2017-07-12 04:23:41 +03:00
// Copyright 2017 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package integrations
import (
2018-01-07 01:55:53 +03:00
"fmt"
2017-07-12 04:23:41 +03:00
"net/http"
2018-11-01 06:40:49 +03:00
"net/url"
2017-07-12 04:23:41 +03:00
"testing"
2018-01-07 01:55:53 +03:00
"code.gitea.io/gitea/models"
2021-11-28 14:58:28 +03:00
"code.gitea.io/gitea/models/perm"
2021-11-16 11:53:21 +03:00
"code.gitea.io/gitea/models/unittest"
2021-11-24 12:49:20 +03:00
user_model "code.gitea.io/gitea/models/user"
2019-05-11 13:21:34 +03:00
api "code.gitea.io/gitea/modules/structs"
2019-08-23 19:40:30 +03:00
"github.com/stretchr/testify/assert"
2017-07-12 04:23:41 +03:00
)
func TestViewDeployKeysNoLogin ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2017-07-12 04:23:41 +03:00
req := NewRequest ( t , "GET" , "/api/v1/repos/user2/repo1/keys" )
MakeRequest ( t , req , http . StatusUnauthorized )
}
func TestCreateDeployKeyNoLogin ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2017-07-12 04:23:41 +03:00
req := NewRequestWithJSON ( t , "POST" , "/api/v1/repos/user2/repo1/keys" , api . CreateKeyOption {
Title : "title" ,
Key : "key" ,
} )
MakeRequest ( t , req , http . StatusUnauthorized )
}
func TestGetDeployKeyNoLogin ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2017-07-12 04:23:41 +03:00
req := NewRequest ( t , "GET" , "/api/v1/repos/user2/repo1/keys/1" )
MakeRequest ( t , req , http . StatusUnauthorized )
}
func TestDeleteDeployKeyNoLogin ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2017-07-12 04:23:41 +03:00
req := NewRequest ( t , "DELETE" , "/api/v1/repos/user2/repo1/keys/1" )
MakeRequest ( t , req , http . StatusUnauthorized )
}
2018-01-07 01:55:53 +03:00
func TestCreateReadOnlyDeployKey ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2021-11-16 11:53:21 +03:00
repo := unittest . AssertExistsAndLoadBean ( t , & models . Repository { Name : "repo1" } ) . ( * models . Repository )
2021-11-24 12:49:20 +03:00
repoOwner := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : repo . OwnerID } ) . ( * user_model . User )
2018-01-07 01:55:53 +03:00
session := loginUser ( t , repoOwner . Name )
2018-09-10 19:15:52 +03:00
token := getTokenForLoggedInUser ( t , session )
keysURL := fmt . Sprintf ( "/api/v1/repos/%s/%s/keys?token=%s" , repoOwner . Name , repo . Name , token )
2018-01-07 01:55:53 +03:00
rawKeyBody := api . CreateKeyOption {
Title : "read-only" ,
2020-10-09 09:52:57 +03:00
Key : "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n" ,
2018-01-07 01:55:53 +03:00
ReadOnly : true ,
}
req := NewRequestWithJSON ( t , "POST" , keysURL , rawKeyBody )
resp := session . MakeRequest ( t , req , http . StatusCreated )
var newDeployKey api . DeployKey
DecodeJSON ( t , resp , & newDeployKey )
2021-11-16 11:53:21 +03:00
unittest . AssertExistsAndLoadBean ( t , & models . DeployKey {
2018-01-07 01:55:53 +03:00
ID : newDeployKey . ID ,
Name : rawKeyBody . Title ,
Content : rawKeyBody . Key ,
2021-11-28 14:58:28 +03:00
Mode : perm . AccessModeRead ,
2018-01-07 01:55:53 +03:00
} )
}
func TestCreateReadWriteDeployKey ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2021-11-16 11:53:21 +03:00
repo := unittest . AssertExistsAndLoadBean ( t , & models . Repository { Name : "repo1" } ) . ( * models . Repository )
2021-11-24 12:49:20 +03:00
repoOwner := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : repo . OwnerID } ) . ( * user_model . User )
2018-01-07 01:55:53 +03:00
session := loginUser ( t , repoOwner . Name )
2018-09-10 19:15:52 +03:00
token := getTokenForLoggedInUser ( t , session )
keysURL := fmt . Sprintf ( "/api/v1/repos/%s/%s/keys?token=%s" , repoOwner . Name , repo . Name , token )
2018-01-07 01:55:53 +03:00
rawKeyBody := api . CreateKeyOption {
Title : "read-write" ,
2020-10-09 09:52:57 +03:00
Key : "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n" ,
2018-01-07 01:55:53 +03:00
}
req := NewRequestWithJSON ( t , "POST" , keysURL , rawKeyBody )
resp := session . MakeRequest ( t , req , http . StatusCreated )
var newDeployKey api . DeployKey
DecodeJSON ( t , resp , & newDeployKey )
2021-11-16 11:53:21 +03:00
unittest . AssertExistsAndLoadBean ( t , & models . DeployKey {
2018-01-07 01:55:53 +03:00
ID : newDeployKey . ID ,
Name : rawKeyBody . Title ,
Content : rawKeyBody . Key ,
2021-11-28 14:58:28 +03:00
Mode : perm . AccessModeWrite ,
2018-01-07 01:55:53 +03:00
} )
}
2018-11-01 06:40:49 +03:00
func TestCreateUserKey ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2021-11-24 12:49:20 +03:00
