afan
/
gitea
Наблюдаван 1
Харесван 0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
gitea源码
2 Ревизии
2 Клонове
ИН на ревизия: f5d5e77162
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
from 'f5d5e77162'
${ noResults }
gitea/tests/integration/api_team_test.go

api_team_test.go 13KB
История Директен файл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package integration

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"sort"

  10. 	"testing"

  11. 

  12. 	auth_model "code.gitea.io/gitea/models/auth"

  13. 	"code.gitea.io/gitea/models/organization"

  14. 	"code.gitea.io/gitea/models/perm"

  15. 	"code.gitea.io/gitea/models/repo"

  16. 	"code.gitea.io/gitea/models/unit"

  17. 	"code.gitea.io/gitea/models/unittest"

  18. 	user_model "code.gitea.io/gitea/models/user"

  19. 	api "code.gitea.io/gitea/modules/structs"

  20. 	"code.gitea.io/gitea/services/convert"

  21. 	"code.gitea.io/gitea/tests"

  22. 

  23. 	"github.com/stretchr/testify/assert"

  24. )

  25. 

  26. func TestAPITeam(t *testing.T) {

  27. 	defer tests.PrepareTestEnv(t)()

  28. 

  29. 	teamUser := unittest.AssertExistsAndLoadBean(t, &organization.TeamUser{ID: 1})

  30. 	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: teamUser.TeamID})

  31. 	org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: teamUser.OrgID})

  32. 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: teamUser.UID})

  33. 

  34. 	session := loginUser(t, user.Name)

  35. 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadOrganization)

  36. 	req := NewRequestf(t, "GET", "/api/v1/teams/%d", teamUser.TeamID).

  37. 		AddTokenAuth(token)

  38. 	resp := MakeRequest(t, req, http.StatusOK)

  39. 

  40. 	var apiTeam api.Team

  41. 	DecodeJSON(t, resp, &apiTeam)

  42. 	assert.Equal(t, team.ID, apiTeam.ID)

  43. 	assert.Equal(t, team.Name, apiTeam.Name)

  44. 	assert.Equal(t, convert.ToOrganization(t.Context(), org), apiTeam.Organization)

  45. 

  46. 	// non team member user will not access the teams details

  47. 	teamUser2 := unittest.AssertExistsAndLoadBean(t, &organization.TeamUser{ID: 3})

  48. 	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: teamUser2.UID})

  49. 

  50. 	session = loginUser(t, user2.Name)

  51. 	token = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadOrganization)

  52. 	req = NewRequestf(t, "GET", "/api/v1/teams/%d", teamUser.TeamID).

  53. 		AddTokenAuth(token)

  54. 	_ = MakeRequest(t, req, http.StatusForbidden)

  55. 

  56. 	req = NewRequestf(t, "GET", "/api/v1/teams/%d", teamUser.TeamID)

  57. 	_ = MakeRequest(t, req, http.StatusUnauthorized)

  58. 

  59. 	// Get an admin user able to create, update and delete teams.

  60. 	user = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})

  61. 	session = loginUser(t, user.Name)

  62. 	token = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteOrganization)

  63. 

  64. 	org = unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 6})

  65. 

  66. 	// Create team.

  67. 	teamToCreate := &api.CreateTeamOption{

  68. 		Name:                    "team1",

  69. 		Description:             "team one",

  70. 		IncludesAllRepositories: true,

  71. 		Permission:              "write",

  72. 		Units:                   []string{"repo.code", "repo.issues"},

  73. 	}

  74. 	req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams", org.Name), teamToCreate).

  75. 		AddTokenAuth(token)

  76. 	resp = MakeRequest(t, req, http.StatusCreated)

  77. 	apiTeam = api.Team{}

  78. 	DecodeJSON(t, resp, &apiTeam)

  79. 	checkTeamResponse(t, "CreateTeam1", &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,

  80. 		"none", teamToCreate.Units, nil)

  81. 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,

  82. 		"none", teamToCreate.Units, nil)

  83. 	teamID := apiTeam.ID

  84. 

  85. 	// Edit team.

  86. 	editDescription := "team 1"

  87. 	editFalse := false

  88. 	teamToEdit := &api.EditTeamOption{

  89. 		Name:                    "teamone",

  90. 		Description:             &editDescription,

  91. 		Permission:              "admin",

  92. 		IncludesAllRepositories: &editFalse,

  93. 		Units:                   []string{"repo.code", "repo.pulls", "repo.releases"},

  94. 	}

  95. 

