summaryrefslogtreecommitdiff
path: root/spec/support/shared_examples/requests/api/issuable_search_shared_examples.rb
blob: fcde3b65b4f645e9622b2a569e615f027c90bd22 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

# frozen_string_literal: true

RSpec.shared_examples 'issuable anonymous search' do
  context 'with anonymous user' do
    context 'with disable_anonymous_search disabled' do
      before do
        stub_feature_flags(disable_anonymous_search: false)
      end

      it 'returns issuables matching given search string for title' do
        get api(url), params: { scope: 'all', search: issuable.title }

        expect_paginated_array_response(result)
      end

      it 'returns issuables matching given search string for description' do
        get api(url), params: { scope: 'all', search: issuable.description }

        expect_paginated_array_response(result)
      end
    end

    context 'with disable_anonymous_search enabled' do
      before do
        stub_feature_flags(disable_anonymous_search: true)
      end

      it "returns 422 error" do
        get api(url), params: { scope: 'all', search: issuable.title }

        expect(response).to have_gitlab_http_status(:unprocessable_entity)
        expect(json_response['message']).to eq('User must be authenticated to use search')
      end
    end
  end
end

RSpec.shared_examples 'issuable API rate-limited search' do
  it_behaves_like 'rate limited endpoint', rate_limit_key: :search_rate_limit do
    let(:current_user) { user }

    def request
      get api(url, current_user), params: { scope: 'all', search: issuable.title }
    end
  end

  it_behaves_like 'rate limited endpoint', rate_limit_key: :search_rate_limit_unauthenticated do
    def request
      get api(url), params: { scope: 'all', search: issuable.title }
    end
  end

  context 'when rate_limit_issuable_searches is disabled', :freeze_time, :clean_gitlab_redis_rate_limiting do
    before do
      stub_feature_flags(rate_limit_issuable_searches: false)

      allow(Gitlab::ApplicationRateLimiter).to receive(:threshold)
        .with(:search_rate_limit_unauthenticated).and_return(1)
    end

    it 'does not enforce the rate limit' do
      get api(url), params: { scope: 'all', search: issuable.title }
      get api(url), params: { scope: 'all', search: issuable.title }

      expect(response).to have_gitlab_http_status(:ok)
    end
  end
end
View Lorry Controller Status