diff options
Diffstat (limited to 'spec/support/shared_examples/requests')
11 files changed, 687 insertions, 38 deletions
diff --git a/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb index ec32cb4b2ff..f55043fe64f 100644 --- a/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/debian_packages_shared_examples.rb @@ -20,7 +20,7 @@ RSpec.shared_context 'Debian repository shared context' do |object_type| let(:source_package) { 'sample' } let(:letter) { source_package[0..2] == 'lib' ? source_package[0..3] : source_package[0] } let(:package_name) { 'libsample0' } - let(:package_version) { '1.2.3~alpha2-1' } + let(:package_version) { '1.2.3~alpha2' } let(:file_name) { "#{package_name}_#{package_version}_#{architecture}.deb" } let(:method) { :get } diff --git a/spec/support/shared_examples/requests/api/discussions_shared_examples.rb b/spec/support/shared_examples/requests/api/discussions_shared_examples.rb index 6315c10b0c4..a12cb24a513 100644 --- a/spec/support/shared_examples/requests/api/discussions_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/discussions_shared_examples.rb @@ -117,15 +117,10 @@ RSpec.shared_examples 'discussions API' do |parent_type, noteable_type, id_name, expect(response).to have_gitlab_http_status(:unauthorized) end - it 'tracks a Notes::CreateService event' do - expect(Gitlab::Tracking).to receive(:event) do |category, action, data| - expect(category).to eq('Notes::CreateService') - expect(action).to eq('execute') - expect(data[:label]).to eq('note') - expect(data[:value]).to be_an(Integer) - end - + it 'tracks a Notes::CreateService event', :snowplow do post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions", user), params: { body: 'hi!' } + + expect_snowplow_event(category: 'Notes::CreateService', action: 'execute', label: 'note', value: anything) end context 'with notes_create_service_tracking feature flag disabled' do @@ -133,10 +128,10 @@ RSpec.shared_examples 'discussions API' do |parent_type, noteable_type, id_name, stub_feature_flags(notes_create_service_tracking: false) end - it 'does not track any events' do - expect(Gitlab::Tracking).not_to receive(:event) - + it 'does not track any events', :snowplow do post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions"), params: { body: 'hi!' } + + expect_no_snowplow_event end end diff --git a/spec/support/shared_examples/requests/api/graphql/read_only_instance_shared_examples.rb b/spec/support/shared_examples/requests/api/graphql/read_only_instance_shared_examples.rb new file mode 100644 index 00000000000..be163d6aa0e --- /dev/null +++ b/spec/support/shared_examples/requests/api/graphql/read_only_instance_shared_examples.rb @@ -0,0 +1,47 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'graphql on a read-only GitLab instance' do + include GraphqlHelpers + + context 'mutations' do + let(:current_user) { note.author } + let!(:note) { create(:note) } + + let(:mutation) do + variables = { + id: GitlabSchema.id_from_object(note).to_s + } + + graphql_mutation(:destroy_note, variables) + end + + it 'disallows the query' do + post_graphql_mutation(mutation, current_user: current_user) + + expect(json_response['errors'].first['message']).to eq(Mutations::BaseMutation::ERROR_MESSAGE) + end + + it 'does not destroy the Note' do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.not_to change { Note.count } + end + end + + context 'read-only queries' do + let(:current_user) { create(:user) } + let(:project) { create(:project, :repository) } + + before do + project.add_developer(current_user) + end + + it 'allows the query' do + query = graphql_query_for('project', 'fullPath' => project.full_path) + + post_graphql(query, current_user: current_user) + + expect(graphql_data['project']).not_to be_nil + end + end +end diff --git a/spec/support/shared_examples/requests/api/labels_api_shared_examples.rb b/spec/support/shared_examples/requests/api/labels_api_shared_examples.rb new file mode 100644 index 00000000000..02e50b789cc --- /dev/null +++ b/spec/support/shared_examples/requests/api/labels_api_shared_examples.rb @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'fetches labels' do + it 'returns correct labels' do + request + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to include_pagination_headers + expect(json_response).to be_an Array + expect(json_response).to all(match_schema('public_api/v4/labels/label')) + expect(json_response.size).to eq(expected_labels.size) + expect(json_response.map {|r| r['name'] }).to