mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6814 Commits
17 Branches
Tree: 57a8440db3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '57a8440db3'
${ noResults }
gitea/integrations/api_gpg_keys_test.go

api_gpg_keys_test.go 12KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265 
  1. // Copyright 2017 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"net/http"

  9. 	"net/http/httptest"

  10. 	"strconv"

  11. 	"testing"

  12. 

  13. 	api "code.gitea.io/sdk/gitea"

  14. 

  15. 	"github.com/stretchr/testify/assert"

  16. )

  17. 

  18. type makeRequestFunc func(testing.TB, *http.Request, int) *httptest.ResponseRecorder

  19. 

  20. func TestGPGKeys(t *testing.T) {

  21. 	prepareTestEnv(t)

  22. 	session := loginUser(t, "user2")

  23. 	token := getTokenForLoggedInUser(t, session)

  24. 

  25. 	tt := []struct {

  26. 		name        string

  27. 		makeRequest makeRequestFunc

  28. 		token       string

  29. 		results     []int

  30. 	}{

  31. 		{name: "NoLogin", makeRequest: MakeRequest, token: "",

  32. 			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},

  33. 		},

  34. 		{name: "LoggedAsUser2", makeRequest: session.MakeRequest, token: token,

  35. 			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusInternalServerError, http.StatusInternalServerError, http.StatusCreated, http.StatusCreated}},

  36. 	}

  37. 

  38. 	for _, tc := range tt {

  39. 

  40. 		//Basic test on result code

  41. 		t.Run(tc.name, func(t *testing.T) {

  42. 			t.Run("ViewOwnGPGKeys", func(t *testing.T) {

  43. 				testViewOwnGPGKeys(t, tc.makeRequest, tc.token, tc.results[0])

  44. 			})

  45. 			t.Run("ViewGPGKeys", func(t *testing.T) {

  46. 				testViewGPGKeys(t, tc.makeRequest, tc.token, tc.results[1])

  47. 			})

  48. 			t.Run("GetGPGKey", func(t *testing.T) {

  49. 				testGetGPGKey(t, tc.makeRequest, tc.token, tc.results[2])

  50. 			})

  51. 			t.Run("DeleteGPGKey", func(t *testing.T) {

  52. 				testDeleteGPGKey(t, tc.makeRequest, tc.token, tc.results[3])

  53. 			})

  54. 

  55. 			t.Run("CreateInvalidGPGKey", func(t *testing.T) {

  56. 				testCreateInvalidGPGKey(t, tc.makeRequest, tc.token, tc.results[4])

  57. 			})

  58. 			t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) {

  59. 				testCreateNoneRegistredEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[5])

  60. 			})

  61. 			t.Run("CreateValidGPGKey", func(t *testing.T) {

  62. 				testCreateValidGPGKey(t, tc.makeRequest, tc.token, tc.results[6])

  63. 			})

  64. 			t.Run("CreateValidSecondaryEmailGPGKey", func(t *testing.T) {

  65. 				testCreateValidSecondaryEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[7])

  66. 			})

  67. 		})

  68. 	}

  69. 

  70. 	//Check state after basic add

  71. 	t.Run("CheckState", func(t *testing.T) {

  72. 

  73. 		var keys []*api.GPGKey

  74. 

  75. 		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token) //GET all keys

  76. 		resp := session.MakeRequest(t, req, http.StatusOK)

  77. 		DecodeJSON(t, resp, &keys)

  78. 

  79. 		primaryKey1 := keys[0] //Primary key 1

  80. 		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)

  81. 		assert.EqualValues(t, 1, len(primaryKey1.Emails))

  82. 		assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email)

  83. 		assert.EqualValues(t, true, primaryKey1.Emails[0].Verified)

  84. 

  85. 		subKey := primaryKey1.SubsKey[0] //Subkey of 38EA3BCED732982C

  86. 		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)

  87. 		assert.EqualValues(t, 0, len(subKey.Emails))

  88. 

  89. 		primaryKey2 := keys[1] //Primary key 2

  90. 		assert.EqualValues(t, "FABF39739FE1E927", primaryKey2.KeyID)

  91. 		assert.EqualValues(t, 1, len(primaryKey2.Emails))

  92. 		assert.EqualValues(t, "user21@example.com", primaryKey2.Emails[0].Email)

  93. 		assert.EqualValues(t, false, primaryKey2.Emails[0].Verified)

  94. 

