From e5a781ec25191c0dbb4a991f25307732d798619d Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Mon, 30 May 2022 11:33:38 +0200 Subject: Bypass rate limits for admins and moderators --- server/tests/api/server/reverse-proxy.ts | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'server/tests/api') diff --git a/server/tests/api/server/reverse-proxy.ts b/server/tests/api/server/reverse-proxy.ts index fa2063536..0a1565faf 100644 --- a/server/tests/api/server/reverse-proxy.ts +++ b/server/tests/api/server/reverse-proxy.ts @@ -7,6 +7,7 @@ import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServ describe('Test application behind a reverse proxy', function () { let server: PeerTubeServer + let userAccessToken: string let videoId: string before(async function () { @@ -34,6 +35,8 @@ describe('Test application behind a reverse proxy', function () { server = await createSingleServer(1, config) await setAccessTokensToServers([ server ]) + userAccessToken = await server.users.generateUserAndToken('user') + const { uuid } = await server.videos.upload() videoId = uuid }) @@ -93,7 +96,7 @@ describe('Test application behind a reverse proxy', function () { it('Should rate limit logins', async function () { const user = { username: 'root', password: 'fail' } - for (let i = 0; i < 19; i++) { + for (let i = 0; i < 18; i++) { await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) } @@ -141,6 +144,12 @@ describe('Test application behind a reverse proxy', function () { await server.videos.get({ id: videoId, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 }) }) + it('Should rate limit API calls with a user but not with an admin', async function () { + await server.videos.get({ id: videoId, token: userAccessToken, expectedStatus: HttpStatusCode.TOO_MANY_REQUESTS_429 }) + + await server.videos.get({ id: videoId, token: server.accessToken, expectedStatus: HttpStatusCode.OK_200 }) + }) + after(async function () { await cleanupTests([ server ]) }) -- cgit v1.2.3