mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13291 Commits
17 Branches
Tree: 8720f876c7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8720f876c7'
${ noResults }
gitea/integrations/api_gpg_keys_test.go

api_gpg_keys_test.go 12KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263 
  1. // Copyright 2017 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"net/http"

  9. 	"net/http/httptest"

  10. 	"strconv"

  11. 	"testing"

  12. 

  13. 	api "code.gitea.io/gitea/modules/structs"

  14. 

  15. 	"github.com/stretchr/testify/assert"

  16. )

  17. 

  18. type makeRequestFunc func(testing.TB, *http.Request, int) *httptest.ResponseRecorder

  19. 

  20. func TestGPGKeys(t *testing.T) {

  21. 	defer prepareTestEnv(t)()

  22. 	session := loginUser(t, "user2")

  23. 	token := getTokenForLoggedInUser(t, session)

  24. 

  25. 	tt := []struct {

  26. 		name        string

  27. 		makeRequest makeRequestFunc

  28. 		token       string

  29. 		results     []int

  30. 	}{

  31. 		{

  32. 			name: "NoLogin", makeRequest: MakeRequest, token: "",

  33. 			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},

  34. 		},

  35. 		{

  36. 			name: "LoggedAsUser2", makeRequest: session.MakeRequest, token: token,

  37. 			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusUnprocessableEntity, http.StatusNotFound, http.StatusCreated, http.StatusNotFound, http.StatusCreated},

  38. 		},

  39. 	}

  40. 

  41. 	for _, tc := range tt {

  42. 		// Basic test on result code

  43. 		t.Run(tc.name, func(t *testing.T) {

  44. 			t.Run("ViewOwnGPGKeys", func(t *testing.T) {

  45. 				testViewOwnGPGKeys(t, tc.makeRequest, tc.token, tc.results[0])

  46. 			})

  47. 			t.Run("ViewGPGKeys", func(t *testing.T) {

  48. 				testViewGPGKeys(t, tc.makeRequest, tc.token, tc.results[1])

  49. 			})

  50. 			t.Run("GetGPGKey", func(t *testing.T) {

  51. 				testGetGPGKey(t, tc.makeRequest, tc.token, tc.results[2])

  52. 			})

  53. 			t.Run("DeleteGPGKey", func(t *testing.T) {

  54. 				testDeleteGPGKey(t, tc.makeRequest, tc.token, tc.results[3])

  55. 			})

  56. 

  57. 			t.Run("CreateInvalidGPGKey", func(t *testing.T) {

  58. 				testCreateInvalidGPGKey(t, tc.makeRequest, tc.token, tc.results[4])

  59. 			})

  60. 			t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) {

  61. 				testCreateNoneRegistredEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[5])

  62. 			})

  63. 			t.Run("CreateValidGPGKey", func(t *testing.T) {

  64. 				testCreateValidGPGKey(t, tc.makeRequest, tc.token, tc.results[6])

  65. 			})

  66. 			t.Run("CreateValidSecondaryEmailGPGKeyNotActivated", func(t *testing.T) {

  67. 				testCreateValidSecondaryEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[7])

  68. 			})

  69. 		})

  70. 	}

  71. 

  72. 	// Check state after basic add

  73. 	t.Run("CheckState", func(t *testing.T) {

  74. 		var keys []*api.GPGKey

  75. 

  76. 		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token) // GET all keys

  77. 		resp := session.MakeRequest(t, req, http.StatusOK)

  78. 		DecodeJSON(t, resp, &keys)

  79. 		assert.Len(t, keys, 1)

  80. 

  81. 		primaryKey1 := keys[0] // Primary key 1

  82. 		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)

  83. 		assert.Len(t, primaryKey1.Emails, 1)

  84. 		assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email)

  85. 		assert.True(t, primaryKey1.Emails[0].Verified)

  86. 

  87. 		subKey := primaryKey1.SubsKey[0] // Subkey of 38EA3BCED732982C

  88. 		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)

  89. 		assert.Empty(t, subKey.Emails)

  90. 

  91. 		var key api.GPGKey

  92. 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)+"?token="+token) // Primary key 1

  93. 		resp = session.MakeRequest(t, req, http.StatusOK)

  94. 		DecodeJSON(t, resp, &key)

  95. 		assert.EqualValues(t, "38EA3BCED732982C", key.KeyID)

  96. 		assert.Len(t, key.Emails, 1)

  97. 		assert.EqualValues(t, "user2@example.com", key.Emails[0].Email)

  98. 		assert.True(t, key.Emails[0].Verified)

  99. 

