BOM-1141

Updating the django-rate-limit requirement. updated the django-ratelimit to use unreleased version that supports Django 2.2
2020-01-09 20:15:17 +05:00
parent 25baa93af9
commit 8cc86d3aab
9 changed files with 24 additions and 16 deletions
--- a/lms/djangoapps/oauth2_handler/tests.py
+++ b/lms/djangoapps/oauth2_handler/tests.py
@@ -140,11 +140,13 @@ class IDTokenTest(BaseTestMixin, IDTokenTestCase):
        self.assertTrue(claims['administrator'])

    def test_rate_limit_token(self):
-        with mock.patch('openedx.core.djangoapps.oauth_dispatch.views.AccessTokenView.ratelimit_rate', '1/m'):
-            response = self.get_access_token_response('openid profile permissions')
-            self.assertEqual(response.status_code, 200)
-            response = self.get_access_token_response('openid profile permissions')
-            self.assertEqual(response.status_code, 403)
+
+        response = self.get_access_token_response('openid profile permissions')
+        self.assertEqual(response.status_code, 200)
+        response = self.get_access_token_response('openid profile permissions')
+        self.assertEqual(response.status_code, 200)
+        response = self.get_access_token_response('openid profile permissions')
+        self.assertEqual(response.status_code, 403)


 class UserInfoTest(BaseTestMixin, UserInfoTestCase):
--- a/lms/envs/test.py
+++ b/lms/envs/test.py
@@ -599,3 +599,7 @@ ACCOUNT_MICROFRONTEND_URL = "http://account-mfe/"
 DASHBOARD_COURSE_LIMIT = 250

 PROCTORING_SETTINGS = {}
+
+############### Settings for Django Rate limit #####################
+
+RATELIMIT_RATE = '2/m'
--- a/openedx/core/djangoapps/oauth_dispatch/views.py
+++ b/openedx/core/djangoapps/oauth_dispatch/views.py
@@ -7,13 +7,14 @@ django-oauth-toolkit as appropriate.
 import json

 from django.conf import settings
+from django.utils.decorators import method_decorator
 from django.views.generic import View
 from edx_django_utils import monitoring as monitoring_utils
 from edx_oauth2_provider import views as dop_views  # django-oauth2-provider views
 from oauth2_provider import models as dot_models  # django-oauth-toolkit
 from oauth2_provider import views as dot_views
 from ratelimit import ALL
-from ratelimit.mixins import RatelimitMixin
+from ratelimit.decorators import ratelimit

 from openedx.core.djangoapps.auth_exchange import views as auth_exchange_views
 from openedx.core.djangoapps.oauth_dispatch import adapters
@@ -84,16 +85,18 @@ class _DispatchingView(View):
            return request.POST.get('client_id')


-class AccessTokenView(RatelimitMixin, _DispatchingView):
+@method_decorator(
+    ratelimit(
+        key='openedx.core.djangoapps.util.ratelimit.real_ip', rate=settings.RATELIMIT_RATE,
+        method=ALL, block=True
+    ), name='dispatch'
+)
+class AccessTokenView(_DispatchingView):
    """
    Handle access token requests.
    """
    dot_view = dot_views.TokenView
    dop_view = dop_views.AccessTokenView
-    ratelimit_key = 'openedx.core.djangoapps.util.ratelimit.real_ip'
-    ratelimit_rate = settings.RATELIMIT_RATE
-    ratelimit_block = True
-    ratelimit_method = ALL

