rate limits: add /rate_limits endpoint.

Allow users to view their own rate limits with /rate_limits.json. Note that rate limits are only updated after every API call, so this page only shows the state of the limits after the last call, not the current state.
2021-03-05 16:25:23 -06:00
parent 1ee1e807cf
commit 58e42ee8d3
6 changed files with 84 additions and 0 deletions
--- a/test/functional/rate_limits_controller_test.rb
+++ b/test/functional/rate_limits_controller_test.rb
@@ -0,0 +1,33 @@
+require 'test_helper'
+
+class RateLimitsControllerTest < ActionDispatch::IntegrationTest
+  context "The rate limits controller" do
+    context "index action" do
+      setup do
+        @user = create(:user)
+        create(:rate_limit, key: @user.cache_key)
+      end
+
+      should "show all rate limits to the owner" do
+        get_auth rate_limits_path, create(:owner_user)
+
+        assert_response :success
+        assert_select "tbody tr", count: 2 # 2 because the login action creates a second rate limit.
+      end
+
+      should "show the user their own rate limits" do
+        get_auth rate_limits_path, @user
+
+        assert_response :success
+        assert_select "tbody tr", count: 1
+      end
+
+      should "not show users rate limits belonging to other users" do
+        get_auth rate_limits_path, create(:user)
+
+        assert_response :success
+        assert_select "tbody tr", count: 0
+      end
+    end
+  end
+end