2019-04-30 08:27:42 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
if ENV['COVERAGE']
|
|
|
|
require 'simplecov'
|
2021-03-30 02:01:35 +08:00
|
|
|
SimpleCov.command_name "#{SimpleCov.command_name} #{ENV['TEST_ENV_NUMBER']}" if ENV['TEST_ENV_NUMBER']
|
|
|
|
SimpleCov.start 'rails' do
|
|
|
|
add_group 'Libraries', /^\/lib\/(?!tasks).*$/
|
|
|
|
add_group 'Scripts', 'script'
|
|
|
|
add_group 'Serializers', 'app/serializers'
|
|
|
|
add_group 'Services', 'app/services'
|
|
|
|
add_group 'Tasks', 'lib/tasks'
|
|
|
|
end
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
require 'rubygems'
|
2022-05-05 09:50:02 +08:00
|
|
|
require 'rbtrace' if RUBY_ENGINE == "ruby"
|
2020-06-17 08:08:53 +08:00
|
|
|
require 'pry'
|
|
|
|
require 'pry-byebug'
|
|
|
|
require 'pry-rails'
|
2017-08-10 05:50:59 +08:00
|
|
|
require 'fabrication'
|
|
|
|
require 'mocha/api'
|
|
|
|
require 'certified'
|
|
|
|
require 'webmock/rspec'
|
|
|
|
|
2018-05-21 15:01:30 +08:00
|
|
|
class RspecErrorTracker
|
|
|
|
def self.last_exception=(ex)
|
|
|
|
@ex = ex
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.last_exception
|
|
|
|
@ex
|
|
|
|
end
|
|
|
|
|
|
|
|
def initialize(app, config = {})
|
|
|
|
@app = app
|
|
|
|
end
|
|
|
|
|
|
|
|
def call(env)
|
|
|
|
begin
|
|
|
|
@app.call(env)
|
DEV: Output webmock errors in request specs (#14782)
* DEV: Output webmock errors in request specs
In request specs, if you had not properly mocked an external
HTTP call, you would end up with a 500 error with no further
information instead of your expected response code, with an
rspec output like this:
```
Failures:
1) UploadsController#generate_presigned_put when the store is external generates a presigned URL and creates an external upload stub
Failure/Error: expect(response.status).to eq(200)
expected: 200
got: 500
(compared using ==)
# ./spec/requests/uploads_controller_spec.rb:727:in `block (4 levels) in <top (required)>'
# ./spec/rails_helper.rb:280:in `block (2 levels) in <top (required)>'
```
This is not helpful at all when you want to find what you actually
failed to mock, which is shown straight away in non-request specs.
This commit introduces a rescue_from block in the application
controller to log this error, so we have a much nicer output that
helps the developer find the issue:
```
Failures:
1) UploadsController#generate_presigned_put when the store is external generates a presigned URL and creates an external upload stub
Failure/Error: expect(response.status).to eq(200)
expected: 200
got: 500
(compared using ==)
# ./spec/requests/uploads_controller_spec.rb:727:in `block (4 levels) in <top (required)>'
# ./spec/rails_helper.rb:280:in `block (2 levels) in <top (required)>'
# ------------------
# --- Caused by: ---
# WebMock::NetConnectNotAllowedError:
# Real HTTP connections are disabled. Unregistered request: GET https://s3-upload-bucket.s3.us-west-1.amazonaws.com/?cors with headers {'Accept'=>'*/*', 'Accept-Encoding'=>'', 'Authorization'=>'AWS4-HMAC-SHA256 Credential=some key/20211101/us-west-1/s3/aws4_request, SignedHeaders=host;user-agent;x-amz-content-sha256;x-amz-date, Signature=test', 'Host'=>'s3-upload-bucket.s3.us-west-1.amazonaws.com', 'User-Agent'=>'aws-sdk-ruby3/3.121.2 ruby/2.7.1 x86_64-linux aws-sdk-s3/1.96.1', 'X-Amz-Content-Sha256'=>'test', 'X-Amz-Date'=>'20211101T035113Z'}
#
# You can stub this request with the following snippet:
#
# stub_request(:get, "https://s3-upload-bucket.s3.us-west-1.amazonaws.com/?cors").
# with(
# headers: {
# 'Accept'=>'*/*',
# 'Accept-Encoding'=>'',
# 'Authorization'=>'AWS4-HMAC-SHA256 Credential=some key/20211101/us-west-1/s3/aws4_request, SignedHeaders=host;user-agent;x-amz-content-sha256;x-amz-date, Signature=test',
