tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-12-07 13:28:25 +00:00
Code Releases Activity

Merge branch 'main' into lunny/automerge_support_delete_branch

Browse Source
This commit is contained in:
Lunny Xiao
2024-11-21 21:28:18 -08:00
parent c1241505df 81ac8d914c
commit 7cddaeb9c4
408 changed files with 8986 additions and 8235 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/integration/README.md
+2 -12
View File
@@ -99,18 +99,8 @@ We appreciate that some testing machines may not be very powerful and
the default timeouts for declaring a slow test or a slow clean-up flush
may not be appropriate.
You can either:
* Within the test ini file set the following section:
```ini
[integration-tests]
SLOW_TEST = 10s ; 10s is the default value
SLOW_FLUSH = 5S ; 5s is the default value
```
* Set the following environment variables:
You can set the following environment variables:
```bash
GITEA_SLOW_TEST_TIME="10s" GITEA_SLOW_FLUSH_TIME="5s" make test-sqlite
GITEA_TEST_SLOW_RUN="10s" GITEA_TEST_SLOW_FLUSH="1s" make test-sqlite
```
tests/integration/api_fork_test.go
+80
View File
@@ -7,8 +7,16 @@ import (
"net/http"
"testing"
"code.gitea.io/gitea/models"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
org_model "code.gitea.io/gitea/models/organization"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
api "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
)
func TestCreateForkNoLogin(t *testing.T) {
@@ -16,3 +24,75 @@ func TestCreateForkNoLogin(t *testing.T) {
req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/forks", &api.CreateForkOption{})
MakeRequest(t, req, http.StatusUnauthorized)
}
func TestAPIForkListLimitedAndPrivateRepos(t *testing.T) {
defer tests.PrepareTestEnv(t)()
user1Sess := loginUser(t, "user1")
user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user1"})
// fork into a limited org
limitedOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 22})
assert.EqualValues(t, api.VisibleTypeLimited, limitedOrg.Visibility)
ownerTeam1, err := org_model.OrgFromUser(limitedOrg).GetOwnerTeam(db.DefaultContext)
assert.NoError(t, err)
assert.NoError(t, models.AddTeamMember(db.DefaultContext, ownerTeam1, user1))
user1Token := getTokenForLoggedInUser(t, user1Sess, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteOrganization)
req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/forks", &api.CreateForkOption{
Organization: &limitedOrg.Name,
}).AddTokenAuth(user1Token)
MakeRequest(t, req, http.StatusAccepted)
// fork into a private org
user4Sess := loginUser(t, "user4")
user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user4"})
privateOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 23})
assert.EqualValues(t, api.VisibleTypePrivate, privateOrg.Visibility)
ownerTeam2, err := org_model.OrgFromUser(privateOrg).GetOwnerTeam(db.DefaultContext)
assert.NoError(t, err)
assert.NoError(t, models.AddTeamMember(db.DefaultContext, ownerTeam2, user4))
user4Token := getTokenForLoggedInUser(t, user4Sess, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteOrganization)
req = NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/forks", &api.CreateForkOption{
Organization: &privateOrg.Name,
}).AddTokenAuth(user4Token)
MakeRequest(t, req, http.StatusAccepted)
t.Run("Anonymous", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/forks")
resp := MakeRequest(t, req, http.StatusOK)
var forks []*api.Repository
DecodeJSON(t, resp, &forks)
assert.Empty(t, forks)
assert.EqualValues(t, "0", resp.Header().Get("X-Total-Count"))
})
t.Run("Logged in", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/forks").AddTokenAuth(user1Token)
resp := MakeRequest(t, req, http.StatusOK)
var forks []*api.Repository
DecodeJSON(t, resp, &forks)
assert.Len(t, forks, 1)
assert.EqualValues(t, "1", resp.Header().Get("X-Total-Count"))
assert.NoError(t, models.AddTeamMember(db.DefaultContext, ownerTeam2, user1))
req = NewRequest(t, "GET", "/api/v1/repos/user2/repo1/forks").AddTokenAuth(user1Token)
resp = MakeRequest(t, req, http.StatusOK)
forks = []*api.Repository{}
DecodeJSON(t, resp, &forks)
assert.Len(t, forks, 2)
assert.EqualValues(t, "2", resp.Header().Get("X-Total-Count"))
})
}
tests/integration/api_repo_file_get_test.go
+2 -2
View File
@@ -39,11 +39,11 @@ func TestAPIGetRawFileOrLFS(t *testing.T) {
t.Run("Partial Clone", doPartialGitClone(dstPath2, u))
lfs, _ := lfsCommitAndPushTest(t, dstPath)
lfs := lfsCommitAndPushTest(t, dstPath, testFileSizeSmall)[0]
reqLFS := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/media/"+lfs)
respLFS := MakeRequestNilResponseRecorder(t, reqLFS, http.StatusOK)
assert.Equal(t, littleSize, respLFS.Length)
assert.Equal(t, testFileSizeSmall, respLFS.Length)
doAPIDeleteRepository(httpContext)
})
tests/integration/api_twofa_test.go
+53
View File
@@ -53,3 +53,56 @@ func TestAPITwoFactor(t *testing.T) {
req.Header.Set("X-Gitea-OTP", passcode)
MakeRequest(t, req, http.StatusOK)
}
func TestBasicAuthWithWebAuthn(t *testing.T) {
defer tests.PrepareTestEnv(t)()
// user1 has no webauthn enrolled, he can request API with basic auth
user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
unittest.AssertNotExistsBean(t, &auth_model.WebAuthnCredential{UserID: user1.ID})
req := NewRequest(t, "GET", "/api/v1/user")
req.SetBasicAuth(user1.Name, "password")
MakeRequest(t, req, http.StatusOK)
// user1 has no webauthn enrolled, he can request git protocol with basic auth
req = NewRequest(t, "GET", "/user2/repo1/info/refs")
req.SetBasicAuth(user1.Name, "password")
MakeRequest(t, req, http.StatusOK)
// user1 has no webauthn enrolled, he can request container package with basic auth
req = NewRequest(t, "GET", "/v2/token")
req.SetBasicAuth(user1.Name, "password")
resp := MakeRequest(t, req, http.StatusOK)
type tokenResponse struct {
Token string `json:"token"`
}
var tokenParsed tokenResponse
DecodeJSON(t, resp, &tokenParsed)
assert.NotEmpty(t, tokenParsed.Token)
// user32 has webauthn enrolled, he can't request API with basic auth
user32 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 32})
unittest.AssertExistsAndLoadBean(t, &auth_model.WebAuthnCredential{UserID: user32.ID})
req = NewRequest(t, "GET", "/api/v1/user")
req.SetBasicAuth(user32.Name, "notpassword")
resp = MakeRequest(t, req, http.StatusUnauthorized)
type userResponse struct {
Message string `json:"message"`
}
var userParsed userResponse
DecodeJSON(t, resp, &userParsed)
assert.EqualValues(t, "Basic authorization is not allowed while webAuthn enrolled", userParsed.Message)
// user32 has webauthn enrolled, he can't request git protocol with basic auth
req = NewRequest(t, "GET", "/user2/repo1/info/refs")
req.SetBasicAuth(user32.Name, "notpassword")
MakeRequest(t, req, http.StatusUnauthorized)
// user32 has webauthn enrolled, he can't request container package with basic auth
req = NewRequest(t, "GET", "/v2/token")
req.SetBasicAuth(user1.Name, "notpassword")
MakeRequest(t, req, http.StatusUnauthorized)
}
tests/integration/db_collation_test.go
+4 -1
View File
@@ -73,9 +73,12 @@ func TestDatabaseCollation(t *testing.T) {
t.Run("Convert tables to utf8mb4_bin", func(t *testing.T) {
defer test.MockVariableValue(&setting.Database.CharsetCollation, "utf8mb4_bin")()
assert.NoError(t, db.ConvertDatabaseTable())
r, err := db.CheckCollations(x)
assert.NoError(t, err)
assert.EqualValues(t, "utf8mb4_bin", r.ExpectedCollation)
assert.NoError(t, db.ConvertDatabaseTable())
r, err = db.CheckCollations(x)
assert.NoError(t, err)
assert.Equal(t, "utf8mb4_bin", r.DatabaseCollation)
assert.True(t, r.CollationEquals(r.ExpectedCollation, r.DatabaseCollation))
assert.Empty(t, r.InconsistentCollationColumns)
tests/integration/git_test.go → tests/integration/git_general_test.go
+57 -183
View File
@@ -4,11 +4,10 @@
package integration
import (
"bytes"
"context"
"crypto/rand"
"encoding/hex"
"fmt"
"io"
mathRand "math/rand/v2"
"net/http"
"net/url"
"os"
@@ -26,27 +25,25 @@ import (
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/gitrepo"
"code.gitea.io/gitea/modules/lfs"
"code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
gitea_context "code.gitea.io/gitea/services/context"
files_service "code.gitea.io/gitea/services/repository/files"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
)
const (
littleSize = 1024 // 1ko
bigSize = 128 * 1024 * 1024 // 128Mo
testFileSizeSmall = 10
testFileSizeLarge = 10 * 1024 * 1024 // 10M
)
func TestGit(t *testing.T) {
onGiteaRun(t, testGit)
func TestGitGeneral(t *testing.T) {
onGiteaRun(t, testGitGeneral)
}
func testGit(t *testing.T, u *url.URL) {
