2020-06-05 05:47:20 -04:00
|
|
|
from synapse.api.ratelimiting import LimitExceededError, Ratelimiter
|
2020-08-21 10:07:56 -04:00
|
|
|
from synapse.appservice import ApplicationService
|
2023-08-29 19:39:39 -04:00
|
|
|
from synapse.config.ratelimiting import RatelimitSettings
|
2020-08-21 10:07:56 -04:00
|
|
|
from synapse.types import create_requester
|
2014-09-02 10:06:20 -04:00
|
|
|
|
2014-09-12 13:24:53 -04:00
|
|
|
from tests import unittest
|
2014-09-02 10:06:20 -04:00
|
|
|
|
2016-02-19 10:34:38 -05:00
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
class TestRatelimiter(unittest.HomeserverTestCase):
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_allowed_via_can_do_action(self) -> None:
|
2021-03-30 07:06:09 -04:00
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(key="", per_second=0.1, burst_count=1),
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id", _time_now_s=0)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(10.0, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id", _time_now_s=5)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertFalse(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(10.0, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id", _time_now_s=10)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(20.0, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_allowed_appservice_ratelimited_via_can_requester_do_action(self) -> None:
|
2020-08-21 10:07:56 -04:00
|
|
|
appservice = ApplicationService(
|
2023-01-21 10:59:15 -05:00
|
|
|
token="fake_token",
|
2020-10-29 11:58:44 -04:00
|
|
|
id="foo",
|
|
|
|
rate_limited=True,
|
|
|
|
sender="@as:example.com",
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
as_requester = create_requester("@user:example.com", app_service=appservice)
|
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(
|
|
|
|
key="",
|
|
|
|
per_second=0.1,
|
|
|
|
burst_count=1,
|
|
|
|
),
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(as_requester, _time_now_s=0)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(10.0, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(as_requester, _time_now_s=5)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertFalse(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(10.0, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(as_requester, _time_now_s=10)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(20.0, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_allowed_appservice_via_can_requester_do_action(self) -> None:
|
2020-08-21 10:07:56 -04:00
|
|
|
appservice = ApplicationService(
|
2023-01-21 10:59:15 -05:00
|
|
|
token="fake_token",
|
2020-10-29 11:58:44 -04:00
|
|
|
id="foo",
|
|
|
|
rate_limited=False,
|
|
|
|
sender="@as:example.com",
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
as_requester = create_requester("@user:example.com", app_service=appservice)
|
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(
|
|
|
|
key="",
|
|
|
|
per_second=0.1,
|
|
|
|
burst_count=1,
|
|
|
|
),
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(as_requester, _time_now_s=0)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(-1, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(as_requester, _time_now_s=5)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(-1, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(as_requester, _time_now_s=10)
|
2020-08-21 10:07:56 -04:00
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(-1, time_allowed)
|
2020-08-21 10:07:56 -04:00
|
|
|
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_allowed_via_ratelimit(self) -> None:
|
2021-03-30 07:06:09 -04:00
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(key="", per_second=0.1, burst_count=1),
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
|
|
|
|
# Shouldn't raise
|
2021-03-30 07:06:09 -04:00
|
|
|
self.get_success_or_raise(limiter.ratelimit(None, key="test_id", _time_now_s=0))
|
2020-06-05 05:47:20 -04:00
|
|
|
|
|
|
|
# Should raise
|
|
|
|
with self.assertRaises(LimitExceededError) as context:
|
2021-03-30 07:06:09 -04:00
|
|
|
self.get_success_or_raise(
|
2024-05-18 07:03:30 -04:00
|
|
|
limiter.ratelimit(None, key="test_id", _time_now_s=5), by=0.5
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
2024-05-18 07:03:30 -04:00
|
|
|
|
2020-06-05 05:47:20 -04:00
|
|
|
self.assertEqual(context.exception.retry_after_ms, 5000)
|
|
|
|
|
|
|
|
# Shouldn't raise
|
2021-03-30 07:06:09 -04:00
|
|
|
self.get_success_or_raise(
|
|
|
|
limiter.ratelimit(None, key="test_id", _time_now_s=10)
|
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_allowed_via_can_do_action_and_overriding_parameters(self) -> None:
|
2020-06-05 05:47:20 -04:00
|
|
|
"""Test that we can override options of can_do_action that would otherwise fail
|
|
|
|
an action
|
|
|
|
"""
|
|
|
|
# Create a Ratelimiter with a very low allowed rate_hz and burst_count
|
2021-03-30 07:06:09 -04:00
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(key="", per_second=0.1, burst_count=1),
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
|
|
|
|
# First attempt should be allowed
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(
|
|
|
|
None,
|
|
|
|
("test_id",),
|
|
|
|
_time_now_s=0,
|
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
|
|
|
self.assertEqual(10.0, time_allowed)
|
|
|
|
|
|
|
|
# Second attempt, 1s later, will fail
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(
|
|
|
|
None,
|
|
|
|
("test_id",),
|
|
|
|
_time_now_s=1,
|
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
)
|
|
|
|
self.assertFalse(allowed)
|
|
|
|
self.assertEqual(10.0, time_allowed)
