diff options
Diffstat (limited to 'spec/support/shared_examples/requests/rack_attack_shared_examples.rb')
-rw-r--r-- | spec/support/shared_examples/requests/rack_attack_shared_examples.rb | 37 |
1 files changed, 26 insertions, 11 deletions
diff --git a/spec/support/shared_examples/requests/rack_attack_shared_examples.rb b/spec/support/shared_examples/requests/rack_attack_shared_examples.rb index 730df4dc5ab..d4ee68309ff 100644 --- a/spec/support/shared_examples/requests/rack_attack_shared_examples.rb +++ b/spec/support/shared_examples/requests/rack_attack_shared_examples.rb @@ -81,8 +81,15 @@ RSpec.shared_examples 'rate-limited token-authenticated requests' do end it 'logs RackAttack info into structured logs' do - requests_per_period.times do - make_request(request_args) + control_count = 0 + + requests_per_period.times do |i| + if i == 0 + control_count = ActiveRecord::QueryRecorder.new { make_request(request_args) }.count + else + make_request(request_args) + end + expect(response).not_to have_gitlab_http_status(:too_many_requests) end @@ -93,13 +100,15 @@ RSpec.shared_examples 'rate-limited token-authenticated requests' do request_method: request_method, path: request_args.first, user_id: user.id, - username: user.username, - throttle_type: throttle_types[throttle_setting_prefix] + 'meta.user' => user.username, + matched: throttle_types[throttle_setting_prefix] } expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once - expect_rejection { make_request(request_args) } + expect_rejection do + expect { make_request(request_args) }.not_to exceed_query_limit(control_count) + end end end @@ -210,8 +219,15 @@ RSpec.shared_examples 'rate-limited web authenticated requests' do end it 'logs RackAttack info into structured logs' do - requests_per_period.times do - request_authenticated_web_url + control_count = 0 + + requests_per_period.times do |i| + if i == 0 + control_count = ActiveRecord::QueryRecorder.new { request_authenticated_web_url }.count + else + request_authenticated_web_url + end + expect(response).not_to have_gitlab_http_status(:too_many_requests) end @@ -222,13 +238,12 @@ RSpec.shared_examples 'rate-limited web authenticated requests' do request_method: request_method, path: url_that_requires_authentication, user_id: user.id, - username: user.username, - throttle_type: throttle_types[throttle_setting_prefix] + 'meta.user' => user.username, + matched: throttle_types[throttle_setting_prefix] } expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once - - request_authenticated_web_url + expect { request_authenticated_web_url }.not_to exceed_query_limit(control_count) end end |