# 'Host'=>'s3-upload-bucket.s3.us-west-1.amazonaws.com',
# 'User-Agent'=>'aws-sdk-ruby3/3.121.2 ruby/2.7.1 x86_64-linux aws-sdk-s3/1.96.1',
# 'X-Amz-Content-Sha256'=>'test',
# 'X-Amz-Date'=>'20211101T035113Z'
# }).
# to_return(status: 200, body: "", headers: {})
#
# registered request stubs:
#
# stub_request(:head, "https://s3-upload-bucket.s3.us-west-1.amazonaws.com/")
#
# ============================================================
```
* DEV: Require webmock in application controller if rails.env.test
* DEV: Rescue from StandardError and NetConnectNotAllowedError
2021-11-01 14:38:41 +08:00
|
|
|
|
|
|
|
# This is a little repetitive, but since WebMock::NetConnectNotAllowedError
|
2021-11-12 11:10:16 +08:00
|
|
|
# and also Mocha::ExpectationError inherit from Exception instead of StandardError
|
|
|
|
# they do not get captured by the rescue => e shorthand :(
|
|
|
|
rescue WebMock::NetConnectNotAllowedError, Mocha::ExpectationError, StandardError => e
|
2018-05-21 15:01:30 +08:00
|
|
|
RspecErrorTracker.last_exception = e
|
|
|
|
raise e
|
|
|
|
end
|
|
|
|
ensure
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
ENV["RAILS_ENV"] ||= 'test'
|
|
|
|
require File.expand_path("../../config/environment", __FILE__)
|
|
|
|
require 'rspec/rails'
|
2019-04-18 05:41:37 +08:00
|
|
|
require 'shoulda-matchers'
|
2017-08-10 05:50:59 +08:00
|
|
|
require 'sidekiq/testing'
|
2019-05-07 11:12:20 +08:00
|
|
|
require 'test_prof/recipes/rspec/let_it_be'
|
|
|
|
require 'test_prof/before_all/adapters/active_record'
|
2017-08-10 05:50:59 +08:00
|
|
|
|
2019-04-18 05:41:37 +08:00
|
|
|
# The shoulda-matchers gem no longer detects the test framework
|
|
|
|
# you're using or mixes itself into that framework automatically.
|
|
|
|
Shoulda::Matchers.configure do |config|
|
|
|
|
config.integrate do |with|
|
|
|
|
with.test_framework :rspec
|
|
|
|
with.library :active_record
|
|
|
|
with.library :active_model
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
# Requires supporting ruby files with custom matchers and macros, etc,
|
|
|
|
# in spec/support/ and its subdirectories.
|
|
|
|
Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f }
|
|
|
|
Dir[Rails.root.join("spec/fabricators/*.rb")].each { |f| require f }
|
2021-12-11 04:25:26 +08:00
|
|
|
require_relative './helpers/redis_snapshot_helper'
|
2017-08-10 05:50:59 +08:00
|
|
|
|
|
|
|
# Require plugin helpers at plugin/[plugin]/spec/plugin_helper.rb (includes symlinked plugins).
|
|
|
|
if ENV['LOAD_PLUGINS'] == "1"
|
|
|
|
Dir[Rails.root.join("plugins/*/spec/plugin_helper.rb")].each do |f|
|
|
|
|
require f
|
2017-05-19 10:38:36 +08:00
|
|
|
end
|
2021-11-30 12:55:45 +08:00
|
|
|
|
|
|
|
Dir[Rails.root.join("plugins/*/spec/fabricators/**/*.rb")].each do |f|
|
|
|
|
require f
|
|
|
|
end
|
2017-08-10 05:50:59 +08:00
|
|
|
end
|
2017-05-19 10:38:36 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
# let's not run seed_fu every test
|
|
|
|
SeedFu.quiet = true if SeedFu.respond_to? :quiet
|
2014-05-22 15:37:02 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
SiteSetting.automatically_download_gravatars = false
|
2014-12-16 05:10:27 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
SeedFu.seed
|
2013-02-06 03:16:51 +08:00
|
|
|
|
2019-06-03 09:33:56 +08:00
|
|
|
# we need this env var to ensure that we can impersonate in test
|
|
|
|
# this enable integration_helpers sign_in helper
|
|
|
|
ENV['DISCOURSE_DEV_ALLOW_ANON_TO_IMPERSONATE'] = '1'
|
|
|
|
|
2019-05-07 11:12:20 +08:00
|
|
|
module TestSetup
|
|
|
|
# This is run before each test and before each before_all block
|
|
|
|
def self.test_setup(x = nil)
|
2021-08-10 12:12:36 +08:00
|
|
|
RateLimiter.disable
|
2019-05-07 11:12:20 +08:00
|
|
|
PostActionNotifier.disable
|
|
|
|
SearchIndexer.disable
|
|
|
|
UserActionManager.disable
|
|
|
|
NotificationEmailer.disable
|
|
|
|
SiteIconManager.disable
|
2022-05-12 14:45:05 +08:00
|
|
|
WordWatcher.disable_cache
|
2019-05-07 11:12:20 +08:00
|
|
|
|
|
|
|
SiteSetting.provider.all.each do |setting|
|
|
|
|
SiteSetting.remove_override!(setting.name)
|
|
|
|
end
|
|
|
|
|
|
|
|
# very expensive IO operations
|
|
|
|
SiteSetting.automatically_download_gravatars = false
|
|
|
|
|
|
|
|
Discourse.clear_readonly!
