afan
/
gitea
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
gitea源码
3 Комити
2 Гране
Грана: master
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
gitea/tests/integration/api_org_test.go

api_org_test.go 8.9KB
Пермалинк Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252 
  1. // Copyright 2018 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"strings"

  10. 	"testing"

  11. 

  12. 	auth_model "code.gitea.io/gitea/models/auth"

  13. 	org_model "code.gitea.io/gitea/models/organization"

  14. 	"code.gitea.io/gitea/models/perm"

  15. 	unit_model "code.gitea.io/gitea/models/unit"

  16. 	"code.gitea.io/gitea/models/unittest"

  17. 	user_model "code.gitea.io/gitea/models/user"

  18. 	"code.gitea.io/gitea/modules/setting"

  19. 	api "code.gitea.io/gitea/modules/structs"

  20. 	"code.gitea.io/gitea/modules/test"

  21. 	"code.gitea.io/gitea/tests"

  22. 

  23. 	"github.com/stretchr/testify/assert"

  24. 	"github.com/stretchr/testify/require"

  25. )

  26. 

  27. func TestAPIOrgCreateRename(t *testing.T) {

  28. 	defer tests.PrepareTestEnv(t)()

  29. 	token := getUserToken(t, "user1", auth_model.AccessTokenScopeWriteOrganization)

  30. 

  31. 	org := api.CreateOrgOption{

  32. 		UserName:    "user1_org",

  33. 		FullName:    "User1's organization",

  34. 		Description: "This organization created by user1",

  35. 		Website:     "https://try.gitea.io",

  36. 		Location:    "Shanghai",

  37. 		Visibility:  "limited",

  38. 	}

  39. 	req := NewRequestWithJSON(t, "POST", "/api/v1/orgs", &org).AddTokenAuth(token)

  40. 	resp := MakeRequest(t, req, http.StatusCreated)

  41. 

  42. 	var apiOrg api.Organization

  43. 	DecodeJSON(t, resp, &apiOrg)

  44. 

  45. 	assert.Equal(t, org.UserName, apiOrg.Name)

  46. 	assert.Equal(t, org.FullName, apiOrg.FullName)

  47. 	assert.Equal(t, org.Description, apiOrg.Description)

  48. 	assert.Equal(t, org.Website, apiOrg.Website)

  49. 	assert.Equal(t, org.Location, apiOrg.Location)

  50. 	assert.Equal(t, org.Visibility, apiOrg.Visibility)

  51. 

  52. 	unittest.AssertExistsAndLoadBean(t, &user_model.User{

  53. 		Name:      org.UserName,

  54. 		LowerName: strings.ToLower(org.UserName),

  55. 		FullName:  org.FullName,

  56. 	})

  57. 

  58. 	// check org name

  59. 	req = NewRequestf(t, "GET", "/api/v1/orgs/%s", org.UserName).AddTokenAuth(token)

  60. 	resp = MakeRequest(t, req, http.StatusOK)

  61. 	DecodeJSON(t, resp, &apiOrg)

  62. 	assert.Equal(t, org.UserName, apiOrg.Name)

  63. 

  64. 	t.Run("CheckPermission", func(t *testing.T) {

  65. 		// Check owner team permission

  66. 		ownerTeam, _ := org_model.GetOwnerTeam(t.Context(), apiOrg.ID)

  67. 		for _, ut := range unit_model.AllRepoUnitTypes {

  68. 			up := perm.AccessModeOwner

  69. 			if ut == unit_model.TypeExternalTracker || ut == unit_model.TypeExternalWiki {

  70. 				up = perm.AccessModeRead

  71. 			}

  72. 			unittest.AssertExistsAndLoadBean(t, &org_model.TeamUnit{

  73. 				OrgID:      apiOrg.ID,

  74. 				TeamID:     ownerTeam.ID,

  75. 				Type:       ut,

  76. 				AccessMode: up,

  77. 			})

  78. 		}

  79. 	})

  80. 

  81. 	t.Run("CheckMembers", func(t *testing.T) {

  82. 		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/members", org.UserName).AddTokenAuth(token)

  83. 		resp = MakeRequest(t, req, http.StatusOK)

  84. 

  85. 		// user1 on this org is public

  86. 		var users []*api.User

  87. 		DecodeJSON(t, resp, &users)

  88. 		assert.Len(t, users, 1)

  89. 		assert.Equal(t, "user1", users[0].UserName)

  90. 	})

  91. 

  92. 	t.Run("RenameOrg", func(t *testing.T) {

  93. 		req = NewRequestWithJSON(t, "POST", "/api/v1/orgs/user1_org/rename", &api.RenameOrgOption{

  94. 			NewName: "renamed_org",

  95. 		}).AddTokenAuth(token)

  96. 		MakeRequest(t, req, http.StatusNoContent)

  97. 		unittest.AssertExistsAndLoadBean(t, &org_model.Organization{Name: "renamed_org"})

  98. 		org.UserName = "renamed_org" // update the variable so the following tests could still use it

  99. 	})

  100. 

  101. 	t.Run("ListRepos", func(t *testing.T) {

  102. 		// FIXME: this test is wrong, there is no repository at all, so the for-loop is empty

  103. 		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/repos", org.UserName).AddTokenAuth(token)

  104. 		resp = MakeRequest(t, req, http.StatusOK)

  105. 		var repos []*api.Repository

  106. 		DecodeJSON(t, resp, &repos)

  107. 		for _, repo := range repos {

  108. 			assert.False(t, repo.Private)

  109. 		}

  110. 	})

  111. }

  112. 

  113. func TestAPIOrgGeneral(t *testing.T) {

  114. 	defer tests.PrepareTestEnv(t)()

  115. 	user1Session := loginUser(t, "user1")

  116. 	user1Token := getTokenForLoggedInUser(t, user1Session, auth_model.AccessTokenScopeWriteOrganization)

  117. 

  118. 	t.Run("OrgGetAll", func(t *testing.T) {

  119. 		// accessing with a token will return all orgs

  120. 		req := NewRequest(t, "GET", "/api/v1/orgs").AddTokenAuth(user1Token)

  121. 		resp := MakeRequest(t, req, http.StatusOK)

  122. 		var apiOrgList []*api.Organization

  123. 

  124. 		DecodeJSON(t, resp, &apiOrgList)

  125. 		assert.Len(t, apiOrgList, 13)

  126. 		assert.Equal(t, "Limited Org 36", apiOrgList[1].FullName)

  127. 		assert.Equal(t, "limited", apiOrgList[1].Visibility)

  128. 

  129. 		// accessing without a token will return only public orgs

  130. 		req = NewRequest(t, "GET", "/api/v1/orgs")

  131. 		resp = MakeRequest(t, req, http.StatusOK)

  132. 

  133. 		DecodeJSON(t, resp, &apiOrgList)

  134. 		assert.Len(t, apiOrgList, 9)

  135. 		assert.Equal(t, "org 17", apiOrgList[0].FullName)

  136. 		assert.Equal(t, "public", apiOrgList[0].Visibility)

  137. 	})

  138. 

  139. 	t.Run("OrgEdit", func(t *testing.T) {

  140. 		org := api.EditOrgOption{

  141. 			FullName:    "Org3 organization new full name",

  142. 			Description: "A new description",

  143. 			Website:     "https://try.gitea.io/new",

  144. 			Location:    "Beijing",

  145. 			Visibility:  "private",

  146. 		}

  147. 		req := NewRequestWithJSON(t, "PATCH", "/api/v1/orgs/org3", &org).AddTokenAuth(user1Token)

  148. 		resp := MakeRequest(t, req, http.StatusOK)

  149. 

  150. 		var apiOrg api.Organization

  151. 		DecodeJSON(t, resp, &apiOrg)

  152. 

  153. 		assert.Equal(t, "org3", apiOrg.Name)

  154. 		assert.Equal(t, org.FullName, apiOrg.FullName)

  155. 		assert.Equal(t, org.Description, apiOrg.Description)

  156. 		assert.Equal(t, org.Website, apiOrg.Website)

  157. 		assert.Equal(t, org.Location, apiOrg.Location)

  158. 		assert.Equal(t, org.Visibility, apiOrg.Visibility)

  159. 	})

  160. 

  161. 	t.Run("OrgEditBadVisibility", func(t *testing.T) {

  162. 		org := api.EditOrgOption{

  163. 			FullName:    "Org3 organization new full name",

  164. 			Description: "A new description",

  165. 			Website:     "https://try.gitea.io/new",

  166. 			Location:    "Beijing",

  167. 			Visibility:  "badvisibility",

  168. 		}

  169. 		req := NewRequestWithJSON(t, "PATCH", "/api/v1/orgs/org3", &org).AddTokenAuth(user1Token)

  170. 		MakeRequest(t, req, http.StatusUnprocessableEntity)

  171. 	})

  172. 

  173. 	t.Run("OrgDeny", func(t *testing.T) {

  174. 		defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()

  175. 

