Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Many resource handlers are missing the RATE_LIMITED flag as per the spec. #23

Closed
jevolk opened this issue Mar 5, 2019 · 5 comments · Fixed by #182
Closed

Many resource handlers are missing the RATE_LIMITED flag as per the spec. #23

jevolk opened this issue Mar 5, 2019 · 5 comments · Fixed by #182
Labels
bug Something isn't right. good first issue Good for newcomers

Comments

@jevolk
Copy link
Member

jevolk commented Mar 5, 2019

Resolving this issue involves going through the handlers in the modules/ tree alongside the matrix client and server specification to flag methods required to be rate-limited. Currently some are, but many are not.

Example of a method with the flag:

resource::method
method
{
    resource, "GET", handler,
    {
        method.REQUIRES_AUTH |
        method.RATE_LIMITED
    }
};
@jevolk jevolk added the good first issue Good for newcomers label Mar 5, 2019
@jevolk jevolk added the bug Something isn't right. label Mar 21, 2019
@yangm97 yangm97 mentioned this issue Aug 2, 2019
Closed
@kamathmanu
Copy link
Contributor

Hello! I'm interested in contributing to the project and was looking for nice issues that would let me get into the codebase. This issue was opened quite a while ago, is this issue still something that I can work on?

@jevolk
Copy link
Member Author

jevolk commented Jan 12, 2021

This issue is still unfinished and would certainly appreciate your contribution! The logic for the actual rate-limiting itself is not in place so after adding these flags there won't be a testable difference; nevertheless adding the logic without the flags either would be equally useless. So one has to go first :) Feel free to inquire further here or in #test:zemos.net

Thank you!

@kamathmanu kamathmanu mentioned this issue Feb 19, 2021
Merged
@danilsatchkov
Copy link

I am also looking to contribute. Couple of questions.

  1. When I tried to use the Synapse server in python, I noticed that it generates an incredible amount of what seems to be useless data. Typically, the table event_json and some others. How is the disk space use with construct?
  2. Do you think it is possible to scale Construct to handle thousands of users? Devs on synapse claim that they have a configuration that can handle 50k users (very hard to believe). But regardless. Is there a plan to make construct more scalable and how feasible would that be?

Would love to help out!

@yangm97
Copy link
Member

yangm97 commented Apr 7, 2021

@danilsatchkov

  1. Construct has been very space efficient for me (single user, joined most of the big rooms at the matrix.org directory, one year and going, ~30GB). Construct has an embedded rocksdb database which allowed some very deep schema optimizations for the matrix workload.
  2. Are those trusted users? Because, as far as I know, currently the biggest concern with multi-user construct deployments lies within the security boundaries from local users.

@danilsatchkov
Copy link

@danilsatchkov

  1. Construct has been very space efficient for me (single user, joined most of the big rooms at the matrix.org directory, one year and going, ~30GB). Construct has an embedded rocksdb database which allowed some very deep schema optimizations for the matrix workload.
  2. Are those trusted users? Because, as far as I know, currently the biggest concern with multi-user construct deployments lies within the security boundaries from local users.

For #2, do you know if that is different from something like Synapse? Meaning does Synapse have the same issues with security?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't right. good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Rate limited resource handlers kamathmanu/construct
4 participants
@yangm97 @jevolk @kamathmanu @danilsatchkov