|
|
|
|
Sidekiq::Worker.clear_all
|
|
|
|
|
2019-05-16 05:43:00 +08:00
|
|
|
I18n.locale = SiteSettings::DefaultsProvider::DEFAULT_LOCALE
|
2019-05-07 11:12:20 +08:00
|
|
|
|
|
|
|
RspecErrorTracker.last_exception = nil
|
|
|
|
|
|
|
|
if $test_cleanup_callbacks
|
|
|
|
$test_cleanup_callbacks.reverse_each(&:call)
|
|
|
|
$test_cleanup_callbacks = nil
|
|
|
|
end
|
|
|
|
|
2019-05-10 09:37:37 +08:00
|
|
|
# in test this is very expensive, we explicitly enable when needed
|
|
|
|
Topic.update_featured_topics = false
|
|
|
|
|
2019-05-07 11:12:20 +08:00
|
|
|
# Running jobs are expensive and most of our tests are not concern with
|
|
|
|
# code that runs inside jobs. run_later! means they are put on the redis
|
|
|
|
# queue and never processed.
|
|
|
|
Jobs.run_later!
|
2020-05-23 12:56:13 +08:00
|
|
|
|
|
|
|
# Don't track ApplicationRequests in test mode unless opted in
|
|
|
|
ApplicationRequest.disable
|
|
|
|
|
|
|
|
# Don't queue badge grant in test mode
|
|
|
|
BadgeGranter.disable_queue
|
2021-12-14 01:05:26 +08:00
|
|
|
|
2022-04-22 06:23:42 +08:00
|
|
|
# Make sure the default Post and Topic bookmarkables are registered
|
|
|
|
Bookmark.reset_bookmarkables
|
|
|
|
|
2021-12-14 01:05:26 +08:00
|
|
|
OmniAuth.config.test_mode = false
|
2019-05-07 11:12:20 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-05-21 20:07:40 +08:00
|
|
|
TestProf::BeforeAll.configure do |config|
|
|
|
|
config.before(:begin) do
|
|
|
|
TestSetup.test_setup
|
2019-05-07 11:12:20 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-05-21 20:07:40 +08:00
|
|
|
if ENV['PREFABRICATION'] == '0'
|
|
|
|
module Prefabrication
|
|
|
|
def fab!(name, &blk)
|
2019-05-07 11:12:20 +08:00
|
|
|
let!(name, &blk)
|
|
|
|
end
|
|
|
|
end
|
2019-05-21 20:07:40 +08:00
|
|
|
|
|
|
|
RSpec.configure do |config|
|
|
|
|
config.extend Prefabrication
|
|
|
|
end
|
|
|
|
else
|
|
|
|
TestProf::LetItBe.configure do |config|
|
|
|
|
config.alias_to :fab!, refind: true
|
|
|
|
end
|
2019-05-07 11:12:20 +08:00
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
RSpec.configure do |config|
|
|
|
|
config.fail_fast = ENV['RSPEC_FAIL_FAST'] == "1"
|
2019-08-29 17:56:43 +08:00
|
|
|
config.silence_filter_announcements = ENV['RSPEC_SILENCE_FILTER_ANNOUNCEMENTS'] == "1"
|
2021-12-11 04:25:26 +08:00
|
|
|
config.extend RedisSnapshotHelper
|
2017-08-10 05:50:59 +08:00
|
|
|
config.include Helpers
|
|
|
|
config.include MessageBus
|
|
|
|
config.include RSpecHtmlMatchers
|
|
|
|
config.include IntegrationHelpers, type: :request
|
2020-01-15 18:27:12 +08:00
|
|
|
config.include WebauthnIntegrationHelpers
|
2019-01-16 10:25:42 +08:00
|
|
|
config.include SiteSettingsHelpers
|
2020-07-24 17:16:52 +08:00
|
|
|
config.include SidekiqHelpers
|
2020-09-14 19:32:25 +08:00
|
|
|
config.include UploadsHelpers
|
2021-05-26 17:41:35 +08:00
|
|
|
config.include OneboxHelpers
|
2021-10-19 19:42:29 +08:00
|
|
|
config.include FastImageHelpers
|
2017-08-10 05:50:59 +08:00
|
|
|
config.mock_framework = :mocha
|
|
|
|
config.order = 'random'
|
|
|
|
config.infer_spec_type_from_file_location!
