afan
/
gitea
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
gitea源码
1 Commits
2 Branches
Struktur: 61128e8e94
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von '61128e8e94'
${ noResults }
gitea/tests/integration/api_branch_test.go

api_branch_test.go 13KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"net/http"

  8. 	"net/http/httptest"

  9. 	"net/url"

  10. 	"testing"

  11. 

  12. 	auth_model "code.gitea.io/gitea/models/auth"

  13. 	"code.gitea.io/gitea/models/db"

  14. 	git_model "code.gitea.io/gitea/models/git"

  15. 	api "code.gitea.io/gitea/modules/structs"

  16. 	"code.gitea.io/gitea/tests"

  17. 

  18. 	"github.com/stretchr/testify/assert"

  19. )

  20. 

  21. func testAPIGetBranch(t *testing.T, branchName string, exists bool) {

  22. 	token := getUserToken(t, "user2", auth_model.AccessTokenScopeReadRepository)

  23. 	req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branches/%s", branchName).

  24. 		AddTokenAuth(token)

  25. 	resp := MakeRequest(t, req, NoExpectedStatus)

  26. 	if !exists {

  27. 		assert.Equal(t, http.StatusNotFound, resp.Code)

  28. 		return

  29. 	}

  30. 	assert.Equal(t, http.StatusOK, resp.Code)

  31. 	var branch api.Branch

  32. 	DecodeJSON(t, resp, &branch)

  33. 	assert.Equal(t, branchName, branch.Name)

  34. 	assert.True(t, branch.UserCanPush)

  35. 	assert.True(t, branch.UserCanMerge)

  36. }

  37. 

  38. func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPStatus int) *api.BranchProtection {

  39. 	token := getUserToken(t, "user2", auth_model.AccessTokenScopeReadRepository)

  40. 	req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branch_protections/%s", branchName).

  41. 		AddTokenAuth(token)

  42. 	resp := MakeRequest(t, req, expectedHTTPStatus)

  43. 

  44. 	if resp.Code == http.StatusOK {

  45. 		var branchProtection api.BranchProtection

  46. 		DecodeJSON(t, resp, &branchProtection)

  47. 		assert.Equal(t, branchName, branchProtection.RuleName)

  48. 		return &branchProtection

  49. 	}

  50. 	return nil

  51. }

  52. 

  53. func testAPICreateBranchProtection(t *testing.T, branchName string, expectedPriority, expectedHTTPStatus int) {

  54. 	token := getUserToken(t, "user2", auth_model.AccessTokenScopeWriteRepository)

  55. 	req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/branch_protections", &api.BranchProtection{

  56. 		RuleName: branchName,

  57. 	}).AddTokenAuth(token)

  58. 	resp := MakeRequest(t, req, expectedHTTPStatus)

  59. 

  60. 	if resp.Code == http.StatusCreated {

  61. 		var branchProtection api.BranchProtection

  62. 		DecodeJSON(t, resp, &branchProtection)

  63. 		assert.Equal(t, branchName, branchProtection.RuleName)

  64. 		assert.EqualValues(t, expectedPriority, branchProtection.Priority)

  65. 	}

  66. }

  67. 

  68. func testAPIEditBranchProtection(t *testing.T, branchName string, body *api.BranchProtection, expectedHTTPStatus int) {

  69. 	token := getUserToken(t, "user2", auth_model.AccessTokenScopeWriteRepository)

  70. 	req := NewRequestWithJSON(t, "PATCH", "/api/v1/repos/user2/repo1/branch_protections/"+branchName, body).

  71. 		AddTokenAuth(token)

  72. 	resp := MakeRequest(t, req, expectedHTTPStatus)

  73. 

  74. 	if resp.Code == http.StatusOK {

  75. 		var branchProtection api.BranchProtection

  76. 		DecodeJSON(t, resp, &branchProtection)

  77. 		assert.Equal(t, branchName, branchProtection.RuleName)

  78. 	}

  79. }

  80. 

  81. func testAPIDeleteBranchProtection(t *testing.T, branchName string, expectedHTTPStatus int) {

  82. 	token := getUserToken(t, "user2", auth_model.AccessTokenScopeWriteRepository)

  83. 	req := NewRequestf(t, "DELETE", "/api/v1/repos/user2/repo1/branch_protections/%s", branchName).

  84. 		AddTokenAuth(token)

  85. 	MakeRequest(t, req, expectedHTTPStatus)

  86. }

  87. 

