You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

194 lines
6.6 KiB

  1. // Copyright 2019 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package integrations
  5. import (
  6. "fmt"
  7. "net/http"
  8. "testing"
  9. "code.gitea.io/gitea/models"
  10. api "code.gitea.io/gitea/modules/structs"
  11. "github.com/stretchr/testify/assert"
  12. )
  13. const testHookContent = `#!/bin/bash
  14. echo Hello, World!
  15. `
  16. func TestAPIListGitHooks(t *testing.T) {
  17. defer prepareTestEnv(t)()
  18. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 37}).(*models.Repository)
  19. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  20. // user1 is an admin user
  21. session := loginUser(t, "user1")
  22. token := getTokenForLoggedInUser(t, session)
  23. req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git?token=%s",
  24. owner.Name, repo.Name, token)
  25. resp := MakeRequest(t, req, http.StatusOK)
  26. var apiGitHooks []*api.GitHook
  27. DecodeJSON(t, resp, &apiGitHooks)
  28. assert.Len(t, apiGitHooks, 3)
  29. for _, apiGitHook := range apiGitHooks {
  30. if apiGitHook.Name == "pre-receive" {
  31. assert.True(t, apiGitHook.IsActive)
  32. assert.Equal(t, testHookContent, apiGitHook.Content)
  33. } else {
  34. assert.False(t, apiGitHook.IsActive)
  35. assert.Empty(t, apiGitHook.Content)
  36. }
  37. }
  38. }
  39. func TestAPIListGitHooksNoHooks(t *testing.T) {
  40. defer prepareTestEnv(t)()
  41. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
  42. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  43. // user1 is an admin user
  44. session := loginUser(t, "user1")
  45. token := getTokenForLoggedInUser(t, session)
  46. req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git?token=%s",
  47. owner.Name, repo.Name, token)
  48. resp := MakeRequest(t, req, http.StatusOK)
  49. var apiGitHooks []*api.GitHook
  50. DecodeJSON(t, resp, &apiGitHooks)
  51. assert.Len(t, apiGitHooks, 3)
  52. for _, apiGitHook := range apiGitHooks {
  53. assert.False(t, apiGitHook.IsActive)
  54. assert.Empty(t, apiGitHook.Content)
  55. }
  56. }
  57. func TestAPIListGitHooksNoAccess(t *testing.T) {
  58. defer prepareTestEnv(t)()
  59. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
  60. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  61. session := loginUser(t, owner.Name)
  62. token := getTokenForLoggedInUser(t, session)
  63. req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git?token=%s",
  64. owner.Name, repo.Name, token)
  65. MakeRequest(t, req, http.StatusForbidden)
  66. }
  67. func TestAPIGetGitHook(t *testing.T) {
  68. defer prepareTestEnv(t)()
  69. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 37}).(*models.Repository)
  70. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  71. // user1 is an admin user
  72. session := loginUser(t, "user1")
  73. token := getTokenForLoggedInUser(t, session)
  74. req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
  75. owner.Name, repo.Name, token)
  76. resp := MakeRequest(t, req, http.StatusOK)
  77. var apiGitHook *api.GitHook
  78. DecodeJSON(t, resp, &apiGitHook)
  79. assert.True(t, apiGitHook.IsActive)
  80. assert.Equal(t, testHookContent, apiGitHook.Content)
  81. }
  82. func TestAPIGetGitHookNoAccess(t *testing.T) {
  83. defer prepareTestEnv(t)()
  84. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
  85. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  86. session := loginUser(t, owner.Name)
  87. token := getTokenForLoggedInUser(t, session)
  88. req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
  89. owner.Name, repo.Name, token)
  90. MakeRequest(t, req, http.StatusForbidden)
  91. }
  92. func TestAPIEditGitHook(t *testing.T) {
  93. defer prepareTestEnv(t)()
  94. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
  95. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  96. // user1 is an admin user
  97. session := loginUser(t, "user1")
  98. token := getTokenForLoggedInUser(t, session)
  99. urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
  100. owner.Name, repo.Name, token)
  101. req := NewRequestWithJSON(t, "PATCH", urlStr, &api.EditGitHookOption{
  102. Content: testHookContent,
  103. })
  104. resp := MakeRequest(t, req, http.StatusOK)
  105. var apiGitHook *api.GitHook
  106. DecodeJSON(t, resp, &apiGitHook)
  107. assert.True(t, apiGitHook.IsActive)
  108. assert.Equal(t, testHookContent, apiGitHook.Content)
  109. req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
  110. owner.Name, repo.Name, token)
  111. resp = MakeRequest(t, req, http.StatusOK)
  112. var apiGitHook2 *api.GitHook
  113. DecodeJSON(t, resp, &apiGitHook2)
  114. assert.True(t, apiGitHook2.IsActive)
  115. assert.Equal(t, testHookContent, apiGitHook2.Content)
  116. }
  117. func TestAPIEditGitHookNoAccess(t *testing.T) {
  118. defer prepareTestEnv(t)()
  119. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
  120. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  121. session := loginUser(t, owner.Name)
  122. token := getTokenForLoggedInUser(t, session)
  123. urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
  124. owner.Name, repo.Name, token)
  125. req := NewRequestWithJSON(t, "PATCH", urlStr, &api.EditGitHookOption{
  126. Content: testHookContent,
  127. })
  128. MakeRequest(t, req, http.StatusForbidden)
  129. }
  130. func TestAPIDeleteGitHook(t *testing.T) {
  131. defer prepareTestEnv(t)()
  132. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 37}).(*models.Repository)
  133. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  134. // user1 is an admin user
  135. session := loginUser(t, "user1")
  136. token := getTokenForLoggedInUser(t, session)
  137. req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
  138. owner.Name, repo.Name, token)
  139. MakeRequest(t, req, http.StatusNoContent)
  140. req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
  141. owner.Name, repo.Name, token)
  142. resp := MakeRequest(t, req, http.StatusOK)
  143. var apiGitHook2 *api.GitHook
  144. DecodeJSON(t, resp, &apiGitHook2)
  145. assert.False(t, apiGitHook2.IsActive)
  146. assert.Empty(t, apiGitHook2.Content)
  147. }
  148. func TestAPIDeleteGitHookNoAccess(t *testing.T) {
  149. defer prepareTestEnv(t)()
  150. repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
  151. owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
  152. session := loginUser(t, owner.Name)
  153. token := getTokenForLoggedInUser(t, session)
  154. req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
  155. owner.Name, repo.Name, token)
  156. MakeRequest(t, req, http.StatusForbidden)
  157. }