summaryrefslogtreecommitdiffstats
path: root/build/integration/features/ratelimiting.feature
blob: bd8b2e30a73e15e83fa89de7cfd7387c9b44b2fe (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
Feature: ratelimiting
  
  Background:
    Given user "user0" exists
    Given As an "admin"
    Given app "testing" is enabled

  Scenario: Accessing a page with only an AnonRateThrottle as user
    Given user "user0" exists
    # First request should work
    When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
    Then the HTTP status code should be "200"
    # Second one should fail
    When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
    Then the HTTP status code should be "429"
    # After 11 seconds the next request should work
    And Sleep for "11" seconds
    When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
    Then the HTTP status code should be "200"

  Scenario: Accessing a page with only an AnonRateThrottle as guest
    Given Sleep for "11" seconds
    # First request should work
    When requesting "/index.php/apps/testing/anonProtected" with "GET"
    Then the HTTP status code should be "200"
    # Second one should fail
    When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
    Then the HTTP status code should be "429"
    # After 11 seconds the next request should work
    And Sleep for "11" seconds
    When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
    Then the HTTP status code should be "200"

  Scenario: Accessing a page with UserRateThrottle and AnonRateThrottle
    # First request should work as guest
    When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET"
    Then the HTTP status code should be "200"
    # Second request should fail as guest
    When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET"
    Then the HTTP status code should be "429"
    # First request should work as user
    When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
    Then the HTTP status code should be "200"
    # Second request should work as user
    When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
    Then the HTTP status code should be "200"
    # Third request should work as user
    When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
    Then the HTTP status code should be "200"
    # Fourth request should work as user
    When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
    Then the HTTP status code should be "200"
    # Fifth request should work as user
    When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
    Then the HTTP status code should be "200"
    # Sixth request should fail as user
    When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET"
    Then the HTTP status code should be "429"