restructuring

kathap · kathap · commit 03879f029960 · 2024-11-22T14:27:28.000+01:00
diff --git a/middleware/service_broker_rate_limiter.rb b/middleware/service_broker_rate_limiter.rb
@@ -113,14 +113,14 @@ def call(env)
 
       def apply_rate_limiting?(env)
         request = ActionDispatch::Request.new(env)
-        !admin? && rate_limit_method?(request)
+        !admin? && is_rate_limited_service_request?(request)
       end
 
       def admin?
         VCAP::CloudController::SecurityContext.admin? || VCAP::CloudController::SecurityContext.admin_read_only?
       end
 
-      def rate_limit_method?(request)
+      def is_rate_limited_service_request?(request)
         RATE_LIMITED_ENDPOINTS.any? do |endpoint|
           endpoint.endpoint_pattern.match?(request.fullpath) && endpoint.request_methods.include?(request.method)
         end
diff --git a/spec/unit/middleware/service_broker_rate_limiter_spec.rb b/spec/unit/middleware/service_broker_rate_limiter_spec.rb
@@ -61,6 +61,85 @@ module Middleware
           expect(status).to eq(200)
         end
 
+        describe 'service endpoints' do
+          shared_examples 'rate-limited service endpoint' do
+            before do
+              allow(app).to receive(:call) do
+                sleep(1)
+                [200, {}, 'a body']
+              end
+            end
+
+            it 'does not allow more than the max number of concurrent requests' do
+              threads = 2.times.map { Thread.new { middleware.call(env) } }
+              statuses = threads.map(&:join).map(&:value).map(&:first)
+
+              expect(statuses).to include(200)
+              expect(statuses).to include(429)
+              expect(app).to have_received(:call).once
+              expect(logger).to have_received(:info).with("Service broker concurrent rate limit exceeded for user '#{user_guid}'")
+            end
+          end
+
+          context 'v2 rate limited service endpoints' do
+            v2_rate_limited_service_endpoints = %w[/v2/service_instances /v2/service_bindings /v2/service_keys]
+
+            methods = %w[PUT POST DELETE]
+
+            v2_rate_limited_service_endpoints.each do |endpoint|
+              methods.each do |method|
+                context "#{endpoint} #{method} - rate-limited" do
+                  let(:path) { endpoint }
+                  let(:request_method) { method }
+                  let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: endpoint, method: method) }
+
+                  include_examples 'rate-limited service endpoint'
+                end
+              end
+            end
+          end
+
+          context 'v3 rate limited GET service endpoints' do
+            v3_rate_limited_service_endpoints = %w[/v3/service_instances/:guid/parameters /v3/service_credential_bindings/:guid/parameters
+                                                   /v3/service_route_bindings/:guid/parameters]
+
+            v3_rate_limited_service_endpoints.each do |endpoint|
+              context "#{endpoint} GET - rate-limited" do
+                let(:path) { endpoint.gsub(':guid', instance.guid.to_s) }
+                let(:request_method) { 'GET' }
+                let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: path, method: request_method) }
+
+                include_examples 'rate-limited service endpoint'
+              end
+            end
+          end
+
+          context 'v3 non rate limited service endpoints' do
+            v3_not_rate_limited_service_endpoints = %w[/v3/service_instances /v3/service_credential_bindings /v3/service_route_bindings]
+
+            methods = %w[POST PATCH DELETE]
+
+            v3_not_rate_limited_service_endpoints.each do |endpoint|
+              methods.each do |method|
+                context "#{endpoint} #{method} - non-rate-limited" do
+                  let(:path) { endpoint }
+                  let(:request_method) { method }
+                  let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: endpoint, method: method) }
+
+                  it 'allows concurrent requests without limits' do
+                    threads = 2.times.map { Thread.new { middleware.call(env) } }
+                    statuses = threads.map(&:join).map(&:value).map(&:first)
+
+                    expect(statuses).to all(eq(200))
+                    expect(app).to have_received(:call).twice
+                    expect(logger).not_to have_received(:info)
+                  end
+                end
+              end
+            end
+          end
+        end
+
         describe 'errors' do
           let(:max_concurrent_requests) { 0 }
 
@@ -109,80 +188,6 @@ module Middleware
             end
           end
         end
-
-        shared_examples 'rate-limited endpoint' do
-          it 'does not allow more than the max number of concurrent requests' do
-            allow(app).to receive(:call) do
-              sleep(1)
-              [200, {}, 'a body']
-            end
-
-            threads = 2.times.map { Thread.new { middleware.call(env) } }
-            statuses = threads.map(&:join).map(&:value).map(&:first)
-
-            expect(statuses).to include(200)
-            expect(statuses).to include(429)
-            expect(app).to have_received(:call).once
-            expect(logger).to have_received(:info).with("Service broker concurrent rate limit exceeded for user '#{user_guid}'")
-          end
-        end
-
-        v2_rate_limited_service_endpoints = %w[/v2/service_instances /v2/service_bindings /v2/service_keys]
-
-        methods = %w[PUT POST DELETE]
-
-        v2_rate_limited_service_endpoints.each do |endpoint|
-          methods.each do |method|
-            context "#{endpoint} #{method} endpoint" do
-              let(:path) { endpoint }
-              let(:request_method) { method }
-              let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: endpoint, method: method) }
-
-              include_examples 'rate-limited endpoint'
-            end
-          end
-        end
-
-        v3_rate_limited_service_endpoints = %w[/v3/service_instances/:guid/parameters /v3/service_credential_bindings/:guid/parameters /v3/service_route_bindings/:guid/parameters]
-
-        v3_rate_limited_service_endpoints.each do |endpoint|
-          context "#{endpoint} GET" do
-            let(:path) { endpoint.gsub(':guid', instance.guid.to_s) }
-            let(:request_method) { 'GET' }
-            let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: path, method: request_method) }
-
-            include_examples 'rate-limited endpoint'
-          end
-        end
-      end
-
-      describe 'excluded requests' do
-        shared_examples 'non-rate-limited endpoint' do
-          it 'allows concurrent requests without limits' do
-            threads = 2.times.map { Thread.new { middleware.call(env) } }
-            statuses = threads.map(&:join).map(&:value).map(&:first)
-
-            expect(statuses).to all(eq(200))
-            expect(app).to have_received(:call).twice
-            expect(logger).not_to have_received(:info)
-          end
-        end
-
-        v3_not_rate_limited_service_endpoints = %w[/v3/service_instances /v3/service_credential_bindings /v3/service_route_bindings]
-
-        methods = %w[POST PATCH DELETE]
-
-        v3_not_rate_limited_service_endpoints.each do |endpoint|
-          methods.each do |method|
-            context "#{endpoint} #{method} - non-rate-limited" do
-              let(:path) { endpoint }
-              let(:request_method) { method }
-              let(:fake_request) { instance_double(ActionDispatch::Request, fullpath: endpoint, method: method) }
-
-              include_examples 'non-rate-limited endpoint'
-            end
-          end
-        end
       end
 
       describe 'skipped requests' do