|
2013-02-06 03:16:51 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
# If you're not using ActiveRecord, or you'd prefer not to run each of your
|
|
|
|
# examples within a transaction, remove the following line or assign false
|
|
|
|
# instead of true.
|
|
|
|
config.use_transactional_fixtures = true
|
2013-02-06 03:16:51 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
# If true, the base class of anonymous controllers will be inferred
|
|
|
|
# automatically. This will be the default behavior in future versions of
|
|
|
|
# rspec-rails.
|
|
|
|
config.infer_base_class_for_anonymous_controllers = true
|
2013-02-06 03:16:51 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
config.before(:suite) do
|
2022-02-23 00:45:25 +08:00
|
|
|
CachedCounting.disable
|
|
|
|
|
2019-12-13 20:50:18 +08:00
|
|
|
begin
|
|
|
|
ActiveRecord::Migration.check_pending!
|
|
|
|
rescue ActiveRecord::PendingMigrationError
|
|
|
|
raise "There are pending migrations, run RAILS_ENV=test bin/rake db:migrate"
|
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
Sidekiq.error_handlers.clear
|
2014-07-31 16:46:02 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
# Ugly, but needed until we have a user creator
|
|
|
|
User.skip_callback(:create, :after, :ensure_in_trust_level_group)
|
2014-06-17 08:46:30 +08:00
|
|
|
|
2020-05-13 19:25:34 +08:00
|
|
|
DiscoursePluginRegistry.reset! if ENV['LOAD_PLUGINS'] != "1"
|
2017-08-10 05:50:59 +08:00
|
|
|
Discourse.current_user_provider = TestCurrentUserProvider
|
2014-03-28 13:34:20 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
SiteSetting.refresh!
|
2014-03-28 13:34:20 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
# Rebase defaults
|
|
|
|
#
|
|
|
|
# We nuke the DB storage provider from site settings, so need to yank out the existing settings
|
|
|
|
# and pretend they are default.
|
|
|
|
# There are a bunch of settings that are seeded, they must be loaded as defaults
|
|
|
|
SiteSetting.current.each do |k, v|
|
|
|
|
# skip setting defaults for settings that are in unloaded plugins
|
|
|
|
SiteSetting.defaults.set_regardless_of_locale(k, v) if SiteSetting.respond_to? k
|
|
|
|
end
|
2014-03-28 13:34:20 +08:00
|
|
|
|
2020-08-18 21:38:30 +08:00
|
|
|
SiteSetting.provider = TestLocalProcessProvider.new
|
2017-05-26 15:19:09 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
WebMock.disable_net_connect!
|
2021-12-08 02:26:35 +08:00
|
|
|
|
|
|
|
if ENV['ELEVATED_UPLOADS_ID']
|
|
|
|
DB.exec "SELECT setval('uploads_id_seq', 10000)"
|
|
|
|
else
|
|
|
|
DB.exec "SELECT setval('uploads_id_seq', 1)"
|
|
|
|
end
|
2017-08-10 05:50:59 +08:00
|
|
|
end
|
2014-03-28 13:34:20 +08:00
|
|
|
|
2020-08-18 21:38:30 +08:00
|
|
|
class TestLocalProcessProvider < SiteSettings::LocalProcessProvider
|
|
|
|
attr_accessor :current_site
|
|
|
|
|
|
|
|
def initialize
|
|
|
|
super
|
|
|
|
self.current_site = "test"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-05-21 15:01:30 +08:00
|
|
|
config.after :each do |x|
|
|
|
|
if x.exception && ex = RspecErrorTracker.last_exception
|
|
|
|
# magic in a cause if we have none
|
|
|
|
unless x.exception.cause
|
|
|
|
class << x.exception
|
|
|
|
attr_accessor :cause
|
|
|
|
end
|
|
|
|
x.exception.cause = ex
|
|
|
|
end
|
|
|
|
end
|
2018-06-12 11:43:41 +08:00
|
|
|
|
|
|
|
unfreeze_time
|
2018-08-21 14:29:58 +08:00
|
|
|
ActionMailer::Base.deliveries.clear
|
2018-07-11 09:54:01 +08:00
|
|
|
|
2019-01-09 10:53:38 +08:00
|
|
|
if ActiveRecord::Base.connection_pool.stat[:busy] > 1
|
|
|
|
raise ActiveRecord::Base.connection_pool.stat.inspect
|
|
|
|
end
|
2018-05-21 15:01:30 +08:00
|
|
|
end
|
|
|
|
|
2020-05-19 07:09:36 +08:00
|
|
|
config.after(:suite) do
|
|
|
|
if SpecSecureRandom.value
|
|
|
|
