mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11885 Commits
17 Branches
Tree: 2289580bb7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2289580bb7'
${ noResults }
gitea/integrations/api_admin_test.go

api_admin_test.go 7.6KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"fmt"

  9. 	"net/http"

  10. 	"testing"

  11. 

  12. 	"code.gitea.io/gitea/models"

  13. 	"code.gitea.io/gitea/modules/json"

  14. 	api "code.gitea.io/gitea/modules/structs"

  15. 

  16. 	"github.com/stretchr/testify/assert"

  17. )

  18. 

  19. func TestAPIAdminCreateAndDeleteSSHKey(t *testing.T) {

  20. 	defer prepareTestEnv(t)()

  21. 	// user1 is an admin user

  22. 	session := loginUser(t, "user1")

  23. 	keyOwner := models.AssertExistsAndLoadBean(t, &models.User{Name: "user2"}).(*models.User)

  24. 

  25. 	token := getTokenForLoggedInUser(t, session)

  26. 	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys?token=%s", keyOwner.Name, token)

  27. 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{

  28. 		"key":   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n",

  29. 		"title": "test-key",

  30. 	})

  31. 	resp := session.MakeRequest(t, req, http.StatusCreated)

  32. 

  33. 	var newPublicKey api.PublicKey

  34. 	DecodeJSON(t, resp, &newPublicKey)

  35. 	models.AssertExistsAndLoadBean(t, &models.PublicKey{

  36. 		ID:          newPublicKey.ID,

  37. 		Name:        newPublicKey.Title,

  38. 		Content:     newPublicKey.Key,

  39. 		Fingerprint: newPublicKey.Fingerprint,

  40. 		OwnerID:     keyOwner.ID,

  41. 	})

  42. 

  43. 	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d?token=%s",

  44. 		keyOwner.Name, newPublicKey.ID, token)

  45. 	session.MakeRequest(t, req, http.StatusNoContent)

  46. 	models.AssertNotExistsBean(t, &models.PublicKey{ID: newPublicKey.ID})

  47. }

  48. 

  49. func TestAPIAdminDeleteMissingSSHKey(t *testing.T) {

  50. 	defer prepareTestEnv(t)()

  51. 	// user1 is an admin user

  52. 	session := loginUser(t, "user1")

  53. 

  54. 	token := getTokenForLoggedInUser(t, session)

  55. 	req := NewRequestf(t, "DELETE", "/api/v1/admin/users/user1/keys/%d?token=%s", models.NonexistentID, token)

  56. 	session.MakeRequest(t, req, http.StatusNotFound)

  57. }

  58. 

  59. func TestAPIAdminDeleteUnauthorizedKey(t *testing.T) {

  60. 	defer prepareTestEnv(t)()

  61. 	adminUsername := "user1"

  62. 	normalUsername := "user2"

  63. 	session := loginUser(t, adminUsername)

  64. 

  65. 	token := getTokenForLoggedInUser(t, session)

  66. 	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys?token=%s", adminUsername, token)

  67. 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{

  68. 		"key":   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n",

  69. 		"title": "test-key",

  70. 	})

  71. 	resp := session.MakeRequest(t, req, http.StatusCreated)

  72. 	var newPublicKey api.PublicKey

  73. 	DecodeJSON(t, resp, &newPublicKey)

  74. 

  75. 	session = loginUser(t, normalUsername)

  76. 	token = getTokenForLoggedInUser(t, session)

  77. 	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d?token=%s",

  78. 		adminUsername, newPublicKey.ID, token)

  79. 	session.MakeRequest(t, req, http.StatusForbidden)

  80. }

  81. 

  82. func TestAPISudoUser(t *testing.T) {

  83. 	defer prepareTestEnv(t)()

  84. 	adminUsername := "user1"

  85. 	normalUsername := "user2"

  86. 	session := loginUser(t, adminUsername)

  87. 	token := getTokenForLoggedInUser(t, session)

  88. 

  89. 	urlStr := fmt.Sprintf("/api/v1/user?sudo=%s&token=%s", normalUsername, token)

  90. 	req := NewRequest(t, "GET", urlStr)

  91. 	resp := session.MakeRequest(t, req, http.StatusOK)

  92. 	var user api.User

  93. 	DecodeJSON(t, resp, &user)

  94. 

  95. 	assert.Equal(t, normalUsername, user.UserName)

  96. }

  97. 

  98. func TestAPISudoUserForbidden(t *testing.T) {

  99. 	defer prepareTestEnv(t)()

  100. 	adminUsername := "user1"

  101. 	normalUsername := "user2"

  102. 

  103. 	session := loginUser(t, normalUsername)

  104. 	token := getTokenForLoggedInUser(t, session)

  105. 

  106. 	urlStr := fmt.Sprintf("/api/v1/user?sudo=%s&token=%s", adminUsername, token)

  107. 	req := NewRequest(t, "GET", urlStr)

  108. 	session.MakeRequest(t, req, http.StatusForbidden)

  109. }

  110. 

