You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@superset.apache.org by be...@apache.org on 2023/06/08 16:16:58 UTC

[superset] branch fix_dos created (now 7b980d6999)

This is an automated email from the ASF dual-hosted git repository.

beto pushed a change to branch fix_dos
in repository https://gitbox.apache.org/repos/asf/superset.git


      at 7b980d6999 chore: rate limit requests

This branch includes the following new commits:

     new 7b980d6999 chore: rate limit requests

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[superset] 01/01: chore: rate limit requests

Posted by be...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

beto pushed a commit to branch fix_dos
in repository https://gitbox.apache.org/repos/asf/superset.git

commit 7b980d699936727a7416702740f12620f205c030
Author: Beto Dealmeida <ro...@dealmeida.net>
AuthorDate: Thu Jun 1 15:57:36 2023 -0700

    chore: rate limit requests
---
 superset/config.py           | 6 ++++++
 superset/models/dashboard.py | 5 +++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/superset/config.py b/superset/config.py
index a424a09d23..78c7a18b65 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -277,6 +277,12 @@ PROXY_FIX_CONFIG = {"x_for": 1, "x_proto": 1, "x_host": 1, "x_port": 1, "x_prefi
 # Configuration for scheduling queries from SQL Lab.
 SCHEDULED_QUERIES: Dict[str, Any] = {}
 
+# Rate limiting
+RATELIMIT_ENABLED = True
+AUTH_RATE_LIMITED = True
+AUTH_RATE_LIMIT = "2 per 5 second"
+RATELIMIT_APPLICATION = "50 per second"
+
 # ------------------------------
 # GLOBALS FOR APP Builder
 # ------------------------------
diff --git a/superset/models/dashboard.py b/superset/models/dashboard.py
index 9afd74f5e3..f2e1069a28 100644
--- a/superset/models/dashboard.py
+++ b/superset/models/dashboard.py
@@ -380,11 +380,12 @@ class Dashboard(Model, AuditMixinNullable, ImportExportMixin):
 
     @classmethod
     def export_dashboards(  # pylint: disable=too-many-locals
-        cls, dashboard_ids: List[int]
+        cls,
+        dashboard_ids: List[int],
     ) -> str:
         copied_dashboards = []
         datasource_ids = set()
-        for dashboard_id in dashboard_ids:
+        for dashboard_id in set(dashboard_ids):
             # make sure that dashboard_id is an integer
             dashboard_id = int(dashboard_id)
             dashboard = (