debian-mirror-gitlab/spec/lib/gitlab/application_rate_limiter_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

179 lines
5.7 KiB
Ruby
Raw Normal View History

2019-10-12 21:52:04 +05:30
# frozen_string_literal: true
2018-03-17 18:26:18 +05:30
require 'spec_helper'
2022-01-26 12:08:38 +05:30
RSpec.describe Gitlab::ApplicationRateLimiter, :clean_gitlab_redis_rate_limiting do
2021-12-11 22:18:48 +05:30
let_it_be(:user) { create(:user) }
let_it_be(:project) { create(:project) }
2022-01-26 12:08:38 +05:30
let(:rate_limits) do
{
test_action: {
threshold: 1,
interval: 2.minutes
},
another_action: {
threshold: 2,
interval: 3.minutes
2020-01-01 13:55:28 +05:30
}
2022-01-26 12:08:38 +05:30
}
end
2020-10-24 23:57:45 +05:30
2022-01-26 12:08:38 +05:30
subject { described_class }
before do
allow(described_class).to receive(:rate_limits).and_return(rate_limits)
end
2018-03-17 18:26:18 +05:30
2022-01-26 12:08:38 +05:30
describe '.throttled?' do
2021-12-11 22:18:48 +05:30
context 'when the key is invalid' do
context 'is provided as a Symbol' do
context 'but is not defined in the rate_limits Hash' do
it 'raises an InvalidKeyError exception' do
key = :key_not_in_rate_limits_hash
2018-03-17 18:26:18 +05:30
2022-01-26 12:08:38 +05:30
expect { subject.throttled?(key, scope: [user]) }.to raise_error(Gitlab::ApplicationRateLimiter::InvalidKeyError)
2021-12-11 22:18:48 +05:30
end
end
end
2018-03-17 18:26:18 +05:30
2021-12-11 22:18:48 +05:30
context 'is provided as a String' do
context 'and is a String representation of an existing key in rate_limits Hash' do
it 'raises an InvalidKeyError exception' do
key = rate_limits.keys[0].to_s
2019-10-12 21:52:04 +05:30
2022-01-26 12:08:38 +05:30
expect { subject.throttled?(key, scope: [user]) }.to raise_error(Gitlab::ApplicationRateLimiter::InvalidKeyError)
2021-12-11 22:18:48 +05:30
end
end
2019-10-12 21:52:04 +05:30
2021-12-11 22:18:48 +05:30
context 'but is not defined in any form in the rate_limits Hash' do
it 'raises an InvalidKeyError exception' do
key = 'key_not_in_rate_limits_hash'
2018-03-17 18:26:18 +05:30
2022-01-26 12:08:38 +05:30
expect { subject.throttled?(key, scope: [user]) }.to raise_error(Gitlab::ApplicationRateLimiter::InvalidKeyError)
2021-12-11 22:18:48 +05:30
end
end
end
2019-10-12 21:52:04 +05:30
end
2021-12-11 22:18:48 +05:30
shared_examples 'throttles based on key and scope' do
let(:start_time) { Time.current.beginning_of_hour }
2019-10-12 21:52:04 +05:30
2021-12-11 22:18:48 +05:30
it 'returns true when threshold is exceeded' do
travel_to(start_time) do
expect(subject.throttled?(:test_action, scope: scope)).to eq(false)
end
travel_to(start_time + 1.minute) do
expect(subject.throttled?(:test_action, scope: scope)).to eq(true)
# Assert that it does not affect other actions or scope
expect(subject.throttled?(:another_action, scope: scope)).to eq(false)
expect(subject.throttled?(:test_action, scope: [user])).to eq(false)
end
2019-10-12 21:52:04 +05:30
end
2018-03-17 18:26:18 +05:30
2021-12-11 22:18:48 +05:30
it 'returns false when interval has elapsed' do
travel_to(start_time) do
expect(subject.throttled?(:test_action, scope: scope)).to eq(false)
2019-10-12 21:52:04 +05:30
2021-12-11 22:18:48 +05:30
# another_action has a threshold of 3 so we simulate 2 requests
expect(subject.throttled?(:another_action, scope: scope)).to eq(false)
