From 8993801f0cefdc64b46b8fe30622cc78eaa03173 Mon Sep 17 00:00:00 2001
From: Pawel Chojnacki <pawel@chojnacki.ws>
Date: Fri, 17 Feb 2017 12:52:27 +0100
Subject: Test various login scenarios if the limit gets enforced

---
 spec/support/unique_ip_check_shared_examples.rb | 27 +++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 spec/support/unique_ip_check_shared_examples.rb

(limited to 'spec/support/unique_ip_check_shared_examples.rb')

diff --git a/spec/support/unique_ip_check_shared_examples.rb b/spec/support/unique_ip_check_shared_examples.rb
new file mode 100644
index 00000000000..ab693b91d4a
--- /dev/null
+++ b/spec/support/unique_ip_check_shared_examples.rb
@@ -0,0 +1,27 @@
+shared_context 'limit login to only one ip', :redis do
+  before do
+    allow(Gitlab::Auth::UniqueIpsLimiter).to receive_message_chain(:config, :unique_ips_limit_enabled).and_return(true)
+    allow(Gitlab::Auth::UniqueIpsLimiter).to receive_message_chain(:config, :unique_ips_limit_time_window).and_return(1000)
+    allow(Gitlab::Auth::UniqueIpsLimiter).to receive_message_chain(:config, :unique_ips_limit_per_user).and_return(1)
+  end
+
+  def change_ip(ip)
+    allow(Gitlab::RequestContext).to receive(:client_ip).and_return(ip)
+  end
+end
+
+shared_examples 'user login operation with unique ip limit' do
+  include_context 'limit login to only one ip' do
+    it 'allows user authenticating from the same ip' do
+      expect { operation }.not_to raise_error
+      expect { operation }.not_to raise_error
+    end
+
+    it 'blocks user authenticating from two distinct ips' do
+      expect { operation }.not_to raise_error
+
+      change_ip('ip2')
+      expect { operation }.to raise_error(Gitlab::Auth::TooManyIps)
+    end
+  end
+end
-- 
cgit v1.2.1