  95. 		var key api.GPGKey

  96. 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)+"?token="+token) //Primary key 1

  97. 		resp = session.MakeRequest(t, req, http.StatusOK)

  98. 		DecodeJSON(t, resp, &key)

  99. 		assert.EqualValues(t, "38EA3BCED732982C", key.KeyID)

  100. 		assert.EqualValues(t, 1, len(key.Emails))

  101. 		assert.EqualValues(t, "user2@example.com", key.Emails[0].Email)

  102. 		assert.EqualValues(t, true, key.Emails[0].Verified)

  103. 

  104. 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)+"?token="+token) //Subkey of 38EA3BCED732982C

  105. 		resp = session.MakeRequest(t, req, http.StatusOK)

  106. 		DecodeJSON(t, resp, &key)

  107. 		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)

  108. 		assert.EqualValues(t, 0, len(key.Emails))

  109. 

  110. 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)+"?token="+token) //Primary key 2

  111. 		resp = session.MakeRequest(t, req, http.StatusOK)

  112. 		DecodeJSON(t, resp, &key)

  113. 		assert.EqualValues(t, "FABF39739FE1E927", key.KeyID)

  114. 		assert.EqualValues(t, 1, len(key.Emails))

  115. 		assert.EqualValues(t, "user21@example.com", key.Emails[0].Email)

  116. 		assert.EqualValues(t, false, key.Emails[0].Verified)

  117. 

  118. 	})

  119. 

  120. 	//Check state after basic add

  121. 	t.Run("CheckCommits", func(t *testing.T) {

  122. 		t.Run("NotSigned", func(t *testing.T) {

  123. 			var branch api.Branch

  124. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed?token="+token)

  125. 			resp := session.MakeRequest(t, req, http.StatusOK)

  126. 			DecodeJSON(t, resp, &branch)

  127. 			assert.EqualValues(t, false, branch.Commit.Verification.Verified)

  128. 		})

  129. 

  130. 		t.Run("SignedWithNotValidatedEmail", func(t *testing.T) {

  131. 			var branch api.Branch

  132. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated?token="+token)

  133. 			resp := session.MakeRequest(t, req, http.StatusOK)

  134. 			DecodeJSON(t, resp, &branch)

  135. 			assert.EqualValues(t, false, branch.Commit.Verification.Verified)

  136. 		})

  137. 

  138. 		t.Run("SignedWithValidEmail", func(t *testing.T) {

  139. 			var branch api.Branch

  140. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign?token="+token)

  141. 			resp := session.MakeRequest(t, req, http.StatusOK)

  142. 			DecodeJSON(t, resp, &branch)

  143. 			assert.EqualValues(t, true, branch.Commit.Verification.Verified)

  144. 		})

  145. 	})

  146. }

  147. 

  148. func testViewOwnGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  149. 	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token)

  150. 	makeRequest(t, req, expected)

  151. }

  152. 

  153. func testViewGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  154. 	req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys?token="+token)

  155. 	makeRequest(t, req, expected)

  156. }

  157. 

  158. func testGetGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  159. 	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1?token="+token)

  160. 	makeRequest(t, req, expected)

  161. }

  162. 

  163. func testDeleteGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  164. 	req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1?token="+token)

  165. 	makeRequest(t, req, expected)

  166. }

  167. 

  168. func testCreateGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int, publicKey string) {

  169. 	req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys?token="+token, api.CreateGPGKeyOption{

  170. 		ArmoredKey: publicKey,

  171. 	})

  172. 	makeRequest(t, req, expected)

  173. }

  174. 

  175. func testCreateInvalidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  176. 	testCreateGPGKey(t, makeRequest, token, expected, "invalid_key")

  177. }

  178. 

  179. func testCreateNoneRegistredEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  180. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  181. 

