afan
/
gitea
關註 1
收藏 0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
gitea源码
3 Commit
2 分支
分支: master
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
gitea/tests/integration/user_test.go

user_test.go 10KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"net/http"

  8. 	"strings"

  9. 	"testing"

  10. 

  11. 	auth_model "code.gitea.io/gitea/models/auth"

  12. 	issues_model "code.gitea.io/gitea/models/issues"

  13. 	repo_model "code.gitea.io/gitea/models/repo"

  14. 	"code.gitea.io/gitea/models/unittest"

  15. 	user_model "code.gitea.io/gitea/models/user"

  16. 	"code.gitea.io/gitea/modules/setting"

  17. 	api "code.gitea.io/gitea/modules/structs"

  18. 	"code.gitea.io/gitea/modules/test"

  19. 	"code.gitea.io/gitea/modules/translation"

  20. 	"code.gitea.io/gitea/tests"

  21. 

  22. 	"github.com/stretchr/testify/assert"

  23. )

  24. 

  25. func TestViewUser(t *testing.T) {

  26. 	defer tests.PrepareTestEnv(t)()

  27. 

  28. 	req := NewRequest(t, "GET", "/user2")

  29. 	MakeRequest(t, req, http.StatusOK)

  30. }

  31. 

  32. func TestRenameUsername(t *testing.T) {

  33. 	defer tests.PrepareTestEnv(t)()

  34. 

  35. 	session := loginUser(t, "user2")

  36. 	req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{

  37. 		"_csrf":    GetUserCSRFToken(t, session),

  38. 		"name":     "newUsername",

  39. 		"email":    "user2@example.com",

  40. 		"language": "en-US",

  41. 	})

  42. 	session.MakeRequest(t, req, http.StatusSeeOther)

  43. 

  44. 	unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "newUsername"})

  45. 	unittest.AssertNotExistsBean(t, &user_model.User{Name: "user2"})

  46. }

  47. 

  48. func TestRenameInvalidUsername(t *testing.T) {

  49. 	defer tests.PrepareTestEnv(t)()

  50. 

  51. 	invalidUsernames := []string{

  52. 		"%2f*",

  53. 		"%2f.",

  54. 		"%2f..",

  55. 		"%00",

  56. 		"thisHas ASpace",

  57. 		"p<A>tho>lo<gical",

  58. 		".",

  59. 		"..",

  60. 		".well-known",

  61. 		".abc",

  62. 		"abc.",

  63. 		"a..bc",

  64. 		"a...bc",

  65. 		"a.-bc",

  66. 		"a._bc",

  67. 		"a_-bc",

  68. 		"a/bc",

  69. 		"☁️",

  70. 		"-",

  71. 		"--diff",

  72. 		"-im-here",

  73. 		"a space",

  74. 	}

  75. 

  76. 	session := loginUser(t, "user2")

  77. 	for _, invalidUsername := range invalidUsernames {

  78. 		t.Logf("Testing username %s", invalidUsername)

  79. 

  80. 		req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{

  81. 			"_csrf": GetUserCSRFToken(t, session),

  82. 			"name":  invalidUsername,

  83. 			"email": "user2@example.com",

  84. 		})

  85. 		resp := session.MakeRequest(t, req, http.StatusOK)

  86. 		htmlDoc := NewHTMLParser(t, resp.Body)

  87. 		assert.Contains(t,

  88. 			htmlDoc.doc.Find(".ui.negative.message").Text(),

  89. 			translation.NewLocale("en-US").TrString("form.username_error"),

  90. 		)

  91. 

  92. 		unittest.AssertNotExistsBean(t, &user_model.User{Name: invalidUsername})

  93. 	}

  94. }

  95. 

  96. func TestRenameReservedUsername(t *testing.T) {

  97. 	defer tests.PrepareTestEnv(t)()

  98. 

  99. 	reservedUsernames := []string{

  100. 		// ".", "..", ".well-known", // The names are not only reserved but also invalid

  101. 		"api",

  102. 		"name.keys",

  103. 	}

  104. 

  105. 	session := loginUser(t, "user2")

  106. 	locale := translation.NewLocale("en-US")

  107. 	for _, reservedUsername := range reservedUsernames {

  108. 		req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{

  109. 			"_csrf":    GetUserCSRFToken(t, session),

  110. 			"name":     reservedUsername,

  111. 			"email":    "user2@example.com",

  112. 			"language": "en-US",

  113. 		})

  114. 		resp := session.MakeRequest(t, req, http.StatusSeeOther)

  115. 

