[rate-limit] Multi limits using the same type of limiter.

CHANGELOG.md

@@ -48,6 +48,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 - Do not crash when initializing unreachable/invalid DNS resolver [PR #730](https://github.com/3scale/apicast/pull/730)
 - Reporting only 50% calls to 3scale backend when using OIDC [PR #774](https://github.com/3scale/apicast/pull/774), [THREESCALE-1080](https://issues.jboss.org/browse/THREESCALE-1080)
 - Building container image on OpenShift 3.9 [PR #810](https://github.com/3scale/apicast/pull/810), [THREESCALE-1138](https://issues.jboss.org/browse/THREESCALE-1138)
+- Rate Limit policy to define multiple limiters of the same type [PR #825](https://github.com/3scale/apicast/pull/825)
 - Fix `exclusiveMinimum` field for `conn` property in the rate-limit JSON schema [PR #832](https://github.com/3scale/apicast/pull/832)
 
 ## [3.2.0-rc2] - 2018-05-11

gateway/src/apicast/policy/rate_limit/rate_limit.lua

@@ -16,7 +16,6 @@ local shdict_key = 'limiter'
 
 local insert = table.insert
 local ipairs = ipairs
-local unpack = table.unpack
 local format = string.format
 local concat = table.concat
 
@@ -165,15 +164,19 @@ function _M:access(context)
   local limiter_groups = { conn_limiters, leaky_bucket_limiters, fixed_window_limiters }
   for _, limiter_group in ipairs(limiter_groups) do
     if #limiter_group > 0 then
-      insert(limiters, unpack(limiter_group))
+      for _, limiter in ipairs(limiter_group) do
+        insert(limiters, limiter)
+      end
     end
   end
 
   local keys = {}
   local keys_groups = { conn_keys, leaky_bucket_keys, fixed_window_keys }
   for _, keys_group in ipairs(keys_groups) do
     if #keys_group > 0 then
-      insert(keys, unpack(keys_group))
+      for _, key in ipairs(keys_group) do
+        insert(keys, key)
+      end
     end
   end
 

spec/policy/rate_limit/rate_limit_spec.lua

@@ -224,6 +224,28 @@ describe('Rate limit policy', function()
           assert.equal('2', redis:get('11110_fixed_window_' .. test_host))
           assert.spy(ngx.exit).was_called_with(429)
         end)
+
+        it('rejected (count), multi limiters', function()
+          local ctx = {
+            service = { id = 5 }, var1 = 'test3_1', var2 = 'test3_2', var3 = 'test3_3' }
+          local rate_limit_policy = RateLimitPolicy.new({
+            fixed_window_limiters = {
+              { key = { name = '{{ var1 }}', name_type = 'liquid' }, count = 1, window = 10 },
+              { key = { name = '{{ var2 }}', name_type = 'liquid' }, count = 2, window = 10 },
+              { key = { name = '{{ var3 }}', name_type = 'liquid' }, count = 3, window = 10 }
+            },
+            redis_url = redis_url
+          })
+
+          assert(rate_limit_policy:access(ctx))
+          assert.returns_error('limits exceeded', rate_limit_policy:access(ctx))
+
+          assert.equal('1', redis:get('11110_5_fixed_window_test3_1'))
+          assert.equal('1', redis:get('11110_5_fixed_window_test3_2'))
+          assert.equal('1', redis:get('11110_5_fixed_window_test3_3'))
+          assert.spy(ngx.exit).was_called_with(429)
+        end)
+
       end)
 
       describe('delay', function()

t/apicast-policy-rate-limit.t

@@ -1169,3 +1169,61 @@ so only the third call returns 429.
 [200, 200, 200, 429]
 --- no_error_log
 [error]
+
+=== TEST 19: Rejected (count). Using multiple limiters of the same type.
+To confirm that multiple limiters of the same type are configurable
+and rejected properly.
+--- http_config
+  include $TEST_NGINX_UPSTREAM_CONFIG;
+  lua_package_path "$TEST_NGINX_LUA_PATH";
+
+  init_by_lua_block {
+    require "resty.core"
+    ngx.shared.limiter:flush_all()
+    require('apicast.configuration_loader').mock({
+      services = {
+        {
+          id = 42,
+          proxy = {
+            policy_chain = {
+              {
+                name = "apicast.policy.rate_limit",
+                configuration = {
+                  fixed_window_limiters = {
+                    { key = {name = "{{host}}", name_type = "liquid"}, count = 2, window = 10 },
+                    { key = {name = "{{uri}}", name_type = "liquid"}, count = 1, window = 10 }
+                  },
+                  redis_url = "redis://$TEST_NGINX_REDIS_HOST:$TEST_NGINX_REDIS_PORT/1",
+                  limits_exceeded_error = { status_code = 429 }
+                }
+              }
+            }
+          }
+        }
+      }
+    })
+  }
+  lua_shared_dict limiter 1m;
+
+--- config
+  include $TEST_NGINX_APICAST_CONFIG;
+  resolver $TEST_NGINX_RESOLVER;
+
+  location /flush_redis {
+    content_by_lua_block {
+      local env = require('resty.env')
+      local redis_host = "$TEST_NGINX_REDIS_HOST" or '127.0.0.1'
+      local redis_port = "$TEST_NGINX_REDIS_PORT" or 6379
+      local redis = require('resty.redis'):new()
+      redis:connect(redis_host, redis_port)
+      redis:select(1)
+      redis:flushdb()
+    }
+  }
+
+--- pipelined_requests eval
+["GET /flush_redis","GET /test19_1","GET /test19_2","GET /test19_3"]
+--- error_code eval
+[200, 200, 200, 429]
+--- no_error_log
+[error]