You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

237 lines
8.6 KiB

  1. // Copyright 2017 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package integrations
  5. import (
  6. "fmt"
  7. "net/http"
  8. "testing"
  9. "code.gitea.io/gitea/models"
  10. api "code.gitea.io/sdk/gitea"
  11. "github.com/stretchr/testify/assert"
  12. )
  13. func TestAPIUserReposNotLogin(t *testing.T) {
  14. prepareTestEnv(t)
  15. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
  16. req := NewRequestf(t, "GET", "/api/v1/users/%s/repos", user.Name)
  17. resp := MakeRequest(t, req, http.StatusOK)
  18. var apiRepos []api.Repository
  19. DecodeJSON(t, resp, &apiRepos)
  20. expectedLen := models.GetCount(t, models.Repository{OwnerID: user.ID},
  21. models.Cond("is_private = ?", false))
  22. assert.Len(t, apiRepos, expectedLen)
  23. for _, repo := range apiRepos {
  24. assert.EqualValues(t, user.ID, repo.Owner.ID)
  25. assert.False(t, repo.Private)
  26. }
  27. }
  28. func TestAPISearchRepo(t *testing.T) {
  29. prepareTestEnv(t)
  30. const keyword = "test"
  31. req := NewRequestf(t, "GET", "/api/v1/repos/search?q=%s", keyword)
  32. resp := MakeRequest(t, req, http.StatusOK)
  33. var body api.SearchResults
  34. DecodeJSON(t, resp, &body)
  35. assert.NotEmpty(t, body.Data)
  36. for _, repo := range body.Data {
  37. assert.Contains(t, repo.Name, keyword)
  38. assert.False(t, repo.Private)
  39. }
  40. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 15}).(*models.User)
  41. user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 16}).(*models.User)
  42. user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 18}).(*models.User)
  43. user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 20}).(*models.User)
  44. orgUser := models.AssertExistsAndLoadBean(t, &models.User{ID: 17}).(*models.User)
  45. // Map of expected results, where key is user for login
  46. type expectedResults map[*models.User]struct {
  47. count int
  48. repoOwnerID int64
  49. repoName string
  50. includesPrivate bool
  51. }
  52. testCases := []struct {
  53. name, requestURL string
  54. expectedResults
  55. }{
  56. {name: "RepositoriesMax50", requestURL: "/api/v1/repos/search?limit=50", expectedResults: expectedResults{
  57. nil: {count: 15},
  58. user: {count: 15},
  59. user2: {count: 15}},
  60. },
  61. {name: "RepositoriesMax10", requestURL: "/api/v1/repos/search?limit=10", expectedResults: expectedResults{
  62. nil: {count: 10},
  63. user: {count: 10},
  64. user2: {count: 10}},
  65. },
  66. {name: "RepositoriesDefaultMax10", requestURL: "/api/v1/repos/search", expectedResults: expectedResults{
  67. nil: {count: 10},
  68. user: {count: 10},
  69. user2: {count: 10}},
  70. },
  71. {name: "RepositoriesByName", requestURL: fmt.Sprintf("/api/v1/repos/search?q=%s", "big_test_"), expectedResults: expectedResults{
  72. nil: {count: 7, repoName: "big_test_"},
  73. user: {count: 7, repoName: "big_test_"},
  74. user2: {count: 7, repoName: "big_test_"}},
  75. },
  76. {name: "RepositoriesAccessibleAndRelatedToUser", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user.ID), expectedResults: expectedResults{
  77. nil: {count: 4},
  78. user: {count: 8, includesPrivate: true},
  79. user2: {count: 4}},
  80. },
  81. {name: "RepositoriesAccessibleAndRelatedToUser2", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user2.ID), expectedResults: expectedResults{
  82. nil: {count: 1},
  83. user: {count: 1},
  84. user2: {count: 2, includesPrivate: true}},
  85. },
  86. {name: "RepositoriesAccessibleAndRelatedToUser3", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user3.ID), expectedResults: expectedResults{
  87. nil: {count: 1},
  88. user: {count: 1},
  89. user2: {count: 1},
  90. user3: {count: 4, includesPrivate: true}},
  91. },
  92. {name: "RepositoriesOwnedByOrganization", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", orgUser.ID), expectedResults: expectedResults{
  93. nil: {count: 1, repoOwnerID: orgUser.ID},
  94. user: {count: 2, repoOwnerID: orgUser.ID, includesPrivate: true},
  95. user2: {count: 1, repoOwnerID: orgUser.ID}},
  96. },
  97. {name: "RepositoriesAccessibleAndRelatedToUser4", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user4.ID), expectedResults: expectedResults{
  98. nil: {count: 3},
  99. user: {count: 3},
  100. user4: {count: 6, includesPrivate: true}}},
  101. {name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeSource", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "source"), expectedResults: expectedResults{
  102. nil: {count: 0},
  103. user: {count: 0},
  104. user4: {count: 0, includesPrivate: true}}},
  105. {name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeFork", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "fork"), expectedResults: expectedResults{
  106. nil: {count: 1},
  107. user: {count: 1},
  108. user4: {count: 2, includesPrivate: true}}},
  109. {name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeFork/Exclusive", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s&exclusive=1", user4.ID, "fork"), expectedResults: expectedResults{
  110. nil: {count: 1},
  111. user: {count: 1},
  112. user4: {count: 2, includesPrivate: true}}},
  113. {name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeMirror", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "mirror"), expectedResults: expectedResults{
  114. nil: {count: 2},
  115. user: {count: 2},
  116. user4: {count: 4, includesPrivate: true}}},
  117. {name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeMirror/Exclusive", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s&exclusive=1", user4.ID, "mirror"), expectedResults: expectedResults{
  118. nil: {count: 1},
  119. user: {count: 1},
  120. user4: {count: 2, includesPrivate: true}}},
  121. {name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeCollaborative", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "collaborative"), expectedResults: expectedResults{
  122. nil: {count: 0},
  123. user: {count: 0},
  124. user4: {count: 0, includesPrivate: true}}},
  125. }
  126. for _, testCase := range testCases {
  127. t.Run(testCase.name, func(t *testing.T) {
  128. for userToLogin, expected := range testCase.expectedResults {
  129. var session *TestSession
  130. var testName string
  131. var userID int64
  132. if userToLogin != nil && userToLogin.ID > 0 {
  133. testName = fmt.Sprintf("LoggedUser%d", userToLogin.ID)
  134. session = loginUser(t, userToLogin.Name)
  135. userID = userToLogin.ID
  136. } else {
  137. testName = "AnonymousUser"
  138. session = emptyTestSession(t)
  139. }
  140. t.Run(testName, func(t *testing.T) {
  141. request := NewRequest(t, "GET", testCase.requestURL)
  142. response := session.MakeRequest(t, request, http.StatusOK)
  143. var body api.SearchResults
  144. DecodeJSON(t, response, &body)
  145. assert.Len(t, body.Data, expected.count)
  146. for _, repo := range body.Data {
  147. r := getRepo(t, repo.ID)
  148. hasAccess, err := models.HasAccess(userID, r, models.AccessModeRead)
  149. assert.NoError(t, err)
  150. assert.True(t, hasAccess)
  151. assert.NotEmpty(t, repo.Name)
  152. if len(expected.repoName) > 0 {
  153. assert.Contains(t, repo.Name, expected.repoName)
  154. }
  155. if expected.repoOwnerID > 0 {
  156. assert.Equal(t, expected.repoOwnerID, repo.Owner.ID)
  157. }
  158. if !expected.includesPrivate {
  159. assert.False(t, repo.Private)
  160. }
  161. }
  162. })
  163. }
  164. })
  165. }
  166. }
  167. var repoCache = make(map[int64]*models.Repository)
  168. func getRepo(t *testing.T, repoID int64) *models.Repository {
  169. if _, ok := repoCache[repoID]; !ok {
  170. repoCache[repoID] = models.AssertExistsAndLoadBean(t, &models.Repository{ID: repoID}).(*models.Repository)
  171. }
  172. return repoCache[repoID]
  173. }
  174. func TestAPIViewRepo(t *testing.T) {
  175. prepareTestEnv(t)
  176. req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1")
  177. resp := MakeRequest(t, req, http.StatusOK)
  178. var repo api.Repository
  179. DecodeJSON(t, resp, &repo)
  180. assert.EqualValues(t, 1, repo.ID)
  181. assert.EqualValues(t, "repo1", repo.Name)
  182. }
  183. func TestAPIOrgRepos(t *testing.T) {
  184. prepareTestEnv(t)
  185. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
  186. // User3 is an Org. Check their repos.
  187. sourceOrg := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)
  188. // Login as User2.
  189. session := loginUser(t, user.Name)
  190. req := NewRequestf(t, "GET", "/api/v1/orgs/%s/repos", sourceOrg.Name)
  191. resp := session.MakeRequest(t, req, http.StatusOK)
  192. var apiRepos []*api.Repository
  193. DecodeJSON(t, resp, &apiRepos)
  194. expectedLen := models.GetCount(t, models.Repository{OwnerID: sourceOrg.ID},
  195. models.Cond("is_private = ?", false))
  196. assert.Len(t, apiRepos, expectedLen)
  197. for _, repo := range apiRepos {
  198. assert.False(t, repo.Private)
  199. }
  200. }
  201. func TestAPIGetRepoByIDUnauthorized(t *testing.T) {
  202. prepareTestEnv(t)
  203. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User)
  204. sess := loginUser(t, user.Name)
  205. req := NewRequestf(t, "GET", "/api/v1/repositories/2")
  206. sess.MakeRequest(t, req, http.StatusNotFound)
  207. }