mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12437 Commits
17 Branches
Tree: 98d903a3c6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '98d903a3c6'
${ noResults }
gitea/integrations/api_gpg_keys_test.go

api_gpg_keys_test.go 12KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261 
  1. // Copyright 2017 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"net/http"

  9. 	"net/http/httptest"

  10. 	"strconv"

  11. 	"testing"

  12. 

  13. 	api "code.gitea.io/gitea/modules/structs"

  14. 

  15. 	"github.com/stretchr/testify/assert"

  16. )

  17. 

  18. type makeRequestFunc func(testing.TB, *http.Request, int) *httptest.ResponseRecorder

  19. 

  20. func TestGPGKeys(t *testing.T) {

  21. 	defer prepareTestEnv(t)()

  22. 	session := loginUser(t, "user2")

  23. 	token := getTokenForLoggedInUser(t, session)

  24. 

  25. 	tt := []struct {

  26. 		name        string

  27. 		makeRequest makeRequestFunc

  28. 		token       string

  29. 		results     []int

  30. 	}{

  31. 		{name: "NoLogin", makeRequest: MakeRequest, token: "",

  32. 			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},

  33. 		},

  34. 		{name: "LoggedAsUser2", makeRequest: session.MakeRequest, token: token,

  35. 			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusUnprocessableEntity, http.StatusNotFound, http.StatusCreated, http.StatusNotFound, http.StatusCreated}},

  36. 	}

  37. 

  38. 	for _, tc := range tt {

  39. 		//Basic test on result code

  40. 		t.Run(tc.name, func(t *testing.T) {

  41. 			t.Run("ViewOwnGPGKeys", func(t *testing.T) {

  42. 				testViewOwnGPGKeys(t, tc.makeRequest, tc.token, tc.results[0])

  43. 			})

  44. 			t.Run("ViewGPGKeys", func(t *testing.T) {

  45. 				testViewGPGKeys(t, tc.makeRequest, tc.token, tc.results[1])

  46. 			})

  47. 			t.Run("GetGPGKey", func(t *testing.T) {

  48. 				testGetGPGKey(t, tc.makeRequest, tc.token, tc.results[2])

  49. 			})

  50. 			t.Run("DeleteGPGKey", func(t *testing.T) {

  51. 				testDeleteGPGKey(t, tc.makeRequest, tc.token, tc.results[3])

  52. 			})

  53. 

  54. 			t.Run("CreateInvalidGPGKey", func(t *testing.T) {

  55. 				testCreateInvalidGPGKey(t, tc.makeRequest, tc.token, tc.results[4])

  56. 			})

  57. 			t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) {

  58. 				testCreateNoneRegistredEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[5])

  59. 			})

  60. 			t.Run("CreateValidGPGKey", func(t *testing.T) {

  61. 				testCreateValidGPGKey(t, tc.makeRequest, tc.token, tc.results[6])

  62. 			})

  63. 			t.Run("CreateValidSecondaryEmailGPGKeyNotActivated", func(t *testing.T) {

  64. 				testCreateValidSecondaryEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[7])

  65. 			})

  66. 		})

  67. 	}

  68. 

  69. 	//Check state after basic add

  70. 	t.Run("CheckState", func(t *testing.T) {

  71. 

  72. 		var keys []*api.GPGKey

  73. 

  74. 		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token) //GET all keys

  75. 		resp := session.MakeRequest(t, req, http.StatusOK)

  76. 		DecodeJSON(t, resp, &keys)

  77. 		assert.Len(t, keys, 1)

  78. 

  79. 		primaryKey1 := keys[0] //Primary key 1

  80. 		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)

  81. 		assert.Len(t, primaryKey1.Emails, 1)

  82. 		assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email)

  83. 		assert.True(t, primaryKey1.Emails[0].Verified)

  84. 

  85. 		subKey := primaryKey1.SubsKey[0] //Subkey of 38EA3BCED732982C

  86. 		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)

  87. 		assert.Empty(t, subKey.Emails)

  88. 

  89. 		var key api.GPGKey

  90. 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)+"?token="+token) //Primary key 1

  91. 		resp = session.MakeRequest(t, req, http.StatusOK)

  92. 		DecodeJSON(t, resp, &key)

  93. 		assert.EqualValues(t, "38EA3BCED732982C", key.KeyID)

  94. 		assert.Len(t, key.Emails, 1)

  95. 		assert.EqualValues(t, "user2@example.com", key.Emails[0].Email)

  96. 		assert.True(t, key.Emails[0].Verified)

  97. 

  98. 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)+"?token="+token) //Subkey of 38EA3BCED732982C

  99. 		resp = session.MakeRequest(t, req, http.StatusOK)

  100. 		DecodeJSON(t, resp, &key)

  101. 		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)

  102. 		assert.Empty(t, key.Emails)

  103. 	})

  104. 

