chuckya/spec/controllers/concerns/rate_limit_headers_spec.rb
Matt Jankowski f0634ba876 Coverage improvement and concern extraction for rate limit headers in API controller (#3625)
* Coverage for rate limit headers

* Move rate limit headers methods to concern

* Move throttle check to condition on before_action

* Move match_data variable into method

* Move utc timestamp to separate method

* Move header setting into smaller methods

* specs cleanup
2017-06-07 17:23:26 +02:00

56 lines
1.4 KiB
Ruby

# frozen_string_literal: true
require 'rails_helper'
describe ApplicationController do
controller do
include RateLimitHeaders
def show
head 200
end
end
before do
routes.draw { get 'show' => 'anonymous#show' }
end
describe 'rate limiting' do
context 'throttling is off' do
before do
request.env['rack.attack.throttle_data'] = nil
end
it 'does not apply rate limiting' do
get 'show'
expect(response.headers['X-RateLimit-Limit']).to be_nil
expect(response.headers['X-RateLimit-Remaining']).to be_nil
expect(response.headers['X-RateLimit-Reset']).to be_nil
end
end
context 'throttling is on' do
let(:start_time) { DateTime.new(2017, 1, 1, 12, 0, 0).utc }
before do
request.env['rack.attack.throttle_data'] = { 'api' => { limit: 100, count: 20, period: 10 } }
travel_to start_time do
get 'show'
end
end
it 'applies rate limiting limit header' do
expect(response.headers['X-RateLimit-Limit']).to eq '100'
end
it 'applies rate limiting remaining header' do
expect(response.headers['X-RateLimit-Remaining']).to eq '80'
end
it 'applies rate limiting reset header' do
expect(response.headers['X-RateLimit-Reset']).to eq (start_time + 10.seconds).iso8601(6)
end
end
end
end