gitea/tests/integration/org_project_test.go

// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package integration

import (
	"net/http"
	"slices"
	"testing"

	unit_model "code.gitea.io/gitea/models/unit"
	"code.gitea.io/gitea/tests"
)

func TestOrgProjectAccess(t *testing.T) {
	defer tests.PrepareTestEnv(t)()

	disabledRepoUnits := unit_model.DisabledRepoUnitsGet()
	unit_model.DisabledRepoUnitsSet(append(slices.Clone(disabledRepoUnits), unit_model.TypeProjects))
	defer unit_model.DisabledRepoUnitsSet(disabledRepoUnits)

	// repo project, 404
	req := NewRequest(t, "GET", "/user2/repo1/projects")
	MakeRequest(t, req, http.StatusNotFound)

	// user project, 200
	req = NewRequest(t, "GET", "/user2/-/projects")
	MakeRequest(t, req, http.StatusOK)

	// org project, 200
	req = NewRequest(t, "GET", "/org3/-/projects")
	MakeRequest(t, req, http.StatusOK)

	// change the org's visibility to private
	session := loginUser(t, "user2")
	req = NewRequestWithValues(t, "POST", "/org/org3/settings", map[string]string{
		"_csrf":      GetCSRF(t, session, "/org3/-/projects"),
		"name":       "org3",
		"visibility": "2",
	})
	session.MakeRequest(t, req, http.StatusSeeOther)

	// user4 can still access the org's project because its team(team1) has the permission
	session = loginUser(t, "user4")
	req = NewRequest(t, "GET", "/org3/-/projects")
	session.MakeRequest(t, req, http.StatusOK)

	// disable team1's project unit
	session = loginUser(t, "user2")
	req = NewRequestWithValues(t, "POST", "/org/org3/teams/team1/edit", map[string]string{
		"_csrf":       GetCSRF(t, session, "/org3/-/projects"),
		"team_name":   "team1",
		"repo_access": "specific",
		"permission":  "read",
		"unit_8":      "0",
	})
	session.MakeRequest(t, req, http.StatusSeeOther)

	// user4 can no longer access the org's project
	session = loginUser(t, "user4")
	req = NewRequest(t, "GET", "/org3/-/projects")
	session.MakeRequest(t, req, http.StatusNotFound)
}
Fix access check for org-level project (#26182) Fix #25934 Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global disabled units when `ignoreGlobal` is true. So the org-level projects and user-level projects won't be affected by global disabled `repo.projects` unit. 2023-07-29 14:13:24 +00:00			`// Copyright 2023 The Gitea Authors. All rights reserved.`
			`// SPDX-License-Identifier: MIT`

			`package integration`

			`import (`
			`"net/http"`
Fix various problems around projects board view (#30696) # The problem The previous implementation will start multiple POST requests from the frontend when moving a column and another bug is moving the default column will never be remembered in fact. # What's changed - [x] This PR will allow the default column to move to a non-first position - [x] And it also uses one request instead of multiple requests when moving the columns - [x] Use a star instead of a pin as the icon for setting the default column action - [x] Inserted new column will be append to the end - [x] Fix #30701 the newly added issue will be append to the end of the default column - [x] Fix when deleting a column, all issues in it will be displayed from UI but database records exist. - [x] Add a limitation for columns in a project to 20. So the sorting will not be overflow because it's int8. --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> 2024-05-08 13:44:57 +00:00			`"slices"`
Fix access check for org-level project (#26182) Fix #25934 Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global disabled units when `ignoreGlobal` is true. So the org-level projects and user-level projects won't be affected by global disabled `repo.projects` unit. 2023-07-29 14:13:24 +00:00			`"testing"`

			`unit_model "code.gitea.io/gitea/models/unit"`
			`"code.gitea.io/gitea/tests"`
			`)`

