Configurable project creation limits#20046
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fd28ee59d6
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
_check_ratelimits now runs on every create_project call, which evaluates creator.id to pass to the limiter. The bare pretend.stub() has no id attribute, so the test blew up before reaching the AdminFlag-forbidden path it was meant to exercise. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…tion Adds regression coverage for the two view-layer catches added in 41a6bd1 / a162387 — confirms that hitting the per-user project-create ratelimiter while creating an org-owned project or reifying a pending OIDC publisher returns a structured error (form-error / 422 JSON) instead of a 500. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Parametrize the new TooManyProjectsCreated regression tests so they exercise both a real timedelta and the resets_in=None branch the defensive handlers in oidc/views.py and manage/views/organizations.py fall back to. None can legitimately come back from the limiter on a race or a transient redis error, and we want a 429 with "try again later" instead of a 500. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
- tests/unit/rate_limiting/test_core.py: assert override() returns a sibling with new limit but same storage/identifiers/metrics, that the two counters do not share a window, and that falsy input returns self. DummyRateLimiter.override is asserted to no-op. - tests/unit/packaging/test_init.py: assert the .org limiter is registered alongside .user and .ip during includeme. - tests/unit/test_config.py: assert the new project_create_org_ratelimit_string default is wired into configure(). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
9407e76 to
84fd8bc
Compare
Co-authored-by: Jacob Coffee <jacob@z7x.org>
|
@codex review |
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
|
not sure if cba2f30 is needed tbh |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e6b67de5cc
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Resolve conflicts between the org project-create-limit work and main's rate-limit egress headers + atomic hit enforcement: - services.py: merge org-aware limiter resolution (_resolve_creator_limiter) with main's record_rate_limit egress snapshots and raising _hit_ratelimits. Egress headers now reflect the resolved user-or-org bucket. - create_project: re-add main's `ratelimited` kwarg (dropped by auto-merge); guard _check/_hit, keep OIDC trusted-publisher creates unlimited (ratelimited=False) while org-owned manage creates stay limited. - headers.py: add "org" to PartitionKey for org-bucket snapshots. - migrations: repoint 54e478f6a022 onto main's head a8038ce10051. - tests: drop stale `_enable_organizations` usefixtures markers (main removed the fixture; orgs are default-enabled), register project.create.org limiter in conftest, add get_window_stats to the forklift FailingLimiter stub. - messages.pot regenerated. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
# Conflicts: # tests/unit/admin/test_routes.py # warehouse/locale/messages.pot
Allows granular configurability for orgs and users that override the current global daily count
Backend creates the buckets and limiters for orgs.
Admin UI changes adds the field:


for orgs
for users
Tries to hand hold in the UI with the dropdown for d/m/yy
--
Tested locally, set org limit 5 per hour, user limit 2 per hour
Blocked on 6th org project create and 3rd user project create
also tested the per-user overrides (default 20, failed at 21) with manual override on local
diuser set to 5 (failed at 6)