|
|
|
|
|
|
|
|
# But, if we allow 10 actions/sec for this request, we should be allowed
|
|
|
|
# to continue.
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, ("test_id",), _time_now_s=1, rate_hz=10.0)
|
2014-09-02 10:06:20 -04:00
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
self.assertTrue(allowed)
|
|
|
|
self.assertEqual(1.1, time_allowed)
|
2014-09-02 10:06:20 -04:00
|
|
|
|
2020-06-05 05:47:20 -04:00
|
|
|
# Similarly if we allow a burst of 10 actions
|
2021-03-30 07:06:09 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, ("test_id",), _time_now_s=1, burst_count=10)
|
2014-09-02 10:06:20 -04:00
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
self.assertTrue(allowed)
|
|
|
|
self.assertEqual(1.0, time_allowed)
|
|
|
|
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_allowed_via_ratelimit_and_overriding_parameters(self) -> None:
|
2020-06-05 05:47:20 -04:00
|
|
|
"""Test that we can override options of the ratelimit method that would otherwise
|
|
|
|
fail an action
|
|
|
|
"""
|
|
|
|
# Create a Ratelimiter with a very low allowed rate_hz and burst_count
|
2021-03-30 07:06:09 -04:00
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(key="", per_second=0.1, burst_count=1),
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
|
|
|
|
# First attempt should be allowed
|
2021-03-30 07:06:09 -04:00
|
|
|
self.get_success_or_raise(
|
|
|
|
limiter.ratelimit(None, key=("test_id",), _time_now_s=0)
|
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
|
|
|
|
# Second attempt, 1s later, will fail
|
|
|
|
with self.assertRaises(LimitExceededError) as context:
|
2021-03-30 07:06:09 -04:00
|
|
|
self.get_success_or_raise(
|
2024-05-18 07:03:30 -04:00
|
|
|
limiter.ratelimit(None, key=("test_id",), _time_now_s=1), by=0.5
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
self.assertEqual(context.exception.retry_after_ms, 9000)
|
|
|
|
|
|
|
|
# But, if we allow 10 actions/sec for this request, we should be allowed
|
|
|
|
# to continue.
|
2021-03-30 07:06:09 -04:00
|
|
|
self.get_success_or_raise(
|
|
|
|
limiter.ratelimit(None, key=("test_id",), _time_now_s=1, rate_hz=10.0)
|
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
|
|
|
|
# Similarly if we allow a burst of 10 actions
|
2021-03-30 07:06:09 -04:00
|
|
|
self.get_success_or_raise(
|
|
|
|
limiter.ratelimit(None, key=("test_id",), _time_now_s=1, burst_count=10)
|
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_pruning(self) -> None:
|
2021-03-30 07:06:09 -04:00
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(key="", per_second=0.1, burst_count=1),
|
2021-03-30 07:06:09 -04:00
|
|
|
)
|
|
|
|
self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id_1", _time_now_s=0)
|
|
|
|
)
|
2020-06-05 05:47:20 -04:00
|
|
|
|
|
|
|
self.assertIn("test_id_1", limiter.actions)
|
|
|
|
|
2021-03-30 07:06:09 -04:00
|
|
|
self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id_2", _time_now_s=10)
|
|
|
|
)
|
2014-09-02 10:06:20 -04:00
|
|
|
|
2020-06-05 05:47:20 -04:00
|
|
|
self.assertNotIn("test_id_1", limiter.actions)
|
2021-03-30 07:06:09 -04:00
|
|
|
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_db_user_override(self) -> None:
|
2021-03-30 07:06:09 -04:00
|
|
|
"""Test that users that have ratelimiting disabled in the DB aren't
|
|
|
|
ratelimited.
