ref(ratelimit): Added a config and changed a default (#31141)

Org rate limits should be the most lenient rate limit. This change increases the default org limits to match the current highest, users.
I also made enforce_rate_limit a configurable option so that self-hosted can disable it from config.py

src/sentry/api/base.py

@@ -103,7 +103,7 @@ class Endpoint(APIView):
     # Default Rate Limit Values, override in subclass
     # Should be of format: { <http function>: { <category>: RateLimit(limit, window) } }
     rate_limits: Mapping[str, Mapping[RateLimitCategory | str, RateLimit]] = {}
-    enforce_rate_limit: bool = False
+    enforce_rate_limit: bool = settings.SENTRY_RATELIMITER_ENABLED
 
     def build_cursor_link(self, request: Request, name, cursor):
         querystring = None

src/sentry/conf/server.py

@@ -1329,10 +1329,11 @@ SENTRY_RELAY_PROJECTCONFIG_DEBOUNCE_CACHE_OPTIONS = {}
 
 # Rate limiting backend
 SENTRY_RATELIMITER = "sentry.ratelimits.base.RateLimiter"
+SENTRY_RATELIMITER_ENABLED = False
 SENTRY_RATELIMITER_OPTIONS = {}
 # These values were determined from analysis on one week of api access logs
-SENTRY_RATELIMITER_DEFAULT_IP = 1000
-SENTRY_RATELIMITER_DEFAULT_USER = 3230
+SENTRY_RATELIMITER_DEFAULT_IP = 620
+SENTRY_RATELIMITER_DEFAULT_USER = 620
 SENTRY_RATELIMITER_DEFAULT_ORG = 620
 SENTRY_RATELIMITER_DEFAULTS = {
     RateLimitCategory.IP: RateLimit(SENTRY_RATELIMITER_DEFAULT_IP, 1),