BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
6ba13b41
Commit
6ba13b41
authored
Oct 30, 2017
by
Michael Kozono
Committed by
Francisco Lopez
Nov 17, 2017
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactor application setting management
parent
4e5a97d4
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
35 additions
and
41 deletions
+35
-41
rack_attack_global_spec.rb
spec/requests/rack_attack_global_spec.rb
+35
-41
No files found.
spec/requests/rack_attack_global_spec.rb
View file @
6ba13b41
...
...
@@ -5,18 +5,26 @@ describe 'Rack Attack global throttles' do
let
(
:settings
)
{
Gitlab
::
CurrentSettings
.
current_application_settings
}
# Start with really high limits and override them with low limits to ensure
# the right settings are being exercised
let
(
:settings_to_set
)
do
{
throttle_unauthenticated_requests_per_period:
100
,
throttle_unauthenticated_period_in_seconds:
1
,
throttle_authenticated_api_requests_per_period:
100
,
throttle_authenticated_api_period_in_seconds:
1
,
throttle_authenticated_web_requests_per_period:
100
,
throttle_authenticated_web_period_in_seconds:
1
}
end
let
(
:requests_per_period
)
{
1
}
let
(
:period_in_seconds
)
{
10000
}
let
(
:period
)
{
period_in_seconds
.
seconds
}
before
do
# Instead of test environment's :null_store
Rack
::
Attack
.
cache
.
store
=
ActiveSupport
::
Cache
::
MemoryStore
.
new
# Start with really high limits to ensure the right settings are being exercised.
# Also note, settings will be saved later.
settings
.
throttle_unauthenticated_requests_per_period
=
100
settings
.
throttle_unauthenticated_period_in_seconds
=
1
settings
.
throttle_authenticated_api_requests_per_period
=
100
settings
.
throttle_authenticated_api_period_in_seconds
=
1
settings
.
throttle_authenticated_web_requests_per_period
=
100
settings
.
throttle_authenticated_web_period_in_seconds
=
1
end
# Make time-dependent tests deterministic
...
...
@@ -29,19 +37,16 @@ describe 'Rack Attack global throttles' do
# * get_args
# * other_user_get_args
shared_examples_for
'rate-limited token-authenticated requests'
do
let
(
:requests_per_period
)
{
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_requests_per_period"
)
}
let
(
:period
)
{
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_period_in_seconds"
).
seconds
}
before
do
# Set low limits
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_requests_per_period="
,
1
)
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_period_in_seconds="
,
10000
)
settings
_to_set
[
:"
#{
throttle_setting_prefix
}
_requests_per_period"
]
=
requests_per_period
settings
_to_set
[
:"
#{
throttle_setting_prefix
}
_period_in_seconds"
]
=
period_in_seconds
end
context
'when the throttle is enabled'
do
before
do
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_enabled="
,
true
)
s
ettings
.
save!
settings
_to_set
[
:"
#{
throttle_setting_prefix
}
_enabled"
]
=
true
s
tub_application_setting
(
settings_to_set
)
end
it
'rejects requests over the rate limit'
do
...
...
@@ -98,8 +103,8 @@ describe 'Rack Attack global throttles' do
context
'when the throttle is disabled'
do
before
do
settings
.
send
(
:"
#{
throttle_setting_prefix
}
_enabled="
,
false
)
s
ettings
.
save!
settings
_to_set
[
:"
#{
throttle_setting_prefix
}
_enabled"
]
=
false
s
tub_application_setting
(
settings_to_set
)
end
it
'allows requests over the rate limit'
do
...
...
