mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13283 Commits
17 Branches
Tree: 7671a3322b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7671a3322b'
${ noResults }
gitea/integrations/api_repo_collaborator_test.go

api_repo_collaborator_test.go 5.5KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 
  1. // Copyright 2022 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"net/http"

  9. 	"net/url"

  10. 	"testing"

  11. 

  12. 	"code.gitea.io/gitea/models/perm"

  13. 	repo_model "code.gitea.io/gitea/models/repo"

  14. 	"code.gitea.io/gitea/models/unittest"

  15. 	user_model "code.gitea.io/gitea/models/user"

  16. 	api "code.gitea.io/gitea/modules/structs"

  17. 

  18. 	"github.com/stretchr/testify/assert"

  19. )

  20. 

  21. func TestAPIRepoCollaboratorPermission(t *testing.T) {

  22. 	onGiteaRun(t, func(t *testing.T, u *url.URL) {

  23. 		repo2 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2}).(*repo_model.Repository)

  24. 		repo2Owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo2.OwnerID}).(*user_model.User)

  25. 

  26. 		user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4}).(*user_model.User)

  27. 		user5 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5}).(*user_model.User)

  28. 		user10 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 10}).(*user_model.User)

  29. 		user11 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 11}).(*user_model.User)

  30. 

  31. 		session := loginUser(t, repo2Owner.Name)

  32. 		testCtx := NewAPITestContext(t, repo2Owner.Name, repo2.Name)

  33. 

  34. 		t.Run("RepoOwnerShouldBeOwner", func(t *testing.T) {

  35. 			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, repo2Owner.Name, testCtx.Token)

  36. 			resp := session.MakeRequest(t, req, http.StatusOK)

  37. 

  38. 			var repoPermission api.RepoCollaboratorPermission

  39. 			DecodeJSON(t, resp, &repoPermission)

  40. 

  41. 			assert.Equal(t, "owner", repoPermission.Permission)

  42. 		})

  43. 

  44. 		t.Run("CollaboratorWithReadAccess", func(t *testing.T) {

  45. 			t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeRead))

  46. 

  47. 			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user4.Name, testCtx.Token)

  48. 			resp := session.MakeRequest(t, req, http.StatusOK)

  49. 

  50. 			var repoPermission api.RepoCollaboratorPermission

  51. 			DecodeJSON(t, resp, &repoPermission)

  52. 

  53. 			assert.Equal(t, "read", repoPermission.Permission)

  54. 		})

  55. 

  56. 		t.Run("CollaboratorWithWriteAccess", func(t *testing.T) {

  57. 			t.Run("AddUserAsCollaboratorWithWriteAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeWrite))

  58. 

  59. 			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user4.Name, testCtx.Token)

  60. 			resp := session.MakeRequest(t, req, http.StatusOK)

  61. 

  62. 			var repoPermission api.RepoCollaboratorPermission

  63. 			DecodeJSON(t, resp, &repoPermission)

  64. 

  65. 			assert.Equal(t, "write", repoPermission.Permission)

  66. 		})

  67. 

  68. 		t.Run("CollaboratorWithAdminAccess", func(t *testing.T) {

  69. 			t.Run("AddUserAsCollaboratorWithAdminAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeAdmin))

  70. 

  71. 			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user4.Name, testCtx.Token)

  72. 			resp := session.MakeRequest(t, req, http.StatusOK)

  73. 

  74. 			var repoPermission api.RepoCollaboratorPermission

  75. 			DecodeJSON(t, resp, &repoPermission)

  76. 

  77. 			assert.Equal(t, "admin", repoPermission.Permission)

  78. 		})

  79. 

  80. 		t.Run("CollaboratorNotFound", func(t *testing.T) {

  81. 			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, "non-existent-user", testCtx.Token)

  82. 			session.MakeRequest(t, req, http.StatusNotFound)

  83. 		})

  84. 

  85. 		t.Run("CollaboratorCanQueryItsPermissions", func(t *testing.T) {

  86. 			t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user5.Name, perm.AccessModeRead))

  87. 

  88. 			_session := loginUser(t, user5.Name)

  89. 			_testCtx := NewAPITestContext(t, user5.Name, repo2.Name)

  90. 

  91. 			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user5.Name, _testCtx.Token)

  92. 			resp := _session.MakeRequest(t, req, http.StatusOK)

  93. 

  94. 			var repoPermission api.RepoCollaboratorPermission

  95. 			DecodeJSON(t, resp, &repoPermission)

  96. 

  97. 			assert.Equal(t, "read", repoPermission.Permission)

  98. 		})

  99. 

  100. 		t.Run("CollaboratorCanQueryItsPermissions", func(t *testing.T) {

  101. 			t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user5.Name, perm.AccessModeRead))

  102. 

  103. 			_session := loginUser(t, user5.Name)

  104. 			_testCtx := NewAPITestContext(t, user5.Name, repo2.Name)

  105. 

  106. 			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user5.Name, _testCtx.Token)

  107. 			resp := _session.MakeRequest(t, req, http.StatusOK)

  108. 

  109. 			var repoPermission api.RepoCollaboratorPermission

  110. 			DecodeJSON(t, resp, &repoPermission)

  111. 

  112. 			assert.Equal(t, "read", repoPermission.Permission)

  113. 		})

  114. 

  115. 		t.Run("RepoAdminCanQueryACollaboratorsPermissions", func(t *testing.T) {

  116. 			t.Run("AddUserAsCollaboratorWithAdminAccess", doAPIAddCollaborator(testCtx, user10.Name, perm.AccessModeAdmin))

  117. 			t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user11.Name, perm.AccessModeRead))

  118. 

  119. 			_session := loginUser(t, user10.Name)

  120. 			_testCtx := NewAPITestContext(t, user10.Name, repo2.Name)

  121. 

  122. 			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user11.Name, _testCtx.Token)

  123. 			resp := _session.MakeRequest(t, req, http.StatusOK)

  124. 

  125. 			var repoPermission api.RepoCollaboratorPermission

  126. 			DecodeJSON(t, resp, &repoPermission)

  127. 

  128. 			assert.Equal(t, "read", repoPermission.Permission)

  129. 		})

  130. 	})

  131. }