2017-08-17 12:08:03 +03:00
// Copyright 2017 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2017-08-17 12:08:03 +03:00
2022-09-02 22:18:23 +03:00
package integration
2017-08-17 12:08:03 +03:00
import (
"net/http"
"testing"
2024-03-11 13:29:54 +03:00
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
2017-08-17 12:08:03 +03:00
"code.gitea.io/gitea/modules/setting"
2022-09-02 22:18:23 +03:00
"code.gitea.io/gitea/tests"
2017-08-17 12:08:03 +03:00
"github.com/stretchr/testify/assert"
)
func TestSettingShowUserEmailExplore ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2017-08-17 12:08:03 +03:00
showUserEmail := setting . UI . ShowUserEmail
setting . UI . ShowUserEmail = true
session := loginUser ( t , "user2" )
2023-05-06 17:04:55 +03:00
req := NewRequest ( t , "GET" , "/explore/users?sort=alphabetically" )
2017-08-17 12:08:03 +03:00
resp := session . MakeRequest ( t , req , http . StatusOK )
htmlDoc := NewHTMLParser ( t , resp . Body )
assert . Contains ( t ,
2023-08-01 01:13:42 +03:00
htmlDoc . doc . Find ( ".explore.users" ) . Text ( ) ,
2023-04-07 13:08:36 +03:00
"user34@example.com" ,
2017-08-17 12:08:03 +03:00
)
setting . UI . ShowUserEmail = false
2023-05-06 17:04:55 +03:00
req = NewRequest ( t , "GET" , "/explore/users?sort=alphabetically" )
2017-08-17 12:08:03 +03:00
resp = session . MakeRequest ( t , req , http . StatusOK )
htmlDoc = NewHTMLParser ( t , resp . Body )
assert . NotContains ( t ,
2023-08-01 01:13:42 +03:00
htmlDoc . doc . Find ( ".explore.users" ) . Text ( ) ,
2023-04-07 13:08:36 +03:00
"user34@example.com" ,
2017-08-17 12:08:03 +03:00
)
setting . UI . ShowUserEmail = showUserEmail
}
func TestSettingShowUserEmailProfile ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2017-08-17 12:08:03 +03:00
showUserEmail := setting . UI . ShowUserEmail
2023-03-28 00:27:32 +03:00
// user1: keep_email_private = false, user2: keep_email_private = true
2017-08-17 12:08:03 +03:00
setting . UI . ShowUserEmail = true
2023-04-08 13:05:21 +03:00
// user1 can see own visible email
2023-03-28 00:27:32 +03:00
session := loginUser ( t , "user1" )
req := NewRequest ( t , "GET" , "/user1" )
2017-08-17 12:08:03 +03:00
resp := session . MakeRequest ( t , req , http . StatusOK )
htmlDoc := NewHTMLParser ( t , resp . Body )
2023-03-28 00:27:32 +03:00
assert . Contains ( t , htmlDoc . doc . Find ( ".user.profile" ) . Text ( ) , "user1@example.com" )
2017-08-17 12:08:03 +03:00
2023-04-08 13:05:21 +03:00
// user1 can not see user2's hidden email
2017-08-17 12:08:03 +03:00
req = NewRequest ( t , "GET" , "/user2" )
resp = session . MakeRequest ( t , req , http . StatusOK )
htmlDoc = NewHTMLParser ( t , resp . Body )
2023-04-08 13:05:21 +03:00
// Should only contain if the user visits their own profile page
2023-03-28 00:27:32 +03:00
assert . NotContains ( t , htmlDoc . doc . Find ( ".user.profile" ) . Text ( ) , "user2@example.com" )
2017-08-17 12:08:03 +03:00
2023-04-08 13:05:21 +03:00
// user2 can see user1's visible email
2023-03-28 00:27:32 +03:00
session = loginUser ( t , "user2" )
req = NewRequest ( t , "GET" , "/user1" )
resp = session . MakeRequest ( t , req , http . StatusOK )
htmlDoc = NewHTMLParser ( t , resp . Body )
assert . Contains ( t , htmlDoc . doc . Find ( ".user.profile" ) . Text ( ) , "user1@example.com" )
2019-02-19 17:11:50 +03:00
2023-04-08 13:05:21 +03:00
// user2 can see own hidden email
2023-03-28 00:27:32 +03:00
session = loginUser ( t , "user2" )
