QT/bigcapital
1
0
Fork 0
mirror of https://github.com/bigcapitalhq/bigcapital.git synced 2026-02-21 07:10:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add rate limiting to organization build job endpoint

Browse Source 
Add @Throttle decorator to GET /build/:buildJobId endpoint to limit
to 300 requests per minute to prevent abuse.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Ahmed Bouhuolia
2026-02-08 09:39:55 +02:00
parent 2c05785096
commit 3258159474
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
packages/server/src/modules/Organization/Organization.controller.ts
View File

@@ -17,6 +17,7 @@ import {
HttpCode, HttpCode,
Param, Param,
} from '@nestjs/common'; } from '@nestjs/common';
import { Throttle } from '@nestjs/throttler';
import { BuildOrganizationService } from './commands/BuildOrganization.service'; import { BuildOrganizationService } from './commands/BuildOrganization.service';
import { import {
BuildOrganizationDto, BuildOrganizationDto,
@@ -50,7 +51,7 @@ export class OrganizationController {
private readonly updateOrganizationService: UpdateOrganizationService, private readonly updateOrganizationService: UpdateOrganizationService,
private readonly getBuildOrganizationJobService: GetBuildOrganizationBuildJob, private readonly getBuildOrganizationJobService: GetBuildOrganizationBuildJob,
private readonly orgBaseCurrencyLockingService: OrganizationBaseCurrencyLocking, private readonly orgBaseCurrencyLockingService: OrganizationBaseCurrencyLocking,
) { } ) {}
@Post('build') @Post('build')
@HttpCode(200) @HttpCode(200)
@@ -77,6 +78,7 @@ export class OrganizationController {
} }
@Get('build/:buildJobId') @Get('build/:buildJobId')
@Throttle({ default: { limit: 300, ttl: 60000 } }) // 300 req/min
@ApiParam({ @ApiParam({
name: 'buildJobId', name: 'buildJobId',
required: true, required: true,