mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9600 Commits
17 Branches
Tree: v1.11.7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.11.7'
${ noResults }
gitea/integrations/api_repo_test.go

api_repo_test.go 15KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"fmt"

  9. 	"io/ioutil"

  10. 	"net/http"

  11. 	"net/url"

  12. 	"os"

  13. 	"testing"

  14. 

  15. 	"code.gitea.io/gitea/models"

  16. 	api "code.gitea.io/gitea/modules/structs"

  17. 

  18. 	"github.com/stretchr/testify/assert"

  19. )

  20. 

  21. func TestAPIUserReposNotLogin(t *testing.T) {

  22. 	defer prepareTestEnv(t)()

  23. 	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)

  24. 

  25. 	req := NewRequestf(t, "GET", "/api/v1/users/%s/repos", user.Name)

  26. 	resp := MakeRequest(t, req, http.StatusOK)

  27. 

  28. 	var apiRepos []api.Repository

  29. 	DecodeJSON(t, resp, &apiRepos)

  30. 	expectedLen := models.GetCount(t, models.Repository{OwnerID: user.ID},

  31. 		models.Cond("is_private = ?", false))

  32. 	assert.Len(t, apiRepos, expectedLen)

  33. 	for _, repo := range apiRepos {

  34. 		assert.EqualValues(t, user.ID, repo.Owner.ID)

  35. 		assert.False(t, repo.Private)

  36. 	}

  37. }

  38. 

  39. func TestAPISearchRepo(t *testing.T) {

  40. 	defer prepareTestEnv(t)()

  41. 	const keyword = "test"

  42. 

  43. 	req := NewRequestf(t, "GET", "/api/v1/repos/search?q=%s", keyword)

  44. 	resp := MakeRequest(t, req, http.StatusOK)

  45. 

  46. 	var body api.SearchResults

  47. 	DecodeJSON(t, resp, &body)

  48. 	assert.NotEmpty(t, body.Data)

  49. 	for _, repo := range body.Data {

  50. 		assert.Contains(t, repo.Name, keyword)

  51. 		assert.False(t, repo.Private)

  52. 	}

  53. 

  54. 	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 15}).(*models.User)

  55. 	user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 16}).(*models.User)

  56. 	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 18}).(*models.User)

  57. 	user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 20}).(*models.User)

  58. 	orgUser := models.AssertExistsAndLoadBean(t, &models.User{ID: 17}).(*models.User)

  59. 

  60. 	// Map of expected results, where key is user for login

  61. 	type expectedResults map[*models.User]struct {

  62. 		count           int

  63. 		repoOwnerID     int64

  64. 		repoName        string

  65. 		includesPrivate bool

  66. 	}

  67. 

  68. 	testCases := []struct {

  69. 		name, requestURL string

  70. 		expectedResults

  71. 	}{

  72. 		{name: "RepositoriesMax50", requestURL: "/api/v1/repos/search?limit=50&private=false", expectedResults: expectedResults{

  73. 			nil:   {count: 27},

  74. 			user:  {count: 27},

  75. 			user2: {count: 27}},

  76. 		},

  77. 		{name: "RepositoriesMax10", requestURL: "/api/v1/repos/search?limit=10&private=false", expectedResults: expectedResults{

  78. 			nil:   {count: 10},

  79. 			user:  {count: 10},

  80. 			user2: {count: 10}},

  81. 		},

  82. 		{name: "RepositoriesDefaultMax10", requestURL: "/api/v1/repos/search?default&private=false", expectedResults: expectedResults{

  83. 			nil:   {count: 10},

  84. 			user:  {count: 10},

  85. 			user2: {count: 10}},

  86. 		},

  87. 		{name: "RepositoriesByName", requestURL: fmt.Sprintf("/api/v1/repos/search?q=%s&private=false", "big_test_"), expectedResults: expectedResults{

  88. 			nil:   {count: 7, repoName: "big_test_"},

  89. 			user:  {count: 7, repoName: "big_test_"},

  90. 			user2: {count: 7, repoName: "big_test_"}},

  91. 		},

  92. 		{name: "RepositoriesAccessibleAndRelatedToUser", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user.ID), expectedResults: expectedResults{

