Changeset View
Changeset View
Standalone View
Standalone View
src/tests/Feature/Stories/RateLimitTest.php
<?php | <?php | ||||
namespace Tests\Feature\Stories; | namespace Tests\Feature\Stories; | ||||
use App\Payment; | |||||
use App\Policy\RateLimit; | use App\Policy\RateLimit; | ||||
use Illuminate\Support\Facades\DB; | use Illuminate\Support\Facades\DB; | ||||
use Tests\TestCase; | use Tests\TestCase; | ||||
/** | /** | ||||
* @group slow | * @group slow | ||||
* @group data | * @group data | ||||
* @group ratelimit | * @group ratelimit | ||||
*/ | */ | ||||
class RateLimitTest extends TestCase | class RateLimitTest extends TestCase | ||||
{ | { | ||||
public function setUp(): void | public function setUp(): void | ||||
{ | { | ||||
parent::setUp(); | parent::setUp(); | ||||
$this->setUpTest(); | $this->setUpTest(); | ||||
$this->useServicesUrl(); | $this->useServicesUrl(); | ||||
\App\Payment::query()->delete(); | Payment::query()->delete(); | ||||
} | } | ||||
public function tearDown(): void | public function tearDown(): void | ||||
{ | { | ||||
\App\Payment::query()->delete(); | Payment::query()->delete(); | ||||
parent::tearDown(); | parent::tearDown(); | ||||
} | } | ||||
/** | /** | ||||
* Verify an individual can send an email unrestricted, so long as the account is active. | * Verify an individual can send an email unrestricted, so long as the account is active. | ||||
*/ | */ | ||||
public function testIndividualDunno() | public function testIndividualDunno() | ||||
▲ Show 20 Lines • Show All 121 Lines • ▼ Show 20 Lines | class RateLimitTest extends TestCase | ||||
/** | /** | ||||
* Verify a paid for individual account does not simply run out of messages | * Verify a paid for individual account does not simply run out of messages | ||||
*/ | */ | ||||
public function testIndividualPaidMessages() | public function testIndividualPaidMessages() | ||||
{ | { | ||||
$wallet = $this->publicDomainUser->wallets()->first(); | $wallet = $this->publicDomainUser->wallets()->first(); | ||||
// Ensure there are no payments for the wallet | // Ensure there are no payments for the wallet | ||||
\App\Payment::where('wallet_id', $wallet->id)->delete(); | Payment::where('wallet_id', $wallet->id)->delete(); | ||||
$payment = [ | $payment = [ | ||||
'id' => \App\Utils::uuidInt(), | 'id' => \App\Utils::uuidInt(), | ||||
'status' => \App\Providers\PaymentProvider::STATUS_PAID, | 'status' => Payment::STATUS_PAID, | ||||
'type' => \App\Providers\PaymentProvider::TYPE_ONEOFF, | 'type' => Payment::TYPE_ONEOFF, | ||||
'description' => 'Paid in March', | 'description' => 'Paid in March', | ||||
'wallet_id' => $wallet->id, | 'wallet_id' => $wallet->id, | ||||
'provider' => 'stripe', | 'provider' => 'stripe', | ||||
'amount' => 1111, | 'amount' => 1111, | ||||
'credit_amount' => 1111, | 'credit_amount' => 1111, | ||||
'currency_amount' => 1111, | 'currency_amount' => 1111, | ||||
'currency' => 'CHF', | 'currency' => 'CHF', | ||||
]; | ]; | ||||
\App\Payment::create($payment); | Payment::create($payment); | ||||
$wallet->credit(1111); | $wallet->credit(1111); | ||||
$request = [ | $request = [ | ||||
'sender' => $this->publicDomainUser->email, | 'sender' => $this->publicDomainUser->email, | ||||
'recipients' => ['someone@test.domain'] | 'recipients' => ['someone@test.domain'] | ||||
]; | ]; | ||||
// first 9 requests | // first 9 requests | ||||
for ($i = 1; $i <= 9; $i++) { | for ($i = 1; $i <= 9; $i++) { | ||||