FileUtils.remove_dir(file_from_fixtures_tmp_folder, true)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-05-07 11:12:20 +08:00
|
|
|
config.before :each, &TestSetup.method(:test_setup)
|
2013-02-06 03:16:51 +08:00
|
|
|
|
2020-11-12 03:46:13 +08:00
|
|
|
config.around :each do |example|
|
|
|
|
before_event_count = DiscourseEvent.events.values.sum(&:count)
|
|
|
|
example.run
|
|
|
|
after_event_count = DiscourseEvent.events.values.sum(&:count)
|
|
|
|
expect(before_event_count).to eq(after_event_count), "DiscourseEvent registrations were not cleaned up"
|
|
|
|
end
|
|
|
|
|
2020-12-08 08:03:31 +08:00
|
|
|
config.before :each do
|
|
|
|
# This allows DB.transaction_open? to work in tests. See lib/mini_sql_multisite_connection.rb
|
|
|
|
DB.test_transaction = ActiveRecord::Base.connection.current_transaction
|
|
|
|
end
|
|
|
|
|
2021-11-12 00:44:58 +08:00
|
|
|
# Match the request hostname to the value in `database.yml`
|
|
|
|
config.before(:all, type: [:request, :multisite]) { host! "test.localhost" }
|
|
|
|
config.before(:each, type: [:request, :multisite]) { host! "test.localhost" }
|
|
|
|
|
2018-09-11 10:15:06 +08:00
|
|
|
config.before(:each, type: :multisite) do
|
2020-03-26 23:32:41 +08:00
|
|
|
Rails.configuration.multisite = true # rubocop:disable Discourse/NoDirectMultisiteManipulation
|
2019-01-15 12:52:12 +08:00
|
|
|
|
2018-09-11 10:15:06 +08:00
|
|
|
RailsMultisite::ConnectionManagement.config_filename =
|
|
|
|
"spec/fixtures/multisite/two_dbs.yml"
|
2020-04-15 23:42:48 +08:00
|
|
|
|
|
|
|
RailsMultisite::ConnectionManagement.establish_connection(db: 'default')
|
2018-09-11 10:15:06 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
config.after(:each, type: :multisite) do
|
2019-01-15 12:52:12 +08:00
|
|
|
ActiveRecord::Base.clear_all_connections!
|
2020-03-26 23:32:41 +08:00
|
|
|
Rails.configuration.multisite = false # rubocop:disable Discourse/NoDirectMultisiteManipulation
|
2018-09-11 10:15:06 +08:00
|
|
|
RailsMultisite::ConnectionManagement.clear_settings!
|
|
|
|
ActiveRecord::Base.establish_connection
|
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
class TestCurrentUserProvider < Auth::DefaultCurrentUserProvider
|
2018-11-12 22:34:12 +08:00
|
|
|
def log_on_user(user, session, cookies, opts = {})
|
2017-08-10 05:50:59 +08:00
|
|
|
session[:current_user_id] = user.id
|
|
|
|
super
|
2017-07-24 21:17:42 +08:00
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
def log_off_user(session, cookies)
|
|
|
|
session[:current_user_id] = nil
|
|
|
|
super
|
2017-02-15 23:58:18 +08:00
|
|
|
end
|
2017-08-10 05:50:59 +08:00
|
|
|
end
|
2017-02-15 23:58:18 +08:00
|
|
|
|
2019-01-10 04:13:02 +08:00
|
|
|
# Normally we `use_transactional_fixtures` to clear out a database after a test
|
|
|
|
# runs. However, this does not apply to tests done for multisite. The second time
|
|
|
|
# a test runs you can end up with stale data that breaks things. This method will
|
|
|
|
# force a rollback after using a multisite connection.
|
|
|
|
def test_multisite_connection(name)
|
|
|
|
RailsMultisite::ConnectionManagement.with_connection(name) do
|
2019-08-01 22:25:59 +08:00
|
|
|
ActiveRecord::Base.transaction(joinable: false) do
|
|
|
|
yield
|
|
|
|
raise ActiveRecord::Rollback
|
2019-01-10 04:13:02 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
class TrackTimeStub
|
|
|
|
def self.stubbed
|
|
|
|
false
|
2017-07-24 21:17:42 +08:00
|
|
|
end
|
2017-08-10 05:50:59 +08:00
|
|
|
end
|
|
|
|
|
2017-10-06 13:20:01 +08:00
|
|
|
def before_next_spec(&callback)
|
|
|
|
($test_cleanup_callbacks ||= []) << callback
|
|
|
|
end
|
|
|
|
|
|
|
|
def global_setting(name, value)
|
|
|
|
GlobalSetting.reset_s3_cache!
|
|
|
|
|
|
|
|
GlobalSetting.stubs(name).returns(value)
|
|
|
|
|
|
|
|
before_next_spec do
|
|
|
|
GlobalSetting.reset_s3_cache!
