CartoDB-SQL-API/test/acceptance/rate-limit-test.js

'use strict';

require('../helper');

const qs = require('querystring');
const assert = require('../support/assert');
const redis = require('redis');
const rateLimitMiddleware = require('../../lib/api/middlewares/rate-limit');
const { RATE_LIMIT_ENDPOINTS_GROUPS } = rateLimitMiddleware;

const app = require('../../lib/server');
let server;

let redisClient;
const keysToDelete = [];
const user = 'vizzuality';

var request = {
    url: '/api/v1/sql?' + qs.stringify({
        q: 'SELECT * FROM untitle_table_4'
    }),
    headers: {
        host: 'vizzuality.cartodb.com'
    },
    method: 'GET'
};

function setLimit (count, period, burst) {
    redisClient.SELECT(8, err => {
        if (err) {
            return;
        }

        const key = `limits:rate:store:${user}:sql:${RATE_LIMIT_ENDPOINTS_GROUPS.QUERY}`;
        redisClient.rpush(key, burst);
        redisClient.rpush(key, count);
        redisClient.rpush(key, period);
        keysToDelete.push(key);
    });
}

function assertRequest (status, limit, remaining, reset, retry, done = null) {
    assert.response(
        server,
        request,
        { status },
        function (err, res) {
            assert.ifError(err);
            assert.strictEqual(res.headers['carto-rate-limit-limit'], limit);
            assert.strictEqual(res.headers['carto-rate-limit-remaining'], remaining);
            assert.strictEqual(res.headers['carto-rate-limit-reset'], reset);

            if (retry) {
                assert.strictEqual(res.headers['retry-after'], retry);
            }

            if (status === 429) {
                const expectedResponse = {
                    error: ['You are over platform\'s limits. Please contact us to know more details'],
                    context: 'limit',
                    detail: 'rate-limit'
                };

                assert.deepStrictEqual(JSON.parse(res.body), expectedResponse);
            }

            if (done) {
                setTimeout(done, 1000);
            }
        }
    );
}

describe('rate limit', function () {
    before(function () {
        global.settings.ratelimits.rateLimitsEnabled = true;
        global.settings.ratelimits.endpoints.query = true;

        server = app();
        redisClient = redis.createClient(global.settings.redis_port);

        const count = 1;
        const period = 1;
        const burst = 1;
        setLimit(count, period, burst);
    });

    after(function () {
        global.settings.ratelimits.rateLimitsEnabled = false;
        global.settings.ratelimits.endpoints.query = false;

        keysToDelete.forEach(key => {
            redisClient.del(key);
        });
    });

    it('1 req/sec: 2 req/seg should be limited', function (done) {
        assertRequest(200, '2', '1', '1');
        setTimeout(() => assertRequest(200, '2', '0', '1', null), 250);
        setTimeout(() => assertRequest(429, '2', '0', '1', '1'), 500);
        setTimeout(() => assertRequest(429, '2', '0', '1', '1'), 750);
        setTimeout(() => assertRequest(429, '2', '0', '1', '1'), 950);
        setTimeout(() => assertRequest(200, '2', '0', '1', null, done), 1050);
    });
});
Use strict mode 2018-10-24 21:42:33 +08:00			`'use strict';`

adding rate limit tests 2018-03-02 20:18:19 +08:00			`require('../helper');`

			`const qs = require('querystring');`
			`const assert = require('../support/assert');`
			`const redis = require('redis');`
Changed folder structure to reflect application functionallity. Renamed files using hyphens instead of underscore to have a more consistent naming across the whole project 2019-10-04 00:24:39 +08:00			`const rateLimitMiddleware = require('../../lib/api/middlewares/rate-limit');`
adding rate limit tests 2018-03-02 20:18:19 +08:00			`const { RATE_LIMIT_ENDPOINTS_GROUPS } = rateLimitMiddleware;`

Changed folder structure to reflect application functionallity. Renamed files using hyphens instead of underscore to have a more consistent naming across the whole project 2019-10-04 00:24:39 +08:00			`const app = require('../../lib/server');`
previous comment 2018-03-02 23:43:01 +08:00			`let server;`
adding rate limit tests 2018-03-02 20:18:19 +08:00
			`let redisClient;`
Run eslint --fix 2019-12-24 01:19:08 +08:00			`const keysToDelete = [];`
adding rate limit tests 2018-03-02 20:18:19 +08:00			`const user = 'vizzuality';`

			`var request = {`
			`url: '/api/v1/sql?' + qs.stringify({`
			`q: 'SELECT * FROM untitle_table_4'`
			`}),`
			`headers: {`
			`host: 'vizzuality.cartodb.com'`
			`},`
			`method: 'GET'`
			`};`

Run eslint --fix 2019-12-24 01:19:08 +08:00			`function setLimit (count, period, burst) {`
adding rate limit tests 2018-03-02 20:18:19 +08:00			`redisClient.SELECT(8, err => {`
			`if (err) {`
			`return;`
			`}`

