githaven/integrations/repofiles_update_test.go

411 lines
14 KiB
Go
Raw Normal View History

2019-05-11 15:29:17 +00:00
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package integrations
import (
"net/url"
"path/filepath"
2019-05-11 15:29:17 +00:00
"testing"
"time"
repo_model "code.gitea.io/gitea/models/repo"
2019-05-11 15:29:17 +00:00
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/test"
files_service "code.gitea.io/gitea/services/repository/files"
2019-05-11 15:29:17 +00:00
"github.com/stretchr/testify/assert"
)
func getCreateRepoFileOptions(repo *repo_model.Repository) *files_service.UpdateRepoFileOptions {
return &files_service.UpdateRepoFileOptions{
2019-05-11 15:29:17 +00:00
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
TreePath: "new/file.txt",
Message: "Creates new/file.txt",
Content: "This is a NEW file",
IsNewFile: true,
Author: nil,
Committer: nil,
}
}
func getUpdateRepoFileOptions(repo *repo_model.Repository) *files_service.UpdateRepoFileOptions {
return &files_service.UpdateRepoFileOptions{
2019-05-11 15:29:17 +00:00
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
TreePath: "README.md",
Message: "Updates README.md",
SHA: "4b4851ad51df6a7d9f25c979345979eaeb5b349f",
Content: "This is UPDATED content for the README file",
IsNewFile: false,
Author: nil,
Committer: nil,
}
}
func getExpectedFileResponseForRepofilesCreate(commitID string) *api.FileResponse {
treePath := "new/file.txt"
encoding := "base64"
content := "VGhpcyBpcyBhIE5FVyBmaWxl"
selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=master"
htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + treePath
gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/103ff9234cefeee5ec5361d22b49fbb04d385885"
downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + treePath
2019-05-11 15:29:17 +00:00
return &api.FileResponse{
Content: &api.ContentsResponse{
Name: filepath.Base(treePath),
Path: treePath,
2019-05-11 15:29:17 +00:00
SHA: "103ff9234cefeee5ec5361d22b49fbb04d385885",
Type: "file",
2019-05-11 15:29:17 +00:00
Size: 18,
Encoding: &encoding,
Content: &content,
URL: &selfURL,
HTMLURL: &htmlURL,
GitURL: &gitURL,
DownloadURL: &downloadURL,
2019-05-11 15:29:17 +00:00
Links: &api.FileLinksResponse{
Self: &selfURL,
GitURL: &gitURL,
HTMLURL: &htmlURL,
2019-05-11 15:29:17 +00:00
},
},
Commit: &api.FileCommitResponse{
CommitMeta: api.CommitMeta{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/" + commitID,
SHA: commitID,
},
HTMLURL: setting.AppURL + "user2/repo1/commit/" + commitID,
Author: &api.CommitUser{
Identity: api.Identity{
Name: "User Two",
Email: "user2@noreply.example.org",
},
Date: time.Now().UTC().Format(time.RFC3339),
},
Committer: &api.CommitUser{
Identity: api.Identity{
Name: "User Two",
Email: "user2@noreply.example.org",
},
Date: time.Now().UTC().Format(time.RFC3339),
},
Parents: []*api.CommitMeta{
{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/65f1bf27bc3bf70f64657658635e66094edbcb4d",
SHA: "65f1bf27bc3bf70f64657658635e66094edbcb4d",
},
},
Message: "Updates README.md\n",
Tree: &api.CommitMeta{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/trees/f93e3a1a1525fb5b91020da86e44810c87a2d7bc",
SHA: "f93e3a1a1525fb5b91020git dda86e44810c87a2d7bc",
},
},
Verification: &api.PayloadCommitVerification{
Verified: false,