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def set_cdn_url(cdn_url)
|
|
|
|
global_setting :cdn_url, cdn_url
|
|
|
|
Rails.configuration.action_controller.asset_host = cdn_url
|
|
|
|
ActionController::Base.asset_host = cdn_url
|
|
|
|
|
|
|
|
before_next_spec do
|
|
|
|
Rails.configuration.action_controller.asset_host = nil
|
|
|
|
ActionController::Base.asset_host = nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
def freeze_time(now = Time.now)
|
2019-03-28 14:28:01 +08:00
|
|
|
time = now
|
|
|
|
datetime = now
|
|
|
|
|
|
|
|
if Time === now
|
|
|
|
datetime = now.to_datetime
|
|
|
|
elsif DateTime === now
|
|
|
|
time = now.to_time
|
|
|
|
else
|
|
|
|
datetime = DateTime.parse(now.to_s)
|
|
|
|
time = Time.parse(now.to_s)
|
|
|
|
end
|
2017-07-24 21:17:42 +08:00
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
if block_given?
|
|
|
|
raise "nested freeze time not supported" if TrackTimeStub.stubbed
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
DateTime.stubs(:now).returns(datetime)
|
|
|
|
Time.stubs(:now).returns(time)
|
|
|
|
Date.stubs(:today).returns(datetime.to_date)
|
|
|
|
TrackTimeStub.stubs(:stubbed).returns(true)
|
|
|
|
|
|
|
|
if block_given?
|
|
|
|
begin
|
|
|
|
yield
|
|
|
|
ensure
|
|
|
|
unfreeze_time
|
|
|
|
end
|
2020-03-11 05:13:17 +08:00
|
|
|
else
|
|
|
|
time
|
2014-07-14 23:34:23 +08:00
|
|
|
end
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
def unfreeze_time
|
|
|
|
DateTime.unstub(:now)
|
|
|
|
Time.unstub(:now)
|
|
|
|
Date.unstub(:today)
|
|
|
|
TrackTimeStub.unstub(:stubbed)
|
2013-05-16 13:03:03 +08:00
|
|
|
end
|
|
|
|
|
2017-08-10 05:50:59 +08:00
|
|
|
def file_from_fixtures(filename, directory = "images")
|
2020-05-19 07:09:36 +08:00
|
|
|
SpecSecureRandom.value ||= SecureRandom.hex
|
2022-01-06 01:45:08 +08:00
|
|
|
FileUtils.mkdir_p(file_from_fixtures_tmp_folder) unless Dir.exist?(file_from_fixtures_tmp_folder)
|
2020-05-19 07:09:36 +08:00
|
|
|
tmp_file_path = File.join(file_from_fixtures_tmp_folder, SecureRandom.hex << filename)
|
|
|
|
FileUtils.cp("#{Rails.root}/spec/fixtures/#{directory}/#{filename}", tmp_file_path)
|
|
|
|
File.new(tmp_file_path)
|
|
|
|
end
|
|
|
|
|
|
|
|
def file_from_fixtures_tmp_folder
|
|
|
|
File.join(Dir.tmpdir, "rspec_#{Process.pid}_#{SpecSecureRandom.value}")
|
2017-08-10 05:50:59 +08:00
|
|
|
end
|
2018-10-08 15:47:38 +08:00
|
|
|
|
|
|
|
def has_trigger?(trigger_name)
|
|
|
|
DB.exec(<<~SQL) != 0
|
|
|
|
SELECT 1
|
|
|
|
FROM INFORMATION_SCHEMA.TRIGGERS
|
|
|
|
WHERE trigger_name = '#{trigger_name}'
|
|
|
|
SQL
|
|
|
|
end
|
2018-11-19 21:50:00 +08:00
|
|
|
|
|
|
|
def silence_stdout
|
|
|
|
STDOUT.stubs(:write)
|
|
|
|
yield
|
|
|
|
ensure
|
|
|
|
STDOUT.unstub(:write)
|
|
|
|
end
|
2020-04-08 10:42:28 +08:00
|
|
|
|
2022-05-05 09:50:43 +08:00
|
|
|
def track_log_messages
|
2020-04-08 10:42:28 +08:00
|
|
|
old_logger = Rails.logger
|
2022-05-05 09:50:43 +08:00
|
|
|
logger = Rails.logger = FakeLogger.new
|
|
|
|
yield logger
|
|
|
|
logger
|
2020-04-08 10:42:28 +08:00
|
|
|
ensure
|
|
|
|
Rails.logger = old_logger
|
|
|
|
end
|
2020-05-19 07:09:36 +08:00
|
|
|
|
FEATURE: Apply rate limits per user instead of IP for trusted users (#14706)
Currently, Discourse rate limits all incoming requests by the IP address they
originate from regardless of the user making the request. This can be
frustrating if there are multiple users using Discourse simultaneously while
sharing the same IP address (e.g. employees in an office).