  96. 	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d", teamID), teamToEdit).

  97. 		AddTokenAuth(token)

  98. 	resp = MakeRequest(t, req, http.StatusOK)

  99. 	apiTeam = api.Team{}

  100. 	DecodeJSON(t, resp, &apiTeam)

  101. 	checkTeamResponse(t, "EditTeam1", &apiTeam, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,

  102. 		teamToEdit.Permission, unit.AllUnitKeyNames(), nil)

  103. 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,

  104. 		teamToEdit.Permission, unit.AllUnitKeyNames(), nil)

  105. 

  106. 	// Edit team Description only

  107. 	editDescription = "first team"

  108. 	teamToEditDesc := api.EditTeamOption{Description: &editDescription}

  109. 	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d", teamID), teamToEditDesc).

  110. 		AddTokenAuth(token)

  111. 	resp = MakeRequest(t, req, http.StatusOK)

  112. 	apiTeam = api.Team{}

  113. 	DecodeJSON(t, resp, &apiTeam)

  114. 	checkTeamResponse(t, "EditTeam1_DescOnly", &apiTeam, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,

  115. 		teamToEdit.Permission, unit.AllUnitKeyNames(), nil)

  116. 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,

  117. 		teamToEdit.Permission, unit.AllUnitKeyNames(), nil)

  118. 

  119. 	// Read team.

  120. 	teamRead := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: teamID})

  121. 	assert.NoError(t, teamRead.LoadUnits(t.Context()))

  122. 	req = NewRequestf(t, "GET", "/api/v1/teams/%d", teamID).

  123. 		AddTokenAuth(token)

  124. 	resp = MakeRequest(t, req, http.StatusOK)

  125. 	apiTeam = api.Team{}

  126. 	DecodeJSON(t, resp, &apiTeam)

  127. 	checkTeamResponse(t, "ReadTeam1", &apiTeam, teamRead.Name, *teamToEditDesc.Description, teamRead.IncludesAllRepositories,

  128. 		teamRead.AccessMode.ToString(), teamRead.GetUnitNames(), teamRead.GetUnitsMap())

  129. 

  130. 	// Delete team.

  131. 	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d", teamID).

  132. 		AddTokenAuth(token)

  133. 	MakeRequest(t, req, http.StatusNoContent)

  134. 	unittest.AssertNotExistsBean(t, &organization.Team{ID: teamID})

  135. 

  136. 	// create team again via UnitsMap

  137. 	// Create team.

  138. 	teamToCreate = &api.CreateTeamOption{

  139. 		Name:                    "team2",

  140. 		Description:             "team two",

  141. 		IncludesAllRepositories: true,

  142. 		Permission:              "write",

  143. 		UnitsMap:                map[string]string{"repo.code": "read", "repo.issues": "write", "repo.wiki": "none"},

  144. 	}

  145. 	req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams", org.Name), teamToCreate).

  146. 		AddTokenAuth(token)

  147. 	resp = MakeRequest(t, req, http.StatusCreated)

  148. 	apiTeam = api.Team{}

  149. 	DecodeJSON(t, resp, &apiTeam)

  150. 	checkTeamResponse(t, "CreateTeam2", &apiTeam, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,

  151. 		"none", nil, teamToCreate.UnitsMap)

  152. 	checkTeamBean(t, apiTeam.ID, teamToCreate.Name, teamToCreate.Description, teamToCreate.IncludesAllRepositories,

  153. 		"none", nil, teamToCreate.UnitsMap)

  154. 	teamID = apiTeam.ID

  155. 

  156. 	// Edit team.

  157. 	editDescription = "team 1"

  158. 	editFalse = false

  159. 	teamToEdit = &api.EditTeamOption{

  160. 		Name:                    "teamtwo",

  161. 		Description:             &editDescription,

  162. 		Permission:              "write",

  163. 		IncludesAllRepositories: &editFalse,

  164. 		UnitsMap:                map[string]string{"repo.code": "read", "repo.pulls": "read", "repo.releases": "write"},

  165. 	}

  166. 

  167. 	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d", teamID), teamToEdit).

