mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
16872 Commits
17 Branches
Tree: v1.21.7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.21.7'
${ noResults }
gitea/tests/integration/api_repo_file_delete_test.go

api_repo_file_delete_test.go 6.8KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169 
  1. // Copyright 2019 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"net/url"

  10. 	"testing"

  11. 

  12. 	auth_model "code.gitea.io/gitea/models/auth"

  13. 	repo_model "code.gitea.io/gitea/models/repo"

  14. 	"code.gitea.io/gitea/models/unittest"

  15. 	user_model "code.gitea.io/gitea/models/user"

  16. 	api "code.gitea.io/gitea/modules/structs"

  17. 

  18. 	"github.com/stretchr/testify/assert"

  19. )

  20. 

  21. func getDeleteFileOptions() *api.DeleteFileOptions {

  22. 	return &api.DeleteFileOptions{

  23. 		FileOptions: api.FileOptions{

  24. 			BranchName:    "master",

  25. 			NewBranchName: "master",

  26. 			Message:       "Removing the file new/file.txt",

  27. 			Author: api.Identity{

  28. 				Name:  "John Doe",

  29. 				Email: "johndoe@example.com",

  30. 			},

  31. 			Committer: api.Identity{

  32. 				Name:  "Jane Doe",

  33. 				Email: "janedoe@example.com",

  34. 			},

  35. 		},

  36. 		SHA: "103ff9234cefeee5ec5361d22b49fbb04d385885",

  37. 	}

  38. }

  39. 

  40. func TestAPIDeleteFile(t *testing.T) {

  41. 	onGiteaRun(t, func(t *testing.T, u *url.URL) {

  42. 		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})         // owner of the repo1 & repo16

  43. 		org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3})          // owner of the repo3, is an org

  44. 		user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4})         // owner of neither repos

  45. 		repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})   // public repo

  46. 		repo3 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 3})   // public repo

  47. 		repo16 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 16}) // private repo

  48. 		fileID := 0

  49. 

  50. 		// Get user2's token

  51. 		session := loginUser(t, user2.Name)

  52. 		token2 := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)

  53. 		// Get user4's token

  54. 		session = loginUser(t, user4.Name)

  55. 		token4 := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)

  56. 

  57. 		// Test deleting a file in repo1 which user2 owns, try both with branch and empty branch

  58. 		for _, branch := range [...]string{

  59. 			"master", // Branch

  60. 			"",       // Empty branch

  61. 		} {

  62. 			fileID++

  63. 			treePath := fmt.Sprintf("delete/file%d.txt", fileID)

  64. 			createFile(user2, repo1, treePath)

  65. 			deleteFileOptions := getDeleteFileOptions()

  66. 			deleteFileOptions.BranchName = branch

  67. 			url := fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token2)

  68. 			req := NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  69. 			resp := MakeRequest(t, req, http.StatusOK)

  70. 			var fileResponse api.FileResponse

  71. 			DecodeJSON(t, resp, &fileResponse)

  72. 			assert.NotNil(t, fileResponse)

  73. 			assert.Nil(t, fileResponse.Content)

  74. 		}

  75. 

  76. 		// Test deleting file and making the delete in a new branch

  77. 		fileID++

  78. 		treePath := fmt.Sprintf("delete/file%d.txt", fileID)

  79. 		createFile(user2, repo1, treePath)

  80. 		deleteFileOptions := getDeleteFileOptions()

  81. 		deleteFileOptions.BranchName = repo1.DefaultBranch

  82. 		deleteFileOptions.NewBranchName = "new_branch"

  83. 		url := fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token2)

  84. 		req := NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  85. 		resp := MakeRequest(t, req, http.StatusOK)

  86. 		var fileResponse api.FileResponse

  87. 		DecodeJSON(t, resp, &fileResponse)

  88. 		assert.NotNil(t, fileResponse)

  89. 		assert.Nil(t, fileResponse.Content)

  90. 		assert.EqualValues(t, deleteFileOptions.Message+"\n", fileResponse.Commit.Message)

  91. 