  93. 			nil:   {count: 5},

  94. 			user:  {count: 9, includesPrivate: true},

  95. 			user2: {count: 6, includesPrivate: true}},

  96. 		},

  97. 		{name: "RepositoriesAccessibleAndRelatedToUser2", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user2.ID), expectedResults: expectedResults{

  98. 			nil:   {count: 1},

  99. 			user:  {count: 2, includesPrivate: true},

  100. 			user2: {count: 2, includesPrivate: true},

  101. 			user4: {count: 1}},

  102. 		},

  103. 		{name: "RepositoriesAccessibleAndRelatedToUser3", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user3.ID), expectedResults: expectedResults{

  104. 			nil:   {count: 1},

  105. 			user:  {count: 4, includesPrivate: true},

  106. 			user2: {count: 3, includesPrivate: true},

  107. 			user3: {count: 4, includesPrivate: true}},

  108. 		},

  109. 		{name: "RepositoriesOwnedByOrganization", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", orgUser.ID), expectedResults: expectedResults{

  110. 			nil:   {count: 1, repoOwnerID: orgUser.ID},

  111. 			user:  {count: 2, repoOwnerID: orgUser.ID, includesPrivate: true},

  112. 			user2: {count: 1, repoOwnerID: orgUser.ID}},

  113. 		},

  114. 		{name: "RepositoriesAccessibleAndRelatedToUser4", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user4.ID), expectedResults: expectedResults{

  115. 			nil:   {count: 3},

  116. 			user:  {count: 4, includesPrivate: true},

  117. 			user4: {count: 7, includesPrivate: true}}},

  118. 		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeSource", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "source"), expectedResults: expectedResults{

  119. 			nil:   {count: 0},

  120. 			user:  {count: 1, includesPrivate: true},

  121. 			user4: {count: 1, includesPrivate: true}}},

  122. 		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeFork", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "fork"), expectedResults: expectedResults{

  123. 			nil:   {count: 1},

  124. 			user:  {count: 1},

  125. 			user4: {count: 2, includesPrivate: true}}},

  126. 		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeFork/Exclusive", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s&exclusive=1", user4.ID, "fork"), expectedResults: expectedResults{

  127. 			nil:   {count: 1},

  128. 			user:  {count: 1},

  129. 			user4: {count: 2, includesPrivate: true}}},

  130. 		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeMirror", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "mirror"), expectedResults: expectedResults{

  131. 			nil:   {count: 2},

  132. 			user:  {count: 2},

  133. 			user4: {count: 4, includesPrivate: true}}},

  134. 		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeMirror/Exclusive", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s&exclusive=1", user4.ID, "mirror"), expectedResults: expectedResults{

  135. 			nil:   {count: 1},

  136. 			user:  {count: 1},

  137. 			user4: {count: 2, includesPrivate: true}}},

  138. 		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeCollaborative", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "collaborative"), expectedResults: expectedResults{

  139. 			nil:   {count: 0},

  140. 			user:  {count: 1, includesPrivate: true},

  141. 			user4: {count: 1, includesPrivate: true}}},

  142. 	}

  143. 

  144. 	for _, testCase := range testCases {

  145. 		t.Run(testCase.name, func(t *testing.T) {

  146. 			for userToLogin, expected := range testCase.expectedResults {

  147. 				var session *TestSession

  148. 				var testName string

  149. 				var userID int64

  150. 				var token string

  151. 				if userToLogin != nil && userToLogin.ID > 0 {

  152. 					testName = fmt.Sprintf("LoggedUser%d", userToLogin.ID)

  153. 					session = loginUser(t, userToLogin.Name)

  154. 					token = getTokenForLoggedInUser(t, session)

  155. 					userID = userToLogin.ID

  156. 				} else {

  157. 					testName = "AnonymousUser"

  158. 					session = emptyTestSession(t)

  159. 				}

  160. 

  161. 				t.Run(testName, func(t *testing.T) {

  162. 					request := NewRequest(t, "GET", testCase.requestURL+"&token="+token)

  163. 					response := session.MakeRequest(t, request, http.StatusOK)

  164. 

  165. 					var body api.SearchResults

  166. 					DecodeJSON(t, response, &body)

  167. 

  168. 					repoNames := make([]string, 0, len(body.Data))

  169. 					for _, repo := range body.Data {

  170. 						repoNames = append(repoNames, fmt.Sprintf("%d:%s:%t", repo.ID, repo.FullName, repo.Private))

  171. 					}

  172. 					assert.Len(t, repoNames, expected.count)

  173. 					for _, repo := range body.Data {

  174. 						r := getRepo(t, repo.ID)

  175. 						hasAccess, err := models.HasAccess(userID, r)

  176. 						assert.NoError(t, err, "Error when checking if User: %d has access to %s: %v", userID, repo.FullName, err)

  177. 						assert.True(t, hasAccess, "User: %d does not have access to %s", userID, repo.FullName)

  178. 

  179. 						assert.NotEmpty(t, repo.Name)

  180. 						assert.Equal(t, repo.Name, r.Name)

  181. 

  182. 						if len(expected.repoName) > 0 {

  183. 							assert.Contains(t, repo.Name, expected.repoName)

  184. 						}

  185. 

  186. 						if expected.repoOwnerID > 0 {

  187. 							assert.Equal(t, expected.repoOwnerID, repo.Owner.ID)

  188. 						}

  189. 

  190. 						if !expected.includesPrivate {

  191. 							assert.False(t, repo.Private, "User: %d not expecting private repository: %s", userID, repo.FullName)

  192. 						}

  193. 					}

  194. 				})

  195. 			}

  196. 		})

  197. 	}

  198. }

  199. 

  200. var repoCache = make(map[int64]*models.Repository)

  201. 

  202. func getRepo(t *testing.T, repoID int64) *models.Repository {

  203. 	if _, ok := repoCache[repoID]; !ok {

  204. 		repoCache[repoID] = models.AssertExistsAndLoadBean(t, &models.Repository{ID: repoID}).(*models.Repository)

  205. 	}

  206. 	return repoCache[repoID]

  207. }

  208. 

  209. func TestAPIViewRepo(t *testing.T) {

  210. 	defer prepareTestEnv(t)()

  211. 

  212. 	var repo api.Repository

  213. 

  214. 	req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1")

  215. 	resp := MakeRequest(t, req, http.StatusOK)

  216. 	DecodeJSON(t, resp, &repo)

  217. 	assert.EqualValues(t, 1, repo.ID)

  218. 	assert.EqualValues(t, "repo1", repo.Name)

  219. 	assert.EqualValues(t, 1, repo.Releases)

  220. 	assert.EqualValues(t, 1, repo.OpenIssues)

  221. 	assert.EqualValues(t, 2, repo.OpenPulls)

  222. 

  223. 	req = NewRequest(t, "GET", "/api/v1/repos/user12/repo10")

  224. 	resp = MakeRequest(t, req, http.StatusOK)

  225. 	DecodeJSON(t, resp, &repo)

  226. 	assert.EqualValues(t, 10, repo.ID)

  227. 	assert.EqualValues(t, "repo10", repo.Name)

  228. 	assert.EqualValues(t, 1, repo.OpenPulls)

  229. 	assert.EqualValues(t, 1, repo.Forks)

  230. 

  231. 	req = NewRequest(t, "GET", "/api/v1/repos/user5/repo4")

  232. 	resp = MakeRequest(t, req, http.StatusOK)

  233. 	DecodeJSON(t, resp, &repo)

  234. 	assert.EqualValues(t, 4, repo.ID)

  235. 	assert.EqualValues(t, "repo4", repo.Name)

  236. 	assert.EqualValues(t, 1, repo.Stars)

  237. }

  238. 

  239. func TestAPIOrgRepos(t *testing.T) {

  240. 	defer prepareTestEnv(t)()

  241. 	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)

  242. 	user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 1}).(*models.User)

  243. 	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 5}).(*models.User)

  244. 	// User3 is an Org. Check their repos.

  245. 	sourceOrg := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)

  246. 

  247. 	expectedResults := map[*models.User]struct {

  248. 		count           int

  249. 		includesPrivate bool

  250. 	}{

  251. 		nil:   {count: 1},

  252. 		user:  {count: 2, includesPrivate: true},

  253. 		user2: {count: 3, includesPrivate: true},

  254. 		user3: {count: 1},

  255. 	}

  256. 

  257. 	for userToLogin, expected := range expectedResults {

  258. 		var session *TestSession

  259. 		var testName string

  260. 		var token string

  261. 		if userToLogin != nil && userToLogin.ID > 0 {

  262. 			testName = fmt.Sprintf("LoggedUser%d", userToLogin.ID)

  263. 			session = loginUser(t, userToLogin.Name)

  264. 			token = getTokenForLoggedInUser(t, session)

  265. 		} else {

  266. 			testName = "AnonymousUser"

  267. 			session = emptyTestSession(t)

  268. 		}

  269. 		t.Run(testName, func(t *testing.T) {

  270. 			req := NewRequestf(t, "GET", "/api/v1/orgs/%s/repos?token="+token, sourceOrg.Name)

  271. 			resp := session.MakeRequest(t, req, http.StatusOK)

  272. 

  273. 			var apiRepos []*api.Repository

  274. 			DecodeJSON(t, resp, &apiRepos)

  275. 			assert.Len(t, apiRepos, expected.count)

  276. 			for _, repo := range apiRepos {

  277. 				if !expected.includesPrivate {

  278. 					assert.False(t, repo.Private)

  279. 				}

  280. 			}

  281. 		})

  282. 	}

  283. }

  284. 

  285. func TestAPIGetRepoByIDUnauthorized(t *testing.T) {

  286. 	defer prepareTestEnv(t)()

  287. 	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User)

  288. 	session := loginUser(t, user.Name)

  289. 	token := getTokenForLoggedInUser(t, session)

  290. 	req := NewRequestf(t, "GET", "/api/v1/repositories/2?token="+token)

  291. 	session.MakeRequest(t, req, http.StatusNotFound)

  292. }

  293. 

  294. func TestAPIRepoMigrate(t *testing.T) {

  295. 	testCases := []struct {

  296. 		ctxUserID, userID  int64

  297. 		cloneURL, repoName string

  298. 		expectedStatus     int

  299. 	}{

  300. 		{ctxUserID: 1, userID: 2, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-admin", expectedStatus: http.StatusCreated},

  301. 		{ctxUserID: 2, userID: 2, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-own", expectedStatus: http.StatusCreated},

  302. 		{ctxUserID: 2, userID: 1, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-bad", expectedStatus: http.StatusForbidden},

  303. 		{ctxUserID: 2, userID: 3, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-org", expectedStatus: http.StatusCreated},

  304. 		{ctxUserID: 2, userID: 6, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-bad-org", expectedStatus: http.StatusForbidden},

  305. 	}

  306. 

  307. 	defer prepareTestEnv(t)()

  308. 	for _, testCase := range testCases {

  309. 		user := models.AssertExistsAndLoadBean(t, &models.User{ID: testCase.ctxUserID}).(*models.User)

  310. 		session := loginUser(t, user.Name)

  311. 		token := getTokenForLoggedInUser(t, session)

  312. 		req := NewRequestWithJSON(t, "POST", "/api/v1/repos/migrate?token="+token, &api.MigrateRepoOption{

  313. 			CloneAddr: testCase.cloneURL,

  314. 			UID:       int(testCase.userID),

  315. 			RepoName:  testCase.repoName,

  316. 		})

  317. 		session.MakeRequest(t, req, testCase.expectedStatus)

  318. 	}

  319. }

  320. 

  321. func TestAPIRepoMigrateConflict(t *testing.T) {

  322. 	onGiteaRun(t, testAPIRepoMigrateConflict)

  323. }

  324. 

  325. func testAPIRepoMigrateConflict(t *testing.T, u *url.URL) {

  326. 	username := "user2"

  327. 	baseAPITestContext := NewAPITestContext(t, username, "repo1")

  328. 

  329. 	u.Path = baseAPITestContext.GitPath()

  330. 

  331. 	t.Run("Existing", func(t *testing.T) {

  332. 		httpContext := baseAPITestContext

  333. 

  334. 		httpContext.Reponame = "repo-tmp-17"

  335. 		dstPath, err := ioutil.TempDir("", httpContext.Reponame)

  336. 		assert.NoError(t, err)

  337. 		defer os.RemoveAll(dstPath)

  338. 		t.Run("CreateRepo", doAPICreateRepository(httpContext, false))

  339. 

  340. 		user, err := models.GetUserByName(httpContext.Username)

  341. 		assert.NoError(t, err)

  342. 		userID := user.ID

  343. 

  344. 		cloneURL := "https://github.com/go-gitea/git.git"

  345. 

  346. 		req := NewRequestWithJSON(t, "POST", "/api/v1/repos/migrate?token="+httpContext.Token,

  347. 			&api.MigrateRepoOption{

  348. 				CloneAddr: cloneURL,

  349. 				UID:       int(userID),

  350. 				RepoName:  httpContext.Reponame,

  351. 			})

  352. 		resp := httpContext.Session.MakeRequest(t, req, http.StatusConflict)

  353. 		respJSON := map[string]string{}

  354. 		DecodeJSON(t, resp, &respJSON)

  355. 		assert.Equal(t, "The repository with the same name already exists.", respJSON["message"])

  356. 	})

  357. }

  358. 

  359. func TestAPIOrgRepoCreate(t *testing.T) {

  360. 	testCases := []struct {

  361. 		ctxUserID         int64

  362. 		orgName, repoName string

  363. 		expectedStatus    int

  364. 	}{

  365. 		{ctxUserID: 1, orgName: "user3", repoName: "repo-admin", expectedStatus: http.StatusCreated},

  366. 		{ctxUserID: 2, orgName: "user3", repoName: "repo-own", expectedStatus: http.StatusCreated},

  367. 		{ctxUserID: 2, orgName: "user6", repoName: "repo-bad-org", expectedStatus: http.StatusForbidden},

  368. 		{ctxUserID: 28, orgName: "user3", repoName: "repo-creator", expectedStatus: http.StatusCreated},

  369. 		{ctxUserID: 28, orgName: "user6", repoName: "repo-not-creator", expectedStatus: http.StatusForbidden},

  370. 	}

  371. 

  372. 	defer prepareTestEnv(t)()

  373. 	for _, testCase := range testCases {

  374. 		user := models.AssertExistsAndLoadBean(t, &models.User{ID: testCase.ctxUserID}).(*models.User)

  375. 		session := loginUser(t, user.Name)

  376. 		token := getTokenForLoggedInUser(t, session)

  377. 		req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/org/%s/repos?token="+token, testCase.orgName), &api.CreateRepoOption{

  378. 			Name: testCase.repoName,

  379. 		})

  380. 		session.MakeRequest(t, req, testCase.expectedStatus)

  381. 	}

  382. }

  383. 

  384. func TestAPIRepoCreateConflict(t *testing.T) {

  385. 	onGiteaRun(t, testAPIRepoCreateConflict)

  386. }

  387. 

  388. func testAPIRepoCreateConflict(t *testing.T, u *url.URL) {

  389. 	username := "user2"

  390. 	baseAPITestContext := NewAPITestContext(t, username, "repo1")

  391. 

  392. 	u.Path = baseAPITestContext.GitPath()

  393. 

  394. 	t.Run("Existing", func(t *testing.T) {

  395. 		httpContext := baseAPITestContext

  396. 

  397. 		httpContext.Reponame = "repo-tmp-17"

  398. 		dstPath, err := ioutil.TempDir("", httpContext.Reponame)

  399. 		assert.NoError(t, err)

  400. 		defer os.RemoveAll(dstPath)

  401. 		t.Run("CreateRepo", doAPICreateRepository(httpContext, false))

  402. 

  403. 		req := NewRequestWithJSON(t, "POST", "/api/v1/user/repos?token="+httpContext.Token,

  404. 			&api.CreateRepoOption{

  405. 				Name: httpContext.Reponame,

  406. 			})

  407. 		resp := httpContext.Session.MakeRequest(t, req, http.StatusConflict)

  408. 		respJSON := map[string]string{}

  409. 		DecodeJSON(t, resp, &respJSON)

  410. 		assert.Equal(t, respJSON["message"], "The repository with the same name already exists.")

  411. 	})

  412. }