match_array(expected_labels) + end +end diff --git a/spec/support/shared_examples/requests/api/multiple_and_scoped_issue_boards_shared_examples.rb b/spec/support/shared_examples/requests/api/multiple_and_scoped_issue_boards_shared_examples.rb new file mode 100644 index 00000000000..54aa9d47dd8 --- /dev/null +++ b/spec/support/shared_examples/requests/api/multiple_and_scoped_issue_boards_shared_examples.rb @@ -0,0 +1,94 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'multiple and scoped issue boards' do |route_definition| + let(:root_url) { route_definition.gsub(":id", board_parent.id.to_s) } + + context 'multiple issue boards' do + before do + board_parent.add_reporter(user) + stub_licensed_features(multiple_group_issue_boards: true) + end + + describe "POST #{route_definition}" do + it 'creates a board' do + post api(root_url, user), params: { name: "new board" } + + expect(response).to have_gitlab_http_status(:created) + + expect(response).to match_response_schema('public_api/v4/board', dir: "ee") + end + end + + describe "PUT #{route_definition}/:board_id" do + let(:url) { "#{root_url}/#{board.id}" } + + it 'updates a board' do + put api(url, user), params: { name: 'new name', weight: 4, labels: 'foo, bar' } + + expect(response).to have_gitlab_http_status(:ok) + + expect(response).to match_response_schema('public_api/v4/board', dir: "ee") + + board.reload + + expect(board.name).to eq('new name') + expect(board.weight).to eq(4) + expect(board.labels.map(&:title)).to contain_exactly('foo', 'bar') + end + + it 'does not remove missing attributes from the board' do + expect { put api(url, user), params: { name: 'new name' } } + .to not_change { board.reload.assignee } + .and not_change { board.reload.milestone } + .and not_change { board.reload.weight } + .and not_change { board.reload.labels.map(&:title).sort } + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to match_response_schema('public_api/v4/board', dir: "ee") + end + + it 'allows removing optional attributes' do + put api(url, user), params: { name: 'new name', assignee_id: nil, milestone_id: nil, weight: nil, labels: nil } + + expect(response).to have_gitlab_http_status(:ok) + expect(response).to match_response_schema('public_api/v4/board', dir: "ee") + + board.reload + + expect(board.name).to eq('new name') + expect(board.assignee).to be_nil + expect(board.milestone).to be_nil + expect(board.weight).to be_nil + expect(board.labels).to be_empty + end + end + + describe "DELETE #{route_definition}/:board_id" do + let(:url) { "#{root_url}/#{board.id}" } + + it 'deletes a board' do + delete api(url, user) + + expect(response).to have_gitlab_http_status(:no_content) + end + end + end + + context 'with the scoped_issue_board-feature available' do + it 'returns the milestone when the `scoped_issue_board` feature is enabled' do + stub_licensed_features(scoped_issue_board: true) + + get api(root_url, user) + + expect(json_response.first["milestone"]).not_to be_nil + end + + it 'hides the milestone when the `scoped_issue_board` feature is disabled' do + stub_licensed_features(scoped_issue_board: false) + + get api(root_url, user) + + expect(json_response.first["milestone"]).to be_nil + end + end +end diff --git a/spec/support/shared_examples/requests/api/npm_packages_shared_examples.rb b/spec/support/shared_examples/requests/api/npm_packages_shared_examples.rb new file mode 100644 index 00000000000..d3ad7aa0595 --- /dev/null +++ b/spec/support/shared_examples/requests/api/npm_packages_shared_examples.rb @@ -0,0 +1,270 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'handling get metadata requests' do + let_it_be(:package_dependency_link1) { create(:packages_dependency_link, package: package, dependency_type: :dependencies) } + let_it_be(:package_dependency_link2) { create(:packages_dependency_link, package: package, dependency_type: :devDependencies) } + let_it_be(:package_dependency_link3) { create(:packages_dependency_link, package: package, dependency_type: :bundleDependencies) } + let_it_be(:package_dependency_link4) { create(:packages_dependency_link, package: package, dependency_type: :peerDependencies) } + + let(:params) { {} } + let(:headers) { {} } + + subject { get(url, params: params, headers: headers) } + + shared_examples 'returning the npm package info' do + it 'returns the package info' do + subject + + expect_a_valid_package_response + end + end + + shared_examples 'a package that requires auth' do + it 'denies request without oauth token' do + subject + + expect(response).to have_gitlab_http_status(:not_found) + end + + context 'with oauth token' do + let(:params) { { access_token: token.token } } + + it 'returns the package info with oauth token' do + subject + + expect_a_valid_package_response + end + end + + context 'with job token' do + let(:params) { { job_token: job.token } } + + it 'returns the package info with running job token' do + subject + + expect_a_valid_package_response + end + + it 'denies request without running job token' do + job.update!