mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12437 Commits
17 Branches
Tree: 98d903a3c6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '98d903a3c6'
${ noResults }
gitea/integrations/org_test.go

org_test.go 6.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176 
  1. // Copyright 2019 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"fmt"

  9. 	"net/http"

  10. 	"strings"

  11. 	"testing"

  12. 

  13. 	api "code.gitea.io/gitea/modules/structs"

  14. 

  15. 	"github.com/stretchr/testify/assert"

  16. )

  17. 

  18. func TestOrgRepos(t *testing.T) {

  19. 	defer prepareTestEnv(t)()

  20. 

  21. 	var (

  22. 		users = []string{"user1", "user2"}

  23. 		cases = map[string][]string{

  24. 			"alphabetically":        {"repo21", "repo3", "repo5"},

  25. 			"reversealphabetically": {"repo5", "repo3", "repo21"},

  26. 		}

  27. 	)

  28. 

  29. 	for _, user := range users {

  30. 		t.Run(user, func(t *testing.T) {

  31. 			session := loginUser(t, user)

  32. 			for sortBy, repos := range cases {

  33. 				req := NewRequest(t, "GET", "/user3?sort="+sortBy)

  34. 				resp := session.MakeRequest(t, req, http.StatusOK)

  35. 

  36. 				htmlDoc := NewHTMLParser(t, resp.Body)

  37. 

  38. 				sel := htmlDoc.doc.Find("a.name")

  39. 				assert.Len(t, repos, len(sel.Nodes))

  40. 				for i := 0; i < len(repos); i++ {

  41. 					assert.EqualValues(t, repos[i], strings.TrimSpace(sel.Eq(i).Text()))

  42. 				}

  43. 			}

  44. 		})

  45. 	}

  46. }

  47. 

  48. func TestLimitedOrg(t *testing.T) {

  49. 	defer prepareTestEnv(t)()

  50. 

  51. 	// not logged in user

  52. 	req := NewRequest(t, "GET", "/limited_org")

  53. 	MakeRequest(t, req, http.StatusNotFound)

  54. 	req = NewRequest(t, "GET", "/limited_org/public_repo_on_limited_org")

  55. 	MakeRequest(t, req, http.StatusNotFound)

  56. 	req = NewRequest(t, "GET", "/limited_org/private_repo_on_limited_org")

  57. 	MakeRequest(t, req, http.StatusNotFound)

  58. 

  59. 	// login non-org member user

  60. 	session := loginUser(t, "user2")

  61. 	req = NewRequest(t, "GET", "/limited_org")

  62. 	session.MakeRequest(t, req, http.StatusOK)

  63. 	req = NewRequest(t, "GET", "/limited_org/public_repo_on_limited_org")

  64. 	session.MakeRequest(t, req, http.StatusOK)

  65. 	req = NewRequest(t, "GET", "/limited_org/private_repo_on_limited_org")

  66. 	session.MakeRequest(t, req, http.StatusNotFound)

  67. 

  68. 	// site admin

  69. 	session = loginUser(t, "user1")

  70. 	req = NewRequest(t, "GET", "/limited_org")

  71. 	session.MakeRequest(t, req, http.StatusOK)

  72. 	req = NewRequest(t, "GET", "/limited_org/public_repo_on_limited_org")

  73. 	session.MakeRequest(t, req, http.StatusOK)

  74. 	req = NewRequest(t, "GET", "/limited_org/private_repo_on_limited_org")

  75. 	session.MakeRequest(t, req, http.StatusOK)

  76. }

  77. 

  78. func TestPrivateOrg(t *testing.T) {

  79. 	defer prepareTestEnv(t)()

  80. 

  81. 	// not logged in user

  82. 	req := NewRequest(t, "GET", "/privated_org")

  83. 	MakeRequest(t, req, http.StatusNotFound)

  84. 	req = NewRequest(t, "GET", "/privated_org/public_repo_on_private_org")

  85. 	MakeRequest(t, req, http.StatusNotFound)

  86. 	req = NewRequest(t, "GET", "/privated_org/private_repo_on_private_org")

  87. 	MakeRequest(t, req, http.StatusNotFound)

  88. 

  89. 	// login non-org member user

  90. 	session := loginUser(t, "user2")

  91. 	req = NewRequest(t, "GET", "/privated_org")

  92. 	session.MakeRequest(t, req, http.StatusNotFound)

  93. 	req = NewRequest(t, "GET", "/privated_org/public_repo_on_private_org")

  94. 	session.MakeRequest(t, req, http.StatusNotFound)

  95. 	req = NewRequest(t, "GET", "/privated_org/private_repo_on_private_org")

  96. 	session.MakeRequest(t, req, http.StatusNotFound)

  97. 

