Add tests for Gitlab::RackAttack.throttled_response_headers

Issue https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/731

Add tests for Gitlab::RackAttack.throttled_response_headers
Issue https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/731
830926a6 · Quang-Minh Nguyen · eb871d3a · 830926a6 · 830926a6
Commit 830926a6 authored Jan 05, 2021 by Quang-Minh Nguyen
Show whitespace changes
Inline Side-by-side

Showing with 184 additions and 1 deletion

ee/spec/lib/gitlab/rack_attack_spec.rb ee/spec/lib/gitlab/rack_attack_spec.rb +183 -0

lib/gitlab/rack_attack.rb lib/gitlab/rack_attack.rb +1 -1

No files found.
--- a/ee/spec/lib/gitlab/rack_attack_spec.rb
+++ b/ee/spec/lib/gitlab/rack_attack_spec.rb
@@ -25,4 +25,187 @@ RSpec.describe Gitlab::RackAttack, :aggregate_failures do
        .with('throttle_incident_management_notification_web', Gitlab::Throttle.authenticated_web_options)
    end
  end
+
+  describe '.throttled_response_headers' do
+    where(:match_data, :headers) do
+      [
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 1.hour,
+            limit: 3600,
+            epoch_time: Time.utc(2021, 1, 5, 10, 29, 30).to_i
+          },
+          {
+            'RateLimit-Limit' => '60',
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '1830',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 11:00:00 GMT',
+            'Retry-After' => '1830'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 1.hour,
+            limit: 3600,
+            epoch_time: Time.utc(2021, 1, 5, 10, 59, 59).to_i
+          },
+          {
+            'RateLimit-Limit' => '60',
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '1',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 11:00:00 GMT',
+            'Retry-After' => '1'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 1.hour,
+            limit: 3600,
+            epoch_time: Time.utc(2021, 1, 5, 10, 0, 0).to_i
+          },
+          {
+            'RateLimit-Limit' => '60',
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '3600',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 11:00:00 GMT',
+            'Retry-After' => '3600'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 1.hour,
+            limit: 3600,
+            epoch_time: Time.utc(2021, 1, 5, 23, 30, 0).to_i
+          },
+          {
+            'RateLimit-Limit' => '60',
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '1800',
+            'RateLimit-ResetTime' => 'Wed, 06 Jan 2021 00:00:00 GMT', # Next day
+            'Retry-After' => '1800'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 1.hour,
+            limit: 3400,
+            epoch_time: Time.utc(2021, 1, 5, 10, 30, 0).to_i
+          },
+          {
+            'RateLimit-Limit' => '57', # 56.66 requests per minute
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '1800',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 11:00:00 GMT',
+            'Retry-After' => '1800'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 1.hour,
+            limit: 3700,
+            epoch_time: Time.utc(2021, 1, 5, 10, 30, 0).to_i
+          },
+          {
+            'RateLimit-Limit' => '62', # 61.66 requests per minute
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '1800',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 11:00:00 GMT',
+            'Retry-After' => '1800'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 1.hour,
+            limit: 59,
+            epoch_time: Time.utc(2021, 1, 5, 10, 30, 0).to_i
+          },
+          {
+            'RateLimit-Limit' => '1', # 0.9833 requests per minute
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '1800',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 11:00:00 GMT',
+            'Retry-After' => '1800'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 1.hour,
+            limit: 61,
+            epoch_time: Time.utc(2021, 1, 5, 10, 30, 0).to_i
+          },
+          {
+            'RateLimit-Limit' => '2', # 1.016 requests per minute
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '1800',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 11:00:00 GMT',
+            'Retry-After' => '1800'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 15.seconds,
+            limit: 10,
+            epoch_time: Time.utc(2021, 1, 5, 10, 30, 0).to_i
+          },
+          {
+            'RateLimit-Limit' => '40',
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '15',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 10:30:15 GMT',
+            'Retry-After' => '15'
+          }
+        ],
+        [
+          {
+            discriminator: '127.0.0.1',
+            count: 3700,
+            period: 27.seconds,
+            limit: 10,
+            epoch_time: Time.utc(2021, 1, 5, 10, 30, 0).to_i
+          },
+          {
+            'RateLimit-Limit' => '23',
+            'RateLimit-Observed' => '3700',
+            'RateLimit-Remaining' => '0',
+            'RateLimit-Reset' => '27',
+            'RateLimit-ResetTime' => 'Tue, 05 Jan 2021 10:30:27 GMT',
+            'Retry-After' => '27'
+          }
+        ]
+      ]
+    end
+
+    with_them do
+      it 'generates accurate throttled headers' do
+        expect(described_class.throttled_response_headers(match_data)).to eql(headers)
+      end
+    end
+  end
 end
--- a/lib/gitlab/rack_attack.rb
+++ b/lib/gitlab/rack_attack.rb
@@ -56,7 +56,7 @@ module Gitlab
      # Source: https://github.com/rack/rack-attack/blob/v6.3.0/lib/rack/attack/throttle.rb#L33
      period = match_data[:period]
      limit = match_data[:limit]
-      rounded_limit = (limit * 60.seconds / match_data[:period]).ceil
+      rounded_limit = (limit.to_f * 1.minute / match_data[:period]).ceil
      observed = match_data[:count]
      now = match_data[:epoch_time]
      retry_after = period - (now % period)