(status: :success) + + subject + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + context 'with deploy token' do + let(:headers) { build_token_auth_header(deploy_token.token) } + + it 'returns the package info with deploy token' do + subject + + expect_a_valid_package_response + end + end + end + + context 'a public project' do + it_behaves_like 'returning the npm package info' + + context 'project path with a dot' do + before do + project.update!(path: 'foo.bar') + end + + it_behaves_like 'returning the npm package info' + end + + context 'with request forward disabled' do + before do + stub_application_setting(npm_package_requests_forwarding: false) + end + + it_behaves_like 'returning the npm package info' + + context 'with unknown package' do + let(:package_name) { 'unknown' } + + it 'returns the proper response' do + subject + + expect(response).to have_gitlab_http_status(:not_found) + end + end + end + + context 'with request forward enabled' do + before do + stub_application_setting(npm_package_requests_forwarding: true) + end + + it_behaves_like 'returning the npm package info' + + context 'with unknown package' do + let(:package_name) { 'unknown' } + + it 'returns a redirect' do + subject + + expect(response).to have_gitlab_http_status(:found) + expect(response.headers['Location']).to eq('https://registry.npmjs.org/unknown') + end + + it_behaves_like 'a gitlab tracking event', described_class.name, 'npm_request_forward' + end + end + end + + context 'internal project' do + before do + project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL) + end + + it_behaves_like 'a package that requires auth' + end + + context 'private project' do + before do + project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE) + end + + it_behaves_like 'a package that requires auth' + + context 'with guest' do + let(:params) { { access_token: token.token } } + + it 'denies request when not enough permissions' do + project.add_guest(user) + + subject + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + end + + def expect_a_valid_package_response + expect(response).to have_gitlab_http_status(:ok) + expect(response.media_type).to eq('application/json') + expect(response).to match_response_schema('public_api/v4/packages/npm_package') + expect(json_response['name']).to eq(package.name) + expect(json_response['versions'][package.version]).to match_schema('public_api/v4/packages/npm_package_version') + ::Packages::Npm::PackagePresenter::NPM_VALID_DEPENDENCY_TYPES.each do |dependency_type| + expect(json_response.dig('versions', package.version, dependency_type.to_s)).to be_any + end + expect(json_response['dist-tags']).to match_schema('public_api/v4/packages/npm_package_tags') + end +end + +RSpec.shared_examples 'handling get dist tags requests' do + let_it_be(:package_tag1) { create(:packages_tag, package: package) } + let_it_be(:package_tag2) { create(:packages_tag, package: package) } + + let(:params) { {} } + + subject { get(url, params: params) } + + context 'with public project' do + context 'with authenticated user' do + let(:params) { { private_token: personal_access_token.token } } + + it_behaves_like 'returns package tags', :maintainer + it_behaves_like 'returns package tags', :developer + it_behaves_like 'returns package tags', :reporter + it_behaves_like 'returns package tags', :guest + end + + context 'with unauthenticated user' do + it_behaves_like 'returns package tags', :no_type + end + end + + context 'with private project' do + before do + project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE) + end + + context 'with authenticated user' do + let(:params) { { private_token: personal_access_token.token } } + + it_behaves_like 'returns package tags', :maintainer + it_behaves_like 'returns package tags', :developer + it_behaves_like 'returns package tags', :reporter + it_behaves_like 'rejects package tags access', :guest, :forbidden + end + + context 'with