func testGitGeneral(t *testing.T, u *url.URL) {
username := "user2"
baseAPITestContext := NewAPITestContext(t, username, "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
@@ -77,10 +74,10 @@ func testGit(t *testing.T, u *url.URL) {
t.Run("Partial Clone", doPartialGitClone(dstPath2, u))
little, big := standardCommitAndPushTest(t, dstPath)
littleLFS, bigLFS := lfsCommitAndPushTest(t, dstPath)
rawTest(t, &httpContext, little, big, littleLFS, bigLFS)
mediaTest(t, &httpContext, little, big, littleLFS, bigLFS)
pushedFilesStandard := standardCommitAndPushTest(t, dstPath, testFileSizeSmall, testFileSizeLarge)
pushedFilesLFS := lfsCommitAndPushTest(t, dstPath, testFileSizeSmall, testFileSizeLarge)
rawTest(t, &httpContext, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1])
mediaTest(t, &httpContext, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1])
t.Run("CreateAgitFlowPull", doCreateAgitFlowPull(dstPath, &httpContext, "test/head"))
t.Run("BranchProtectMerge", doBranchProtectPRMerge(&httpContext, dstPath))
@@ -89,8 +86,8 @@ func testGit(t *testing.T, u *url.URL) {
t.Run("MergeFork", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
t.Run("CreatePRAndMerge", doMergeFork(httpContext, forkedUserCtx, "master", httpContext.Username+":master"))
rawTest(t, &forkedUserCtx, little, big, littleLFS, bigLFS)
mediaTest(t, &forkedUserCtx, little, big, littleLFS, bigLFS)
rawTest(t, &forkedUserCtx, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1])
mediaTest(t, &forkedUserCtx, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1])
})
t.Run("PushCreate", doPushCreate(httpContext, u))
@@ -118,18 +115,18 @@ func testGit(t *testing.T, u *url.URL) {
t.Run("Clone", doGitClone(dstPath, sshURL))
little, big := standardCommitAndPushTest(t, dstPath)
littleLFS, bigLFS := lfsCommitAndPushTest(t, dstPath)
rawTest(t, &sshContext, little, big, littleLFS, bigLFS)
mediaTest(t, &sshContext, little, big, littleLFS, bigLFS)
pushedFilesStandard := standardCommitAndPushTest(t, dstPath, testFileSizeSmall, testFileSizeLarge)
pushedFilesLFS := lfsCommitAndPushTest(t, dstPath, testFileSizeSmall, testFileSizeLarge)
rawTest(t, &sshContext, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1])
mediaTest(t, &sshContext, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1])
t.Run("CreateAgitFlowPull", doCreateAgitFlowPull(dstPath, &sshContext, "test/head2"))
t.Run("BranchProtectMerge", doBranchProtectPRMerge(&sshContext, dstPath))
t.Run("MergeFork", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
t.Run("CreatePRAndMerge", doMergeFork(sshContext, forkedUserCtx, "master", sshContext.Username+":master"))
rawTest(t, &forkedUserCtx, little, big, littleLFS, bigLFS)
mediaTest(t, &forkedUserCtx, little, big, littleLFS, bigLFS)
rawTest(t, &forkedUserCtx, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1])
mediaTest(t, &forkedUserCtx, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1])
})
t.Run("PushCreate", doPushCreate(sshContext, sshURL))
@@ -142,16 +139,16 @@ func ensureAnonymousClone(t *testing.T, u *url.URL) {
t.Run("CloneAnonymous", doGitClone(dstLocalPath, u))
}
func standardCommitAndPushTest(t *testing.T, dstPath string) (little, big string) {
t.Run("Standard", func(t *testing.T) {
func standardCommitAndPushTest(t *testing.T, dstPath string, sizes ...int) (pushedFiles []string) {
t.Run("CommitAndPushStandard", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
little, big = commitAndPushTest(t, dstPath, "data-file-")
pushedFiles = commitAndPushTest(t, dstPath, "data-file-", sizes...)
})
return little, big
return pushedFiles
}
func lfsCommitAndPushTest(t *testing.T, dstPath string) (littleLFS, bigLFS string) {
t.Run("LFS", func(t *testing.T) {
func lfsCommitAndPushTest(t *testing.T, dstPath string, sizes ...int) (pushedFiles []string) {
t.Run("CommitAndPushLFS", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
prefix := "lfs-data-file-"
err := git.NewCommand(git.DefaultContext, "lfs").AddArguments("install").Run(&git.RunOpts{Dir: dstPath})
@@ -176,33 +173,23 @@ func lfsCommitAndPushTest(t *testing.T, dstPath string) (littleLFS, bigLFS strin
})
assert.NoError(t, err)
littleLFS, bigLFS = commitAndPushTest(t, dstPath, prefix)
pushedFiles = commitAndPushTest(t, dstPath, prefix, sizes...)
t.Run("Locks", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
lockTest(t, dstPath)
})
})
return littleLFS, bigLFS
return pushedFiles
}
func commitAndPushTest(t *testing.T, dstPath, prefix string) (little, big string) {
t.Run("PushCommit", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
t.Run("Little", func(t *testing.T) {
func commitAndPushTest(t *testing.T, dstPath, prefix string, sizes ...int) (pushedFiles []string) {
for _, size := range sizes {
t.Run("PushCommit Size-"+strconv.Itoa(size), func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
little = doCommitAndPush(t, littleSize, dstPath, prefix)
pushedFiles = append(pushedFiles, doCommitAndPush(t, size, dstPath, prefix))
})
t.Run("Big", func(t *testing.T) {
if testing.Short() {
t.Skip("Skipping test in short mode.")
return
}
defer tests.PrintCurrentTest(t)()
big = doCommitAndPush(t, bigSize, dstPath, prefix)
})
})
return little, big
}
return pushedFiles
}
func rawTest(t *testing.T, ctx *APITestContext, little, big, littleLFS, bigLFS string) {
@@ -216,14 +203,14 @@ func rawTest(t *testing.T, ctx *APITestContext, little, big, littleLFS, bigLFS s
// Request raw paths
req := NewRequest(t, "GET", path.Join("/", username, reponame, "/raw/branch/master/", little))
resp := session.MakeRequestNilResponseRecorder(t, req, http.StatusOK)
assert.Equal(t, littleSize, resp.Length)
assert.Equal(t, testFileSizeSmall, resp.Length)
if setting.LFS.StartServer {
req = NewRequest(t, "GET", path.Join("/", username, reponame, "/raw/branch/master/", littleLFS))
resp := session.MakeRequest(t, req, http.StatusOK)
assert.NotEqual(t, littleSize, resp.Body.Len())
assert.NotEqual(t, testFileSizeSmall, resp.Body.Len())
assert.LessOrEqual(t, resp.Body.Len(), 1024)
if resp.Body.Len() != littleSize && resp.Body.Len() <= 1024 {
if resp.Body.Len() != testFileSizeSmall && resp.Body.Len() <= 1024 {
assert.Contains(t, resp.Body.String(), lfs.MetaFileIdentifier)
}
}
@@ -231,13 +218,13 @@ func rawTest(t *testing.T, ctx *APITestContext, little, big, littleLFS, bigLFS s
if !testing.Short() {
req = NewRequest(t, "GET", path.Join("/", username, reponame, "/raw/branch/master/", big))
resp := session.MakeRequestNilResponseRecorder(t, req, http.StatusOK)
assert.Equal(t, bigSize, resp.Length)
assert.Equal(t, testFileSizeLarge, resp.Length)
if setting.LFS.StartServer {
req = NewRequest(t, "GET", path.Join("/", username, reponame, "/raw/branch/master/", bigLFS))
resp := session.MakeRequest(t, req, http.StatusOK)
assert.NotEqual(t, bigSize, resp.Body.Len())
if resp.Body.Len() != bigSize && resp.Body.Len() <= 1024 {
assert.NotEqual(t, testFileSizeLarge, resp.Body.Len())
if resp.Body.Len() != testFileSizeLarge && resp.Body.Len() <= 1024 {
assert.Contains(t, resp.Body.String(), lfs.MetaFileIdentifier)
}
}
@@ -257,21 +244,21 @@ func mediaTest(t *testing.T, ctx *APITestContext, little, big, littleLFS, bigLFS
// Request media paths
req := NewRequest(t, "GET", path.Join("/", username, reponame, "/media/branch/master/", little))
resp := session.MakeRequestNilResponseRecorder(t, req, http.StatusOK)
assert.Equal(t, littleSize, resp.Length)
assert.Equal(t, testFileSizeSmall, resp.Length)
req = NewRequest(t, "GET", path.Join("/", username, reponame, "/media/branch/master/", littleLFS))
resp = session.MakeRequestNilResponseRecorder(t, req, http.StatusOK)
assert.Equal(t, littleSize, resp.Length)
assert.Equal(t, testFileSizeSmall, resp.Length)
if !testing.Short() {
req = NewRequest(t, "GET", path.Join("/", username, reponame, "/media/branch/master/", big))
resp = session.MakeRequestNilResponseRecorder(t, req, http.StatusOK)
assert.Equal(t, bigSize, resp.Length)
assert.Equal(t, testFileSizeLarge, resp.Length)
if setting.LFS.StartServer {
req = NewRequest(t, "GET", path.Join("/", username, reponame, "/media/branch/master/", bigLFS))
resp = session.MakeRequestNilResponseRecorder(t, req, http.StatusOK)
assert.Equal(t, bigSize, resp.Length)
assert.Equal(t, testFileSizeLarge, resp.Length)
}
}
})
@@ -301,35 +288,19 @@ func doCommitAndPush(t *testing.T, size int, repoPath, prefix string) string {
}
func generateCommitWithNewData(size int, repoPath, email, fullName, prefix string) (string, error) {
// Generate random file
bufSize := 4 * 1024
if bufSize > size {
bufSize = size
}
buffer := make([]byte, bufSize)