  116. 		req = NewRequest(t, "GET", test.RedirectURL(resp))

  117. 		resp = session.MakeRequest(t, req, http.StatusOK)

  118. 		htmlDoc := NewHTMLParser(t, resp.Body)

  119. 		actualMsg := strings.TrimSpace(htmlDoc.doc.Find(".ui.negative.message").Text())

  120. 		expectedMsg := locale.TrString("user.form.name_reserved", reservedUsername)

  121. 		if strings.Contains(reservedUsername, ".") {

  122. 			expectedMsg = locale.TrString("user.form.name_pattern_not_allowed", reservedUsername)

  123. 		}

  124. 		assert.Equal(t, expectedMsg, actualMsg)

  125. 		unittest.AssertNotExistsBean(t, &user_model.User{Name: reservedUsername})

  126. 	}

  127. }

  128. 

  129. func TestExportUserGPGKeys(t *testing.T) {

  130. 	defer tests.PrepareTestEnv(t)()

  131. 	// Export empty key list

  132. 	testExportUserGPGKeys(t, "user1", `-----BEGIN PGP PUBLIC KEY BLOCK-----

  133. Note: This user hasn't uploaded any GPG keys.

  134. 

  135. 

  136. =twTO

  137. -----END PGP PUBLIC KEY BLOCK-----`)

  138. 	// Import key

  139. 	// User1 <user1@example.com>

  140. 	session := loginUser(t, "user1")

  141. 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteUser)

  142. 	testCreateGPGKey(t, session.MakeRequest, token, http.StatusCreated, `-----BEGIN PGP PUBLIC KEY BLOCK-----

  143. 