  168. 		AddTokenAuth(token)

  169. 	resp = MakeRequest(t, req, http.StatusOK)

  170. 	apiTeam = api.Team{}

  171. 	DecodeJSON(t, resp, &apiTeam)

  172. 	checkTeamResponse(t, "EditTeam2", &apiTeam, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,

  173. 		"none", nil, teamToEdit.UnitsMap)

  174. 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEdit.Description, *teamToEdit.IncludesAllRepositories,

  175. 		"none", nil, teamToEdit.UnitsMap)

  176. 

  177. 	// Edit team Description only

  178. 	editDescription = "second team"

  179. 	teamToEditDesc = api.EditTeamOption{Description: &editDescription}

  180. 	req = NewRequestWithJSON(t, "PATCH", fmt.Sprintf("/api/v1/teams/%d", teamID), teamToEditDesc).

  181. 		AddTokenAuth(token)

  182. 	resp = MakeRequest(t, req, http.StatusOK)

  183. 	apiTeam = api.Team{}

  184. 	DecodeJSON(t, resp, &apiTeam)

  185. 	checkTeamResponse(t, "EditTeam2_DescOnly", &apiTeam, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,

  186. 		"none", nil, teamToEdit.UnitsMap)

  187. 	checkTeamBean(t, apiTeam.ID, teamToEdit.Name, *teamToEditDesc.Description, *teamToEdit.IncludesAllRepositories,

  188. 		"none", nil, teamToEdit.UnitsMap)

  189. 

  190. 	// Read team.

  191. 	teamRead = unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: teamID})

  192. 	req = NewRequestf(t, "GET", "/api/v1/teams/%d", teamID).

  193. 		AddTokenAuth(token)

  194. 	resp = MakeRequest(t, req, http.StatusOK)

  195. 	apiTeam = api.Team{}

  196. 	DecodeJSON(t, resp, &apiTeam)

  197. 	assert.NoError(t, teamRead.LoadUnits(t.Context()))

  198. 	checkTeamResponse(t, "ReadTeam2", &apiTeam, teamRead.Name, *teamToEditDesc.Description, teamRead.IncludesAllRepositories,

  199. 		teamRead.AccessMode.ToString(), teamRead.GetUnitNames(), teamRead.GetUnitsMap())

  200. 

  201. 	// Delete team.

  202. 	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d", teamID).

  203. 		AddTokenAuth(token)

  204. 	MakeRequest(t, req, http.StatusNoContent)

  205. 	unittest.AssertNotExistsBean(t, &organization.Team{ID: teamID})

  206. 

  207. 	// Create admin team

  208. 	teamToCreate = &api.CreateTeamOption{

  209. 		Name:                    "teamadmin",

  210. 		Description:             "team admin",

  211. 		IncludesAllRepositories: true,

  212. 		Permission:              "admin",

  213. 	}

  214. 	req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams", org.Name), teamToCreate).

  215. 		AddTokenAuth(token)

  216. 	resp = MakeRequest(t, req, http.StatusCreated)

  217. 	apiTeam = api.Team{}

  218. 	DecodeJSON(t, resp, &apiTeam)

  219. 	for _, ut := range unit.AllRepoUnitTypes {

  220. 		up := perm.AccessModeAdmin

  221. 		if ut == unit.TypeExternalTracker || ut == unit.TypeExternalWiki {

  222. 			up = perm.AccessModeRead

  223. 		}

  224. 		unittest.AssertExistsAndLoadBean(t, &organization.TeamUnit{

  225. 			OrgID:      org.ID,

  226. 			TeamID:     apiTeam.ID,

  227. 			Type:       ut,

  228. 			AccessMode: up,

  229. 		})

  230. 	}

  231. 	teamID = apiTeam.ID

  232. 

  233. 	// Delete team.

  234. 	req = NewRequestf(t, "DELETE", "/api/v1/teams/%d", teamID).

  235. 		AddTokenAuth(token)

  236. 	MakeRequest(t, req, http.StatusNoContent)

  237. 	unittest.AssertNotExistsBean(t, &organization.Team{ID: teamID})

  238. }

  239. 