tmpFile, err := os.CreateTemp(repoPath, prefix)
if err != nil {
return "", err
}
defer tmpFile.Close()
written := 0
for written < size {
n := size - written
if n > bufSize {
n = bufSize
}
_, err := rand.Read(buffer[:n])
if err != nil {
return "", err
}
n, err = tmpFile.Write(buffer[:n])
if err != nil {
return "", err
}
written += n
var seed [32]byte
rander := mathRand.NewChaCha8(seed) // for testing only, no need to seed
_, err = io.CopyN(tmpFile, rander, int64(size))
if err != nil {
return "", err
}
_ = tmpFile.Close()
// Commit
// Now here we should explicitly allow lfs filters to run
@@ -369,7 +340,7 @@ func doBranchProtectPRMerge(baseCtx *APITestContext, dstPath string) func(t *tes
// Try to push without permissions, which should fail
t.Run("TryPushWithoutPermissions", func(t *testing.T) {
_, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-")
_, err := generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "branch-data-file-")
assert.NoError(t, err)
doGitPushTestRepositoryFail(dstPath, "origin", "protected")
})
@@ -381,7 +352,7 @@ func doBranchProtectPRMerge(baseCtx *APITestContext, dstPath string) func(t *tes
// Normal push should work
t.Run("NormalPushWithPermissions", func(t *testing.T) {
_, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-")
_, err := generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "branch-data-file-")
assert.NoError(t, err)
doGitPushTestRepository(dstPath, "origin", "protected")
})
@@ -390,7 +361,7 @@ func doBranchProtectPRMerge(baseCtx *APITestContext, dstPath string) func(t *tes
t.Run("ForcePushWithoutForcePermissions", func(t *testing.T) {
t.Run("CreateDivergentHistory", func(t *testing.T) {
git.NewCommand(git.DefaultContext, "reset", "--hard", "HEAD~1").Run(&git.RunOpts{Dir: dstPath})
_, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-new")
_, err := generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "branch-data-file-new")
assert.NoError(t, err)
})
doGitPushTestRepositoryFail(dstPath, "-f", "origin", "protected")
@@ -425,7 +396,7 @@ func doBranchProtectPRMerge(baseCtx *APITestContext, dstPath string) func(t *tes
assert.NoError(t, err)
})
t.Run("GenerateCommit", func(t *testing.T) {
_, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-")
_, err := generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "branch-data-file-")
assert.NoError(t, err)
})
t.Run("PushToUnprotectedBranch", doGitPushTestRepository(dstPath, "origin", "protected:unprotected-2"))
@@ -440,7 +411,7 @@ func doBranchProtectPRMerge(baseCtx *APITestContext, dstPath string) func(t *tes
t.Run("ProtectProtectedBranchUnprotectedFilePaths", doProtectBranch(ctx, "protected", "", "", "unprotected-file-*"))
t.Run("GenerateCommit", func(t *testing.T) {
_, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "unprotected-file-")
_, err := generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "unprotected-file-")
assert.NoError(t, err)
})
t.Run("PushUnprotectedFilesToProtectedBranch", doGitPushTestRepository(dstPath, "origin", "protected"))
@@ -450,7 +421,7 @@ func doBranchProtectPRMerge(baseCtx *APITestContext, dstPath string) func(t *tes
t.Run("CheckoutMaster", doGitCheckoutBranch(dstPath, "master"))
t.Run("CreateBranchForced", doGitCreateBranch(dstPath, "toforce"))
t.Run("GenerateCommit", func(t *testing.T) {
_, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-")
_, err := generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "branch-data-file-")
assert.NoError(t, err)
})
t.Run("FailToForcePushToProtectedBranch", doGitPushTestRepositoryFail(dstPath, "-f", "origin", "toforce:protected"))
@@ -663,7 +634,7 @@ func doAutoPRMerge(baseCtx *APITestContext, dstPath string) func(t *testing.T) {
t.Run("CheckoutProtected", doGitCheckoutBranch(dstPath, "protected"))
t.Run("PullProtected", doGitPull(dstPath, "origin", "protected"))
t.Run("GenerateCommit", func(t *testing.T) {
_, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-")
_, err := generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "branch-data-file-")
assert.NoError(t, err)
})
t.Run("PushToUnprotectedBranch", doGitPushTestRepository(dstPath, "origin", "protected:unprotected3"))
@@ -903,100 +874,3 @@ func doCreateAgitFlowPull(dstPath string, ctx *APITestContext, headBranch string
t.Run("CheckoutMasterAgain", doGitCheckoutBranch(dstPath, "master"))
}
}
func TestDataAsync_Issue29101(t *testing.T) {
onGiteaRun(t, func(t *testing.T, u *url.URL) {
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
resp, err := files_service.ChangeRepoFiles(db.DefaultContext, repo, user, &files_service.ChangeRepoFilesOptions{
Files: []*files_service.ChangeRepoFile{
{
Operation: "create",
TreePath: "test.txt",
ContentReader: bytes.NewReader(make([]byte, 10000)),
},
},
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
})
assert.NoError(t, err)
sha := resp.Commit.SHA
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, repo)
assert.NoError(t, err)
commit, err := gitRepo.GetCommit(sha)
assert.NoError(t, err)
entry, err := commit.GetTreeEntryByPath("test.txt")
assert.NoError(t, err)
b := entry.Blob()
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()
r2, err := b.DataAsync()
assert.NoError(t, err)
defer r2.Close()
})
}
func TestAgitPullPush(t *testing.T) {
onGiteaRun(t, func(t *testing.T, u *url.URL) {
baseAPITestContext := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
u.Path = baseAPITestContext.GitPath()
u.User = url.UserPassword("user2", userPassword)
dstPath := t.TempDir()
doGitClone(dstPath, u)(t)
gitRepo, err := git.OpenRepository(context.Background(), dstPath)
assert.NoError(t, err)
defer gitRepo.Close()
doGitCreateBranch(dstPath, "test-agit-push")
// commit 1
_, err = generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-")
assert.NoError(t, err)
// push to create an agit pull request
err = git.NewCommand(git.DefaultContext, "push", "origin",
"-o", "title=test-title", "-o", "description=test-description",
"HEAD:refs/for/master/test-agit-push",
).Run(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err)
// check pull request exist
pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: 1, Flow: issues_model.PullRequestFlowAGit, HeadBranch: "user2/test-agit-push"})
assert.NoError(t, pr.LoadIssue(db.DefaultContext))
assert.Equal(t, "test-title", pr.Issue.Title)
assert.Equal(t, "test-description", pr.Issue.Content)
// commit 2
_, err = generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-2-")
assert.NoError(t, err)
// push 2
err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push").Run(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err)
// reset to first commit
err = git.NewCommand(git.DefaultContext, "reset", "--hard", "HEAD~1").Run(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err)
// test force push without confirm
_, stderr, err := git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push").RunStdString(&git.RunOpts{Dir: dstPath})
assert.Error(t, err)
assert.Contains(t, stderr, "[remote rejected] HEAD -> refs/for/master/test-agit-push (request `force-push` push option)")
// test force push with confirm
err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push", "-o", "force-push").Run(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err)
})
}
tests/integration/git_lfs_ssh_test.go
+63
View File
@@ -0,0 +1,63 @@
// Copyright 2024 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package integration
import (
gocontext "context"
"net/url"
"slices"
"strings"
"sync"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/web"
"code.gitea.io/gitea/routers/common"
"code.gitea.io/gitea/services/context"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestGitLFSSSH(t *testing.T) {
onGiteaRun(t, func(t *testing.T, u *url.URL) {
dstPath := t.TempDir()
apiTestContext := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
var mu sync.Mutex
var routerCalls []string
web.RouteMock(common.RouterMockPointCommonLFS, func(ctx *context.Base) {
mu.Lock()
routerCalls = append(routerCalls, ctx.Req.Method+" "+ctx.Req.URL.Path)
mu.Unlock()
})
withKeyFile(t, "my-testing-key", func(keyFile string) {
t.Run("CreateUserKey", doAPICreateUserKey(apiTestContext, "test-key", keyFile))
cloneURL := createSSHUrl(apiTestContext.GitPath(), u)
t.Run("Clone", doGitClone(dstPath, cloneURL))
cfg, err := setting.CfgProvider.PrepareSaving()
require.NoError(t, err)
cfg.Section("server").Key("LFS_ALLOW_PURE_SSH").SetValue("true")
setting.LFS.AllowPureSSH = true
require.NoError(t, cfg.Save())
_, _, cmdErr := git.NewCommand(gocontext.Background(), "config", "lfs.sshtransfer", "always").RunStdString(&git.RunOpts{Dir: dstPath})
