mirrors
/
gitea
镜像来自 https://github.com/go-gitea/gitea.git
關注 1
收藏 0
複製 0
程式碼 問題 0 版本發佈 211 Wiki 活動
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7836 提交
17 分支
目錄樹: e54814dcaa
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 'e54814dcaa'
${ noResults }
gitea/models/user_test.go

user_test.go 9.2KB
原始文件 Blame 歷史記錄

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"fmt"

  9. 	"math/rand"

  10. 	"strings"

  11. 	"testing"

  12. 

  13. 	"code.gitea.io/gitea/modules/setting"

  14. 	"code.gitea.io/gitea/modules/util"

  15. 

  16. 	"github.com/stretchr/testify/assert"

  17. )

  18. 

  19. func TestUserIsPublicMember(t *testing.T) {

  20. 	assert.NoError(t, PrepareTestDatabase())

  21. 

  22. 	tt := []struct {

  23. 		uid      int64

  24. 		orgid    int64

  25. 		expected bool

  26. 	}{

  27. 		{2, 3, true},

  28. 		{4, 3, false},

  29. 		{5, 6, true},

  30. 		{5, 7, false},

  31. 	}

  32. 	for _, v := range tt {

  33. 		t.Run(fmt.Sprintf("UserId%dIsPublicMemberOf%d", v.uid, v.orgid), func(t *testing.T) {

  34. 			testUserIsPublicMember(t, v.uid, v.orgid, v.expected)

  35. 		})

  36. 	}

  37. }

  38. 

  39. func testUserIsPublicMember(t *testing.T, uid int64, orgID int64, expected bool) {

  40. 	user, err := GetUserByID(uid)

  41. 	assert.NoError(t, err)

  42. 	assert.Equal(t, expected, user.IsPublicMember(orgID))

  43. }

  44. 

  45. func TestIsUserOrgOwner(t *testing.T) {

  46. 	assert.NoError(t, PrepareTestDatabase())

  47. 

  48. 	tt := []struct {

  49. 		uid      int64

  50. 		orgid    int64

  51. 		expected bool

  52. 	}{

  53. 		{2, 3, true},

  54. 		{4, 3, false},

  55. 		{5, 6, true},

  56. 		{5, 7, true},

  57. 	}

  58. 	for _, v := range tt {

  59. 		t.Run(fmt.Sprintf("UserId%dIsOrgOwnerOf%d", v.uid, v.orgid), func(t *testing.T) {

  60. 			testIsUserOrgOwner(t, v.uid, v.orgid, v.expected)

  61. 		})

  62. 	}

  63. }

  64. 

  65. func testIsUserOrgOwner(t *testing.T, uid int64, orgID int64, expected bool) {

  66. 	user, err := GetUserByID(uid)

  67. 	assert.NoError(t, err)

  68. 	assert.Equal(t, expected, user.IsUserOrgOwner(orgID))

  69. }

  70. 

  71. func TestGetUserEmailsByNames(t *testing.T) {

  72. 	assert.NoError(t, PrepareTestDatabase())

  73. 

  74. 	// ignore none active user email

  75. 	assert.Equal(t, []string{"user8@example.com"}, GetUserEmailsByNames([]string{"user8", "user9"}))

  76. 	assert.Equal(t, []string{"user8@example.com", "user5@example.com"}, GetUserEmailsByNames([]string{"user8", "user5"}))

  77. }

  78. 

  79. func TestUser_APIFormat(t *testing.T) {

  80. 

  81. 	user, err := GetUserByID(1)

  82. 	assert.NoError(t, err)

  83. 	assert.True(t, user.IsAdmin)

  84. 

  85. 	apiUser := user.APIFormat()

  86. 	assert.True(t, apiUser.IsAdmin)

  87. 

  88. 	user, err = GetUserByID(2)

  89. 	assert.NoError(t, err)

  90. 	assert.False(t, user.IsAdmin)

  91. 

  92. 	apiUser = user.APIFormat()

  93. 	assert.False(t, apiUser.IsAdmin)

  94. }

  95. 

  96. func TestCanCreateOrganization(t *testing.T) {

  97. 	assert.NoError(t, PrepareTestDatabase())

  98. 

  99. 	admin := AssertExistsAndLoadBean(t, &User{ID: 1}).(*User)

  100. 	assert.True(t, admin.CanCreateOrganization())

  101. 

  102. 	user := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)

  103. 	assert.True(t, user.CanCreateOrganization())

  104. 	// Disable user create organization permission.

  105. 	user.AllowCreateOrganization = false

  106. 	assert.False(t, user.CanCreateOrganization())

  107. 

  108. 	setting.Admin.DisableRegularOrgCreation = true

  109. 	user.AllowCreateOrganization = true

  110. 	assert.True(t, admin.CanCreateOrganization())

  111. 	assert.False(t, user.CanCreateOrganization())

  112. }

  113. 