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { Name : "user1" } ) . ( * user_model . User )
2018-11-01 06:40:49 +03:00
session := loginUser ( t , "user1" )
token := url . QueryEscape ( getTokenForLoggedInUser ( t , session ) )
keysURL := fmt . Sprintf ( "/api/v1/user/keys?token=%s" , token )
keyType := "ssh-rsa"
2020-10-09 09:52:57 +03:00
keyContent := "AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM="
2018-11-01 06:40:49 +03:00
rawKeyBody := api . CreateKeyOption {
Title : "test-key" ,
Key : keyType + " " + keyContent ,
}
req := NewRequestWithJSON ( t , "POST" , keysURL , rawKeyBody )
resp := session . MakeRequest ( t , req , http . StatusCreated )
var newPublicKey api . PublicKey
DecodeJSON ( t , resp , & newPublicKey )
2021-11-16 11:53:21 +03:00
unittest . AssertExistsAndLoadBean ( t , & models . PublicKey {
2018-11-01 06:40:49 +03:00
ID : newPublicKey . ID ,
OwnerID : user . ID ,
Name : rawKeyBody . Title ,
Content : rawKeyBody . Key ,
2021-11-28 14:58:28 +03:00
Mode : perm . AccessModeWrite ,
2018-11-01 06:40:49 +03:00
} )
// Search by fingerprint
fingerprintURL := fmt . Sprintf ( "/api/v1/user/keys?token=%s&fingerprint=%s" , token , newPublicKey . Fingerprint )
req = NewRequest ( t , "GET" , fingerprintURL )
resp = session . MakeRequest ( t , req , http . StatusOK )
var fingerprintPublicKeys [ ] api . PublicKey
DecodeJSON ( t , resp , & fingerprintPublicKeys )
assert . Equal ( t , newPublicKey . Fingerprint , fingerprintPublicKeys [ 0 ] . Fingerprint )
assert . Equal ( t , newPublicKey . ID , fingerprintPublicKeys [ 0 ] . ID )
assert . Equal ( t , user . ID , fingerprintPublicKeys [ 0 ] . Owner . ID )
fingerprintURL = fmt . Sprintf ( "/api/v1/users/%s/keys?token=%s&fingerprint=%s" , user . Name , token , newPublicKey . Fingerprint )
req = NewRequest ( t , "GET" , fingerprintURL )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & fingerprintPublicKeys )
assert . Equal ( t , newPublicKey . Fingerprint , fingerprintPublicKeys [ 0 ] . Fingerprint )
assert . Equal ( t , newPublicKey . ID , fingerprintPublicKeys [ 0 ] . ID )
assert . Equal ( t , user . ID , fingerprintPublicKeys [ 0 ] . Owner . ID )
// Fail search by fingerprint
fingerprintURL = fmt . Sprintf ( "/api/v1/user/keys?token=%s&fingerprint=%sA" , token , newPublicKey . Fingerprint )
req = NewRequest ( t , "GET" , fingerprintURL )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & fingerprintPublicKeys )
assert . Len ( t , fingerprintPublicKeys , 0 )
// Fail searching for wrong users key
fingerprintURL = fmt . Sprintf ( "/api/v1/users/%s/keys?token=%s&fingerprint=%s" , "user2" , token , newPublicKey . Fingerprint )
req = NewRequest ( t , "GET" , fingerprintURL )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & fingerprintPublicKeys )
assert . Len ( t , fingerprintPublicKeys , 0 )
// Now login as user 2
session2 := loginUser ( t , "user2" )
token2 := url . QueryEscape ( getTokenForLoggedInUser ( t , session2 ) )
// Should find key even though not ours, but we shouldn't know whose it is
fingerprintURL = fmt . Sprintf ( "/api/v1/user/keys?token=%s&fingerprint=%s" , token2 , newPublicKey . Fingerprint )
req = NewRequest ( t , "GET" , fingerprintURL )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & fingerprintPublicKeys )
assert . Equal ( t , newPublicKey . Fingerprint , fingerprintPublicKeys [ 0 ] . Fingerprint )
assert . Equal ( t , newPublicKey . ID , fingerprintPublicKeys [ 0 ] . ID )
assert . Nil ( t , fingerprintPublicKeys [ 0 ] . Owner )
// Should find key even though not ours, but we shouldn't know whose it is
fingerprintURL = fmt . Sprintf ( "/api/v1/users/%s/keys?token=%s&fingerprint=%s" , user . Name , token2 , newPublicKey . Fingerprint )
req = NewRequest ( t , "GET" , fingerprintURL )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & fingerprintPublicKeys )
assert . Equal ( t , newPublicKey . Fingerprint , fingerprintPublicKeys [ 0 ] . Fingerprint )
assert . Equal ( t , newPublicKey . ID , fingerprintPublicKeys [ 0 ] . ID )
assert . Nil ( t , fingerprintPublicKeys [ 0 ] . Owner )
// Fail when searching for key if it is not ours
fingerprintURL = fmt . Sprintf ( "/api/v1/users/%s/keys?token=%s&fingerprint=%s" , "user2" , token2 , newPublicKey . Fingerprint )
req = NewRequest ( t , "GET" , fingerprintURL )
resp = session . MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & fingerprintPublicKeys )
assert . Len ( t , fingerprintPublicKeys , 0 )
}