Add rate limiting to all repp actions

2025-07-28 05:26:17 +02:00 · 2022-08-02 06:14:47 -03:00 · 2022-08-02 06:14:47 -03:00 · 2a58bf3849
commit 2a58bf3849
parent fb60466194
48 changed files with 757 additions and 16 deletions
--- a/test/integration/repp/v1/accounts/update_details_test.rb
+++ b/test/integration/repp/v1/accounts/update_details_test.rb
@ -7,6 +7,9 @@ class ReppV1AccountsUpdateDetailsTest < ActionDispatch::IntegrationTest
    token = "Basic #{token}"

    @auth_headers = { 'Authorization' => token }
+
+    adapter = ENV["shunter_default_adapter"].constantize.new
+    adapter&.clear!
  end

  def test_updates_details
@ -27,4 +30,26 @@ class ReppV1AccountsUpdateDetailsTest < ActionDispatch::IntegrationTest
    assert_equal(request_body[:account][:billing_email], @user.registrar.billing_email)
    assert_equal(request_body[:account][:iban], @user.registrar.iban)
  end
-end
+
+  def test_returns_error_response_if_throttled
+    ENV["shunter_default_threshold"] = '1'
+    ENV["shunter_enabled"] = 'true'
+
+    request_body =  {
+      account: {
+        billing_email: 'donaldtrump@yandex.ru',
+        iban: 'GB331111111111111111',
+      },
+    }
+
+    put '/repp/v1/accounts', headers: @auth_headers, params: request_body
+    put '/repp/v1/accounts', headers: @auth_headers, params: request_body
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal json[:code], 2502
+    assert response.body.include?(Shunter.default_error_message)
+    ENV["shunter_default_threshold"] = '10000'
+    ENV["shunter_enabled"] = 'false'
+  end
+end