  100. 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)+"?token="+token) // Subkey of 38EA3BCED732982C

  101. 		resp = session.MakeRequest(t, req, http.StatusOK)

  102. 		DecodeJSON(t, resp, &key)

  103. 		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)

  104. 		assert.Empty(t, key.Emails)

  105. 	})

  106. 

  107. 	// Check state after basic add

  108. 	t.Run("CheckCommits", func(t *testing.T) {

  109. 		t.Run("NotSigned", func(t *testing.T) {

  110. 			var branch api.Branch

  111. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed?token="+token)

  112. 			resp := session.MakeRequest(t, req, http.StatusOK)

  113. 			DecodeJSON(t, resp, &branch)

  114. 			assert.False(t, branch.Commit.Verification.Verified)

  115. 		})

  116. 

  117. 		t.Run("SignedWithNotValidatedEmail", func(t *testing.T) {

  118. 			var branch api.Branch

  119. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated?token="+token)

  120. 			resp := session.MakeRequest(t, req, http.StatusOK)

  121. 			DecodeJSON(t, resp, &branch)

  122. 			assert.False(t, branch.Commit.Verification.Verified)

  123. 		})

  124. 

  125. 		t.Run("SignedWithValidEmail", func(t *testing.T) {

  126. 			var branch api.Branch

  127. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign?token="+token)

  128. 			resp := session.MakeRequest(t, req, http.StatusOK)

  129. 			DecodeJSON(t, resp, &branch)

  130. 			assert.True(t, branch.Commit.Verification.Verified)

  131. 		})

  132. 	})

  133. }

  134. 

  135. func testViewOwnGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  136. 	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token)

  137. 	makeRequest(t, req, expected)

  138. }

  139. 

  140. func testViewGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  141. 	req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys?token="+token)

  142. 	makeRequest(t, req, expected)

  143. }

  144. 

  145. func testGetGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  146. 	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1?token="+token)

  147. 	makeRequest(t, req, expected)

  148. }

  149. 

  150. func testDeleteGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  151. 	req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1?token="+token)

  152. 	makeRequest(t, req, expected)

  153. }

  154. 

  155. func testCreateGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int, publicKey string) {

  156. 	req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys?token="+token, api.CreateGPGKeyOption{

  157. 		ArmoredKey: publicKey,

  158. 	})

  159. 	makeRequest(t, req, expected)

  160. }

  161. 

  162. func testCreateInvalidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  163. 	testCreateGPGKey(t, makeRequest, token, expected, "invalid_key")

  164. }

  165. 

  166. func testCreateNoneRegistredEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  167. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  168. 

  169. mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh

  170. dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O

  171. 7moAphDOTZtDj1AZfCh/PTcJut8Lc0eRDMhNyp/bYtO7SHNT1Hr6rrCV/xEtSAvR

  172. 3b148/tmIBiSadaLwc558KU3ucjnW5RVGins3AjBZ+TuT4XXVH/oeLSeXPSJ5rt1

  173. rHwaseslMqZ4AbvwFLx5qn1OC9rEQv/F548QsA8m0IntLjoPon+6wcubA9Gra21c

  174. Fp6aRYl9x7fiqXDLg8i3s2nKdV7+e6as6Tp9ABEBAAG0FG5vdGtub3duQGV4YW1w

  175. bGUuY29tiQEcBBABAgAGBQJZhlMoAAoJEC8+pvYULDtte/wH/2JNrhmHwDY+hMj0

  176. batIK4HICnkKxjIgbha80P2Ao08NkzSge58fsxiKDFYAQjHui+ZAw4dq79Ax9AOO

  177. Iv2GS9+DUfWhrb6RF+vNuJldFzcI0rTW/z2q+XGKrUCwN3khJY5XngHfQQrdBtMK

  178. qsoUXz/5B8g422RTbo/SdPsyYAV6HeLLeV3rdgjI1fpaW0seZKHeTXQb/HvNeuPg

  179. qz+XV1g6Gdqa1RjDOaX7A8elVKxrYq3LBtc93FW+grBde8n7JL0zPM3DY+vJ0IJZ

  180. INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz

  181. 1geiY5E=

  182. =TkP3

  183. -----END PGP PUBLIC KEY BLOCK-----`)

  184. }

  185. 

  186. func testCreateValidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  187. 	// User2 <user2@example.com> //primary & activated

  188. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  189. 