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however. ## Features - [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.) - [x] Verify commits signed with the default gpg as valid - [x] Signer, Committer and Author can all be different - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon. - [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg - [x] Try to match the default key with a user on gitea - this is done at verification time - [x] Make things configurable? - app.ini configuration done - [x] when checking commits are signed need to check if they're actually verifiable too - [x] Add documentation I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 13:42:42 +00:00
Reason: "gpg.error.not_signed_commit",
2019-05-11 15:29:17 +00:00
Signature: "",
Payload: "",
},
}
}
func getExpectedFileResponseForRepofilesUpdate(commitID, filename string) *api.FileResponse {
encoding := "base64"
content := "VGhpcyBpcyBVUERBVEVEIGNvbnRlbnQgZm9yIHRoZSBSRUFETUUgZmlsZQ=="
selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + filename + "?ref=master"
htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + filename
gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/dbf8d00e022e05b7e5cf7e535de857de57925647"
downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + filename
2019-05-11 15:29:17 +00:00
return &api.FileResponse{
Content: &api.ContentsResponse{
Name: filename,
Path: filename,
2019-05-11 15:29:17 +00:00
SHA: "dbf8d00e022e05b7e5cf7e535de857de57925647",
Type: "file",
2019-05-11 15:29:17 +00:00
Size: 43,
Encoding: &encoding,
Content: &content,
URL: &selfURL,
HTMLURL: &htmlURL,
GitURL: &gitURL,
DownloadURL: &downloadURL,
2019-05-11 15:29:17 +00:00
Links: &api.FileLinksResponse{
Self: &selfURL,
GitURL: &gitURL,
HTMLURL: &htmlURL,
2019-05-11 15:29:17 +00:00
},
},
Commit: &api.FileCommitResponse{
CommitMeta: api.CommitMeta{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/" + commitID,
SHA: commitID,
},
HTMLURL: setting.AppURL + "user2/repo1/commit/" + commitID,
Author: &api.CommitUser{
Identity: api.Identity{
Name: "User Two",
Email: "user2@noreply.example.org",
},
Date: time.Now().UTC().Format(time.RFC3339),
},
Committer: &api.CommitUser{
Identity: api.Identity{
Name: "User Two",
Email: "user2@noreply.example.org",
},
Date: time.Now().UTC().Format(time.RFC3339),
},
Parents: []*api.CommitMeta{
{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/65f1bf27bc3bf70f64657658635e66094edbcb4d",
SHA: "65f1bf27bc3bf70f64657658635e66094edbcb4d",
},
},
Message: "Updates README.md\n",
Tree: &api.CommitMeta{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/trees/f93e3a1a1525fb5b91020da86e44810c87a2d7bc",
SHA: "f93e3a1a1525fb5b91020da86e44810c87a2d7bc",
},
},
Verification: &api.PayloadCommitVerification{
Verified: false,
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however. ## Features - [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.) - [x] Verify commits signed with the default gpg as valid - [x] Signer, Committer and Author can all be different - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon. - [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg - [x] Try to match the default key with a user on gitea - this is done at verification time - [x] Make things configurable? - app.ini configuration done - [x] when checking commits are signed need to check if they're actually verifiable too - [x] Add documentation I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 13:42:42 +00:00
Reason: "gpg.error.not_signed_commit",
2019-05-11 15:29:17 +00:00
Signature: "",
Payload: "",
},
}
}
func TestCreateOrUpdateRepoFileForCreate(t *testing.T) {
// setup
onGiteaRun(t, func(t *testing.T, u *url.URL) {
ctx := test.MockContext(t, "user2/repo1")
ctx.SetParams(":id", "1")
test.LoadRepo(t, ctx, 1)
test.LoadRepoCommit(t, ctx)
test.LoadUser(t, ctx, 2)
test.LoadGitRepo(t, ctx)
defer ctx.Repo.GitRepo.Close()
2019-05-11 15:29:17 +00:00
repo := ctx.Repo.Repository
doer := ctx.User
opts := getCreateRepoFileOptions(repo)
// test
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
// asserts
assert.NoError(t, err)
2019-05-11 15:29:17 +00:00
gitRepo, _ := git.OpenRepository(repo.RepoPath())
defer gitRepo.Close()
2019-05-11 15:29:17 +00:00
commitID, _ := gitRepo.GetBranchCommitID(opts.NewBranch)
expectedFileResponse := getExpectedFileResponseForRepofilesCreate(commitID)
assert.NotNil(t, expectedFileResponse)
if expectedFileResponse != nil {
assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)
}
2019-05-11 15:29:17 +00:00
})
}
func TestCreateOrUpdateRepoFileForUpdate(t *testing.T) {
// setup
onGiteaRun(t, func(t *testing.T, u *url.URL) {
ctx := test.MockContext(t, "user2/repo1")
ctx.SetParams(":id", "1")
test.LoadRepo(t, ctx, 1)
test.LoadRepoCommit(t, ctx)
test.LoadUser(t, ctx, 2)
test.LoadGitRepo(t, ctx)
defer ctx.Repo.GitRepo.Close()
2019-05-11 15:29:17 +00:00
repo := ctx.Repo.Repository
doer := ctx.User
opts := getUpdateRepoFileOptions(repo)
// test
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
// asserts
assert.NoError(t, err)
2019-05-11 15:29:17 +00:00
gitRepo, _ := git.OpenRepository(repo.RepoPath())
defer gitRepo.Close()
2019-05-11 15:29:17 +00:00
commitID, _ := gitRepo.GetBranchCommitID(opts.NewBranch)
expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commitID, opts.TreePath)
2019-05-11 15:29:17 +00:00
assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, fileResponse.Commit.Author.Email)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, fileResponse.Commit.Author.Name)
})
}
func TestCreateOrUpdateRepoFileForUpdateWithFileMove(t *testing.T) {
// setup
onGiteaRun(t, func(t *testing.T, u *url.URL) {
ctx := test.MockContext(t, "user2/repo1")
ctx.SetParams(":id", "1")
test.LoadRepo(t, ctx, 1)
test.LoadRepoCommit(t, ctx)
test.LoadUser(t, ctx, 2)
test.LoadGitRepo(t, ctx)
defer ctx.Repo.GitRepo.Close()
2019-05-11 15:29:17 +00:00
repo := ctx.Repo.Repository
doer := ctx.User
opts := getUpdateRepoFileOptions(repo)
opts.FromTreePath = "README.md"
opts.TreePath = "README_new.md" // new file name, README_new.md
2019-05-11 15:29:17 +00:00
// test
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
// asserts
assert.NoError(t, err)
2019-05-11 15:29:17 +00:00
gitRepo, _ := git.OpenRepository(repo.RepoPath())
defer gitRepo.Close()
2019-05-11 15:29:17 +00:00
commit, _ := gitRepo.GetBranchCommit(opts.NewBranch)
expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String(), opts.TreePath)
2019-05-11 15:29:17 +00:00
// assert that the old file no longer exists in the last commit of the branch
fromEntry, err := commit.GetTreeEntryByPath(opts.FromTreePath)
switch err.(type) {
case git.ErrNotExist:
// correct, continue
default:
t.Fatalf("expected git.ErrNotExist, got:%v", err)
}
2019-05-11 15:29:17 +00:00
toEntry, err := commit.GetTreeEntryByPath(opts.TreePath)
assert.NoError(t, err)
2019-05-11 15:29:17 +00:00
assert.Nil(t, fromEntry) // Should no longer exist here
assert.NotNil(t, toEntry) // Should exist here
// assert SHA has remained the same but paths use the new file name
assert.EqualValues(t, expectedFileResponse.Content.SHA, fileResponse.Content.SHA)
assert.EqualValues(t, expectedFileResponse.Content.Name, fileResponse.Content.Name)
assert.EqualValues(t, expectedFileResponse.Content.Path, fileResponse.Content.Path)
assert.EqualValues(t, expectedFileResponse.Content.URL, fileResponse.Content.URL)
2019-05-11 15:29:17 +00:00
assert.EqualValues(t, expectedFileResponse.Commit.SHA, fileResponse.Commit.SHA)
assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, fileResponse.Commit.HTMLURL)