This commit implements a new feature to make Discourse apply rate limits by
user id rather than IP address for users at or higher than the configured trust
level (1 is the default).
For example, let's say a Discourse instance is configured to allow 200 requests
per minute per IP address, and we have 10 users at trust level 4 using
Discourse simultaneously from the same IP address. Before this feature, the 10
users could only make a total of 200 requests per minute before they got rate
limited. But with the new feature, each user is allowed to make 200 requests
per minute because the rate limits are applied on user id rather than the IP
address.
The minimum trust level for applying user-id-based rate limits can be
configured by the `skip_per_ip_rate_limit_trust_level` global setting. The
default is 1, but it can be changed by either adding the
`DISCOURSE_SKIP_PER_IP_RATE_LIMIT_TRUST_LEVEL` environment variable with the
desired value to your `app.yml`, or changing the setting's value in the
`discourse.conf` file.
Requests made with API keys are still rate limited by IP address and the
relevant global settings that control API keys rate limits.
Before this commit, Discourse's auth cookie (`_t`) was simply a 32 characters
string that Discourse used to lookup the current user from the database and the
cookie contained no additional information about the user. However, we had to
change the cookie content in this commit so we could identify the user from the
cookie without making a database query before the rate limits logic and avoid
introducing a bottleneck on busy sites.
Besides the 32 characters auth token, the cookie now includes the user id,
trust level and the cookie's generation date, and we encrypt/sign the cookie to
prevent tampering.
Internal ticket number: t54739.
2021-11-18 04:27:30 +08:00
|
|
|
# this takes a string and returns a copy where 2 different
|
|
|
|
# characters are swapped.
|
|
|
|
# e.g.
|
|
|
|
# swap_2_different_characters("abc") => "bac"
|
|
|
|
# swap_2_different_characters("aac") => "caa"
|
|
|
|
def swap_2_different_characters(str)
|
|
|
|
swap1 = 0
|
|
|
|
swap2 = str.split("").find_index { |c| c != str[swap1] }
|
|
|
|
# if the string is made up of 1 character
|
|
|
|
return str if !swap2
|
|
|
|
str = str.dup
|
|
|
|
str[swap1], str[swap2] = str[swap2], str[swap1]
|
|
|
|
str
|
|
|
|
end
|
|
|
|
|
|
|
|
def create_request_env(path: nil)
|
|
|
|
env = Rails.application.env_config.dup
|
|
|
|
env.merge!(Rack::MockRequest.env_for(path)) if path
|
|
|
|
env
|
|
|
|
end
|
|
|
|
|
2022-05-19 22:58:31 +08:00
|
|
|
def create_auth_cookie(token:, user_id: nil, trust_level: nil, issued_at: Time.current)
|
FEATURE: Apply rate limits per user instead of IP for trusted users (#14706)
Currently, Discourse rate limits all incoming requests by the IP address they
originate from regardless of the user making the request. This can be
frustrating if there are multiple users using Discourse simultaneously while
sharing the same IP address (e.g. employees in an office).
This commit implements a new feature to make Discourse apply rate limits by
user id rather than IP address for users at or higher than the configured trust
level (1 is the default).
For example, let's say a Discourse instance is configured to allow 200 requests
per minute per IP address, and we have 10 users at trust level 4 using
Discourse simultaneously from the same IP address. Before this feature, the 10
users could only make a total of 200 requests per minute before they got rate
limited. But with the new feature, each user is allowed to make 200 requests
per minute because the rate limits are applied on user id rather than the IP
address.
The minimum trust level for applying user-id-based rate limits can be
configured by the `skip_per_ip_rate_limit_trust_level` global setting. The
default is 1, but it can be changed by either adding the
`DISCOURSE_SKIP_PER_IP_RATE_LIMIT_TRUST_LEVEL` environment variable with the
desired value to your `app.yml`, or changing the setting's value in the
`discourse.conf` file.
Requests made with API keys are still rate limited by IP address and the
relevant global settings that control API keys rate limits.
Before this commit, Discourse's auth cookie (`_t`) was simply a 32 characters
string that Discourse used to lookup the current user from the database and the
cookie contained no additional information about the user. However, we had to
change the cookie content in this commit so we could identify the user from the
cookie without making a database query before the rate limits logic and avoid
introducing a bottleneck on busy sites.
Besides the 32 characters auth token, the cookie now includes the user id,
trust level and the cookie's generation date, and we encrypt/sign the cookie to
prevent tampering.
Internal ticket number: t54739.
