mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12437 Commits
17 Branches
Tree: 98d903a3c6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '98d903a3c6'
${ noResults }
gitea/integrations/api_team_test.go

api_team_test.go 6.9KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"fmt"

  9. 	"net/http"

  10. 	"sort"

  11. 	"testing"

  12. 

  13. 	"code.gitea.io/gitea/models"

  14. 	"code.gitea.io/gitea/models/unittest"

  15. 	user_model "code.gitea.io/gitea/models/user"

  16. 	"code.gitea.io/gitea/modules/convert"

  17. 	api "code.gitea.io/gitea/modules/structs"

  18. 

  19. 	"github.com/stretchr/testify/assert"

  20. )

  21. 

  22. func TestAPITeam(t *testing.T) {

  23. 	defer prepareTestEnv(t)()

  24. 

  25. 	teamUser := unittest.AssertExistsAndLoadBean(t, &models.TeamUser{}).(*models.TeamUser)

  26. 	team := unittest.AssertExistsAndLoadBean(t, &models.Team{ID: teamUser.TeamID}).(*models.Team)

  27. 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: teamUser.UID}).(*user_model.User)

  28. 

  29. 	session := loginUser(t, user.Name)

  30. 	token := getTokenForLoggedInUser(t, session)

  31. 	req := NewRequestf(t, "GET", "/api/v1/teams/%d?token="+token, teamUser.TeamID)

  32. 	resp := session.MakeRequest(t, req, http.StatusOK)

  33. 

  34. 	var apiTeam api.Team

  35. 	DecodeJSON(t, resp, &apiTeam)

  36. 	assert.EqualValues(t, team.ID, apiTeam.ID)

  37. 	assert.Equal(t, team.Name, apiTeam.Name)

  38. 

  39. 	// non team member user will not access the teams details

  40. 	teamUser2 := unittest.AssertExistsAndLoadBean(t, &models.TeamUser{ID: 3}).(*models.TeamUser)

  41. 	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: teamUser2.UID}).(*user_model.User)

  42. 

  43. 	session = loginUser(t, user2.Name)

  44. 	token = getTokenForLoggedInUser(t, session)

  45. 	req = NewRequestf(t, "GET", "/api/v1/teams/%d?token="+token, teamUser.TeamID)

  46. 	_ = session.MakeRequest(t, req, http.StatusForbidden)

  47. 

  48. 	req = NewRequestf(t, "GET", "/api/v1/teams/%d", teamUser.TeamID)

  49. 	_ = session.MakeRequest(t, req, http.StatusUnauthorized)

  50. 

  51. 	// Get an admin user able to create, update and delete teams.

  52. 	user = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1}).(*user_model.User)

  53. 	session = loginUser(t, user.Name)

  54. 	token = getTokenForLoggedInUser(t, session)

  55. 

  56. 	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 6}).(*user_model.User)

  57. 

  58. 	// Create team.

  59. 	teamToCreate := &api.CreateTeamOption{

  60. 		Name:                    "team1",

  61. 		Description:             "team one",

  62. 		IncludesAllRepositories: true,

  63. 		Permission:              "write",

  64. 		Units:                   []string{"repo.code", "repo.issues"},

  65. 	}

  66. 	req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams?token=%s", org.Name, token), teamToCreate)

  67. 	resp = session.MakeRequest(t, req, http.StatusCreated)

  68. 	DecodeJSON(t, resp, &apiTeam)

  69. 	checkTeamResponse(t, &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,

  70. 		teamToCreate.Permission, teamToCreate.Units)

  71. 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,

  72. 		teamToCreate.Permission, teamToCreate.Units)

  73. 	teamID := apiTeam.ID

  74. 

  75. 	// Edit team.

  76. 	editDescription := "team 1"

  77. 	editFalse := false

  78. 	teamToEdit := &api.EditTeamOption{

  79. 		Name:                    "teamone",

  80. 		Description:             &editDescription,

  81. 		Permission:              "admin",

  82. 		IncludesAllRepositories: &editFalse,

  83. 		Units:                   []string{"repo.code", "repo.pulls", "repo.releases"},

  84. 	}

  85. 

  86. 	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d?token=%s", teamID, token), teamToEdit)

  87. 	resp = session.MakeRequest(t, req, http.StatusOK)

  88. 	DecodeJSON(t, resp, &apiTeam)

  89. 	checkTeamResponse(t, &apiTeam, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,

  90. 		teamToEdit.Permission, teamToEdit.Units)

  91. 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,

  92. 		teamToEdit.Permission, teamToEdit.Units)

  93. 

