3 files changed, 128 insertions, 50 deletions

diff --git a/test/plugs/cache_control_test.exs b/test/plugs/cache_control_test.exs
new file mode 100644
index 000000000..45151b289
--- /dev/null
+++ b/test/plugs/cache_control_test.exs
@@ -0,0 +1,20 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.CacheControlTest do
+  use Pleroma.Web.ConnCase
+  alias Plug.Conn
+
+  test "Verify Cache-Control header on static assets", %{conn: conn} do
+    conn = get(conn, "/index.html")
+
+    assert Conn.get_resp_header(conn, "cache-control") == ["public, no-cache"]
+  end
+
+  test "Verify Cache-Control header on the API", %{conn: conn} do
+    conn = get(conn, "/api/v1/instance")
+
+    assert Conn.get_resp_header(conn, "cache-control") == ["max-age=0, private, must-revalidate"]
+  end
+end
diff --git a/test/plugs/rate_limit_plug_test.exs b/test/plugs/rate_limit_plug_test.exs
deleted file mode 100644
index 2ec9a8fb7..000000000
--- a/test/plugs/rate_limit_plug_test.exs
+++ /dev/null
@@ -1,50 +0,0 @@
-defmodule Pleroma.Plugs.RateLimitPlugTest do
-  use ExUnit.Case, async: true
-  use Plug.Test
-
-  alias Pleroma.Plugs.RateLimitPlug
-
-  @opts RateLimitPlug.init(%{max_requests: 5, interval: 1})
-
-  setup do
-    enabled = Pleroma.Config.get([:app_account_creation, :enabled])
-
-    Pleroma.Config.put([:app_account_creation, :enabled], true)
-
-    on_exit(fn ->
-      Pleroma.Config.put([:app_account_creation, :enabled], enabled)
-    end)
-
-    :ok
-  end
-
-  test "it restricts by opts" do
-    conn = conn(:get, "/")
-    bucket_name = conn.remote_ip |> Tuple.to_list() |> Enum.join(".")
-    ms = 1000
-
-    conn = RateLimitPlug.call(conn, @opts)
-    {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5)
-    conn = RateLimitPlug.call(conn, @opts)
-    {2, 3, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5)
-    conn = RateLimitPlug.call(conn, @opts)
-    {3, 2, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5)
-    conn = RateLimitPlug.call(conn, @opts)
-    {4, 1, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5)
-    conn = RateLimitPlug.call(conn, @opts)
-    {5, 0, to_reset, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5)
-    conn = RateLimitPlug.call(conn, @opts)
-    assert conn.status == 403
-    assert conn.halted
-    assert conn.resp_body == "{\"error\":\"Rate limit exceeded.\"}"
-
-    Process.sleep(to_reset)
-
-    conn = conn(:get, "/")
-    conn = RateLimitPlug.call(conn, @opts)
-    {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, ms, 5)
-    refute conn.status == 403
-    refute conn.halted
-    refute conn.resp_body
-  end
-end
diff --git a/test/plugs/rate_limiter_test.exs b/test/plugs/rate_limiter_test.exs
new file mode 100644
index 000000000..b8d6aff89
--- /dev/null
+++ b/test/plugs/rate_limiter_test.exs
@@ -0,0 +1,108 @@
+defmodule Pleroma.Plugs.RateLimiterTest do
+  use ExUnit.Case, async: true
+  use Plug.Test
+
+  alias Pleroma.Plugs.RateLimiter
+
+  import Pleroma.Factory
+
+  @limiter_name :testing
+
+  test "init/1" do
+    Pleroma.Config.put([:rate_limit, @limiter_name], {1, 1})
+
+    assert {@limiter_name, {1, 1}} == RateLimiter.init(@limiter_name)
+    assert nil == RateLimiter.init(:foo)
+  end
+
+  test "ip/1" do
+    assert "127.0.0.1" == RateLimiter.ip(%{remote_ip: {127, 0, 0, 1}})
+  end
+
+  test "it restricts by opts" do
+    scale = 1000
+    limit = 5
+
+    Pleroma.Config.put([:rate_limit, @limiter_name], {scale, limit})
+
+    opts = RateLimiter.init(@limiter_name)
+    conn = conn(:get, "/")
+    bucket_name = "#{@limiter_name}:#{RateLimiter.ip(conn)}"
+
+    conn = RateLimiter.call(conn, opts)
+    assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {2, 3, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {3, 2, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {4, 1, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {5, 0, to_reset, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+
+    assert %{"error" => "Throttled"} = Phoenix.ConnTest.json_response(conn, :too_many_requests)
+    assert conn.halted
+
+    Process.sleep(to_reset)
+
+    conn = conn(:get, "/")
+
+    conn = RateLimiter.call(conn, opts)
+    assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    refute conn.status == Plug.Conn.Status.code(:too_many_requests)
+    refute conn.resp_body
+    refute conn.halted
+  end
+
+  test "optional limits for authenticated users" do
+    Ecto.Adapters.SQL.Sandbox.checkout(Pleroma.Repo)
+
+    scale = 1000
+    limit = 5
+    Pleroma.Config.put([:rate_limit, @limiter_name], [{1, 10}, {scale, limit}])
+
+    opts = RateLimiter.init(@limiter_name)
+
+    user = insert(:user)
+    conn = conn(:get, "/") |> assign(:user, user)
+    bucket_name = "#{@limiter_name}:#{user.id}"
+
+    conn = RateLimiter.call(conn, opts)
+    assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {2, 3, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {3, 2, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {4, 1, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {5, 0, to_reset, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    conn = RateLimiter.call(conn, opts)
+
+    assert %{"error" => "Throttled"} = Phoenix.ConnTest.json_response(conn, :too_many_requests)
+    assert conn.halted
+
+    Process.sleep(to_reset)
+
+    conn = conn(:get, "/") |> assign(:user, user)
+
+    conn = RateLimiter.call(conn, opts)
+    assert {1, 4, _, _, _} = ExRated.inspect_bucket(bucket_name, scale, limit)
+
+    refute conn.status == Plug.Conn.Status.code(:too_many_requests)
+    refute conn.resp_body
+    refute conn.halted
+  end
+end