diff options
Diffstat (limited to 'spec/controllers/projects/notes_controller_spec.rb')
-rw-r--r-- | spec/controllers/projects/notes_controller_spec.rb | 50 |
1 files changed, 4 insertions, 46 deletions
diff --git a/spec/controllers/projects/notes_controller_spec.rb b/spec/controllers/projects/notes_controller_spec.rb index edebaf294c4..add249e2c74 100644 --- a/spec/controllers/projects/notes_controller_spec.rb +++ b/spec/controllers/projects/notes_controller_spec.rb @@ -150,7 +150,7 @@ RSpec.describe Projects::NotesController do end it 'returns an empty page of notes' do - expect(Gitlab::EtagCaching::Middleware).to receive(:skip!) + expect(Gitlab::EtagCaching::Middleware).not_to receive(:skip!) request.headers['X-Last-Fetched-At'] = microseconds(Time.zone.now) @@ -169,8 +169,6 @@ RSpec.describe Projects::NotesController do end it 'returns all notes' do - expect(Gitlab::EtagCaching::Middleware).to receive(:skip!) - get :index, params: request_params expect(json_response['notes'].count).to eq((page_1 + page_2 + page_3).size + 1) @@ -764,49 +762,9 @@ RSpec.describe Projects::NotesController do end end - context 'when the endpoint receives requests above the limit' do - before do - stub_application_setting(notes_create_limit: 3) - end - - it 'prevents from creating more notes', :request_store do - 3.times { create! } - - expect { create! } - .to change { Gitlab::GitalyClient.get_request_count }.by(0) - - create! - expect(response.body).to eq(_('This endpoint has been requested too many times. Try again later.')) - expect(response).to have_gitlab_http_status(:too_many_requests) - end - - it 'logs the event in auth.log' do - attributes = { - message: 'Application_Rate_Limiter_Request', - env: :notes_create_request_limit, - remote_ip: '0.0.0.0', - request_method: 'POST', - path: "/#{project.full_path}/notes", - user_id: user.id, - username: user.username - } - - expect(Gitlab::AuthLogger).to receive(:error).with(attributes).once - - project.add_developer(user) - sign_in(user) - - 4.times { create! } - end - - it 'allows user in allow-list to create notes, even if the case is different' do - user.update_attribute(:username, user.username.titleize) - stub_application_setting(notes_create_limit_allowlist: ["#{user.username.downcase}"]) - 3.times { create! } - - create! - expect(response).to have_gitlab_http_status(:found) - end + it_behaves_like 'request exceeding rate limit', :clean_gitlab_redis_cache do + let(:params) { request_params.except(:format) } + let(:request_full_path) { project_notes_path(project) } end end |