aboutsummaryrefslogtreecommitdiffstats
path: root/tests/integration/api_branch_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'tests/integration/api_branch_test.go')
-rw-r--r--tests/integration/api_branch_test.go67
1 files changed, 50 insertions, 17 deletions
diff --git a/tests/integration/api_branch_test.go b/tests/integration/api_branch_test.go
index 8a0bd2e4ff..16e1f2812e 100644
--- a/tests/integration/api_branch_test.go
+++ b/tests/integration/api_branch_test.go
@@ -24,13 +24,13 @@ func testAPIGetBranch(t *testing.T, branchName string, exists bool) {
AddTokenAuth(token)
resp := MakeRequest(t, req, NoExpectedStatus)
if !exists {
- assert.EqualValues(t, http.StatusNotFound, resp.Code)
+ assert.Equal(t, http.StatusNotFound, resp.Code)
return
}
- assert.EqualValues(t, http.StatusOK, resp.Code)
+ assert.Equal(t, http.StatusOK, resp.Code)
var branch api.Branch
DecodeJSON(t, resp, &branch)
- assert.EqualValues(t, branchName, branch.Name)
+ assert.Equal(t, branchName, branch.Name)
assert.True(t, branch.UserCanPush)
assert.True(t, branch.UserCanMerge)
}
@@ -44,7 +44,7 @@ func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPSta
if resp.Code == http.StatusOK {
var branchProtection api.BranchProtection
DecodeJSON(t, resp, &branchProtection)
- assert.EqualValues(t, branchName, branchProtection.RuleName)
+ assert.Equal(t, branchName, branchProtection.RuleName)
return &branchProtection
}
return nil
@@ -60,7 +60,7 @@ func testAPICreateBranchProtection(t *testing.T, branchName string, expectedPrio
if resp.Code == http.StatusCreated {
var branchProtection api.BranchProtection
DecodeJSON(t, resp, &branchProtection)
- assert.EqualValues(t, branchName, branchProtection.RuleName)
+ assert.Equal(t, branchName, branchProtection.RuleName)
assert.EqualValues(t, expectedPriority, branchProtection.Priority)
}
}
@@ -74,7 +74,7 @@ func testAPIEditBranchProtection(t *testing.T, branchName string, body *api.Bran
if resp.Code == http.StatusOK {
var branchProtection api.BranchProtection
DecodeJSON(t, resp, &branchProtection)
- assert.EqualValues(t, branchName, branchProtection.RuleName)
+ assert.Equal(t, branchName, branchProtection.RuleName)
}
}
@@ -181,7 +181,7 @@ func testAPICreateBranch(t testing.TB, session *TestSession, user, repo, oldBran
DecodeJSON(t, resp, &branch)
if resp.Result().StatusCode == http.StatusCreated {
- assert.EqualValues(t, newBranch, branch.Name)
+ assert.Equal(t, newBranch, branch.Name)
}
return resp.Result().StatusCode == status
@@ -190,28 +190,61 @@ func testAPICreateBranch(t testing.TB, session *TestSession, user, repo, oldBran
func TestAPIUpdateBranch(t *testing.T) {
onGiteaRun(t, func(t *testing.T, _ *url.URL) {
t.Run("UpdateBranchWithEmptyRepo", func(t *testing.T) {
- testAPIUpdateBranch(t, "user10", "repo6", "master", "test", http.StatusNotFound)
+ testAPIUpdateBranch(t, "user10", "user10", "repo6", "master", "test", http.StatusNotFound)
})
t.Run("UpdateBranchWithSameBranchNames", func(t *testing.T) {
- resp := testAPIUpdateBranch(t, "user2", "repo1", "master", "master", http.StatusUnprocessableEntity)
+ resp := testAPIUpdateBranch(t, "user2", "user2", "repo1", "master", "master", http.StatusUnprocessableEntity)
assert.Contains(t, resp.Body.String(), "Cannot rename a branch using the same name or rename to a branch that already exists.")
})
t.Run("UpdateBranchThatAlreadyExists", func(t *testing.T) {
- resp := testAPIUpdateBranch(t, "user2", "repo1", "master", "branch2", http.StatusUnprocessableEntity)
+ resp := testAPIUpdateBranch(t, "user2", "user2", "repo1", "master", "branch2", http.StatusUnprocessableEntity)
assert.Contains(t, resp.Body.String(), "Cannot rename a branch using the same name or rename to a branch that already exists.")
