2020-01-05 00:20:08 +01:00
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package integrations
import (
"bytes"
"image"
"image/png"
"io"
"io/ioutil"
"mime/multipart"
"net/http"
"os"
"path"
"testing"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/test"
"github.com/stretchr/testify/assert"
)
func generateImg ( ) bytes . Buffer {
// Generate image
myImage := image . NewRGBA ( image . Rect ( 0 , 0 , 32 , 32 ) )
var buff bytes . Buffer
png . Encode ( & buff , myImage )
return buff
}
func createAttachment ( t * testing . T , session * TestSession , repoURL , filename string , buff bytes . Buffer , expectedStatus int ) string {
body := & bytes . Buffer { }
//Setup multi-part
writer := multipart . NewWriter ( body )
part , err := writer . CreateFormFile ( "file" , filename )
assert . NoError ( t , err )
_ , err = io . Copy ( part , & buff )
assert . NoError ( t , err )
err = writer . Close ( )
assert . NoError ( t , err )
csrf := GetCSRF ( t , session , repoURL )
req := NewRequestWithBody ( t , "POST" , "/attachments" , body )
req . Header . Add ( "X-Csrf-Token" , csrf )
req . Header . Add ( "Content-Type" , writer . FormDataContentType ( ) )
resp := session . MakeRequest ( t , req , expectedStatus )
if expectedStatus != http . StatusOK {
return ""
}
var obj map [ string ] string
DecodeJSON ( t , resp , & obj )
return obj [ "uuid" ]
}
func TestCreateAnonymousAttachment ( t * testing . T ) {
2020-01-21 08:40:21 -03:00
defer prepareTestEnv ( t ) ( )
2020-01-05 00:20:08 +01:00
session := emptyTestSession ( t )
createAttachment ( t , session , "user2/repo1" , "image.png" , generateImg ( ) , http . StatusFound )
}
func TestCreateIssueAttachment ( t * testing . T ) {
2020-01-21 08:40:21 -03:00
defer prepareTestEnv ( t ) ( )
2020-01-05 00:20:08 +01:00
const repoURL = "user2/repo1"
session := loginUser ( t , "user2" )
uuid := createAttachment ( t , session , repoURL , "image.png" , generateImg ( ) , http . StatusOK )
req := NewRequest ( t , "GET" , repoURL + "/issues/new" )
resp := session . MakeRequest ( t , req , http . StatusOK )
htmlDoc := NewHTMLParser ( t , resp . Body )
link , exists := htmlDoc . doc . Find ( "form" ) . Attr ( "action" )
assert . True ( t , exists , "The template has changed" )
postData := map [ string ] string {
"_csrf" : htmlDoc . GetCSRF ( ) ,
"title" : "New Issue With Attachment" ,
"content" : "some content" ,
"files" : uuid ,
}
req = NewRequestWithValues ( t , "POST" , link , postData )
resp = session . MakeRequest ( t , req , http . StatusFound )
test . RedirectURL ( resp ) // check that redirect URL exists
//Validate that attachment is available
req = NewRequest ( t , "GET" , "/attachments/" + uuid )
session . MakeRequest ( t , req , http . StatusOK )
}
func TestGetAttachment ( t * testing . T ) {
2020-01-21 08:40:21 -03:00
defer prepareTestEnv ( t ) ( )
2020-01-05 00:20:08 +01:00
adminSession := loginUser ( t , "user1" )
user2Session := loginUser ( t , "user2" )
user8Session := loginUser ( t , "user8" )
emptySession := emptyTestSession ( t )
testCases := [ ] struct {
name string
uuid string
createFile bool
session * TestSession
want int
} {
{ "LinkedIssueUUID" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a11" , true , user2Session , http . StatusOK } ,
{ "LinkedCommentUUID" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a17" , true , user2Session , http . StatusOK } ,
{ "linked_release_uuid" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a19" , true , user2Session , http . StatusOK } ,
{ "NotExistingUUID" , "b0eebc99-9c0b-4ef8-bb6d-6bb9bd380a18" , false , user2Session , http . StatusNotFound } ,
{ "FileMissing" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a18" , false , user2Session , http . StatusInternalServerError } ,
{ "NotLinked" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a20" , true , user2Session , http . StatusNotFound } ,
{ "NotLinkedAccessibleByUploader" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a20" , true , user8Session , http . StatusOK } ,
{ "PublicByNonLogged" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a11" , true , emptySession , http . StatusOK } ,
{ "PrivateByNonLogged" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a12" , true , emptySession , http . StatusNotFound } ,
{ "PrivateAccessibleByAdmin" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a12" , true , adminSession , http . StatusOK } ,
{ "PrivateAccessibleByUser" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a12" , true , user2Session , http . StatusOK } ,
{ "RepoNotAccessibleByUser" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a12" , true , user8Session , http . StatusNotFound } ,
{ "OrgNotAccessibleByUser" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a21" , true , user8Session , http . StatusNotFound } ,
}
for _ , tc := range testCases {
t . Run ( tc . name , func ( t * testing . T ) {
//Write empty file to be available for response
if tc . createFile {
localPath := models . AttachmentLocalPath ( tc . uuid )
err := os . MkdirAll ( path . Dir ( localPath ) , os . ModePerm )
assert . NoError ( t , err )
err = ioutil . WriteFile ( localPath , [ ] byte ( "hello world" ) , 0644 )
assert . NoError ( t , err )
}
//Actual test
req := NewRequest ( t , "GET" , "/attachments/" + tc . uuid )
tc . session . MakeRequest ( t , req , tc . want )
} )
}
}