  94. 	// Edit team Description only

  95. 	editDescription = "first team"

  96. 	teamToEditDesc := api.EditTeamOption{Description: &editDescription}

  97. 	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d?token=%s", teamID, token), teamToEditDesc)

  98. 	resp = session.MakeRequest(t, req, http.StatusOK)

  99. 	DecodeJSON(t, resp, &apiTeam)

  100. 	checkTeamResponse(t, &apiTeam, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,

  101. 		teamToEdit.Permission, teamToEdit.Units)

  102. 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,

  103. 		teamToEdit.Permission, teamToEdit.Units)

  104. 

  105. 	// Read team.

  106. 	teamRead := unittest.AssertExistsAndLoadBean(t, &models.Team{ID: teamID}).(*models.Team)

  107. 	req = NewRequestf(t, "GET", "/api/v1/teams/%d?token="+token, teamID)

  108. 	resp = session.MakeRequest(t, req, http.StatusOK)

  109. 	DecodeJSON(t, resp, &apiTeam)

  110. 	checkTeamResponse(t, &apiTeam, teamRead.Name, *teamToEditDesc.Description, teamRead.IncludesAllRepositories,

  111. 		teamRead.Authorize.String(), teamRead.GetUnitNames())

  112. 

  113. 	// Delete team.

  114. 	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d?token="+token, teamID)

  115. 	session.MakeRequest(t, req, http.StatusNoContent)

  116. 	unittest.AssertNotExistsBean(t, &models.Team{ID: teamID})

  117. }

  118. 

  119. func checkTeamResponse(t *testing.T, apiTeam *api.Team, name, description string, includesAllRepositories bool, permission string, units []string) {

  120. 	assert.Equal(t, name, apiTeam.Name, "name")

  121. 	assert.Equal(t, description, apiTeam.Description, "description")

  122. 	assert.Equal(t, includesAllRepositories, apiTeam.IncludesAllRepositories, "includesAllRepositories")

  123. 	assert.Equal(t, permission, apiTeam.Permission, "permission")

  124. 	sort.StringSlice(units).Sort()

  125. 	sort.StringSlice(apiTeam.Units).Sort()

  126. 	assert.EqualValues(t, units, apiTeam.Units, "units")

  127. }

  128. 

  129. func checkTeamBean(t *testing.T, id int64, name, description string, includesAllRepositories bool, permission string, units []string) {

  130. 	team := unittest.AssertExistsAndLoadBean(t, &models.Team{ID: id}).(*models.Team)

  131. 	assert.NoError(t, team.GetUnits(), "GetUnits")

  132. 	checkTeamResponse(t, convert.ToTeam(team), name, description, includesAllRepositories, permission, units)

  133. }

  134. 

  135. type TeamSearchResults struct {

  136. 	OK   bool        `json:"ok"`

  137. 	Data []*api.Team `json:"data"`

  138. }

  139. 

  140. func TestAPITeamSearch(t *testing.T) {

  141. 	defer prepareTestEnv(t)()

  142. 

  143. 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}).(*user_model.User)

  144. 	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3}).(*user_model.User)

  145. 

  146. 	var results TeamSearchResults

  147. 

  148. 	session := loginUser(t, user.Name)

  149. 	csrf := GetCSRF(t, session, "/"+org.Name)

  150. 	req := NewRequestf(t, "GET", "/api/v1/orgs/%s/teams/search?q=%s", org.Name, "_team")

  151. 	req.Header.Add("X-Csrf-Token", csrf)

  152. 	resp := session.MakeRequest(t, req, http.StatusOK)

  153. 	DecodeJSON(t, resp, &results)

  154. 	assert.NotEmpty(t, results.Data)

  155. 	assert.Len(t, results.Data, 1)

  156. 	assert.Equal(t, "test_team", results.Data[0].Name)

  157. 

  158. 	// no access if not organization member

  159. 	user5 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5}).(*user_model.User)

  160. 	session = loginUser(t, user5.Name)

  161. 	csrf = GetCSRF(t, session, "/"+org.Name)

  162. 	req = NewRequestf(t, "GET", "/api/v1/orgs/%s/teams/search?q=%s", org.Name, "team")

  163. 	req.Header.Add("X-Csrf-Token", csrf)

  164. 	session.MakeRequest(t, req, http.StatusForbidden)

  165. 

  166. }