File: rack_attack_spec_helpers.rb

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (70 lines) | stat: -rw-r--r-- 2,166 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
 
# frozen_string_literal: true

module RackAttackSpecHelpers
  def api_get_args_with_token_headers(partial_url, token_headers)
    ["/api/#{API::API.version}#{partial_url}", { params: nil, headers: token_headers }]
  end

  def rss_url(user)
    "/dashboard/projects.atom?feed_token=#{user.feed_token}"
  end

  def private_token_headers(user)
    { Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER => user.private_token }
  end

  def personal_access_token_headers(personal_access_token)
    { Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER => personal_access_token.token }
  end

  def bearer_headers(token)
    { 'AUTHORIZATION' => "Bearer #{token.token}" }
  end

  def oauth_token_headers(oauth_access_token)
    { 'AUTHORIZATION' => "Bearer #{oauth_access_token.plaintext_token}" }
  end

  def basic_auth_headers(user, personal_access_token)
    encoded_login = ["#{user.username}:#{personal_access_token.token}"].pack('m0')
    { 'AUTHORIZATION' => "Basic #{encoded_login}" }
  end

  def deploy_token_headers(deploy_token)
    basic_auth_headers(deploy_token, deploy_token)
  end

  def expect_rejection(name = nil, &block)
    yield

    expect(response).to have_gitlab_http_status(:too_many_requests)

    expect(response.headers.to_h).to include(
      'RateLimit-Limit' => a_string_matching(/^\d+$/),
      'RateLimit-Name' => name || a_string_matching(/^throttle_.*$/),
      'RateLimit-Observed' => a_string_matching(/^\d+$/),
      'RateLimit-Remaining' => a_string_matching(/^\d+$/),
      'Retry-After' => a_string_matching(/^\d+$/)
    )
    expect(response).to have_header('RateLimit-Reset')
    expect do
      DateTime.strptime(response.headers['RateLimit-Reset'], '%s')
    end.not_to raise_error
    expect(response).to have_header('RateLimit-ResetTime')
    expect do
      Time.httpdate(response.headers['RateLimit-ResetTime'])
    end.not_to raise_error
  end

  def expect_ok(&block)
    yield

    expect(response).to have_gitlab_http_status(:ok)
  end

  def random_next_ip
    allow_next_instance_of(Rack::Attack::Request) do |instance|
      allow(instance).to receive(:ip).and_return(FFaker::Internet.ip_v4_address)
    end
  end
end