mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8896 Commits
17 Branches
Tree: v1.21.7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.21.7'
${ noResults }
gitea/tests/integration/api_user_orgs_test.go

api_user_orgs_test.go 3.7KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 
  1. // Copyright 2018 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"testing"

  10. 

  11. 	auth_model "code.gitea.io/gitea/models/auth"

  12. 	"code.gitea.io/gitea/models/db"

  13. 	"code.gitea.io/gitea/models/unittest"

  14. 	user_model "code.gitea.io/gitea/models/user"

  15. 	api "code.gitea.io/gitea/modules/structs"

  16. 	"code.gitea.io/gitea/tests"

  17. 

  18. 	"github.com/stretchr/testify/assert"

  19. )

  20. 

  21. func TestUserOrgs(t *testing.T) {

  22. 	defer tests.PrepareTestEnv(t)()

  23. 	adminUsername := "user1"

  24. 	normalUsername := "user2"

  25. 	privateMemberUsername := "user4"

  26. 	unrelatedUsername := "user5"

  27. 

  28. 	orgs := getUserOrgs(t, adminUsername, normalUsername)

  29. 

  30. 	org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org3"})

  31. 	org17 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org17"})

  32. 

  33. 	assert.Equal(t, []*api.Organization{

  34. 		{

  35. 			ID:          17,

  36. 			Name:        org17.Name,

  37. 			UserName:    org17.Name,

  38. 			FullName:    org17.FullName,

  39. 			Email:       org17.Email,

  40. 			AvatarURL:   org17.AvatarLink(db.DefaultContext),

  41. 			Description: "",

  42. 			Website:     "",

  43. 			Location:    "",

  44. 			Visibility:  "public",

  45. 		},

  46. 		{

  47. 			ID:          3,

  48. 			Name:        org3.Name,

  49. 			UserName:    org3.Name,

  50. 			FullName:    org3.FullName,

  51. 			Email:       org3.Email,

  52. 			AvatarURL:   org3.AvatarLink(db.DefaultContext),

  53. 			Description: "",

  54. 			Website:     "",

  55. 			Location:    "",

  56. 			Visibility:  "public",

  57. 		},

  58. 	}, orgs)

  59. 

  60. 	// user itself should get it's org's he is a member of

  61. 	orgs = getUserOrgs(t, privateMemberUsername, privateMemberUsername)

  62. 	assert.Len(t, orgs, 1)

  63. 

  64. 	// unrelated user should not get private org membership of privateMemberUsername

  65. 	orgs = getUserOrgs(t, unrelatedUsername, privateMemberUsername)

  66. 	assert.Len(t, orgs, 0)

  67. 

  68. 	// not authenticated call should not be allowed

  69. 	testUserOrgsUnauthenticated(t, privateMemberUsername)

  70. }

  71. 

  72. func getUserOrgs(t *testing.T, userDoer, userCheck string) (orgs []*api.Organization) {

  73. 	token := ""

  74. 	if len(userDoer) != 0 {

  75. 		token = getUserToken(t, userDoer, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadUser)

  76. 	}

  77. 	urlStr := fmt.Sprintf("/api/v1/users/%s/orgs?token=%s", userCheck, token)

  78. 	req := NewRequest(t, "GET", urlStr)

  79. 	resp := MakeRequest(t, req, http.StatusOK)

  80. 	DecodeJSON(t, resp, &orgs)

  81. 	return orgs

  82. }

  83. 

  84. func testUserOrgsUnauthenticated(t *testing.T, userCheck string) {

  85. 	session := emptyTestSession(t)

  86. 	req := NewRequestf(t, "GET", "/api/v1/users/%s/orgs", userCheck)

  87. 	session.MakeRequest(t, req, http.StatusUnauthorized)

  88. }

  89. 

  90. func TestMyOrgs(t *testing.T) {

  91. 	defer tests.PrepareTestEnv(t)()

  92. 

  93. 	req := NewRequest(t, "GET", "/api/v1/user/orgs")

  94. 	MakeRequest(t, req, http.StatusUnauthorized)

  95. 

  96. 	normalUsername := "user2"

  97. 	token := getUserToken(t, normalUsername, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadUser)

  98. 	req = NewRequest(t, "GET", "/api/v1/user/orgs?token="+token)

  99. 	resp := MakeRequest(t, req, http.StatusOK)

  100. 	var orgs []*api.Organization

  101. 	DecodeJSON(t, resp, &orgs)

  102. 	org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org3"})

  103. 	org17 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org17"})

  104. 

  105. 	assert.Equal(t, []*api.Organization{

  106. 		{

  107. 			ID:          17,

  108. 			Name:        org17.Name,

  109. 			UserName:    org17.Name,

  110. 			FullName:    org17.FullName,

  111. 			Email:       org17.Email,

  112. 			AvatarURL:   org17.AvatarLink(db.DefaultContext),

  113. 			Description: "",

  114. 			Website:     "",

  115. 			Location:    "",

  116. 			Visibility:  "public",

  117. 		},

  118. 		{

  119. 			ID:          3,

  120. 			Name:        org3.Name,

  121. 			UserName:    org3.Name,

  122. 			FullName:    org3.FullName,

  123. 			Email:       org3.Email,

  124. 			AvatarURL:   org3.AvatarLink(db.DefaultContext),

  125. 			Description: "",

  126. 			Website:     "",

  127. 			Location:    "",

  128. 			Visibility:  "public",

  129. 		},

  130. 	}, orgs)

  131. }