Return 429 on rate limiter on raw endpoint

It was originally returning 302 when the rate limit kicks in, because
using the the correct status code makes it easier to track rate limiting
events

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/65974

3 files changed, 43 insertions, 4 deletions

diff --git a/app/controllers/projects/raw_controller.rb b/app/controllers/projects/raw_controller.rb
index 3254229d9cb..c94fdd9483d 100644
--- a/app/controllers/projects/raw_controller.rb
+++ b/app/controllers/projects/raw_controller.rb
@@ -26,7 +26,7 @@ class Projects::RawController < Projects::ApplicationController
     limiter.log_request(request, :raw_blob_request_limit, current_user)
 
     flash[:alert] = _('You cannot access the raw file. Please wait a minute.')
-    redirect_to project_blob_path(@project, File.join(@ref, @path))
+    redirect_to project_blob_path(@project, File.join(@ref, @path)), status: :too_many_requests
   end
 
   def raw_blob_request_limit
diff --git a/spec/controllers/projects/raw_controller_spec.rb b/spec/controllers/projects/raw_controller_spec.rb
index 8ee3168273f..b958f419a19 100644
--- a/spec/controllers/projects/raw_controller_spec.rb
+++ b/spec/controllers/projects/raw_controller_spec.rb
@@ -60,7 +60,7 @@ describe Projects::RawController do
         execute_raw_requests(requests: 6, project: project, file_path: file_path)
 
         expect(flash[:alert]).to eq('You cannot access the raw file. Please wait a minute.')
-        expect(response).to redirect_to(project_blob_path(project, file_path))
+        expect(response).to have_gitlab_http_status(429)
       end
 
       it 'logs the event on auth.log' do
@@ -92,7 +92,7 @@ describe Projects::RawController do
           execute_raw_requests(requests: 3, project: project, file_path: modified_path)
 
           expect(flash[:alert]).to eq('You cannot access the raw file. Please wait a minute.')
-          expect(response).to redirect_to(project_blob_path(project, modified_path))
+          expect(response).to have_gitlab_http_status(429)
         end
       end
 
@@ -120,7 +120,7 @@ describe Projects::RawController do
           execute_raw_requests(requests: 6, project: project, file_path: file_path)
 
           expect(flash[:alert]).to eq('You cannot access the raw file. Please wait a minute.')
-          expect(response).to redirect_to(project_blob_path(project, file_path))
+          expect(response).to have_gitlab_http_status(429)
 
           # Accessing upcase version of readme
           file_path = "#{commit_sha}/README.md"
diff --git a/spec/features/projects/raw/user_interacts_with_raw_endpoint_spec.rb b/spec/features/projects/raw/user_interacts_with_raw_endpoint_spec.rb
new file mode 100644
index 00000000000..6d587053b4f
--- /dev/null
+++ b/spec/features/projects/raw/user_interacts_with_raw_endpoint_spec.rb
@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'Projects > Raw > User interacts with raw endpoint' do
+  include RepoHelpers
+
+  let(:user) { create(:user) }
+  let(:project) { create(:project, :repository, :public) }
+  let(:file_path) { 'master/README.md' }
+
+  before do
+    stub_application_setting(raw_blob_request_limit: 3)
+    project.add_developer(user)
+    create_file_in_repo(project, 'master', 'master', 'README.md', 'readme content')
+
+    sign_in(user)
+  end
+
+  context 'when user access a raw file' do
+    it 'renders the page successfully' do
+      visit project_raw_url(project, file_path)
+
+      expect(source).to eq('') # Body is filled in by gitlab-workhorse
+    end
+  end
+
+  context 'when user goes over the rate requests limit' do
+    it 'returns too many requests' do
+      4.times do
+        visit project_raw_url(project, file_path)
+      end
+
+      expect(source).to have_content('You are being redirected')
+      click_link('redirected')
+      expect(page).to have_content('You cannot access the raw file. Please wait a minute.')
+    end
+  end
+end