			`func TestOrgProjectAccess(t *testing.T) {`
			`defer tests.PrepareTestEnv(t)()`
Fix data-race during testing (#30999) Fix #30992 2024-05-20 04:35:38 +00:00
			`disabledRepoUnits := unit_model.DisabledRepoUnitsGet()`
			`unit_model.DisabledRepoUnitsSet(append(slices.Clone(disabledRepoUnits), unit_model.TypeProjects))`
			`defer unit_model.DisabledRepoUnitsSet(disabledRepoUnits)`
Fix access check for org-level project (#26182) Fix #25934 Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global disabled units when `ignoreGlobal` is true. So the org-level projects and user-level projects won't be affected by global disabled `repo.projects` unit. 2023-07-29 14:13:24 +00:00
			`// repo project, 404`
			`req := NewRequest(t, "GET", "/user2/repo1/projects")`
			`MakeRequest(t, req, http.StatusNotFound)`

			`// user project, 200`
			`req = NewRequest(t, "GET", "/user2/-/projects")`
			`MakeRequest(t, req, http.StatusOK)`

			`// org project, 200`
Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) Currently 'userxx' and 'orgxx' are both used as username in test files when the user type is org, which is confusing. This PR replaces all 'userxx' with 'orgxx' when the user type is org(`user.type==1`). Some non-trivial changes 1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 2. Change `end` in `issue reference` because 'org3' is one char shorter than 'user3' ![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954) 3. Change the search result number of `user/repo2` because `user3/repo21` can't be searched now ![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd) 4. Change the first org name getting from API because the result is ordered by alphabet asc and now `org 17` is before `org25` ![JW8U7NIO(J$H _YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548) ![)KFD411O4I8RB5ZOH7E0 Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5) Other modifications are just find all and replace all. Unit tests with SQLite are all passed. --------- Co-authored-by: caicandong <1290147055@qq.com> 2023-09-14 02:59:53 +00:00			`req = NewRequest(t, "GET", "/org3/-/projects")`
Fix access check for org-level project (#26182) Fix #25934 Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global disabled units when `ignoreGlobal` is true. So the org-level projects and user-level projects won't be affected by global disabled `repo.projects` unit. 2023-07-29 14:13:24 +00:00			`MakeRequest(t, req, http.StatusOK)`

			`// change the org's visibility to private`
			`session := loginUser(t, "user2")`
Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) Currently 'userxx' and 'orgxx' are both used as username in test files when the user type is org, which is confusing. This PR replaces all 'userxx' with 'orgxx' when the user type is org(`user.type==1`). Some non-trivial changes 1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 2. Change `end` in `issue reference` because 'org3' is one char shorter than 'user3' ![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954) 3. Change the search result number of `user/repo2` because `user3/repo21` can't be searched now ![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd) 4. Change the first org name getting from API because the result is ordered by alphabet asc and now `org 17` is before `org25` ![JW8U7NIO(J$H _YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548) ![)KFD411O4I8RB5ZOH7E0 Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5) Other modifications are just find all and replace all. Unit tests with SQLite are all passed. --------- Co-authored-by: caicandong <1290147055@qq.com> 2023-09-14 02:59:53 +00:00			`req = NewRequestWithValues(t, "POST", "/org/org3/settings", map[string]string{`
			`"_csrf": GetCSRF(t, session, "/org3/-/projects"),`
			`"name": "org3",`
Fix access check for org-level project (#26182) Fix #25934 Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global disabled units when `ignoreGlobal` is true. So the org-level projects and user-level projects won't be affected by global disabled `repo.projects` unit. 2023-07-29 14:13:24 +00:00			`"visibility": "2",`
			`})`
			`session.MakeRequest(t, req, http.StatusSeeOther)`