  105. 	//Check state after basic add

  106. 	t.Run("CheckCommits", func(t *testing.T) {

  107. 		t.Run("NotSigned", func(t *testing.T) {

  108. 			var branch api.Branch

  109. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed?token="+token)

  110. 			resp := session.MakeRequest(t, req, http.StatusOK)

  111. 			DecodeJSON(t, resp, &branch)

  112. 			assert.False(t, branch.Commit.Verification.Verified)

  113. 		})

  114. 

  115. 		t.Run("SignedWithNotValidatedEmail", func(t *testing.T) {

  116. 			var branch api.Branch

  117. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated?token="+token)

  118. 			resp := session.MakeRequest(t, req, http.StatusOK)

  119. 			DecodeJSON(t, resp, &branch)

  120. 			assert.False(t, branch.Commit.Verification.Verified)

  121. 		})

  122. 

  123. 		t.Run("SignedWithValidEmail", func(t *testing.T) {

  124. 			var branch api.Branch

  125. 			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign?token="+token)

  126. 			resp := session.MakeRequest(t, req, http.StatusOK)

  127. 			DecodeJSON(t, resp, &branch)

  128. 			assert.True(t, branch.Commit.Verification.Verified)

  129. 		})

  130. 	})

  131. }

  132. 

  133. func testViewOwnGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  134. 	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token)

  135. 	makeRequest(t, req, expected)

  136. }

  137. 

  138. func testViewGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  139. 	req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys?token="+token)

  140. 	makeRequest(t, req, expected)

  141. }

  142. 

  143. func testGetGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  144. 	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1?token="+token)

  145. 	makeRequest(t, req, expected)

  146. }

  147. 

  148. func testDeleteGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  149. 	req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1?token="+token)

  150. 	makeRequest(t, req, expected)

  151. }

  152. 

  153. func testCreateGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int, publicKey string) {

  154. 	req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys?token="+token, api.CreateGPGKeyOption{

  155. 		ArmoredKey: publicKey,

  156. 	})

  157. 	makeRequest(t, req, expected)

  158. }

  159. 

  160. func testCreateInvalidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  161. 	testCreateGPGKey(t, makeRequest, token, expected, "invalid_key")

  162. }

  163. 

  164. func testCreateNoneRegistredEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  165. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  166. 

  167. mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh

  168. dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O

  169. 7moAphDOTZtDj1AZfCh/PTcJut8Lc0eRDMhNyp/bYtO7SHNT1Hr6rrCV/xEtSAvR

  170. 3b148/tmIBiSadaLwc558KU3ucjnW5RVGins3AjBZ+TuT4XXVH/oeLSeXPSJ5rt1

  171. rHwaseslMqZ4AbvwFLx5qn1OC9rEQv/F548QsA8m0IntLjoPon+6wcubA9Gra21c

  172. Fp6aRYl9x7fiqXDLg8i3s2nKdV7+e6as6Tp9ABEBAAG0FG5vdGtub3duQGV4YW1w

  173. bGUuY29tiQEcBBABAgAGBQJZhlMoAAoJEC8+pvYULDtte/wH/2JNrhmHwDY+hMj0

  174. batIK4HICnkKxjIgbha80P2Ao08NkzSge58fsxiKDFYAQjHui+ZAw4dq79Ax9AOO

  175. Iv2GS9+DUfWhrb6RF+vNuJldFzcI0rTW/z2q+XGKrUCwN3khJY5XngHfQQrdBtMK

  176. qsoUXz/5B8g422RTbo/SdPsyYAV6HeLLeV3rdgjI1fpaW0seZKHeTXQb/HvNeuPg

  177. qz+XV1g6Gdqa1RjDOaX7A8elVKxrYq3LBtc93FW+grBde8n7JL0zPM3DY+vJ0IJZ

  178. INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz

  179. 1geiY5E=

  180. =TkP3

  181. -----END PGP PUBLIC KEY BLOCK-----`)

  182. }

  183. 

  184. func testCreateValidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  185. 	//User2 <user2@example.com> //primary & activated

  186. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  187. 

