diff options
Diffstat (limited to 'spec/support/shared_examples/controllers/create_notes_rate_limit_shared_examples.rb')
-rw-r--r-- | spec/support/shared_examples/controllers/create_notes_rate_limit_shared_examples.rb | 58 |
1 files changed, 30 insertions, 28 deletions
diff --git a/spec/support/shared_examples/controllers/create_notes_rate_limit_shared_examples.rb b/spec/support/shared_examples/controllers/create_notes_rate_limit_shared_examples.rb index 74a98c20383..8affe4ac8f5 100644 --- a/spec/support/shared_examples/controllers/create_notes_rate_limit_shared_examples.rb +++ b/spec/support/shared_examples/controllers/create_notes_rate_limit_shared_examples.rb @@ -6,39 +6,41 @@ # - request_full_path RSpec.shared_examples 'request exceeding rate limit' do - before do - stub_application_setting(notes_create_limit: 2) - 2.times { post :create, params: params } - end + context 'with rate limiter', :freeze_time, :clean_gitlab_redis_rate_limiting do + before do + stub_application_setting(notes_create_limit: 2) + 2.times { post :create, params: params } + end - it 'prevents from creating more notes', :request_store do - expect { post :create, params: params } - .to change { Note.count }.by(0) + it 'prevents from creating more notes' do + expect { post :create, params: params } + .to change { Note.count }.by(0) - expect(response).to have_gitlab_http_status(:too_many_requests) - expect(response.body).to eq(_('This endpoint has been requested too many times. Try again later.')) - end + expect(response).to have_gitlab_http_status(:too_many_requests) + expect(response.body).to eq(_('This endpoint has been requested too many times. Try again later.')) + end - it 'logs the event in auth.log' do - attributes = { - message: 'Application_Rate_Limiter_Request', - env: :notes_create_request_limit, - remote_ip: '0.0.0.0', - request_method: 'POST', - path: request_full_path, - user_id: user.id, - username: user.username - } + it 'logs the event in auth.log' do + attributes = { + message: 'Application_Rate_Limiter_Request', + env: :notes_create_request_limit, + remote_ip: '0.0.0.0', + request_method: 'POST', + path: request_full_path, + user_id: user.id, + username: user.username + } - expect(Gitlab::AuthLogger).to receive(:error).with(attributes).once - post :create, params: params - end + expect(Gitlab::AuthLogger).to receive(:error).with(attributes).once + post :create, params: params + end - it 'allows user in allow-list to create notes, even if the case is different' do - user.update_attribute(:username, user.username.titleize) - stub_application_setting(notes_create_limit_allowlist: ["#{user.username.downcase}"]) + it 'allows user in allow-list to create notes, even if the case is different' do + user.update_attribute(:username, user.username.titleize) + stub_application_setting(notes_create_limit_allowlist: ["#{user.username.downcase}"]) - post :create, params: params - expect(response).to have_gitlab_http_status(:found) + post :create, params: params + expect(response).to have_gitlab_http_status(:found) + end end end |