X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/93e49daee21b64f0af0ba7fa3035904843a028ea..2fcee9625dcd192d0c524f27d9cb182c883e31b4:/test/controllers/api/relations_controller_test.rb
diff --git a/test/controllers/api/relations_controller_test.rb b/test/controllers/api/relations_controller_test.rb
index de24c087d..e6f507d3a 100644
--- a/test/controllers/api/relations_controller_test.rb
+++ b/test/controllers/api/relations_controller_test.rb
@@ -102,7 +102,7 @@ module Api
second_relation = create(:relation_member, :member => node).relation
_super_relation = create(:relation_member, :member => second_relation).relation
# should combine multiple relation_member references into just one relation entry
- create(:relation_member, :member => node, :relation => relation_with_node, :sequence_id => 2)
+ create(:relation_member, :member => node, :relation => relation_with_node)
# should not include deleted relations
deleted_relation = create(:relation, :deleted)
create(:relation_member, :member => node, :relation => deleted_relation)
@@ -122,7 +122,7 @@ module Api
second_relation = create(:relation_member, :member => way).relation
_super_relation = create(:relation_member, :member => second_relation).relation
# should combine multiple relation_member references into just one relation entry
- create(:relation_member, :member => way, :relation => relation_with_way, :sequence_id => 2)
+ create(:relation_member, :member => way, :relation => relation_with_way)
# should not include deleted relations
deleted_relation = create(:relation, :deleted)
create(:relation_member, :member => way, :relation => deleted_relation)
@@ -142,7 +142,7 @@ module Api
second_relation = create(:relation_member, :member => relation).relation
_super_relation = create(:relation_member, :member => second_relation).relation
# should combine multiple relation_member references into just one relation entry
- create(:relation_member, :member => relation, :relation => relation_with_relation, :sequence_id => 2)
+ create(:relation_member, :member => relation, :relation => relation_with_relation)
# should not include deleted relations
deleted_relation = create(:relation, :deleted)
create(:relation_member, :member => relation, :relation => deleted_relation)
@@ -245,7 +245,7 @@ module Api
# create an relation with a node as member, this time test that we don't
# need a role attribute to be included
xml = "" \
- "" + ""
+ ""
put relation_create_path, :params => xml, :headers => auth_header
# hope for forbidden due to user
assert_response :forbidden,
@@ -322,7 +322,7 @@ module Api
# create an relation with a node as member, this time test that we don't
# need a role attribute to be included
xml = "" \
- "" + ""
+ ""
put relation_create_path, :params => xml, :headers => auth_header
# hope for success
assert_response :success,
@@ -612,8 +612,7 @@ module Api
# valid delete should return the new version number, which should
# be greater than the old version number
- assert @response.body.to_i > multi_tag_relation.version,
- "delete request should return a new version number for relation"
+ assert_operator @response.body.to_i, :>, multi_tag_relation.version, "delete request should return a new version number for relation"
# this won't work since the relation is already deleted
xml = update_changeset(xml_for_relation(deleted_relation), changeset.id)
@@ -907,6 +906,117 @@ module Api
end
end
+ ##
+ # test initial rate limit
+ def test_initial_rate_limit
+ # create a user
+ user = create(:user)
+
+ # create some nodes
+ node1 = create(:node)
+ node2 = create(:node)
+
+ # create a changeset that puts us near the initial rate limit
+ changeset = create(:changeset, :user => user,
+ :created_at => Time.now.utc - 5.minutes,
+ :num_changes => Settings.initial_changes_per_hour - 1)
+
+ # create authentication header
+ auth_header = basic_authorization_header user.email, "test"
+
+ # try creating a relation
+ xml = "" \
+ "" \
+ "" \
+ ""
+ put relation_create_path, :params => xml, :headers => auth_header
+ assert_response :success, "relation create did not return success status"
+
+ # get the id of the relation we created
+ relationid = @response.body
+
+ # try updating the relation, which should be rate limited
+ xml = "" \
+ "" \
+ "" \
+ ""
+ put api_relation_path(relationid), :params => xml, :headers => auth_header
+ assert_response :too_many_requests, "relation update did not hit rate limit"
+
+ # try deleting the relation, which should be rate limited
+ xml = ""
+ delete api_relation_path(relationid), :params => xml, :headers => auth_header
+ assert_response :too_many_requests, "relation delete did not hit rate limit"
+
+ # try creating a relation, which should be rate limited
+ xml = "" \
+ "" \
+ "" \
+ ""
+ put relation_create_path, :params => xml, :headers => auth_header
+ assert_response :too_many_requests, "relation create did not hit rate limit"
+ end
+
+ ##
+ # test maximum rate limit
+ def test_maximum_rate_limit
+ # create a user
+ user = create(:user)
+
+ # create some nodes
+ node1 = create(:node)
+ node2 = create(:node)
+
+ # create a changeset to establish our initial edit time
+ changeset = create(:changeset, :user => user,
+ :created_at => Time.now.utc - 28.days)
+
+ # create changeset to put us near the maximum rate limit
+ total_changes = Settings.max_changes_per_hour - 1
+ while total_changes.positive?