  190. mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW

  191. VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS

  192. eu3T1qKSNXm6X0XOWD2LIrdiDC8HaI9FqZVMI/srMK2CF8XCL2m67W1FuoPlWzod

  193. 5ORy0IZB7spoF0xihmcgnEGElRmdo5w/vkGH8U7Zyn9Eb57UVFeafgeskf4wqB23

  194. BjbMdW2YaB+yzMRwYgOnD5lnBD4uqSmvjaV9C0kxn7x+oJkkiRV8/z1cNcO+BaeQ

  195. Akh/yTTeTzYGSc/ZOqCX1O+NOPgSeixVlqenABEBAAG0GVVzZXIyIDx1c2VyMkBl

  196. eGFtcGxlLmNvbT6JAVQEEwEIAD4WIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZW

  197. wwIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA46jvO1zKYLF/e

  198. B/91wm2KLMIQBZBA9WA2/+9rQWTo9EqgYrXN60rEzX3cYJWXZiE4DrKR1oWDGNLi

  199. KXOCW62snvJldolBqq0ZqaKvPKzl0Y5TRqbYEc9AjUSqgRin1b+G2DevLGT4ibq+

  200. 7ocQvz0XkASEUAgHahp0Ubiiib1521WwT/duL+AG8Gg0+DK09RfV3eX5/EOkQCKv

  201. 8cutqgsd2Smz40A8wXuJkRcipZBtrB/GkUaZ/eJdwEeSYZjEA9GWF61LJT2stvRN

  202. HCk7C3z3pVEek1PluiFs/4VN8BG8yDzW4c0tLty4Fj3VwPqwIbB5AJbquVfhQCb4

  203. Eep2lm3Lc9b1OwO5N3coPJkouQENBFmGVsMBCADAGba2L6NCOE1i3WIP6CPzbdOo

  204. N3gdTfTgccAx9fNeon9jor+3tgEjlo9/6cXiRoksOV6W4wFab/ZwWgwN6JO4CGvZ

  205. Wi7EQwMMMp1E36YTojKQJrcA9UvMnTHulqQQ88F5E845DhzFQM3erv42QZZMBAX3

  206. kXCgy1GNFocl6tLUvJdEqs+VcJGGANMpmzE4WLa8KhSYnxipwuQ62JBy9R+cHyKT

  207. OARk8znRqSu5bT3LtlrZ/HXu+6Oy4+2uCdNzZIh5J5tPS7CPA6ptl88iGVBte/CJ

  208. 7cjgJWSQqeYp2Y5QvsWAivkQ4Ww9plHbbwV0A2eaHsjjWzlUl3HoJ/snMOhBABEB

  209. AAGJATwEGAEIACYWIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZWwwIbDAUJA8Jn

  210. AAAKCRA46jvO1zKYLBwLCACQOpeRVrwIKVaWcPMYjVHHJsGscaLKpgpARAUgbiG6

  211. Cbc2WI8Sm3fRwrY0VAfN+u9QwrtvxANcyB3vTgTzw7FimfhOimxiTSO8HQCfjDZF

  212. Xly8rq+Fua7+ClWUpy21IekW41VvZYjH2sL6EVP+UcEOaGAyN53XfhaRVZPhNtZN

  213. NKAE9N5EG3rbsZ33LzJj40rEKlzFSseAAPft8qA3IXjzFBx+PQXHMpNCagL79he6

  214. lqockTJ+oPmta4CF/J0U5LUr1tOZXheL3TP6m8d08gDrtn0YuGOPk87i9sJz+jR9

  215. uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h

  216. =J59D

  217. -----END PGP PUBLIC KEY BLOCK-----`)

  218. }

  219. 

  220. func testCreateValidSecondaryEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  221. 	// User2 <user2-2@example.com> //secondary and not activated

  222. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  223. 

