squeegily
/
pleroma
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 42 Wiki Activity
Fork of Pleroma with site-specific changes and feature branches https://git.pleroma.social/pleroma/pleroma
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7206 Commits
154 Branches
503MB
Tree: 52ed2f8f2d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '52ed2f8f2d'
${ noResults }
pleroma/test/plugs/rate_limiter_test.exs

175 lines
5.7KB
Raw Blame History 

  1. # Pleroma: A lightweight social networking server

  2. # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>

  3. # SPDX-License-Identifier: AGPL-3.0-only

  4. 

  5. defmodule Pleroma.Plugs.RateLimiterTest do

  6.   use ExUnit.Case, async: true

  7.   use Plug.Test

  8. 

  9.   alias Pleroma.Plugs.RateLimiter

  10. 

  11.   import Pleroma.Factory

  12. 

  13.   # Note: each example must work with separate buckets in order to prevent concurrency issues

  14. 

  15.   test "init/1" do

  16.     limiter_name = :test_init

  17.     Pleroma.Config.put([:rate_limit, limiter_name], {1, 1})

  18. 

  19.     assert {limiter_name, {1, 1}, []} == RateLimiter.init(limiter_name)

  20.     assert nil == RateLimiter.init(:foo)

  21.   end

  22. 

  23.   test "ip/1" do

  24.     assert "127.0.0.1" == RateLimiter.ip(%{remote_ip: {127, 0, 0, 1}})

  25.   end

  26. 

  27.   test "it restricts by opts" do

  28.     limiter_name = :test_opts

  29.     scale = 1000

  30.     limit = 5

  31. 

  32.     Pleroma.Config.put([:rate_limit, limiter_name], {scale, limit})

  33. 

  34.     opts = RateLimiter.init(limiter_name)

  35.     conn = conn(:get, "/")

  36.     bucket_name = "#{limiter_name}:#{RateLimiter.ip(conn)}"

  37. 

  38.     conn = RateLimiter.call(conn, opts)

  39.     assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  40. 

  41.     conn = RateLimiter.call(conn, opts)

  42.     assert {2, 3, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  43. 

  44.     conn = RateLimiter.call(conn, opts)

  45.     assert {3, 2, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  46. 

  47.     conn = RateLimiter.call(conn, opts)

  48.     assert {4, 1, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  49. 

  50.     conn = RateLimiter.call(conn, opts)

  51.     assert {5, 0, to_reset, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  52. 

  53.     conn = RateLimiter.call(conn, opts)

  54. 

  55.     assert %{"error" => "Throttled"} = Phoenix.ConnTest.json_response(conn, :too_many_requests)

  56.     assert conn.halted

  57. 

  58.     Process.sleep(to_reset)

  59. 

  60.     conn = conn(:get, "/")

  61. 

  62.     conn = RateLimiter.call(conn, opts)

  63.     assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  64. 

  65.     refute conn.status == Plug.Conn.Status.code(:too_many_requests)

  66.     refute conn.resp_body

  67.     refute conn.halted

  68.   end

  69. 

  70.   test "`bucket_name` option overrides default bucket name" do

  71.     limiter_name = :test_bucket_name

  72.     scale = 1000

  73.     limit = 5

  74. 

  75.     Pleroma.Config.put([:rate_limit, limiter_name], {scale, limit})

  76.     base_bucket_name = "#{limiter_name}:group1"

  77.     opts = RateLimiter.init({limiter_name, bucket_name: base_bucket_name})

  78. 

  79.     conn = conn(:get, "/")

  80.     default_bucket_name = "#{limiter_name}:#{RateLimiter.ip(conn)}"

  81.     customized_bucket_name = "#{base_bucket_name}:#{RateLimiter.ip(conn)}"

  82. 

  83.     RateLimiter.call(conn, opts)

  84.     assert {1, 4, _, _, _} = ExRated.inspect_bucket(customized_bucket_name, scale, limit)

  85.     assert {0, 5, _, _, _} = ExRated.inspect_bucket(default_bucket_name, scale, limit)

  86.   end

  87. 