  188. mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW

  189. VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS

  190. eu3T1qKSNXm6X0XOWD2LIrdiDC8HaI9FqZVMI/srMK2CF8XCL2m67W1FuoPlWzod

  191. 5ORy0IZB7spoF0xihmcgnEGElRmdo5w/vkGH8U7Zyn9Eb57UVFeafgeskf4wqB23

  192. BjbMdW2YaB+yzMRwYgOnD5lnBD4uqSmvjaV9C0kxn7x+oJkkiRV8/z1cNcO+BaeQ

  193. Akh/yTTeTzYGSc/ZOqCX1O+NOPgSeixVlqenABEBAAG0GVVzZXIyIDx1c2VyMkBl

  194. eGFtcGxlLmNvbT6JAVQEEwEIAD4WIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZW

  195. wwIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA46jvO1zKYLF/e

  196. B/91wm2KLMIQBZBA9WA2/+9rQWTo9EqgYrXN60rEzX3cYJWXZiE4DrKR1oWDGNLi

  197. KXOCW62snvJldolBqq0ZqaKvPKzl0Y5TRqbYEc9AjUSqgRin1b+G2DevLGT4ibq+

  198. 7ocQvz0XkASEUAgHahp0Ubiiib1521WwT/duL+AG8Gg0+DK09RfV3eX5/EOkQCKv

  199. 8cutqgsd2Smz40A8wXuJkRcipZBtrB/GkUaZ/eJdwEeSYZjEA9GWF61LJT2stvRN

  200. HCk7C3z3pVEek1PluiFs/4VN8BG8yDzW4c0tLty4Fj3VwPqwIbB5AJbquVfhQCb4

  201. Eep2lm3Lc9b1OwO5N3coPJkouQENBFmGVsMBCADAGba2L6NCOE1i3WIP6CPzbdOo

  202. N3gdTfTgccAx9fNeon9jor+3tgEjlo9/6cXiRoksOV6W4wFab/ZwWgwN6JO4CGvZ

  203. Wi7EQwMMMp1E36YTojKQJrcA9UvMnTHulqQQ88F5E845DhzFQM3erv42QZZMBAX3

  204. kXCgy1GNFocl6tLUvJdEqs+VcJGGANMpmzE4WLa8KhSYnxipwuQ62JBy9R+cHyKT

  205. OARk8znRqSu5bT3LtlrZ/HXu+6Oy4+2uCdNzZIh5J5tPS7CPA6ptl88iGVBte/CJ

  206. 7cjgJWSQqeYp2Y5QvsWAivkQ4Ww9plHbbwV0A2eaHsjjWzlUl3HoJ/snMOhBABEB

  207. AAGJATwEGAEIACYWIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZWwwIbDAUJA8Jn

  208. AAAKCRA46jvO1zKYLBwLCACQOpeRVrwIKVaWcPMYjVHHJsGscaLKpgpARAUgbiG6

  209. Cbc2WI8Sm3fRwrY0VAfN+u9QwrtvxANcyB3vTgTzw7FimfhOimxiTSO8HQCfjDZF

  210. Xly8rq+Fua7+ClWUpy21IekW41VvZYjH2sL6EVP+UcEOaGAyN53XfhaRVZPhNtZN

  211. NKAE9N5EG3rbsZ33LzJj40rEKlzFSseAAPft8qA3IXjzFBx+PQXHMpNCagL79he6

  212. lqockTJ+oPmta4CF/J0U5LUr1tOZXheL3TP6m8d08gDrtn0YuGOPk87i9sJz+jR9

  213. uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h

  214. =J59D

  215. -----END PGP PUBLIC KEY BLOCK-----`)

  216. }

  217. 

  218. func testCreateValidSecondaryEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {

  219. 	//User2 <user2-2@example.com> //secondary and not activated

  220. 	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  221. 

