feat: fix throttling for subscription service user (#32473)

* feat: add subscriptions_worker to ent access list

* fix: add throttle for entitlement APIS

common/djangoapps/entitlements/rest_api/v1/throttles.py

@@ -0,0 +1,21 @@
+"""
+Throttle classes for the entitlements API.
+"""
+
+from django.conf import settings
+from rest_framework.throttling import UserRateThrottle
+
+
+class ServiceUserThrottle(UserRateThrottle):
+    """A throttle allowing service users to override rate limiting"""
+
+    def allow_request(self, request, view):
+        """Returns True if the request is coming from one of the service users
+        and defaults to UserRateThrottle's configured setting otherwise.
+        """
+        service_users = [
+            settings.SUBSCRIPTIONS_SERVICE_WORKER_USERNAME
+        ]
+        if request.user.username in service_users:
+            return True
+        return super().allow_request(request, view)

common/djangoapps/entitlements/rest_api/v1/views.py

@@ -25,6 +25,7 @@ from common.djangoapps.entitlements.models import (  # lint-amnesty, pylint: dis
 from common.djangoapps.entitlements.rest_api.v1.filters import CourseEntitlementFilter
 from common.djangoapps.entitlements.rest_api.v1.permissions import IsAdminOrSupportOrAuthenticatedReadOnly
 from common.djangoapps.entitlements.rest_api.v1.serializers import CourseEntitlementSerializer
+from common.djangoapps.entitlements.rest_api.v1.throttles import ServiceUserThrottle
 from common.djangoapps.entitlements.utils import is_course_run_entitlement_fulfillable
 from common.djangoapps.student.models import AlreadyEnrolledError, CourseEnrollment, CourseEnrollmentException
 from openedx.core.djangoapps.catalog.utils import get_course_runs_for_course, get_owners_for_course
@@ -121,6 +122,7 @@ class EntitlementViewSet(viewsets.ModelViewSet):
     filter_backends = (DjangoFilterBackend,)
     filterset_class = CourseEntitlementFilter
     pagination_class = EntitlementsPagination
+    throttle_classes = (ServiceUserThrottle,)
 
     def get_queryset(self):
         user = self.request.user

lms/envs/common.py

@@ -4604,6 +4604,7 @@ ENTERPRISE_ALL_SERVICE_USERNAMES = [
     'enterprise_channel_worker',
     'enterprise_access_worker',
     'enterprise_subsidy_worker',
+    'subscriptions_worker'
 ]
 
 
@@ -5342,6 +5343,7 @@ SUBSCRIPTIONS_LEARNER_HELP_CENTER_URL = None
 SUBSCRIPTIONS_BUY_SUBSCRIPTION_URL = f"{SUBSCRIPTIONS_ROOT_URL}/api/v1/stripe-subscribe/"
 SUBSCRIPTIONS_MANAGE_SUBSCRIPTION_URL = None
 SUBSCRIPTIONS_ORDERS_MENU_ITEM_ENABLED = False
+SUBSCRIPTIONS_SERVICE_WORKER_USERNAME = 'subscriptions_worker'
 
 ############## NOTIFICATIONS EXPIRY ##############
 NOTIFICATIONS_EXPIRY = 60