2017-05-26 16:15:45 +03:00
// Copyright 2017 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package integrations
import (
2019-04-28 02:32:33 +03:00
"fmt"
2017-05-26 16:15:45 +03:00
"net/http"
2019-04-28 02:32:33 +03:00
"sort"
2017-05-26 16:15:45 +03:00
"testing"
"code.gitea.io/gitea/models"
2021-11-16 11:53:21 +03:00
"code.gitea.io/gitea/models/unittest"
2021-11-24 12:49:20 +03:00
user_model "code.gitea.io/gitea/models/user"
2019-11-10 07:41:51 +03:00
"code.gitea.io/gitea/modules/convert"
2019-05-11 13:21:34 +03:00
api "code.gitea.io/gitea/modules/structs"
2017-05-26 16:15:45 +03:00
"github.com/stretchr/testify/assert"
)
func TestAPITeam ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2019-04-24 08:32:35 +03:00
2021-11-16 11:53:21 +03:00
teamUser := unittest . AssertExistsAndLoadBean ( t , & models . TeamUser { } ) . ( * models . TeamUser )
team := unittest . AssertExistsAndLoadBean ( t , & models . Team { ID : teamUser . TeamID } ) . ( * models . Team )
2021-11-24 12:49:20 +03:00
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : teamUser . UID } ) . ( * user_model . User )
2017-05-26 16:15:45 +03:00
2017-06-17 07:49:45 +03:00
session := loginUser ( t , user . Name )
2018-09-10 19:15:52 +03:00
token := getTokenForLoggedInUser ( t , session )
req := NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamUser . TeamID )
2017-07-07 22:36:47 +03:00
resp := session . MakeRequest ( t , req , http . StatusOK )
2017-05-26 16:15:45 +03:00
var apiTeam api . Team
2017-06-18 12:06:17 +03:00
DecodeJSON ( t , resp , & apiTeam )
2017-05-26 16:15:45 +03:00
assert . EqualValues ( t , team . ID , apiTeam . ID )
assert . Equal ( t , team . Name , apiTeam . Name )
2019-04-24 08:32:35 +03:00
// non team member user will not access the teams details
2021-11-16 11:53:21 +03:00
teamUser2 := unittest . AssertExistsAndLoadBean ( t , & models . TeamUser { ID : 3 } ) . ( * models . TeamUser )
2021-11-24 12:49:20 +03:00
user2 := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : teamUser2 . UID } ) . ( * user_model . User )
2019-04-24 08:32:35 +03:00
session = loginUser ( t , user2 . Name )
token = getTokenForLoggedInUser ( t , session )
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamUser . TeamID )
2019-07-22 10:11:16 +03:00
_ = session . MakeRequest ( t , req , http . StatusForbidden )
2019-04-24 08:32:35 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d" , teamUser . TeamID )
2019-07-22 10:11:16 +03:00
_ = session . MakeRequest ( t , req , http . StatusUnauthorized )
2019-04-28 02:32:33 +03:00
// Get an admin user able to create, update and delete teams.
2021-11-24 12:49:20 +03:00
user = unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 1 } ) . ( * user_model . User )
2019-04-28 02:32:33 +03:00
session = loginUser ( t , user . Name )
token = getTokenForLoggedInUser ( t , session )
2021-11-24 12:49:20 +03:00
org := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 6 } ) . ( * user_model . User )
2019-04-28 02:32:33 +03:00
// Create team.
teamToCreate := & api . CreateTeamOption {
2019-11-06 12:37:14 +03:00
Name : "team1" ,
Description : "team one" ,
IncludesAllRepositories : true ,
Permission : "write" ,
Units : [ ] string { "repo.code" , "repo.issues" } ,
2019-04-28 02:32:33 +03:00
}
req = NewRequestWithJSON ( t , "POST" , fmt . Sprintf ( "/api/v1/orgs/%s/teams?token=%s" , org . Name , token ) , teamToCreate )
resp = session . MakeRequest ( t , req , http . StatusCreated )
DecodeJSON ( t , resp , & apiTeam )
2019-11-06 12:37:14 +03:00
checkTeamResponse ( t , & apiTeam , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
teamToCreate . Permission , teamToCreate . Units )
checkTeamBean ( t , apiTeam . ID , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
teamToCreate . Permission , teamToCreate . Units )
2019-04-28 02:32:33 +03:00
teamID := apiTeam . ID
// Edit team.
2020-01-09 16:15:14 +03:00
editDescription := "team 1"
editFalse := false
2019-04-28 02:32:33 +03:00
teamToEdit := & api . EditTeamOption {
2019-11-06 12:37:14 +03:00
Name : "teamone" ,
2020-01-09 16:15:14 +03:00
Description : & editDescription ,
2019-11-06 12:37:14 +03:00
Permission : "admin" ,
2020-01-09 16:15:14 +03:00
IncludesAllRepositories : & editFalse ,
2019-11-06 12:37:14 +03:00
Units : [ ] string { "repo.code" , "repo.pulls" , "repo.releases" } ,
2019-04-28 02:32:33 +03:00
}
2020-01-09 16:15:14 +03:00
2019-04-28 02:32:33 +03:00
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEdit )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & apiTeam )
2020-01-09 16:15:14 +03:00
checkTeamResponse ( t , & apiTeam , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
teamToEdit . Permission , teamToEdit . Units )
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
teamToEdit . Permission , teamToEdit . Units )
// Edit team Description only
editDescription = "first team"
teamToEditDesc := api . EditTeamOption { Description : & editDescription }
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEditDesc )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & apiTeam )
checkTeamResponse ( t , & apiTeam , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
2019-11-06 12:37:14 +03:00
teamToEdit . Permission , teamToEdit . Units )
2020-01-09 16:15:14 +03:00
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
2019-11-06 12:37:14 +03:00
teamToEdit . Permission , teamToEdit . Units )
2019-04-28 02:32:33 +03:00
// Read team.