assert.NoError(t, cmdErr)
lfsCommitAndPushTest(t, dstPath, 10)
})
countBatch := slices.ContainsFunc(routerCalls, func(s string) bool {
return strings.Contains(s, "POST /api/internal/repo/user2/repo1.git/info/lfs/objects/batch")
})
countUpload := slices.ContainsFunc(routerCalls, func(s string) bool {
return strings.Contains(s, "PUT /user2/repo1.git/info/lfs/objects/")
})
assert.NotZero(t, countBatch)
assert.NotZero(t, countUpload)
})
}
tests/integration/git_misc_test.go
+138
View File
@@ -0,0 +1,138 @@
// Copyright 2024 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package integration
import (
"bytes"
"context"
"io"
"net/url"
"sync"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
issues_model "code.gitea.io/gitea/models/issues"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/gitrepo"
files_service "code.gitea.io/gitea/services/repository/files"
"github.com/stretchr/testify/assert"
)
func TestDataAsyncDoubleRead_Issue29101(t *testing.T) {
onGiteaRun(t, func(t *testing.T, u *url.URL) {
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
testContent := bytes.Repeat([]byte{'a'}, 10000)
resp, err := files_service.ChangeRepoFiles(db.DefaultContext, repo, user, &files_service.ChangeRepoFilesOptions{
Files: []*files_service.ChangeRepoFile{
{
Operation: "create",
TreePath: "test.txt",
ContentReader: bytes.NewReader(testContent),
},
},
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
})
assert.NoError(t, err)
sha := resp.Commit.SHA
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, repo)
assert.NoError(t, err)
commit, err := gitRepo.GetCommit(sha)
assert.NoError(t, err)
entry, err := commit.GetTreeEntryByPath("test.txt")
assert.NoError(t, err)
b := entry.Blob()
r1, err := b.DataAsync()
assert.NoError(t, err)
defer r1.Close()
r2, err := b.DataAsync()
assert.NoError(t, err)
defer r2.Close()
var data1, data2 []byte
wg := sync.WaitGroup{}
wg.Add(2)
go func() {
data1, _ = io.ReadAll(r1)
assert.NoError(t, err)
wg.Done()
}()
go func() {
data2, _ = io.ReadAll(r2)
assert.NoError(t, err)
wg.Done()
}()
wg.Wait()
assert.Equal(t, testContent, data1)
assert.Equal(t, testContent, data2)
})
}
func TestAgitPullPush(t *testing.T) {
onGiteaRun(t, func(t *testing.T, u *url.URL) {
baseAPITestContext := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)
u.Path = baseAPITestContext.GitPath()
u.User = url.UserPassword("user2", userPassword)
dstPath := t.TempDir()
doGitClone(dstPath, u)(t)
gitRepo, err := git.OpenRepository(context.Background(), dstPath)
assert.NoError(t, err)
defer gitRepo.Close()
doGitCreateBranch(dstPath, "test-agit-push")
// commit 1
_, err = generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "branch-data-file-")
assert.NoError(t, err)
// push to create an agit pull request
err = git.NewCommand(git.DefaultContext, "push", "origin",
"-o", "title=test-title", "-o", "description=test-description",
"HEAD:refs/for/master/test-agit-push",
).Run(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err)
// check pull request exist
pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: 1, Flow: issues_model.PullRequestFlowAGit, HeadBranch: "user2/test-agit-push"})
assert.NoError(t, pr.LoadIssue(db.DefaultContext))
assert.Equal(t, "test-title", pr.Issue.Title)
assert.Equal(t, "test-description", pr.Issue.Content)
// commit 2
_, err = generateCommitWithNewData(testFileSizeSmall, dstPath, "user2@example.com", "User Two", "branch-data-file-2-")
assert.NoError(t, err)
// push 2
err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push").Run(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err)
// reset to first commit
err = git.NewCommand(git.DefaultContext, "reset", "--hard", "HEAD~1").Run(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err)
// test force push without confirm
_, stderr, err := git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push").RunStdString(&git.RunOpts{Dir: dstPath})
assert.Error(t, err)
assert.Contains(t, stderr, "[remote rejected] HEAD -> refs/for/master/test-agit-push (request `force-push` push option)")
// test force push with confirm
err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push", "-o", "force-push").Run(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err)
})
}
tests/integration/integration_test.go
+2 -26
View File
@@ -20,7 +20,6 @@ import (
"strings"
"sync/atomic"
"testing"
"time"
"code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/unittest"
@@ -28,7 +27,6 @@ import (
"code.gitea.io/gitea/modules/json"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/testlogger"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/web"
"code.gitea.io/gitea/routers"
@@ -90,27 +88,6 @@ func TestMain(m *testing.M) {
tests.InitTest(true)
testWebRoutes = routers.NormalRoutes()
// integration test settings...
if setting.CfgProvider != nil {
testingCfg := setting.CfgProvider.Section("integration-tests")
testlogger.SlowTest = testingCfg.Key("SLOW_TEST").MustDuration(testlogger.SlowTest)
testlogger.SlowFlush = testingCfg.Key("SLOW_FLUSH").MustDuration(testlogger.SlowFlush)
}
if os.Getenv("GITEA_SLOW_TEST_TIME") != "" {
duration, err := time.ParseDuration(os.Getenv("GITEA_SLOW_TEST_TIME"))
if err == nil {
testlogger.SlowTest = duration
}
}
if os.Getenv("GITEA_SLOW_FLUSH_TIME") != "" {
duration, err := time.ParseDuration(os.Getenv("GITEA_SLOW_FLUSH_TIME"))
if err == nil {
testlogger.SlowFlush = duration
}
}
os.Unsetenv("GIT_AUTHOR_NAME")
os.Unsetenv("GIT_AUTHOR_EMAIL")
os.Unsetenv("GIT_AUTHOR_DATE")
@@ -132,8 +109,6 @@ func TestMain(m *testing.M) {
// Instead, "No tests were found", last nonsense log is "According to the configuration, subsequent logs will not be printed to the console"
exitCode := m.Run()
testlogger.WriterCloser.Reset()
if err = util.RemoveAll(setting.Indexer.IssuePath); err != nil {
fmt.Printf("util.RemoveAll: %v\n", err)
os.Exit(1)
@@ -400,8 +375,9 @@ func MakeRequest(t testing.TB, rw *RequestWrapper, expectedStatus int) *httptest
}
testWebRoutes.ServeHTTP(recorder, req)
if expectedStatus != NoExpectedStatus {
if !assert.EqualValues(t, expectedStatus, recorder.Code, "Request: %s %s", req.Method, req.URL.String()) {
if expectedStatus != recorder.Code {
logUnexpectedResponse(t, recorder)
require.Equal(t, expectedStatus, recorder.Code, "Request: %s %s", req.Method, req.URL.String())
}
}
return recorder
tests/integration/lfs_view_test.go
+12 -5
View File
@@ -10,6 +10,8 @@ import (
"strings"
"testing"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/git"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
@@ -94,13 +96,18 @@ func TestLFSRender(t *testing.T) {
t.Run("Invalid", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
req := NewRequest(t, "GET", "/user2/lfs/src/branch/master/invalid")
// the LFS exists
req := NewRequest(t, "GET", "/user2/lfs/src/branch/master/CONTRIBUTING.md")
resp := session.MakeRequest(t, req, http.StatusOK)
content := NewHTMLParser(t, resp.Body).Find("div.file-view").Text()
assert.Contains(t, content, "Testing documents in LFS")
doc := NewHTMLParser(t, resp.Body).doc
content := doc.Find("div.file-view").Text()
assert.Contains(t, content, "oid sha256:9d178b5f15046343fd32f451df93acc2bdd9e6373be478b968e4cad6b6647351")
// then make it disappear
assert.NoError(t, db.TruncateBeans(db.DefaultContext, &git.LFSMetaObject{}))
req = NewRequest(t, "GET", "/user2/lfs/src/branch/master/CONTRIBUTING.md")
resp = session.MakeRequest(t, req, http.StatusOK)
content = NewHTMLParser(t, resp.Body).Find("div.file-view").Text()
assert.Contains(t, content, "oid sha256:7b6b2c88dba9f760a1a58469b67fee2b698ef7e9399c4ca4f34a14ccbe39f623")
})
}
tests/integration/linguist_test.go
+38 -35
View File
@@ -6,6 +6,7 @@ package integration
import (
"context"
"net/url"
"strconv"
"strings"
"testing"
"time"
@@ -19,6 +20,7 @@ import (
"code.gitea.io/gitea/modules/queue"
repo_service "code.gitea.io/gitea/services/repository"
files_service "code.gitea.io/gitea/services/repository/files"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
)
@@ -218,42 +220,43 @@ func TestLinguist(t *testing.T) {
}
for i, c := range cases {
repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
Name: "linguist-test",
t.Run("Case-"+strconv.Itoa(i), func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
Name: "linguist-test-" + strconv.Itoa(i),
})
assert.NoError(t, err)
files := []*files_service.ChangeRepoFile{
{
TreePath: ".gitattributes",
ContentReader: strings.NewReader(c.GitAttributesContent),
},
}
files = append(files, c.FilesToAdd...)