  88. func testAPIDeleteBranch(t *testing.T, branchName string, expectedHTTPStatus int) {

  89. 	token := getUserToken(t, "user2", auth_model.AccessTokenScopeWriteRepository)

  90. 	req := NewRequestf(t, "DELETE", "/api/v1/repos/user2/repo1/branches/%s", branchName).

  91. 		AddTokenAuth(token)

  92. 	MakeRequest(t, req, expectedHTTPStatus)

  93. }

  94. 

  95. func TestAPIGetBranch(t *testing.T) {

  96. 	defer tests.PrepareTestEnv(t)()

  97. 	for _, test := range []struct {

  98. 		BranchName string

  99. 		Exists     bool

  100. 	}{

  101. 		{"master", true},

  102. 		{"master/doesnotexist", false},

  103. 		{"feature/1", true},

  104. 		{"feature/1/doesnotexist", false},

  105. 	} {

  106. 		testAPIGetBranch(t, test.BranchName, test.Exists)

  107. 	}

  108. }

  109. 

  110. func TestAPICreateBranch(t *testing.T) {

  111. 	onGiteaRun(t, testAPICreateBranches)

  112. }

  113. 

  114. func testAPICreateBranches(t *testing.T, giteaURL *url.URL) {

  115. 	username := "user2"

  116. 	ctx := NewAPITestContext(t, username, "my-noo-repo", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)

  117. 	giteaURL.Path = ctx.GitPath()

  118. 

  119. 	t.Run("CreateRepo", doAPICreateRepository(ctx, false))

  120. 	testCases := []struct {

  121. 		OldBranch          string

  122. 		NewBranch          string

  123. 		ExpectedHTTPStatus int

  124. 	}{

  125. 		// Creating branch from default branch

  126. 		{

  127. 			OldBranch:          "",

  128. 			NewBranch:          "new_branch_from_default_branch",

  129. 			ExpectedHTTPStatus: http.StatusCreated,

  130. 		},

  131. 		// Creating branch from master

  132. 		{

  133. 			OldBranch:          "master",

  134. 			NewBranch:          "new_branch_from_master_1",

  135. 			ExpectedHTTPStatus: http.StatusCreated,

  136. 		},

  137. 		// Trying to create from master but already exists

  138. 		{

  139. 			OldBranch:          "master",

  140. 			NewBranch:          "new_branch_from_master_1",

  141. 			ExpectedHTTPStatus: http.StatusConflict,

  142. 		},

  143. 		// Trying to create from other branch (not default branch)

  144. 		// ps: it can't test the case-sensitive behavior here: the "BRANCH_2" can't be created by git on a case-insensitive filesystem, it makes the test fail quickly before the database code.

  145. 		// Suppose some users are running Gitea on a case-insensitive filesystem, it seems that it's unable to support case-sensitive branch names.

  146. 		{

  147. 			OldBranch:          "new_branch_from_master_1",

  148. 			NewBranch:          "branch_2",

  149. 			ExpectedHTTPStatus: http.StatusCreated,

  150. 		},

  151. 		// Trying to create from a branch which does not exist

  152. 		{

  153. 			OldBranch:          "does_not_exist",

  154. 			NewBranch:          "new_branch_from_non_existent",

  155. 			ExpectedHTTPStatus: http.StatusNotFound,

  156. 		},

  157. 		// Trying to create a branch with UTF8

  158. 		{

  159. 			OldBranch:          "master",

  160. 			NewBranch:          "test-👀",

  161. 			ExpectedHTTPStatus: http.StatusCreated,

  162. 		},

  163. 	}

  164. 	for _, test := range testCases {

  165. 		session := ctx.Session

  166. 		t.Run(test.NewBranch, func(t *testing.T) {

  167. 			testAPICreateBranch(t, session, "user2", "my-noo-repo", test.OldBranch, test.NewBranch, test.ExpectedHTTPStatus)

  168. 		})

  169. 	}

  170. }

  171. 

  172. func testAPICreateBranch(t testing.TB, session *TestSession, user, repo, oldBranch, newBranch string, status int) bool {

  173. 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)

  174. 	req := NewRequestWithJSON(t, "POST", "/api/v1/repos/"+user+"/"+repo+"/branches", &api.CreateBranchRepoOption{

  175. 		BranchName:    newBranch,

  176. 		OldBranchName: oldBranch,

  177. 	}).AddTokenAuth(token)

  178. 	resp := MakeRequest(t, req, status)

  179. 

  180. 	var branch api.Branch

  181. 	DecodeJSON(t, resp, &branch)

  182. 