@@ -112,19 +117,16 @@ describe 'Rack Attack global throttles' do
end
describe
'unauthenticated requests'
do
let
(
:requests_per_period
)
{
settings
.
throttle_unauthenticated_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_unauthenticated_period_in_seconds
.
seconds
}
before
do
# Set low limits
settings
.
throttle_unauthenticated_requests_per_period
=
1
settings
.
throttle_unauthenticated_period_in_seconds
=
10000
settings
_to_set
[
:throttle_unauthenticated_requests_per_period
]
=
requests_per_period
settings
_to_set
[
:throttle_unauthenticated_period_in_seconds
]
=
period_in_seconds
end
context
'when the throttle is enabled'
do
before
do
settings
.
throttle_unauthenticated_enabled
=
true
s
ettings
.
save!
settings
_to_set
[
:throttle_unauthenticated_enabled
]
=
true
s
tub_application_setting
(
settings_to_set
)
end
it
'rejects requests over the rate limit'
do
...
...
@@ -172,8 +174,8 @@ describe 'Rack Attack global throttles' do
context
'when the throttle is disabled'
do
before
do
settings
.
throttle_unauthenticated_enabled
=
false
s
ettings
.
save!
settings
_to_set
[
:throttle_unauthenticated_enabled
]
=
false
s
tub_application_setting
(
settings_to_set
)
end
it
'allows requests over the rate limit'
do
...
...
@@ -186,8 +188,6 @@ describe 'Rack Attack global throttles' do
end
describe
'API requests authenticated with private token'
,
:api
do
let
(
:requests_per_period
)
{
settings
.
throttle_authenticated_api_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_authenticated_api_period_in_seconds
.
seconds
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:other_user
)
{
create
(
:user
)
}
let
(
:throttle_setting_prefix
)
{
'throttle_authenticated_api'
}
...
...
@@ -230,8 +230,6 @@ describe 'Rack Attack global throttles' do
end
describe
'API requests authenticated with OAuth token'
,
:api
do
let
(
:requests_per_period
)
{
settings
.
throttle_authenticated_api_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_authenticated_api_period_in_seconds
.
seconds
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:application
)
{
Doorkeeper
::
Application
.
create!
(
name:
"MyApp"
,
redirect_uri:
"https://app.com"
,
owner:
user
)
}
let
(
:token
)
{
Doorkeeper
::
AccessToken
.
create!
(
application_id:
application
.
id
,
resource_owner_id:
user
.
id
,
scopes:
"api"
)
}
...
...
@@ -256,8 +254,6 @@ describe 'Rack Attack global throttles' do
end
describe
'"web" (non-API) requests authenticated with RSS token'
do
let
(
:requests_per_period
)
{
settings
.
throttle_authenticated_web_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_authenticated_web_period_in_seconds
.
seconds
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:other_user
)
{
create
(
:user
)
}
let
(
:throttle_setting_prefix
)
{
'throttle_authenticated_web'
}
...
...
@@ -280,22 +276,20 @@ describe 'Rack Attack global throttles' do
end
describe
'web requests authenticated with regular login'
do
let
(
:requests_per_period
)
{
settings
.
throttle_authenticated_web_requests_per_period
}
let
(
:period
)
{
settings
.
throttle_authenticated_web_period_in_seconds
.
seconds
}
let
(
:user
)
{
create
(
:user
)
}
before
do
login_as
(
user
)
# Set low limits
settings
.
throttle_authenticated_web_requests_per_period
=
1
settings
.
throttle_authenticated_web_period_in_seconds
=
10000
settings
_to_set
[
:throttle_authenticated_web_requests_per_period
]
=
requests_per_period
settings
_to_set
[
:throttle_authenticated_web_period_in_seconds
]
=
period_in_seconds
end
context
'when the throttle is enabled'
do
before
do
settings
.
throttle_authenticated_web_enabled
=
true
s
ettings
.
save!
settings
_to_set
[
:throttle_authenticated_web_enabled
]
=
true
s
tub_application_setting
(
settings_to_set
)
end
it
'rejects requests over the rate limit'
do
...
...
@@ -354,8 +348,8 @@ describe 'Rack Attack global throttles' do
context
'when the throttle is disabled'
do
before
do
settings
.
throttle_authenticated_web_enabled
=
false
s
ettings
.
save!
settings
_to_set
[
:throttle_authenticated_web_enabled
]
=
false
s
tub_application_setting
(
settings_to_set
)
end
it
'allows requests over the rate limit'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment