mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7642 Commits
17 Branches
Tree: da23041257
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'da23041257'
${ noResults }
gitea/integrations/api_repo_file_update_test.go

api_repo_file_update_test.go 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235 
  1. // Copyright 2019 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"encoding/base64"

  9. 	"fmt"

  10. 	"net/http"

  11. 	"net/url"

  12. 	"path/filepath"

  13. 	"testing"

  14. 

  15. 	"code.gitea.io/gitea/models"

  16. 	"code.gitea.io/gitea/modules/context"

  17. 	"code.gitea.io/gitea/modules/git"

  18. 	"code.gitea.io/gitea/modules/setting"

  19. 	api "code.gitea.io/gitea/modules/structs"

  20. 

  21. 	"github.com/stretchr/testify/assert"

  22. )

  23. 

  24. func getUpdateFileOptions() *api.UpdateFileOptions {

  25. 	content := "This is updated text"

  26. 	contentEncoded := base64.StdEncoding.EncodeToString([]byte(content))

  27. 	return &api.UpdateFileOptions{

  28. 		DeleteFileOptions: *getDeleteFileOptions(),

  29. 		Content:           contentEncoded,

  30. 	}

  31. }

  32. 

  33. func getExpectedFileResponseForUpdate(commitID, treePath string) *api.FileResponse {

  34. 	sha := "08bd14b2e2852529157324de9c226b3364e76136"

  35. 	return &api.FileResponse{

  36. 		Content: &api.FileContentResponse{

  37. 			Name:        filepath.Base(treePath),

  38. 			Path:        treePath,

  39. 			SHA:         sha,

  40. 			Size:        20,

  41. 			URL:         setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath,

  42. 			HTMLURL:     setting.AppURL + "user2/repo1/blob/master/" + treePath,

  43. 			GitURL:      setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha,

  44. 			DownloadURL: setting.AppURL + "user2/repo1/raw/branch/master/" + treePath,

  45. 			Type:        "blob",

  46. 			Links: &api.FileLinksResponse{

  47. 				Self:    setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath,

  48. 				GitURL:  setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/" + sha,

  49. 				HTMLURL: setting.AppURL + "user2/repo1/blob/master/" + treePath,

  50. 			},

  51. 		},

  52. 		Commit: &api.FileCommitResponse{

  53. 			CommitMeta: api.CommitMeta{

  54. 				URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/" + commitID,

  55. 				SHA: commitID,

  56. 			},

  57. 			HTMLURL: setting.AppURL + "user2/repo1/commit/" + commitID,

  58. 			Author: &api.CommitUser{

  59. 				Identity: api.Identity{

  60. 					Name:  "Jane Doe",

  61. 					Email: "janedoe@example.com",

  62. 				},

  63. 			},

  64. 			Committer: &api.CommitUser{

  65. 				Identity: api.Identity{

  66. 					Name:  "John Doe",

  67. 					Email: "johndoe@example.com",

  68. 				},

  69. 			},

  70. 			Message: "Updates README.md\n",

  71. 		},

  72. 		Verification: &api.PayloadCommitVerification{

  73. 			Verified:  false,

  74. 			Reason:    "unsigned",

  75. 			Signature: "",

  76. 			Payload:   "",

  77. 		},

  78. 	}

  79. }

  80. 

  81. func TestAPIUpdateFile(t *testing.T) {

  82. 	onGiteaRun(t, func(t *testing.T, u *url.URL) {

  83. 		user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)               // owner of the repo1 & repo16

  84. 		user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)               // owner of the repo3, is an org

  85. 		user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User)               // owner of neither repos

  86. 		repo1 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)   // public repo

  87. 		repo3 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 3}).(*models.Repository)   // public repo

  88. 		repo16 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 16}).(*models.Repository) // private repo

  89. 		fileID := 0

  90. 

  91. 		// Get user2's token

  92. 		session := loginUser(t, user2.Name)

  93. 		token2 := getTokenForLoggedInUser(t, session)

  94. 		session = emptyTestSession(t)

  95. 		// Get user4's token

  96. 		session = loginUser(t, user4.Name)

  97. 		token4 := getTokenForLoggedInUser(t, session)

  98. 		session = emptyTestSession(t)

  99. 

  100. 		// Test updating a file in repo1 which user2 owns, try both with branch and empty branch

  101. 		for _, branch := range [...]string{

  102. 			"master", // Branch

  103. 			"",       // Empty branch

  104. 		} {

  105. 			fileID++

  106. 			treePath := fmt.Sprintf("update/file%d.txt", fileID)

  107. 			createFile(user2, repo1, treePath)

  108. 			updateFileOptions := getUpdateFileOptions()

  109. 			updateFileOptions.BranchName = branch

  110. 			url := fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token2)

  111. 			req := NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  112. 			resp := session.MakeRequest(t, req, http.StatusOK)

  113. 			gitRepo, _ := git.OpenRepository(repo1.RepoPath())

  114. 			commitID, _ := gitRepo.GetBranchCommitID(updateFileOptions.NewBranchName)

  115. 			expectedFileResponse := getExpectedFileResponseForUpdate(commitID, treePath)

  116. 			var fileResponse api.FileResponse

  117. 			DecodeJSON(t, resp, &fileResponse)

  118. 			assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)

  119. 			assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)

  120. 			assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)

  121. 			assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)

  122. 			assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)

  123. 		}

  124. 

  125. 		// Test updating a file in a new branch

  126. 		updateFileOptions := getUpdateFileOptions()

  127. 		updateFileOptions.BranchName = repo1.DefaultBranch

  128. 		updateFileOptions.NewBranchName = "new_branch"

  129. 		fileID++

  130. 		treePath := fmt.Sprintf("update/file%d.txt", fileID)

  131. 		createFile(user2, repo1, treePath)

  132. 		url := fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token2)

  133. 		req := NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  134. 		resp := session.MakeRequest(t, req, http.StatusOK)

  135. 		var fileResponse api.FileResponse

  136. 		DecodeJSON(t, resp, &fileResponse)

  137. 		expectedSHA := "08bd14b2e2852529157324de9c226b3364e76136"

  138. 		expectedHTMLURL := fmt.Sprintf(setting.AppURL+"user2/repo1/blob/new_branch/update/file%d.txt", fileID)

  139. 		expectedDownloadURL := fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/new_branch/update/file%d.txt", fileID)

  140. 		assert.EqualValues(t, expectedSHA, fileResponse.Content.SHA)

  141. 		assert.EqualValues(t, expectedHTMLURL, fileResponse.Content.HTMLURL)

  142. 		assert.EqualValues(t, expectedDownloadURL, fileResponse.Content.DownloadURL)

  143. 

  144. 		// Test updating a file and renaming it

  145. 		updateFileOptions = getUpdateFileOptions()

  146. 		updateFileOptions.BranchName = repo1.DefaultBranch

  147. 		fileID++

  148. 		treePath = fmt.Sprintf("update/file%d.txt", fileID)

  149. 		createFile(user2, repo1, treePath)

  150. 		updateFileOptions.FromPath = treePath

  151. 		treePath = "rename/" + treePath

  152. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token2)

  153. 		req = NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  154. 		resp = session.MakeRequest(t, req, http.StatusOK)

  155. 		DecodeJSON(t, resp, &fileResponse)

  156. 		expectedSHA = "08bd14b2e2852529157324de9c226b3364e76136"

  157. 		expectedHTMLURL = fmt.Sprintf(setting.AppURL+"user2/repo1/blob/master/rename/update/file%d.txt", fileID)

  158. 		expectedDownloadURL = fmt.Sprintf(setting.AppURL+"user2/repo1/raw/branch/master/rename/update/file%d.txt", fileID)

  159. 		assert.EqualValues(t, expectedSHA, fileResponse.Content.SHA)

  160. 		assert.EqualValues(t, expectedHTMLURL, fileResponse.Content.HTMLURL)

  161. 		assert.EqualValues(t, expectedDownloadURL, fileResponse.Content.DownloadURL)

  162. 