  183. 	if resp.Result().StatusCode == http.StatusCreated {

  184. 		assert.Equal(t, newBranch, branch.Name)

  185. 	}

  186. 

  187. 	return resp.Result().StatusCode == status

  188. }

  189. 

  190. func TestAPIRenameBranch(t *testing.T) {

  191. 	onGiteaRun(t, func(t *testing.T, _ *url.URL) {

  192. 		t.Run("RenameBranchWithEmptyRepo", func(t *testing.T) {

  193. 			testAPIRenameBranch(t, "user10", "user10", "repo6", "master", "test", http.StatusNotFound)

  194. 		})

  195. 		t.Run("RenameBranchWithSameBranchNames", func(t *testing.T) {

  196. 			resp := testAPIRenameBranch(t, "user2", "user2", "repo1", "master", "master", http.StatusUnprocessableEntity)

  197. 			assert.Contains(t, resp.Body.String(), "Cannot rename a branch using the same name or rename to a branch that already exists.")

  198. 		})

  199. 		t.Run("RenameBranchThatAlreadyExists", func(t *testing.T) {

  200. 			resp := testAPIRenameBranch(t, "user2", "user2", "repo1", "master", "branch2", http.StatusUnprocessableEntity)

  201. 			assert.Contains(t, resp.Body.String(), "Cannot rename a branch using the same name or rename to a branch that already exists.")

  202. 		})

  203. 		t.Run("RenameBranchWithNonExistentBranch", func(t *testing.T) {

  204. 			resp := testAPIRenameBranch(t, "user2", "user2", "repo1", "i-dont-exist", "new-branch-name", http.StatusNotFound)

  205. 			assert.Contains(t, resp.Body.String(), "Branch doesn't exist.")

  206. 		})

  207. 		t.Run("RenameBranchWithNonAdminDoer", func(t *testing.T) {

  208. 			// don't allow default branch renaming

  209. 			resp := testAPIRenameBranch(t, "user40", "user2", "repo1", "master", "new-branch-name", http.StatusForbidden)

  210. 			assert.Contains(t, resp.Body.String(), "User must be a repo or site admin to rename default or protected branches.")

  211. 

  212. 			// don't allow protected branch renaming

  213. 			token := getUserToken(t, "user2", auth_model.AccessTokenScopeWriteRepository)

  214. 			req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/branches", &api.CreateBranchRepoOption{

  215. 				BranchName: "protected-branch",

  216. 			}).AddTokenAuth(token)

  217. 			MakeRequest(t, req, http.StatusCreated)

  218. 			testAPICreateBranchProtection(t, "protected-branch", 1, http.StatusCreated)

  219. 			resp = testAPIRenameBranch(t, "user40", "user2", "repo1", "protected-branch", "new-branch-name", http.StatusForbidden)

  220. 			assert.Contains(t, resp.Body.String(), "User must be a repo or site admin to rename default or protected branches.")

  221. 		})

  222. 		t.Run("RenameBranchWithGlobedBasedProtectionRulesAndAdminAccess", func(t *testing.T) {

  223. 			// don't allow branch that falls under glob-based protection rules to be renamed

  224. 			token := getUserToken(t, "user2", auth_model.AccessTokenScopeWriteRepository)

  225. 			req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/branch_protections", &api.BranchProtection{

  226. 				RuleName:   "protected/**",

  227. 				EnablePush: true,

  228. 			}).AddTokenAuth(token)

  229. 			MakeRequest(t, req, http.StatusCreated)

  230. 

  231. 			from := "protected/1"

  232. 			req = NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/branches", &api.CreateBranchRepoOption{

  233. 				BranchName: from,

  234. 			}).AddTokenAuth(token)

  235. 			MakeRequest(t, req, http.StatusCreated)

  236. 

  237. 			resp := testAPIRenameBranch(t, "user2", "user2", "repo1", from, "new-branch-name", http.StatusForbidden)

  238. 			assert.Contains(t, resp.Body.String(), "Branch is protected by glob-based protection rules.")

  239. 		})

  240. 		t.Run("RenameBranchNormalScenario", func(t *testing.T) {

  241. 			testAPIRenameBranch(t, "user2", "user2", "repo1", "branch2", "new-branch-name", http.StatusNoContent)

  242. 		})

  243. 	})

  244. }

  245. 

