summaryrefslogtreecommitdiffstats
path: root/integrations/api_repo_get_contents_test.go
diff options
context:
space:
mode:
authorRichard Mahn <richmahn@users.noreply.github.com>2019-06-29 16:51:10 -0400
committertechknowlogick <techknowlogick@gitea.io>2019-06-29 16:51:10 -0400
commitcd96dee9822c8b744526ba862fd8b5ec0e2c30ff (patch)
treed7bbf2f2b7adf80b17f3ab3971ae49bae7b010c4 /integrations/api_repo_get_contents_test.go
parent738285a4aac5df2e60f4038aa79be3e9fe921bdb (diff)
downloadgitea-cd96dee9822c8b744526ba862fd8b5ec0e2c30ff.tar.gz
gitea-cd96dee9822c8b744526ba862fd8b5ec0e2c30ff.zip
Fixes #7292 - API File Contents bug (#7301)
Diffstat (limited to 'integrations/api_repo_get_contents_test.go')
-rw-r--r--integrations/api_repo_get_contents_test.go157
1 files changed, 157 insertions, 0 deletions
diff --git a/integrations/api_repo_get_contents_test.go b/integrations/api_repo_get_contents_test.go
new file mode 100644
index 0000000000..f6a43bc5c6
--- /dev/null
+++ b/integrations/api_repo_get_contents_test.go
@@ -0,0 +1,157 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+ "net/http"
+ "net/url"
+ "testing"
+
+ "code.gitea.io/gitea/models"
+ "code.gitea.io/gitea/modules/context"
+ "code.gitea.io/gitea/modules/git"
+ "code.gitea.io/gitea/modules/setting"
+ api "code.gitea.io/gitea/modules/structs"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func getExpectedContentsResponseForContents(ref, refType string) *api.ContentsResponse {
+ treePath := "README.md"
+ sha := "4b4851ad51df6a7d9f25c979345979eaeb5b349f"
+ encoding := "base64"
+ content := "IyByZXBvMQoKRGVzY3JpcHRpb24gZm9yIHJlcG8x"
+ selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=" + ref
+ htmlURL := setting.AppURL + "user2/repo1/src/" + refType + "/" + ref + "/" + treePath
+ gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha
+ downloadURL := setting.AppURL + "user2/repo1/raw/" + refType + "/" + ref + "/" + treePath
+ return &api.ContentsResponse{
+ Name: treePath,
+ Path: treePath,
+ SHA: sha,
+ Type: "file",
+ Size: 30,
+ Encoding: &encoding,
+ Content: &content,
+ URL: &selfURL,
+ HTMLURL: &htmlURL,
+ GitURL: &gitURL,
+ DownloadURL: &downloadURL,
+ Links: &api.FileLinksResponse{
+ Self: &selfURL,
+ GitURL: &gitURL,
+ HTMLURL: &htmlURL,
+ },
+ }
+}
+
+func TestAPIGetContents(t *testing.T) {
+ onGiteaRun(t, testAPIGetContents)
+}
+
+func testAPIGetContents(t *testing.T, u *url.URL) {
+ /*** SETUP ***/
+ user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) // owner of the repo1 & repo16
+ user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User) // owner of the repo3, is an org
+ user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User) // owner of neither repos
+ repo1 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository) // public repo
+ repo3 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 3}).(*models.Repository) // public repo
+ repo16 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 16}).(*models.Repository) // private repo
+ treePath := "README.md"
+
+ // Get user2's token
+ session := loginUser(t, user2.Name)
+ token2 := getTokenForLoggedInUser(t, session)
+ session = emptyTestSession(t)
+ // Get user4's token
+ session = loginUser(t, user4.Name)
+ token4 := getTokenForLoggedInUser(t, session)
+ session = emptyTestSession(t)
+
+ // Make a new branch in repo1
+ newBranch := "test_branch"
+ repo1.CreateNewBranch(user2, repo1.DefaultBranch, newBranch)
+ // Get the commit ID of the default branch
+ gitRepo, _ := git.OpenRepository(repo1.RepoPath())
+ commitID, _ := gitRepo.GetBranchCommitID(repo1.DefaultBranch)
+ // Make a new tag in repo1
+ newTag := "test_tag"
+ gitRepo.CreateTag(newTag, commitID)
+ /*** END SETUP ***/
+
+ // ref is default ref
+ ref := repo1.DefaultBranch
+ refType := "branch"
+ req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+ resp := session.MakeRequest(t, req, http.StatusOK)
+ var contentsResponse api.ContentsResponse
+ DecodeJSON(t, resp, &contentsResponse)
+ assert.NotNil(t, contentsResponse)
+ expectedContentsResponse := getExpectedContentsResponseForContents(ref, refType)
+ assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+ // No ref
+ refType = "branch"
+ req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s", user2.Name, repo1.Name, treePath)
+ resp = session.MakeRequest(t, req, http.StatusOK)
+ DecodeJSON(t, resp, &contentsResponse)
+ assert.NotNil(t, contentsResponse)
+ expectedContentsResponse = getExpectedContentsResponseForContents(repo1.DefaultBranch, refType)
+ assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+ // ref is the branch we created above in setup
+ ref = newBranch
+ refType = "branch"
+ req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+ resp = session.MakeRequest(t, req, http.StatusOK)
+ DecodeJSON(t, resp, &contentsResponse)
+ assert.NotNil(t, contentsResponse)
+ expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType)
+ assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+ // ref is the new tag we created above in setup
+ ref = newTag
+ refType = "tag"
+ req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+ resp = session.MakeRequest(t, req, http.StatusOK)
+ DecodeJSON(t, resp, &contentsResponse)
+ assert.NotNil(t, contentsResponse)
+ expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType)
+ assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+ // ref is a commit
+ ref = commitID
+ refType = "commit"
+ req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+ resp = session.MakeRequest(t, req, http.StatusOK)
+ DecodeJSON(t, resp, &contentsResponse)
+ assert.NotNil(t, contentsResponse)
+ expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType)
+ assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+ // Test file contents a file with a bad ref
+ ref = "badref"
+ req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+ resp = session.MakeRequest(t, req, http.StatusInternalServerError)
+ expectedAPIError := context.APIError{
+ Message: "object does not exist [id: " + ref + ", rel_path: ]",
+ URL: setting.API.SwaggerURL,
+ }
+ var apiError context.APIError
+ DecodeJSON(t, resp, &apiError)
+ assert.Equal(t, expectedAPIError, apiError)
+
+ // Test accessing private ref with user token that does not have access - should fail
+ req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo16.Name, treePath, token4)
+ session.MakeRequest(t, req, http.StatusNotFound)
+
+ // Test access private ref of owner of token
+ req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/readme.md?token=%s", user2.Name, repo16.Name, token2)
+ session.MakeRequest(t, req, http.StatusOK)
+
+ // Test access of org user3 private repo file by owner user2
+ req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?token=%s", user3.Name, repo3.Name, treePath, token2)
+ session.MakeRequest(t, req, http.StatusOK)
+}