  111. func TestAPIListUsers(t *testing.T) {

  112. 	defer prepareTestEnv(t)()

  113. 	adminUsername := "user1"

  114. 	session := loginUser(t, adminUsername)

  115. 	token := getTokenForLoggedInUser(t, session)

  116. 

  117. 	urlStr := fmt.Sprintf("/api/v1/admin/users?token=%s", token)

  118. 	req := NewRequest(t, "GET", urlStr)

  119. 	resp := session.MakeRequest(t, req, http.StatusOK)

  120. 	var users []api.User

  121. 	DecodeJSON(t, resp, &users)

  122. 

  123. 	found := false

  124. 	for _, user := range users {

  125. 		if user.UserName == adminUsername {

  126. 			found = true

  127. 		}

  128. 	}

  129. 	assert.True(t, found)

  130. 	numberOfUsers := models.GetCount(t, &models.User{}, "type = 0")

  131. 	assert.Equal(t, numberOfUsers, len(users))

  132. }

  133. 

  134. func TestAPIListUsersNotLoggedIn(t *testing.T) {

  135. 	defer prepareTestEnv(t)()

  136. 	req := NewRequest(t, "GET", "/api/v1/admin/users")

  137. 	MakeRequest(t, req, http.StatusUnauthorized)

  138. }

  139. 

  140. func TestAPIListUsersNonAdmin(t *testing.T) {

  141. 	defer prepareTestEnv(t)()

  142. 	nonAdminUsername := "user2"

  143. 	session := loginUser(t, nonAdminUsername)

  144. 	token := getTokenForLoggedInUser(t, session)

  145. 	req := NewRequestf(t, "GET", "/api/v1/admin/users?token=%s", token)

  146. 	session.MakeRequest(t, req, http.StatusForbidden)

  147. }

  148. 

  149. func TestAPICreateUserInvalidEmail(t *testing.T) {

  150. 	defer prepareTestEnv(t)()

  151. 	adminUsername := "user1"

  152. 	session := loginUser(t, adminUsername)

  153. 	token := getTokenForLoggedInUser(t, session)

  154. 	urlStr := fmt.Sprintf("/api/v1/admin/users?token=%s", token)

  155. 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{

  156. 		"email":                "invalid_email@domain.com\r\n",

  157. 		"full_name":            "invalid user",

  158. 		"login_name":           "invalidUser",

  159. 		"must_change_password": "true",

  160. 		"password":             "password",

  161. 		"send_notify":          "true",

  162. 		"source_id":            "0",

  163. 		"username":             "invalidUser",

  164. 	})

  165. 	session.MakeRequest(t, req, http.StatusUnprocessableEntity)

  166. }

  167. 

  168. func TestAPIEditUser(t *testing.T) {

  169. 	defer prepareTestEnv(t)()

  170. 	adminUsername := "user1"

  171. 	session := loginUser(t, adminUsername)

  172. 	token := getTokenForLoggedInUser(t, session)

  173. 	urlStr := fmt.Sprintf("/api/v1/admin/users/%s?token=%s", "user2", token)

  174. 

  175. 	req := NewRequestWithValues(t, "PATCH", urlStr, map[string]string{

  176. 		// required

  177. 		"login_name": "user2",

  178. 		"source_id":  "0",

  179. 		// to change

  180. 		"full_name": "Full Name User 2",

  181. 	})

  182. 	session.MakeRequest(t, req, http.StatusOK)

  183. 

  184. 	empty := ""

  185. 	req = NewRequestWithJSON(t, "PATCH", urlStr, api.EditUserOption{

  186. 		LoginName: "user2",

  187. 		SourceID:  0,

  188. 		Email:     &empty,

  189. 	})

  190. 	resp := session.MakeRequest(t, req, http.StatusUnprocessableEntity)

  191. 

  192. 	errMap := make(map[string]interface{})

  193. 	json.Unmarshal(resp.Body.Bytes(), &errMap)

  194. 	assert.EqualValues(t, "email is not allowed to be empty string", errMap["message"].(string))

  195. 

  196. 	user2 := models.AssertExistsAndLoadBean(t, &models.User{LoginName: "user2"}).(*models.User)

  197. 	assert.False(t, user2.IsRestricted)

  198. 	bTrue := true

  199. 	req = NewRequestWithJSON(t, "PATCH", urlStr, api.EditUserOption{

  200. 		// required

  201. 		LoginName: "user2",

  202. 		SourceID:  0,

  203. 		// to change

  204. 		Restricted: &bTrue,

  205. 	})

  206. 	session.MakeRequest(t, req, http.StatusOK)

  207. 	user2 = models.AssertExistsAndLoadBean(t, &models.User{LoginName: "user2"}).(*models.User)

  208. 	assert.True(t, user2.IsRestricted)

  209. }