Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/lib/gitlab/rack_attack_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/lib/gitlab/rack_attack_spec.rb')
-rw-r--r--spec/lib/gitlab/rack_attack_spec.rb26
1 files changed, 21 insertions, 5 deletions
diff --git a/spec/lib/gitlab/rack_attack_spec.rb b/spec/lib/gitlab/rack_attack_spec.rb
index 788d2eac61f..8f03905e08d 100644
--- a/spec/lib/gitlab/rack_attack_spec.rb
+++ b/spec/lib/gitlab/rack_attack_spec.rb
@@ -10,12 +10,19 @@ RSpec.describe Gitlab::RackAttack, :aggregate_failures do
let(:throttles) do
{
- throttle_unauthenticated: Gitlab::Throttle.unauthenticated_options,
- throttle_authenticated_api: Gitlab::Throttle.authenticated_api_options,
+ throttle_unauthenticated_api: Gitlab::Throttle.options(:api, authenticated: false),
+ throttle_authenticated_api: Gitlab::Throttle.options(:api, authenticated: true),
+ throttle_unauthenticated_web: Gitlab::Throttle.unauthenticated_web_options,
+ throttle_authenticated_web: Gitlab::Throttle.authenticated_web_options,
throttle_product_analytics_collector: { limit: 100, period: 60 },
- throttle_unauthenticated_protected_paths: Gitlab::Throttle.unauthenticated_options,
- throttle_authenticated_protected_paths_api: Gitlab::Throttle.authenticated_api_options,
- throttle_authenticated_protected_paths_web: Gitlab::Throttle.authenticated_web_options
+ throttle_unauthenticated_protected_paths: Gitlab::Throttle.protected_paths_options,
+ throttle_authenticated_protected_paths_api: Gitlab::Throttle.protected_paths_options,
+ throttle_authenticated_protected_paths_web: Gitlab::Throttle.protected_paths_options,
+ throttle_unauthenticated_packages_api: Gitlab::Throttle.options(:packages_api, authenticated: false),
+ throttle_authenticated_packages_api: Gitlab::Throttle.options(:packages_api, authenticated: true),
+ throttle_authenticated_git_lfs: Gitlab::Throttle.throttle_authenticated_git_lfs_options,
+ throttle_unauthenticated_files_api: Gitlab::Throttle.options(:files_api, authenticated: false),
+ throttle_authenticated_files_api: Gitlab::Throttle.options(:files_api, authenticated: true)
}
end
@@ -84,6 +91,15 @@ RSpec.describe Gitlab::RackAttack, :aggregate_failures do
end
end
+ it 'enables dry-runs for `throttle_unauthenticated_api` and `throttle_unauthenticated_web` when selecting `throttle_unauthenticated`' do
+ stub_env('GITLAB_THROTTLE_DRY_RUN', 'throttle_unauthenticated')
+
+ described_class.configure(fake_rack_attack)
+
+ expect(fake_rack_attack).to have_received(:track).with('throttle_unauthenticated_api', throttles[:throttle_unauthenticated_api])
+ expect(fake_rack_attack).to have_received(:track).with('throttle_unauthenticated_web', throttles[:throttle_unauthenticated_web])
+ end
+
context 'user allowlist' do
subject { described_class.user_allowlist }
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 00:27:32 +0300