mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 02:19:27 +08:00
9174716737
This method is a huge footgun in production, since it calls
the Redis KEYS command. From the Redis documentation at
https://redis.io/commands/keys/:
> Warning: consider KEYS as a command that should only be used in
production environments with extreme care. It may ruin performance when
it is executed against large databases. This command is intended for
debugging and special operations, such as changing your keyspace layout.
Don't use KEYS in your regular application code.
Since we were only using `delete_prefixed` in specs (now that we
removed the usage in production in 24ec06ff85
)
we can remove this and instead rely on `use_redis_snapshotting` on the
particular tests that need this kind of clearing functionality.
66 lines
1.7 KiB
Ruby
66 lines
1.7 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
RSpec.describe SlugsController do
|
|
fab!(:current_user) { Fabricate(:user, trust_level: TrustLevel[4]) }
|
|
|
|
describe "#generate" do
|
|
let(:name) { "Arts & Media" }
|
|
|
|
context "when user not logged in" do
|
|
it "returns a 403 error" do
|
|
post "/slugs.json", params: { name: name }
|
|
expect(response.status).to eq(403)
|
|
end
|
|
end
|
|
|
|
context "when user is logged in" do
|
|
before { sign_in(current_user) }
|
|
|
|
it "generates a slug from the name" do
|
|
post "/slugs.json", params: { name: name }
|
|
expect(response.status).to eq(200)
|
|
expect(response.parsed_body["slug"]).to eq(Slug.for(name, ""))
|
|
end
|
|
|
|
it "requires name" do
|
|
post "/slugs.json"
|
|
expect(response.status).to eq(400)
|
|
end
|
|
|
|
describe "rate limiting" do
|
|
before { RateLimiter.enable }
|
|
|
|
use_redis_snapshotting
|
|
|
|
it "rate limits" do
|
|
stub_const(SlugsController, "MAX_SLUG_GENERATIONS_PER_MINUTE", 1) do
|
|
post "/slugs.json?name=#{name}"
|
|
post "/slugs.json?name=#{name}"
|
|
end
|
|
|
|
expect(response.status).to eq(429)
|
|
end
|
|
end
|
|
|
|
context "when user is not TL4 or higher" do
|
|
before { current_user.change_trust_level!(1) }
|
|
|
|
it "returns a 403 error" do
|
|
post "/slugs.json?name=#{name}"
|
|
expect(response.status).to eq(403)
|
|
end
|
|
end
|
|
|
|
context "when user is admin" do
|
|
fab!(:current_user) { Fabricate(:admin) }
|
|
|
|
it "generates a slug from the name" do
|
|
post "/slugs.json", params: { name: name }
|
|
expect(response.status).to eq(200)
|
|
expect(response.parsed_body["slug"]).to eq(Slug.for(name, ""))
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|