Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
6ba13b41
Commit
6ba13b41
authored
Oct 30, 2017
by
Michael Kozono
Committed by
Francisco Lopez
Nov 17, 2017
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactor application setting management
parent
4e5a97d4
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
35 additions
and
41 deletions
+35
-41
spec/requests/rack_attack_global_spec.rb
spec/requests/rack_attack_global_spec.rb
+35
-41
No files found.
spec/requests/rack_attack_global_spec.rb
View file @
6ba13b41
...
@@ -5,18 +5,26 @@ describe 'Rack Attack global throttles' do
...
@@ -5,18 +5,26 @@ describe 'Rack Attack global throttles' do
let
(
:settings
)
{
Gitlab
::
CurrentSettings
.
current_application_settings
}
let
(
:settings
)
{
Gitlab
::
CurrentSettings
.
current_application_settings
}
# Start with really high limits and override them with low limits to ensure
# the right settings are being exercised
let
(
:settings_to_set
)
do
{
throttle_unauthenticated_requests_per_period:
100
,
throttle_unauthenticated_period_in_seconds:
1
,
throttle_authenticated_api_requests_per_period:
100
,
throttle_authenticated_api_period_in_seconds:
1
,
throttle_authenticated_web_requests_per_period:
100
,
throttle_authenticated_web_period_in_seconds:
1
}
end
let
(
:requests_per_period
)
{
1
}
let
(
:period_in_seconds
)
{
10000
}
let
(
:period
)
{
period_in_seconds
.
seconds
}
before
do
before
do
# Instead of test environment's :null_store
# Instead of test environment's :null_store
Rack
::
Attack
.
cache
.
store
=
ActiveSupport
::
Cache
::
MemoryStore
.
new
Rack
::
Attack
.
cache
.
store
=
ActiveSupport
::
Cache
::
MemoryStore
.
new
# Start with really high limits to ensure the right settings are being exercised.
# Also note, settings will be saved later.
settings
.
throttle_unauthenticated_requests_per_period
=
100
settings
.
throttle_unauthenticated_period_in_seconds
=
1
settings
.
throttle_authenticated_api_requests_per_period
=
100
settings
.
throttle_authenticated_api_period_in_seconds
=
1
settings
.
throttle_authenticated_web_requests_per_period
=
100
settings
.
throttle_authenticated_web_period_in_seconds
=
1
end
end
# Make time-dependent tests deterministic
# Make time-dependent tests deterministic
...
@@ -29,19 +37,16 @@ describe 'Rack Attack global throttles' do
...
@@ -29,19 +37,16 @@ describe 'Rack Attack global throttles' do
# * get_args
# * get_args
# * other_user_get_args
# * other_user_get_args
shared_examples_for
'rate-limited token-authenticated requests'
do
shared_examples_for
'rate-limited token-authenticated requests'
do
let
(
:requests_per_period
)
{
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_requests_per_period"
)
}
let
(
:period
)
{
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_period_in_seconds"
).
seconds
}
before
do
before
do
# Set low limits
# Set low limits
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_requests_per_period="
,
1
)
settings
_to_set
[
:"
#{
throttle_setting_prefix
}
_requests_per_period"
]
=
requests_per_period
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_period_in_seconds="
,
10000
)
settings
_to_set
[
:"
#{
throttle_setting_prefix
}
_period_in_seconds"
]
=
period_in_seconds
end
end
context
'when the throttle is enabled'
do
context
'when the throttle is enabled'
do
before
do
before
do
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_enabled="
,
true
)
settings
_to_set
[
:"
#{
throttle_setting_prefix
}
_enabled"
]
=
true
s
ettings
.
save!
s
tub_application_setting
(
settings_to_set
)
end
end
it
'rejects requests over the rate limit'
do
it
'rejects requests over the rate limit'
do
...
@@ -98,8 +103,8 @@ describe 'Rack Attack global throttles' do
...
@@ -98,8 +103,8 @@ describe 'Rack Attack global throttles' do
context
'when the throttle is disabled'
do
context
'when the throttle is disabled'
do
before
do
before
do
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_enabled="
,
false
)
settings
_to_set
[
:"
#{
throttle_setting_prefix
}
_enabled"
]
=
false
s
ettings
.
save!
s
tub_application_setting
(
settings_to_set
)
end
end
it
'allows requests over the rate limit'
do
it
'allows requests over the rate limit'
do
...
@@ -112,19 +117,16 @@ describe 'Rack Attack global throttles' do
...
@@ -112,19 +117,16 @@ describe 'Rack Attack global throttles' do
end
end
describe
'unauthenticated requests'
do
describe
'unauthenticated requests'
do
let
(
:requests_per_period
)
{
settings
.
throttle_unauthenticated_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_unauthenticated_period_in_seconds
.
seconds
}
before
do
before
do
# Set low limits
# Set low limits
settings
.
throttle_unauthenticated_requests_per_period
=
1
settings
_to_set
[
:throttle_unauthenticated_requests_per_period
]
=
requests_per_period
settings
.
throttle_unauthenticated_period_in_seconds
=
10000
settings
_to_set
[
:throttle_unauthenticated_period_in_seconds
]
=
period_in_seconds
end
end
context
'when the throttle is enabled'
do
context
'when the throttle is enabled'
do
before
do
before
do
settings
.
throttle_unauthenticated_enabled
=
true
settings
_to_set
[
:throttle_unauthenticated_enabled
]
=
true
s
ettings
.
save!
s
tub_application_setting
(
settings_to_set
)
end
end
it
'rejects requests over the rate limit'
do
it
'rejects requests over the rate limit'
do
...
