Revert "Revert "request: Refactor to record rate limit data using ZulipRequestNotes.""

This reverts commit 49eab4efef. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-07-19 14:27:29 -07:00 · 2021-07-19 14:27:29 -07:00 · 7c32134fb5
parent 91282ab490
commit 7c32134fb5
4 changed files with 14 additions and 13 deletions
--- a/zerver/lib/rate_limiter.py
+++ b/zerver/lib/rate_limiter.py
@ -42,11 +42,12 @@ class RateLimitedObject(ABC):
        )

    def rate_limit_request(self, request: HttpRequest) -> None:
-        ratelimited, time = self.rate_limit()
+        from zerver.lib.request import get_request_notes

-        if not hasattr(request, "_ratelimits_applied"):
-            request._ratelimits_applied = []
-        request._ratelimits_applied.append(
+        ratelimited, time = self.rate_limit()
+        request_notes = get_request_notes(request)
+
+        request_notes.ratelimits_applied.append(
            RateLimitResult(
                entity=self,
                secs_to_freedom=time,
@ -61,8 +62,8 @@ class RateLimitedObject(ABC):

        calls_remaining, seconds_until_reset = self.api_calls_left()

-        request._ratelimits_applied[-1].remaining = calls_remaining
-        request._ratelimits_applied[-1].secs_to_freedom = seconds_until_reset
+        request_notes.ratelimits_applied[-1].remaining = calls_remaining
+        request_notes.ratelimits_applied[-1].secs_to_freedom = seconds_until_reset

    def block_access(self, seconds: int) -> None:
        "Manually blocks an entity for the desired number of seconds"
--- a/zerver/middleware.py
+++ b/zerver/middleware.py
@ -540,8 +540,9 @@ class RateLimitMiddleware(MiddlewareMixin):
            return response

        # Add X-RateLimit-*** headers
-        if hasattr(request, "_ratelimits_applied"):
-            self.set_response_headers(response, request._ratelimits_applied)
+        ratelimits_applied = get_request_notes(request).ratelimits_applied
+        if len(ratelimits_applied) > 0:
+            self.set_response_headers(response, ratelimits_applied)

        return response

--- a/zerver/tornado/handlers.py
+++ b/zerver/tornado/handlers.py
@ -238,10 +238,10 @@ class AsyncDjangoHandler(tornado.web.RequestHandler, base.BaseHandler):
        # Add to this new HttpRequest logging data from the processing of
        # the original request; we will need these for logging.
        request_notes.log_data = old_request_notes.log_data
+        if request_notes.rate_limit is not None:
+            request_notes.rate_limit = old_request_notes.rate_limit
        if request_notes.requestor_for_logs is not None:
            request_notes.requestor_for_logs = old_request_notes.requestor_for_logs
-        if hasattr(request, "_rate_limit"):
-            request._rate_limit = old_request._rate_limit
        request.user = old_request.user
        request_notes.client = old_request_notes.client
        request_notes.client_name = old_request_notes.client_name
--- a/zproject/backends.py
+++ b/zproject/backends.py
@ -260,12 +260,11 @@ def rate_limit_authentication_by_username(request: HttpRequest, username: str) -


 def auth_rate_limiting_already_applied(request: HttpRequest) -> bool:
-    if not hasattr(request, "_ratelimits_applied"):
-        return False
+    request_notes = get_request_notes(request)

    return any(
        isinstance(r.entity, RateLimitedAuthenticationByUsername)
-        for r in request._ratelimits_applied
+        for r in request_notes.ratelimits_applied
    )