Add latest changes from gitlab-org/gitlab@master

1 files changed, 15 insertions, 0 deletions

diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb
index 311cbd4dd7e..1f943bebbec 100644
--- a/spec/lib/gitlab/auth_spec.rb
+++ b/spec/lib/gitlab/auth_spec.rb
@@ -130,6 +130,15 @@ describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
           gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip')
         end
 
+        it 'rate limits a user by unique IPs' do
+          expect_next_instance_of(Gitlab::Auth::IpRateLimiter) do |rate_limiter|
+            expect(rate_limiter).to receive(:reset!)
+          end
+          expect(Gitlab::Auth::UniqueIpsLimiter).to receive(:limit_user!).twice.and_call_original
+
+          gl_auth.find_for_git_client(user.username, user.password, project: nil, ip: 'ip')
+        end
+
         it 'registers failure for failed auth' do
           expect_next_instance_of(Gitlab::Auth::IpRateLimiter) do |rate_limiter|
             expect(rate_limiter).to receive(:register_fail!)
@@ -415,6 +424,12 @@ describe Gitlab::Auth, :use_clean_rails_memory_store_caching do
             .to eq(auth_success)
         end
 
+        it 'does not attempt to rate limit unique IPs for a deploy token' do
+          expect(Gitlab::Auth::UniqueIpsLimiter).not_to receive(:limit_user!)
+
+          gl_auth.find_for_git_client(login, deploy_token.token, project: project, ip: 'ip')
+        end
+
         it 'fails when login is not valid' do
           expect(gl_auth.find_for_git_client('random_login', deploy_token.token, project: project, ip: 'ip'))
             .to eq(auth_failure)