|
|
|
|
"""
|
2022-02-23 06:04:02 -05:00
|
|
|
store = self.hs.get_datastores().main
|
2021-03-30 07:06:09 -04:00
|
|
|
|
|
|
|
user_id = "@user:test"
|
|
|
|
requester = create_requester(user_id)
|
|
|
|
|
|
|
|
self.get_success(
|
|
|
|
store.db_pool.simple_insert(
|
|
|
|
table="ratelimit_override",
|
|
|
|
values={
|
|
|
|
"user_id": user_id,
|
|
|
|
"messages_per_second": None,
|
|
|
|
"burst_count": None,
|
|
|
|
},
|
|
|
|
desc="test_db_user_override",
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
2023-08-29 19:39:39 -04:00
|
|
|
limiter = Ratelimiter(
|
|
|
|
store=store,
|
|
|
|
clock=self.clock,
|
|
|
|
cfg=RatelimitSettings("", per_second=0.1, burst_count=1),
|
|
|
|
)
|
2021-03-30 07:06:09 -04:00
|
|
|
|
|
|
|
# Shouldn't raise
|
|
|
|
for _ in range(20):
|
|
|
|
self.get_success_or_raise(limiter.ratelimit(requester, _time_now_s=0))
|
2021-05-12 10:05:28 -04:00
|
|
|
|
2023-02-03 15:03:23 -05:00
|
|
|
def test_multiple_actions(self) -> None:
|
2021-05-12 10:05:28 -04:00
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(
|
|
|
|
key="",
|
|
|
|
per_second=0.1,
|
|
|
|
burst_count=3,
|
|
|
|
),
|
2021-05-12 10:05:28 -04:00
|
|
|
)
|
|
|
|
# Test that 4 actions aren't allowed with a maximum burst of 3.
|
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id", n_actions=4, _time_now_s=0)
|
|
|
|
)
|
|
|
|
self.assertFalse(allowed)
|
|
|
|
|
|
|
|
# Test that 3 actions are allowed with a maximum burst of 3.
|
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id", n_actions=3, _time_now_s=0)
|
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(10.0, time_allowed)
|
2021-05-12 10:05:28 -04:00
|
|
|
|
2022-06-15 10:11:55 -04:00
|
|
|
# Test that, after doing these 3 actions, we can't do any more actions without
|
2021-05-12 10:05:28 -04:00
|
|
|
# waiting.
|
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id", n_actions=1, _time_now_s=0)
|
|
|
|
)
|
|
|
|
self.assertFalse(allowed)
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(10.0, time_allowed)
|
2021-05-12 10:05:28 -04:00
|
|
|
|
2022-06-15 10:11:55 -04:00
|
|
|
# Test that after waiting we would be able to do only 1 action.
|
|
|
|
# Note that we don't actually do it (update=False) here.
|
2021-05-12 10:05:28 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(
|
|
|
|
None,
|
|
|
|
key="test_id",
|
|
|
|
update=False,
|
|
|
|
n_actions=1,
|
|
|
|
_time_now_s=10,
|
|
|
|
)
|
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-06-15 10:11:55 -04:00
|
|
|
# We would be able to do the 5th action at t=20.
|
|
|
|
self.assertEqual(20.0, time_allowed)
|
2021-05-12 10:05:28 -04:00
|
|
|
|
2022-06-15 10:11:55 -04:00
|
|
|
# Attempt (but fail) to perform TWO actions at t=10.
|
|
|
|
# Those would be the 4th and 5th actions.
|
2021-05-12 10:05:28 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id", n_actions=2, _time_now_s=10)
|
|
|
|
)
|
|
|
|
self.assertFalse(allowed)
|
2022-06-15 10:11:55 -04:00
|
|
|
# The returned time allowed for the next action is now even though we weren't
|
|
|
|
# allowed to perform the action because whilst we don't allow 2 actions,
|
|
|
|
# we could still do 1.
|
2022-02-28 07:12:29 -05:00
|
|
|
self.assertEqual(10.0, time_allowed)
|
2021-05-12 10:05:28 -04:00
|
|
|
|
2022-06-15 10:11:55 -04:00
|
|
|
# Test that after waiting until t=20, we can do perform 2 actions.
|
|
|
|
# These are the 4th and 5th actions.
|
2021-05-12 10:05:28 -04:00
|
|
|
allowed, time_allowed = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(None, key="test_id", n_actions=2, _time_now_s=20)
|
|
|
|
)
|
|
|
|
self.assertTrue(allowed)
|
2022-06-15 10:11:55 -04:00
|
|
|
# We would be able to do the 6th action at t=30.
|
|
|
|
self.assertEqual(30.0, time_allowed)
|
|
|
|
|
|
|
|
def test_rate_limit_burst_only_given_once(self) -> None:
|
|
|
|
"""
|
|
|
|
Regression test against a bug that meant that you could build up
|
|
|
|
extra tokens by timing requests.