  88.   test "`params` option appends specified params' values to bucket name" do

  89.     limiter_name = :test_params

  90.     scale = 1000

  91.     limit = 5

  92. 

  93.     Pleroma.Config.put([:rate_limit, limiter_name], {scale, limit})

  94.     opts = RateLimiter.init({limiter_name, params: ["id"]})

  95.     id = "1"

  96. 

  97.     conn = conn(:get, "/?id=#{id}")

  98.     conn = Plug.Conn.fetch_query_params(conn)

  99. 

  100.     default_bucket_name = "#{limiter_name}:#{RateLimiter.ip(conn)}"

  101.     parametrized_bucket_name = "#{limiter_name}:#{id}:#{RateLimiter.ip(conn)}"

  102. 

  103.     RateLimiter.call(conn, opts)

  104.     assert {1, 4, _, _, _} = ExRated.inspect_bucket(parametrized_bucket_name, scale, limit)

  105.     assert {0, 5, _, _, _} = ExRated.inspect_bucket(default_bucket_name, scale, limit)

  106.   end

  107. 

  108.   test "it supports combination of options modifying bucket name" do

  109.     limiter_name = :test_options_combo

  110.     scale = 1000

  111.     limit = 5

  112. 

  113.     Pleroma.Config.put([:rate_limit, limiter_name], {scale, limit})

  114.     base_bucket_name = "#{limiter_name}:group1"

  115.     opts = RateLimiter.init({limiter_name, bucket_name: base_bucket_name, params: ["id"]})

  116.     id = "100"

  117. 

  118.     conn = conn(:get, "/?id=#{id}")

  119.     conn = Plug.Conn.fetch_query_params(conn)

  120. 

  121.     default_bucket_name = "#{limiter_name}:#{RateLimiter.ip(conn)}"

  122.     parametrized_bucket_name = "#{base_bucket_name}:#{id}:#{RateLimiter.ip(conn)}"

  123. 

  124.     RateLimiter.call(conn, opts)

  125.     assert {1, 4, _, _, _} = ExRated.inspect_bucket(parametrized_bucket_name, scale, limit)

  126.     assert {0, 5, _, _, _} = ExRated.inspect_bucket(default_bucket_name, scale, limit)

  127.   end

  128. 

  129.   test "optional limits for authenticated users" do

  130.     limiter_name = :test_authenticated

  131.     Ecto.Adapters.SQL.Sandbox.checkout(Pleroma.Repo)

  132. 

  133.     scale = 1000

  134.     limit = 5

  135.     Pleroma.Config.put([:rate_limit, limiter_name], [{1, 10}, {scale, limit}])

  136. 

  137.     opts = RateLimiter.init(limiter_name)

  138. 

  139.     user = insert(:user)

  140.     conn = conn(:get, "/") |> assign(:user, user)

  141.     bucket_name = "#{limiter_name}:#{user.id}"

  142. 

  143.     conn = RateLimiter.call(conn, opts)

  144.     assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  145. 

  146.     conn = RateLimiter.call(conn, opts)

  147.     assert {2, 3, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  148. 

  149.     conn = RateLimiter.call(conn, opts)

  150.     assert {3, 2, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  151. 

  152.     conn = RateLimiter.call(conn, opts)

  153.     assert {4, 1, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  154. 

  155.     conn = RateLimiter.call(conn, opts)

  156.     assert {5, 0, to_reset, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  157. 

  158.     conn = RateLimiter.call(conn, opts)

  159. 

  160.     assert %{"error" => "Throttled"} = Phoenix.ConnTest.json_response(conn, :too_many_requests)

  161.     assert conn.halted

  162. 

  163.     Process.sleep(to_reset)

  164. 

  165.     conn = conn(:get, "/") |> assign(:user, user)

  166. 

  167.     conn = RateLimiter.call(conn, opts)

  168.     assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)

  169. 

  170.     refute conn.status == Plug.Conn.Status.code(:too_many_requests)

  171.     refute conn.resp_body

  172.     refute conn.halted

  173.   end

  174. end