mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12459 Commits
17 Branches
Tree: 3ca5dc7e32
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3ca5dc7e32'
${ noResults }
gitea/integrations/api_keys_test.go

api_keys_test.go 8.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198 
  1. // Copyright 2017 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"fmt"

  9. 	"net/http"

  10. 	"net/url"

  11. 	"testing"

  12. 

  13. 	asymkey_model "code.gitea.io/gitea/models/asymkey"

  14. 	"code.gitea.io/gitea/models/perm"

  15. 	repo_model "code.gitea.io/gitea/models/repo"

  16. 	"code.gitea.io/gitea/models/unittest"

  17. 	user_model "code.gitea.io/gitea/models/user"

  18. 	api "code.gitea.io/gitea/modules/structs"

  19. 

  20. 	"github.com/stretchr/testify/assert"

  21. )

  22. 

  23. func TestViewDeployKeysNoLogin(t *testing.T) {

  24. 	defer prepareTestEnv(t)()

  25. 	req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/keys")

  26. 	MakeRequest(t, req, http.StatusUnauthorized)

  27. }

  28. 

  29. func TestCreateDeployKeyNoLogin(t *testing.T) {

  30. 	defer prepareTestEnv(t)()

  31. 	req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/keys", api.CreateKeyOption{

  32. 		Title: "title",

  33. 		Key:   "key",

  34. 	})

  35. 	MakeRequest(t, req, http.StatusUnauthorized)

  36. }

  37. 

  38. func TestGetDeployKeyNoLogin(t *testing.T) {

  39. 	defer prepareTestEnv(t)()

  40. 	req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/keys/1")

  41. 	MakeRequest(t, req, http.StatusUnauthorized)

  42. }

  43. 

  44. func TestDeleteDeployKeyNoLogin(t *testing.T) {

  45. 	defer prepareTestEnv(t)()

  46. 	req := NewRequest(t, "DELETE", "/api/v1/repos/user2/repo1/keys/1")

  47. 	MakeRequest(t, req, http.StatusUnauthorized)

  48. }

  49. 

  50. func TestCreateReadOnlyDeployKey(t *testing.T) {

  51. 	defer prepareTestEnv(t)()

  52. 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{Name: "repo1"}).(*repo_model.Repository)

  53. 	repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID}).(*user_model.User)

  54. 

  55. 	session := loginUser(t, repoOwner.Name)

  56. 	token := getTokenForLoggedInUser(t, session)

  57. 	keysURL := fmt.Sprintf("/api/v1/repos/%s/%s/keys?token=%s", repoOwner.Name, repo.Name, token)

  58. 	rawKeyBody := api.CreateKeyOption{

  59. 		Title:    "read-only",

  60. 		Key:      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n",

  61. 		ReadOnly: true,

  62. 	}

  63. 	req := NewRequestWithJSON(t, "POST", keysURL, rawKeyBody)

  64. 	resp := session.MakeRequest(t, req, http.StatusCreated)

  65. 

  66. 	var newDeployKey api.DeployKey

  67. 	DecodeJSON(t, resp, &newDeployKey)

  68. 	unittest.AssertExistsAndLoadBean(t, &asymkey_model.DeployKey{

  69. 		ID:      newDeployKey.ID,

  70. 		Name:    rawKeyBody.Title,

  71. 		Content: rawKeyBody.Key,

  72. 		Mode:    perm.AccessModeRead,

  73. 	})

  74. }

  75. 

  76. func TestCreateReadWriteDeployKey(t *testing.T) {

  77. 	defer prepareTestEnv(t)()

  78. 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{Name: "repo1"}).(*repo_model.Repository)

  79. 	repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID}).(*user_model.User)

  80. 

  81. 	session := loginUser(t, repoOwner.Name)

  82. 	token := getTokenForLoggedInUser(t, session)

  83. 	keysURL := fmt.Sprintf("/api/v1/repos/%s/%s/keys?token=%s", repoOwner.Name, repo.Name, token)

  84. 	rawKeyBody := api.CreateKeyOption{

  85. 		Title: "read-write",

  86. 		Key:   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n",

  87. 	}

  88. 	req := NewRequestWithJSON(t, "POST", keysURL, rawKeyBody)

  89. 	resp := session.MakeRequest(t, req, http.StatusCreated)

  90. 

  91. 	var newDeployKey api.DeployKey

  92. 	DecodeJSON(t, resp, &newDeployKey)

  93. 	unittest.AssertExistsAndLoadBean(t, &asymkey_model.DeployKey{

  94. 		ID:      newDeployKey.ID,

  95. 		Name:    rawKeyBody.Title,

  96. 		Content: rawKeyBody.Key,

  97. 		Mode:    perm.AccessModeWrite,

  98. 	})

  99. }

  100. 

  101. func TestCreateUserKey(t *testing.T) {

  102. 	defer prepareTestEnv(t)()

  103. 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user1"}).(*user_model.User)

  104. 

