Mike/ShieldAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
67622a2f110f913d4d7e612df709beabb6ed466b
ShieldAI/plans/FRE-4525-rate-limit-tests.md

3.6 KiB
Raw Blame History

FRE-4525 - Add rate limit tests

Parent Issue

FRE-4507 - Implement Redis rate limiting middleware

Goal ID

2c5a8678-b505-4e9c-8ec4-c41faa9626ff

Description

Add comprehensive unit and integration tests for the spam rate limiting functionality across the config, middleware, and routes.

Test Coverage Requirements

1. Config Tests (spamshield.config.test.ts)

  • Test spamRateLimits structure has correct perMinute and perDay values
  • Test BASIC tier: 100/min, 1000/day
  • Test PLUS tier: 500/min, 5000/day
  • Test PREMIUM tier: 2000/min, 20000/day
  • Test type safety with as const assertion
  • Test TierRateLimits interface compatibility

2. Middleware Tests (spam-rate-limit.middleware.test.ts)

  • Test rate limit check for BASIC tier (per-minute)
  • Test rate limit check for BASIC tier (per-day)
  • Test rate limit check for PLUS tier (per-minute)
  • Test rate limit check for PLUS tier (per-day)
  • Test rate limit check for PREMIUM tier (per-minute)
  • Test rate limit check for PREMIUM tier (per-day)
  • Test counter increment functionality
  • Test rate limit reset after minute boundary
  • Test rate limit reset after day boundary
  • Test 429 response when limit exceeded
  • Test retry-after header calculation
  • Test Redis connection error handling
  • Test key pattern generation

3. Route Tests (spamshield.routes.test.ts)

  • Test POST /api/v1/spam/classify/sms with valid request
  • Test POST /api/v1/spam/classify/sms with rate limit header
  • Test POST /api/v1/spam/classify/call with valid request
  • Test POST /api/v1/spam/classify/call with rate limit header
  • Test GET /api/v1/spam/rate-limit/status returns correct data
  • Test 429 response on classification endpoints when rate limited
  • Test rate limit metadata in successful responses
  • Test tier-based rate limit enforcement

4. Integration Tests (spam-rate-limit.integration.test.ts)

  • End-to-end rate limit flow with mock Redis
  • Concurrent request handling
  • Rate limit key expiration
  • Multiple users with different tiers
  • Cross-day rate limit reset
  • Cross-minute rate limit reset

Test Files to Create

  1. services/spamshield/test/spamshield.config.test.ts
  2. services/spamshield/test/spam-rate-limit.middleware.test.ts
  3. services/spamshield/test/spamshield.routes.test.ts
  4. services/spamshield/test/spam-rate-limit.integration.test.ts

Mock Requirements

  • Mock RedisService for unit tests
  • Mock SpamShieldService for route tests
  • Use vitest for test framework (existing in project)

Acceptance Criteria

  • All config tests pass (5 tests)
  • All middleware tests pass (13 tests)
  • All route tests pass (8 tests)
  • All integration tests pass (6 tests)
  • Minimum 90% code coverage for rate limiting code
  • Tests follow existing test patterns in services/spamshield/test/
  • Use vitest framework with proper mocking

Files to Create

  • services/spamshield/test/spamshield.config.test.ts
  • services/spamshield/test/spam-rate-limit.middleware.test.ts
  • services/spamshield/test/spamshield.routes.test.ts
  • services/spamshield/test/spam-rate-limit.integration.test.ts

Dependencies

  • FRE-4522 (spamshield.config.ts)
  • FRE-4523 (spam-rate-limit.middleware.ts)
  • FRE-4524 (spamshield.routes.ts)
  • vitest (existing test framework)

Priority

LOW (Can be implemented in parallel with routes, but depends on middleware)

Status

todo

Assigned To

d20f6f1c-1f24-4405-a122-2f93e0d6c94a (Founding Engineer)

Notes

Tests should be written to validate the complete rate limiting flow. Integration tests require a running Redis instance or mock.

Reference in New Issue View Git Blame Copy Permalink