    def dispatch(self, request, *args, **kwargs):  # pylint: disable=arguments-differ
        response = super(AccessTokenView, self).dispatch(request, *args, **kwargs)
--- a/requirements/edx/base.in
+++ b/requirements/edx/base.in
@@ -52,7 +52,6 @@ django-mysql
 django-oauth-toolkit                # Provides oAuth2 capabilities for Django
 django-pipeline
 django-pyfs
-django-ratelimit
 django-ratelimit-backend
 django-require
 django-sekizai
--- a/requirements/edx/base.txt
+++ b/requirements/edx/base.txt
@@ -7,6 +7,7 @@
 -e git+https://github.com/edx/acid-block.git@98aecba94ecbfa934e2d00262741c0ea9f557fc9#egg=acid-xblock
 -e common/lib/capa
 -e git+https://github.com/edx/codejail.git@4127fc4bd5775cc72aee8d7f0a70e31405e22439#egg=codejail
+-e git+https://github.com/jsocol/django-ratelimit.git@72edbe8949fbf6699848e5847645a1998f121d46#egg=ratelimit
 -e git+https://github.com/edx/django-wiki.git@v0.0.25#egg=django-wiki
 -e git+https://github.com/edx/DoneXBlock.git@2.0.1#egg=done-xblock
 -e git+https://github.com/jazkarta/edx-jsme.git@690dbf75441fa91c7c4899df0b83d77f7deb5458#egg=edx-jsme
@@ -76,7 +77,6 @@ django-object-actions==2.0.0  # via edx-enterprise
 django-pipeline==1.7.0
 django-pyfs==2.1
 django-ratelimit-backend==2.0
-django-ratelimit==2.0.0
 django-require==1.0.11
 django-sekizai==1.1.0
 django-ses==0.8.14
--- a/requirements/edx/development.txt
+++ b/requirements/edx/development.txt
@@ -7,6 +7,7 @@
 -e git+https://github.com/edx/acid-block.git@98aecba94ecbfa934e2d00262741c0ea9f557fc9#egg=acid-xblock
 -e common/lib/capa
 -e git+https://github.com/edx/codejail.git@4127fc4bd5775cc72aee8d7f0a70e31405e22439#egg=codejail
+-e git+https://github.com/jsocol/django-ratelimit.git@72edbe8949fbf6699848e5847645a1998f121d46#egg=ratelimit
 -e git+https://github.com/edx/django-wiki.git@v0.0.25#egg=django-wiki
 -e git+https://github.com/edx/DoneXBlock.git@2.0.1#egg=done-xblock
 -e git+https://github.com/jazkarta/edx-jsme.git@690dbf75441fa91c7c4899df0b83d77f7deb5458#egg=edx-jsme
@@ -87,7 +88,6 @@ django-object-actions==2.0.0
 django-pipeline==1.7.0
 django-pyfs==2.1
 django-ratelimit-backend==2.0
-django-ratelimit==2.0.0
 django-require==1.0.11
 django-sekizai==1.1.0
 django-ses==0.8.14
--- a/requirements/edx/github.in
+++ b/requirements/edx/github.in
@@ -60,6 +60,7 @@ git+https://github.com/edx/openedx-chem.git@ff4e3a03d3c7610e47a9af08eb648d8aabe2
 git+https://github.com/edx/MongoDBProxy.git@d92bafe9888d2940f647a7b2b2383b29c752f35a#egg=MongoDBProxy==0.1.0+edx.2
 -e git+https://github.com/dementrock/pystache_custom.git@776973740bdaad83a3b029f96e415a7d1e8bec2f#egg=pystache_custom-dev
 -e git+https://github.com/jazkarta/edx-jsme.git@690dbf75441fa91c7c4899df0b83d77f7deb5458#egg=edx-jsme
+-e git+https://github.com/jsocol/django-ratelimit.git@72edbe8949fbf6699848e5847645a1998f121d46#egg=ratelimit

 # Forked to get Django 2.2 support from unreleased master branch from social-app-django repo.
 # This can be removed once an official social-auth-app-django Pypi release with Django 2.2 support is available in the future.
--- a/requirements/edx/testing.in
+++ b/requirements/edx/testing.in
@@ -48,4 +48,3 @@ tox                       # virtualenv management for tests
 tox-battery               # Makes tox aware of requirements file changes
 transifex-client          # Command-line interface for the Transifex localization service
 unidiff                   # Required by coverage_pytest_plugin
-
--- a/requirements/edx/testing.txt
+++ b/requirements/edx/testing.txt
@@ -7,6 +7,7 @@
 -e git+https://github.com/edx/acid-block.git@98aecba94ecbfa934e2d00262741c0ea9f557fc9#egg=acid-xblock
 -e common/lib/capa
 -e git+https://github.com/edx/codejail.git@4127fc4bd5775cc72aee8d7f0a70e31405e22439#egg=codejail
+-e git+https://github.com/jsocol/django-ratelimit.git@72edbe8949fbf6699848e5847645a1998f121d46#egg=ratelimit
 -e git+https://github.com/edx/django-wiki.git@v0.0.25#egg=django-wiki
 -e git+https://github.com/edx/DoneXBlock.git@2.0.1#egg=done-xblock
 -e git+https://github.com/jazkarta/edx-jsme.git@690dbf75441fa91c7c4899df0b83d77f7deb5458#egg=edx-jsme
@@ -84,7 +85,6 @@ django-object-actions==2.0.0
 django-pipeline==1.7.0
 django-pyfs==2.1
 django-ratelimit-backend==2.0
-django-ratelimit==2.0.0
 django-require==1.0.11
 django-sekizai==1.1.0
 django-ses==0.8.14