Add QA specs for using IP rate limits

This will help prevent issues such as
https://gitlab.com/gitlab-org/gitlab-ce/issues/66449.

app/views/admin/application_settings/_ip_limits.html.haml

@@ -4,7 +4,7 @@
   %fieldset
     .form-group
       .form-check
-        = f.check_box :throttle_unauthenticated_enabled, class: 'form-check-input'
+        = f.check_box :throttle_unauthenticated_enabled, class: 'form-check-input', data: { qa_selector: 'throttle_unauthenticated_checkbox' }
         = f.label :throttle_unauthenticated_enabled, class: 'form-check-label' do
           Enable unauthenticated request rate limit
         %span.form-text.text-muted
@@ -17,7 +17,7 @@
       = f.number_field :throttle_unauthenticated_period_in_seconds, class: 'form-control'
     .form-group
       .form-check
-        = f.check_box :throttle_authenticated_api_enabled, class: 'form-check-input'
+        = f.check_box :throttle_authenticated_api_enabled, class: 'form-check-input', data: { qa_selector: 'throttle_authenticated_api_checkbox' }
         = f.label :throttle_authenticated_api_enabled, class: 'form-check-label' do
           Enable authenticated API request rate limit
         %span.form-text.text-muted
@@ -30,7 +30,7 @@
       = f.number_field :throttle_authenticated_api_period_in_seconds, class: 'form-control'
     .form-group
       .form-check
-        = f.check_box :throttle_authenticated_web_enabled, class: 'form-check-input'
+        = f.check_box :throttle_authenticated_web_enabled, class: 'form-check-input', data: { qa_selector: 'throttle_authenticated_web_checkbox' }
         = f.label :throttle_authenticated_web_enabled, class: 'form-check-label' do
           Enable authenticated web request rate limit
         %span.form-text.text-muted
@@ -42,4 +42,4 @@
       = f.label :throttle_authenticated_web_period_in_seconds, 'Rate limit period in seconds', class: 'label-bold'
       = f.number_field :throttle_authenticated_web_period_in_seconds, class: 'form-control'
 
-  = f.submit 'Save changes', class: "btn btn-success"
+  = f.submit 'Save changes', class: "btn btn-success", data: { qa_selector: 'save_changes_button' }

app/views/admin/application_settings/network.html.haml

@@ -13,7 +13,7 @@
   .settings-content
     = render 'performance'
 
-%section.settings.as-ip-limits.no-animate#js-ip-limits-settings{ class: ('expanded' if expanded_by_default?) }
+%section.settings.as-ip-limits.no-animate#js-ip-limits-settings{ class: ('expanded' if expanded_by_default?), data: { qa_selector: 'ip_limits_section' } }
   .settings-header
     %h4
       = _('User and IP Rate Limits')

app/views/layouts/nav/sidebar/_admin.html.haml

@@ -261,7 +261,7 @@
                 %span
                   = _('Metrics and profiling')
             = nav_link(path: 'application_settings#network') do
-              = link_to network_admin_application_settings_path, title: _('Network') do
+              = link_to network_admin_application_settings_path, title: _('Network'), data: { qa_selector: 'admin_settings_network_item' } do
                 %span
                   = _('Network')
             - if template_exists?('admin/application_settings/geo')

qa/qa.rb

@@ -303,8 +303,10 @@ module QA
         autoload :Repository, 'qa/page/admin/settings/repository'
         autoload :General, 'qa/page/admin/settings/general'
         autoload :MetricsAndProfiling, 'qa/page/admin/settings/metrics_and_profiling'
+        autoload :Network, 'qa/page/admin/settings/network'
 
         module Component
+          autoload :IpLimits, 'qa/page/admin/settings/component/ip_limits'
           autoload :RepositoryStorage, 'qa/page/admin/settings/component/repository_storage'
           autoload :AccountAndLimit, 'qa/page/admin/settings/component/account_and_limit'
           autoload :PerformanceBar, 'qa/page/admin/settings/component/performance_bar'

qa/qa/page/admin/menu.rb

@@ -49,6 +49,14 @@ module QA
           end
         end
 
+        def go_to_network_settings
+          hover_settings do
+            within_submenu do
+              click_element :admin_settings_network_item
+            end
+          end
+        end
+
         private
 
         def hover_settings

qa/qa/page/admin/settings/component/ip_limits.rb

+# frozen_string_literal: true
+
+module QA
+  module Page
+    module Admin
+      module Settings
+        module Component
+          class IpLimits < Page::Base
+            view 'app/views/admin/application_settings/_ip_limits.html.haml' do
+              element :throttle_unauthenticated_checkbox
+              element :throttle_authenticated_api_checkbox
+              element :throttle_authenticated_web_checkbox
+              element :save_changes_button
+            end
+
+            def enable_throttles
+              check_element :throttle_unauthenticated_checkbox
+              check_element :throttle_authenticated_api_checkbox
+              check_element :throttle_authenticated_web_checkbox
+            end
+
+            def save_settings
+              click_element :save_changes_button
+            end
+          end
+        end
+      end
+    end
+  end
+end

qa/qa/page/admin/settings/network.rb

+# frozen_string_literal: true
+
+module QA
+  module Page
+    module Admin
+      module Settings
+        class Network < Page::Base
+          include QA::Page::Settings::Common
+
+          view 'app/views/admin/application_settings/network.html.haml' do
+            element :ip_limits_section
+          end
+
+          def expand_ip_limits(&block)
+            expand_section(:ip_limits_section) do
+              Component::IpLimits.perform(&block)
+            end
+          end
+        end
+      end
+    end
+  end
+end

qa/qa/runtime/api/client.rb

@@ -8,11 +8,12 @@ module QA
       class Client
         attr_reader :address, :user
 
-        def initialize(address = :gitlab, personal_access_token: nil, is_new_session: true, user: nil)
+        def initialize(address = :gitlab, personal_access_token: nil, is_new_session: true, user: nil, ip_limits: false)
           @address = address
           @personal_access_token = personal_access_token
           @is_new_session = is_new_session
           @user = user
+          enable_ip_limits if ip_limits
         end
 
         def personal_access_token
@@ -26,6 +27,24 @@ module QA
 
         private
 
+        def enable_ip_limits
+          Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
+
+          Runtime::Browser.visit(@address, Page::Main::Login)
+          Page::Main::Login.perform(&:sign_in_using_admin_credentials)
+          Page::Main::Menu.perform(&:click_admin_area)
+          Page::Admin::Menu.perform(&:go_to_network_settings)
+
+          Page::Admin::Settings::Network.perform do |setting|
+            setting.expand_ip_limits do |page|
+              page.enable_throttles
+              page.save_settings
+            end
+          end
+
+          Page::Main::Menu.perform(&:sign_out)
+        end
+
         def create_personal_access_token
           Page::Main::Menu.perform(&:sign_out) if @is_new_session && Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
 

qa/qa/specs/features/api/1_manage/rate_limits_spec.rb

+# frozen_string_literal: true
+
+module QA
+  context 'Manage with IP rate limits', :requires_admin do
+    describe 'Users API' do
+      before(:context) do
+        @api_client = Runtime::API::Client.new(:gitlab, ip_limits: true)
+      end
+
+      let(:request) { Runtime::API::Request.new(@api_client, '/users') }
+
+      it 'GET /users' do
+        5.times do
+          get request.url
+          expect_status(200)
+        end
+      end
+    end
+  end
+end