diff --git a/src/django/api/management/commands/make_token.py b/src/django/api/management/commands/make_token.py index 9f6d91dfe..8b96ed3fc 100644 --- a/src/django/api/management/commands/make_token.py +++ b/src/django/api/management/commands/make_token.py @@ -1,21 +1,24 @@ from django.core.management.base import BaseCommand from django.core.management import call_command + class Command(BaseCommand): help = ('Usage: Create an API token for the user during the database ' 'reset, and set admin rights.') def handle(self, *args, **options): - call_command('shell', - '-c', - ( - "from rest_framework.authtoken.models import Token;" - "from api.models import User;" - "user = User.objects.get(id=2);" - "user.is_staff = True;" - "user.is_superuser = True;" - "user.save();" - "token = Token.objects.create(user=user," - "key='1d18b962d6f976b0b7e8fcf9fcc39b56cf278051');" - "print(f'Token for {user.email}: {token.key}')" - )) + call_command( + 'shell', + '-c', + ( + "from rest_framework.authtoken.models import Token;" + "from api.models import User;" + "user = User.objects.get(id=2);" + "user.is_staff = True;" + "user.is_superuser = True;" + "user.save();" + "token = Token.objects.create(user=user," + "key='1d18b962d6f976b0b7e8fcf9fcc39b56cf278051');" + "print(f'Token for {user.email}: {token.key}')" + ) + ) diff --git a/src/tests/v1/moderator/test_moderation_event_record.py b/src/tests/v1/moderator/test_moderation_event_record.py index 05c332d7a..7894ece46 100644 --- a/src/tests/v1/moderator/test_moderation_event_record.py +++ b/src/tests/v1/moderator/test_moderation_event_record.py @@ -7,6 +7,10 @@ HTTP_200_OK = 200 HTTP_201_CREATED = 201 +HTTP_429_TOO_MANY_REQUEST = 429 +REINDEX_INTERVAL = 80 + + class ModerationEventRecordTest(BaseAPITest): def setUp(self): super().setUp() @@ -78,7 +82,7 @@ def create_moderation_event(self): self.moderation_event_id = result['moderation_id'] print(f'[Contribution Record; moderation id:] {self.moderation_event_id}') # Wait till the newly created facilities be indexed in the OpenSearch - time.sleep(80) + time.sleep(REINDEX_INTERVAL) return result def test_moderation_events_confirmation(self): @@ -149,3 +153,18 @@ def test_moderation_events_rejection(self): result = response.json() self.assertEqual(response.status_code, HTTP_200_OK, f"Unexpected status code: {response.status_code}") self.assertEqual(result['status'], 'REJECTED', "Moderation event should have REJECTED status") + + def test_moderation_events_rate_limiting(self): + self.create_moderation_event() + for i in range(500): + response = requests.get( + f"{self.root_url}/api/v1/moderation-events/{self.moderation_event_id}", + headers=self.basic_headers, + ) + if response.status_code == HTTP_429_TOO_MANY_REQUEST: + self.assertEqual(response.status_code, HTTP_429_TOO_MANY_REQUEST, "Expected 429 for rate-limited requests.") + result = response.json() + self.assertIn('Request was throttled', result['detail'], "Error message should be returned when rate-limited.") + break + else: + self.skipTest("Rate limit was not reached; adjust loop count or rate-limit policy if needed.")