2017-05-26 16:15:45 +03:00
// Copyright 2017 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2017-05-26 16:15:45 +03:00
2022-09-02 22:18:23 +03:00
package integration
2017-05-26 16:15:45 +03:00
import (
2019-04-28 02:32:33 +03:00
"fmt"
2017-05-26 16:15:45 +03:00
"net/http"
2019-04-28 02:32:33 +03:00
"sort"
2017-05-26 16:15:45 +03:00
"testing"
2022-03-29 09:29:02 +03:00
"code.gitea.io/gitea/models/organization"
2022-05-01 18:39:04 +03:00
"code.gitea.io/gitea/models/repo"
2022-01-05 06:37:00 +03:00
"code.gitea.io/gitea/models/unit"
2021-11-16 11:53:21 +03:00
"code.gitea.io/gitea/models/unittest"
2021-11-24 12:49:20 +03:00
user_model "code.gitea.io/gitea/models/user"
2019-11-10 07:41:51 +03:00
"code.gitea.io/gitea/modules/convert"
2019-05-11 13:21:34 +03:00
api "code.gitea.io/gitea/modules/structs"
2022-09-02 22:18:23 +03:00
"code.gitea.io/gitea/tests"
2017-05-26 16:15:45 +03:00
"github.com/stretchr/testify/assert"
)
func TestAPITeam ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2019-04-24 08:32:35 +03:00
2022-12-21 04:22:23 +03:00
teamUser := unittest . AssertExistsAndLoadBean ( t , & organization . TeamUser { ID : 1 } )
2022-08-16 05:22:25 +03:00
team := unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : teamUser . TeamID } )
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : teamUser . UID } )
2017-05-26 16:15:45 +03:00
2017-06-17 07:49:45 +03:00
session := loginUser ( t , user . Name )
2018-09-10 19:15:52 +03:00
token := getTokenForLoggedInUser ( t , session )
req := NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamUser . TeamID )
2022-12-02 06:39:42 +03:00
resp := MakeRequest ( t , req , http . StatusOK )
2017-05-26 16:15:45 +03:00
var apiTeam api . Team
2017-06-18 12:06:17 +03:00
DecodeJSON ( t , resp , & apiTeam )
2017-05-26 16:15:45 +03:00
assert . EqualValues ( t , team . ID , apiTeam . ID )
assert . Equal ( t , team . Name , apiTeam . Name )
2019-04-24 08:32:35 +03:00
// non team member user will not access the teams details
2022-08-16 05:22:25 +03:00
teamUser2 := unittest . AssertExistsAndLoadBean ( t , & organization . TeamUser { ID : 3 } )
user2 := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : teamUser2 . UID } )
2019-04-24 08:32:35 +03:00
session = loginUser ( t , user2 . Name )
token = getTokenForLoggedInUser ( t , session )
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamUser . TeamID )
2022-12-02 06:39:42 +03:00
_ = MakeRequest ( t , req , http . StatusForbidden )
2019-04-24 08:32:35 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d" , teamUser . TeamID )
2022-12-02 06:39:42 +03:00
_ = MakeRequest ( t , req , http . StatusUnauthorized )
2019-04-28 02:32:33 +03:00
// Get an admin user able to create, update and delete teams.
2022-08-16 05:22:25 +03:00
user = unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 1 } )
2019-04-28 02:32:33 +03:00
session = loginUser ( t , user . Name )
token = getTokenForLoggedInUser ( t , session )
2022-08-16 05:22:25 +03:00
org := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 6 } )
2019-04-28 02:32:33 +03:00
// Create team.