for _, f := range files {
f.Operation = "create"
}
_, err = files_service.ChangeRepoFiles(git.DefaultContext, repo, user, &files_service.ChangeRepoFilesOptions{
Files: files,
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
})
assert.NoError(t, err)
assert.NoError(t, stats.UpdateRepoIndexer(repo))
assert.NoError(t, queue.GetManager().FlushAll(context.Background(), 10*time.Second))
stats, err := repo_model.GetTopLanguageStats(db.DefaultContext, repo, len(c.FilesToAdd))
assert.NoError(t, err)
languages := make([]string, 0, len(stats))
for _, s := range stats {
languages = append(languages, s.Language)
}
assert.Equal(t, c.ExpectedLanguageOrder, languages, "case %d: unexpected language stats", i)
})
assert.NoError(t, err)
files := []*files_service.ChangeRepoFile{
{
TreePath: ".gitattributes",
ContentReader: strings.NewReader(c.GitAttributesContent),
},
}
files = append(files, c.FilesToAdd...)
for _, f := range files {
f.Operation = "create"
}
_, err = files_service.ChangeRepoFiles(git.DefaultContext, repo, user, &files_service.ChangeRepoFilesOptions{
Files: files,
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
})
assert.NoError(t, err)
assert.NoError(t, stats.UpdateRepoIndexer(repo))
assert.NoError(t, queue.GetManager().FlushAll(context.Background(), 10*time.Second))
stats, err := repo_model.GetTopLanguageStats(db.DefaultContext, repo, len(c.FilesToAdd))
assert.NoError(t, err)
languages := make([]string, 0, len(stats))
for _, s := range stats {
languages = append(languages, s.Language)
}
assert.Equal(t, c.ExpectedLanguageOrder, languages, "case %d: unexpected language stats", i)
assert.NoError(t, repo_service.DeleteRepository(db.DefaultContext, user, repo, false))
}
})
}
tests/integration/markup_external_test.go
+24 -3
View File
@@ -10,6 +10,8 @@ import (
"strings"
"testing"
"code.gitea.io/gitea/modules/markup"
"code.gitea.io/gitea/modules/markup/external"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/tests"
@@ -23,10 +25,9 @@ func TestExternalMarkupRenderer(t *testing.T) {
return
}
const repoURL = "user30/renderer"
req := NewRequest(t, "GET", repoURL+"/src/branch/master/README.html")
req := NewRequest(t, "GET", "/user30/renderer/src/branch/master/README.html")
resp := MakeRequest(t, req, http.StatusOK)
assert.EqualValues(t, "text/html; charset=utf-8", resp.Header()["Content-Type"][0])
assert.EqualValues(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
bs, err := io.ReadAll(resp.Body)
assert.NoError(t, err)
@@ -36,4 +37,24 @@ func TestExternalMarkupRenderer(t *testing.T) {
data, err := div.Html()
assert.NoError(t, err)
assert.EqualValues(t, "<div>\n\ttest external renderer\n</div>", strings.TrimSpace(data))
r := markup.GetRendererByFileName("a.html").(*external.Renderer)
r.RenderContentMode = setting.RenderContentModeIframe
req = NewRequest(t, "GET", "/user30/renderer/src/branch/master/README.html")
resp = MakeRequest(t, req, http.StatusOK)
assert.EqualValues(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
bs, err = io.ReadAll(resp.Body)
assert.NoError(t, err)
doc = NewHTMLParser(t, bytes.NewBuffer(bs))
iframe := doc.Find("iframe")
assert.EqualValues(t, "/user30/renderer/render/branch/master/README.html", iframe.AttrOr("src", ""))
req = NewRequest(t, "GET", "/user30/renderer/render/branch/master/README.html")
resp = MakeRequest(t, req, http.StatusOK)
assert.EqualValues(t, "text/html; charset=utf-8", resp.Header().Get("Content-Type"))
bs, err = io.ReadAll(resp.Body)
assert.NoError(t, err)
assert.EqualValues(t, "frame-src 'self'; sandbox allow-scripts", resp.Header().Get("Content-Security-Policy"))
assert.EqualValues(t, "<div>\n\ttest external renderer\n</div>\n", string(bs))
}
tests/integration/migration-test/migration_test.go
+17 -57
View File
@@ -28,33 +28,29 @@ import (
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/testlogger"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"xorm.io/xorm"
)
var currentEngine *xorm.Engine
func initMigrationTest(t *testing.T) func() {
log.RegisterEventWriter("test", testlogger.NewTestLoggerWriter)
testlogger.Init()
deferFn := tests.PrintCurrentTest(t, 2)
deferFn := testlogger.PrintCurrentTest(t, 2)
giteaRoot := base.SetupGiteaRoot()
if giteaRoot == "" {
tests.Printf("Environment variable $GITEA_ROOT not set\n")
os.Exit(1)
testlogger.Fatalf("Environment variable $GITEA_ROOT not set\n")
}
setting.AppPath = path.Join(giteaRoot, "gitea")
if _, err := os.Stat(setting.AppPath); err != nil {
tests.Printf("Could not find gitea binary at %s\n", setting.AppPath)
os.Exit(1)
testlogger.Fatalf(fmt.Sprintf("Could not find gitea binary at %s\n", setting.AppPath))
}
giteaConf := os.Getenv("GITEA_CONF")
if giteaConf == "" {
tests.Printf("Environment variable $GITEA_CONF not set\n")
os.Exit(1)
testlogger.Fatalf("Environment variable $GITEA_CONF not set\n")
} else if !path.IsAbs(giteaConf) {
setting.CustomConf = path.Join(giteaRoot, giteaConf)
} else {
@@ -64,28 +60,7 @@ func initMigrationTest(t *testing.T) func() {
unittest.InitSettings()
assert.True(t, len(setting.RepoRootPath) != 0)
assert.NoError(t, util.RemoveAll(setting.RepoRootPath))
assert.NoError(t, unittest.CopyDir(path.Join(filepath.Dir(setting.AppPath), "tests/gitea-repositories-meta"), setting.RepoRootPath))
ownerDirs, err := os.ReadDir(setting.RepoRootPath)
if err != nil {
assert.NoError(t, err, "unable to read the new repo root: %v\n", err)
}
for _, ownerDir := range ownerDirs {
if !ownerDir.Type().IsDir() {
continue
}
repoDirs, err := os.ReadDir(filepath.Join(setting.RepoRootPath, ownerDir.Name()))
if err != nil {
assert.NoError(t, err, "unable to read the new repo root: %v\n", err)
}
for _, repoDir := range repoDirs {
_ = os.MkdirAll(filepath.Join(setting.RepoRootPath, ownerDir.Name(), repoDir.Name(), "objects", "pack"), 0o755)
_ = os.MkdirAll(filepath.Join(setting.RepoRootPath, ownerDir.Name(), repoDir.Name(), "objects", "info"), 0o755)
_ = os.MkdirAll(filepath.Join(setting.RepoRootPath, ownerDir.Name(), repoDir.Name(), "refs", "heads"), 0o755)
_ = os.MkdirAll(filepath.Join(setting.RepoRootPath, ownerDir.Name(), repoDir.Name(), "refs", "tag"), 0o755)
}
}
assert.NoError(t, unittest.SyncDirs(path.Join(filepath.Dir(setting.AppPath), "tests/gitea-repositories-meta"), setting.RepoRootPath))
assert.NoError(t, git.InitFull(context.Background()))
setting.LoadDBSetting()
setting.InitLoggersForTest()
@@ -144,13 +119,10 @@ func readSQLFromFile(version string) (string, error) {
return string(charset.MaybeRemoveBOM(bytes, charset.ConvertOpts{})), nil
}
func restoreOldDB(t *testing.T, version string) bool {
func restoreOldDB(t *testing.T, version string) {
data, err := readSQLFromFile(version)
assert.NoError(t, err)
if len(data) == 0 {
tests.Printf("No db found to restore for %s version: %s\n", setting.Database.Type, version)
return false
}
require.NoError(t, err)
require.NotEmpty(t, data, "No data found for %s version: %s", setting.Database.Type, version)
switch {
case setting.Database.Type.IsSQLite3():
@@ -218,15 +190,12 @@ func restoreOldDB(t *testing.T, version string) bool {
db, err = sql.Open("postgres", fmt.Sprintf("postgres://%s:%s@%s/%s?sslmode=%s",
setting.Database.User, setting.Database.Passwd, setting.Database.Host, setting.Database.Name, setting.Database.SSLMode))
}
if !assert.NoError(t, err) {
return false
}
require.NoError(t, err)
defer db.Close()
schrows, err := db.Query(fmt.Sprintf("SELECT 1 FROM information_schema.schemata WHERE schema_name = '%s'", setting.Database.Schema))
if !assert.NoError(t, err) || !assert.NotEmpty(t, schrows) {
return false
}
require.NoError(t, err)
require.NotEmpty(t, schrows)
if !schrows.Next() {
// Create and setup a DB schema
@@ -281,7 +250,6 @@ func restoreOldDB(t *testing.T, version string) bool {
}
db.Close()
}
return true
}
func wrappedMigrate(x *xorm.Engine) error {
@@ -290,11 +258,8 @@ func wrappedMigrate(x *xorm.Engine) error {
}
func doMigrationTest(t *testing.T, version string) {
defer tests.PrintCurrentTest(t)()
tests.Printf("Performing migration test for %s version: %s\n", setting.Database.Type, version)
if !restoreOldDB(t, version) {
return
}
defer testlogger.PrintCurrentTest(t)()
restoreOldDB(t, version)
setting.InitSQLLoggersForCli(log.INFO)
@@ -326,14 +291,9 @@ func TestMigrations(t *testing.T) {