2021-11-16 11:53:21 +03:00
teamRead := unittest . AssertExistsAndLoadBean ( t , & models . Team { ID : teamID } ) . ( * models . Team )
2019-04-28 02:32:33 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamID )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & apiTeam )
2020-01-09 16:15:14 +03:00
checkTeamResponse ( t , & apiTeam , teamRead . Name , * teamToEditDesc . Description , teamRead . IncludesAllRepositories ,
2019-11-06 12:37:14 +03:00
teamRead . Authorize . String ( ) , teamRead . GetUnitNames ( ) )
2019-04-28 02:32:33 +03:00
// Delete team.
req = NewRequestf ( t , "DELETE" , "/api/v1/teams/%d?token=" + token , teamID )
session . MakeRequest ( t , req , http . StatusNoContent )
2021-11-16 11:53:21 +03:00
unittest . AssertNotExistsBean ( t , & models . Team { ID : teamID } )
2019-04-28 02:32:33 +03:00
}
2019-11-06 12:37:14 +03:00
func checkTeamResponse ( t * testing . T , apiTeam * api . Team , name , description string , includesAllRepositories bool , permission string , units [ ] string ) {
2019-04-28 02:32:33 +03:00
assert . Equal ( t , name , apiTeam . Name , "name" )
assert . Equal ( t , description , apiTeam . Description , "description" )
2019-11-06 12:37:14 +03:00
assert . Equal ( t , includesAllRepositories , apiTeam . IncludesAllRepositories , "includesAllRepositories" )
2019-04-28 02:32:33 +03:00
assert . Equal ( t , permission , apiTeam . Permission , "permission" )
sort . StringSlice ( units ) . Sort ( )
sort . StringSlice ( apiTeam . Units ) . Sort ( )
assert . EqualValues ( t , units , apiTeam . Units , "units" )
}
2019-11-06 12:37:14 +03:00
func checkTeamBean ( t * testing . T , id int64 , name , description string , includesAllRepositories bool , permission string , units [ ] string ) {
2021-11-16 11:53:21 +03:00
team := unittest . AssertExistsAndLoadBean ( t , & models . Team { ID : id } ) . ( * models . Team )
2019-04-28 02:32:33 +03:00
assert . NoError ( t , team . GetUnits ( ) , "GetUnits" )
2019-11-06 12:37:14 +03:00
checkTeamResponse ( t , convert . ToTeam ( team ) , name , description , includesAllRepositories , permission , units )
2017-05-26 16:15:45 +03:00
}
2019-10-01 08:32:28 +03:00
type TeamSearchResults struct {
OK bool ` json:"ok" `
Data [ ] * api . Team ` json:"data" `
}
func TestAPITeamSearch ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2019-10-01 08:32:28 +03:00
2021-11-24 12:49:20 +03:00
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 2 } ) . ( * user_model . User )
org := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 3 } ) . ( * user_model . User )
2019-10-01 08:32:28 +03:00
var results TeamSearchResults
session := loginUser ( t , user . Name )
2021-06-21 16:01:44 +03:00
csrf := GetCSRF ( t , session , "/" + org . Name )
2019-10-01 08:32:28 +03:00
req := NewRequestf ( t , "GET" , "/api/v1/orgs/%s/teams/search?q=%s" , org . Name , "_team" )
2021-06-21 16:01:44 +03:00
req . Header . Add ( "X-Csrf-Token" , csrf )
2019-10-01 08:32:28 +03:00
resp := session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & results )
assert . NotEmpty ( t , results . Data )
2021-06-07 08:27:09 +03:00
assert . Len ( t , results . Data , 1 )
2019-10-01 08:32:28 +03:00
assert . Equal ( t , "test_team" , results . Data [ 0 ] . Name )
// no access if not organization member
2021-11-24 12:49:20 +03:00
user5 := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 5 } ) . ( * user_model . User )
2019-10-01 08:32:28 +03:00
session = loginUser ( t , user5 . Name )
2021-06-21 16:01:44 +03:00
csrf = GetCSRF ( t , session , "/" + org . Name )
2019-10-01 08:32:28 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/orgs/%s/teams/search?q=%s" , org . Name , "team" )
2021-06-21 16:01:44 +03:00
req . Header . Add ( "X-Csrf-Token" , csrf )
2021-11-18 04:33:06 +03:00
session . MakeRequest ( t , req , http . StatusForbidden )
2019-10-01 08:32:28 +03:00
}