  144. mQENBFyy/VUBCADJ7zbM20Z1RWmFoVgp5WkQfI2rU1Vj9cQHes9i42wVLLtcbPeo

  145. QzubgzvMPITDy7nfWxgSf83E23DoHQ1ACFbQh/6eFSRrjsusp3YQ/08NSfPPbcu8

  146. 0M5G+VGwSfzS5uEcwBVQmHyKdcOZIERTNMtYZx1C3bjLD1XVJHvWz9D72Uq4qeO3

  147. 8SR+lzp5n6ppUakcmRnxt3nGRBj1+hEGkdgzyPo93iy+WioegY2lwCA9xMEo5dah

  148. BmYxWx51zyiXYlReTaxlyb3/nuSUt8IcW3Q8zjdtJj4Nu8U1SpV8EdaA1I9IPbHW

  149. 510OSLmD3XhqHH5m6mIxL1YoWxk3V7gpDROtABEBAAG0GVVzZXIxIDx1c2VyMUBl

  150. eGFtcGxlLmNvbT6JAU4EEwEIADgWIQTQEbrYxmXsp1z3j7z9+v0I6RSEHwUCXLL9

  151. VQIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRD9+v0I6RSEH22YCACFqL5+

  152. 6M0m18AMC/pumcpnnmvAS1GrrKTF8nOROA1augZwp1WCNuKw2R6uOJIHANrYECSn

  153. u7+j6GBP2gbIW8mSAzS6HWCs7GGiPpVtT4wcu8wljUI6BxjpyZtoEkriyBjt6HfK

  154. rkegbkuySoJvjq4IcO5D1LB1JWgsUjMYQJj/ZpBIzVtjG9QtFSOiT1Hct4PoZHdC

  155. nsdSgyCkwRZXG+u3kT/wP9F663ba4o16vYlz3dCGo66lF2tyoG3qcyZ1OUzUrnuv

  156. 96ytAzT6XIhrE0nVoBprMxFF5zExotJD3bHjcGBFNLf944bhjKee3U6t9+OsfJVC

  157. l7N5xxIawCuTQdbfuQENBFyy/VUBCADe61yGEoTwKfsOKIhxLaNoRmD883O0tiWt

  158. soO/HPj9dPQLTOiwXgSgSCd8C+LNxGKct87wgFozpah4tDLC6c0nALuHJ0SLbkfz

  159. 55aRhLeOOcrAydatDp72GroXzqpZ0xZBk5wjIWdgEol2GmVRM8QGbeuakU/HVz5y

  160. lPzxUUocgdbSi3GE3zbzijQzVJdyL/kw/KP7pKT/PPKKJ2C5NQDLy0XGKEHddXGR

  161. EWKkVlRalxq/TjfaMR0bi3MpezBsQmp99ATPO/d7trayZUxQHRtXzGFiOXfDHATr

  162. qN730sODjqvU+mpc/SHCRwh9qWDjZRHSuKU5YDBjb5jIQJivZsQ/ABEBAAGJATYE

  163. GAEIACAWIQTQEbrYxmXsp1z3j7z9+v0I6RSEHwUCXLL9VQIbDAAKCRD9+v0I6RSE

  164. H7WoB/4tXl+97rQ6owPCGSVp1Xbwt2521V7COgsOFRVTRTryEWxRW8mm0S7wQvax

  165. C0TLXKur6NVYQMn01iyL+FZzRpEWNuYF3f9QeeLJ/+l2DafESNhNTy17+RPmacK6

  166. 21dccpqchByVw/UMDeHSyjQLiG2lxzt8Gfx2gHmSbrq3aWovTGyz6JTffZvfy/n2

  167. 0Hm437OBPazO0gZyXhdV2PE5RSUfvAgm44235tcV5EV0d32TJDfv61+Vr2GUbah6

  168. 7XhJ1v6JYuh8kaYaEz8OpZDeh7f6Ho6PzJrsy/TKTKhGgZNINj1iaPFyOkQgKR5M

  169. GrE0MHOxUbc9tbtyk0F1SuzREUBH

  170. =DDXw

  171. -----END PGP PUBLIC KEY BLOCK-----`)

  172. 	// Export new key

  173. 	testExportUserGPGKeys(t, "user1", `-----BEGIN PGP PUBLIC KEY BLOCK-----

  174. 

  175. xsBNBFyy/VUBCADJ7zbM20Z1RWmFoVgp5WkQfI2rU1Vj9cQHes9i42wVLLtcbPeo

  176. QzubgzvMPITDy7nfWxgSf83E23DoHQ1ACFbQh/6eFSRrjsusp3YQ/08NSfPPbcu8

  177. 0M5G+VGwSfzS5uEcwBVQmHyKdcOZIERTNMtYZx1C3bjLD1XVJHvWz9D72Uq4qeO3

  178. 8SR+lzp5n6ppUakcmRnxt3nGRBj1+hEGkdgzyPo93iy+WioegY2lwCA9xMEo5dah

  179. BmYxWx51zyiXYlReTaxlyb3/nuSUt8IcW3Q8zjdtJj4Nu8U1SpV8EdaA1I9IPbHW

  180. 510OSLmD3XhqHH5m6mIxL1YoWxk3V7gpDROtABEBAAHNGVVzZXIxIDx1c2VyMUBl

  181. eGFtcGxlLmNvbT7CwI4EEwEIADgWIQTQEbrYxmXsp1z3j7z9+v0I6RSEHwUCXLL9

  182. VQIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRD9+v0I6RSEH22YCACFqL5+

  183. 6M0m18AMC/pumcpnnmvAS1GrrKTF8nOROA1augZwp1WCNuKw2R6uOJIHANrYECSn

  184. u7+j6GBP2gbIW8mSAzS6HWCs7GGiPpVtT4wcu8wljUI6BxjpyZtoEkriyBjt6HfK

  185. rkegbkuySoJvjq4IcO5D1LB1JWgsUjMYQJj/ZpBIzVtjG9QtFSOiT1Hct4PoZHdC

  186. nsdSgyCkwRZXG+u3kT/wP9F663ba4o16vYlz3dCGo66lF2tyoG3qcyZ1OUzUrnuv

  187. 96ytAzT6XIhrE0nVoBprMxFF5zExotJD3bHjcGBFNLf944bhjKee3U6t9+OsfJVC

  188. l7N5xxIawCuTQdbfzsBNBFyy/VUBCADe61yGEoTwKfsOKIhxLaNoRmD883O0tiWt

  189. soO/HPj9dPQLTOiwXgSgSCd8C+LNxGKct87wgFozpah4tDLC6c0nALuHJ0SLbkfz

  190. 55aRhLeOOcrAydatDp72GroXzqpZ0xZBk5wjIWdgEol2GmVRM8QGbeuakU/HVz5y

  191. lPzxUUocgdbSi3GE3zbzijQzVJdyL/kw/KP7pKT/PPKKJ2C5NQDLy0XGKEHddXGR

  192. EWKkVlRalxq/TjfaMR0bi3MpezBsQmp99ATPO/d7trayZUxQHRtXzGFiOXfDHATr

  193. qN730sODjqvU+mpc/SHCRwh9qWDjZRHSuKU5YDBjb5jIQJivZsQ/ABEBAAHCwHYE

  194. GAEIACAWIQTQEbrYxmXsp1z3j7z9+v0I6RSEHwUCXLL9VQIbDAAKCRD9+v0I6RSE

  195. H7WoB/4tXl+97rQ6owPCGSVp1Xbwt2521V7COgsOFRVTRTryEWxRW8mm0S7wQvax

  196. C0TLXKur6NVYQMn01iyL+FZzRpEWNuYF3f9QeeLJ/+l2DafESNhNTy17+RPmacK6

  197. 21dccpqchByVw/UMDeHSyjQLiG2lxzt8Gfx2gHmSbrq3aWovTGyz6JTffZvfy/n2

  198. 0Hm437OBPazO0gZyXhdV2PE5RSUfvAgm44235tcV5EV0d32TJDfv61+Vr2GUbah6

  199. 7XhJ1v6JYuh8kaYaEz8OpZDeh7f6Ho6PzJrsy/TKTKhGgZNINj1iaPFyOkQgKR5M

  200. GrE0MHOxUbc9tbtyk0F1SuzREUBH

  201. =WFf5

  202. -----END PGP PUBLIC KEY BLOCK-----`)

  203. }

  204. 