  224. mQGNBGC2K2cBDAC1+Xgk+8UfhASVgRngQi4rnQ8k0t+bWsBz4Czd26+cxVDRwlTT

  225. 8PALdrbrY/e9iXjcVcZ8Npo4UYe7/LfnL57dc7tgbenRGYYrWyVoNNv58BVw4xCY

  226. RmgvdHWIIPGuz3aME0smHxbJ2KewYTqjTPuVKF/wrHTwCpVWdjYKC5KDo3yx0mro

  227. xf9vOJOnkWNMiEw7TiZfkrbUqxyA53BVsSNKRX5C3b4FJcVT7eiAq7sDAaFxjEHy

  228. ahZslmvg7XZxWzSVzxDNesR7f4xuop8HBjzaluJoVuwiyWculTvz1b6hyHVQr+ad

  229. h8JGjj1tySI65OTFsTuptsfHXjtjl/NR4P6BXkf+FVwweaTQaEzpHkv0m9b9pY43

  230. CY/8XtS4uNPermiLG/Z0BB1eOCdoOQVHpjOa55IXQWhxXB6NZVyowiUbrR7jLDQy

  231. 5JP7D1HmErTR8JRm3VDqGbSaCgugRgFX+lb/fpgFp9k02OeK+JQudolZOt1mVk+T

  232. C4xmEWxfiH15/JMAEQEAAbQbdXNlcjIgPHVzZXIyLTJAZXhhbXBsZS5jb20+iQHU

  233. BBMBCAA+FiEEB/Y4DM3Ba2H9iXmlPO9G70C+/D4FAmC2K2cCGwMFCQPCZwAFCwkI

  234. BwIGFQoJCAsCBBYCAwECHgECF4AACgkQPO9G70C+/D59/Av/XZIhCH4X2FpxCO3d

  235. oCa+sbYkBL5xeUoPfAx5ThXzqL/tllO88TKTMEGZF3k5pocXWH0xmhqlvDTcdb0i

  236. W3O0CN8FLmuotU51c0JC1mt9zwJP9PeJNyqxrMm01Yzj55z/Dz3QHSTlDjrWTWjn

  237. YBqDf2HfdM177oydfSYmevZni1aDmBalWpFPRvqISCO7uFnvg1hJQ5mD/0qie663

  238. QJ8LAAANg32H9DyPnYi9wU62WX0DMUVTjKctT3cnYCbirjjJ7ZlCCm+cf61CRX1B

  239. E1Ng/Ef3ZcUfXWitZSjfET/pKEMSNjsQawFpZ/LPCBl+UPHzaTPAASeGJvcbZ3py

  240. wZQLQc1MCu2hmMBQ8zHQTdS2Pp0RISxCQLYvVQL6DrcJDNiSqn9p9RQt5c5r5Pjx

  241. 80BIPcjj3glOVP7PYE2azQAkt6reEjhimwCfjeDpiPnkBTY7Av2jCcUFhhemDY/j

  242. TRXK1paLphhJ36zC22SeHGxNNakjjuUakqB85DEUeoWuVm6ouQGNBGC2K2cBDADx

  243. G2rIAgMjdPtofhkEZXwv6zdNwmYOlIIM+59bam9Ep/vFq8F5f+xldevm5dvM8SeR

  244. pNwDGSOUf5OKBWBdsJFhlYBl7+EcKd/Tent/XS6JoA9ffF33b+r04L543+ykiKON

  245. WYeYi0F4WwYTIQgqZHJze1sPVkYGR5F0bL8PAcLuwd5dzZVi/q2HakrGdg29N8oY

  246. b/XnoR7FflPrNYdzO6hawi5Inx7KS7aWa0ZkARb0F4HSct+/m6nAZVsoJINLudyQ

  247. ut2NWeU8rWIm1hqyIxQFvuQJy46umq++10J/sWA98bkg41Rx+72+eP7DM5v8IgUp

  248. clJsfljRXIBWbmRAVZvtNI7PX9fwMMhf4M7wHO7G2WV39o1exKps5xFFcn8PUQiX

  249. jCSR81M145CgCdmLUR1y0pdkN/WIqjXBhkPIvO2dxEcodMNHb1aUUuUOnww6+xIP

  250. 8rGVw+a2DUiALc8Qr5RP21AYKRctfiwhSQh2KODveMtyLI3U9C/eLRPp+QM3XB8A

  251. EQEAAYkBvAQYAQgAJhYhBAf2OAzNwWth/Yl5pTzvRu9Avvw+BQJgtitnAhsMBQkD

  252. wmcAAAoJEDzvRu9Avvw+3FcMAJBwupyJ4zwQFxTJ5BkDlusG3U2FXEf3bDrXhvNd

  253. qi8eS8Vo/vRiH/w/my5JFpz1o2tJToryF71D+uF5DTItalKquhsQ9reAEmXggqOh

  254. 9Jd9mWJIEEWcRORiLNDKENKvE8bouw4U4hRaSF0IaGzAe5mO+oOvwal8L97wFxrZ

  255. 4leM1GzkopiuNfbkkBBw2KJcMjYBHzzXSCALnVwhjbgkBEWPIg38APT3cr9KfnMM

  256. q8+tvsGLj4piAl3Lww7+GhSsDOUXH8btR41BSAQDrbO5q6oi/h4nuxoNmQIDW/Ug

  257. s+dd5hnY2FtHRjb4FCR9kAjdTE6stc8wzohWfbg1N+12TTA2ylByAumICVXixavH

  258. RJ7l0OiWJk388qw9mqh3k8HcBxL7OfDlFC9oPmCS0iYiIwW/Yc80kBhoxcvl/Xa7

  259. mIMMn8taHIaQO7v9ln2EVQYTzbNCmwTw9ovTM0j/Pbkg2EftfP1TCoxQHvBnsCED

  260. 6qgtsUdi5eviONRkBgeZtN3oxA==

  261. =MgDv

  262. -----END PGP PUBLIC KEY BLOCK-----`)

  263. }