X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/98bfaace9aeba7fb387596cc16b2e661506173c6..352e5de4b99f91be23bb0ef5a248a7a90310ea32:/test/controllers/api/relations_controller_test.rb?ds=sidebyside diff --git a/test/controllers/api/relations_controller_test.rb b/test/controllers/api/relations_controller_test.rb index 7d011c17f..4a6d55efb 100644 --- a/test/controllers/api/relations_controller_test.rb +++ b/test/controllers/api/relations_controller_test.rb @@ -102,7 +102,7 @@ module Api second_relation = create(:relation_member, :member => node).relation _super_relation = create(:relation_member, :member => second_relation).relation # should combine multiple relation_member references into just one relation entry - create(:relation_member, :member => node, :relation => relation_with_node, :sequence_id => 2) + create(:relation_member, :member => node, :relation => relation_with_node) # should not include deleted relations deleted_relation = create(:relation, :deleted) create(:relation_member, :member => node, :relation => deleted_relation) @@ -122,7 +122,7 @@ module Api second_relation = create(:relation_member, :member => way).relation _super_relation = create(:relation_member, :member => second_relation).relation # should combine multiple relation_member references into just one relation entry - create(:relation_member, :member => way, :relation => relation_with_way, :sequence_id => 2) + create(:relation_member, :member => way, :relation => relation_with_way) # should not include deleted relations deleted_relation = create(:relation, :deleted) create(:relation_member, :member => way, :relation => deleted_relation) @@ -142,7 +142,7 @@ module Api second_relation = create(:relation_member, :member => relation).relation _super_relation = create(:relation_member, :member => second_relation).relation # should combine multiple relation_member references into just one relation entry - create(:relation_member, :member => relation, :relation => relation_with_relation, :sequence_id => 2) + create(:relation_member, :member => relation, :relation => relation_with_relation) # should not include deleted relations deleted_relation = create(:relation, :deleted) create(:relation_member, :member => relation, :relation => deleted_relation) @@ -178,11 +178,11 @@ module Api assert_response :bad_request # check error when no parameter value provided - get relations_path, :params => { :relations => "" } + get relations_path(:relations => "") assert_response :bad_request # test a working call - get relations_path, :params => { :relations => "#{relation1.id},#{relation2.id},#{relation3.id},#{relation4.id}" } + get relations_path(:relations => "#{relation1.id},#{relation2.id},#{relation3.id},#{relation4.id}") assert_response :success assert_select "osm" do assert_select "relation", :count => 4 @@ -193,7 +193,7 @@ module Api end # test a working call with json format - get relations_path, :params => { :relations => "#{relation1.id},#{relation2.id},#{relation3.id},#{relation4.id}", :format => "json" } + get relations_path(:relations => "#{relation1.id},#{relation2.id},#{relation3.id},#{relation4.id}", :format => "json") js = ActiveSupport::JSON.decode(@response.body) assert_not_nil js @@ -205,7 +205,7 @@ module Api assert_equal 1, (js["elements"].count { |a| a["id"] == relation4.id && a["visible"].nil? }) # check error when a non-existent relation is included - get relations_path, :params => { :relations => "#{relation1.id},#{relation2.id},#{relation3.id},#{relation4.id},0" } + get relations_path(:relations => "#{relation1.id},#{relation2.id},#{relation3.id},#{relation4.id},0") assert_response :not_found end @@ -788,7 +788,7 @@ module Api # check the ordering in the history tables: with_controller(OldRelationsController.new) do - get relation_version_path(:id => relation_id, :version => 2) + get api_old_relation_path(:id => relation_id, :version => 2) assert_response :success, "can't read back version 2 of the relation #{relation_id}" check_ordering(doc, @response.body) end @@ -868,7 +868,7 @@ module Api # check the ordering in the history tables: with_controller(OldRelationsController.new) do - get relation_version_path(:id => relation_id, :version => 1) + get api_old_relation_path(:id => relation_id, :version => 1) assert_response :success, "can't read back version 1 of the relation: #{@response.body}" check_ordering(doc, @response.body) end @@ -906,6 +906,117 @@ module Api end end + ## + # test initial rate limit + def test_initial_rate_limit + # create a user + user = create(:user) + + # create some nodes + node1 = create(:node) + node2 = create(:node) + + # create a changeset that puts us near the initial rate limit + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 5.minutes, + :num_changes => Settings.initial_changes_per_hour - 1) + + # create authentication header + auth_header = basic_authorization_header user.email, "test" + + # try creating a relation + xml = "" \ + "" \ + "" \ + "" + put relation_create_path, :params => xml, :headers => auth_header + assert_response :success, "relation create did not return success status" + + # get the id of the relation we created + relationid = @response.body + + # try updating the relation, which should be rate limited + xml = "" \ + "" \ + "" \ + "" + put api_relation_path(relationid), :params => xml, :headers => auth_header + assert_response :too_many_requests, "relation update did not hit rate limit" + + # try deleting the relation, which should be rate limited + xml = "" + delete api_relation_path(relationid), :params => xml, :headers => auth_header + assert_response :too_many_requests, "relation delete did not hit rate limit" + + # try creating a relation, which should be rate limited + xml = "" \ + "" \ + "" \ + "" + put relation_create_path, :params => xml, :headers => auth_header + assert_response :too_many_requests, "relation create did not hit rate limit" + end + + ## + # test maximum rate limit + def test_maximum_rate_limit + # create a user + user = create(:user) + + # create some nodes + node1 = create(:node) + node2 = create(:node) + + # create a changeset to establish our initial edit time + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 28.days) + + # create changeset to put us near the maximum rate limit + total_changes = Settings.max_changes_per_hour - 1 + while total_changes.positive? + changes = [total_changes, Changeset::MAX_ELEMENTS].min + changeset = create(:changeset, :user => user, + :created_at => Time.now.utc - 5.minutes, + :num_changes => changes) + total_changes -= changes + end + + # create authentication header + auth_header = basic_authorization_header user.email, "test" + + # try creating a relation + xml = "" \ + "" \ + "" \ + "" + put relation_create_path, :params => xml, :headers => auth_header + assert_response :success, "relation create did not return success status" + + # get the id of the relation we created + relationid = @response.body + + # try updating the relation, which should be rate limited + xml = "" \ + "" \ + "" \ + "" + put api_relation_path(relationid), :params => xml, :headers => auth_header + assert_response :too_many_requests, "relation update did not hit rate limit" + + # try deleting the relation, which should be rate limited + xml = "" + delete api_relation_path(relationid), :params => xml, :headers => auth_header + assert_response :too_many_requests, "relation delete did not hit rate limit" + + # try creating a relation, which should be rate limited + xml = "" \ + "" \ + "" \ + "" + put relation_create_path, :params => xml, :headers => auth_header + assert_response :too_many_requests, "relation create did not hit rate limit" + end + private def check_relations_for_element(path, type, id, expected_relations) @@ -998,7 +1109,7 @@ module Api get api_relation_path(:id => id) else with_controller(OldRelationsController.new) do - get relation_version_path(:id => id, :version => ver) + get api_old_relation_path(:id => id, :version => ver) end end assert_response :success