afan
/
gitea
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
gitea源码
1 коммит
2 веток
Дерево: 61128e8e94
веток Теги
${ item.name }
Создать ветку ${ searchTerm }
из '61128e8e94'
${ noResults }
gitea/tests/integration/api_user_orgs_test.go

api_user_orgs_test.go 4.4KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 
  1. // Copyright 2018 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"testing"

  10. 

  11. 	auth_model "code.gitea.io/gitea/models/auth"

  12. 	"code.gitea.io/gitea/models/unittest"

  13. 	user_model "code.gitea.io/gitea/models/user"

  14. 	api "code.gitea.io/gitea/modules/structs"

  15. 	"code.gitea.io/gitea/tests"

  16. 

  17. 	"github.com/stretchr/testify/assert"

  18. )

  19. 

  20. func TestUserOrgs(t *testing.T) {

  21. 	defer tests.PrepareTestEnv(t)()

  22. 	adminUsername := "user1"

  23. 	normalUsername := "user2"

  24. 	privateMemberUsername := "user4"

  25. 	unrelatedUsername := "user5"

  26. 

  27. 	orgs := getUserOrgs(t, adminUsername, normalUsername)

  28. 

  29. 	org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org3"})

  30. 	org17 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org17"})

  31. 	org35 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "private_org35"})

  32. 

  33. 	assert.Equal(t, []*api.Organization{

  34. 		{

  35. 			ID:          17,

  36. 			Name:        org17.Name,

  37. 			UserName:    org17.Name,

  38. 			FullName:    org17.FullName,

  39. 			Email:       org17.Email,

  40. 			AvatarURL:   org17.AvatarLink(t.Context()),

  41. 			Description: "",

  42. 			Website:     "",

  43. 			Location:    "",

  44. 			Visibility:  "public",

  45. 		},

  46. 		{

  47. 			ID:          3,

  48. 			Name:        org3.Name,

  49. 			UserName:    org3.Name,

  50. 			FullName:    org3.FullName,

  51. 			Email:       org3.Email,

  52. 			AvatarURL:   org3.AvatarLink(t.Context()),

  53. 			Description: "",

  54. 			Website:     "",

  55. 			Location:    "",

  56. 			Visibility:  "public",

  57. 		},

  58. 		{

  59. 			ID:          35,

  60. 			Name:        org35.Name,

  61. 			UserName:    org35.Name,

  62. 			FullName:    org35.FullName,

  63. 			Email:       org35.Email,

  64. 			AvatarURL:   org35.AvatarLink(t.Context()),

  65. 			Description: "",

  66. 			Website:     "",

  67. 			Location:    "",

  68. 			Visibility:  "private",

  69. 		},

  70. 	}, orgs)

  71. 

  72. 	// user itself should get it's org's he is a member of

  73. 	orgs = getUserOrgs(t, privateMemberUsername, privateMemberUsername)

  74. 	assert.Len(t, orgs, 1)

  75. 

  76. 	// unrelated user should not get private org membership of privateMemberUsername

  77. 	orgs = getUserOrgs(t, unrelatedUsername, privateMemberUsername)

  78. 	assert.Empty(t, orgs)

  79. 

  80. 	// not authenticated call should not be allowed

  81. 	testUserOrgsUnauthenticated(t, privateMemberUsername)

  82. }

  83. 

  84. func getUserOrgs(t *testing.T, userDoer, userCheck string) (orgs []*api.Organization) {

  85. 	token := ""

  86. 	if len(userDoer) != 0 {

  87. 		token = getUserToken(t, userDoer, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadUser)

  88. 	}

  89. 	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/%s/orgs", userCheck)).

  90. 		AddTokenAuth(token)

  91. 	resp := MakeRequest(t, req, http.StatusOK)

  92. 	DecodeJSON(t, resp, &orgs)

  93. 	return orgs

  94. }

  95. 

  96. func testUserOrgsUnauthenticated(t *testing.T, userCheck string) {

  97. 	session := emptyTestSession(t)

  98. 	req := NewRequestf(t, "GET", "/api/v1/users/%s/orgs", userCheck)

  99. 	session.MakeRequest(t, req, http.StatusUnauthorized)

  100. }

  101. 

  102. func TestMyOrgs(t *testing.T) {

  103. 	defer tests.PrepareTestEnv(t)()

  104. 

  105. 	req := NewRequest(t, "GET", "/api/v1/user/orgs")

  106. 	MakeRequest(t, req, http.StatusUnauthorized)

  107. 

  108. 	normalUsername := "user2"

  109. 	token := getUserToken(t, normalUsername, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadUser)

  110. 	req = NewRequest(t, "GET", "/api/v1/user/orgs").

  111. 		AddTokenAuth(token)

  112. 	resp := MakeRequest(t, req, http.StatusOK)

  113. 	var orgs []*api.Organization

  114. 	DecodeJSON(t, resp, &orgs)

  115. 	org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org3"})

  116. 	org17 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org17"})

  117. 	org35 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "private_org35"})

  118. 

  119. 	assert.Equal(t, []*api.Organization{

  120. 		{

  121. 			ID:          17,

  122. 			Name:        org17.Name,

  123. 			UserName:    org17.Name,

  124. 			FullName:    org17.FullName,

  125. 			Email:       org17.Email,

  126. 			AvatarURL:   org17.AvatarLink(t.Context()),

  127. 			Description: "",

  128. 			Website:     "",

  129. 			Location:    "",

  130. 			Visibility:  "public",

  131. 		},

  132. 		{

  133. 			ID:          3,

  134. 			Name:        org3.Name,

  135. 			UserName:    org3.Name,

  136. 			FullName:    org3.FullName,

  137. 			Email:       org3.Email,

  138. 			AvatarURL:   org3.AvatarLink(t.Context()),

  139. 			Description: "",

  140. 			Website:     "",

  141. 			Location:    "",

  142. 			Visibility:  "public",

  143. 		},

  144. 		{

  145. 			ID:          35,

  146. 			Name:        org35.Name,

  147. 			UserName:    org35.Name,

  148. 			FullName:    org35.FullName,

  149. 			Email:       org35.Email,

  150. 			AvatarURL:   org35.AvatarLink(t.Context()),

  151. 			Description: "",

  152. 			Website:     "",

  153. 			Location:    "",

  154. 			Visibility:  "private",

  155. 		},

  156. 	}, orgs)

  157. }