Add QA specs for using IP rate limitssh-rate-limits-qa

This will help prevent issues such as
https://gitlab.com/gitlab-org/gitlab-ce/issues/66449.

6 files changed, 103 insertions, 1 deletions

diff --git a/qa/qa.rb b/qa/qa.rb
index a760f72f70d..c12a9d9d19a 100644
--- a/qa/qa.rb
+++ b/qa/qa.rb
@@ -303,8 +303,10 @@ module QA
         autoload :Repository, 'qa/page/admin/settings/repository'
         autoload :General, 'qa/page/admin/settings/general'
         autoload :MetricsAndProfiling, 'qa/page/admin/settings/metrics_and_profiling'
+        autoload :Network, 'qa/page/admin/settings/network'
 
         module Component
+          autoload :IpLimits, 'qa/page/admin/settings/component/ip_limits'
           autoload :RepositoryStorage, 'qa/page/admin/settings/component/repository_storage'
           autoload :AccountAndLimit, 'qa/page/admin/settings/component/account_and_limit'
           autoload :PerformanceBar, 'qa/page/admin/settings/component/performance_bar'
diff --git a/qa/qa/page/admin/menu.rb b/qa/qa/page/admin/menu.rb
index 61ec9854726..a520fb546c8 100644
--- a/qa/qa/page/admin/menu.rb
+++ b/qa/qa/page/admin/menu.rb
@@ -49,6 +49,14 @@ module QA
           end
         end
 
+        def go_to_network_settings
+          hover_settings do
+            within_submenu do
+              click_element :admin_settings_network_item
+            end
+          end
+        end
+
         private
 
         def hover_settings
diff --git a/qa/qa/page/admin/settings/component/ip_limits.rb b/qa/qa/page/admin/settings/component/ip_limits.rb
new file mode 100644
index 00000000000..9db2ae8ba58
--- /dev/null
+++ b/qa/qa/page/admin/settings/component/ip_limits.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module QA
+  module Page
+    module Admin
+      module Settings
+        module Component
+          class IpLimits < Page::Base
+            view 'app/views/admin/application_settings/_ip_limits.html.haml' do
+              element :throttle_unauthenticated_checkbox
+              element :throttle_authenticated_api_checkbox
+              element :throttle_authenticated_web_checkbox
+              element :save_changes_button
+            end
+
+            def enable_throttles
+              check_element :throttle_unauthenticated_checkbox
+              check_element :throttle_authenticated_api_checkbox
+              check_element :throttle_authenticated_web_checkbox
+            end
+
+            def save_settings
+              click_element :save_changes_button
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/qa/qa/page/admin/settings/network.rb b/qa/qa/page/admin/settings/network.rb
new file mode 100644
index 00000000000..fdb8fcda281
--- /dev/null
+++ b/qa/qa/page/admin/settings/network.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module QA
+  module Page
+    module Admin
+      module Settings
+        class Network < Page::Base
+          include QA::Page::Settings::Common
+
+          view 'app/views/admin/application_settings/network.html.haml' do
+            element :ip_limits_section
+          end
+
+          def expand_ip_limits(&block)
+            expand_section(:ip_limits_section) do
+              Component::IpLimits.perform(&block)
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/qa/qa/runtime/api/client.rb b/qa/qa/runtime/api/client.rb
index 663be27a849..25d8f3c0fbb 100644
--- a/qa/qa/runtime/api/client.rb
+++ b/qa/qa/runtime/api/client.rb
@@ -8,11 +8,12 @@ module QA
       class Client
         attr_reader :address, :user
 
-        def initialize(address = :gitlab, personal_access_token: nil, is_new_session: true, user: nil)
+        def initialize(address = :gitlab, personal_access_token: nil, is_new_session: true, user: nil, ip_limits: false)
           @address = address
           @personal_access_token = personal_access_token
           @is_new_session = is_new_session
           @user = user
+          enable_ip_limits if ip_limits
         end
 
         def personal_access_token
@@ -26,6 +27,24 @@ module QA
 
         private
 
+        def enable_ip_limits
+          Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
+
+          Runtime::Browser.visit(@address, Page::Main::Login)
+          Page::Main::Login.perform(&:sign_in_using_admin_credentials)
+          Page::Main::Menu.perform(&:click_admin_area)
+          Page::Admin::Menu.perform(&:go_to_network_settings)
+
+          Page::Admin::Settings::Network.perform do |setting|
+            setting.expand_ip_limits do |page|
+              page.enable_throttles
+              page.save_settings
+            end
+          end
+
+          Page::Main::Menu.perform(&:sign_out)
+        end
+
         def create_personal_access_token
           Page::Main::Menu.perform(&:sign_out) if @is_new_session && Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
 
diff --git a/qa/qa/specs/features/api/1_manage/rate_limits_spec.rb b/qa/qa/specs/features/api/1_manage/rate_limits_spec.rb
new file mode 100644
index 00000000000..44c5e0b4196
--- /dev/null
+++ b/qa/qa/specs/features/api/1_manage/rate_limits_spec.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module QA
+  context 'Manage with IP rate limits', :requires_admin do
+    describe 'Users API' do
+      before(:context) do
+        @api_client = Runtime::API::Client.new(:gitlab, ip_limits: true)
+      end
+
+      let(:request) { Runtime::API::Request.new(@api_client, '/users') }
+
+      it 'GET /users' do
+        5.times do
+          get request.url
+          expect_status(200)
+        end
+      end
+    end
+  end
+end