Commit 9f219873 authored by Stan Hu's avatar Stan Hu

Add QA specs for using IP rate limits

This will help prevent issues such as
https://gitlab.com/gitlab-org/gitlab-ce/issues/66449.
parent 8b47dfae
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
%fieldset %fieldset
.form-group .form-group
.form-check .form-check
= f.check_box :throttle_unauthenticated_enabled, class: 'form-check-input' = f.check_box :throttle_unauthenticated_enabled, class: 'form-check-input', data: { qa_selector: 'throttle_unauthenticated_checkbox' }
= f.label :throttle_unauthenticated_enabled, class: 'form-check-label' do = f.label :throttle_unauthenticated_enabled, class: 'form-check-label' do
Enable unauthenticated request rate limit Enable unauthenticated request rate limit
%span.form-text.text-muted %span.form-text.text-muted
...@@ -17,7 +17,7 @@ ...@@ -17,7 +17,7 @@
= f.number_field :throttle_unauthenticated_period_in_seconds, class: 'form-control' = f.number_field :throttle_unauthenticated_period_in_seconds, class: 'form-control'
.form-group .form-group
.form-check .form-check
= f.check_box :throttle_authenticated_api_enabled, class: 'form-check-input' = f.check_box :throttle_authenticated_api_enabled, class: 'form-check-input', data: { qa_selector: 'throttle_authenticated_api_checkbox' }
= f.label :throttle_authenticated_api_enabled, class: 'form-check-label' do = f.label :throttle_authenticated_api_enabled, class: 'form-check-label' do
Enable authenticated API request rate limit Enable authenticated API request rate limit
%span.form-text.text-muted %span.form-text.text-muted
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
= f.number_field :throttle_authenticated_api_period_in_seconds, class: 'form-control' = f.number_field :throttle_authenticated_api_period_in_seconds, class: 'form-control'
.form-group .form-group
.form-check .form-check
= f.check_box :throttle_authenticated_web_enabled, class: 'form-check-input' = f.check_box :throttle_authenticated_web_enabled, class: 'form-check-input', data: { qa_selector: 'throttle_authenticated_web_checkbox' }
= f.label :throttle_authenticated_web_enabled, class: 'form-check-label' do = f.label :throttle_authenticated_web_enabled, class: 'form-check-label' do
Enable authenticated web request rate limit Enable authenticated web request rate limit
%span.form-text.text-muted %span.form-text.text-muted
...@@ -42,4 +42,4 @@ ...@@ -42,4 +42,4 @@
= f.label :throttle_authenticated_web_period_in_seconds, 'Rate limit period in seconds', class: 'label-bold' = f.label :throttle_authenticated_web_period_in_seconds, 'Rate limit period in seconds', class: 'label-bold'
= f.number_field :throttle_authenticated_web_period_in_seconds, class: 'form-control' = f.number_field :throttle_authenticated_web_period_in_seconds, class: 'form-control'
= f.submit 'Save changes', class: "btn btn-success" = f.submit 'Save changes', class: "btn btn-success", data: { qa_selector: 'save_changes_button' }
...@@ -13,7 +13,7 @@ ...@@ -13,7 +13,7 @@
.settings-content .settings-content
= render 'performance' = render 'performance'
%section.settings.as-ip-limits.no-animate#js-ip-limits-settings{ class: ('expanded' if expanded_by_default?) } %section.settings.as-ip-limits.no-animate#js-ip-limits-settings{ class: ('expanded' if expanded_by_default?), data: { qa_selector: 'ip_limits_section' } }
.settings-header .settings-header
%h4 %h4
= _('User and IP Rate Limits') = _('User and IP Rate Limits')
......
...@@ -261,7 +261,7 @@ ...@@ -261,7 +261,7 @@
%span %span
= _('Metrics and profiling') = _('Metrics and profiling')
= nav_link(path: 'application_settings#network') do = nav_link(path: 'application_settings#network') do
= link_to network_admin_application_settings_path, title: _('Network') do = link_to network_admin_application_settings_path, title: _('Network'), data: { qa_selector: 'admin_settings_network_item' } do
%span %span
= _('Network') = _('Network')
- if template_exists?('admin/application_settings/geo') - if template_exists?('admin/application_settings/geo')
......
