afan
/
gitea
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
gitea源码
3 коммитов
2 веток
ветка: master
веток Теги
${ item.name }
Создать ветку ${ searchTerm }
из 'master'
${ noResults }
gitea/tests/integration/actions_runner_modify_test.go

actions_runner_modify_test.go 5.7KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151 
  1. // Copyright 2025 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"testing"

  10. 

  11. 	actions_model "code.gitea.io/gitea/models/actions"

  12. 	"code.gitea.io/gitea/models/db"

  13. 	repo_model "code.gitea.io/gitea/models/repo"

  14. 	"code.gitea.io/gitea/models/unittest"

  15. 	user_model "code.gitea.io/gitea/models/user"

  16. 	"code.gitea.io/gitea/tests"

  17. 

  18. 	"github.com/stretchr/testify/assert"

  19. 	"github.com/stretchr/testify/require"

  20. )

  21. 

  22. func TestActionsRunnerModify(t *testing.T) {

  23. 	defer tests.PrepareTestEnv(t)()

  24. 

  25. 	ctx := t.Context()

  26. 

  27. 	require.NoError(t, db.DeleteAllRecords("action_runner"))

  28. 

  29. 	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})

  30. 	_ = actions_model.CreateRunner(ctx, &actions_model.ActionRunner{OwnerID: user2.ID, Name: "user2-runner", TokenHash: "a", UUID: "a"})

  31. 	user2Runner := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRunner{OwnerID: user2.ID, Name: "user2-runner"})

  32. 	userWebURL := "/user/settings/actions/runners"

  33. 

  34. 	org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3, Type: user_model.UserTypeOrganization})

  35. 	require.NoError(t, actions_model.CreateRunner(ctx, &actions_model.ActionRunner{OwnerID: org3.ID, Name: "org3-runner", TokenHash: "b", UUID: "b"}))

  36. 	org3Runner := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRunner{OwnerID: org3.ID, Name: "org3-runner"})

  37. 	orgWebURL := "/org/org3/settings/actions/runners"

  38. 

  39. 	repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})

  40. 	_ = actions_model.CreateRunner(ctx, &actions_model.ActionRunner{RepoID: repo1.ID, Name: "repo1-runner", TokenHash: "c", UUID: "c"})

  41. 	repo1Runner := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRunner{RepoID: repo1.ID, Name: "repo1-runner"})

  42. 	repoWebURL := "/user2/repo1/settings/actions/runners"

  43. 

  44. 	_ = actions_model.CreateRunner(ctx, &actions_model.ActionRunner{Name: "global-runner", TokenHash: "d", UUID: "d"})

  45. 	globalRunner := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRunner{Name: "global-runner"})

  46. 	adminWebURL := "/-/admin/actions/runners"

  47. 

  48. 	sessionAdmin := loginUser(t, "user1")

  49. 	sessionUser2 := loginUser(t, user2.Name)

  50. 

  51. 	doUpdate := func(t *testing.T, sess *TestSession, baseURL string, id int64, description string, expectedStatus int) {

  52. 		req := NewRequestWithValues(t, "POST", fmt.Sprintf("%s/%d", baseURL, id), map[string]string{

  53. 			"_csrf":       GetUserCSRFToken(t, sess),

  54. 			"description": description,

  55. 		})

  56. 		sess.MakeRequest(t, req, expectedStatus)

  57. 	}

  58. 

  59. 	doDelete := func(t *testing.T, sess *TestSession, baseURL string, id int64, expectedStatus int) {

  60. 		req := NewRequestWithValues(t, "POST", fmt.Sprintf("%s/%d/delete", baseURL, id), map[string]string{

  61. 			"_csrf": GetUserCSRFToken(t, sess),

  62. 		})

  63. 		sess.MakeRequest(t, req, expectedStatus)

  64. 	}

  65. 

  66. 	assertDenied := func(t *testing.T, sess *TestSession, baseURL string, id int64) {

  67. 		doUpdate(t, sess, baseURL, id, "ChangedDescription", http.StatusNotFound)

  68. 		doDelete(t, sess, baseURL, id, http.StatusNotFound)

  69. 		v := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRunner{ID: id})

  70. 		assert.Empty(t, v.Description)

  71. 	}

  72. 