  98. 	// non-org member who is collaborator on repo in private org

  99. 	session = loginUser(t, "user4")

  100. 	req = NewRequest(t, "GET", "/privated_org")

  101. 	session.MakeRequest(t, req, http.StatusNotFound)

  102. 	req = NewRequest(t, "GET", "/privated_org/public_repo_on_private_org") // colab of this repo

  103. 	session.MakeRequest(t, req, http.StatusOK)

  104. 	req = NewRequest(t, "GET", "/privated_org/private_repo_on_private_org")

  105. 	session.MakeRequest(t, req, http.StatusNotFound)

  106. 

  107. 	// site admin

  108. 	session = loginUser(t, "user1")

  109. 	req = NewRequest(t, "GET", "/privated_org")

  110. 	session.MakeRequest(t, req, http.StatusOK)

  111. 	req = NewRequest(t, "GET", "/privated_org/public_repo_on_private_org")

  112. 	session.MakeRequest(t, req, http.StatusOK)

  113. 	req = NewRequest(t, "GET", "/privated_org/private_repo_on_private_org")

  114. 	session.MakeRequest(t, req, http.StatusOK)

  115. }

  116. 

  117. func TestOrgRestrictedUser(t *testing.T) {

  118. 	defer prepareTestEnv(t)()

  119. 

  120. 	// privated_org is a private org who has id 23

  121. 	orgName := "privated_org"

  122. 

  123. 	// public_repo_on_private_org is a public repo on privated_org

  124. 	repoName := "public_repo_on_private_org"

  125. 

  126. 	// user29 is a restricted user who is not a member of the organization

  127. 	restrictedUser := "user29"

  128. 

  129. 	// #17003 reports a bug whereby adding a restricted user to a read-only team doesn't work

  130. 

  131. 	// assert restrictedUser cannot see the org or the public repo

  132. 	restrictedSession := loginUser(t, restrictedUser)

  133. 	req := NewRequest(t, "GET", fmt.Sprintf("/%s", orgName))

  134. 	restrictedSession.MakeRequest(t, req, http.StatusNotFound)

  135. 

  136. 	req = NewRequest(t, "GET", fmt.Sprintf("/%s/%s", orgName, repoName))

  137. 	restrictedSession.MakeRequest(t, req, http.StatusNotFound)

  138. 

  139. 	// Therefore create a read-only team

  140. 	adminSession := loginUser(t, "user1")

  141. 	token := getTokenForLoggedInUser(t, adminSession)

  142. 

  143. 	teamToCreate := &api.CreateTeamOption{

  144. 		Name:                    "codereader",

  145. 		Description:             "Code Reader",

  146. 		IncludesAllRepositories: true,

  147. 		Permission:              "read",

  148. 		Units:                   []string{"repo.code"},

  149. 	}

  150. 

  151. 	req = NewRequestWithJSON(t, "POST",

  152. 		fmt.Sprintf("/api/v1/orgs/%s/teams?token=%s", orgName, token), teamToCreate)

  153. 

  154. 	var apiTeam api.Team

  155. 

  156. 	resp := adminSession.MakeRequest(t, req, http.StatusCreated)

  157. 	DecodeJSON(t, resp, &apiTeam)

  158. 	checkTeamResponse(t, &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,

  159. 		teamToCreate.Permission, teamToCreate.Units)

  160. 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,

  161. 		teamToCreate.Permission, teamToCreate.Units)

  162. 	//teamID := apiTeam.ID

  163. 

  164. 	// Now we need to add the restricted user to the team

  165. 	req = NewRequest(t, "PUT",

  166. 		fmt.Sprintf("/api/v1/teams/%d/members/%s?token=%s", apiTeam.ID, restrictedUser, token))

  167. 	_ = adminSession.MakeRequest(t, req, http.StatusNoContent)

  168. 

  169. 	// Now we need to check if the restrictedUser can access the repo

  170. 	req = NewRequest(t, "GET", fmt.Sprintf("/%s", orgName))

  171. 	restrictedSession.MakeRequest(t, req, http.StatusOK)

  172. 

  173. 	req = NewRequest(t, "GET", fmt.Sprintf("/%s/%s", orgName, repoName))

  174. 	restrictedSession.MakeRequest(t, req, http.StatusOK)

  175. 

  176. }