$request['recipients'] = [sprintf("%04d@test.domain", $i)]; | $request['recipients'] = [sprintf("%04d@test.domain", $i)]; | ||||
$response = $this->post('api/webhooks/policy/ratelimit', $request); | $response = $this->post('api/webhooks/policy/ratelimit', $request); | ||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
} | } | ||||
// the tenth request should be blocked | // the tenth request should be blocked | ||||
$request['recipients'] = ['0010@test.domain']; | $request['recipients'] = ['0010@test.domain']; | ||||
$response = $this->post('api/webhooks/policy/ratelimit', $request); | $response = $this->post('api/webhooks/policy/ratelimit', $request); | ||||
$response->assertStatus(403); | $response->assertStatus(403); | ||||
// create a second payment | // create a second payment | ||||
$payment['id'] = \App\Utils::uuidInt(); | $payment['id'] = \App\Utils::uuidInt(); | ||||
\App\Payment::create($payment); | Payment::create($payment); | ||||
$wallet->credit(1111); | $wallet->credit(1111); | ||||
// the tenth request should now be allowed | // the tenth request should now be allowed | ||||
$response = $this->post('api/webhooks/policy/ratelimit', $request); | $response = $this->post('api/webhooks/policy/ratelimit', $request); | ||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
} | } | ||||
/** | /** | ||||
Show All 33 Lines | class RateLimitTest extends TestCase | ||||
/** | /** | ||||
* Verify that an individual user that has paid for its account doesn't run out of recipients. | * Verify that an individual user that has paid for its account doesn't run out of recipients. | ||||
*/ | */ | ||||
public function testIndividualPaidRecipients() | public function testIndividualPaidRecipients() | ||||
{ | { | ||||
$wallet = $this->publicDomainUser->wallets()->first(); | $wallet = $this->publicDomainUser->wallets()->first(); | ||||
// Ensure there are no payments for the wallet | // Ensure there are no payments for the wallet | ||||
\App\Payment::where('wallet_id', $wallet->id)->delete(); | Payment::where('wallet_id', $wallet->id)->delete(); | ||||
$payment = [ | $payment = [ | ||||
'id' => \App\Utils::uuidInt(), | 'id' => \App\Utils::uuidInt(), | ||||
'status' => \App\Providers\PaymentProvider::STATUS_PAID, | 'status' => Payment::STATUS_PAID, | ||||
'type' => \App\Providers\PaymentProvider::TYPE_ONEOFF, | 'type' => Payment::TYPE_ONEOFF, | ||||
'description' => 'Paid in March', | 'description' => 'Paid in March', | ||||
'wallet_id' => $wallet->id, | 'wallet_id' => $wallet->id, | ||||
'provider' => 'stripe', | 'provider' => 'stripe', | ||||
'amount' => 1111, | 'amount' => 1111, | ||||
'credit_amount' => 1111, | 'credit_amount' => 1111, | ||||
'currency_amount' => 1111, | 'currency_amount' => 1111, | ||||
'currency' => 'CHF', | 'currency' => 'CHF', | ||||
]; | ]; | ||||
\App\Payment::create($payment); | Payment::create($payment); | ||||
$wallet->credit(1111); | $wallet->credit(1111); | ||||
$request = [ | $request = [ | ||||
'sender' => $this->publicDomainUser->email, | 'sender' => $this->publicDomainUser->email, | ||||
'recipients' => [] | 'recipients' => [] | ||||
]; | ]; | ||||
// first 2 requests (34 recipients each) | // first 2 requests (34 recipients each) | ||||
Show All 17 Lines | public function testIndividualPaidRecipients() | ||||
} | } | ||||
$response = $this->post('api/webhooks/policy/ratelimit', $request); | $response = $this->post('api/webhooks/policy/ratelimit', $request); | ||||