  73. 	assertSuccess := func(t *testing.T, sess *TestSession, baseURL string, id int64) {

  74. 		doUpdate(t, sess, baseURL, id, "ChangedDescription", http.StatusSeeOther)

  75. 		v := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRunner{ID: id})

  76. 		assert.Equal(t, "ChangedDescription", v.Description)

  77. 		doDelete(t, sess, baseURL, id, http.StatusOK)

  78. 		unittest.AssertNotExistsBean(t, &actions_model.ActionRunner{ID: id})

  79. 	}

  80. 

  81. 	t.Run("UpdateUserRunner", func(t *testing.T) {

  82. 		theRunner := user2Runner

  83. 		t.Run("FromOrg", func(t *testing.T) {

  84. 			assertDenied(t, sessionAdmin, orgWebURL, theRunner.ID)

  85. 		})

  86. 		t.Run("FromRepo", func(t *testing.T) {

  87. 			assertDenied(t, sessionAdmin, repoWebURL, theRunner.ID)

  88. 		})

  89. 		t.Run("FromAdmin", func(t *testing.T) {

  90. 			t.Skip("Admin can update any runner (not right but not too bad)")

  91. 			assertDenied(t, sessionAdmin, adminWebURL, theRunner.ID)

  92. 		})

  93. 	})

  94. 

  95. 	t.Run("UpdateOrgRunner", func(t *testing.T) {

  96. 		theRunner := org3Runner

  97. 		t.Run("FromRepo", func(t *testing.T) {

  98. 			assertDenied(t, sessionAdmin, repoWebURL, theRunner.ID)

  99. 		})

  100. 		t.Run("FromUser", func(t *testing.T) {

  101. 			assertDenied(t, sessionAdmin, userWebURL, theRunner.ID)

  102. 		})

  103. 		t.Run("FromAdmin", func(t *testing.T) {

  104. 			t.Skip("Admin can update any runner (not right but not too bad)")

  105. 			assertDenied(t, sessionAdmin, adminWebURL, theRunner.ID)

  106. 		})

  107. 	})

  108. 

  109. 	t.Run("UpdateRepoRunner", func(t *testing.T) {

  110. 		theRunner := repo1Runner

  111. 		t.Run("FromOrg", func(t *testing.T) {

  112. 			assertDenied(t, sessionAdmin, orgWebURL, theRunner.ID)

  113. 		})

  114. 		t.Run("FromUser", func(t *testing.T) {

  115. 			assertDenied(t, sessionAdmin, userWebURL, theRunner.ID)

  116. 		})

  117. 		t.Run("FromAdmin", func(t *testing.T) {

  118. 			t.Skip("Admin can update any runner (not right but not too bad)")

  119. 			assertDenied(t, sessionAdmin, adminWebURL, theRunner.ID)

  120. 		})

  121. 	})

  122. 

  123. 	t.Run("UpdateGlobalRunner", func(t *testing.T) {

  124. 		theRunner := globalRunner

  125. 		t.Run("FromOrg", func(t *testing.T) {

  126. 			assertDenied(t, sessionAdmin, orgWebURL, theRunner.ID)

  127. 		})

  128. 		t.Run("FromUser", func(t *testing.T) {

  129. 			assertDenied(t, sessionAdmin, userWebURL, theRunner.ID)

  130. 		})

  131. 		t.Run("FromRepo", func(t *testing.T) {

  132. 			assertDenied(t, sessionAdmin, repoWebURL, theRunner.ID)

  133. 		})

  134. 	})

  135. 

  136. 	t.Run("UpdateSuccess", func(t *testing.T) {

  137. 		t.Run("User", func(t *testing.T) {

  138. 			assertSuccess(t, sessionUser2, userWebURL, user2Runner.ID)

  139. 		})

  140. 		t.Run("Org", func(t *testing.T) {

  141. 			assertSuccess(t, sessionAdmin, orgWebURL, org3Runner.ID)

  142. 		})

  143. 		t.Run("Repo", func(t *testing.T) {

  144. 			assertSuccess(t, sessionUser2, repoWebURL, repo1Runner.ID)

  145. 		})

  146. 		t.Run("Admin", func(t *testing.T) {

  147. 			assertSuccess(t, sessionAdmin, adminWebURL, globalRunner.ID)

  148. 		})

  149. 	})

  150. }