dialect := setting.Database.Type
versions, err := availableVersions()
assert.NoError(t, err)
require.NoError(t, err)
require.NotEmpty(t, versions, "No old database versions available to migration test for %s", dialect)
if len(versions) == 0 {
tests.Printf("No old database versions available to migration test for %s\n", dialect)
return
}
tests.Printf("Preparing to test %d migrations for %s\n", len(versions), dialect)
for _, version := range versions {
t.Run(fmt.Sprintf("Migrate-%s-%s", dialect, version), func(t *testing.T) {
doMigrationTest(t, version)
tests/integration/mirror_push_test.go
+75 -41
View File
@@ -9,7 +9,9 @@ import (
"net/http"
"net/url"
"strconv"
"strings"
"testing"
"time"
"code.gitea.io/gitea/models/db"
repo_model "code.gitea.io/gitea/models/repo"
@@ -32,11 +34,10 @@ func TestMirrorPush(t *testing.T) {
}
func testMirrorPush(t *testing.T, u *url.URL) {
defer tests.PrepareTestEnv(t)()
setting.Migrations.AllowLocalNetworks = true
assert.NoError(t, migrations.Init())
_ = db.TruncateBeans(db.DefaultContext, &repo_model.PushMirror{})
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
srcRepo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
@@ -45,9 +46,10 @@ func testMirrorPush(t *testing.T, u *url.URL) {
})
assert.NoError(t, err)
ctx := NewAPITestContext(t, user.LowerName, srcRepo.Name)
session := loginUser(t, user.Name)
doCreatePushMirror(ctx, fmt.Sprintf("%s%s/%s", u.String(), url.PathEscape(ctx.Username), url.PathEscape(mirrorRepo.Name)), user.LowerName, userPassword)(t)
pushMirrorURL := fmt.Sprintf("%s%s/%s", u.String(), url.PathEscape(user.Name), url.PathEscape(mirrorRepo.Name))
testCreatePushMirror(t, session, user.Name, srcRepo.Name, pushMirrorURL, user.LowerName, userPassword, "0")
mirrors, _, err := repo_model.GetPushMirrorsByRepoID(db.DefaultContext, srcRepo.ID, db.ListOptions{})
assert.NoError(t, err)
@@ -73,49 +75,81 @@ func testMirrorPush(t *testing.T, u *url.URL) {
assert.Equal(t, srcCommit.ID, mirrorCommit.ID)
// Cleanup
doRemovePushMirror(ctx, fmt.Sprintf("%s%s/%s", u.String(), url.PathEscape(ctx.Username), url.PathEscape(mirrorRepo.Name)), user.LowerName, userPassword, int(mirrors[0].ID))(t)
assert.True(t, doRemovePushMirror(t, session, user.Name, srcRepo.Name, mirrors[0].ID))
mirrors, _, err = repo_model.GetPushMirrorsByRepoID(db.DefaultContext, srcRepo.ID, db.ListOptions{})
assert.NoError(t, err)
assert.Len(t, mirrors, 0)
}
func doCreatePushMirror(ctx APITestContext, address, username, password string) func(t *testing.T) {
return func(t *testing.T) {
csrf := GetUserCSRFToken(t, ctx.Session)
func testCreatePushMirror(t *testing.T, session *TestSession, owner, repo, address, username, password, interval string) {
req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/settings", url.PathEscape(owner), url.PathEscape(repo)), map[string]string{
"_csrf": GetUserCSRFToken(t, session),
"action": "push-mirror-add",
"push_mirror_address": address,
"push_mirror_username": username,
"push_mirror_password": password,
"push_mirror_interval": interval,
})
session.MakeRequest(t, req, http.StatusSeeOther)
req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/settings", url.PathEscape(ctx.Username), url.PathEscape(ctx.Reponame)), map[string]string{
"_csrf": csrf,
"action": "push-mirror-add",
"push_mirror_address": address,
"push_mirror_username": username,
"push_mirror_password": password,
"push_mirror_interval": "0",
})
ctx.Session.MakeRequest(t, req, http.StatusSeeOther)
flashCookie := ctx.Session.GetCookie(gitea_context.CookieNameFlash)
assert.NotNil(t, flashCookie)
assert.Contains(t, flashCookie.Value, "success")
}
flashCookie := session.GetCookie(gitea_context.CookieNameFlash)
assert.NotNil(t, flashCookie)
assert.Contains(t, flashCookie.Value, "success")
}
func doRemovePushMirror(ctx APITestContext, address, username, password string, pushMirrorID int) func(t *testing.T) {
return func(t *testing.T) {
csrf := GetUserCSRFToken(t, ctx.Session)
req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/settings", url.PathEscape(ctx.Username), url.PathEscape(ctx.Reponame)), map[string]string{
"_csrf": csrf,
"action": "push-mirror-remove",
"push_mirror_id": strconv.Itoa(pushMirrorID),
"push_mirror_address": address,
"push_mirror_username": username,
"push_mirror_password": password,
"push_mirror_interval": "0",
})
ctx.Session.MakeRequest(t, req, http.StatusSeeOther)
flashCookie := ctx.Session.GetCookie(gitea_context.CookieNameFlash)
assert.NotNil(t, flashCookie)
assert.Contains(t, flashCookie.Value, "success")
}
func doRemovePushMirror(t *testing.T, session *TestSession, owner, repo string, pushMirrorID int64) bool {
req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/settings", url.PathEscape(owner), url.PathEscape(repo)), map[string]string{
"_csrf": GetUserCSRFToken(t, session),
"action": "push-mirror-remove",
"push_mirror_id": strconv.FormatInt(pushMirrorID, 10),
})
resp := session.MakeRequest(t, req, NoExpectedStatus)
flashCookie := session.GetCookie(gitea_context.CookieNameFlash)
return resp.Code == http.StatusSeeOther && flashCookie != nil && strings.Contains(flashCookie.Value, "success")
}
func doUpdatePushMirror(t *testing.T, session *TestSession, owner, repo string, pushMirrorID int64, interval string) bool {
req := NewRequestWithValues(t, "POST", fmt.Sprintf("/%s/%s/settings", owner, repo), map[string]string{
"_csrf": GetUserCSRFToken(t, session),
"action": "push-mirror-update",
"push_mirror_id": strconv.FormatInt(pushMirrorID, 10),
"push_mirror_interval": interval,
"push_mirror_defer_sync": "true",
})
resp := session.MakeRequest(t, req, NoExpectedStatus)
return resp.Code == http.StatusSeeOther
}
func TestRepoSettingPushMirrorUpdate(t *testing.T) {
defer tests.PrepareTestEnv(t)()
setting.Migrations.AllowLocalNetworks = true
assert.NoError(t, migrations.Init())
session := loginUser(t, "user2")
repo2 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2})
testCreatePushMirror(t, session, "user2", "repo2", "https://127.0.0.1/user1/repo1.git", "", "", "24h")
pushMirrors, cnt, err := repo_model.GetPushMirrorsByRepoID(db.DefaultContext, repo2.ID, db.ListOptions{})
assert.NoError(t, err)
assert.EqualValues(t, 1, cnt)
assert.EqualValues(t, 24*time.Hour, pushMirrors[0].Interval)
repo2PushMirrorID := pushMirrors[0].ID
// update repo2 push mirror
assert.True(t, doUpdatePushMirror(t, session, "user2", "repo2", repo2PushMirrorID, "10m0s"))
pushMirror := unittest.AssertExistsAndLoadBean(t, &repo_model.PushMirror{ID: repo2PushMirrorID})
assert.EqualValues(t, 10*time.Minute, pushMirror.Interval)
// avoid updating repo2 push mirror from repo1
assert.False(t, doUpdatePushMirror(t, session, "user2", "repo1", repo2PushMirrorID, "20m0s"))
pushMirror = unittest.AssertExistsAndLoadBean(t, &repo_model.PushMirror{ID: repo2PushMirrorID})
assert.EqualValues(t, 10*time.Minute, pushMirror.Interval) // not changed
// avoid deleting repo2 push mirror from repo1
assert.False(t, doRemovePushMirror(t, session, "user2", "repo1", repo2PushMirrorID))
unittest.AssertExistsAndLoadBean(t, &repo_model.PushMirror{ID: repo2PushMirrorID})
// delete repo2 push mirror
assert.True(t, doRemovePushMirror(t, session, "user2", "repo2", repo2PushMirrorID))
unittest.AssertNotExistsBean(t, &repo_model.PushMirror{ID: repo2PushMirrorID})
}
tests/integration/oauth_test.go
+430
View File
@@ -5,16 +5,25 @@ package integration
import (
"bytes"
"encoding/base64"
"fmt"
"io"
"net/http"
"strings"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/json"
"code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
oauth2_provider "code.gitea.io/gitea/services/oauth2_provider"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestAuthorizeNoClientID(t *testing.T) {
@@ -477,3 +486,424 @@ func TestOAuthIntrospection(t *testing.T) {
resp = MakeRequest(t, req, http.StatusUnauthorized)
assert.Contains(t, resp.Body.String(), "no valid authorization")
}
func TestOAuth_GrantScopesReadUserFailRepos(t *testing.T) {
defer tests.PrepareTestEnv(t)()
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
appBody := api.CreateOAuth2ApplicationOptions{
Name: "oauth-provider-scopes-test",
RedirectURIs: []string{
"a",
},
ConfidentialClient: true,
}
req := NewRequestWithJSON(t, "POST", "/api/v1/user/applications/oauth2", &appBody).
