diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-12-06 00:07:40 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-12-06 00:07:40 +0300 |
commit | 134fe182008dc13a16f12d723aa73771efb1a6a2 (patch) | |
tree | 727c94937346d31a5e2692546d16296f069d09fe /spec | |
parent | 6a7cc8c14727f6fac64a5be6838764d8d5d41468 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec')
-rw-r--r-- | spec/controllers/projects/raw_controller_spec.rb | 2 | ||||
-rw-r--r-- | spec/controllers/projects_controller_spec.rb | 137 | ||||
-rw-r--r-- | spec/features/snippets/internal_snippet_spec.rb | 4 | ||||
-rw-r--r-- | spec/features/snippets/notes_on_personal_snippets_spec.rb | 1 | ||||
-rw-r--r-- | spec/features/snippets/private_snippets_spec.rb | 1 | ||||
-rw-r--r-- | spec/features/snippets/public_snippets_spec.rb | 4 | ||||
-rw-r--r-- | spec/features/snippets/show_spec.rb | 4 | ||||
-rw-r--r-- | spec/features/snippets/spam_snippets_spec.rb | 1 | ||||
-rw-r--r-- | spec/features/snippets/user_creates_snippet_spec.rb | 1 | ||||
-rw-r--r-- | spec/features/snippets/user_deletes_snippet_spec.rb | 2 | ||||
-rw-r--r-- | spec/features/snippets/user_edits_snippet_spec.rb | 1 | ||||
-rw-r--r-- | spec/features/snippets_spec.rb | 29 | ||||
-rw-r--r-- | spec/lib/gitlab/application_rate_limiter_spec.rb (renamed from spec/lib/gitlab/action_rate_limiter_spec.rb) | 32 | ||||
-rw-r--r-- | spec/requests/api/project_export_spec.rb | 27 |
14 files changed, 173 insertions, 73 deletions
diff --git a/spec/controllers/projects/raw_controller_spec.rb b/spec/controllers/projects/raw_controller_spec.rb index 8b43d1264b2..ae9932174e8 100644 --- a/spec/controllers/projects/raw_controller_spec.rb +++ b/spec/controllers/projects/raw_controller_spec.rb @@ -65,7 +65,7 @@ describe Projects::RawController do it 'logs the event on auth.log' do attributes = { - message: 'Action_Rate_Limiter_Request', + message: 'Application_Rate_Limiter_Request', env: :raw_blob_request_limit, remote_ip: '0.0.0.0', request_method: 'GET', diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb index d16201fff5a..a1f9b98dc2c 100644 --- a/spec/controllers/projects_controller_spec.rb +++ b/spec/controllers/projects_controller_spec.rb @@ -1055,45 +1055,34 @@ describe ProjectsController do end end - describe '#export' do + describe 'project export' do before do sign_in(user) project.add_maintainer(user) end - context 'when project export is enabled' do - it 'returns 302' do - get :export, params: { namespace_id: project.namespace, id: project } - - expect(response).to have_gitlab_http_status(302) - end - end - - context 'when project export is disabled' do + shared_examples 'rate limits project export endpoint' do before do - stub_application_setting(project_export_enabled?: false) + allow(::Gitlab::ApplicationRateLimiter) + .to receive(:throttled?) + .and_return(true) end - it 'returns 404' do - get :export, params: { namespace_id: project.namespace, id: project } + it 'prevents requesting project export' do + get action, params: { namespace_id: project.namespace, id: project } - expect(response).to have_gitlab_http_status(404) + expect(flash[:alert]).to eq('This endpoint has been requested too many times. Try again later.') + expect(response).to have_gitlab_http_status(302) end end - end - describe '#download_export' do - before do - sign_in(user) + describe '#export' do + let(:action) { :export } - project.add_maintainer(user) - end - - context 'object storage enabled' do context 'when project export is enabled' do it 'returns 302' do - get :download_export, params: { namespace_id: project.namespace, id: project } + get action, params: { namespace_id: project.namespace, id: project } expect(response).to have_gitlab_http_status(302) end @@ -1105,66 +1094,96 @@ describe ProjectsController do end it 'returns 404' do - get :download_export, params: { namespace_id: project.namespace, id: project } + get action, params: { namespace_id: project.namespace, id: project } expect(response).to have_gitlab_http_status(404) end end + + context 'when the endpoint receives requests above the limit', :clean_gitlab_redis_cache do + include_examples 'rate limits project export endpoint' + end end - end - describe '#remove_export' do - before do - sign_in(user) + describe '#download_export' do + let(:action) { :download_export } - project.add_maintainer(user) - end + context 'object storage enabled' do + context 'when project export is enabled' do + it 'returns 302' do + get action, params: { namespace_id: project.namespace, id: project } - context 'when project export is enabled' do - it 'returns 302' do - post :remove_export, params: { namespace_id: project.namespace, id: project } + expect(response).to have_gitlab_http_status(302) + end + end - expect(response).to have_gitlab_http_status(302) - end - end + context 'when project export is disabled' do + before do + stub_application_setting(project_export_enabled?: false) + end - context 'when project export is disabled' do - before do - stub_application_setting(project_export_enabled?: false) - end + it 'returns 404' do + get action, params: { namespace_id: project.namespace, id: project } - it 'returns 404' do - post :remove_export, params: { namespace_id: project.namespace, id: project } + expect(response).to have_gitlab_http_status(404) + end + end - expect(response).to have_gitlab_http_status(404) + context 'when the endpoint receives requests above the limit', :clean_gitlab_redis_cache do + include_examples 'rate limits project export endpoint' + end end end - end - describe '#generate_new_export' do - before do - sign_in(user) + describe '#remove_export' do + let(:action) { :remove_export } - project.add_maintainer(user) - end + context 'when project export is enabled' do + it 'returns 302' do + post action, params: { namespace_id: project.namespace, id: project } - context 'when project export is enabled' do - it 'returns 302' do - post :generate_new_export, params: { namespace_id: project.namespace, id: project } + expect(response).to have_gitlab_http_status(302) + end + end - expect(response).to have_gitlab_http_status(302) + context 'when project export is disabled' do + before do + stub_application_setting(project_export_enabled?: false) + end + + it 'returns 404' do + post action, params: { namespace_id: project.namespace, id: project } + + expect(response).to have_gitlab_http_status(404) + end end end - context 'when project export is disabled' do - before do - stub_application_setting(project_export_enabled?: false) + describe '#generate_new_export' do + let(:action) { :generate_new_export } + + context 'when project export is enabled' do + it 'returns 302' do + post action, params: { namespace_id: project.namespace, id: project } + + expect(response).to have_gitlab_http_status(302) + end end - it 'returns 404' do - post :generate_new_export, params: { namespace_id: project.namespace, id: project } + context 'when project export is disabled' do + before do + stub_application_setting(project_export_enabled?: false) + end - expect(response).to have_gitlab_http_status(404) + it 'returns 404' do + post action, params: { namespace_id: project.namespace, id: project } + + expect(response).to have_gitlab_http_status(404) + end + end + + context 'when the endpoint receives requests above the limit', :clean_gitlab_redis_cache do + include_examples 'rate limits project export endpoint' end end end diff --git a/spec/features/snippets/internal_snippet_spec.rb b/spec/features/snippets/internal_snippet_spec.rb index 4ef3b0e5e7a..fd7ef71db15 100644 --- a/spec/features/snippets/internal_snippet_spec.rb +++ b/spec/features/snippets/internal_snippet_spec.rb @@ -5,6 +5,10 @@ require 'spec_helper' describe 'Internal Snippets', :js do let(:internal_snippet) { create(:personal_snippet, :internal) } + before do + stub_feature_flags(snippets_vue: false) + end + describe 'normal user' do before do sign_in(create(:user)) diff --git a/spec/features/snippets/notes_on_personal_snippets_spec.rb b/spec/features/snippets/notes_on_personal_snippets_spec.rb index 2bd01be25e9..57264f97ddc 100644 --- a/spec/features/snippets/notes_on_personal_snippets_spec.rb +++ b/spec/features/snippets/notes_on_personal_snippets_spec.rb @@ -16,6 +16,7 @@ describe 'Comments on personal snippets', :js do let!(:other_note) { create(:note_on_personal_snippet) } before do + stub_feature_flags(snippets_vue: false) sign_in user visit snippet_path(snippet) diff --git a/spec/features/snippets/private_snippets_spec.rb b/spec/features/snippets/private_snippets_spec.rb index 9df4cd01103..37f45f22a27 100644 --- a/spec/features/snippets/private_snippets_spec.rb +++ b/spec/features/snippets/private_snippets_spec.rb @@ -6,6 +6,7 @@ describe 'Private Snippets', :js do let(:user) { create(:user) } before do + stub_feature_flags(snippets_vue: false) sign_in(user) end diff --git a/spec/features/snippets/public_snippets_spec.rb b/spec/features/snippets/public_snippets_spec.rb index 82edda509c2..045afcf1c12 