  182. mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh

  183. dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O

  184. 7moAphDOTZtDj1AZfCh/PTcJut8Lc0eRDMhNyp/bYtO7SHNT1Hr6rrCV/xEtSAvR

  185. 3b148/tmIBiSadaLwc558KU3ucjnW5RVGins3AjBZ+TuT4XXVH/oeLSeXPSJ5rt1

  186. rHwaseslMqZ4AbvwFLx5qn1OC9rEQv/F548QsA8m0IntLjoPon+6wcubA9Gra21c

  187. Fp6aRYl9x7fiqXDLg8i3s2nKdV7+e6as6Tp9ABEBAAG0FG5vdGtub3duQGV4YW1w

  188. bGUuY29tiQEcBBABAgAGBQJZhlMoAAoJEC8+pvYULDtte/wH/2JNrhmHwDY+hMj0

  189. batIK4HICnkKxjIgbha80P2Ao08NkzSge58fsxiKDFYAQjHui+ZAw4dq79Ax9AOO

  190. Iv2GS9+DUfWhrb6RF+vNuJldFzcI0rTW/z2q+XGKrUCwN3khJY5XngHfQQrdBtMK

  191. qsoUXz/5B8g422RTbo/SdPsyYAV6HeLLeV3rdgjI1fpaW0seZKHeTXQb/HvNeuPg

  192. qz+XV1g6Gdqa1RjDOaX7A8elVKxrYq3LBtc93FW+grBde8n7JL0zPM3DY+vJ0IJZ

  193. INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz

  194. 1geiY5E=

  195. =TkP3

  196. -----END PGP PUBLIC KEY BLOCK-----`)

  197. }

  198. 

  199. func testCreateValidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  200. 	//User2 <user2@example.com> //primary & activated

  201. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  202. 

  203. mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW

  204. VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS

  205. eu3T1qKSNXm6X0XOWD2LIrdiDC8HaI9FqZVMI/srMK2CF8XCL2m67W1FuoPlWzod

  206. 5ORy0IZB7spoF0xihmcgnEGElRmdo5w/vkGH8U7Zyn9Eb57UVFeafgeskf4wqB23

  207. BjbMdW2YaB+yzMRwYgOnD5lnBD4uqSmvjaV9C0kxn7x+oJkkiRV8/z1cNcO+BaeQ

  208. Akh/yTTeTzYGSc/ZOqCX1O+NOPgSeixVlqenABEBAAG0GVVzZXIyIDx1c2VyMkBl

  209. eGFtcGxlLmNvbT6JAVQEEwEIAD4WIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZW

  210. wwIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA46jvO1zKYLF/e

  211. B/91wm2KLMIQBZBA9WA2/+9rQWTo9EqgYrXN60rEzX3cYJWXZiE4DrKR1oWDGNLi

  212. KXOCW62snvJldolBqq0ZqaKvPKzl0Y5TRqbYEc9AjUSqgRin1b+G2DevLGT4ibq+

  213. 7ocQvz0XkASEUAgHahp0Ubiiib1521WwT/duL+AG8Gg0+DK09RfV3eX5/EOkQCKv

  214. 8cutqgsd2Smz40A8wXuJkRcipZBtrB/GkUaZ/eJdwEeSYZjEA9GWF61LJT2stvRN

  215. HCk7C3z3pVEek1PluiFs/4VN8BG8yDzW4c0tLty4Fj3VwPqwIbB5AJbquVfhQCb4

  216. Eep2lm3Lc9b1OwO5N3coPJkouQENBFmGVsMBCADAGba2L6NCOE1i3WIP6CPzbdOo

  217. N3gdTfTgccAx9fNeon9jor+3tgEjlo9/6cXiRoksOV6W4wFab/ZwWgwN6JO4CGvZ

  218. Wi7EQwMMMp1E36YTojKQJrcA9UvMnTHulqQQ88F5E845DhzFQM3erv42QZZMBAX3

  219. kXCgy1GNFocl6tLUvJdEqs+VcJGGANMpmzE4WLa8KhSYnxipwuQ62JBy9R+cHyKT

  220. OARk8znRqSu5bT3LtlrZ/HXu+6Oy4+2uCdNzZIh5J5tPS7CPA6ptl88iGVBte/CJ

  221. 7cjgJWSQqeYp2Y5QvsWAivkQ4Ww9plHbbwV0A2eaHsjjWzlUl3HoJ/snMOhBABEB

  222. AAGJATwEGAEIACYWIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZWwwIbDAUJA8Jn

  223. AAAKCRA46jvO1zKYLBwLCACQOpeRVrwIKVaWcPMYjVHHJsGscaLKpgpARAUgbiG6

  224. Cbc2WI8Sm3fRwrY0VAfN+u9QwrtvxANcyB3vTgTzw7FimfhOimxiTSO8HQCfjDZF

  225. Xly8rq+Fua7+ClWUpy21IekW41VvZYjH2sL6EVP+UcEOaGAyN53XfhaRVZPhNtZN

  226. NKAE9N5EG3rbsZ33LzJj40rEKlzFSseAAPft8qA3IXjzFBx+PQXHMpNCagL79he6

  227. lqockTJ+oPmta4CF/J0U5LUr1tOZXheL3TP6m8d08gDrtn0YuGOPk87i9sJz+jR9

  228. uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h

  229. =J59D

  230. -----END PGP PUBLIC KEY BLOCK-----`)

  231. }

  232. 