AddBasicAuth(user.Name)
resp := MakeRequest(t, req, http.StatusCreated)
var app *api.OAuth2Application
DecodeJSON(t, resp, &app)
grant := &auth_model.OAuth2Grant{
ApplicationID: app.ID,
UserID: user.ID,
Scope: "openid read:user",
}
err := db.Insert(db.DefaultContext, grant)
require.NoError(t, err)
assert.Contains(t, grant.Scope, "openid read:user")
ctx := loginUser(t, user.Name)
authorizeURL := fmt.Sprintf("/login/oauth/authorize?client_id=%s&redirect_uri=a&response_type=code&state=thestate", app.ClientID)
authorizeReq := NewRequest(t, "GET", authorizeURL)
authorizeResp := ctx.MakeRequest(t, authorizeReq, http.StatusSeeOther)
authcode := strings.Split(strings.Split(authorizeResp.Body.String(), "?code=")[1], "&amp")[0]
accessTokenReq := NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
"grant_type": "authorization_code",
"client_id": app.ClientID,
"client_secret": app.ClientSecret,
"redirect_uri": "a",
"code": authcode,
})
accessTokenResp := ctx.MakeRequest(t, accessTokenReq, 200)
type response struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
ExpiresIn int64 `json:"expires_in"`
RefreshToken string `json:"refresh_token"`
}
parsed := new(response)
require.NoError(t, json.Unmarshal(accessTokenResp.Body.Bytes(), parsed))
userReq := NewRequest(t, "GET", "/api/v1/user")
userReq.SetHeader("Authorization", "Bearer "+parsed.AccessToken)
userResp := MakeRequest(t, userReq, http.StatusOK)
type userResponse struct {
Login string `json:"login"`
Email string `json:"email"`
}
userParsed := new(userResponse)
require.NoError(t, json.Unmarshal(userResp.Body.Bytes(), userParsed))
assert.Contains(t, userParsed.Email, "user2@example.com")
errorReq := NewRequest(t, "GET", "/api/v1/users/user2/repos")
errorReq.SetHeader("Authorization", "Bearer "+parsed.AccessToken)
errorResp := MakeRequest(t, errorReq, http.StatusForbidden)
type errorResponse struct {
Message string `json:"message"`
}
errorParsed := new(errorResponse)
require.NoError(t, json.Unmarshal(errorResp.Body.Bytes(), errorParsed))
assert.Contains(t, errorParsed.Message, "token does not have at least one of required scope(s): [read:repository]")
}
func TestOAuth_GrantScopesReadRepositoryFailOrganization(t *testing.T) {
defer tests.PrepareTestEnv(t)()
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
appBody := api.CreateOAuth2ApplicationOptions{
Name: "oauth-provider-scopes-test",
RedirectURIs: []string{
"a",
},
ConfidentialClient: true,
}
req := NewRequestWithJSON(t, "POST", "/api/v1/user/applications/oauth2", &appBody).
AddBasicAuth(user.Name)
resp := MakeRequest(t, req, http.StatusCreated)
var app *api.OAuth2Application
DecodeJSON(t, resp, &app)
grant := &auth_model.OAuth2Grant{
ApplicationID: app.ID,
UserID: user.ID,
Scope: "openid read:user read:repository",
}
err := db.Insert(db.DefaultContext, grant)
require.NoError(t, err)
assert.Contains(t, grant.Scope, "openid read:user read:repository")
ctx := loginUser(t, user.Name)
authorizeURL := fmt.Sprintf("/login/oauth/authorize?client_id=%s&redirect_uri=a&response_type=code&state=thestate", app.ClientID)
authorizeReq := NewRequest(t, "GET", authorizeURL)
authorizeResp := ctx.MakeRequest(t, authorizeReq, http.StatusSeeOther)
authcode := strings.Split(strings.Split(authorizeResp.Body.String(), "?code=")[1], "&amp")[0]
accessTokenReq := NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
"grant_type": "authorization_code",
"client_id": app.ClientID,
"client_secret": app.ClientSecret,
"redirect_uri": "a",
"code": authcode,
})
accessTokenResp := ctx.MakeRequest(t, accessTokenReq, http.StatusOK)
type response struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
ExpiresIn int64 `json:"expires_in"`
RefreshToken string `json:"refresh_token"`
}
parsed := new(response)
require.NoError(t, json.Unmarshal(accessTokenResp.Body.Bytes(), parsed))
userReq := NewRequest(t, "GET", "/api/v1/users/user2/repos")
userReq.SetHeader("Authorization", "Bearer "+parsed.AccessToken)
userResp := MakeRequest(t, userReq, http.StatusOK)
type repo struct {
FullRepoName string `json:"full_name"`
Private bool `json:"private"`
}
var reposCaptured []repo
require.NoError(t, json.Unmarshal(userResp.Body.Bytes(), &reposCaptured))
reposExpected := []repo{
{
FullRepoName: "user2/repo1",
Private: false,
},
{
FullRepoName: "user2/repo2",
Private: true,
},
{
FullRepoName: "user2/repo15",
Private: true,
},
{
FullRepoName: "user2/repo16",
Private: true,
},
{
FullRepoName: "user2/repo20",
Private: true,
},
{
FullRepoName: "user2/utf8",
Private: false,
},
{
FullRepoName: "user2/commits_search_test",
Private: false,
},
{
FullRepoName: "user2/git_hooks_test",
Private: false,
},
{
FullRepoName: "user2/glob",
Private: false,
},
{
FullRepoName: "user2/lfs",
Private: true,
},
{
FullRepoName: "user2/scoped_label",
Private: true,
},
{
FullRepoName: "user2/readme-test",
Private: true,
},
{
FullRepoName: "user2/repo-release",
Private: false,
},
{
FullRepoName: "user2/commitsonpr",
Private: false,
},
{
FullRepoName: "user2/test_commit_revert",
Private: true,
},
}
assert.Equal(t, reposExpected, reposCaptured)
errorReq := NewRequest(t, "GET", "/api/v1/users/user2/orgs")
errorReq.SetHeader("Authorization", "Bearer "+parsed.AccessToken)
errorResp := MakeRequest(t, errorReq, http.StatusForbidden)
type errorResponse struct {
Message string `json:"message"`
}
errorParsed := new(errorResponse)
require.NoError(t, json.Unmarshal(errorResp.Body.Bytes(), errorParsed))
assert.Contains(t, errorParsed.Message, "token does not have at least one of required scope(s): [read:user read:organization]")
}
func TestOAuth_GrantScopesClaimPublicOnlyGroups(t *testing.T) {
defer tests.PrepareTestEnv(t)()
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"})
appBody := api.CreateOAuth2ApplicationOptions{
Name: "oauth-provider-scopes-test",
RedirectURIs: []string{
"a",
},
ConfidentialClient: true,
}
appReq := NewRequestWithJSON(t, "POST", "/api/v1/user/applications/oauth2", &appBody).
