You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

74 lines
3.2 KiB

  1. // Copyright 2019 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package integrations
  5. import (
  6. "net/http"
  7. "testing"
  8. "code.gitea.io/gitea/models"
  9. )
  10. func TestAPIReposGitTrees(t *testing.T) {
  11. defer prepareTestEnv(t)()
  12. user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) // owner of the repo1 & repo16
  13. user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User) // owner of the repo3
  14. user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User) // owner of neither repos
  15. repo1 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository) // public repo
  16. repo3 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 3}).(*models.Repository) // public repo
  17. repo16 := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 16}).(*models.Repository) // private repo
  18. repo1TreeSHA := "65f1bf27bc3bf70f64657658635e66094edbcb4d"
  19. repo3TreeSHA := "2a47ca4b614a9f5a43abbd5ad851a54a616ffee6"
  20. repo16TreeSHA := "69554a64c1e6030f051e5c3f94bfbd773cd6a324"
  21. badSHA := "0000000000000000000000000000000000000000"
  22. // Login as User2.
  23. session := loginUser(t, user2.Name)
  24. token := getTokenForLoggedInUser(t, session)
  25. session = emptyTestSession(t) // don't want anyone logged in for this
  26. // Test a public repo that anyone can GET the tree of
  27. for _, ref := range [...]string{
  28. "master", // Branch
  29. repo1TreeSHA, // Tree SHA
  30. } {
  31. req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/trees/%s", user2.Name, repo1.Name, ref)
  32. session.MakeRequest(t, req, http.StatusOK)
  33. }
  34. // Tests a private repo with no token so will fail
  35. for _, ref := range [...]string{
  36. "master", // Branch
  37. repo1TreeSHA, // Tag
  38. } {
  39. req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/trees/%s", user2.Name, repo16.Name, ref)
  40. session.MakeRequest(t, req, http.StatusNotFound)
  41. }
  42. // Test using access token for a private repo that the user of the token owns
  43. req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/trees/%s?token=%s", user2.Name, repo16.Name, repo16TreeSHA, token)
  44. session.MakeRequest(t, req, http.StatusOK)
  45. // Test using bad sha
  46. req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/trees/%s", user2.Name, repo1.Name, badSHA)
  47. session.MakeRequest(t, req, http.StatusBadRequest)
  48. // Test using org repo "user3/repo3" where user2 is a collaborator
  49. req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/trees/%s?token=%s", user3.Name, repo3.Name, repo3TreeSHA, token)
  50. session.MakeRequest(t, req, http.StatusOK)
  51. // Test using org repo "user3/repo3" with no user token
  52. req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/trees/%s", user3.Name, repo3TreeSHA, repo3.Name)
  53. session.MakeRequest(t, req, http.StatusNotFound)
  54. // Login as User4.
  55. session = loginUser(t, user4.Name)
  56. token4 := getTokenForLoggedInUser(t, session)
  57. session = emptyTestSession(t) // don't want anyone logged in for this
  58. // Test using org repo "user3/repo3" where user4 is a NOT collaborator
  59. req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/git/trees/d56a3073c1dbb7b15963110a049d50cdb5db99fc?access=%s", user3.Name, repo3.Name, token4)
  60. session.MakeRequest(t, req, http.StatusNotFound)
  61. }