diff options
author | Francisco Javier López <fjlopez@gitlab.com> | 2018-02-15 16:54:36 +0000 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2018-02-15 16:54:36 +0000 |
commit | 5ddd576c7e93da1c97b81af90f65e1f368266547 (patch) | |
tree | e11e5af31745f2f053354715a0f48dba10a50e3d /spec/requests | |
parent | e5df66e1af47ea9bbd526657f9af913618e6f3ee (diff) | |
download | gitlab-ce-5ddd576c7e93da1c97b81af90f65e1f368266547.tar.gz |
Remove internal api calls from the rack::attack throttling
Diffstat (limited to 'spec/requests')
-rw-r--r-- | spec/requests/rack_attack_global_spec.rb | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/spec/requests/rack_attack_global_spec.rb b/spec/requests/rack_attack_global_spec.rb index 0fec14d0cce..b18e922b063 100644 --- a/spec/requests/rack_attack_global_spec.rb +++ b/spec/requests/rack_attack_global_spec.rb @@ -22,6 +22,7 @@ describe 'Rack Attack global throttles' do let(:url_that_does_not_require_authentication) { '/users/sign_in' } let(:url_that_requires_authentication) { '/dashboard/snippets' } + let(:url_api_internal) { '/api/v4/internal/check' } let(:api_partial_url) { '/todos' } around do |example| @@ -172,6 +173,15 @@ describe 'Rack Attack global throttles' do get url_that_does_not_require_authentication expect(response).to have_http_status 200 end + + context 'when the request is to the api internal endpoints' do + it 'allows requests over the rate limit' do + (1 + requests_per_period).times do + get url_api_internal, secret_token: Gitlab::Shell.secret_token + expect(response).to have_http_status 200 + end + end + end end context 'when the throttle is disabled' do |