2021-11-18 04:27:30 +08:00
|
|
|
data = {
|
|
|
|
token: token,
|
|
|
|
user_id: user_id,
|
|
|
|
trust_level: trust_level,
|
|
|
|
issued_at: issued_at.to_i
|
|
|
|
}
|
2022-05-19 22:58:31 +08:00
|
|
|
jar = ActionDispatch::Cookies::CookieJar.build(ActionDispatch::TestRequest.create, {})
|
|
|
|
jar.encrypted[:_t] = { value: data }
|
|
|
|
CGI.escape(jar[:_t])
|
FEATURE: Apply rate limits per user instead of IP for trusted users (#14706)
Currently, Discourse rate limits all incoming requests by the IP address they
originate from regardless of the user making the request. This can be
frustrating if there are multiple users using Discourse simultaneously while
sharing the same IP address (e.g. employees in an office).
This commit implements a new feature to make Discourse apply rate limits by
user id rather than IP address for users at or higher than the configured trust
level (1 is the default).
For example, let's say a Discourse instance is configured to allow 200 requests
per minute per IP address, and we have 10 users at trust level 4 using
Discourse simultaneously from the same IP address. Before this feature, the 10
users could only make a total of 200 requests per minute before they got rate
limited. But with the new feature, each user is allowed to make 200 requests
per minute because the rate limits are applied on user id rather than the IP
address.
The minimum trust level for applying user-id-based rate limits can be
configured by the `skip_per_ip_rate_limit_trust_level` global setting. The
default is 1, but it can be changed by either adding the
`DISCOURSE_SKIP_PER_IP_RATE_LIMIT_TRUST_LEVEL` environment variable with the
desired value to your `app.yml`, or changing the setting's value in the
`discourse.conf` file.
Requests made with API keys are still rate limited by IP address and the
relevant global settings that control API keys rate limits.
Before this commit, Discourse's auth cookie (`_t`) was simply a 32 characters
string that Discourse used to lookup the current user from the database and the
cookie contained no additional information about the user. However, we had to
change the cookie content in this commit so we could identify the user from the
cookie without making a database query before the rate limits logic and avoid
introducing a bottleneck on busy sites.
Besides the 32 characters auth token, the cookie now includes the user id,
trust level and the cookie's generation date, and we encrypt/sign the cookie to
prevent tampering.
Internal ticket number: t54739.
2021-11-18 04:27:30 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
def decrypt_auth_cookie(cookie)
|
2022-05-19 22:58:31 +08:00
|
|
|
ActionDispatch::Cookies::CookieJar
|
|
|
|
.build(ActionDispatch::TestRequest.create, { _t: cookie })
|
|
|
|
.encrypted[:_t]
|
|
|
|
.with_indifferent_access
|
FEATURE: Apply rate limits per user instead of IP for trusted users (#14706)
Currently, Discourse rate limits all incoming requests by the IP address they
originate from regardless of the user making the request. This can be
frustrating if there are multiple users using Discourse simultaneously while
sharing the same IP address (e.g. employees in an office).
This commit implements a new feature to make Discourse apply rate limits by
user id rather than IP address for users at or higher than the configured trust
level (1 is the default).
For example, let's say a Discourse instance is configured to allow 200 requests
per minute per IP address, and we have 10 users at trust level 4 using
Discourse simultaneously from the same IP address. Before this feature, the 10
users could only make a total of 200 requests per minute before they got rate
limited. But with the new feature, each user is allowed to make 200 requests
per minute because the rate limits are applied on user id rather than the IP
address.
The minimum trust level for applying user-id-based rate limits can be
configured by the `skip_per_ip_rate_limit_trust_level` global setting. The
default is 1, but it can be changed by either adding the
`DISCOURSE_SKIP_PER_IP_RATE_LIMIT_TRUST_LEVEL` environment variable with the
desired value to your `app.yml`, or changing the setting's value in the
`discourse.conf` file.
Requests made with API keys are still rate limited by IP address and the
relevant global settings that control API keys rate limits.
Before this commit, Discourse's auth cookie (`_t`) was simply a 32 characters
string that Discourse used to lookup the current user from the database and the
cookie contained no additional information about the user. However, we had to
change the cookie content in this commit so we could identify the user from the
cookie without making a database query before the rate limits logic and avoid
introducing a bottleneck on busy sites.
Besides the 32 characters auth token, the cookie now includes the user id,
trust level and the cookie's generation date, and we encrypt/sign the cookie to
prevent tampering.
Internal ticket number: t54739.
2021-11-18 04:27:30 +08:00
|
|
|
end
|
|
|
|
|
2020-05-19 07:09:36 +08:00
|
|
|
class SpecSecureRandom
|
|
|
|
class << self
|
|
|
|
attr_accessor :value
|
|
|
|
end
|
|
|
|
end
|