You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by be...@apache.org on 2023/06/08 16:16:59 UTC
[superset] 01/01: chore: rate limit requests
This is an automated email from the ASF dual-hosted git repository.
beto pushed a commit to branch fix_dos
in repository https://gitbox.apache.org/repos/asf/superset.git
commit 7b980d699936727a7416702740f12620f205c030
Author: Beto Dealmeida <ro...@dealmeida.net>
AuthorDate: Thu Jun 1 15:57:36 2023 -0700
chore: rate limit requests
---
superset/config.py | 6 ++++++
superset/models/dashboard.py | 5 +++--
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/superset/config.py b/superset/config.py
index a424a09d23..78c7a18b65 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -277,6 +277,12 @@ PROXY_FIX_CONFIG = {"x_for": 1, "x_proto": 1, "x_host": 1, "x_port": 1, "x_prefi
# Configuration for scheduling queries from SQL Lab.
SCHEDULED_QUERIES: Dict[str, Any] = {}
+# Rate limiting
+RATELIMIT_ENABLED = True
+AUTH_RATE_LIMITED = True
+AUTH_RATE_LIMIT = "2 per 5 second"
+RATELIMIT_APPLICATION = "50 per second"
+
# ------------------------------
# GLOBALS FOR APP Builder
# ------------------------------
diff --git a/superset/models/dashboard.py b/superset/models/dashboard.py
index 9afd74f5e3..f2e1069a28 100644
--- a/superset/models/dashboard.py
+++ b/superset/models/dashboard.py
@@ -380,11 +380,12 @@ class Dashboard(Model, AuditMixinNullable, ImportExportMixin):
@classmethod
def export_dashboards( # pylint: disable=too-many-locals
- cls, dashboard_ids: List[int]
+ cls,
+ dashboard_ids: List[int],
) -> str:
copied_dashboards = []
datasource_ids = set()
- for dashboard_id in dashboard_ids:
+ for dashboard_id in set(dashboard_ids):
# make sure that dashboard_id is an integer
dashboard_id = int(dashboard_id)
dashboard = (