debian-mirror-gitlab/spec/support/helpers/rack_attack_spec_helpers.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

71 lines
2.1 KiB
Ruby
Raw Permalink Normal View History

2019-12-21 20:55:43 +05:30
# frozen_string_literal: true
module RackAttackSpecHelpers
def api_get_args_with_token_headers(partial_url, token_headers)
["/api/#{API::API.version}#{partial_url}", params: nil, headers: token_headers]
end
def rss_url(user)
"/dashboard/projects.atom?feed_token=#{user.feed_token}"
end
def private_token_headers(user)
2022-05-03 16:02:30 +05:30
{ Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER => user.private_token }
2019-12-21 20:55:43 +05:30
end
def personal_access_token_headers(personal_access_token)
2022-05-03 16:02:30 +05:30
{ Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER => personal_access_token.token }
2019-12-21 20:55:43 +05:30
end
2022-08-27 11:52:29 +05:30
def bearer_headers(token)
{ 'AUTHORIZATION' => "Bearer #{token.token}" }
end
2019-12-21 20:55:43 +05:30
def oauth_token_headers(oauth_access_token)
2022-08-27 11:52:29 +05:30
{ 'AUTHORIZATION' => "Bearer #{oauth_access_token.plaintext_token}" }
2019-12-21 20:55:43 +05:30
end
2021-03-08 18:12:59 +05:30
def basic_auth_headers(user, personal_access_token)
encoded_login = ["#{user.username}:#{personal_access_token.token}"].pack('m0')
{ 'AUTHORIZATION' => "Basic #{encoded_login}" }
end
2022-05-03 16:02:30 +05:30
def deploy_token_headers(deploy_token)
basic_auth_headers(deploy_token, deploy_token)
end
2022-04-04 11:22:00 +05:30
def expect_rejection(name = nil, &block)
2019-12-21 20:55:43 +05:30
yield
2020-03-13 15:44:24 +05:30
expect(response).to have_gitlab_http_status(:too_many_requests)
2021-03-08 18:12:59 +05:30
expect(response.headers.to_h).to include(
'RateLimit-Limit' => a_string_matching(/^\d+$/),
2022-04-04 11:22:00 +05:30
'RateLimit-Name' => name || a_string_matching(/^throttle_.*$/),
2021-03-08 18:12:59 +05:30
'RateLimit-Observed' => a_string_matching(/^\d+$/),
'RateLimit-Remaining' => a_string_matching(/^\d+$/),
'Retry-After' => a_string_matching(/^\d+$/)
)
expect(response).to have_header('RateLimit-Reset')
expect do
DateTime.strptime(response.headers['RateLimit-Reset'], '%s')
end.not_to raise_error
expect(response).to have_header('RateLimit-ResetTime')
expect do
Time.httpdate(response.headers['RateLimit-ResetTime'])
end.not_to raise_error
2019-12-21 20:55:43 +05:30
end
2020-07-28 23:09:34 +05:30
def expect_ok(&block)
yield
expect(response).to have_gitlab_http_status(:ok)
end
def random_next_ip
allow_next_instance_of(Rack::Attack::Request) do |instance|
allow(instance).to receive(:ip).and_return(FFaker::Internet.ip_v4_address)
end
end
2019-12-21 20:55:43 +05:30
end