afan
/
gitea
İzle 1
Yıldızla 0
Çatalla 0
Kod Sorunlar 0 Değişiklik İstekleri 0 Sürümler 0 Wiki Aktivite
gitea源码
3 İşlemeler
2 Dallar
Ağaç: 6d2efddf43
Dallar Biçim İmleri
${ item.name }
Branş ${ searchTerm } oluştur
'6d2efddf43'den
${ noResults }
gitea/tests/integration/api_repo_files_get_test.go

api_repo_files_get_test.go 7.2KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157 
  1. // Copyright 2025 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"net/url"

  10. 	"testing"

  11. 

  12. 	auth_model "code.gitea.io/gitea/models/auth"

  13. 	repo_model "code.gitea.io/gitea/models/repo"

  14. 	"code.gitea.io/gitea/models/unittest"

  15. 	user_model "code.gitea.io/gitea/models/user"

  16. 	"code.gitea.io/gitea/modules/gitrepo"

  17. 	"code.gitea.io/gitea/modules/json"

  18. 	"code.gitea.io/gitea/modules/setting"

  19. 	api "code.gitea.io/gitea/modules/structs"

  20. 	"code.gitea.io/gitea/modules/test"

  21. 	"code.gitea.io/gitea/modules/util"

  22. 	"code.gitea.io/gitea/tests"

  23. 

  24. 	"github.com/stretchr/testify/assert"

  25. 	"github.com/stretchr/testify/require"

  26. )

  27. 

  28. func TestAPIGetRequestedFiles(t *testing.T) {

  29. 	defer tests.PrepareTestEnv(t)()

  30. 

  31. 	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})         // owner of the repo1 & repo16

  32. 	org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 3})          // owner of the repo3, is an org

  33. 	user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4})         // owner of neither repos

  34. 	repo1 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})   // public repo

  35. 	repo3 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 3})   // public repo

  36. 	repo16 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 16}) // private repo

  37. 

  38. 	// Get user2's token

  39. 	session := loginUser(t, user2.Name)

  40. 	token2 := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)

  41. 	// Get user4's token

  42. 	session = loginUser(t, user4.Name)

  43. 	token4 := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)

  44. 

  45. 	gitRepo, err := gitrepo.OpenRepository(t.Context(), repo1)

  46. 	assert.NoError(t, err)

  47. 	defer gitRepo.Close()

  48. 	lastCommit, _ := gitRepo.GetCommitByPath("README.md")

  49. 

  50. 	requestFiles := func(t *testing.T, url string, files []string, expectedStatusCode ...int) (ret []*api.ContentsResponse) {

  51. 		req := NewRequestWithJSON(t, "POST", url, &api.GetFilesOptions{Files: files})

  52. 		resp := MakeRequest(t, req, util.OptionalArg(expectedStatusCode, http.StatusOK))

  53. 		if resp.Code != http.StatusOK {

  54. 			return nil

  55. 		}

  56. 		DecodeJSON(t, resp, &ret)

  57. 		return ret

  58. 	}

  59. 

  60. 	t.Run("User2Get", func(t *testing.T) {

  61. 		reqBodyOpt := &api.GetFilesOptions{Files: []string{"README.md"}}

  62. 		reqBodyParam, _ := json.Marshal(reqBodyOpt)

  63. 		req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/file-contents?body="+url.QueryEscape(string(reqBodyParam)))

  64. 		resp := MakeRequest(t, req, http.StatusOK)

  65. 		var ret []*api.ContentsResponse

  66. 		DecodeJSON(t, resp, &ret)

  67. 		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents(repo1.DefaultBranch, "branch", lastCommit.ID.String())}

  68. 		assert.Equal(t, expected, ret)

  69. 	})

  70. 	t.Run("User2NoRef", func(t *testing.T) {

  71. 		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents", []string{"README.md"})

  72. 		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents(repo1.DefaultBranch, "branch", lastCommit.ID.String())}

  73. 		assert.Equal(t, expected, ret)

  74. 	})

  75. 	t.Run("User2RefBranch", func(t *testing.T) {

  76. 		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=master", []string{"README.md"})

  77. 		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents(repo1.DefaultBranch, "branch", lastCommit.ID.String())}

  78. 		assert.Equal(t, expected, ret)

  79. 	})

  80. 	t.Run("User2RefTag", func(t *testing.T) {

  81. 		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=v1.1", []string{"README.md"})

  82. 		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents("v1.1", "tag", lastCommit.ID.String())}

  83. 		assert.Equal(t, expected, ret)

  84. 	})

  85. 	t.Run("User2RefCommit", func(t *testing.T) {

  86. 		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=65f1bf27bc3bf70f64657658635e66094edbcb4d", []string{"README.md"})

  87. 		expected := []*api.ContentsResponse{getExpectedContentsResponseForContents("65f1bf27bc3bf70f64657658635e66094edbcb4d", "commit", lastCommit.ID.String())}

  88. 		assert.Equal(t, expected, ret)

  89. 	})

  90. 	t.Run("User2RefNotExist", func(t *testing.T) {

  91. 		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=not-exist", []string{"README.md"}, http.StatusNotFound)

  92. 		assert.Empty(t, ret)

  93. 	})

  94. 