  92. 		// Test deleting file without a message

  93. 		fileID++

  94. 		treePath = fmt.Sprintf("delete/file%d.txt", fileID)

  95. 		createFile(user2, repo1, treePath)

  96. 		deleteFileOptions = getDeleteFileOptions()

  97. 		deleteFileOptions.Message = ""

  98. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token2)

  99. 		req = NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  100. 		resp = MakeRequest(t, req, http.StatusOK)

  101. 		DecodeJSON(t, resp, &fileResponse)

  102. 		expectedMessage := "Delete " + treePath + "\n"

  103. 		assert.EqualValues(t, expectedMessage, fileResponse.Commit.Message)

  104. 

  105. 		// Test deleting a file with the wrong SHA

  106. 		fileID++

  107. 		treePath = fmt.Sprintf("delete/file%d.txt", fileID)

  108. 		createFile(user2, repo1, treePath)

  109. 		deleteFileOptions = getDeleteFileOptions()

  110. 		deleteFileOptions.SHA = "badsha"

  111. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token2)

  112. 		req = NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  113. 		MakeRequest(t, req, http.StatusBadRequest)

  114. 

  115. 		// Test creating a file in repo16 by user4 who does not have write access

  116. 		fileID++

  117. 		treePath = fmt.Sprintf("delete/file%d.txt", fileID)

  118. 		createFile(user2, repo16, treePath)

  119. 		deleteFileOptions = getDeleteFileOptions()

  120. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo16.Name, treePath, token4)

  121. 		req = NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  122. 		MakeRequest(t, req, http.StatusNotFound)

  123. 

  124. 		// Tests a repo with no token given so will fail

  125. 		fileID++

  126. 		treePath = fmt.Sprintf("delete/file%d.txt", fileID)

  127. 		createFile(user2, repo16, treePath)

  128. 		deleteFileOptions = getDeleteFileOptions()

  129. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s", user2.Name, repo16.Name, treePath)

  130. 		req = NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  131. 		MakeRequest(t, req, http.StatusNotFound)

  132. 

  133. 		// Test using access token for a private repo that the user of the token owns

  134. 		fileID++

  135. 		treePath = fmt.Sprintf("delete/file%d.txt", fileID)

  136. 		createFile(user2, repo16, treePath)

  137. 		deleteFileOptions = getDeleteFileOptions()

  138. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo16.Name, treePath, token2)

  139. 		req = NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  140. 		MakeRequest(t, req, http.StatusOK)

  141. 

  142. 		// Test using org repo "org3/repo3" where user2 is a collaborator

  143. 		fileID++

  144. 		treePath = fmt.Sprintf("delete/file%d.txt", fileID)

  145. 		createFile(org3, repo3, treePath)

  146. 		deleteFileOptions = getDeleteFileOptions()

  147. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", org3.Name, repo3.Name, treePath, token2)

  148. 		req = NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  149. 		MakeRequest(t, req, http.StatusOK)

  150. 

  151. 		// Test using org repo "org3/repo3" with no user token

  152. 		fileID++

  153. 		treePath = fmt.Sprintf("delete/file%d.txt", fileID)

  154. 		createFile(org3, repo3, treePath)

  155. 		deleteFileOptions = getDeleteFileOptions()

  156. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s", org3.Name, repo3.Name, treePath)

  157. 		req = NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  158. 		MakeRequest(t, req, http.StatusNotFound)

  159. 

  160. 		// Test using repo "user2/repo1" where user4 is a NOT collaborator

  161. 		fileID++

  162. 		treePath = fmt.Sprintf("delete/file%d.txt", fileID)

  163. 		createFile(user2, repo1, treePath)

  164. 		deleteFileOptions = getDeleteFileOptions()

  165. 		url = fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s?token=%s", user2.Name, repo1.Name, treePath, token4)

  166. 		req = NewRequestWithJSON(t, "DELETE", url, &deleteFileOptions)

  167. 		MakeRequest(t, req, http.StatusForbidden)

  168. 	})

  169. }