$response->assertStatus(403); | $response->assertStatus(403); | ||||
$payment['id'] = \App\Utils::uuidInt(); | $payment['id'] = \App\Utils::uuidInt(); | ||||
\App\Payment::create($payment); | Payment::create($payment); | ||||
$wallet->credit(1111); | $wallet->credit(1111); | ||||
// the tenth request should now be allowed | // the tenth request should now be allowed | ||||
$response = $this->post('api/webhooks/policy/ratelimit', $request); | $response = $this->post('api/webhooks/policy/ratelimit', $request); | ||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 78 Lines • ▼ Show 20 Lines | class RateLimitTest extends TestCase | ||||
/** | /** | ||||
* Verify that a paid for group account can send messages. | * Verify that a paid for group account can send messages. | ||||
*/ | */ | ||||
public function testGroupPaidOwnerRecipients() | public function testGroupPaidOwnerRecipients() | ||||
{ | { | ||||
$wallet = $this->domainOwner->wallets()->first(); | $wallet = $this->domainOwner->wallets()->first(); | ||||
// Ensure there are no payments for the wallet | // Ensure there are no payments for the wallet | ||||
\App\Payment::where('wallet_id', $wallet->id)->delete(); | Payment::where('wallet_id', $wallet->id)->delete(); | ||||
$payment = [ | $payment = [ | ||||
'id' => \App\Utils::uuidInt(), | 'id' => \App\Utils::uuidInt(), | ||||
'status' => \App\Providers\PaymentProvider::STATUS_PAID, | 'status' => Payment::STATUS_PAID, | ||||
'type' => \App\Providers\PaymentProvider::TYPE_ONEOFF, | 'type' => Payment::TYPE_ONEOFF, | ||||
'description' => 'Paid in March', | 'description' => 'Paid in March', | ||||
'wallet_id' => $wallet->id, | 'wallet_id' => $wallet->id, | ||||
'provider' => 'stripe', | 'provider' => 'stripe', | ||||
'amount' => 1111, | 'amount' => 1111, | ||||
'credit_amount' => 1111, | 'credit_amount' => 1111, | ||||
'currency_amount' => 1111, | 'currency_amount' => 1111, | ||||
'currency' => 'CHF', | 'currency' => 'CHF', | ||||
]; | ]; | ||||
\App\Payment::create($payment); | Payment::create($payment); | ||||
$wallet->credit(1111); | $wallet->credit(1111); | ||||
$request = [ | $request = [ | ||||
'sender' => $this->domainOwner->email, | 'sender' => $this->domainOwner->email, | ||||
'recipients' => [] | 'recipients' => [] | ||||
]; | ]; | ||||
// first 2 requests (34 recipients each) | // first 2 requests (34 recipients each) | ||||
Show All 16 Lines | public function testGroupPaidOwnerRecipients() | ||||
$request['recipients'][] = sprintf("%04d@test.domain", 2 * $y); | $request['recipients'][] = sprintf("%04d@test.domain", 2 * $y); | ||||
} | } | ||||
$response = $this->post('api/webhooks/policy/ratelimit', $request); | $response = $this->post('api/webhooks/policy/ratelimit', $request); | ||||
$response->assertStatus(403); | $response->assertStatus(403); | ||||
// create a second payment | // create a second payment | ||||
$payment['id'] = \App\Utils::uuidInt(); | $payment['id'] = \App\Utils::uuidInt(); | ||||
\App\Payment::create($payment); | Payment::create($payment); | ||||
$response = $this->post('api/webhooks/policy/ratelimit', $request); | $response = $this->post('api/webhooks/policy/ratelimit', $request); | ||||
$response->assertStatus(200); | $response->assertStatus(200); | ||||
} | } | ||||
/** | /** | ||||
* Verify that a user for a domain owner can send email. | * Verify that a user for a domain owner can send email. | ||||
*/ | */ | ||||
▲ Show 20 Lines • Show All 115 Lines • Show Last 20 Lines |