Add rate limiting to all repp actions

2025-07-29 22:16:19 +02:00 · 2022-08-02 06:14:47 -03:00 · 2022-08-02 06:14:47 -03:00 · 2a58bf3849
commit 2a58bf3849
parent fb60466194
48 changed files with 757 additions and 16 deletions
--- a/test/integration/repp/v1/registrar/notifications_test.rb
+++ b/test/integration/repp/v1/registrar/notifications_test.rb
@ -7,6 +7,9 @@ class ReppV1RegistrarNotificationsTest < ActionDispatch::IntegrationTest
    token = "Basic #{token}"

    @auth_headers = { 'Authorization' => token }
+
+    adapter = ENV["shunter_default_adapter"].constantize.new
+    adapter&.clear!
  end

  def test_all_unreaded_poll_messages
@ -20,6 +23,22 @@ class ReppV1RegistrarNotificationsTest < ActionDispatch::IntegrationTest
    assert_equal json[:data].last[:text], notification.last.text
  end

+  def test_all_notifications_returns_error_response_if_throttled
+    ENV["shunter_default_threshold"] = '1'
+    ENV["shunter_enabled"] = 'true'
+
+    notification = @user.registrar.notifications.where(read: false).order(created_at: :desc).all
+    get "/repp/v1/registrar/notifications/all_notifications", headers: @auth_headers
+    get "/repp/v1/registrar/notifications/all_notifications", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal json[:code], 2502
+    assert response.body.include?(Shunter.default_error_message)
+    ENV["shunter_default_threshold"] = '10000'
+    ENV["shunter_enabled"] = 'false'
+  end
+
  def test_gets_latest_unread_poll_message
    notification = @user.registrar.notifications.where(read: false).order(created_at: :desc).first
    get "/repp/v1/registrar/notifications", headers: @auth_headers
@ -31,6 +50,22 @@ class ReppV1RegistrarNotificationsTest < ActionDispatch::IntegrationTest
    assert_equal notification.text, json[:data][:text]
  end

+  def test_index_returns_error_response_if_throttled
+    ENV["shunter_default_threshold"] = '1'
+    ENV["shunter_enabled"] = 'true'
+
+    notification = @user.registrar.notifications.where(read: false).order(created_at: :desc).first
+    get "/repp/v1/registrar/notifications", headers: @auth_headers
+    get "/repp/v1/registrar/notifications", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal json[:code], 2502
+    assert response.body.include?(Shunter.default_error_message)
+    ENV["shunter_default_threshold"] = '10000'
+    ENV["shunter_enabled"] = 'false'
+  end
+
  def test_can_read_specific_notification_by_id
    notification = @user.registrar.notifications.order(created_at: :desc).second

@ -43,6 +78,23 @@ class ReppV1RegistrarNotificationsTest < ActionDispatch::IntegrationTest
    assert_equal notification.text, json[:data][:text]
  end

+  def test_show_returns_error_response_if_throttled
+    ENV["shunter_default_threshold"] = '1'
+    ENV["shunter_enabled"] = 'true'
+
+    notification = @user.registrar.notifications.order(created_at: :desc).second
+
+    get "/repp/v1/registrar/notifications/#{notification.id}", headers: @auth_headers
+    get "/repp/v1/registrar/notifications/#{notification.id}", headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal json[:code], 2502
+    assert response.body.include?(Shunter.default_error_message)
+    ENV["shunter_default_threshold"] = '10000'
+    ENV["shunter_enabled"] = 'false'
+  end
+
  def test_can_mark_notification_as_read
    @auth_headers['Content-Type'] = 'application/json'
    notification = @user.registrar.notifications.where(read: false).order(created_at: :desc).first