diff options
author | KN4CK3R <admin@oldschoolhack.me> | 2023-01-29 18:34:29 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-01-29 11:34:29 -0600 |
commit | d283a31f03eae2fc2bd8dc01b2c366308e81e50c (patch) | |
tree | 30669a1fea005fdf705ec4cd071a57a34a86477c /tests/integration/api_packages_test.go | |
parent | 2052a9e2b4e17704849e0968762ad7d51fe9d7b7 (diff) | |
download | gitea-d283a31f03eae2fc2bd8dc01b2c366308e81e50c.tar.gz gitea-d283a31f03eae2fc2bd8dc01b2c366308e81e50c.zip |
Check quota limits for container uploads (#22450)
The test coverage has revealed that container packages were not checked
against the quota limits.
Diffstat (limited to 'tests/integration/api_packages_test.go')
-rw-r--r-- | tests/integration/api_packages_test.go | 70 |
1 files changed, 50 insertions, 20 deletions
diff --git a/tests/integration/api_packages_test.go b/tests/integration/api_packages_test.go index 9bca6a20ee..a6c335eb7e 100644 --- a/tests/integration/api_packages_test.go +++ b/tests/integration/api_packages_test.go @@ -5,8 +5,10 @@ package integration import ( "bytes" + "crypto/sha256" "fmt" "net/http" + "strings" "testing" "time" @@ -171,34 +173,62 @@ func TestPackageAccess(t *testing.T) { func TestPackageQuota(t *testing.T) { defer tests.PrepareTestEnv(t)() - limitTotalOwnerCount, limitTotalOwnerSize, limitSizeGeneric := setting.Packages.LimitTotalOwnerCount, setting.Packages.LimitTotalOwnerSize, setting.Packages.LimitSizeGeneric + limitTotalOwnerCount, limitTotalOwnerSize := setting.Packages.LimitTotalOwnerCount, setting.Packages.LimitTotalOwnerSize + // Exceeded quota result in StatusForbidden for normal users but admins are always allowed to upload. admin := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1}) user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 10}) - uploadPackage := func(doer *user_model.User, version string, expectedStatus int) { - url := fmt.Sprintf("/api/packages/%s/generic/test-package/%s/file.bin", user.Name, version) - req := NewRequestWithBody(t, "PUT", url, bytes.NewReader([]byte{1})) - AddBasicAuthHeader(req, doer.Name) - MakeRequest(t, req, expectedStatus) - } + t.Run("Common", func(t *testing.T) { + defer tests.PrintCurrentTest(t)() - // Exceeded quota result in StatusForbidden for normal users but admins are always allowed to upload. + limitSizeGeneric := setting.Packages.LimitSizeGeneric + + uploadPackage := func(doer *user_model.User, version string, expectedStatus int) { + url := fmt.Sprintf("/api/packages/%s/generic/test-package/%s/file.bin", user.Name, version) + req := NewRequestWithBody(t, "PUT", url, bytes.NewReader([]byte{1})) + AddBasicAuthHeader(req, doer.Name) + MakeRequest(t, req, expectedStatus) + } - setting.Packages.LimitTotalOwnerCount = 0 - uploadPackage(user, "1.0", http.StatusForbidden) - uploadPackage(admin, "1.0", http.StatusCreated) - setting.Packages.LimitTotalOwnerCount = limitTotalOwnerCount + setting.Packages.LimitTotalOwnerCount = 0 + uploadPackage(user, "1.0", http.StatusForbidden) + uploadPackage(admin, "1.0", http.StatusCreated) + setting.Packages.LimitTotalOwnerCount = limitTotalOwnerCount - setting.Packages.LimitTotalOwnerSize = 0 - uploadPackage(user, "1.1", http.StatusForbidden) - uploadPackage(admin, "1.1", http.StatusCreated) - setting.Packages.LimitTotalOwnerSize = limitTotalOwnerSize + setting.Packages.LimitTotalOwnerSize = 0 + uploadPackage(user, "1.1", http.StatusForbidden) + uploadPackage(admin, "1.1", http.StatusCreated) + setting.Packages.LimitTotalOwnerSize = limitTotalOwnerSize - setting.Packages.LimitSizeGeneric = 0 - uploadPackage(user, "1.2", http.StatusForbidden) - uploadPackage(admin, "1.2", http.StatusCreated) - setting.Packages.LimitSizeGeneric = limitSizeGeneric + setting.Packages.LimitSizeGeneric = 0 + uploadPackage(user, "1.2", http.StatusForbidden) + uploadPackage(admin, "1.2", http.StatusCreated) + setting.Packages.LimitSizeGeneric = limitSizeGeneric + }) + + t.Run("Container", func(t *testing.T) { + defer tests.PrintCurrentTest(t)() + + limitSizeContainer := setting.Packages.LimitSizeContainer + + uploadBlob := func(doer *user_model.User, data string, expectedStatus int) { + url := fmt.Sprintf("/v2/%s/quota-test/blobs/uploads?digest=sha256:%x", user.Name, sha256.Sum256([]byte(data))) + req := NewRequestWithBody(t, "POST", url, strings.NewReader(data)) + AddBasicAuthHeader(req, doer.Name) + MakeRequest(t, req, expectedStatus) + } + + setting.Packages.LimitTotalOwnerSize = 0 + uploadBlob(user, "2", http.StatusForbidden) + uploadBlob(admin, "2", http.StatusCreated) + setting.Packages.LimitTotalOwnerSize = limitTotalOwnerSize + + setting.Packages.LimitSizeContainer = 0 + uploadBlob(user, "3", http.StatusForbidden) + uploadBlob(admin, "3", http.StatusCreated) + setting.Packages.LimitSizeContainer = limitSizeContainer + }) } func TestPackageCleanup(t *testing.T) { |