Fixes #7292 - API File Contents bug (#7301)

author: Richard Mahn <richmahn@users.noreply.github.com> 2019-06-29 16:51:10 -0400
committer: techknowlogick <techknowlogick@gitea.io> 2019-06-29 16:51:10 -0400
commit: cd96dee9822c8b744526ba862fd8b5ec0e2c30ff (patch)
tree: d7bbf2f2b7adf80b17f3ab3971ae49bae7b010c4 /integrations
parent: 738285a4aac5df2e60f4038aa79be3e9fe921bdb (diff)
download: gitea-cd96dee9822c8b744526ba862fd8b5ec0e2c30ff.tar.gz
gitea-cd96dee9822c8b744526ba862fd8b5ec0e2c30ff.zip
6 files changed, 404 insertions, 175 deletions
diff --git a/integrations/api_repo_file_content_test.go b/integrations/api_repo_file_content_test.go
deleted file mode 100644
index 7a6025d423..0000000000
--- a/integrations/api_repo_file_content_test.go
+++ /dev/null
@@ -1,117 +0,0 @@
-// Copyright 2019 The Gitea Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package integrations
-
-import (
-	"net/http"
-	"net/url"
-	"path/filepath"
-	"testing"
-
-	"code.gitea.io/gitea/models"
-	"code.gitea.io/gitea/modules/context"
-	"code.gitea.io/gitea/modules/setting"
-	api "code.gitea.io/gitea/modules/structs"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func getExpectedFileContentResponseForFileContents(branch string) *api.FileContentResponse {
-	treePath := "README.md"
-	sha := "4b4851ad51df6a7d9f25c979345979eaeb5b349f"
-	return &api.FileContentResponse{
-		Name:        filepath.Base(treePath),
-		Path:        treePath,
-		SHA:         sha,
-		Size:        30,
-		URL:         setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath,
-		HTMLURL:     setting.AppURL + "user2/repo1/blob/" + branch + "/" + treePath,
-		GitURL:      setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha,
-		DownloadURL: setting.AppURL + "user2/repo1/raw/branch/" + branch + "/" + treePath,
-		Type:        "blob",
-		Links: &api.FileLinksResponse{
-			Self:    setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath,
-			GitURL:  setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha,
-			HTMLURL: setting.AppURL + "user2/repo1/blob/" + branch + "/" + treePath,
-		},
-	}
-}
-
-func TestAPIGetFileContents(t *testing.T) {
-	onGiteaRun(t, testAPIGetFileContents)
-}
-
-func testAPIGetFileContents(t *testing.T, u *url.URL) {
-	user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)               // owner of the repo1 & repo16
-	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)               // owner of the repo3, is an org
-	user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User)               // owner of neither repos
-	repo1 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)   // public repo
-	repo3 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 3}).(*models.Repository)   // public repo
-	repo16 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 16}).(*models.Repository) // private repo
-	treePath := "README.md"
-
-	// Get user2's token
-	session := loginUser(t, user2.Name)
-	token2 := getTokenForLoggedInUser(t, session)
-	session = emptyTestSession(t)
-	// Get user4's token
-	session = loginUser(t, user4.Name)
-	token4 := getTokenForLoggedInUser(t, session)
-	session = emptyTestSession(t)
-
-	// Make a second master branch in repo1
-	repo1.CreateNewBranch(user2, repo1.DefaultBranch, "master2")
-
-	// ref is default branch
-	branch := repo1.DefaultBranch
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, branch)
-	resp := session.MakeRequest(t, req, http.StatusOK)
-	var fileContentResponse api.FileContentResponse
-	DecodeJSON(t, resp, &fileContentResponse)
-	assert.NotNil(t, fileContentResponse)
-	expectedFileContentResponse := getExpectedFileContentResponseForFileContents(branch)
-	assert.EqualValues(t, *expectedFileContentResponse, fileContentResponse)
-
-	// No ref
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s", user2.Name, repo1.Name, treePath)
-	resp = session.MakeRequest(t, req, http.StatusOK)
-	DecodeJSON(t, resp, &fileContentResponse)
-	assert.NotNil(t, fileContentResponse)
-	expectedFileContentResponse = getExpectedFileContentResponseForFileContents(repo1.DefaultBranch)
-	assert.EqualValues(t, *expectedFileContentResponse, fileContentResponse)
-
-	// ref is master2
-	branch = "master2"
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, branch)
-	resp = session.MakeRequest(t, req, http.StatusOK)
-	DecodeJSON(t, resp, &fileContentResponse)
-	assert.NotNil(t, fileContentResponse)
-	expectedFileContentResponse = getExpectedFileContentResponseForFileContents("master2")
-	assert.EqualValues(t, *expectedFileContentResponse, fileContentResponse)
-
-	// Test file contents a file with the wrong branch
-	branch = "badbranch"
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, branch)
-	resp = session.MakeRequest(t, req, http.StatusInternalServerError)
-	expectedAPIError := context.APIError{
-		Message: "object does not exist [id: " + branch + ", rel_path: ]",
-		URL:     setting.API.SwaggerURL,
-	}
-	var apiError context.APIError
-	DecodeJSON(t, resp, &apiError)
-	assert.Equal(t, expectedAPIError, apiError)
-
-	// Test accessing private branch with user token that does not have access - should fail
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo16.Name, treePath, token4)
-	session.MakeRequest(t, req, http.StatusNotFound)
-
-	// Test access private branch of owner of token
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/readme.md?token=%s", user2.Name, repo16.Name, token2)
-	session.MakeRequest(t, req, http.StatusOK)
-
-	// Test access of org user3 private repo file by owner user2
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?token=%s", user3.Name, repo3.Name, treePath, token2)
-	session.MakeRequest(t, req, http.StatusOK)
-}
diff --git a/integrations/api_repo_file_create_test.go b/integrations/api_repo_file_create_test.go
index b00583c191..42898bf259 100644
--- a/integrations/api_repo_file_create_test.go
+++ b/integrations/api_repo_file_create_test.go
@@ -44,21 +44,29 @@ func getCreateFileOptions() api.CreateFileOptions {
 
 func getExpectedFileResponseForCreate(commitID, treePath string) *api.FileResponse {
 	sha := "a635aa942442ddfdba07468cf9661c08fbdf0ebf"
+	encoding := "base64"
+	content := "VGhpcyBpcyBuZXcgdGV4dA=="
+	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=master"
+	htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + treePath
+	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha
+	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + treePath
 	return &api.FileResponse{
-		Content: &api.FileContentResponse{
+		Content: &api.ContentsResponse{
 			Name:        filepath.Base(treePath),
 			Path:        treePath,
 			SHA:         sha,
 			Size:        16,
-			URL:         setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath,
-			HTMLURL:     setting.AppURL + "user2/repo1/blob/master/" + treePath,
-			GitURL:      setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha,
-			DownloadURL: setting.AppURL + "user2/repo1/raw/branch/master/" + treePath,
-			Type:        "blob",
+			Type:        "file",
+			Encoding:    &encoding,
+			Content:     &content,
+			URL:         &selfURL,
+			HTMLURL:     &htmlURL,
+			GitURL:      &gitURL,
+			DownloadURL: &downloadURL,
 			Links: &api.FileLinksResponse{
-				Self:    setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath,
-				GitURL:  setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha,
-				HTMLURL: setting.AppURL + "user2/repo1/blob/master/" + treePath,
+				Self:    &selfURL,
+				GitURL:  &gitURL,
+				HTMLURL: &htmlURL,
 			},
 		},
 		Commit: &api.FileCommitResponse{
@@ -145,11 +153,11 @@ func TestAPICreateFile(t *testing.T) {
 		var fileResponse api.FileResponse
 		DecodeJSON(t, resp, &fileResponse)
 		expectedSHA := "a635aa942442ddfdba07468cf9661c08fbdf0ebf"
-		expectedHTMLURL := fmt.Sprintf(setting.AppURL+"user2/repo1/blob/new_branch/new/file%d.txt", fileID)
+		expectedHTMLURL := fmt.Sprintf(setting.AppURL+"user2/repo1/src/branch/new_branch/new/file%d.txt", fileID)
 		expectedDownloadURL := fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/new_branch/new/file%d.txt", fileID)
 		assert.EqualValues(t, expectedSHA, fileResponse.Content.SHA)
-		assert.EqualValues(t, expectedHTMLURL, fileResponse.Content.HTMLURL)
-		assert.EqualValues(t, expectedDownloadURL, fileResponse.Content.DownloadURL)
+		assert.EqualValues(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
+		assert.EqualValues(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
 		assert.EqualValues(t, createFileOptions.Message+"\n", fileResponse.Commit.Message)
 
 		// Test creating a file without a message
diff --git a/integrations/api_repo_file_update_test.go b/integrations/api_repo_file_update_test.go
index 17fa2adb26..366eb5e918 100644
--- a/integrations/api_repo_file_update_test.go
+++ b/integrations/api_repo_file_update_test.go
@@ -47,21 +47,29 @@ func getUpdateFileOptions() *api.UpdateFileOptions {
 
 func getExpectedFileResponseForUpdate(commitID, treePath string) *api.FileResponse {
 	sha := "08bd14b2e2852529157324de9c226b3364e76136"
+	encoding := "base64"
+	content := "VGhpcyBpcyB1cGRhdGVkIHRleHQ="
+	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=master"
+	htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + treePath
+	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha
+	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + treePath
 	return &api.FileResponse{
-		Content: &api.FileContentResponse{
+		Content: &api.ContentsResponse{
 			Name:        filepath.Base(treePath),
 			Path:        treePath,
 			SHA:         sha,
+			Type:        "file",
 			Size:        20,
-			URL:         setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath,
-			HTMLURL:     setting.AppURL + "user2/repo1/blob/master/" + treePath,
-			GitURL:      setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha,
-			DownloadURL: setting.AppURL + "user2/repo1/raw/branch/master/" + treePath,
-			Type:        "blob",
+			Encoding:    &encoding,
+			Content:     &content,
+			URL:         &selfURL,
+			HTMLURL:     &htmlURL,
+			GitURL:      &gitURL,
+			DownloadURL: &downloadURL,
 			Links: &api.FileLinksResponse{
-				Self:    setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath,
-				GitURL:  setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha,
-				HTMLURL: setting.AppURL + "user2/repo1/blob/master/" + treePath,
+				Self:    &selfURL,
+				GitURL:  &gitURL,
+				HTMLURL: &htmlURL,
 			},
 		},
 		Commit: &api.FileCommitResponse{
@@ -150,11 +158,11 @@ func TestAPIUpdateFile(t *testing.T) {
 		var fileResponse api.FileResponse
 		DecodeJSON(t, resp, &fileResponse)
 		expectedSHA := "08bd14b2e2852529157324de9c226b3364e76136"
-		expectedHTMLURL := fmt.Sprintf(setting.AppURL+"user2/repo1/blob/new_branch/update/file%d.txt", fileID)
+		expectedHTMLURL := fmt.Sprintf(setting.AppURL+"user2/repo1/src/branch/new_branch/update/file%d.txt", fileID)
 		expectedDownloadURL := fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/new_branch/update/file%d.txt", fileID)
 		assert.EqualValues(t, expectedSHA, fileResponse.Content.SHA)
-		assert.EqualValues(t, expectedHTMLURL, fileResponse.Content.HTMLURL)
-		assert.EqualValues(t, expectedDownloadURL, fileResponse.Content.DownloadURL)
+		assert.EqualValues(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
+		assert.EqualValues(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
 		assert.EqualValues(t, updateFileOptions.Message+"\n", fileResponse.Commit.Message)
 
 		// Test updating a file and renaming it
@@ -170,11 +178,11 @@ func TestAPIUpdateFile(t *testing.T) {
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &fileResponse)
 		expectedSHA = "08bd14b2e2852529157324de9c226b3364e76136"
-		expectedHTMLURL = fmt.Sprintf(setting.AppURL+"user2/repo1/blob/master/rename/update/file%d.txt", fileID)
+		expectedHTMLURL = fmt.Sprintf(setting.AppURL+"user2/repo1/src/branch/master/rename/update/file%d.txt", fileID)
 		expectedDownloadURL = fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/master/rename/update/file%d.txt", fileID)
 		assert.EqualValues(t, expectedSHA, fileResponse.Content.SHA)
-		assert.EqualValues(t, expectedHTMLURL, fileResponse.Content.HTMLURL)
-		assert.EqualValues(t, expectedDownloadURL, fileResponse.Content.DownloadURL)
+		assert.EqualValues(t, expectedHTMLURL, *fileResponse.Content.HTMLURL)
+		assert.EqualValues(t, expectedDownloadURL, *fileResponse.Content.DownloadURL)
 
 		// Test updating a file without a message
 		updateFileOptions = getUpdateFileOptions()
diff --git a/integrations/api_repo_get_contents_list_test.go b/integrations/api_repo_get_contents_list_test.go
new file mode 100644
index 0000000000..f74ceb514a
--- /dev/null
+++ b/integrations/api_repo_get_contents_list_test.go
@@ -0,0 +1,156 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"net/url"
+	"path/filepath"
+	"testing"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/context"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func getExpectedContentsListResponseForContents(ref, refType string) []*api.ContentsResponse {
+	treePath := "README.md"
+	sha := "4b4851ad51df6a7d9f25c979345979eaeb5b349f"
+	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=" + ref
+	htmlURL := setting.AppURL + "user2/repo1/src/" + refType + "/" + ref + "/" + treePath
+	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha
+	downloadURL := setting.AppURL + "user2/repo1/raw/" + refType + "/" + ref + "/" + treePath
+	return []*api.ContentsResponse{
+		{
+			Name:        filepath.Base(treePath),
+			Path:        treePath,
+			SHA:         sha,
+			Type:        "file",
+			Size:        30,
+			URL:         &selfURL,
+			HTMLURL:     &htmlURL,
+			GitURL:      &gitURL,
+			DownloadURL: &downloadURL,
+			Links: &api.FileLinksResponse{
+				Self:    &selfURL,
+				GitURL:  &gitURL,
+				HTMLURL: &htmlURL,
+			},
+		},
+	}
+}
+
+func TestAPIGetContentsList(t *testing.T) {
+	onGiteaRun(t, testAPIGetContentsList)
+}
+
+func testAPIGetContentsList(t *testing.T, u *url.URL) {
+	/*** SETUP ***/
+	user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)               // owner of the repo1 & repo16
+	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)               // owner of the repo3, is an org
+	user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User)               // owner of neither repos
+	repo1 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)   // public repo
+	repo3 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 3}).(*models.Repository)   // public repo
+	repo16 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 16}).(*models.Repository) // private repo
+	treePath := ""                                                                               // root dir
+
+	// Get user2's token
+	session := loginUser(t, user2.Name)
+	token2 := getTokenForLoggedInUser(t, session)
+	session = emptyTestSession(t)
+	// Get user4's token
+	session = loginUser(t, user4.Name)
+	token4 := getTokenForLoggedInUser(t, session)
+	session = emptyTestSession(t)
+
+	// Make a new branch in repo1
+	newBranch := "test_branch"
+	repo1.CreateNewBranch(user2, repo1.DefaultBranch, newBranch)
+	// Get the commit ID of the default branch
+	gitRepo, _ := git.OpenRepository(repo1.RepoPath())
+	commitID, _ := gitRepo.GetBranchCommitID(repo1.DefaultBranch)
+	// Make a new tag in repo1
+	newTag := "test_tag"
+	gitRepo.CreateTag(newTag, commitID)
+	/*** END SETUP ***/
+
+	// ref is default ref
+	ref := repo1.DefaultBranch
+	refType := "branch"
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	var contentsListResponse []*api.ContentsResponse
+	DecodeJSON(t, resp, &contentsListResponse)
+	assert.NotNil(t, contentsListResponse)
+	expectedContentsListResponse := getExpectedContentsListResponseForContents(ref, refType)
+	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+
+	// No ref
+	refType = "branch"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s", user2.Name, repo1.Name, treePath)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &contentsListResponse)
+	assert.NotNil(t, contentsListResponse)
+	expectedContentsListResponse = getExpectedContentsListResponseForContents(repo1.DefaultBranch, refType)
+	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+
+	// ref is the branch we created above  in setup
+	ref = newBranch
+	refType = "branch"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &contentsListResponse)
+	assert.NotNil(t, contentsListResponse)
+	expectedContentsListResponse = getExpectedContentsListResponseForContents(ref, refType)
+	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+
+	// ref is the new tag we created above in setup
+	ref = newTag
+	refType = "tag"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &contentsListResponse)
+	assert.NotNil(t, contentsListResponse)
+	expectedContentsListResponse = getExpectedContentsListResponseForContents(ref, refType)
+	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+
+	// ref is a commit
+	ref = commitID
+	refType = "commit"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &contentsListResponse)
+	assert.NotNil(t, contentsListResponse)
+	expectedContentsListResponse = getExpectedContentsListResponseForContents(ref, refType)
+	assert.EqualValues(t, expectedContentsListResponse, contentsListResponse)
+
+	// Test file contents a file with a bad ref
+	ref = "badref"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = session.MakeRequest(t, req, http.StatusInternalServerError)
+	expectedAPIError := context.APIError{
+		Message: "object does not exist [id: " + ref + ", rel_path: ]",
+		URL:     setting.API.SwaggerURL,
+	}
+	var apiError context.APIError
+	DecodeJSON(t, resp, &apiError)
+	assert.Equal(t, expectedAPIError, apiError)
+
+	// Test accessing private ref with user token that does not have access - should fail
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo16.Name, treePath, token4)
+	session.MakeRequest(t, req, http.StatusNotFound)
+
+	// Test access private ref of owner of token
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/readme.md?token=%s", user2.Name, repo16.Name, token2)
+	session.MakeRequest(t, req, http.StatusOK)
+
+	// Test access of org user3 private repo file by owner user2
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?token=%s", user3.Name, repo3.Name, treePath, token2)
+	session.MakeRequest(t, req, http.StatusOK)
+}
diff --git a/integrations/api_repo_get_contents_test.go b/integrations/api_repo_get_contents_test.go
new file mode 100644
index 0000000000..f6a43bc5c6
--- /dev/null
+++ b/integrations/api_repo_get_contents_test.go
@@ -0,0 +1,157 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"net/url"
+	"testing"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/context"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func getExpectedContentsResponseForContents(ref, refType string) *api.ContentsResponse {
+	treePath := "README.md"
+	sha := "4b4851ad51df6a7d9f25c979345979eaeb5b349f"
+	encoding := "base64"
+	content := "IyByZXBvMQoKRGVzY3JpcHRpb24gZm9yIHJlcG8x"
+	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=" + ref
+	htmlURL := setting.AppURL + "user2/repo1/src/" + refType + "/" + ref + "/" + treePath
+	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha
+	downloadURL := setting.AppURL + "user2/repo1/raw/" + refType + "/" + ref + "/" + treePath
+	return &api.ContentsResponse{
+		Name:        treePath,
+		Path:        treePath,
+		SHA:         sha,
+		Type:        "file",
+		Size:        30,
+		Encoding:    &encoding,
+		Content:     &content,
+		URL:         &selfURL,
+		HTMLURL:     &htmlURL,
+		GitURL:      &gitURL,
+		DownloadURL: &downloadURL,
+		Links: &api.FileLinksResponse{
+			Self:    &selfURL,
+			GitURL:  &gitURL,
+			HTMLURL: &htmlURL,
+		},
+	}
+}
+
+func TestAPIGetContents(t *testing.T) {
+	onGiteaRun(t, testAPIGetContents)
+}
+
+func testAPIGetContents(t *testing.T, u *url.URL) {
+	/*** SETUP ***/
+	user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)               // owner of the repo1 & repo16
+	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)               // owner of the repo3, is an org
+	user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User)               // owner of neither repos
+	repo1 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)   // public repo
+	repo3 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 3}).(*models.Repository)   // public repo
+	repo16 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 16}).(*models.Repository) // private repo
+	treePath := "README.md"
+
+	// Get user2's token
+	session := loginUser(t, user2.Name)
+	token2 := getTokenForLoggedInUser(t, session)
+	session = emptyTestSession(t)
+	// Get user4's token
+	session = loginUser(t, user4.Name)
+	token4 := getTokenForLoggedInUser(t, session)
+	session = emptyTestSession(t)
+
+	// Make a new branch in repo1
+	newBranch := "test_branch"
+	repo1.CreateNewBranch(user2, repo1.DefaultBranch, newBranch)
+	// Get the commit ID of the default branch
+	gitRepo, _ := git.OpenRepository(repo1.RepoPath())
+	commitID, _ := gitRepo.GetBranchCommitID(repo1.DefaultBranch)
+	// Make a new tag in repo1
+	newTag := "test_tag"
+	gitRepo.CreateTag(newTag, commitID)
+	/*** END SETUP ***/
+
+	// ref is default ref
+	ref := repo1.DefaultBranch
+	refType := "branch"
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	var contentsResponse api.ContentsResponse
+	DecodeJSON(t, resp, &contentsResponse)
+	assert.NotNil(t, contentsResponse)
+	expectedContentsResponse := getExpectedContentsResponseForContents(ref, refType)
+	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+	// No ref
+	refType = "branch"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s", user2.Name, repo1.Name, treePath)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &contentsResponse)
+	assert.NotNil(t, contentsResponse)
+	expectedContentsResponse = getExpectedContentsResponseForContents(repo1.DefaultBranch, refType)
+	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+	// ref is the branch we created above  in setup
+	ref = newBranch
+	refType = "branch"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &contentsResponse)
+	assert.NotNil(t, contentsResponse)
+	expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType)
+	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+	// ref is the new tag we created above in setup
+	ref = newTag
+	refType = "tag"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &contentsResponse)
+	assert.NotNil(t, contentsResponse)
+	expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType)
+	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+	// ref is a commit
+	ref = commitID
+	refType = "commit"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &contentsResponse)
+	assert.NotNil(t, contentsResponse)
+	expectedContentsResponse = getExpectedContentsResponseForContents(ref, refType)
+	assert.EqualValues(t, *expectedContentsResponse, contentsResponse)
+
+	// Test file contents a file with a bad ref
+	ref = "badref"
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?ref=%s", user2.Name, repo1.Name, treePath, ref)
+	resp = session.MakeRequest(t, req, http.StatusInternalServerError)
+	expectedAPIError := context.APIError{
+		Message: "object does not exist [id: " + ref + ", rel_path: ]",
+		URL:     setting.API.SwaggerURL,
+	}
+	var apiError context.APIError
+	DecodeJSON(t, resp, &apiError)
+	assert.Equal(t, expectedAPIError, apiError)
+
+	// Test accessing private ref with user token that does not have access - should fail
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo16.Name, treePath, token4)
+	session.MakeRequest(t, req, http.StatusNotFound)
+
+	// Test access private ref of owner of token
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/readme.md?token=%s", user2.Name, repo16.Name, token2)
+	session.MakeRequest(t, req, http.StatusOK)
+
+	// Test access of org user3 private repo file by owner user2
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/contents/%s?token=%s", user3.Name, repo3.Name, treePath, token2)
+	session.MakeRequest(t, req, http.StatusOK)
+}
diff --git a/integrations/repofiles_update_test.go b/integrations/repofiles_update_test.go
index 02a9bbeb16..a4ce16d847 100644
--- a/integrations/repofiles_update_test.go
+++ b/integrations/repofiles_update_test.go
@@ -6,6 +6,7 @@ package integrations
 
 import (
 	"net/url"
+	"path/filepath"
 	"testing"
 	"time"
 
@@ -47,21 +48,30 @@ func getUpdateRepoFileOptions(repo *models.Repository) *repofiles.UpdateRepoFile
 }
 
 func getExpectedFileResponseForRepofilesCreate(commitID string) *api.FileResponse {
+	treePath := "new/file.txt"
+	encoding := "base64"
+	content := "VGhpcyBpcyBhIE5FVyBmaWxl"
+	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=master"
+	htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + treePath
+	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/103ff9234cefeee5ec5361d22b49fbb04d385885"
+	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + treePath
 	return &api.FileResponse{
-		Content: &api.FileContentResponse{
-			Name:        "file.txt",
-			Path:        "new/file.txt",
+		Content: &api.ContentsResponse{
+			Name:        filepath.Base(treePath),
+			Path:        treePath,
 			SHA:         "103ff9234cefeee5ec5361d22b49fbb04d385885",
+			Type:        "file",
 			Size:        18,
-			URL:         setting.AppURL + "api/v1/repos/user2/repo1/contents/new/file.txt",
-			HTMLURL:     setting.AppURL + "user2/repo1/blob/master/new/file.txt",
-			GitURL:      setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/103ff9234cefeee5ec5361d22b49fbb04d385885",
-			DownloadURL: setting.AppURL + "user2/repo1/raw/branch/master/new/file.txt",
-			Type:        "blob",
+			Encoding:    &encoding,
+			Content:     &content,
+			URL:         &selfURL,
+			HTMLURL:     &htmlURL,
+			GitURL:      &gitURL,
+			DownloadURL: &downloadURL,
 			Links: &api.FileLinksResponse{
-				Self:    setting.AppURL + "api/v1/repos/user2/repo1/contents/new/file.txt",
-				GitURL:  setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/103ff9234cefeee5ec5361d22b49fbb04d385885",
-				HTMLURL: setting.AppURL + "user2/repo1/blob/master/new/file.txt",
+				Self:    &selfURL,
+				GitURL:  &gitURL,
+				HTMLURL: &htmlURL,
 			},
 		},
 		Commit: &api.FileCommitResponse{
@@ -105,22 +115,30 @@ func getExpectedFileResponseForRepofilesCreate(commitID string) *api.FileRespons
 	}
 }
 
-func getExpectedFileResponseForRepofilesUpdate(commitID string) *api.FileResponse {
+func getExpectedFileResponseForRepofilesUpdate(commitID, filename string) *api.FileResponse {
+	encoding := "base64"
+	content := "VGhpcyBpcyBVUERBVEVEIGNvbnRlbnQgZm9yIHRoZSBSRUFETUUgZmlsZQ=="
+	selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + filename + "?ref=master"
+	htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + filename
+	gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/dbf8d00e022e05b7e5cf7e535de857de57925647"
+	downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + filename
 	return &api.FileResponse{
-		Content: &api.FileContentResponse{
-			Name:        "README.md",
-			Path:        "README.md",
+		Content: &api.ContentsResponse{
+			Name:        filename,
+			Path:        filename,
 			SHA:         "dbf8d00e022e05b7e5cf7e535de857de57925647",
+			Type:        "file",
 			Size:        43,
-			URL:         setting.AppURL + "api/v1/repos/user2/repo1/contents/README.md",
-			HTMLURL:     setting.AppURL + "user2/repo1/blob/master/README.md",
-			GitURL:      setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/dbf8d00e022e05b7e5cf7e535de857de57925647",
-			DownloadURL: setting.AppURL + "user2/repo1/raw/branch/master/README.md",
-			Type:        "blob",
+			Encoding:    &encoding,
+			Content:     &content,