})
}
// Test opts with branch names removed, should get same results as above test
func TestCreateOrUpdateRepoFileWithoutBranchNames(t *testing.T) {
// setup
onGiteaRun(t, func(t *testing.T, u *url.URL) {
ctx := test.MockContext(t, "user2/repo1")
ctx.SetParams(":id", "1")
test.LoadRepo(t, ctx, 1)
test.LoadRepoCommit(t, ctx)
test.LoadUser(t, ctx, 2)
test.LoadGitRepo(t, ctx)
defer ctx.Repo.GitRepo.Close()
2019-05-11 15:29:17 +00:00
repo := ctx.Repo.Repository
doer := ctx.User
opts := getUpdateRepoFileOptions(repo)
opts.OldBranch = ""
opts.NewBranch = ""
// test
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
// asserts
assert.NoError(t, err)
2019-05-11 15:29:17 +00:00
gitRepo, _ := git.OpenRepository(repo.RepoPath())
defer gitRepo.Close()
2019-05-11 15:29:17 +00:00
commitID, _ := gitRepo.GetBranchCommitID(repo.DefaultBranch)
expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commitID, opts.TreePath)
2019-05-11 15:29:17 +00:00
assert.EqualValues(t, expectedFileResponse.Content, fileResponse.Content)
})
}
func TestCreateOrUpdateRepoFileErrors(t *testing.T) {
// setup
onGiteaRun(t, func(t *testing.T, u *url.URL) {
ctx := test.MockContext(t, "user2/repo1")
ctx.SetParams(":id", "1")
test.LoadRepo(t, ctx, 1)
test.LoadRepoCommit(t, ctx)
test.LoadUser(t, ctx, 2)
test.LoadGitRepo(t, ctx)
defer ctx.Repo.GitRepo.Close()
2019-05-11 15:29:17 +00:00
repo := ctx.Repo.Repository
doer := ctx.User
t.Run("bad branch", func(t *testing.T) {
opts := getUpdateRepoFileOptions(repo)
opts.OldBranch = "bad_branch"
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
assert.Error(t, err)
assert.Nil(t, fileResponse)
expectedError := "branch does not exist [name: " + opts.OldBranch + "]"
assert.EqualError(t, err, expectedError)
})
t.Run("bad SHA", func(t *testing.T) {
opts := getUpdateRepoFileOptions(repo)
origSHA := opts.SHA
opts.SHA = "bad_sha"
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
assert.Nil(t, fileResponse)
assert.Error(t, err)
expectedError := "sha does not match [given: " + opts.SHA + ", expected: " + origSHA + "]"
assert.EqualError(t, err, expectedError)
})
t.Run("new branch already exists", func(t *testing.T) {
opts := getUpdateRepoFileOptions(repo)
opts.NewBranch = "develop"
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
assert.Nil(t, fileResponse)
assert.Error(t, err)
expectedError := "branch already exists [name: " + opts.NewBranch + "]"
assert.EqualError(t, err, expectedError)
})
t.Run("treePath is empty:", func(t *testing.T) {
opts := getUpdateRepoFileOptions(repo)
opts.TreePath = ""
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
assert.Nil(t, fileResponse)
assert.Error(t, err)
expectedError := "path contains a malformed path component [path: ]"
assert.EqualError(t, err, expectedError)
})
t.Run("treePath is a git directory:", func(t *testing.T) {
opts := getUpdateRepoFileOptions(repo)
opts.TreePath = ".git"
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
assert.Nil(t, fileResponse)
assert.Error(t, err)
expectedError := "path contains a malformed path component [path: " + opts.TreePath + "]"
assert.EqualError(t, err, expectedError)
})
t.Run("create file that already exists", func(t *testing.T) {
opts := getCreateRepoFileOptions(repo)
opts.TreePath = "README.md" // already exists
fileResponse, err := files_service.CreateOrUpdateRepoFile(git.DefaultContext, repo, doer, opts)
2019-05-11 15:29:17 +00:00
assert.Nil(t, fileResponse)
assert.Error(t, err)
expectedError := "repository file already exists [path: " + opts.TreePath + "]"
assert.EqualError(t, err, expectedError)
})
})
}