@@ -172,8 +174,8 @@ describe 'Rack Attack global throttles' do
...
@@ -172,8 +174,8 @@ describe 'Rack Attack global throttles' do
context
'when the throttle is disabled'
do
context
'when the throttle is disabled'
do
before
do
before
do
settings
.
throttle_unauthenticated_enabled
=
false
settings
_to_set
[
:throttle_unauthenticated_enabled
]
=
false
s
ettings
.
save!
s
tub_application_setting
(
settings_to_set
)
end
end
it
'allows requests over the rate limit'
do
it
'allows requests over the rate limit'
do
...
@@ -186,8 +188,6 @@ describe 'Rack Attack global throttles' do
...
@@ -186,8 +188,6 @@ describe 'Rack Attack global throttles' do
end
end
describe
'API requests authenticated with private token'
,
:api
do
describe
'API requests authenticated with private token'
,
:api
do
let
(
:requests_per_period
)
{
settings
.
throttle_authenticated_api_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_authenticated_api_period_in_seconds
.
seconds
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:other_user
)
{
create
(
:user
)
}
let
(
:other_user
)
{
create
(
:user
)
}
let
(
:throttle_setting_prefix
)
{
'throttle_authenticated_api'
}
let
(
:throttle_setting_prefix
)
{
'throttle_authenticated_api'
}
...
@@ -230,8 +230,6 @@ describe 'Rack Attack global throttles' do
...
@@ -230,8 +230,6 @@ describe 'Rack Attack global throttles' do
end
end
describe
'API requests authenticated with OAuth token'
,
:api
do
describe
'API requests authenticated with OAuth token'
,
:api
do
let
(
:requests_per_period
)
{
settings
.
throttle_authenticated_api_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_authenticated_api_period_in_seconds
.
seconds
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:application
)
{
Doorkeeper
::
Application
.
create!
(
name:
"MyApp"
,
redirect_uri:
"https://app.com"
,
owner:
user
)
}
let
(
:application
)
{
Doorkeeper
::
Application
.
create!
(
name:
"MyApp"
,
redirect_uri:
"https://app.com"
,
owner:
user
)
}
let
(
:token
)
{
Doorkeeper
::
AccessToken
.
create!
(
application_id:
application
.
id
,
resource_owner_id:
user
.
id
,
scopes:
"api"
)
}
let
(
:token
)
{
Doorkeeper
::
AccessToken
.
create!
(
application_id:
application
.
id
,
resource_owner_id:
user
.
id
,
scopes:
"api"
)
}
...
@@ -256,8 +254,6 @@ describe 'Rack Attack global throttles' do
...
@@ -256,8 +254,6 @@ describe 'Rack Attack global throttles' do
end
end
describe
'"web" (non-API) requests authenticated with RSS token'
do
describe
'"web" (non-API) requests authenticated with RSS token'
do
let
(
:requests_per_period
)
{
settings
.
throttle_authenticated_web_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_authenticated_web_period_in_seconds
.
seconds
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:other_user
)
{
create
(
:user
)
}
let
(
:other_user
)
{
create
(
:user
)
}
let
(
:throttle_setting_prefix
)
{
'throttle_authenticated_web'
}
let
(
:throttle_setting_prefix
)
{
'throttle_authenticated_web'
}
...
@@ -280,22 +276,20 @@ describe 'Rack Attack global throttles' do
...
@@ -280,22 +276,20 @@ describe 'Rack Attack global throttles' do
end
end
describe
'web requests authenticated with regular login'
do
describe
'web requests authenticated with regular login'
do
let
(
:requests_per_period
)
{
settings
.
throttle_authenticated_web_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_authenticated_web_period_in_seconds
.
seconds
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:user
)
{
create
(
:user
)
}
before
do
before
do
login_as
(
user
)
login_as
(
user
)
# Set low limits
# Set low limits
settings
.
throttle_authenticated_web_requests_per_period
=
1
settings
_to_set
[
:throttle_authenticated_web_requests_per_period
]
=
requests_per_period
settings
.
throttle_authenticated_web_period_in_seconds
=
10000
settings
_to_set
[
:throttle_authenticated_web_period_in_seconds
]
=
period_in_seconds
end
end
context
'when the throttle is enabled'
do
context
'when the throttle is enabled'
do
before
do
before
do
settings
.
throttle_authenticated_web_enabled
=
true
settings
_to_set
[
:throttle_authenticated_web_enabled
]
=
true
s
ettings
.
save!
s
tub_application_setting
(
settings_to_set
)
end
end
it
'rejects requests over the rate limit'
do
it
'rejects requests over the rate limit'
do
...
@@ -354,8 +348,8 @@ describe 'Rack Attack global throttles' do
...
@@ -354,8 +348,8 @@ describe 'Rack Attack global throttles' do
context
'when the throttle is disabled'
do
context
'when the throttle is disabled'
do
before
do
before
do
settings
.
throttle_authenticated_web_enabled
=
false
settings
_to_set
[
:throttle_authenticated_web_enabled
]
=
false
s
ettings
.
save!
s
tub_application_setting
(
settings_to_set
)
end
end
it
'allows requests over the rate limit'
do
it
'allows requests over the rate limit'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment