1
0

ratelimiting.feature 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960
  1. # SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
  2. # SPDX-License-Identifier: AGPL-3.0-or-later
  3. Feature: ratelimiting
  4. Background:
  5. Given user "user0" exists
  6. Given As an "admin"
  7. Given invoking occ with "app:enable --force testing"
  8. Scenario: Accessing a page with only an AnonRateThrottle as user
  9. Given user "user0" exists
  10. # First request should work
  11. When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
  12. Then the HTTP status code should be "200"
  13. # Second one should fail
  14. When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
  15. Then the HTTP status code should be "429"
  16. # After 11 seconds the next request should work
  17. And Sleep for "11" seconds
  18. When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
  19. Then the HTTP status code should be "200"
  20. Scenario: Accessing a page with only an AnonRateThrottle as guest
  21. Given Sleep for "11" seconds
  22. # First request should work
  23. When requesting "/index.php/apps/testing/anonProtected" with "GET"
  24. Then the HTTP status code should be "200"
  25. # Second one should fail
  26. When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
  27. Then the HTTP status code should be "429"
  28. # After 11 seconds the next request should work
  29. And Sleep for "11" seconds
  30. When requesting "/index.php/apps/testing/anonProtected" with "GET" using basic auth
  31. Then the HTTP status code should be "200"
  32. Scenario: Accessing a page with UserRateThrottle and AnonRateThrottle
  33. # First request should work as guest
  34. When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET"
  35. Then the HTTP status code should be "200"
  36. # Second request should fail as guest
  37. When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET"
  38. Then the HTTP status code should be "429"
  39. # First request should work as user
  40. When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
  41. Then the HTTP status code should be "200"
  42. # Second request should work as user
  43. When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
  44. Then the HTTP status code should be "200"
  45. # Third request should work as user
  46. When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
  47. Then the HTTP status code should be "200"
  48. # Fourth request should work as user
  49. When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
  50. Then the HTTP status code should be "200"
  51. # Fifth request should work as user
  52. When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET" using basic auth
  53. Then the HTTP status code should be "200"
  54. # Sixth request should fail as user
  55. When requesting "/index.php/apps/testing/userAndAnonProtected" with "GET"
  56. Then the HTTP status code should be "429"