anti
f2b3393669
Replaces LICENSE (GPLv3 -> AGPLv3) and prepends `SPDX-License-Identifier: AGPL-3.0-or-later` to every source file across decnet/, decnet_web/, tests/, scripts/, and tools/. Rationale: closes the GPLv3 ASP loophole so any party operating a modified DECNET as a network service must offer their modified source. Personal copyright (Samuel Paschuan) + inbound=outbound contributions make a future unilateral relicense infeasible. - LICENSE: full AGPL-3.0 text (gnu.org/licenses/agpl-3.0.txt) - COPYRIGHT: project copyright notice - tools/add_spdx_headers.py: idempotent header injector (shebang- and PEP 263-aware) Touches 1565 source files (.py, .ts, .tsx, .js, .jsx, .css, .sh). No behavior change; comments only.
62 lines
2.0 KiB
Python
62 lines
2.0 KiB
Python
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
"""Per-user SSE connection cap — F6/D mitigation."""
|
|
import pytest
|
|
from fastapi import HTTPException
|
|
|
|
from decnet.web import sse_limits
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_slot_under_cap_enters_cleanly(monkeypatch):
|
|
monkeypatch.setattr(sse_limits, "_MAX_PER_USER", 2)
|
|
sse_limits._reset_for_tests()
|
|
|
|
async with sse_limits.sse_connection_slot("u1"):
|
|
assert sse_limits.current_count("u1") == 1
|
|
async with sse_limits.sse_connection_slot("u1"):
|
|
assert sse_limits.current_count("u1") == 2
|
|
|
|
assert sse_limits.current_count("u1") == 0
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_slot_over_cap_raises_429(monkeypatch):
|
|
monkeypatch.setattr(sse_limits, "_MAX_PER_USER", 1)
|
|
sse_limits._reset_for_tests()
|
|
|
|
async with sse_limits.sse_connection_slot("u1"):
|
|
with pytest.raises(HTTPException) as exc:
|
|
async with sse_limits.sse_connection_slot("u1"):
|
|
pass
|
|
assert exc.value.status_code == 429
|
|
|
|
# Released after the outer context exits → fresh slot works.
|
|
async with sse_limits.sse_connection_slot("u1"):
|
|
assert sse_limits.current_count("u1") == 1
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_slot_per_user_isolation(monkeypatch):
|
|
monkeypatch.setattr(sse_limits, "_MAX_PER_USER", 1)
|
|
sse_limits._reset_for_tests()
|
|
|
|
async with sse_limits.sse_connection_slot("u1"):
|
|
async with sse_limits.sse_connection_slot("u2"):
|
|
assert sse_limits.current_count("u1") == 1
|
|
assert sse_limits.current_count("u2") == 1
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_slot_decrements_on_exception(monkeypatch):
|
|
monkeypatch.setattr(sse_limits, "_MAX_PER_USER", 1)
|
|
sse_limits._reset_for_tests()
|
|
|
|
with pytest.raises(ValueError):
|
|
async with sse_limits.sse_connection_slot("u1"):
|
|
raise ValueError("boom")
|
|
|
|
assert sse_limits.current_count("u1") == 0
|
|
# Slot is free again after exception path.
|
|
async with sse_limits.sse_connection_slot("u1"):
|
|
pass
|