expect(subject.throttled?(:another_action, scope: scope)).to eq(false)
end
2019-10-12 21:52:04 +05:30
2021-12-11 22:18:48 +05:30
travel_to(start_time + 2.minutes) do
expect(subject.throttled?(:test_action, scope: scope)).to eq(false)
2019-10-12 21:52:04 +05:30
2021-12-11 22:18:48 +05:30
# Assert that another_action has its own interval that hasn't elapsed
expect(subject.throttled?(:another_action, scope: scope)).to eq(true)
end
end
2022-01-26 12:08:38 +05:30
it 'allows peeking at the current state without changing its value' do
travel_to(start_time) do
expect(subject.throttled?(:test_action, scope: scope)).to eq(false)
2.times do
expect(subject.throttled?(:test_action, scope: scope, peek: true)).to eq(false)
end
expect(subject.throttled?(:test_action, scope: scope)).to eq(true)
expect(subject.throttled?(:test_action, scope: scope, peek: true)).to eq(true)
end
end
2021-12-11 22:18:48 +05:30
end
context 'when using ActiveRecord models as scope' do
let(:scope) { [user, project] }
2019-10-12 21:52:04 +05:30
2021-12-11 22:18:48 +05:30
it_behaves_like 'throttles based on key and scope'
2019-10-12 21:52:04 +05:30
end
2021-12-11 22:18:48 +05:30
context 'when using ActiveRecord models and strings as scope' do
let(:scope) { [project, 'app/controllers/groups_controller.rb'] }
it_behaves_like 'throttles based on key and scope'
end
2019-10-12 21:52:04 +05:30
end
2022-01-26 12:08:38 +05:30
describe '.peek' do
it 'peeks at the current state without changing its value' do
freeze_time do
expect(subject.peek(:test_action, scope: [user])).to eq(false)
expect(subject.throttled?(:test_action, scope: [user])).to eq(false)
2.times do
expect(subject.peek(:test_action, scope: [user])).to eq(false)
end
expect(subject.throttled?(:test_action, scope: [user])).to eq(true)
expect(subject.peek(:test_action, scope: [user])).to eq(true)
end
end
end
2021-12-11 22:18:48 +05:30
describe '.log_request' do
2019-10-12 21:52:04 +05:30
let(:file_path) { 'master/README.md' }
let(:type) { :raw_blob_request_limit }
let(:fullpath) { "/#{project.full_path}/raw/#{file_path}" }
let(:request) do
double('request', ip: '127.0.0.1', request_method: 'GET', fullpath: fullpath)
end
let(:base_attributes) do
{
2020-01-01 13:55:28 +05:30
message: 'Application_Rate_Limiter_Request',
2019-10-12 21:52:04 +05:30
env: type,
2019-12-04 20:38:33 +05:30
remote_ip: '127.0.0.1',
2019-10-12 21:52:04 +05:30
request_method: 'GET',
2019-12-04 20:38:33 +05:30
path: fullpath
2019-10-12 21:52:04 +05:30
}
end
context 'without a current user' do
let(:current_user) { nil }
it 'logs information to auth.log' do
expect(Gitlab::AuthLogger).to receive(:error).with(base_attributes).once
subject.log_request(request, type, current_user)
end
end
context 'with a current_user' do
2021-12-11 22:18:48 +05:30
let(:current_user) { user }
2019-10-12 21:52:04 +05:30
let(:attributes) do
base_attributes.merge({
2021-11-18 22:05:49 +05:30
user_id: current_user.id,
username: current_user.username
})
2019-10-12 21:52:04 +05:30
end
it 'logs information to auth.log' do
expect(Gitlab::AuthLogger).to receive(:error).with(attributes).once
2018-03-17 18:26:18 +05:30
2019-10-12 21:52:04 +05:30
subject.log_request(request, type, current_user)
end
end
2018-03-17 18:26:18 +05:30
end
end