X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/2d3972249c18fc5cd193a8b2f2efe9b46badb217..5d1bc7a4fa3f21db35ca95292ec9a383476c3843:/test/controllers/api/ways_controller_test.rb diff --git a/test/controllers/api/ways_controller_test.rb b/test/controllers/api/ways_controller_test.rb index 672a282a9..791da8029 100644 --- a/test/controllers/api/ways_controller_test.rb +++ b/test/controllers/api/ways_controller_test.rb @@ -180,8 +180,7 @@ module Api assert_not_nil checkway, "uploaded way not found in data base after upload" # compare values - assert_equal checkway.nds.length, 2, - "saved way does not contain exactly one node" + assert_equal(2, checkway.nds.length, "saved way does not contain exactly one node") assert_equal checkway.nds[0], node1.id, "saved way does not contain the right node on pos 0" assert_equal checkway.nds[1], node2.id, @@ -380,8 +379,7 @@ module Api # check the returned value - should be the new version number # valid delete should return the new version number, which should # be greater than the old version number - assert @response.body.to_i > way.version, - "delete request should return a new version number for way" + assert_operator @response.body.to_i, :>, way.version, "delete request should return a new version number for way" # this won't work since the way is already deleted xml = xml_for_way(deleted_way) @@ -755,6 +753,113 @@ module Api end end + ## + # test initial rate limit + def test_initial_rate_limit + # create a user + user = create(:user) + + # create some nodes + node1 = create(:node) + node2 = create(:node) + + # create a changeset that puts us near the initial rate limit + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 5.minutes, + :num_changes => Settings.initial_changes_per_hour - 1) + + # create authentication header + auth_header = basic_authorization_header user.email, "test" + + # try creating a way + xml = "" \ + "" \ + "" + put way_create_path, :params => xml, :headers => auth_header + assert_response :success, "way create did not return success status" + + # get the id of the way we created + wayid = @response.body + + # try updating the way, which should be rate limited + xml = "" \ + "" \ + "" + put api_way_path(wayid), :params => xml, :headers => auth_header + assert_response :too_many_requests, "way update did not hit rate limit" + + # try deleting the way, which should be rate limited + xml = "" + delete api_way_path(wayid), :params => xml, :headers => auth_header + assert_response :too_many_requests, "way delete did not hit rate limit" + + # try creating a way, which should be rate limited + xml = "" \ + "" \ + "" + put way_create_path, :params => xml, :headers => auth_header + assert_response :too_many_requests, "way create did not hit rate limit" + end + + ## + # test maximum rate limit + def test_maximum_rate_limit + # create a user + user = create(:user) + + # create some nodes + node1 = create(:node) + node2 = create(:node) + + # create a changeset to establish our initial edit time + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 28.days) + + # create changeset to put us near the maximum rate limit + total_changes = Settings.max_changes_per_hour - 1 + while total_changes.positive? + changes = [total_changes, Changeset::MAX_ELEMENTS].min + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 5.minutes, + :num_changes => changes) + total_changes -= changes + end + + # create authentication header + auth_header = basic_authorization_header user.email, "test" + + # try creating a way + xml = "" \ + "" \ + "" + put way_create_path, :params => xml, :headers => auth_header + assert_response :success, "way create did not return success status" + + # get the id of the way we created + wayid = @response.body + + # try updating the way, which should be rate limited + xml = "" \ + "" \ + "" + put api_way_path(wayid), :params => xml, :headers => auth_header + assert_response :too_many_requests, "way update did not hit rate limit" + + # try deleting the way, which should be rate limited + xml = "" + delete api_way_path(wayid), :params => xml, :headers => auth_header + assert_response :too_many_requests, "way delete did not hit rate limit" + + # try creating a way, which should be rate limited + xml = "" \ + "" \ + "" + put way_create_path, :params => xml, :headers => auth_header + assert_response :too_many_requests, "way create did not hit rate limit" + end + + private + ## # update the changeset_id of a way element def update_changeset(xml, changeset_id)