  233. func testCreateValidSecondaryEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  234. 	//User2 <user21@example.com> //secondary and not activated

  235. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  236. 

  237. mQENBFmGWN4BCAC18V4tVGO65VLCV7p14FuXJlUtZ5CuYMvgEkcOqrvRaBSW9ao4

  238. PGESOhJpfWpnW3QgJniYndLzPpsmdHEclEER6aZjiNgReWPOjHD5tykWocZAJqXD

  239. eY1ym59gvVMLcfbV2yQsyR2hbJlc+dJsl16tigSEe3nwxZSw2IsW92pgEzT9JNUr

  240. Q+mC8dw4dqY0tYmFazYUGNxufUc/twgQT/Or1aNs0az5Q6Jft4rrTRsh/S7We0VB

  241. COKGkdcQyYgAls7HJBuPjQRi6DM9VhgBSHLAgSLyaUcZvhZBJr8Qe/q4PP3/kYDJ

  242. wm4RMnjOLz2pFZPgtRqgcAwpmFtLrACbEB3JABEBAAG0GlVzZXIyIDx1c2VyMjFA

  243. ZXhhbXBsZS5jb20+iQFUBBMBCAA+FiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmG

  244. WN4CGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ+r85c5/h6Sfx

  245. Lgf/dq64NBV8+X9an3seaLxePRviva48e4K67/wV/JxtXNO5Z/DhMGz5kHXCsG9D

  246. CXuWYO8ehlTjEnMZ6qqdDnY+H6bQsb2OS5oPn4RwpPXslAjEKtojPAr0dDsMS2DB

  247. dUuIm1AoOnewOVO0OFRf1EqX1bivxnN0FVMcO0m8AczfnKDaGb0y/qg/Y9JAsKqp

  248. j5pZNMWUkntRtGySeJ4CVJMmkVKJAHsa1Qj6MKdFeid4h4y94cBJ4ZdyBxNdpQOx

  249. ydf0doicovfeqGNO4oWzsGP4RBK2CqGPCUT+EFl20jPvMkKwOjxgqc8p0z3b2UT9

  250. +9bnmCGHgF/fW1HJ3iKmfFPqnLkBDQRZhljeAQgA5AirU/NJGgm19ZJYFOiHftjS

  251. azbrPxGeD3cSqmvDPIMc1DNZGfQV5D4EVumnVbQBtL6xHFoGKz9KisUMbe4a/X2J

  252. S8JmIphQWG0vMJX1DaZIzr2gT71MnPD7JMGsSUCh5dIKpTNTZX4w+oGPGOu0/UlL

  253. x0448AryKwp30J2p6D4GeI0nb03n35S2lTOpnHDn1wj7Jl/8LS2fdFOdNaNHXSZe

  254. twdSwJKhyBEiScgeHBDyKqo8zWkYoSb9eA2HiYlbVaiNtp24KP1mIEpiUdrRjWno

  255. zauYSZGHZlOFMgF4dKWuetPiuH9m7UYZGKyMLfQ9vYFb+xcPh2bLCQHJ1OEmMQAR

  256. AQABiQE8BBgBCAAmFiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmGWN4CGwwFCQPC

  257. ZwAACgkQ+r85c5/h6Sfjfwf+O4WEjRdvPJLxNy7mfAGoAqDMHIwyH/tVzYgyVhnG

  258. h/+cfRxJbGc3rpjYdr8dmvghzjEAout8uibPWaIqs63RCAPGPqgWLfxNO5c8+y8V

  259. LZMVOTV26l2olkkdBWAuhLqKTNh6TiQva03yhOgHWj4XDvFfxICWPFXVd6t5ELpD

  260. iApGu1OAj8JfhmzbG03Yzx+Ku7bWDxMonx3V/IDEu5LS5zrboHYDKCA53bXXghoi

  261. Aceqql+PKrDwEjoY4bptwMHLmcjGjdCQ//Qx1neho7nZcS7xjTucY8gQuulwCyXF

  262. y6wM+wMz8dunIG9gw4+Re6c4Rz9tX1kzxLrU7Pl21tMqfg==

  263. =0N/9

  264. -----END PGP PUBLIC KEY BLOCK-----`)

  265. }