			`// user4 can still access the org's project because its team(team1) has the permission`
			`session = loginUser(t, "user4")`
Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) Currently 'userxx' and 'orgxx' are both used as username in test files when the user type is org, which is confusing. This PR replaces all 'userxx' with 'orgxx' when the user type is org(`user.type==1`). Some non-trivial changes 1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 2. Change `end` in `issue reference` because 'org3' is one char shorter than 'user3' ![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954) 3. Change the search result number of `user/repo2` because `user3/repo21` can't be searched now ![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd) 4. Change the first org name getting from API because the result is ordered by alphabet asc and now `org 17` is before `org25` ![JW8U7NIO(J$H _YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548) ![)KFD411O4I8RB5ZOH7E0 Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5) Other modifications are just find all and replace all. Unit tests with SQLite are all passed. --------- Co-authored-by: caicandong <1290147055@qq.com> 2023-09-14 02:59:53 +00:00			`req = NewRequest(t, "GET", "/org3/-/projects")`
Fix access check for org-level project (#26182) Fix #25934 Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global disabled units when `ignoreGlobal` is true. So the org-level projects and user-level projects won't be affected by global disabled `repo.projects` unit. 2023-07-29 14:13:24 +00:00			`session.MakeRequest(t, req, http.StatusOK)`

			`// disable team1's project unit`
			`session = loginUser(t, "user2")`
Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) Currently 'userxx' and 'orgxx' are both used as username in test files when the user type is org, which is confusing. This PR replaces all 'userxx' with 'orgxx' when the user type is org(`user.type==1`). Some non-trivial changes 1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 2. Change `end` in `issue reference` because 'org3' is one char shorter than 'user3' ![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954) 3. Change the search result number of `user/repo2` because `user3/repo21` can't be searched now ![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd) 4. Change the first org name getting from API because the result is ordered by alphabet asc and now `org 17` is before `org25` ![JW8U7NIO(J$H _YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548) ![)KFD411O4I8RB5ZOH7E0 Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5) Other modifications are just find all and replace all. Unit tests with SQLite are all passed. --------- Co-authored-by: caicandong <1290147055@qq.com> 2023-09-14 02:59:53 +00:00			`req = NewRequestWithValues(t, "POST", "/org/org3/teams/team1/edit", map[string]string{`
			`"_csrf": GetCSRF(t, session, "/org3/-/projects"),`
Fix access check for org-level project (#26182) Fix #25934 Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global disabled units when `ignoreGlobal` is true. So the org-level projects and user-level projects won't be affected by global disabled `repo.projects` unit. 2023-07-29 14:13:24 +00:00			`"team_name": "team1",`
			`"repo_access": "specific",`
			`"permission": "read",`
			`"unit_8": "0",`
			`})`
			`session.MakeRequest(t, req, http.StatusSeeOther)`

			`// user4 can no longer access the org's project`
			`session = loginUser(t, "user4")`
Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) Currently 'userxx' and 'orgxx' are both used as username in test files when the user type is org, which is confusing. This PR replaces all 'userxx' with 'orgxx' when the user type is org(`user.type==1`). Some non-trivial changes 1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 2. Change `end` in `issue reference` because 'org3' is one char shorter than 'user3' ![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954) 3. Change the search result number of `user/repo2` because `user3/repo21` can't be searched now ![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd) 4. Change the first org name getting from API because the result is ordered by alphabet asc and now `org 17` is before `org25` ![JW8U7NIO(J$H _YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548) ![)KFD411O4I8RB5ZOH7E0 Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5) Other modifications are just find all and replace all. Unit tests with SQLite are all passed. --------- Co-authored-by: caicandong <1290147055@qq.com> 2023-09-14 02:59:53 +00:00			`req = NewRequest(t, "GET", "/org3/-/projects")`
Fix access check for org-level project (#26182) Fix #25934 Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global disabled units when `ignoreGlobal` is true. So the org-level projects and user-level projects won't be affected by global disabled `repo.projects` unit. 2023-07-29 14:13:24 +00:00			`session.MakeRequest(t, req, http.StatusNotFound)`
			`}`