2019-02-19 17:11:50 +03:00
req = NewRequest ( t , "GET" , "/user2" )
resp = session . MakeRequest ( t , req , http . StatusOK )
htmlDoc = NewHTMLParser ( t , resp . Body )
2023-04-08 13:05:21 +03:00
assert . Contains ( t , htmlDoc . doc . Find ( ".user.profile" ) . Text ( ) , "user2@example.com" )
2023-03-28 00:27:32 +03:00
setting . UI . ShowUserEmail = false
2023-04-08 13:05:21 +03:00
// user1 can see own (now hidden) email
2023-03-28 00:27:32 +03:00
session = loginUser ( t , "user1" )
req = NewRequest ( t , "GET" , "/user1" )
resp = session . MakeRequest ( t , req , http . StatusOK )
htmlDoc = NewHTMLParser ( t , resp . Body )
2023-04-08 13:05:21 +03:00
assert . Contains ( t , htmlDoc . doc . Find ( ".user.profile" ) . Text ( ) , "user1@example.com" )
2023-03-28 00:27:32 +03:00
setting . UI . ShowUserEmail = showUserEmail
2017-08-17 12:08:03 +03:00
}
2018-06-15 06:42:46 +03:00
func TestSettingLandingPage ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2018-06-15 06:42:46 +03:00
landingPage := setting . LandingPageURL
setting . LandingPageURL = setting . LandingPageHome
req := NewRequest ( t , "GET" , "/" )
MakeRequest ( t , req , http . StatusOK )
setting . LandingPageURL = setting . LandingPageExplore
req = NewRequest ( t , "GET" , "/" )
2022-03-23 07:54:07 +03:00
resp := MakeRequest ( t , req , http . StatusSeeOther )
2018-06-15 06:42:46 +03:00
assert . Equal ( t , "/explore" , resp . Header ( ) . Get ( "Location" ) )
setting . LandingPageURL = setting . LandingPageOrganizations
req = NewRequest ( t , "GET" , "/" )
2022-03-23 07:54:07 +03:00
resp = MakeRequest ( t , req , http . StatusSeeOther )
2018-06-15 06:42:46 +03:00
assert . Equal ( t , "/explore/organizations" , resp . Header ( ) . Get ( "Location" ) )
2020-01-06 19:50:44 +03:00
setting . LandingPageURL = setting . LandingPageLogin
req = NewRequest ( t , "GET" , "/" )
2022-03-23 07:54:07 +03:00
resp = MakeRequest ( t , req , http . StatusSeeOther )
2020-01-06 19:50:44 +03:00
assert . Equal ( t , "/user/login" , resp . Header ( ) . Get ( "Location" ) )
2018-06-15 06:42:46 +03:00
setting . LandingPageURL = landingPage
}
2024-03-11 13:29:54 +03:00
func TestSettingSecurityAuthSource ( t * testing . T ) {
defer tests . PrepareTestEnv ( t ) ( )
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 1 } )
active := addAuthSource ( t , authSourcePayloadGitLabCustom ( "gitlab-active" ) )
activeExternalLoginUser := & user_model . ExternalLoginUser {
ExternalID : "12345" ,
UserID : user . ID ,
LoginSourceID : active . ID ,
}
err := user_model . LinkExternalToUser ( db . DefaultContext , user , activeExternalLoginUser )
assert . NoError ( t , err )
inactive := addAuthSource ( t , authSourcePayloadGitLabCustom ( "gitlab-inactive" ) )
inactiveExternalLoginUser := & user_model . ExternalLoginUser {
ExternalID : "5678" ,
UserID : user . ID ,
LoginSourceID : inactive . ID ,
}
err = user_model . LinkExternalToUser ( db . DefaultContext , user , inactiveExternalLoginUser )
assert . NoError ( t , err )
// mark the authSource as inactive
inactive . IsActive = false
err = auth_model . UpdateSource ( db . DefaultContext , inactive )
assert . NoError ( t , err )
session := loginUser ( t , "user1" )
req := NewRequest ( t , "GET" , "user/settings/security" )
resp := session . MakeRequest ( t , req , http . StatusOK )
assert . Contains ( t , resp . Body . String ( ) , ` gitlab-active ` )
assert . Contains ( t , resp . Body . String ( ) , ` gitlab-inactive ` )
}