AddBasicAuth(user.Name)
appResp := MakeRequest(t, appReq, http.StatusCreated)
var app *api.OAuth2Application
DecodeJSON(t, appResp, &app)
grant := &auth_model.OAuth2Grant{
ApplicationID: app.ID,
UserID: user.ID,
Scope: "openid groups read:user public-only",
}
err := db.Insert(db.DefaultContext, grant)
require.NoError(t, err)
assert.ElementsMatch(t, []string{"openid", "groups", "read:user", "public-only"}, strings.Split(grant.Scope, " "))
ctx := loginUser(t, user.Name)
authorizeURL := fmt.Sprintf("/login/oauth/authorize?client_id=%s&redirect_uri=a&response_type=code&state=thestate", app.ClientID)
authorizeReq := NewRequest(t, "GET", authorizeURL)
authorizeResp := ctx.MakeRequest(t, authorizeReq, http.StatusSeeOther)
authcode := strings.Split(strings.Split(authorizeResp.Body.String(), "?code=")[1], "&amp")[0]
accessTokenReq := NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
"grant_type": "authorization_code",
"client_id": app.ClientID,
"client_secret": app.ClientSecret,
"redirect_uri": "a",
"code": authcode,
})
accessTokenResp := ctx.MakeRequest(t, accessTokenReq, http.StatusOK)
type response struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
ExpiresIn int64 `json:"expires_in"`
RefreshToken string `json:"refresh_token"`
IDToken string `json:"id_token,omitempty"`
}
parsed := new(response)
require.NoError(t, json.Unmarshal(accessTokenResp.Body.Bytes(), parsed))
parts := strings.Split(parsed.IDToken, ".")
payload, _ := base64.RawURLEncoding.DecodeString(parts[1])
type IDTokenClaims struct {
Groups []string `json:"groups"`
}
claims := new(IDTokenClaims)
require.NoError(t, json.Unmarshal(payload, claims))
userinfoReq := NewRequest(t, "GET", "/login/oauth/userinfo")
userinfoReq.SetHeader("Authorization", "Bearer "+parsed.AccessToken)
userinfoResp := MakeRequest(t, userinfoReq, http.StatusOK)
type userinfoResponse struct {
Login string `json:"login"`
Email string `json:"email"`
Groups []string `json:"groups"`
}
userinfoParsed := new(userinfoResponse)
require.NoError(t, json.Unmarshal(userinfoResp.Body.Bytes(), userinfoParsed))
assert.Contains(t, userinfoParsed.Email, "user2@example.com")
// test both id_token and call to /login/oauth/userinfo
for _, publicGroup := range []string{
"org17",
"org17:test_team",
"org3",
"org3:owners",
"org3:team1",
"org3:teamcreaterepo",
} {
assert.Contains(t, claims.Groups, publicGroup)
assert.Contains(t, userinfoParsed.Groups, publicGroup)
}
for _, privateGroup := range []string{
"private_org35",
"private_org35_team24",
} {
assert.NotContains(t, claims.Groups, privateGroup)
assert.NotContains(t, userinfoParsed.Groups, privateGroup)
}
}
func TestOAuth_GrantScopesClaimAllGroups(t *testing.T) {
defer tests.PrepareTestEnv(t)()
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"})
appBody := api.CreateOAuth2ApplicationOptions{
Name: "oauth-provider-scopes-test",
RedirectURIs: []string{
"a",
},
ConfidentialClient: true,
}
appReq := NewRequestWithJSON(t, "POST", "/api/v1/user/applications/oauth2", &appBody).
AddBasicAuth(user.Name)
appResp := MakeRequest(t, appReq, http.StatusCreated)
var app *api.OAuth2Application
DecodeJSON(t, appResp, &app)
grant := &auth_model.OAuth2Grant{
ApplicationID: app.ID,
UserID: user.ID,
Scope: "openid groups",
}
err := db.Insert(db.DefaultContext, grant)
require.NoError(t, err)
assert.ElementsMatch(t, []string{"openid", "groups"}, strings.Split(grant.Scope, " "))
ctx := loginUser(t, user.Name)
authorizeURL := fmt.Sprintf("/login/oauth/authorize?client_id=%s&redirect_uri=a&response_type=code&state=thestate", app.ClientID)
authorizeReq := NewRequest(t, "GET", authorizeURL)
authorizeResp := ctx.MakeRequest(t, authorizeReq, http.StatusSeeOther)
authcode := strings.Split(strings.Split(authorizeResp.Body.String(), "?code=")[1], "&amp")[0]
accessTokenReq := NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
"grant_type": "authorization_code",
"client_id": app.ClientID,
"client_secret": app.ClientSecret,
"redirect_uri": "a",
"code": authcode,
})
accessTokenResp := ctx.MakeRequest(t, accessTokenReq, http.StatusOK)
type response struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
ExpiresIn int64 `json:"expires_in"`
RefreshToken string `json:"refresh_token"`
IDToken string `json:"id_token,omitempty"`
}
parsed := new(response)
require.NoError(t, json.Unmarshal(accessTokenResp.Body.Bytes(), parsed))
parts := strings.Split(parsed.IDToken, ".")
payload, _ := base64.RawURLEncoding.DecodeString(parts[1])
type IDTokenClaims struct {
Groups []string `json:"groups"`
}
claims := new(IDTokenClaims)
require.NoError(t, json.Unmarshal(payload, claims))
userinfoReq := NewRequest(t, "GET", "/login/oauth/userinfo")
userinfoReq.SetHeader("Authorization", "Bearer "+parsed.AccessToken)
userinfoResp := MakeRequest(t, userinfoReq, http.StatusOK)
type userinfoResponse struct {
Login string `json:"login"`
Email string `json:"email"`
Groups []string `json:"groups"`
}
userinfoParsed := new(userinfoResponse)
require.NoError(t, json.Unmarshal(userinfoResp.Body.Bytes(), userinfoParsed))
assert.Contains(t, userinfoParsed.Email, "user2@example.com")
// test both id_token and call to /login/oauth/userinfo
for _, group := range []string{
"org17",
"org17:test_team",
"org3",
"org3:owners",
"org3:team1",
"org3:teamcreaterepo",
"private_org35",
"private_org35:team24",
} {
assert.Contains(t, claims.Groups, group)
assert.Contains(t, userinfoParsed.Groups, group)
}
}
tests/integration/pull_merge_test.go
+2 -1
View File
@@ -589,7 +589,8 @@ func TestPullDontRetargetChildOnWrongRepo(t *testing.T) {
resp := session.MakeRequest(t, req, http.StatusOK)
htmlDoc := NewHTMLParser(t, resp.Body)
targetBranch := htmlDoc.doc.Find("#branch_target>a").Text()
// the branch has been deleted, so there is no a html tag instead of span
targetBranch := htmlDoc.doc.Find("#branch_target>span").Text()
prStatus := strings.TrimSpace(htmlDoc.doc.Find(".issue-title-meta>.issue-state-label").Text())
assert.EqualValues(t, "base-pr", targetBranch)
tests/integration/repo_branch_test.go
-2
View File
@@ -209,8 +209,6 @@ func checkRecentlyPushedNewBranches(t *testing.T, session *TestSession, repoPath
}
func TestRecentlyPushedNewBranches(t *testing.T) {
defer tests.PrepareTestEnv(t)()
onGiteaRun(t, func(t *testing.T, u *url.URL) {
user1Session := loginUser(t, "user1")
user2Session := loginUser(t, "user2")
tests/integration/repo_fork_test.go
+52
View File
@@ -9,8 +9,12 @@ import (
"net/http/httptest"
"testing"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/models/db"
org_model "code.gitea.io/gitea/models/organization"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
@@ -74,3 +78,51 @@ func TestRepoForkToOrg(t *testing.T) {
_, exists := htmlDoc.doc.Find(`a.ui.button[href*="/fork"]`).Attr("href")
assert.False(t, exists, "Forking should not be allowed anymore")
}
func TestForkListLimitedAndPrivateRepos(t *testing.T) {
defer tests.PrepareTestEnv(t)()
forkItemSelector := ".repo-fork-item"
user1Sess := loginUser(t, "user1")
user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user1"})
// fork to a limited org
limitedOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 22})
assert.EqualValues(t, structs.VisibleTypeLimited, limitedOrg.Visibility)
ownerTeam1, err := org_model.OrgFromUser(limitedOrg).GetOwnerTeam(db.DefaultContext)
assert.NoError(t, err)
assert.NoError(t, models.AddTeamMember(db.DefaultContext, ownerTeam1, user1))
testRepoFork(t, user1Sess, "user2", "repo1", limitedOrg.Name, "repo1", "")
// fork to a private org
user4Sess := loginUser(t, "user4")
user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user4"})
privateOrg := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 23})
assert.EqualValues(t, structs.VisibleTypePrivate, privateOrg.Visibility)
ownerTeam2, err := org_model.OrgFromUser(privateOrg).GetOwnerTeam(db.DefaultContext)
assert.NoError(t, err)
assert.NoError(t, models.AddTeamMember(db.DefaultContext, ownerTeam2, user4))
testRepoFork(t, user4Sess, "user2", "repo1", privateOrg.Name, "repo1", "")
t.Run("Anonymous", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
req := NewRequest(t, "GET", "/user2/repo1/forks")
resp := MakeRequest(t, req, http.StatusOK)
htmlDoc := NewHTMLParser(t, resp.Body)
assert.EqualValues(t, 0, htmlDoc.Find(forkItemSelector).Length())
})
t.Run("Logged in", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
req := NewRequest(t, "GET", "/user2/repo1/forks")
resp := user1Sess.MakeRequest(t, req, http.StatusOK)
htmlDoc := NewHTMLParser(t, resp.Body)
assert.EqualValues(t, 1, htmlDoc.Find(forkItemSelector).Length())
assert.NoError(t, models.AddTeamMember(db.DefaultContext, ownerTeam2, user1))
resp = user1Sess.MakeRequest(t, req, http.StatusOK)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.EqualValues(t, 2, htmlDoc.Find(forkItemSelector).Length())
})
}