operations_rate_limiter_spec.rb 3.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe OperationsRateLimiter do
  4. before { freeze_time }
  5. describe '#ensure_within_limits!' do
  6. context 'with an IP address' do
  7. it 'passes' do
  8. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '1.2.3.4') }
  9. .not_to raise_error
  10. end
  11. context 'with many operations' do
  12. before do
  13. 5.times do
  14. described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '1.2.3.4')
  15. end
  16. end
  17. it 'raises error due to too many operations from same IP in short time' do
  18. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '1.2.3.4') }
  19. .to raise_error(described_class::ThrottleLimitExceeded)
  20. end
  21. it 'passes after period is over' do
  22. travel 2.hours
  23. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '1.2.3.4') }
  24. .not_to raise_error
  25. end
  26. it 'passes with a different IP address' do
  27. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '4.5.6.7') }
  28. .not_to raise_error
  29. end
  30. end
  31. end
  32. context 'with a field' do
  33. it 'passes' do
  34. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '1.2.3.4', by_identifier: 'bar') }
  35. .not_to raise_error
  36. end
  37. context 'with many operations' do
  38. before do
  39. 5.times do
  40. described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '1.2.3.4', by_identifier: 'bar')
  41. end
  42. end
  43. it 'raises error due too many operations with the same value from different IPs' do
  44. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '4.5.6.7', by_identifier: 'bar') }
  45. .to raise_error(described_class::ThrottleLimitExceeded)
  46. end
  47. it 'raises error due too many operations with upercase value' do
  48. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '4.5.6.7', by_identifier: 'BAR') }
  49. .to raise_error(described_class::ThrottleLimitExceeded)
  50. end
  51. it 'raises error due too many operations with trailing space' do
  52. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '4.5.6.7', by_identifier: 'bar ') }
  53. .to raise_error(described_class::ThrottleLimitExceeded)
  54. end
  55. it 'passes after period is over' do
  56. travel 2.hours
  57. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '4.5.6.7', by_identifier: 'bar') }
  58. .not_to raise_error
  59. end
  60. it 'passes with a different value' do
  61. expect { described_class.new(limit: 5, period: 1.hour, operation: 'test').ensure_within_limits!(by_ip: '4.5.6.7', by_identifier: 'baz') }
  62. .not_to raise_error
  63. end
  64. end
  65. end
  66. end
  67. end