  95. 	t.Run("PermissionCheck", func(t *testing.T) {

  96. 		filesOptions := &api.GetFilesOptions{Files: []string{"README.md"}}

  97. 		// Test accessing private ref with user token that does not have access - should fail

  98. 		req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/file-contents", user2.Name, repo16.Name), &filesOptions).AddTokenAuth(token4)

  99. 		MakeRequest(t, req, http.StatusNotFound)

  100. 		// Test access private ref of owner of token

  101. 		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/file-contents", user2.Name, repo16.Name), &filesOptions).AddTokenAuth(token2)

  102. 		MakeRequest(t, req, http.StatusOK)

  103. 		// Test access of org org3 private repo file by owner user2

  104. 		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/file-contents", org3.Name, repo3.Name), &filesOptions).AddTokenAuth(token2)

  105. 		MakeRequest(t, req, http.StatusOK)

  106. 	})

  107. 

  108. 	t.Run("ResponseList", func(t *testing.T) {

  109. 		defer test.MockVariableValue(&setting.API.DefaultPagingNum)()

  110. 		defer test.MockVariableValue(&setting.API.DefaultMaxBlobSize)()

  111. 		defer test.MockVariableValue(&setting.API.DefaultMaxResponseSize)()

  112. 

  113. 		type expected struct {

  114. 			Name       string

  115. 			HasContent bool

  116. 		}

  117. 		assertResponse := func(t *testing.T, expected []*expected, ret []*api.ContentsResponse) {

  118. 			require.Len(t, ret, len(expected))

  119. 			for i, e := range expected {

  120. 				if e == nil {

  121. 					assert.Nil(t, ret[i], "item %d", i)

  122. 					continue

  123. 				}

  124. 				assert.Equal(t, e.Name, ret[i].Name, "item %d name", i)

  125. 				if e.HasContent {

  126. 					require.NotNil(t, ret[i].Content, "item %d content", i)

  127. 					assert.NotEmpty(t, *ret[i].Content, "item %d content", i)

  128. 				} else {

  129. 					assert.Nil(t, ret[i].Content, "item %d content", i)

  130. 				}

  131. 			}

  132. 		}

  133. 

  134. 		// repo1 "DefaultBranch" has 2 files: LICENSE (1064 bytes), README.md (30 bytes)

  135. 		ret := requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=DefaultBranch", []string{"no-such.txt", "LICENSE", "README.md"})

  136. 		assertResponse(t, []*expected{nil, {"LICENSE", true}, {"README.md", true}}, ret)

  137. 

  138. 		// the returned file list is limited by the DefaultPagingNum

  139. 		setting.API.DefaultPagingNum = 2

  140. 		ret = requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=DefaultBranch", []string{"no-such.txt", "LICENSE", "README.md"})

  141. 		assertResponse(t, []*expected{nil, {"LICENSE", true}}, ret)

  142. 		setting.API.DefaultPagingNum = 100

  143. 

  144. 		// if a file exceeds the DefaultMaxBlobSize, the content is not returned

  145. 		setting.API.DefaultMaxBlobSize = 200

  146. 		ret = requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=DefaultBranch", []string{"no-such.txt", "LICENSE", "README.md"})

  147. 		assertResponse(t, []*expected{nil, {"LICENSE", false}, {"README.md", true}}, ret)

  148. 		setting.API.DefaultMaxBlobSize = 20000

  149. 

  150. 		// if the total response size would exceed the DefaultMaxResponseSize, then the list stops

  151. 		setting.API.DefaultMaxResponseSize = ret[1].Size*4/3 + 10

  152. 		ret = requestFiles(t, "/api/v1/repos/user2/repo1/file-contents?ref=DefaultBranch", []string{"no-such.txt", "LICENSE", "README.md"})

  153. 		assertResponse(t, []*expected{nil, {"LICENSE", true}}, ret)

  154. 		setting.API.DefaultMaxBlobSize = 20000

  155. 	})

  156. }