100644 --- a/spec/features/snippets/public_snippets_spec.rb +++ b/spec/features/snippets/public_snippets_spec.rb @@ -3,6 +3,10 @@ require 'spec_helper' describe 'Public Snippets', :js do + before do + stub_feature_flags(snippets_vue: false) + end + it 'Unauthenticated user should see public snippets' do public_snippet = create(:personal_snippet, :public) diff --git a/spec/features/snippets/show_spec.rb b/spec/features/snippets/show_spec.rb index 450e520e293..9c686be012b 100644 --- a/spec/features/snippets/show_spec.rb +++ b/spec/features/snippets/show_spec.rb @@ -6,6 +6,10 @@ describe 'Snippet', :js do let(:project) { create(:project, :repository) } let(:snippet) { create(:personal_snippet, :public, file_name: file_name, content: content) } + before do + stub_feature_flags(snippets_vue: false) + end + context 'Ruby file' do let(:file_name) { 'popen.rb' } let(:content) { project.repository.blob_at('master', 'files/ruby/popen.rb').data } diff --git a/spec/features/snippets/spam_snippets_spec.rb b/spec/features/snippets/spam_snippets_spec.rb index 3e71a4e7879..0c3ca6f17c8 100644 --- a/spec/features/snippets/spam_snippets_spec.rb +++ b/spec/features/snippets/spam_snippets_spec.rb @@ -7,6 +7,7 @@ describe 'User creates snippet', :js do before do stub_feature_flags(allow_possible_spam: false) + stub_feature_flags(snippets_vue: false) stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false') Gitlab::CurrentSettings.update!( diff --git a/spec/features/snippets/user_creates_snippet_spec.rb b/spec/features/snippets/user_creates_snippet_spec.rb index 9a141dd463a..b373264bbe4 100644 --- a/spec/features/snippets/user_creates_snippet_spec.rb +++ b/spec/features/snippets/user_creates_snippet_spec.rb @@ -8,6 +8,7 @@ describe 'User creates snippet', :js do let(:user) { create(:user) } before do + stub_feature_flags(snippets_vue: false) sign_in(user) visit new_snippet_path end diff --git a/spec/features/snippets/user_deletes_snippet_spec.rb b/spec/features/snippets/user_deletes_snippet_spec.rb index 217419a220a..35619b92561 100644 --- a/spec/features/snippets/user_deletes_snippet_spec.rb +++ b/spec/features/snippets/user_deletes_snippet_spec.rb @@ -10,6 +10,8 @@ describe 'User deletes snippet' do before do sign_in(user) + stub_feature_flags(snippets_vue: false) + visit snippet_path(snippet) end diff --git a/spec/features/snippets/user_edits_snippet_spec.rb b/spec/features/snippets/user_edits_snippet_spec.rb index 51d9baf44bc..1d26660a4f6 100644 --- a/spec/features/snippets/user_edits_snippet_spec.rb +++ b/spec/features/snippets/user_edits_snippet_spec.rb @@ -12,6 +12,7 @@ describe 'User edits snippet', :js do let(:snippet) { create(:personal_snippet, :public, file_name: file_name, content: content, author: user) } before do + stub_feature_flags(snippets_vue: false) sign_in(user) visit edit_snippet_path(snippet) diff --git a/spec/features/snippets_spec.rb b/spec/features/snippets_spec.rb index 9df6fe7d16b..bc7fa161e87 100644 --- a/spec/features/snippets_spec.rb +++ b/spec/features/snippets_spec.rb @@ -6,11 +6,38 @@ describe 'Snippets' do context 'when the project has snippets' do let(:project) { create(:project, :public) } let!(:snippets) { create_list(:project_snippet, 2, :public, author: project.owner, project: project) } + before do allow(Snippet).to receive(:default_per_page).and_return(1) - visit snippets_path(username: project.owner.username) + + visit project_snippets_path(project) end it_behaves_like 'paginated snippets' end + + describe 'rendering engine' do + let_it_be(:snippet) { create(:personal_snippet, :public) } + let(:snippets_vue_feature_flag_enabled) { true } + + before do + stub_feature_flags(snippets_vue: snippets_vue_feature_flag_enabled) + + visit snippet_path(snippet) + end + + it 'renders Vue application' do + expect(page).to have_selector('#js-snippet-view') + expect(page).not_to have_selector('.personal-snippets') + end + + context 'when feature flag is disabled' do + let(:snippets_vue_feature_flag_enabled) { false } + + it 'renders HAML application and not Vue' do + expect(page).not_to have_selector('#js-snippet-view') + expect(page).to have_selector('.personal-snippets') + end + end + end end diff --git a/spec/lib/gitlab/action_rate_limiter_spec.rb b/spec/lib/gitlab/application_rate_limiter_spec.rb index 8b510a475d2..f1a0163d91c 100644 --- a/spec/lib/gitlab/action_rate_limiter_spec.rb +++ b/spec/lib/gitlab/application_rate_limiter_spec.rb @@ -2,30 +2,40 @@ require 'spec_helper' -describe