  114. func TestSearchUsers(t *testing.T) {

  115. 	assert.NoError(t, PrepareTestDatabase())

  116. 	testSuccess := func(opts *SearchUserOptions, expectedUserOrOrgIDs []int64) {

  117. 		users, _, err := SearchUsers(opts)

  118. 		assert.NoError(t, err)

  119. 		if assert.Len(t, users, len(expectedUserOrOrgIDs)) {

  120. 			for i, expectedID := range expectedUserOrOrgIDs {

  121. 				assert.EqualValues(t, expectedID, users[i].ID)

  122. 			}

  123. 		}

  124. 	}

  125. 

  126. 	// test orgs

  127. 	testOrgSuccess := func(opts *SearchUserOptions, expectedOrgIDs []int64) {

  128. 		opts.Type = UserTypeOrganization

  129. 		testSuccess(opts, expectedOrgIDs)

  130. 	}

  131. 

  132. 	testOrgSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 1, PageSize: 2},

  133. 		[]int64{3, 6})

  134. 

  135. 	testOrgSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 2, PageSize: 2},

  136. 		[]int64{7, 17})

  137. 

  138. 	testOrgSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 3, PageSize: 2},

  139. 		[]int64{19, 25})

  140. 

  141. 	testOrgSuccess(&SearchUserOptions{Page: 4, PageSize: 2},

  142. 		[]int64{})

  143. 

  144. 	// test users

  145. 	testUserSuccess := func(opts *SearchUserOptions, expectedUserIDs []int64) {

  146. 		opts.Type = UserTypeIndividual

  147. 		testSuccess(opts, expectedUserIDs)

  148. 	}

  149. 

  150. 	testUserSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 1},

  151. 		[]int64{1, 2, 4, 5, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24})

  152. 

  153. 	testUserSuccess(&SearchUserOptions{Page: 1, IsActive: util.OptionalBoolFalse},

  154. 		[]int64{9})

  155. 

  156. 	testUserSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 1, IsActive: util.OptionalBoolTrue},

  157. 		[]int64{1, 2, 4, 5, 8, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24})

  158. 

  159. 	testUserSuccess(&SearchUserOptions{Keyword: "user1", OrderBy: "id ASC", Page: 1, IsActive: util.OptionalBoolTrue},

  160. 		[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})

  161. 

  162. 	// order by name asc default

  163. 	testUserSuccess(&SearchUserOptions{Keyword: "user1", Page: 1, IsActive: util.OptionalBoolTrue},

  164. 		[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})

  165. }

  166. 

  167. func TestDeleteUser(t *testing.T) {

  168. 	test := func(userID int64) {

  169. 		assert.NoError(t, PrepareTestDatabase())

  170. 		user := AssertExistsAndLoadBean(t, &User{ID: userID}).(*User)

  171. 

  172. 		ownedRepos := make([]*Repository, 0, 10)

  173. 		assert.NoError(t, x.Find(&ownedRepos, &Repository{OwnerID: userID}))

  174. 		if len(ownedRepos) > 0 {

  175. 			err := DeleteUser(user)

  176. 			assert.Error(t, err)

  177. 			assert.True(t, IsErrUserOwnRepos(err))

  178. 			return

  179. 		}

  180. 

  181. 		orgUsers := make([]*OrgUser, 0, 10)

  182. 		assert.NoError(t, x.Find(&orgUsers, &OrgUser{UID: userID}))

  183. 		for _, orgUser := range orgUsers {

  184. 			if err := RemoveOrgUser(orgUser.OrgID, orgUser.UID); err != nil {

  185. 				assert.True(t, IsErrLastOrgOwner(err))

  186. 				return

  187. 			}

  188. 		}

  189. 		assert.NoError(t, DeleteUser(user))

  190. 		AssertNotExistsBean(t, &User{ID: userID})

  191. 		CheckConsistencyFor(t, &User{}, &Repository{})

  192. 	}

  193. 	test(2)

  194. 	test(4)

  195. 	test(8)

  196. 	test(11)

  197. }

  198. 

  199. func TestHashPasswordDeterministic(t *testing.T) {

  200. 	b := make([]byte, 16)

  201. 	rand.Read(b)

  202. 	u := &User{Salt: string(b)}

  203. 	algos := []string{"pbkdf2", "argon2", "scrypt", "bcrypt"}

  204. 	for j := 0; j < len(algos); j++ {

  205. 		u.PasswdHashAlgo = algos[j]

  206. 		for i := 0; i < 50; i++ {

  207. 			// generate a random password

  208. 			rand.Read(b)

  209. 			pass := string(b)

  210. 

  211. 			// save the current password in the user - hash it and store the result

  212. 			u.HashPassword(pass)

  213. 			r1 := u.Passwd

  214. 

  215. 			// run again

  216. 			u.HashPassword(pass)

  217. 			r2 := u.Passwd

  218. 

  219. 			// assert equal (given the same salt+pass, the same result is produced) except bcrypt

  220. 			if u.PasswdHashAlgo == "bcrypt" {

  221. 				assert.NotEqual(t, r1, r2)

  222. 			} else {

  223. 				assert.Equal(t, r1, r2)

  224. 			}

  225. 		}

  226. 	}

  227. }

  228. 

  229. func BenchmarkHashPassword(b *testing.B) {

  230. 	// BenchmarkHashPassword ensures that it takes a reasonable amount of time

  231. 	// to hash a password - in order to protect from brute-force attacks.

  232. 	pass := "password1337"

  233. 	bs := make([]byte, 16)

  234. 	rand.Read(bs)

  235. 	u := &User{Salt: string(bs), Passwd: pass}

  236. 	b.ResetTimer()

  237. 	for i := 0; i < b.N; i++ {

  238. 		u.HashPassword(pass)

  239. 	}

  240. }

  241. 

  242. func TestGetOrgRepositoryIDs(t *testing.T) {

  243. 	assert.NoError(t, PrepareTestDatabase())

  244. 	user2 := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)

  245. 	user4 := AssertExistsAndLoadBean(t, &User{ID: 4}).(*User)

  246. 	user5 := AssertExistsAndLoadBean(t, &User{ID: 5}).(*User)

  247. 

  248. 	accessibleRepos, err := user2.GetOrgRepositoryIDs()

  249. 	assert.NoError(t, err)

  250. 	// User 2's team has access to private repos 3, 5, repo 32 is a public repo of the organization

  251. 	assert.Equal(t, []int64{3, 5, 23, 24, 32}, accessibleRepos)

  252. 

  253. 	accessibleRepos, err = user4.GetOrgRepositoryIDs()

  254. 	assert.NoError(t, err)

  255. 	// User 4's team has access to private repo 3, repo 32 is a public repo of the organization

  256. 	assert.Equal(t, []int64{3, 32}, accessibleRepos)

  257. 

  258. 	accessibleRepos, err = user5.GetOrgRepositoryIDs()

  259. 	assert.NoError(t, err)

  260. 	// User 5's team has no access to any repo

  261. 	assert.Len(t, accessibleRepos, 0)

  262. }

  263. 

  264. func TestNewGitSig(t *testing.T) {

  265. 	users := make([]*User, 0, 20)

  266. 	sess := x.NewSession()

  267. 	defer sess.Close()

  268. 	sess.Find(&users)

  269. 

  270. 	for _, user := range users {

  271. 		sig := user.NewGitSig()

  272. 		assert.NotContains(t, sig.Name, "<")

  273. 		assert.NotContains(t, sig.Name, ">")

  274. 		assert.NotContains(t, sig.Name, "\n")

  275. 		assert.NotEqual(t, len(strings.TrimSpace(sig.Name)), 0)

  276. 	}

  277. }

  278. 

  279. func TestDisplayName(t *testing.T) {

  280. 	users := make([]*User, 0, 20)

  281. 	sess := x.NewSession()

  282. 	defer sess.Close()

  283. 	sess.Find(&users)

  284. 

  285. 	for _, user := range users {

  286. 		displayName := user.DisplayName()

  287. 		assert.Equal(t, strings.TrimSpace(displayName), displayName)

  288. 		if len(strings.TrimSpace(user.FullName)) == 0 {

  289. 			assert.Equal(t, user.Name, displayName)

  290. 		}

  291. 		assert.NotEqual(t, len(strings.TrimSpace(displayName)), 0)

  292. 	}

  293. }

  294. 

  295. func TestCreateUser(t *testing.T) {

  296. 	user := &User{

  297. 		Name:               "GiteaBot",

  298. 		Email:              "GiteaBot@gitea.io",

  299. 		Passwd:             ";p['////..-++']",

  300. 		IsAdmin:            false,

  301. 		Theme:              setting.UI.DefaultTheme,

  302. 		MustChangePassword: false,

  303. 	}

  304. 

  305. 	assert.NoError(t, CreateUser(user))

  306. 

  307. 	assert.NoError(t, DeleteUser(user))

  308. }

  309. 

  310. func TestCreateUser_Issue5882(t *testing.T) {

  311. 

  312. 	// Init settings

  313. 	_ = setting.Admin

  314. 

  315. 	passwd := ".//.;1;;//.,-=_"

  316. 

  317. 	tt := []struct {

  318. 		user               *User

  319. 		disableOrgCreation bool

  320. 	}{

  321. 		{&User{Name: "GiteaBot", Email: "GiteaBot@gitea.io", Passwd: passwd, MustChangePassword: false}, false},

  322. 		{&User{Name: "GiteaBot2", Email: "GiteaBot2@gitea.io", Passwd: passwd, MustChangePassword: false}, true},

  323. 	}

  324. 

  325. 	setting.Service.DefaultAllowCreateOrganization = true

  326. 

  327. 	for _, v := range tt {

  328. 		setting.Admin.DisableRegularOrgCreation = v.disableOrgCreation

  329. 

  330. 		assert.NoError(t, CreateUser(v.user))

  331. 

  332. 		u, err := GetUserByEmail(v.user.Email)

  333. 		assert.NoError(t, err)

  334. 

  335. 		assert.Equal(t, !u.AllowCreateOrganization, v.disableOrgCreation)

  336. 

  337. 		assert.NoError(t, DeleteUser(v.user))

  338. 	}

  339. }