  205. func testExportUserGPGKeys(t *testing.T, user, expected string) {

  206. 	session := loginUser(t, user)

  207. 	t.Logf("Testing username %s export gpg keys", user)

  208. 	req := NewRequest(t, "GET", "/"+user+".gpg")

  209. 	resp := session.MakeRequest(t, req, http.StatusOK)

  210. 	// t.Log(resp.Body.String())

  211. 	assert.Equal(t, expected, resp.Body.String())

  212. }

  213. 

  214. func TestGetUserRss(t *testing.T) {

  215. 	defer tests.PrepareTestEnv(t)()

  216. 

  217. 	user34 := "the_34-user.with.all.allowedChars"

  218. 	req := NewRequestf(t, "GET", "/%s.rss", user34)

  219. 	resp := MakeRequest(t, req, http.StatusOK)

  220. 	if assert.Equal(t, "application/rss+xml;charset=utf-8", resp.Header().Get("Content-Type")) {

  221. 		rssDoc := NewHTMLParser(t, resp.Body).Find("channel")

  222. 		title, _ := rssDoc.ChildrenFiltered("title").Html()

  223. 		assert.Equal(t, "Feed of &#34;the_1-user.with.all.allowedChars&#34;", title)

  224. 		description, _ := rssDoc.ChildrenFiltered("description").Html()

  225. 		assert.Equal(t, "&lt;p dir=&#34;auto&#34;&gt;some &lt;a href=&#34;https://commonmark.org/&#34; rel=&#34;nofollow&#34;&gt;commonmark&lt;/a&gt;!&lt;/p&gt;\n", description)

  226. 	}

  227. 

  228. 	req = NewRequestf(t, "GET", "/non-existent-user.rss")

  229. 	MakeRequest(t, req, http.StatusNotFound)

  230. 

  231. 	session := loginUser(t, "user2")

  232. 	req = NewRequestf(t, "GET", "/non-existent-user.rss")

  233. 	session.MakeRequest(t, req, http.StatusNotFound)

  234. }

  235. 

  236. func TestListStopWatches(t *testing.T) {

  237. 	defer tests.PrepareTestEnv(t)()

  238. 

  239. 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})

  240. 	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})

  241. 

  242. 	session := loginUser(t, owner.Name)

  243. 	req := NewRequest(t, "GET", "/user/stopwatches")

  244. 	resp := session.MakeRequest(t, req, http.StatusOK)

  245. 	var apiWatches []*api.StopWatch

  246. 	DecodeJSON(t, resp, &apiWatches)

  247. 	stopwatch := unittest.AssertExistsAndLoadBean(t, &issues_model.Stopwatch{UserID: owner.ID})

  248. 	issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: stopwatch.IssueID})

  249. 	if assert.Len(t, apiWatches, 1) {

  250. 		assert.Equal(t, stopwatch.CreatedUnix.AsTime().Unix(), apiWatches[0].Created.Unix())

  251. 		assert.Equal(t, issue.Index, apiWatches[0].IssueIndex)

  252. 		assert.Equal(t, issue.Title, apiWatches[0].IssueTitle)

  253. 		assert.Equal(t, repo.Name, apiWatches[0].RepoName)

  254. 		assert.Equal(t, repo.OwnerName, apiWatches[0].RepoOwnerName)

  255. 		assert.Positive(t, apiWatches[0].Seconds)

  256. 	}

  257. }

  258. 

  259. func TestUserLocationMapLink(t *testing.T) {

  260. 	defer tests.PrepareTestEnv(t)()

  261. 	defer test.MockVariableValue(&setting.Service.UserLocationMapURL, "https://example/foo/")()

  262. 

  263. 	session := loginUser(t, "user2")

  264. 	req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{

  265. 		"_csrf":    GetUserCSRFToken(t, session),

  266. 		"name":     "user2",

  267. 		"email":    "user@example.com",

  268. 		"language": "en-US",

  269. 		"location": "A/b",

  270. 	})

  271. 	session.MakeRequest(t, req, http.StatusSeeOther)

  272. 

  273. 	req = NewRequest(t, "GET", "/user2/")

  274. 	resp := session.MakeRequest(t, req, http.StatusOK)

  275. 	htmlDoc := NewHTMLParser(t, resp.Body)

  276. 	AssertHTMLElement(t, htmlDoc, `a[href="https://example/foo/A%2Fb"]`, true)

  277. }