability to store logs in db and other changes requested from review * changes requested from review * changes requested from review * Update internal/api/http/middleware/access_interceptor.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * tests: fix quotas integration tests * improve incrementUsageStatement * linting * fix: delete e2e tests as intergation tests cover functionality * Update internal/api/http/middleware/access_interceptor.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * backup * fix conflict * create rc * create prerelease * remove issue release labeling * fix tracing --------- Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: adlerhurst <silvan.reusser@gmail.com> (cherry picked from commit 1a49b7d298690ce64846727f1fcf5a325f77c76e)
50 lines
1.5 KiB
Go
50 lines
1.5 KiB
Go
package middleware
|
|
|
|
import (
|
|
"context"
|
|
"strings"
|
|
|
|
"google.golang.org/grpc"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/errors"
|
|
"github.com/zitadel/zitadel/internal/logstore"
|
|
"github.com/zitadel/zitadel/internal/logstore/record"
|
|
"github.com/zitadel/zitadel/internal/telemetry/tracing"
|
|
)
|
|
|
|
func QuotaExhaustedInterceptor(svc *logstore.Service[*record.AccessLog], ignoreService ...string) grpc.UnaryServerInterceptor {
|
|
for idx, service := range ignoreService {
|
|
if !strings.HasPrefix(service, "/") {
|
|
ignoreService[idx] = "/" + service
|
|
}
|
|
}
|
|
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (_ interface{}, err error) {
|
|
if !svc.Enabled() {
|
|
return handler(ctx, req)
|
|
}
|
|
interceptorCtx, span := tracing.NewServerInterceptorSpan(ctx)
|
|
defer func() { span.EndWithError(err) }()
|
|
|
|
// The auth interceptor will ensure that only authorized or public requests are allowed.
|
|
// So if there's no authorization context, we don't need to check for limitation
|
|
if authz.GetCtxData(ctx).IsZero() {
|
|
return handler(ctx, req)
|
|
}
|
|
|
|
for _, service := range ignoreService {
|
|
if strings.HasPrefix(info.FullMethod, service) {
|
|
return handler(ctx, req)
|
|
}
|
|
}
|
|
|
|
instance := authz.GetInstance(ctx)
|
|
remaining := svc.Limit(interceptorCtx, instance.InstanceID())
|
|
if remaining != nil && *remaining == 0 {
|
|
return nil, errors.ThrowResourceExhausted(nil, "QUOTA-vjAy8", "Quota.Access.Exhausted")
|
|
}
|
|
span.End()
|
|
return handler(ctx, req)
|
|
}
|
|
}
|