  240. func checkTeamResponse(t *testing.T, testName string, apiTeam *api.Team, name, description string, includesAllRepositories bool, permission string, units []string, unitsMap map[string]string) {

  241. 	t.Run(testName, func(t *testing.T) {

  242. 		assert.Equal(t, name, apiTeam.Name, "name")

  243. 		assert.Equal(t, description, apiTeam.Description, "description")

  244. 		assert.Equal(t, includesAllRepositories, apiTeam.IncludesAllRepositories, "includesAllRepositories")

  245. 		assert.Equal(t, permission, apiTeam.Permission, "permission")

  246. 		if units != nil {

  247. 			sort.StringSlice(units).Sort()

  248. 			sort.StringSlice(apiTeam.Units).Sort()

  249. 			assert.Equal(t, units, apiTeam.Units, "units")

  250. 		}

  251. 		if unitsMap != nil {

  252. 			assert.Equal(t, unitsMap, apiTeam.UnitsMap, "unitsMap")

  253. 		}

  254. 	})

  255. }

  256. 

  257. func checkTeamBean(t *testing.T, id int64, name, description string, includesAllRepositories bool, permission string, units []string, unitsMap map[string]string) {

  258. 	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: id})

  259. 	assert.NoError(t, team.LoadUnits(t.Context()), "LoadUnits")

  260. 	apiTeam, err := convert.ToTeam(t.Context(), team)

  261. 	assert.NoError(t, err)

  262. 	checkTeamResponse(t, fmt.Sprintf("checkTeamBean/%s_%s", name, description), apiTeam, name, description, includesAllRepositories, permission, units, unitsMap)

  263. }

  264. 

  265. type TeamSearchResults struct {

  266. 	OK   bool        `json:"ok"`

  267. 	Data []*api.Team `json:"data"`

  268. }

  269. 

  270. func TestAPITeamSearch(t *testing.T) {

  271. 	defer tests.PrepareTestEnv(t)()

  272. 

  273. 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})

  274. 	org := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 17})

  275. 

  276. 	var results TeamSearchResults

  277. 

  278. 	token := getUserToken(t, user.Name, auth_model.AccessTokenScopeReadOrganization)

  279. 	req := NewRequestf(t, "GET", "/api/v1/orgs/%s/teams/search?q=%s", org.Name, "_team").

  280. 		AddTokenAuth(token)

  281. 	resp := MakeRequest(t, req, http.StatusOK)

  282. 	DecodeJSON(t, resp, &results)

  283. 	assert.NotEmpty(t, results.Data)

  284. 	assert.Len(t, results.Data, 1)

  285. 	assert.Equal(t, "test_team", results.Data[0].Name)

  286. 

  287. 	// no access if not organization member

  288. 	user5 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})

  289. 	token5 := getUserToken(t, user5.Name, auth_model.AccessTokenScopeReadOrganization)

  290. 

  291. 	req = NewRequestf(t, "GET", "/api/v1/orgs/%s/teams/search?q=%s", org.Name, "team").

  292. 		AddTokenAuth(token5)

  293. 	MakeRequest(t, req, http.StatusForbidden)

  294. }

  295. 

  296. func TestAPIGetTeamRepo(t *testing.T) {

  297. 	defer tests.PrepareTestEnv(t)()

  298. 

  299. 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 15})

  300. 	teamRepo := unittest.AssertExistsAndLoadBean(t, &repo.Repository{ID: 24})

  301. 	team := unittest.AssertExistsAndLoadBean(t, &organization.Team{ID: 5})

  302. 

  303. 	var results api.Repository

  304. 

  305. 	token := getUserToken(t, user.Name, auth_model.AccessTokenScopeReadOrganization)

  306. 	req := NewRequestf(t, "GET", "/api/v1/teams/%d/repos/%s/", team.ID, teamRepo.FullName()).

  307. 		AddTokenAuth(token)

  308. 	resp := MakeRequest(t, req, http.StatusOK)

  309. 	DecodeJSON(t, resp, &results)

  310. 	assert.Equal(t, "big_test_private_4", teamRepo.Name)

  311. 

  312. 	// no access if not organization member

  313. 	user5 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})

  314. 	token5 := getUserToken(t, user5.Name, auth_model.AccessTokenScopeReadOrganization)

  315. 

  316. 	req = NewRequestf(t, "GET", "/api/v1/teams/%d/repos/%s/", team.ID, teamRepo.FullName()).

  317. 		AddTokenAuth(token5)

  318. 	MakeRequest(t, req, http.StatusNotFound)

  319. }