+ changes = [total_changes, Changeset::MAX_ELEMENTS].min
+ changeset = create(:changeset, :user => user,
+ :created_at => Time.now.utc - 5.minutes,
+ :num_changes => changes)
+ total_changes -= changes
+ end
+
+ # create authentication header
+ auth_header = basic_authorization_header user.email, "test"
+
+ # try creating a relation
+ xml = "" \
+ "" \
+ "" \
+ ""
+ put relation_create_path, :params => xml, :headers => auth_header
+ assert_response :success, "relation create did not return success status"
+
+ # get the id of the relation we created
+ relationid = @response.body
+
+ # try updating the relation, which should be rate limited
+ xml = "" \
+ "" \
+ "" \
+ ""
+ put api_relation_path(relationid), :params => xml, :headers => auth_header
+ assert_response :too_many_requests, "relation update did not hit rate limit"
+
+ # try deleting the relation, which should be rate limited
+ xml = ""
+ delete api_relation_path(relationid), :params => xml, :headers => auth_header
+ assert_response :too_many_requests, "relation delete did not hit rate limit"
+
+ # try creating a relation, which should be rate limited
+ xml = "" \
+ "" \
+ "" \
+ ""
+ put relation_create_path, :params => xml, :headers => auth_header
+ assert_response :too_many_requests, "relation create did not hit rate limit"
+ end
+
private
def check_relations_for_element(path, type, id, expected_relations)
@@ -915,7 +1025,7 @@ module Api
assert_response :success
# count one osm element
- assert_select "osm[version='#{Settings.api_version}'][generator='OpenStreetMap server']", 1
+ assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", 1
# we should have only the expected number of relations
assert_select "osm>relation", expected_relations.size
@@ -1009,7 +1119,7 @@ module Api
##
# updates the relation (XML) +rel+ and
# yields the new version of that relation into the block.
- # the parsed XML doc is retured.
+ # the parsed XML doc is returned.
def with_update(rel, headers)
rel_id = rel.find("//osm/relation").first["id"].to_i
put api_relation_path(:id => rel_id), :params => rel.to_s, :headers => headers
@@ -1029,14 +1139,14 @@ module Api
##
# updates the relation (XML) +rel+ via the diff-upload API and
# yields the new version of that relation into the block.
- # the parsed XML doc is retured.
+ # the parsed XML doc is returned.
def with_update_diff(rel, headers)
rel_id = rel.find("//osm/relation").first["id"].to_i
cs_id = rel.find("//osm/relation").first["changeset"].to_i
version = nil
with_controller(Api::ChangesetsController.new) do
- doc = OSM::API.new.get_xml_doc
+ doc = OSM::API.new.xml_doc
change = XML::Node.new "osmChange"
doc.root = change
modify = XML::Node.new "modify"