2019-12-21 20:55:43 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
|
|
module RackAttackSpecHelpers
|
|
|
|
|
def api_get_args_with_token_headers(partial_url, token_headers)
|
|
|
|
|
["/api/#{API::API.version}#{partial_url}", params: nil, headers: token_headers]
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def rss_url(user)
|
|
|
|
|
"/dashboard/projects.atom?feed_token=#{user.feed_token}"
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def private_token_headers(user)
|
2022-05-03 16:02:30 +05:30
|
|
|
{ Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER => user.private_token }
|
2019-12-21 20:55:43 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def personal_access_token_headers(personal_access_token)
|
2022-05-03 16:02:30 +05:30
|
|
|
{ Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER => personal_access_token.token }
|
2019-12-21 20:55:43 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def oauth_token_headers(oauth_access_token)
|
|
|
|
|
{ 'AUTHORIZATION' => "Bearer #{oauth_access_token.token}" }
|
|
|
|
|
end
|
|
|
|
|
|
2021-03-08 18:12:59 +05:30
|
|
|
def basic_auth_headers(user, personal_access_token)
|
|
|
|
|
encoded_login = ["#{user.username}:#{personal_access_token.token}"].pack('m0')
|
|
|
|
|
{ 'AUTHORIZATION' => "Basic #{encoded_login}" }
|
|
|
|
|
end
|
|
|
|
|
|
2022-05-03 16:02:30 +05:30
|
|
|
def deploy_token_headers(deploy_token)
|
|
|
|
|
basic_auth_headers(deploy_token, deploy_token)
|
|
|
|
|
end
|
|
|
|
|
|
2022-04-04 11:22:00 +05:30
|
|
|
def expect_rejection(name = nil, &block)
|
2019-12-21 20:55:43 +05:30
|
|
|
yield
|
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
expect(response).to have_gitlab_http_status(:too_many_requests)
|
2021-03-08 18:12:59 +05:30
|
|
|
|
|
|
|
|
expect(response.headers.to_h).to include(
|
|
|
|
|
'RateLimit-Limit' => a_string_matching(/^\d+$/),
|
2022-04-04 11:22:00 +05:30
|
|
|
'RateLimit-Name' => name || a_string_matching(/^throttle_.*$/),
|
2021-03-08 18:12:59 +05:30
|
|
|
'RateLimit-Observed' => a_string_matching(/^\d+$/),
|
|
|
|
|
'RateLimit-Remaining' => a_string_matching(/^\d+$/),
|
|
|
|
|
'Retry-After' => a_string_matching(/^\d+$/)
|
|
|
|
|
)
|
|
|
|
|
expect(response).to have_header('RateLimit-Reset')
|
|
|
|
|
expect do
|
|
|
|
|
DateTime.strptime(response.headers['RateLimit-Reset'], '%s')
|
|
|
|
|
end.not_to raise_error
|
|
|
|
|
expect(response).to have_header('RateLimit-ResetTime')
|
|
|
|
|
expect do
|
|
|
|
|
Time.httpdate(response.headers['RateLimit-ResetTime'])
|
|
|
|
|
end.not_to raise_error
|
2019-12-21 20:55:43 +05:30
|
|
|
end
|
2020-07-28 23:09:34 +05:30
|
|
|
|
|
|
|
|
def expect_ok(&block)
|
|
|
|
|
yield
|
|
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def random_next_ip
|
|
|
|
|
allow_next_instance_of(Rack::Attack::Request) do |instance|
|
|
|
|
|
allow(instance).to receive(:ip).and_return(FFaker::Internet.ip_v4_address)
|
|
|
|
|
end
|
|
|
|
|
end
|
2019-12-21 20:55:43 +05:30
|
|
|
end
|
