mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15620 Commits
17 Branches
Tree: v1.22.0-rc
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.22.0-rc'
${ noResults }
gitea/tests/integration/api_user_org_perm_test.go

api_user_org_perm_test.go 4.5KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153 
  1. // Copyright 2021 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"testing"

  10. 

  11. 	auth_model "code.gitea.io/gitea/models/auth"

  12. 	api "code.gitea.io/gitea/modules/structs"

  13. 	"code.gitea.io/gitea/tests"

  14. 

  15. 	"github.com/stretchr/testify/assert"

  16. )

  17. 

  18. type apiUserOrgPermTestCase struct {

  19. 	LoginUser                       string

  20. 	User                            string

  21. 	Organization                    string

  22. 	ExpectedOrganizationPermissions api.OrganizationPermissions

  23. }

  24. 

  25. func TestTokenNeeded(t *testing.T) {

  26. 	defer tests.PrepareTestEnv(t)()

  27. 

  28. 	req := NewRequest(t, "GET", "/api/v1/users/user1/orgs/org6/permissions")

  29. 	MakeRequest(t, req, http.StatusUnauthorized)

  30. }

  31. 

  32. func sampleTest(t *testing.T, auoptc apiUserOrgPermTestCase) {

  33. 	defer tests.PrepareTestEnv(t)()

  34. 

  35. 	session := loginUser(t, auoptc.LoginUser)

  36. 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadUser)

  37. 

  38. 	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/%s/orgs/%s/permissions", auoptc.User, auoptc.Organization)).

  39. 		AddTokenAuth(token)

  40. 	resp := MakeRequest(t, req, http.StatusOK)

  41. 

  42. 	var apiOP api.OrganizationPermissions

  43. 	DecodeJSON(t, resp, &apiOP)

  44. 	assert.Equal(t, auoptc.ExpectedOrganizationPermissions.IsOwner, apiOP.IsOwner)

  45. 	assert.Equal(t, auoptc.ExpectedOrganizationPermissions.IsAdmin, apiOP.IsAdmin)

  46. 	assert.Equal(t, auoptc.ExpectedOrganizationPermissions.CanWrite, apiOP.CanWrite)

  47. 	assert.Equal(t, auoptc.ExpectedOrganizationPermissions.CanRead, apiOP.CanRead)

  48. 	assert.Equal(t, auoptc.ExpectedOrganizationPermissions.CanCreateRepository, apiOP.CanCreateRepository)

  49. }

  50. 

  51. func TestWithOwnerUser(t *testing.T) {

  52. 	sampleTest(t, apiUserOrgPermTestCase{

  53. 		LoginUser:    "user2",

  54. 		User:         "user2",

  55. 		Organization: "org3",

  56. 		ExpectedOrganizationPermissions: api.OrganizationPermissions{

  57. 			IsOwner:             true,

  58. 			IsAdmin:             true,

  59. 			CanWrite:            true,

  60. 			CanRead:             true,

  61. 			CanCreateRepository: true,

  62. 		},

  63. 	})

  64. }

  65. 

  66. func TestCanWriteUser(t *testing.T) {

  67. 	sampleTest(t, apiUserOrgPermTestCase{

  68. 		LoginUser:    "user4",

  69. 		User:         "user4",

  70. 		Organization: "org3",

  71. 		ExpectedOrganizationPermissions: api.OrganizationPermissions{

  72. 			IsOwner:             false,

  73. 			IsAdmin:             false,

  74. 			CanWrite:            true,

  75. 			CanRead:             true,

  76. 			CanCreateRepository: false,

  77. 		},

  78. 	})

  79. }

  80. 

  81. func TestAdminUser(t *testing.T) {

  82. 	sampleTest(t, apiUserOrgPermTestCase{

  83. 		LoginUser:    "user1",

  84. 		User:         "user28",

  85. 		Organization: "org3",

  86. 		ExpectedOrganizationPermissions: api.OrganizationPermissions{

  87. 			IsOwner:             false,

  88. 			IsAdmin:             true,

  89. 			CanWrite:            true,

  90. 			CanRead:             true,

  91. 			CanCreateRepository: true,

  92. 		},

  93. 	})

  94. }

  95. 

  96. func TestAdminCanNotCreateRepo(t *testing.T) {

  97. 	sampleTest(t, apiUserOrgPermTestCase{

  98. 		LoginUser:    "user1",

  99. 		User:         "user28",

  100. 		Organization: "org6",

  101. 		ExpectedOrganizationPermissions: api.OrganizationPermissions{

  102. 			IsOwner:             false,

  103. 			IsAdmin:             true,

  104. 			CanWrite:            true,

  105. 			CanRead:             true,

  106. 			CanCreateRepository: false,

  107. 		},

  108. 	})

  109. }

  110. 

  111. func TestCanReadUser(t *testing.T) {

  112. 	sampleTest(t, apiUserOrgPermTestCase{

  113. 		LoginUser:    "user1",

  114. 		User:         "user24",

  115. 		Organization: "org25",

  116. 		ExpectedOrganizationPermissions: api.OrganizationPermissions{

  117. 			IsOwner:             false,

  118. 			IsAdmin:             false,

  119. 			CanWrite:            false,

  120. 			CanRead:             true,

  121. 			CanCreateRepository: false,

  122. 		},

  123. 	})

  124. }

  125. 

  126. func TestUnknowUser(t *testing.T) {

  127. 	defer tests.PrepareTestEnv(t)()

  128. 

  129. 	session := loginUser(t, "user1")

  130. 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser, auth_model.AccessTokenScopeReadOrganization)

  131. 

  132. 	req := NewRequest(t, "GET", "/api/v1/users/unknow/orgs/org25/permissions").

  133. 		AddTokenAuth(token)

  134. 	resp := MakeRequest(t, req, http.StatusNotFound)

  135. 

  136. 	var apiError api.APIError

  137. 	DecodeJSON(t, resp, &apiError)

  138. 	assert.Equal(t, "user redirect does not exist [name: unknow]", apiError.Message)

  139. }

  140. 

  141. func TestUnknowOrganization(t *testing.T) {

  142. 	defer tests.PrepareTestEnv(t)()

  143. 

  144. 	session := loginUser(t, "user1")

  145. 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser, auth_model.AccessTokenScopeReadOrganization)

  146. 

  147. 	req := NewRequest(t, "GET", "/api/v1/users/user1/orgs/unknow/permissions").

  148. 		AddTokenAuth(token)

  149. 	resp := MakeRequest(t, req, http.StatusNotFound)

  150. 	var apiError api.APIError

  151. 	DecodeJSON(t, resp, &apiError)

  152. 	assert.Equal(t, "GetUserByName", apiError.Message)

  153. }