From 629cd6d6fde65e98b9535d9871b709b057bcb3f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Thu, 24 Apr 2025 11:12:05 +0200
Subject: [PATCH 1/3] feature/Add a Glossary item that automatically gets Roles
 from GET Roles

---
 obp-api/src/main/scala/code/api/util/Glossary.scala | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/obp-api/src/main/scala/code/api/util/Glossary.scala b/obp-api/src/main/scala/code/api/util/Glossary.scala
index 8b1a84d39e..2a8397f791 100644
--- a/obp-api/src/main/scala/code/api/util/Glossary.scala
+++ b/obp-api/src/main/scala/code/api/util/Glossary.scala
@@ -305,6 +305,12 @@ object Glossary extends MdcLoggable  {
 					|"""
 	)
 
+	glossaryItems += GlossaryItem(
+		title = "Roles of Open Bank Project",
+		description =
+			s"""<ol>${ApiRole.availableRoles.sorted.map(i => "<li>" + i + "</li>").mkString}</ol>""".stripMargin
+	)
+
 
 
 

From f3acb1aaa6532f78ac7926437836b872ed3db837 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Fri, 25 Apr 2025 10:38:23 +0200
Subject: [PATCH 2/3] feature/Add Rate Limiting in case of applicationAccess

---
 obp-api/src/main/scala/code/api/util/APIUtil.scala | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/obp-api/src/main/scala/code/api/util/APIUtil.scala b/obp-api/src/main/scala/code/api/util/APIUtil.scala
index 9e559dc906..5ba84c1406 100644
--- a/obp-api/src/main/scala/code/api/util/APIUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala
@@ -3309,6 +3309,13 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
       val reqHeaders = result._2.map(_.requestHeaders).getOrElse(Nil)
       // Berlin Group checks
       BerlinGroupCheck.validate(body, verb, url, reqHeaders, result)
+    } map {
+      result =>
+        val excludeFunctions = getPropsValue("rate_limiting.exclude_endpoints", "root").split(",").toList
+        cc.resourceDocument.map(_.partialFunctionName) match {
+          case Some(functionName) if excludeFunctions.exists(_ == functionName) => result
+          case _ => RateLimitingUtil.underCallLimits(result)
+        }
     } map { result =>
       result._1 match {
         case Empty if result._2.flatMap(_.consumer).isDefined => // There is no error and Consumer is defined

From ac4c6329853bc9e15a9a61cee917a6b5ecb08444 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Fri, 25 Apr 2025 10:43:26 +0200
Subject: [PATCH 3/3] feature/Default rate limiting for a new consumers

---
 .../main/resources/props/sample.props.template  |  7 +++++++
 obp-api/src/main/scala/code/model/OAuth.scala   | 12 ++++++------
 .../code/ratelimiting/MappedRateLimiting.scala  | 17 +++++++++--------
 3 files changed, 22 insertions(+), 14 deletions(-)

diff --git a/obp-api/src/main/resources/props/sample.props.template b/obp-api/src/main/resources/props/sample.props.template
index 2190e6c321..9f1971d321 100644
--- a/obp-api/src/main/resources/props/sample.props.template
+++ b/obp-api/src/main/resources/props/sample.props.template
@@ -847,6 +847,13 @@ featured_apis=elasticSearchWarehouseV300
 # redis_port=6379
 # In case isn't defined default value is root
 # rate_limiting.exclude_endpoints=root
+## Default rate limiting for a new consumer
+# rate_limiting_per_second = -1
+# rate_limiting_per_minute = -1
+# rate_limiting_per_hour = -1
+# rate_limiting_per_day = -1
+# rate_limiting_per_week = -1
+# rate_limiting_per_month = -1
 # -----------------------------------------------------
 
 # -- Migration Scripts ----------------------------
diff --git a/obp-api/src/main/scala/code/model/OAuth.scala b/obp-api/src/main/scala/code/model/OAuth.scala
index c8016ecf89..3e8645befc 100644
--- a/obp-api/src/main/scala/code/model/OAuth.scala
+++ b/obp-api/src/main/scala/code/model/OAuth.scala
@@ -582,22 +582,22 @@ class Consumer extends LongKeyedMapper[Consumer] with CreatedUpdated{
   object createdByUserId extends MappedString(this, 36)
 
   object perSecondCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_second", -1)
   }
   object perMinuteCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_minute", -1)
   }
   object perHourCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_hour", -1)
   }
   object perDayCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_day", -1)
   }
   object perWeekCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue : Long = APIUtil.getPropsAsLongValue("rate_limiting_per_week", -1)
   }
   object perMonthCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue : Long = APIUtil.getPropsAsLongValue("rate_limiting_per_month", -1)
   }
   object clientCertificate extends MappedString(this, 4000)
   object company extends MappedString(this, 100) {
diff --git a/obp-api/src/main/scala/code/ratelimiting/MappedRateLimiting.scala b/obp-api/src/main/scala/code/ratelimiting/MappedRateLimiting.scala
index 792426efc8..6ce5227d3b 100644
--- a/obp-api/src/main/scala/code/ratelimiting/MappedRateLimiting.scala
+++ b/obp-api/src/main/scala/code/ratelimiting/MappedRateLimiting.scala
@@ -1,13 +1,14 @@
 package code.ratelimiting
 
-import java.util.Date
+import code.api.util.APIUtil
 
+import java.util.Date
 import code.util.{MappedUUID, UUIDString}
 import net.liftweb.common.{Box, Full}
 import net.liftweb.mapper._
 import net.liftweb.util.Helpers.tryo
-
 import com.openbankproject.commons.ExecutionContext.Implicits.global
+
 import scala.concurrent.Future
 
 object MappedRateLimitingProvider extends RateLimitingProviderTrait {
@@ -180,22 +181,22 @@ class RateLimiting extends RateLimitingTrait with LongKeyedMapper[RateLimiting]
   object ConsumerId extends MappedString(this, 250)
   object BankId extends UUIDString(this)
   object PerSecondCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_second", -1)
   }
   object PerMinuteCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_minute", -1)
   }
   object PerHourCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_hour", -1)
   }
   object PerDayCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_day", -1)
   }
   object PerWeekCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_week", -1)
   }
   object PerMonthCallLimit extends MappedLong(this) {
-    override def defaultValue = -1
+    override def defaultValue: Long = APIUtil.getPropsAsLongValue("rate_limiting_per_month", -1)
   }
   object FromDate extends MappedDateTime(this)
   object ToDate extends MappedDateTime(this)