  246. func testAPIRenameBranch(t *testing.T, doerName, ownerName, repoName, from, to string, expectedHTTPStatus int) *httptest.ResponseRecorder {

  247. 	token := getUserToken(t, doerName, auth_model.AccessTokenScopeWriteRepository)

  248. 	req := NewRequestWithJSON(t, "PATCH", "api/v1/repos/"+ownerName+"/"+repoName+"/branches/"+from, &api.RenameBranchRepoOption{

  249. 		Name: to,

  250. 	}).AddTokenAuth(token)

  251. 	return MakeRequest(t, req, expectedHTTPStatus)

  252. }

  253. 

  254. func TestAPIBranchProtection(t *testing.T) {

  255. 	defer tests.PrepareTestEnv(t)()

  256. 

  257. 	// Branch protection  on branch that not exist

  258. 	testAPICreateBranchProtection(t, "master/doesnotexist", 1, http.StatusCreated)

  259. 	// Get branch protection on branch that exist but not branch protection

  260. 	testAPIGetBranchProtection(t, "master", http.StatusNotFound)

  261. 

  262. 	testAPICreateBranchProtection(t, "master", 2, http.StatusCreated)

  263. 	// Can only create once

  264. 	testAPICreateBranchProtection(t, "master", 0, http.StatusForbidden)

  265. 

  266. 	// Can't delete a protected branch

  267. 	testAPIDeleteBranch(t, "master", http.StatusForbidden)

  268. 

  269. 	testAPIGetBranchProtection(t, "master", http.StatusOK)

  270. 	testAPIEditBranchProtection(t, "master", &api.BranchProtection{

  271. 		EnablePush: true,

  272. 	}, http.StatusOK)

  273. 

  274. 	// enable status checks, require the "test1" check to pass

  275. 	testAPIEditBranchProtection(t, "master", &api.BranchProtection{

  276. 		EnableStatusCheck:   true,

  277. 		StatusCheckContexts: []string{"test1"},

  278. 	}, http.StatusOK)

  279. 	bp := testAPIGetBranchProtection(t, "master", http.StatusOK)

  280. 	assert.True(t, bp.EnableStatusCheck)

  281. 	assert.Equal(t, []string{"test1"}, bp.StatusCheckContexts)

  282. 

  283. 	// disable status checks, clear the list of required checks

  284. 	testAPIEditBranchProtection(t, "master", &api.BranchProtection{

  285. 		EnableStatusCheck:   false,

  286. 		StatusCheckContexts: []string{},

  287. 	}, http.StatusOK)

  288. 	bp = testAPIGetBranchProtection(t, "master", http.StatusOK)

  289. 	assert.False(t, bp.EnableStatusCheck)

  290. 	assert.Equal(t, []string{}, bp.StatusCheckContexts)

  291. 

  292. 	testAPIDeleteBranchProtection(t, "master", http.StatusNoContent)

  293. 

  294. 	// Test branch deletion

  295. 	testAPIDeleteBranch(t, "master", http.StatusForbidden)

  296. 	testAPIDeleteBranch(t, "branch2", http.StatusNoContent)

  297. }

  298. 

  299. func TestAPICreateBranchWithSyncBranches(t *testing.T) {

  300. 	defer tests.PrepareTestEnv(t)()

  301. 

  302. 	branches, err := db.Find[git_model.Branch](t.Context(), git_model.FindBranchOptions{

  303. 		RepoID: 1,

  304. 	})

  305. 	assert.NoError(t, err)

  306. 	assert.Len(t, branches, 6)

  307. 

  308. 	// make a broke repository with no branch on database

  309. 	_, err = db.DeleteByBean(t.Context(), git_model.Branch{RepoID: 1})

  310. 	assert.NoError(t, err)

  311. 

  312. 	onGiteaRun(t, func(t *testing.T, giteaURL *url.URL) {

  313. 		ctx := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser)

  314. 		giteaURL.Path = ctx.GitPath()

  315. 

  316. 		testAPICreateBranch(t, ctx.Session, "user2", "repo1", "", "new_branch", http.StatusCreated)

  317. 	})

  318. 

  319. 	branches, err = db.Find[git_model.Branch](t.Context(), git_model.FindBranchOptions{

  320. 		RepoID: 1,

  321. 	})

  322. 	assert.NoError(t, err)

  323. 	assert.Len(t, branches, 7)

  324. 

  325. 	branches, err = db.Find[git_model.Branch](t.Context(), git_model.FindBranchOptions{

  326. 		RepoID:  1,

  327. 		Keyword: "new_branch",

  328. 	})

  329. 	assert.NoError(t, err)

  330. 	assert.Len(t, branches, 1)

  331. }