diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-08 09:08:13 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-08 09:08:13 +0300 |
commit | f6e985dba4d0f5b1ede95e9174d30dd6a8bedf0d (patch) | |
tree | c1fed91ae38ad6150ba323a2fc9a68f50f648bb4 /spec/lib/gitlab/auth_spec.rb | |
parent | 30010b161d42bdac3ab5cd16e63cc61c2f4939f3 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/lib/gitlab/auth_spec.rb')
-rw-r--r-- | spec/lib/gitlab/auth_spec.rb | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb index 311cbd4dd7e..1f943bebbec 100644 --- a/spec/lib/gitlab/auth_spec.rb +++ b/spec/lib/gitlab/auth_spec.rb @@ -130,6 +130,15 @@ describe Gitlab::Auth, :use_clean_rails_memory_store_caching do gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip') end + it 'rate limits a user by unique IPs' do + expect_next_instance_of(Gitlab::Auth::IpRateLimiter) do |rate_limiter| + expect(rate_limiter).to receive(:reset!) + end + expect(Gitlab::Auth::UniqueIpsLimiter).to receive(:limit_user!).twice.and_call_original + + gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip') + end + it 'registers failure for failed auth' do expect_next_instance_of(Gitlab::Auth::IpRateLimiter) do |rate_limiter| expect(rate_limiter).to receive(:register_fail!) @@ -415,6 +424,12 @@ describe Gitlab::Auth, :use_clean_rails_memory_store_caching do .to eq(auth_success) end + it 'does not attempt to rate limit unique IPs for a deploy token' do + expect(Gitlab::Auth::UniqueIpsLimiter).not_to receive(:limit_user!) + + gl_auth.find_for_git_client(login, deploy_token.token, project: project, ip: 'ip') + end + it 'fails when login is not valid' do expect(gl_auth.find_for_git_client('random_login', deploy_token.token, project: project, ip: 'ip')) .to eq(auth_failure) |