})
t.Run("UpdateBranchWithNonExistentBranch", func(t *testing.T) {
- resp := testAPIUpdateBranch(t, "user2", "repo1", "i-dont-exist", "new-branch-name", http.StatusNotFound)
+ resp := testAPIUpdateBranch(t, "user2", "user2", "repo1", "i-dont-exist", "new-branch-name", http.StatusNotFound)
assert.Contains(t, resp.Body.String(), "Branch doesn't exist.")
})
- t.Run("RenameBranchNormalScenario", func(t *testing.T) {
- testAPIUpdateBranch(t, "user2", "repo1", "branch2", "new-branch-name", http.StatusNoContent)
+ t.Run("UpdateBranchWithNonAdminDoer", func(t *testing.T) {
+ // don't allow default branch renaming
+ resp := testAPIUpdateBranch(t, "user40", "user2", "repo1", "master", "new-branch-name", http.StatusForbidden)
+ assert.Contains(t, resp.Body.String(), "User must be a repo or site admin to rename default or protected branches.")
+
+ // don't allow protected branch renaming
+ token := getUserToken(t, "user2", auth_model.AccessTokenScopeWriteRepository)
+ req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/branches", &api.CreateBranchRepoOption{
+ BranchName: "protected-branch",
+ }).AddTokenAuth(token)
+ MakeRequest(t, req, http.StatusCreated)
+ testAPICreateBranchProtection(t, "protected-branch", 1, http.StatusCreated)
+ resp = testAPIUpdateBranch(t, "user40", "user2", "repo1", "protected-branch", "new-branch-name", http.StatusForbidden)
+ assert.Contains(t, resp.Body.String(), "User must be a repo or site admin to rename default or protected branches.")
+ })
+ t.Run("UpdateBranchWithGlobedBasedProtectionRulesAndAdminAccess", func(t *testing.T) {
+ // don't allow branch that falls under glob-based protection rules to be renamed
+ token := getUserToken(t, "user2", auth_model.AccessTokenScopeWriteRepository)
+ req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/branch_protections", &api.BranchProtection{
+ RuleName: "protected/**",
+ EnablePush: true,
+ }).AddTokenAuth(token)
+ MakeRequest(t, req, http.StatusCreated)
+
+ from := "protected/1"
+ req = NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/branches", &api.CreateBranchRepoOption{
+ BranchName: from,
+ }).AddTokenAuth(token)
+ MakeRequest(t, req, http.StatusCreated)
+
+ resp := testAPIUpdateBranch(t, "user2", "user2", "repo1", from, "new-branch-name", http.StatusForbidden)
+ assert.Contains(t, resp.Body.String(), "Branch is protected by glob-based protection rules.")
+ })
+ t.Run("UpdateBranchNormalScenario", func(t *testing.T) {
+ testAPIUpdateBranch(t, "user2", "user2", "repo1", "branch2", "new-branch-name", http.StatusNoContent)
})
})
}
-func testAPIUpdateBranch(t *testing.T, ownerName, repoName, from, to string, expectedHTTPStatus int) *httptest.ResponseRecorder {
- token := getUserToken(t, ownerName, auth_model.AccessTokenScopeWriteRepository)
+func testAPIUpdateBranch(t *testing.T, doerName, ownerName, repoName, from, to string, expectedHTTPStatus int) *httptest.ResponseRecorder {
+ token := getUserToken(t, doerName, auth_model.AccessTokenScopeWriteRepository)
req := NewRequestWithJSON(t, "PATCH", "api/v1/repos/"+ownerName+"/"+repoName+"/branches/"+from, &api.UpdateBranchRepoOption{
Name: to,
}).AddTokenAuth(token)
@@ -270,7 +303,7 @@ func TestAPICreateBranchWithSyncBranches(t *testing.T) {
RepoID: 1,
})
assert.NoError(t, err)
- assert.Len(t, branches, 4)
+ assert.Len(t, branches, 6)
// make a broke repository with no branch on database
_, err = db.DeleteByBean(db.DefaultContext, git_model.Branch{RepoID: 1})
@@ -287,7 +320,7 @@ func TestAPICreateBranchWithSyncBranches(t *testing.T) {
RepoID: 1,
})
assert.NoError(t, err)
- assert.Len(t, branches, 5)
+ assert.Len(t, branches, 7)
branches, err = db.Find[git_model.Branch](db.DefaultContext, git_model.FindBranchOptions{
RepoID: 1,
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-12 19:48:17 +0000