From 460bfd425c46e58b552352b08b6ba6d77169aa2c Mon Sep 17 00:00:00 2001 From: Danny Martini Date: Fri, 30 May 2025 10:38:46 +0200 Subject: [PATCH] test(core): Relax assertions for testing the maxTeamProjects quota (#15798) --- packages/cli/test/integration/project.api.test.ts | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/packages/cli/test/integration/project.api.test.ts b/packages/cli/test/integration/project.api.test.ts index 2c488409f7..0aac69e2a0 100644 --- a/packages/cli/test/integration/project.api.test.ts +++ b/packages/cli/test/integration/project.api.test.ts @@ -440,7 +440,8 @@ describe('POST /projects/', () => { if (!globalConfig.database.isLegacySqlite) { test('should respect the quota when trying to create multiple projects in parallel (no race conditions)', async () => { expect(await Container.get(ProjectRepository).count({ where: { type: 'team' } })).toBe(0); - testServer.license.setQuota('quota:maxTeamProjects', 3); + const maxTeamProjects = 3; + testServer.license.setQuota('quota:maxTeamProjects', maxTeamProjects); const ownerUser = await createOwner(); const ownerAgent = testServer.authAgentFor(ownerUser); await expect( @@ -456,9 +457,17 @@ describe('POST /projects/', () => { ownerAgent.post('/projects/').send({ name: 'Test Team Project 6' }), ]); + // Some of the calls above will interleave and may fail with a deadlock + // error on MySQL (this is not an issue on PG or MariaDB). + // That can lead to less projects being created than the quota allows. + // So we're only checking here that we didn't create more projects than + // are allowed instead of checking for a specific number. + // We only want to prevent that this endpoint is exploited. A normal user + // using the FE would almost never hit this and if they do they can retry + // the action. No need to implement rety logic in the controller. await expect( Container.get(ProjectRepository).count({ where: { type: 'team' } }), - ).resolves.toBe(3); + ).resolves.toBeLessThanOrEqual(maxTeamProjects); }); } });