forked from Shiloh/githaven
da50be7360
Currently 'userxx' and 'orgxx' are both used as username in test files when the user type is org, which is confusing. This PR replaces all 'userxx' with 'orgxx' when the user type is org(`user.type==1`). Some non-trivial changes 1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 2. Change `end` in `issue reference` because 'org3' is one char shorter than 'user3' ![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954) 3. Change the search result number of `user/repo2` because `user3/repo21` can't be searched now ![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd) 4. Change the first org name getting from API because the result is ordered by alphabet asc and now `org 17` is before `org25` ![JW8U7NIO(J$H _YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548) ![)KFD411O4I8RB5ZOH7E0 Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5) Other modifications are just find all and replace all. Unit tests with SQLite are all passed. --------- Co-authored-by: caicandong <1290147055@qq.com>
151 lines
4.5 KiB
Go
151 lines
4.5 KiB
Go
// Copyright 2021 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package integration
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"testing"
|
|
|
|
auth_model "code.gitea.io/gitea/models/auth"
|
|
api "code.gitea.io/gitea/modules/structs"
|
|
"code.gitea.io/gitea/tests"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
type apiUserOrgPermTestCase struct {
|
|
LoginUser string
|
|
User string
|
|
Organization string
|
|
ExpectedOrganizationPermissions api.OrganizationPermissions
|
|
}
|
|
|
|
func TestTokenNeeded(t *testing.T) {
|
|
defer tests.PrepareTestEnv(t)()
|
|
|
|
req := NewRequest(t, "GET", "/api/v1/users/user1/orgs/org6/permissions")
|
|
MakeRequest(t, req, http.StatusUnauthorized)
|
|
}
|
|
|
|
func sampleTest(t *testing.T, auoptc apiUserOrgPermTestCase) {
|
|
defer tests.PrepareTestEnv(t)()
|
|
|
|
session := loginUser(t, auoptc.LoginUser)
|
|
token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadUser)
|
|
|
|
req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/%s/orgs/%s/permissions?token=%s", auoptc.User, auoptc.Organization, token))
|
|
resp := MakeRequest(t, req, http.StatusOK)
|
|
|
|
var apiOP api.OrganizationPermissions
|
|
DecodeJSON(t, resp, &apiOP)
|
|
assert.Equal(t, auoptc.ExpectedOrganizationPermissions.IsOwner, apiOP.IsOwner)
|
|
assert.Equal(t, auoptc.ExpectedOrganizationPermissions.IsAdmin, apiOP.IsAdmin)
|
|
assert.Equal(t, auoptc.ExpectedOrganizationPermissions.CanWrite, apiOP.CanWrite)
|
|
assert.Equal(t, auoptc.ExpectedOrganizationPermissions.CanRead, apiOP.CanRead)
|
|
assert.Equal(t, auoptc.ExpectedOrganizationPermissions.CanCreateRepository, apiOP.CanCreateRepository)
|
|
}
|
|
|
|
func TestWithOwnerUser(t *testing.T) {
|
|
sampleTest(t, apiUserOrgPermTestCase{
|
|
LoginUser: "user2",
|
|
User: "user2",
|
|
Organization: "org3",
|
|
ExpectedOrganizationPermissions: api.OrganizationPermissions{
|
|
IsOwner: true,
|
|
IsAdmin: true,
|
|
CanWrite: true,
|
|
CanRead: true,
|
|
CanCreateRepository: true,
|
|
},
|
|
})
|
|
}
|
|
|
|
func TestCanWriteUser(t *testing.T) {
|
|
sampleTest(t, apiUserOrgPermTestCase{
|
|
LoginUser: "user4",
|
|
User: "user4",
|
|
Organization: "org3",
|
|
ExpectedOrganizationPermissions: api.OrganizationPermissions{
|
|
IsOwner: false,
|
|
IsAdmin: false,
|
|
CanWrite: true,
|
|
CanRead: true,
|
|
CanCreateRepository: false,
|
|
},
|
|
})
|
|
}
|
|
|
|
func TestAdminUser(t *testing.T) {
|
|
sampleTest(t, apiUserOrgPermTestCase{
|
|
LoginUser: "user1",
|
|
User: "user28",
|
|
Organization: "org3",
|
|
ExpectedOrganizationPermissions: api.OrganizationPermissions{
|
|
IsOwner: false,
|
|
IsAdmin: true,
|
|
CanWrite: true,
|
|
CanRead: true,
|
|
CanCreateRepository: true,
|
|
},
|
|
})
|
|
}
|
|
|
|
func TestAdminCanNotCreateRepo(t *testing.T) {
|
|
sampleTest(t, apiUserOrgPermTestCase{
|
|
LoginUser: "user1",
|
|
User: "user28",
|
|
Organization: "org6",
|
|
ExpectedOrganizationPermissions: api.OrganizationPermissions{
|
|
IsOwner: false,
|
|
IsAdmin: true,
|
|
CanWrite: true,
|
|
CanRead: true,
|
|
CanCreateRepository: false,
|
|
},
|
|
})
|
|
}
|
|
|
|
func TestCanReadUser(t *testing.T) {
|
|
sampleTest(t, apiUserOrgPermTestCase{
|
|
LoginUser: "user1",
|
|
User: "user24",
|
|
Organization: "org25",
|
|
ExpectedOrganizationPermissions: api.OrganizationPermissions{
|
|
IsOwner: false,
|
|
IsAdmin: false,
|
|
CanWrite: false,
|
|
CanRead: true,
|
|
CanCreateRepository: false,
|
|
},
|
|
})
|
|
}
|
|
|
|
func TestUnknowUser(t *testing.T) {
|
|
defer tests.PrepareTestEnv(t)()
|
|
|
|
session := loginUser(t, "user1")
|
|
token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser, auth_model.AccessTokenScopeReadOrganization)
|
|
|
|
req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/unknow/orgs/org25/permissions?token=%s", token))
|
|
resp := MakeRequest(t, req, http.StatusNotFound)
|
|
|
|
var apiError api.APIError
|
|
DecodeJSON(t, resp, &apiError)
|
|
assert.Equal(t, "user redirect does not exist [name: unknow]", apiError.Message)
|
|
}
|
|
|
|
func TestUnknowOrganization(t *testing.T) {
|
|
defer tests.PrepareTestEnv(t)()
|
|
|
|
session := loginUser(t, "user1")
|
|
token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser, auth_model.AccessTokenScopeReadOrganization)
|
|
|
|
req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/user1/orgs/unknow/permissions?token=%s", token))
|
|
resp := MakeRequest(t, req, http.StatusNotFound)
|
|
var apiError api.APIError
|
|
DecodeJSON(t, resp, &apiError)
|
|
assert.Equal(t, "GetUserByName", apiError.Message)
|
|
}
|