Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/requests/api/search_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/requests/api/search_spec.rb')
-rw-r--r--spec/requests/api/search_spec.rb45
1 files changed, 45 insertions, 0 deletions
diff --git a/spec/requests/api/search_spec.rb b/spec/requests/api/search_spec.rb
index 0feff90d088..6a57cf52466 100644
--- a/spec/requests/api/search_spec.rb
+++ b/spec/requests/api/search_spec.rb
@@ -473,6 +473,21 @@ RSpec.describe API::Search, :clean_gitlab_redis_rate_limiting, feature_category:
get api(endpoint, current_user), params: { scope: 'users', search: 'foo@bar.com' }
end
end
+
+ context 'when request exceeds the rate limit', :freeze_time, :clean_gitlab_redis_rate_limiting do
+ before do
+ stub_application_setting(search_rate_limit: 1)
+ end
+
+ it 'allows user whose username is in the allowlist' do
+ stub_application_setting(search_rate_limit_allowlist: [user.username])
+
+ get api(endpoint, user), params: { scope: 'users', search: 'foo@bar.com' }
+ get api(endpoint, user), params: { scope: 'users', search: 'foo@bar.com' }
+
+ expect(response).to have_gitlab_http_status(:ok)
+ end
+ end
end
describe "GET /groups/:id/search" do
@@ -658,6 +673,21 @@ RSpec.describe API::Search, :clean_gitlab_redis_rate_limiting, feature_category:
get api(endpoint, current_user), params: { scope: 'users', search: 'foo@bar.com' }
end
end
+
+ context 'when request exceeds the rate limit', :freeze_time, :clean_gitlab_redis_rate_limiting do
+ before do
+ stub_application_setting(search_rate_limit: 1)
+ end
+
+ it 'allows user whose username is in the allowlist' do
+ stub_application_setting(search_rate_limit_allowlist: [user.username])
+
+ get api(endpoint, user), params: { scope: 'users', search: 'foo@bar.com' }
+ get api(endpoint, user), params: { scope: 'users', search: 'foo@bar.com' }
+
+ expect(response).to have_gitlab_http_status(:ok)
+ end
+ end
end
end
@@ -1057,6 +1087,21 @@ RSpec.describe API::Search, :clean_gitlab_redis_rate_limiting, feature_category:
get api(endpoint, current_user), params: { scope: 'users', search: 'foo@bar.com' }
end
end
+
+ context 'when request exceeds the rate limit', :freeze_time, :clean_gitlab_redis_rate_limiting do
+ before do
+ stub_application_setting(search_rate_limit: 1)
+ end
+
+ it 'allows user whose username is in the allowlist' do
+ stub_application_setting(search_rate_limit_allowlist: [user.username])
+
+ get api(endpoint, user), params: { scope: 'users', search: 'foo@bar.com' }
+ get api(endpoint, user), params: { scope: 'users', search: 'foo@bar.com' }
+
+ expect(response).to have_gitlab_http_status(:ok)
+ end
+ end
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 08:20:56 +0300