  176. 		orgName := "user1_org"

  177. 		req := NewRequestf(t, "GET", "/api/v1/orgs/%s", orgName)

  178. 		MakeRequest(t, req, http.StatusNotFound)

  179. 

  180. 		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/repos", orgName)

  181. 		MakeRequest(t, req, http.StatusNotFound)

  182. 

  183. 		req = NewRequestf(t, "GET", "/api/v1/orgs/%s/members", orgName)

  184. 		MakeRequest(t, req, http.StatusNotFound)

  185. 	})

  186. 

  187. 	t.Run("OrgSearchEmptyTeam", func(t *testing.T) {

  188. 		orgName := "org_with_empty_team"

  189. 		// create org

  190. 		req := NewRequestWithJSON(t, "POST", "/api/v1/orgs", &api.CreateOrgOption{

  191. 			UserName: orgName,

  192. 		}).AddTokenAuth(user1Token)

  193. 		MakeRequest(t, req, http.StatusCreated)

  194. 

  195. 		// create team with no member

  196. 		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams", orgName), &api.CreateTeamOption{

  197. 			Name:                    "Empty",

  198. 			IncludesAllRepositories: true,

  199. 			Permission:              "read",

  200. 			Units:                   []string{"repo.code", "repo.issues", "repo.ext_issues", "repo.wiki", "repo.pulls"},

  201. 		}).AddTokenAuth(user1Token)

  202. 		MakeRequest(t, req, http.StatusCreated)

  203. 

  204. 		// case-insensitive search for teams that have no members

  205. 		req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/%s/teams/search?q=%s", orgName, "empty")).

  206. 			AddTokenAuth(user1Token)

  207. 		resp := MakeRequest(t, req, http.StatusOK)

  208. 		data := struct {

  209. 			Ok   bool

  210. 			Data []*api.Team

  211. 		}{}

  212. 		DecodeJSON(t, resp, &data)

  213. 		assert.True(t, data.Ok)

  214. 		if assert.Len(t, data.Data, 1) {

  215. 			assert.Equal(t, "Empty", data.Data[0].Name)

  216. 		}

  217. 	})

  218. 

  219. 	t.Run("User2ChangeStatus", func(t *testing.T) {

  220. 		user2Session := loginUser(t, "user2")

  221. 		user2Token := getTokenForLoggedInUser(t, user2Session, auth_model.AccessTokenScopeWriteOrganization)

  222. 

  223. 		req := NewRequest(t, "PUT", "/api/v1/orgs/org3/public_members/user2").AddTokenAuth(user2Token)

  224. 		MakeRequest(t, req, http.StatusNoContent)

  225. 		req = NewRequest(t, "DELETE", "/api/v1/orgs/org3/public_members/user2").AddTokenAuth(user2Token)

  226. 		MakeRequest(t, req, http.StatusNoContent)

  227. 

  228. 		// non admin but org owner could also change other member's status

  229. 		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"})

  230. 		require.False(t, user2.IsAdmin)

  231. 		req = NewRequest(t, "PUT", "/api/v1/orgs/org3/public_members/user1").AddTokenAuth(user2Token)

  232. 		MakeRequest(t, req, http.StatusNoContent)

  233. 		req = NewRequest(t, "DELETE", "/api/v1/orgs/org3/public_members/user1").AddTokenAuth(user2Token)

  234. 		MakeRequest(t, req, http.StatusNoContent)

  235. 	})

  236. 

  237. 	t.Run("User4ChangeStatus", func(t *testing.T) {

  238. 		user4Session := loginUser(t, "user4")

  239. 		user4Token := getTokenForLoggedInUser(t, user4Session, auth_model.AccessTokenScopeWriteOrganization)

  240. 

  241. 		// user4 is a normal team member, they could change their own status

  242. 		req := NewRequest(t, "PUT", "/api/v1/orgs/org3/public_members/user4").AddTokenAuth(user4Token)

  243. 		MakeRequest(t, req, http.StatusNoContent)

  244. 		req = NewRequest(t, "DELETE", "/api/v1/orgs/org3/public_members/user4").AddTokenAuth(user4Token)

  245. 		MakeRequest(t, req, http.StatusNoContent)

  246. 		req = NewRequest(t, "PUT", "/api/v1/orgs/org3/public_members/user1").AddTokenAuth(user4Token)

  247. 		MakeRequest(t, req, http.StatusForbidden)

  248. 		req = NewRequest(t, "DELETE", "/api/v1/orgs/org3/public_members/user1").AddTokenAuth(user4Token)

  249. 		MakeRequest(t, req, http.StatusForbidden)

  250. 	})

  251. }