...@@ -303,8 +303,10 @@ module QA ...@@ -303,8 +303,10 @@ module QA
autoload :Repository, 'qa/page/admin/settings/repository' autoload :Repository, 'qa/page/admin/settings/repository'
autoload :General, 'qa/page/admin/settings/general' autoload :General, 'qa/page/admin/settings/general'
autoload :MetricsAndProfiling, 'qa/page/admin/settings/metrics_and_profiling' autoload :MetricsAndProfiling, 'qa/page/admin/settings/metrics_and_profiling'
autoload :Network, 'qa/page/admin/settings/network'
module Component module Component
autoload :IpLimits, 'qa/page/admin/settings/component/ip_limits'
autoload :RepositoryStorage, 'qa/page/admin/settings/component/repository_storage' autoload :RepositoryStorage, 'qa/page/admin/settings/component/repository_storage'
autoload :AccountAndLimit, 'qa/page/admin/settings/component/account_and_limit' autoload :AccountAndLimit, 'qa/page/admin/settings/component/account_and_limit'
autoload :PerformanceBar, 'qa/page/admin/settings/component/performance_bar' autoload :PerformanceBar, 'qa/page/admin/settings/component/performance_bar'
......
...@@ -49,6 +49,14 @@ module QA ...@@ -49,6 +49,14 @@ module QA
end end
end end
def go_to_network_settings
hover_settings do
within_submenu do
click_element :admin_settings_network_item
end
end
end
private private
def hover_settings def hover_settings
......
# frozen_string_literal: true
module QA
module Page
module Admin
module Settings
module Component
class IpLimits < Page::Base
view 'app/views/admin/application_settings/_ip_limits.html.haml' do
element :throttle_unauthenticated_checkbox
element :throttle_authenticated_api_checkbox
element :throttle_authenticated_web_checkbox
element :save_changes_button
end
def enable_throttles
check_element :throttle_unauthenticated_checkbox
check_element :throttle_authenticated_api_checkbox
check_element :throttle_authenticated_web_checkbox
end
def save_settings
click_element :save_changes_button
end
end
end
end
end
end
end
# frozen_string_literal: true
module QA
module Page
module Admin
module Settings
class Network < Page::Base
include QA::Page::Settings::Common
view 'app/views/admin/application_settings/network.html.haml' do
element :ip_limits_section
end
def expand_ip_limits(&block)
expand_section(:ip_limits_section) do
Component::IpLimits.perform(&block)
end
end
end
end
end
end
end
...@@ -8,11 +8,12 @@ module QA ...@@ -8,11 +8,12 @@ module QA
class Client class Client
attr_reader :address, :user attr_reader :address, :user
def initialize(address = :gitlab, personal_access_token: nil, is_new_session: true, user: nil) def initialize(address = :gitlab, personal_access_token: nil, is_new_session: true, user: nil, ip_limits: false)
@address = address @address = address
@personal_access_token = personal_access_token @personal_access_token = personal_access_token
@is_new_session = is_new_session @is_new_session = is_new_session
@user = user @user = user
enable_ip_limits if ip_limits
end end
def personal_access_token def personal_access_token
...@@ -26,6 +27,24 @@ module QA ...@@ -26,6 +27,24 @@ module QA
private private
def enable_ip_limits
Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
Runtime::Browser.visit(@address, Page::Main::Login)
Page::Main::Login.perform(&:sign_in_using_admin_credentials)
Page::Main::Menu.perform(&:click_admin_area)
Page::Admin::Menu.perform(&:go_to_network_settings)
Page::Admin::Settings::Network.perform do |setting|
setting.expand_ip_limits do |page|
page.enable_throttles
page.save_settings
end
end
Page::Main::Menu.perform(&:sign_out)
end
def create_personal_access_token def create_personal_access_token
Page::Main::Menu.perform(&:sign_out) if @is_new_session && Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) } Page::Main::Menu.perform(&:sign_out) if @is_new_session && Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
......
# frozen_string_literal: true
module QA
context 'Manage with IP rate limits', :requires_admin do
describe 'Users API' do
before(:context) do
@api_client = Runtime::API::Client.new(:gitlab, ip_limits: true)
end
let(:request) { Runtime::API::Request.new(@api_client, '/users') }
it 'GET /users' do
5.times do
get request.url
expect_status(200)
end
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment