diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-12-22 12:13:51 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-12-22 12:13:51 +0300 |
commit | 8bf2e2b73e5898c78dd057e02828b6acc1647a70 (patch) | |
tree | 803c73a15bf7ae4673310144d47ccb2b5918f9ff /spec/requests/rack_attack_global_spec.rb | |
parent | 589ee0e419426e5b740c61b25a3fcfabd1d4c6a6 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/requests/rack_attack_global_spec.rb')
-rw-r--r-- | spec/requests/rack_attack_global_spec.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/spec/requests/rack_attack_global_spec.rb b/spec/requests/rack_attack_global_spec.rb index 244ec111a0c..c49cf837384 100644 --- a/spec/requests/rack_attack_global_spec.rb +++ b/spec/requests/rack_attack_global_spec.rb @@ -4,6 +4,7 @@ require 'spec_helper' RSpec.describe 'Rack Attack global throttles', :use_clean_rails_memory_store_caching do include RackAttackSpecHelpers + include SessionHelpers let(:settings) { Gitlab::CurrentSettings.current_application_settings } @@ -63,6 +64,22 @@ RSpec.describe 'Rack Attack global throttles', :use_clean_rails_memory_store_cac end end + describe 'API requests from the frontend', :api, :clean_gitlab_redis_sessions do + context 'when unauthenticated' do + it_behaves_like 'rate-limited frontend API requests' do + let(:throttle_setting_prefix) { 'throttle_unauthenticated' } + end + end + + context 'when authenticated' do + it_behaves_like 'rate-limited frontend API requests' do + let_it_be(:personal_access_token) { create(:personal_access_token) } + + let(:throttle_setting_prefix) { 'throttle_authenticated' } + end + end + end + describe 'API requests authenticated with personal access token', :api do let_it_be(:user) { create(:user) } let_it_be(:token) { create(:personal_access_token, user: user) } |