  105. 	session := loginUser(t, "user1")

  106. 	token := url.QueryEscape(getTokenForLoggedInUser(t, session))

  107. 	keysURL := fmt.Sprintf("/api/v1/user/keys?token=%s", token)

  108. 	keyType := "ssh-rsa"

  109. 	keyContent := "AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM="

  110. 	rawKeyBody := api.CreateKeyOption{

  111. 		Title: "test-key",

  112. 		Key:   keyType + " " + keyContent,

  113. 	}

  114. 	req := NewRequestWithJSON(t, "POST", keysURL, rawKeyBody)

  115. 	resp := session.MakeRequest(t, req, http.StatusCreated)

  116. 

  117. 	var newPublicKey api.PublicKey

  118. 	DecodeJSON(t, resp, &newPublicKey)

  119. 	unittest.AssertExistsAndLoadBean(t, &asymkey_model.PublicKey{

  120. 		ID:      newPublicKey.ID,

  121. 		OwnerID: user.ID,

  122. 		Name:    rawKeyBody.Title,

  123. 		Content: rawKeyBody.Key,

  124. 		Mode:    perm.AccessModeWrite,

  125. 	})

  126. 

  127. 	// Search by fingerprint

  128. 	fingerprintURL := fmt.Sprintf("/api/v1/user/keys?token=%s&fingerprint=%s", token, newPublicKey.Fingerprint)

  129. 

  130. 	req = NewRequest(t, "GET", fingerprintURL)

  131. 	resp = session.MakeRequest(t, req, http.StatusOK)

  132. 

  133. 	var fingerprintPublicKeys []api.PublicKey

  134. 	DecodeJSON(t, resp, &fingerprintPublicKeys)

  135. 	assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)

  136. 	assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)

  137. 	assert.Equal(t, user.ID, fingerprintPublicKeys[0].Owner.ID)

  138. 

  139. 	fingerprintURL = fmt.Sprintf("/api/v1/users/%s/keys?token=%s&fingerprint=%s", user.Name, token, newPublicKey.Fingerprint)

  140. 

  141. 	req = NewRequest(t, "GET", fingerprintURL)

  142. 	resp = session.MakeRequest(t, req, http.StatusOK)

  143. 

  144. 	DecodeJSON(t, resp, &fingerprintPublicKeys)

  145. 	assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)

  146. 	assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)

  147. 	assert.Equal(t, user.ID, fingerprintPublicKeys[0].Owner.ID)

  148. 

  149. 	// Fail search by fingerprint

  150. 	fingerprintURL = fmt.Sprintf("/api/v1/user/keys?token=%s&fingerprint=%sA", token, newPublicKey.Fingerprint)

  151. 

  152. 	req = NewRequest(t, "GET", fingerprintURL)

  153. 	resp = session.MakeRequest(t, req, http.StatusOK)

  154. 

  155. 	DecodeJSON(t, resp, &fingerprintPublicKeys)

  156. 	assert.Len(t, fingerprintPublicKeys, 0)

  157. 

  158. 	// Fail searching for wrong users key

  159. 	fingerprintURL = fmt.Sprintf("/api/v1/users/%s/keys?token=%s&fingerprint=%s", "user2", token, newPublicKey.Fingerprint)

  160. 	req = NewRequest(t, "GET", fingerprintURL)

  161. 	resp = session.MakeRequest(t, req, http.StatusOK)

  162. 

  163. 	DecodeJSON(t, resp, &fingerprintPublicKeys)

  164. 	assert.Len(t, fingerprintPublicKeys, 0)

  165. 

  166. 	// Now login as user 2

  167. 	session2 := loginUser(t, "user2")

  168. 	token2 := url.QueryEscape(getTokenForLoggedInUser(t, session2))

  169. 

  170. 	// Should find key even though not ours, but we shouldn't know whose it is

  171. 	fingerprintURL = fmt.Sprintf("/api/v1/user/keys?token=%s&fingerprint=%s", token2, newPublicKey.Fingerprint)

  172. 	req = NewRequest(t, "GET", fingerprintURL)

  173. 	resp = session.MakeRequest(t, req, http.StatusOK)

  174. 

  175. 	DecodeJSON(t, resp, &fingerprintPublicKeys)

  176. 	assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)

  177. 	assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)

  178. 	assert.Nil(t, fingerprintPublicKeys[0].Owner)

  179. 

  180. 	// Should find key even though not ours, but we shouldn't know whose it is

  181. 	fingerprintURL = fmt.Sprintf("/api/v1/users/%s/keys?token=%s&fingerprint=%s", user.Name, token2, newPublicKey.Fingerprint)

  182. 

  183. 	req = NewRequest(t, "GET", fingerprintURL)

  184. 	resp = session.MakeRequest(t, req, http.StatusOK)

  185. 

  186. 	DecodeJSON(t, resp, &fingerprintPublicKeys)

  187. 	assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)

  188. 	assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)

  189. 	assert.Nil(t, fingerprintPublicKeys[0].Owner)

  190. 

  191. 	// Fail when searching for key if it is not ours

  192. 	fingerprintURL = fmt.Sprintf("/api/v1/users/%s/keys?token=%s&fingerprint=%s", "user2", token2, newPublicKey.Fingerprint)

  193. 	req = NewRequest(t, "GET", fingerprintURL)

  194. 	resp = session.MakeRequest(t, req, http.StatusOK)

  195. 

  196. 	DecodeJSON(t, resp, &fingerprintPublicKeys)

  197. 	assert.Len(t, fingerprintPublicKeys, 0)

  198. }