Use strict mode 2018-10-24 21:42:33 +08:00			const key = `limits:rate:store:${user}:sql:${RATE_LIMIT_ENDPOINTS_GROUPS.QUERY}`;
adding rate limit tests 2018-03-02 20:18:19 +08:00			`redisClient.rpush(key, burst);`
			`redisClient.rpush(key, count);`
			`redisClient.rpush(key, period);`
			`keysToDelete.push(key);`
			`});`
			`}`

change assertRequest function name 2018-03-03 03:16:58 +08:00			`function assertRequest (status, limit, remaining, reset, retry, done = null) {`
refactoring rate limit test 2018-03-03 03:14:10 +08:00			`assert.response(`
Use strict mode 2018-10-24 21:42:33 +08:00			`server,`
			`request,`
			`{ status },`
Run eslint --fix 2019-12-24 01:19:08 +08:00			`function (err, res) {`
refactoring rate limit test 2018-03-03 03:14:10 +08:00			`assert.ifError(err);`
Use asert.strict mode 2019-12-26 21:01:18 +08:00			`assert.strictEqual(res.headers['carto-rate-limit-limit'], limit);`
			`assert.strictEqual(res.headers['carto-rate-limit-remaining'], remaining);`
			`assert.strictEqual(res.headers['carto-rate-limit-reset'], reset);`
removing retry after when no necessary 2018-03-23 22:09:16 +08:00
			`if (retry) {`
Use asert.strict mode 2019-12-26 21:01:18 +08:00			`assert.strictEqual(res.headers['retry-after'], retry);`
removing retry after when no necessary 2018-03-23 22:09:16 +08:00			`}`
refactoring rate limit test 2018-03-03 03:14:10 +08:00
Run eslint --fix 2019-12-24 01:19:08 +08:00			`if (status === 429) {`
Use strict mode 2018-10-24 21:42:33 +08:00			`const expectedResponse = {`
Fix eslint errors 2019-12-26 23:10:41 +08:00			`error: ['You are over platform\'s limits. Please contact us to know more details'],`
Run eslint --fix 2019-12-24 01:19:08 +08:00			`context: 'limit',`
			`detail: 'rate-limit'`
adding and testing limits error response with params 2018-03-27 01:10:23 +08:00			`};`

Use asert.strict mode 2019-12-26 21:01:18 +08:00			`assert.deepStrictEqual(JSON.parse(res.body), expectedResponse);`
adding and testing limits error response with params 2018-03-27 01:10:23 +08:00			`}`

refactoring rate limit test 2018-03-03 03:14:10 +08:00			`if (done) {`
			`setTimeout(done, 1000);`
			`}`
			`}`
			`);`
			`}`

Run eslint --fix 2019-12-24 01:19:08 +08:00			`describe('rate limit', function () {`
			`before(function () {`
adding rate limit tests 2018-03-02 20:18:19 +08:00			`global.settings.ratelimits.rateLimitsEnabled = true;`
			`global.settings.ratelimits.endpoints.query = true;`
Use strict mode 2018-10-24 21:42:33 +08:00
previous comment 2018-03-02 23:43:01 +08:00			`server = app();`
adding rate limit tests 2018-03-02 20:18:19 +08:00			`redisClient = redis.createClient(global.settings.redis_port);`

			`const count = 1;`
			`const period = 1;`
			`const burst = 1;`
			`setLimit(count, period, burst);`
			`});`

Run eslint --fix 2019-12-24 01:19:08 +08:00			`after(function () {`
adding rate limit tests 2018-03-02 20:18:19 +08:00			`global.settings.ratelimits.rateLimitsEnabled = false;`
			`global.settings.ratelimits.endpoints.query = false;`

Run eslint --fix 2019-12-24 01:19:08 +08:00			`keysToDelete.forEach(key => {`
adding rate limit tests 2018-03-02 20:18:19 +08:00			`redisClient.del(key);`
			`});`
			`});`

Run eslint --fix 2019-12-24 01:19:08 +08:00			`it('1 req/sec: 2 req/seg should be limited', function (done) {`
Use asert.strict mode 2019-12-26 21:01:18 +08:00			`assertRequest(200, '2', '1', '1');`
			`setTimeout(() => assertRequest(200, '2', '0', '1', null), 250);`
			`setTimeout(() => assertRequest(429, '2', '0', '1', '1'), 500);`
			`setTimeout(() => assertRequest(429, '2', '0', '1', '1'), 750);`
			`setTimeout(() => assertRequest(429, '2', '0', '1', '1'), 950);`
			`setTimeout(() => assertRequest(200, '2', '0', '1', null, done), 1050);`
adding rate limit tests 2018-03-02 20:18:19 +08:00			`});`
			`});`