|
|
|
|
"""
|
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings("", per_second=0.1, burst_count=3),
|
2022-06-15 10:11:55 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
def consume_at(time: float) -> bool:
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=time)
|
|
|
|
)
|
|
|
|
return success
|
|
|
|
|
|
|
|
# Use all our 3 burst tokens
|
|
|
|
self.assertTrue(consume_at(0.0))
|
|
|
|
self.assertTrue(consume_at(0.1))
|
|
|
|
self.assertTrue(consume_at(0.2))
|
|
|
|
|
|
|
|
# Wait to recover 1 token (10 seconds at 0.1 Hz).
|
|
|
|
self.assertTrue(consume_at(10.1))
|
|
|
|
|
|
|
|
# Check that we get rate limited after using that token.
|
|
|
|
self.assertFalse(consume_at(11.1))
|
2022-07-13 15:09:42 -04:00
|
|
|
|
|
|
|
def test_record_action_which_doesnt_fill_bucket(self) -> None:
|
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(
|
|
|
|
"",
|
|
|
|
per_second=0.1,
|
|
|
|
burst_count=3,
|
|
|
|
),
|
2022-07-13 15:09:42 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
# Observe two actions, leaving room in the bucket for one more.
|
|
|
|
limiter.record_action(requester=None, key="a", n_actions=2, _time_now_s=0.0)
|
|
|
|
|
|
|
|
# We should be able to take a new action now.
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=0.0)
|
|
|
|
)
|
|
|
|
self.assertTrue(success)
|
|
|
|
|
|
|
|
# ... but not two.
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=0.0)
|
|
|
|
)
|
|
|
|
self.assertFalse(success)
|
|
|
|
|
|
|
|
def test_record_action_which_fills_bucket(self) -> None:
|
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(
|
|
|
|
"",
|
|
|
|
per_second=0.1,
|
|
|
|
burst_count=3,
|
|
|
|
),
|
2022-07-13 15:09:42 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
# Observe three actions, filling up the bucket.
|
|
|
|
limiter.record_action(requester=None, key="a", n_actions=3, _time_now_s=0.0)
|
|
|
|
|
|
|
|
# We should be unable to take a new action now.
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=0.0)
|
|
|
|
)
|
|
|
|
self.assertFalse(success)
|
|
|
|
|
|
|
|
# If we wait 10 seconds to leak a token, we should be able to take one action...
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=10.0)
|
|
|
|
)
|
|
|
|
self.assertTrue(success)
|
|
|
|
|
|
|
|
# ... but not two.
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=10.0)
|
|
|
|
)
|
|
|
|
self.assertFalse(success)
|
|
|
|
|
|
|
|
def test_record_action_which_overfills_bucket(self) -> None:
|
|
|
|
limiter = Ratelimiter(
|
2023-01-21 10:59:15 -05:00
|
|
|
store=self.hs.get_datastores().main,
|
|
|
|
clock=self.clock,
|
2023-08-29 19:39:39 -04:00
|
|
|
cfg=RatelimitSettings(
|
|
|
|
"",
|
|
|
|
per_second=0.1,
|
|
|
|
burst_count=3,
|
|
|
|
),
|
2022-07-13 15:09:42 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
# Observe four actions, exceeding the bucket.
|
|
|
|
limiter.record_action(requester=None, key="a", n_actions=4, _time_now_s=0.0)
|
|
|
|
|
|
|
|
# We should be prevented from taking a new action now.
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=0.0)
|
|
|
|
)
|
|
|
|
self.assertFalse(success)
|
|
|
|
|
|
|
|
# If we wait 10 seconds to leak a token, we should be unable to take an action
|
|
|
|
# because the bucket is still full.
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=10.0)
|
|
|
|
)
|
|
|
|
self.assertFalse(success)
|
|
|
|
|
|
|
|
# But after another 10 seconds we leak a second token, giving us room for
|
|
|
|
# action.
|
|
|
|
success, _ = self.get_success_or_raise(
|
|
|
|
limiter.can_do_action(requester=None, key="a", _time_now_s=20.0)
|
|
|
|
)
|
|
|
|
self.assertTrue(success)
|