unauthenticated user' do + it_behaves_like 'rejects package tags access', :no_type, :not_found + end + end +end + +RSpec.shared_examples 'handling create dist tag requests' do + let_it_be(:tag_name) { 'test' } + + let(:params) { {} } + let(:env) { {} } + let(:version) { package.version } + + subject { put(url, env: env, params: params) } + + context 'with public project' do + context 'with authenticated user' do + let(:params) { { private_token: personal_access_token.token } } + let(:env) { { 'api.request.body': version } } + + it_behaves_like 'create package tag', :maintainer + it_behaves_like 'create package tag', :developer + it_behaves_like 'rejects package tags access', :reporter, :forbidden + it_behaves_like 'rejects package tags access', :guest, :forbidden + end + + context 'with unauthenticated user' do + it_behaves_like 'rejects package tags access', :no_type, :unauthorized + end + end +end + +RSpec.shared_examples 'handling delete dist tag requests' do + let_it_be(:package_tag) { create(:packages_tag, package: package) } + + let(:params) { {} } + let(:tag_name) { package_tag.name } + + subject { delete(url, params: params) } + + context 'with public project' do + context 'with authenticated user' do + let(:params) { { private_token: personal_access_token.token } } + + it_behaves_like 'delete package tag', :maintainer + it_behaves_like 'rejects package tags access', :developer, :forbidden + it_behaves_like 'rejects package tags access', :reporter, :forbidden + it_behaves_like 'rejects package tags access', :guest, :forbidden + end + + context 'with unauthenticated user' do + it_behaves_like 'rejects package tags access', :no_type, :unauthorized + end + end + + context 'with private project' do + before do + project.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE) + end + + context 'with authenticated user' do + let(:params) { { private_token: personal_access_token.token } } + + it_behaves_like 'delete package tag', :maintainer + it_behaves_like 'rejects package tags access', :developer, :forbidden + it_behaves_like 'rejects package tags access', :reporter, :forbidden + it_behaves_like 'rejects package tags access', :guest, :forbidden + end + + context 'with unauthenticated user' do + it_behaves_like 'rejects package tags access', :no_type, :unauthorized + end + end +end diff --git a/spec/support/shared_examples/requests/api/packages_shared_examples.rb b/spec/support/shared_examples/requests/api/packages_shared_examples.rb index d730ed53109..3833604e304 100644 --- a/spec/support/shared_examples/requests/api/packages_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/packages_shared_examples.rb @@ -128,9 +128,13 @@ RSpec.shared_examples 'job token for package uploads' do end RSpec.shared_examples 'a package tracking event' do |category, action| - it "creates a gitlab tracking event #{action}" do - expect(Gitlab::Tracking).to receive(:event).with(category, action, {}) + before do + stub_feature_flags(collect_package_events: true) + end + it "creates a gitlab tracking event #{action}", :snowplow do expect { subject }.to change { Packages::Event.count }.by(1) + + expect_snowplow_event(category: category, action: action) end end diff --git a/spec/support/shared_examples/requests/api/packages_tags_shared_examples.rb b/spec/support/shared_examples/requests/api/packages_tags_shared_examples.rb index a371d380f47..2c203dc096e 100644 --- a/spec/support/shared_examples/requests/api/packages_tags_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/packages_tags_shared_examples.rb @@ -40,7 +40,7 @@ RSpec.shared_examples 'returns package tags' do |user_type| context 'with invalid package name' do where(:package_name, :status) do '%20' | :bad_request - nil | :forbidden + nil | :not_found end with_them do @@ -95,7 +95,7 @@ RSpec.shared_examples 'create package tag' do |user_type| context 'with invalid package name' do where(:package_name, :status) do - 'unknown' | :forbidden + 'unknown' | :not_found '' | :not_found '%20' | :bad_request end @@ -160,7 +160,7 @@ RSpec.shared_examples 'delete package tag' do |user_type| context 'with invalid package name' do where(:package_name, :status) do - 'unknown' | :forbidden + 'unknown' | :not_found '' | :not_found '%20' | :bad_request end diff --git a/spec/support/shared_examples/requests/api/tracking_shared_examples.rb b/spec/support/shared_examples/requests/api/tracking_shared_examples.rb index 2e6feae3f98..826139635ed 100644 --- a/spec/support/shared_examples/requests/api/tracking_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/tracking_shared_examples.rb @@ -1,9 +1,9 @@ # frozen_string_literal: true RSpec.shared_examples 'a gitlab tracking event' do |category, action| - it "creates a gitlab tracking event #{action}" do - expect(Gitlab::Tracking).to receive(:event).with(category, action, {}) - + it "creates a gitlab tracking event #{action}", :snowplow do subject + + expect_snowplow_event(category: category, action: action) end end diff --git a/spec/support/shared_examples/requests/lfs_http_shared_examples.rb b/spec/support/shared_examples/requests/lfs_http_shared_examples.rb index 48c5a5933e6..4ae77179527 100644 --- a/spec/support/shared_examples/requests/lfs_http_shared_examples.rb +++ b/spec/support/shared_examples/requests/lfs_http_shared_examples.rb @@ -2,42 +2,252 @@ RSpec.shared_examples 'LFS http 200 response' do it_behaves_like 'LFS http expected response code and message' do - let(:response_code) { 200 } + let(:response_code) { :ok } + end +end + +RSpec.shared_examples 'LFS http 200 blob response' do + it_behaves_like 'LFS http expected response code and message' do + let(:response_code) { :ok } + let(:content_type) { Repositories::LfsApiController::LFS_TRANSFER_CONTENT_TYPE } + let(:response_headers) { { 'X-Sendfile' => lfs_object.file.path } } + end +end + +RSpec.shared_examples 'LFS http 200 workhorse response' do + it_behaves_like 'LFS http expected response code and message' do + let(:response_code) { :ok } + let(:content_type) { Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE } end end RSpec.shared_examples 'LFS http 401 response' do it_behaves_like 'LFS http expected response code and message' do - let(:response_code) { 401 } + let(:response_code) { :unauthorized } + let(:content_type) { 'text/plain' } end end RSpec.shared_examples 'LFS http 403 response' do it_behaves_like 'LFS http expected response code and message' do - let(:response_code) { 403 } + let(:response_code) { :forbidden } let(:message) { 'Access forbidden. Check your access level.' } end end RSpec.shared_examples 'LFS http 501 response' do it_behaves_like 'LFS http expected response code and message' do - let(:response_code) { 501 } + let(:response_code) { :not_implemented } let(:message) { 'Git LFS is not enabled on this GitLab server, contact your admin.' } end end RSpec.shared_examples 'LFS http 404 response' do it_behaves_like 'LFS http expected response code and message' do - let(:response_code) { 404 } + let(:response_code) { :not_found } end end RSpec.shared_examples 'LFS http expected response code and message' do let(:response_code) { } - let(:message) { } + let(:response_headers) { {} } + let(:content_type) { LfsRequest::CONTENT_TYPE } + let(:message) {} - it 'responds with the expected response code and message' do + specify do expect(response).to have_gitlab_http_status(response_code) + expect(response.headers.to_hash).to include(response_headers) + expect(response.media_type).to match(content_type) expect(json_response['message']).to eq(message) if message end end + +RSpec.shared_examples 'LFS http requests' do + include LfsHttpHelpers + + let(:authorize_guest) {} + let(:authorize_download) {} + let(:authorize_upload) {} + + let(:lfs_object) { create(:lfs_object, :with_file) } + let(:sample_oid) { lfs_object.oid } + + let(:authorization) { authorize_user } + let(:headers) do + { + 'Authorization' => authorization, + 'X-Sendfile-Type' => 'X-Sendfile' + } + end + + let(:request_download) do + get objects_url(container, sample_oid), params: {}, headers: headers + end + + let(:request_upload) do + post_lfs_json batch_url(container), upload_body(multiple_objects), headers + end + + before do + stub_lfs_setting(enabled: true) + end + + context 'when LFS is disabled globally' do + before do + stub_lfs_setting(enabled: false) + end + + describe 'download request' do + before do + request_download + end + + it_behaves_like 'LFS http 501 response' + end + + describe 'upload request' do + before do + request_upload + end + + it_behaves_like 'LFS http 501 response' + end + end + + context 'unauthenticated' do + let(:headers) { {} } + + describe 'download request' do + before do + request_download + end + + it_behaves_like 'LFS http 401 response' + end + + describe 'upload request' do + before do + request_upload + end + + it_behaves_like 'LFS http 401 response' + end + end + + context 'without access' do + describe 'download request' do + before do + request_download + end + + it_behaves_like 'LFS http 404 response' + end + + describe 'upload request' do + before do + request_upload + end + + it_behaves_like 'LFS http 404 response' + end + end + + context 'with guest access' do + before do + authorize_guest + end + + describe 'download request' do + before do + request_download + end + + it_behaves_like 'LFS http 404 response' + end + + describe 'upload request' do + before do + request_upload + end + + it_behaves_like 'LFS http 404 response' + end + end + + context 'with download permission' do + before do + authorize_download + end + + describe 'download request' do + before do + request_download + end + + it_behaves_like 'LFS http 200 blob response' + + context 'when container does not exist' do + def objects_url(*args) + super.sub(container.full_path, 'missing/path') + end + + it_behaves_like 'LFS http 404 response' + end + end + + describe 'upload request' do + before do + request_upload + end + + it_behaves_like 'LFS http 403 response' + end + end + + context 'with upload permission' do + before do + authorize_upload + end + + describe 'upload request' do + before do + request_upload + end + + it_behaves_like 'LFS http 200 response' + end + end + + describe 'deprecated API' do + shared_examples 'deprecated request' do + before do + request + end + + it_behaves_like 'LFS http expected response code and message' do + let(:response_code) { 501 } + let(:message) { 'Server supports batch API only, please update your Git LFS client to version 1.0.1 and up.' } + end + end + + context 'when fetching LFS object using deprecated API' do + subject(:request) do + get deprecated_objects_url(container, sample_oid), params: {}, headers: headers + end + + it_behaves_like 'deprecated request' + end + + context 'when handling LFS request using deprecated API' do + subject(:request) do + post_lfs_json deprecated_objects_url(container), nil, headers + end + + it_behaves_like 'deprecated request' + end + + def deprecated_objects_url(container, oid = nil) + File.join(["#{container.http_url_to_repo}/info/lfs/objects/", oid].compact) + end + end +end diff --git a/spec/support/shared_examples/requests/rack_attack_shared_examples.rb b/spec/support/shared_examples/requests/rack_attack_shared_examples.rb index 730df4dc5ab..d4ee68309ff 100644 --- a/spec/support/shared_examples/requests/rack_attack_shared_examples.rb +++ b/spec/support/shared_examples/requests/rack_attack_shared_examples.rb @@ -81,8 +81,15 @@ RSpec.shared_examples 'rate-limited token-authenticated requests' do end it 'logs RackAttack info into structured logs' do - requests_per_period.times do - make_request(request_args) + control_count = 0 + + requests_per_period.times do |i| + if i == 0 + control_count = ActiveRecord::QueryRecorder.new { make_request(request_args) }.count + else + make_request(request_args) + end + expect(response).not_to have_gitlab_http_status(:too_many_requests) end @@ -93,13 +100,15 @@ RSpec.shared_examples 'rate-limited token-authenticated requests' do request_method: request_method, path: request_args.first, user_id: user.id, - username: user.username, - throttle_type: throttle_types[throttle_setting_prefix] + 'meta.user' => user.username, + matched: throttle_types[throttle_setting_prefix] } expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once - expect_rejection { make_request(request_args) } + expect_rejection do + expect { make_request(request_args) }.not_to exceed_query_limit(control_count) + end end end @@ -210,8 +219,15 @@ RSpec.shared_examples 'rate-limited web authenticated requests' do end it 'logs RackAttack info into structured logs' do - requests_per_period.times do - request_authenticated_web_url + control_count = 0 + + requests_per_period.times do |i| + if i == 0 + control_count = ActiveRecord::QueryRecorder.new { request_authenticated_web_url }.count + else + request_authenticated_web_url + end + expect(response).not_to have_gitlab_http_status(:too_many_requests) end @@ -222,13 +238,12 @@ RSpec.shared_examples 'rate-limited web authenticated requests' do request_method: request_method, path: url_that_requires_authentication, user_id: user.id, - username: user.username, - throttle_type: throttle_types[throttle_setting_prefix] + 'meta.user' => user.username, + matched: throttle_types[throttle_setting_prefix] } expect(Gitlab::AuthLogger).to receive(:error).with(arguments).once - - request_authenticated_web_url + expect { request_authenticated_web_url }.not_to exceed_query_limit(control_count) end end |