forked from Shiloh/githaven
9106514e51
Adds the missing user secrets API integration tests so #27829 does not happen again
99 lines
2.4 KiB
Go
99 lines
2.4 KiB
Go
// Copyright 2023 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package integration
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"testing"
|
|
|
|
auth_model "code.gitea.io/gitea/models/auth"
|
|
api "code.gitea.io/gitea/modules/structs"
|
|
"code.gitea.io/gitea/tests"
|
|
)
|
|
|
|
func TestAPIUserSecrets(t *testing.T) {
|
|
defer tests.PrepareTestEnv(t)()
|
|
|
|
session := loginUser(t, "user1")
|
|
token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteUser)
|
|
|
|
t.Run("Create", func(t *testing.T) {
|
|
cases := []struct {
|
|
Name string
|
|
ExpectedStatus int
|
|
}{
|
|
{
|
|
Name: "",
|
|
ExpectedStatus: http.StatusNotFound,
|
|
},
|
|
{
|
|
Name: "-",
|
|
ExpectedStatus: http.StatusBadRequest,
|
|
},
|
|
{
|
|
Name: "_",
|
|
ExpectedStatus: http.StatusCreated,
|
|
},
|
|
{
|
|
Name: "secret",
|
|
ExpectedStatus: http.StatusCreated,
|
|
},
|
|
{
|
|
Name: "2secret",
|
|
ExpectedStatus: http.StatusBadRequest,
|
|
},
|
|
{
|
|
Name: "GITEA_secret",
|
|
ExpectedStatus: http.StatusBadRequest,
|
|
},
|
|
{
|
|
Name: "GITHUB_secret",
|
|
ExpectedStatus: http.StatusBadRequest,
|
|
},
|
|
}
|
|
|
|
for _, c := range cases {
|
|
req := NewRequestWithJSON(t, "PUT", fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", c.Name, token), api.CreateOrUpdateSecretOption{
|
|
Data: "data",
|
|
})
|
|
MakeRequest(t, req, c.ExpectedStatus)
|
|
}
|
|
})
|
|
|
|
t.Run("Update", func(t *testing.T) {
|
|
name := "update_secret"
|
|
url := fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", name, token)
|
|
|
|
req := NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
|
|
Data: "initial",
|
|
})
|
|
MakeRequest(t, req, http.StatusCreated)
|
|
|
|
req = NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
|
|
Data: "changed",
|
|
})
|
|
MakeRequest(t, req, http.StatusNoContent)
|
|
})
|
|
|
|
t.Run("Delete", func(t *testing.T) {
|
|
name := "delete_secret"
|
|
url := fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", name, token)
|
|
|
|
req := NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
|
|
Data: "initial",
|
|
})
|
|
MakeRequest(t, req, http.StatusCreated)
|
|
|
|
req = NewRequest(t, "DELETE", url)
|
|
MakeRequest(t, req, http.StatusNoContent)
|
|
|
|
req = NewRequest(t, "DELETE", url)
|
|
MakeRequest(t, req, http.StatusNotFound)
|
|
|
|
req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/actions/secrets/000?token=%s", token))
|
|
MakeRequest(t, req, http.StatusBadRequest)
|
|
})
|
|
}
|