+			URL:         &selfURL,
+			HTMLURL:     &htmlURL,
+			GitURL:      &gitURL,
+			DownloadURL: &downloadURL,
 			Links: &api.FileLinksResponse{
-				Self:    setting.AppURL + "api/v1/repos/user2/repo1/contents/README.md",
-				GitURL:  setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/dbf8d00e022e05b7e5cf7e535de857de57925647",
-				HTMLURL: setting.AppURL + "user2/repo1/blob/master/README.md",
+				Self:    &selfURL,
+				GitURL:  &gitURL,
+				HTMLURL: &htmlURL,
 			},
 		},
 		Commit: &api.FileCommitResponse{
@@ -213,7 +231,7 @@ func TestCreateOrUpdateRepoFileForUpdate(t *testing.T) {
 		assert.Nil(t, err)
 		gitRepo, _ := git.OpenRepository(repo.RepoPath())
 		commitID, _ := gitRepo.GetBranchCommitID(opts.NewBranch)
-		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commitID)
+		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commitID, opts.TreePath)
 		assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
 		assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
 		assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
@@ -234,9 +252,8 @@ func TestCreateOrUpdateRepoFileForUpdateWithFileMove(t *testing.T) {
 		repo := ctx.Repo.Repository
 		doer := ctx.User
 		opts := getUpdateRepoFileOptions(repo)
-		suffix := "_new"
 		opts.FromTreePath = "README.md"
-		opts.TreePath = "README.md" + suffix // new file name, README.md_new
+		opts.TreePath = "README_new.md" // new file name, README_new.md
 
 		// test
 		fileResponse, err := repofiles.CreateOrUpdateRepoFile(repo, doer, opts)
@@ -245,7 +262,7 @@ func TestCreateOrUpdateRepoFileForUpdateWithFileMove(t *testing.T) {
 		assert.Nil(t, err)
 		gitRepo, _ := git.OpenRepository(repo.RepoPath())
 		commit, _ := gitRepo.GetBranchCommit(opts.NewBranch)
-		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String())
+		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String(), opts.TreePath)
 		// assert that the old file no longer exists in the last commit of the branch
 		fromEntry, err := commit.GetTreeEntryByPath(opts.FromTreePath)
 		toEntry, err := commit.GetTreeEntryByPath(opts.TreePath)
@@ -253,9 +270,9 @@ func TestCreateOrUpdateRepoFileForUpdateWithFileMove(t *testing.T) {
 		assert.NotNil(t, toEntry) // Should exist here
 		// assert SHA has remained the same but paths use the new file name
 		assert.EqualValues(t, expectedFileResponse.Content.SHA, fileResponse.Content.SHA)
-		assert.EqualValues(t, expectedFileResponse.Content.Name+suffix, fileResponse.Content.Name)
-		assert.EqualValues(t, expectedFileResponse.Content.Path+suffix, fileResponse.Content.Path)
-		assert.EqualValues(t, expectedFileResponse.Content.URL+suffix, fileResponse.Content.URL)
+		assert.EqualValues(t, expectedFileResponse.Content.Name, fileResponse.Content.Name)
+		assert.EqualValues(t, expectedFileResponse.Content.Path, fileResponse.Content.Path)
+		assert.EqualValues(t, expectedFileResponse.Content.URL, fileResponse.Content.URL)
 		assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
 		assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
 	})
@@ -284,7 +301,7 @@ func TestCreateOrUpdateRepoFileWithoutBranchNames(t *testing.T) {
 		assert.Nil(t, err)
 		gitRepo, _ := git.OpenRepository(repo.RepoPath())
 		commitID, _ := gitRepo.GetBranchCommitID(repo.DefaultBranch)
-		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commitID)
+		expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commitID, opts.TreePath)
 		assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
 	})
 }
author	Richard Mahn <richmahn@users.noreply.github.com>	2019-06-29 16:51:10 -0400
committer	techknowlogick <techknowlogick@gitea.io>	2019-06-29 16:51:10 -0400
commit	cd96dee9822c8b744526ba862fd8b5ec0e2c30ff (patch)
tree	d7bbf2f2b7adf80b17f3ab3971ae49bae7b010c4 /integrations
parent	738285a4aac5df2e60f4038aa79be3e9fe921bdb (diff)
download	gitea-cd96dee9822c8b744526ba862fd8b5ec0e2c30ff.tar.gz gitea-cd96dee9822c8b744526ba862fd8b5ec0e2c30ff.zip