  163. 		// Test updating a file with the wrong SHA

  164. 		fileID++

  165. 		treePath = fmt.Sprintf("update/file%d.txt", fileID)

  166. 		createFile(user2, repo1, treePath)

  167. 		updateFileOptions = getUpdateFileOptions()

  168. 		correctSHA := updateFileOptions.SHA

  169. 		updateFileOptions.SHA = "badsha"

  170. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token2)

  171. 		req = NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  172. 		resp = session.MakeRequest(t, req, http.StatusInternalServerError)

  173. 		expectedAPIError := context.APIError{

  174. 			Message: "sha does not match [given: " + updateFileOptions.SHA + ", expected: " + correctSHA + "]",

  175. 			URL:     setting.API.SwaggerURL,

  176. 		}

  177. 		var apiError context.APIError

  178. 		DecodeJSON(t, resp, &apiError)

  179. 		assert.Equal(t, expectedAPIError, apiError)

  180. 

  181. 		// Test creating a file in repo1 by user4 who does not have write access

  182. 		fileID++

  183. 		treePath = fmt.Sprintf("update/file%d.txt", fileID)

  184. 		createFile(user2, repo16, treePath)

  185. 		updateFileOptions = getUpdateFileOptions()

  186. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo16.Name, treePath, token4)

  187. 		req = NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  188. 		session.MakeRequest(t, req, http.StatusNotFound)

  189. 

  190. 		// Tests a repo with no token given so will fail

  191. 		fileID++

  192. 		treePath = fmt.Sprintf("update/file%d.txt", fileID)

  193. 		createFile(user2, repo16, treePath)

  194. 		updateFileOptions = getUpdateFileOptions()

  195. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s", user2.Name, repo16.Name, treePath)

  196. 		req = NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  197. 		session.MakeRequest(t, req, http.StatusNotFound)

  198. 

  199. 		// Test using access token for a private repo that the user of the token owns

  200. 		fileID++

  201. 		treePath = fmt.Sprintf("update/file%d.txt", fileID)

  202. 		createFile(user2, repo16, treePath)

  203. 		updateFileOptions = getUpdateFileOptions()

  204. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo16.Name, treePath, token2)

  205. 		req = NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  206. 		session.MakeRequest(t, req, http.StatusOK)

  207. 

  208. 		// Test using org repo "user3/repo3" where user2 is a collaborator

  209. 		fileID++

  210. 		treePath = fmt.Sprintf("update/file%d.txt", fileID)

  211. 		createFile(user3, repo3, treePath)

  212. 		updateFileOptions = getUpdateFileOptions()

  213. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user3.Name, repo3.Name, treePath, token2)

  214. 		req = NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  215. 		session.MakeRequest(t, req, http.StatusOK)

  216. 

  217. 		// Test using org repo "user3/repo3" with no user token

  218. 		fileID++

  219. 		treePath = fmt.Sprintf("update/file%d.txt", fileID)

  220. 		createFile(user3, repo3, treePath)

  221. 		updateFileOptions = getUpdateFileOptions()

  222. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s", user3.Name, repo3.Name, treePath)

  223. 		req = NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  224. 		session.MakeRequest(t, req, http.StatusNotFound)

  225. 

  226. 		// Test using repo "user2/repo1" where user4 is a NOT collaborator

  227. 		fileID++

  228. 		treePath = fmt.Sprintf("update/file%d.txt", fileID)

  229. 		createFile(user2, repo1, treePath)

  230. 		updateFileOptions = getUpdateFileOptions()

  231. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token4)

  232. 		req = NewRequestWithJSON(t, "PUT", url, &updateFileOptions)

  233. 		session.MakeRequest(t, req, http.StatusForbidden)

  234. 	})

  235. }