Gitlab::ActionRateLimiter, :clean_gitlab_redis_cache do +describe Gitlab::ApplicationRateLimiter, :clean_gitlab_redis_cache do let(:redis) { double('redis') } let(:user) { create(:user) } let(:project) { create(:project) } + let(:rate_limits) do + { + test_action: { + threshold: 1, + interval: 2.minutes + } + } + end + let(:key) { rate_limits.keys[0] } - subject { described_class.new(action: :test_action, expiry_time: 100) } + subject { described_class } before do allow(Gitlab::Redis::Cache).to receive(:with).and_yield(redis) + allow(described_class).to receive(:rate_limits).and_return(rate_limits) end shared_examples 'action rate limiter' do it 'increases the throttle count and sets the expiration time' do expect(redis).to receive(:incr).with(cache_key).and_return(1) - expect(redis).to receive(:expire).with(cache_key, 100) + expect(redis).to receive(:expire).with(cache_key, 120) - expect(subject.throttled?(key, 1)).to be_falsy + expect(subject.throttled?(key, scope: scope)).to be_falsy end it 'returns true if the key is throttled' do expect(redis).to receive(:incr).with(cache_key).and_return(2) expect(redis).not_to receive(:expire) - expect(subject.throttled?(key, 1)).to be_truthy + expect(subject.throttled?(key, scope: scope)).to be_truthy end context 'when throttling is disabled' do @@ -33,16 +43,16 @@ describe Gitlab::ActionRateLimiter, :clean_gitlab_redis_cache do expect(redis).not_to receive(:incr) expect(redis).not_to receive(:expire) - expect(subject.throttled?(key, 0)).to be_falsy + expect(subject.throttled?(key, scope: scope, threshold: 0)).to be_falsy end end end context 'when the key is an array of only ActiveRecord models' do - let(:key) { [user, project] } + let(:scope) { [user, project] } let(:cache_key) do - "action_rate_limiter:test_action:user:#{user.id}:project:#{project.id}" + "application_rate_limiter:test_action:user:#{user.id}:project:#{project.id}" end it_behaves_like 'action rate limiter' @@ -52,10 +62,10 @@ describe Gitlab::ActionRateLimiter, :clean_gitlab_redis_cache do let(:project) { create(:project, :public, :repository) } let(:commit) { project.repository.commit } let(:path) { 'app/controllers/groups_controller.rb' } - let(:key) { [project, commit, path] } + let(:scope) { [project, commit, path] } let(:cache_key) do - "action_rate_limiter:test_action:project:#{project.id}:commit:#{commit.sha}:#{path}" + "application_rate_limiter:test_action:project:#{project.id}:commit:#{commit.sha}:#{path}" end it_behaves_like 'action rate limiter' @@ -72,7 +82,7 @@ describe Gitlab::ActionRateLimiter, :clean_gitlab_redis_cache do let(:base_attributes) do { - message: 'Action_Rate_Limiter_Request', + message: 'Application_Rate_Limiter_Request', env: type, remote_ip: '127.0.0.1', request_method: 'GET', diff --git a/spec/requests/api/project_export_spec.rb b/spec/requests/api/project_export_spec.rb index 605ff888234..37f2cc85a50 100644 --- a/spec/requests/api/project_export_spec.rb +++ b/spec/requests/api/project_export_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -describe API::ProjectExport do +describe API::ProjectExport, :clean_gitlab_redis_cache do set(:project) { create(:project) } set(:project_none) { create(:project) } set(:project_started) { create(:project) } @@ -47,6 +47,19 @@ describe API::ProjectExport do it_behaves_like '404 response' end + shared_examples_for 'when rate limit is exceeded' do + before do + allow(::Gitlab::ApplicationRateLimiter).to receive(:throttled?).and_return(true) + end + + it 'prevents requesting project export' do + request + + expect(response).to have_gitlab_http_status(429) + expect(json_response['message']['error']).to eq('This endpoint has been requested too many times. Try again later.') + end + end + describe 'GET /projects/:project_id/export' do shared_examples_for 'get project export status not found' do it_behaves_like '404 response' do @@ -219,6 +232,12 @@ describe API::ProjectExport do let(:user) { admin } it_behaves_like 'get project download by strategy' + + context 'when rate limit is exceeded' do + let(:request) { get api(download_path, admin) } + + include_examples 'when rate limit is exceeded' + end end context 'when user is a maintainer' do @@ -329,6 +348,12 @@ describe API::ProjectExport do let(:user) { admin } it_behaves_like 'post project export start' + + context 'when rate limit is exceeded' do + let(:request) { post api(path, admin) } + + include_examples 'when rate limit is exceeded' + end end context 'when user is a maintainer' do |