  222. mQGNBGC2K2cBDAC1+Xgk+8UfhASVgRngQi4rnQ8k0t+bWsBz4Czd26+cxVDRwlTT

  223. 8PALdrbrY/e9iXjcVcZ8Npo4UYe7/LfnL57dc7tgbenRGYYrWyVoNNv58BVw4xCY

  224. RmgvdHWIIPGuz3aME0smHxbJ2KewYTqjTPuVKF/wrHTwCpVWdjYKC5KDo3yx0mro

  225. xf9vOJOnkWNMiEw7TiZfkrbUqxyA53BVsSNKRX5C3b4FJcVT7eiAq7sDAaFxjEHy

  226. ahZslmvg7XZxWzSVzxDNesR7f4xuop8HBjzaluJoVuwiyWculTvz1b6hyHVQr+ad

  227. h8JGjj1tySI65OTFsTuptsfHXjtjl/NR4P6BXkf+FVwweaTQaEzpHkv0m9b9pY43

  228. CY/8XtS4uNPermiLG/Z0BB1eOCdoOQVHpjOa55IXQWhxXB6NZVyowiUbrR7jLDQy

  229. 5JP7D1HmErTR8JRm3VDqGbSaCgugRgFX+lb/fpgFp9k02OeK+JQudolZOt1mVk+T

  230. C4xmEWxfiH15/JMAEQEAAbQbdXNlcjIgPHVzZXIyLTJAZXhhbXBsZS5jb20+iQHU

  231. BBMBCAA+FiEEB/Y4DM3Ba2H9iXmlPO9G70C+/D4FAmC2K2cCGwMFCQPCZwAFCwkI

  232. BwIGFQoJCAsCBBYCAwECHgECF4AACgkQPO9G70C+/D59/Av/XZIhCH4X2FpxCO3d

  233. oCa+sbYkBL5xeUoPfAx5ThXzqL/tllO88TKTMEGZF3k5pocXWH0xmhqlvDTcdb0i

  234. W3O0CN8FLmuotU51c0JC1mt9zwJP9PeJNyqxrMm01Yzj55z/Dz3QHSTlDjrWTWjn

  235. YBqDf2HfdM177oydfSYmevZni1aDmBalWpFPRvqISCO7uFnvg1hJQ5mD/0qie663

  236. QJ8LAAANg32H9DyPnYi9wU62WX0DMUVTjKctT3cnYCbirjjJ7ZlCCm+cf61CRX1B

  237. E1Ng/Ef3ZcUfXWitZSjfET/pKEMSNjsQawFpZ/LPCBl+UPHzaTPAASeGJvcbZ3py

  238. wZQLQc1MCu2hmMBQ8zHQTdS2Pp0RISxCQLYvVQL6DrcJDNiSqn9p9RQt5c5r5Pjx

  239. 80BIPcjj3glOVP7PYE2azQAkt6reEjhimwCfjeDpiPnkBTY7Av2jCcUFhhemDY/j

  240. TRXK1paLphhJ36zC22SeHGxNNakjjuUakqB85DEUeoWuVm6ouQGNBGC2K2cBDADx

  241. G2rIAgMjdPtofhkEZXwv6zdNwmYOlIIM+59bam9Ep/vFq8F5f+xldevm5dvM8SeR

  242. pNwDGSOUf5OKBWBdsJFhlYBl7+EcKd/Tent/XS6JoA9ffF33b+r04L543+ykiKON

  243. WYeYi0F4WwYTIQgqZHJze1sPVkYGR5F0bL8PAcLuwd5dzZVi/q2HakrGdg29N8oY

  244. b/XnoR7FflPrNYdzO6hawi5Inx7KS7aWa0ZkARb0F4HSct+/m6nAZVsoJINLudyQ

  245. ut2NWeU8rWIm1hqyIxQFvuQJy46umq++10J/sWA98bkg41Rx+72+eP7DM5v8IgUp

  246. clJsfljRXIBWbmRAVZvtNI7PX9fwMMhf4M7wHO7G2WV39o1exKps5xFFcn8PUQiX

  247. jCSR81M145CgCdmLUR1y0pdkN/WIqjXBhkPIvO2dxEcodMNHb1aUUuUOnww6+xIP

  248. 8rGVw+a2DUiALc8Qr5RP21AYKRctfiwhSQh2KODveMtyLI3U9C/eLRPp+QM3XB8A

  249. EQEAAYkBvAQYAQgAJhYhBAf2OAzNwWth/Yl5pTzvRu9Avvw+BQJgtitnAhsMBQkD

  250. wmcAAAoJEDzvRu9Avvw+3FcMAJBwupyJ4zwQFxTJ5BkDlusG3U2FXEf3bDrXhvNd

  251. qi8eS8Vo/vRiH/w/my5JFpz1o2tJToryF71D+uF5DTItalKquhsQ9reAEmXggqOh

  252. 9Jd9mWJIEEWcRORiLNDKENKvE8bouw4U4hRaSF0IaGzAe5mO+oOvwal8L97wFxrZ

  253. 4leM1GzkopiuNfbkkBBw2KJcMjYBHzzXSCALnVwhjbgkBEWPIg38APT3cr9KfnMM

  254. q8+tvsGLj4piAl3Lww7+GhSsDOUXH8btR41BSAQDrbO5q6oi/h4nuxoNmQIDW/Ug

  255. s+dd5hnY2FtHRjb4FCR9kAjdTE6stc8wzohWfbg1N+12TTA2ylByAumICVXixavH

  256. RJ7l0OiWJk388qw9mqh3k8HcBxL7OfDlFC9oPmCS0iYiIwW/Yc80kBhoxcvl/Xa7

  257. mIMMn8taHIaQO7v9ln2EVQYTzbNCmwTw9ovTM0j/Pbkg2EftfP1TCoxQHvBnsCED

  258. 6qgtsUdi5eviONRkBgeZtN3oxA==

  259. =MgDv

  260. -----END PGP PUBLIC KEY BLOCK-----`)

  261. }