teamToCreate := & api . CreateTeamOption {
2019-11-06 12:37:14 +03:00
Name : "team1" ,
Description : "team one" ,
IncludesAllRepositories : true ,
Permission : "write" ,
Units : [ ] string { "repo.code" , "repo.issues" } ,
2019-04-28 02:32:33 +03:00
}
req = NewRequestWithJSON ( t , "POST" , fmt . Sprintf ( "/api/v1/orgs/%s/teams?token=%s" , org . Name , token ) , teamToCreate )
2022-12-02 06:39:42 +03:00
resp = MakeRequest ( t , req , http . StatusCreated )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
2019-04-28 02:32:33 +03:00
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "CreateTeam1" , & apiTeam , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToCreate . Permission , teamToCreate . Units , nil )
2019-11-06 12:37:14 +03:00
checkTeamBean ( t , apiTeam . ID , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToCreate . Permission , teamToCreate . Units , nil )
2019-04-28 02:32:33 +03:00
teamID := apiTeam . ID
// Edit team.
2020-01-09 16:15:14 +03:00
editDescription := "team 1"
editFalse := false
2019-04-28 02:32:33 +03:00
teamToEdit := & api . EditTeamOption {
2019-11-06 12:37:14 +03:00
Name : "teamone" ,
2020-01-09 16:15:14 +03:00
Description : & editDescription ,
2019-11-06 12:37:14 +03:00
Permission : "admin" ,
2020-01-09 16:15:14 +03:00
IncludesAllRepositories : & editFalse ,
2019-11-06 12:37:14 +03:00
Units : [ ] string { "repo.code" , "repo.pulls" , "repo.releases" } ,
2019-04-28 02:32:33 +03:00
}
2020-01-09 16:15:14 +03:00
2019-04-28 02:32:33 +03:00
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEdit )
2022-12-02 06:39:42 +03:00
resp = MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
2019-04-28 02:32:33 +03:00
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "EditTeam1" , & apiTeam , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToEdit . Permission , unit . AllUnitKeyNames ( ) , nil )
2020-01-09 16:15:14 +03:00
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToEdit . Permission , unit . AllUnitKeyNames ( ) , nil )
2020-01-09 16:15:14 +03:00
// Edit team Description only
editDescription = "first team"
teamToEditDesc := api . EditTeamOption { Description : & editDescription }
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEditDesc )
2022-12-02 06:39:42 +03:00
resp = MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
2020-01-09 16:15:14 +03:00
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "EditTeam1_DescOnly" , & apiTeam , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToEdit . Permission , unit . AllUnitKeyNames ( ) , nil )
2020-01-09 16:15:14 +03:00
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToEdit . Permission , unit . AllUnitKeyNames ( ) , nil )
2019-04-28 02:32:33 +03:00
// Read team.
2022-08-16 05:22:25 +03:00
teamRead := unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : teamID } )
2022-01-05 06:37:00 +03:00
assert . NoError ( t , teamRead . GetUnits ( ) )
2019-04-28 02:32:33 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamID )
2022-12-02 06:39:42 +03:00
resp = MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
2019-04-28 02:32:33 +03:00
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "ReadTeam1" , & apiTeam , teamRead . Name , * teamToEditDesc . Description , teamRead . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamRead . AccessMode . String ( ) , teamRead . GetUnitNames ( ) , teamRead . GetUnitsMap ( ) )
// Delete team.
req = NewRequestf ( t , "DELETE" , "/api/v1/teams/%d?token=" + token , teamID )
2022-12-02 06:39:42 +03:00
MakeRequest ( t , req , http . StatusNoContent )
2022-03-29 09:29:02 +03:00
unittest . AssertNotExistsBean ( t , & organization . Team { ID : teamID } )
2022-01-05 06:37:00 +03:00
// create team again via UnitsMap
// Create team.
teamToCreate = & api . CreateTeamOption {
Name : "team2" ,
Description : "team two" ,
IncludesAllRepositories : true ,
Permission : "write" ,
UnitsMap : map [ string ] string { "repo.code" : "read" , "repo.issues" : "write" , "repo.wiki" : "none" } ,
}
req = NewRequestWithJSON ( t , "POST" , fmt . Sprintf ( "/api/v1/orgs/%s/teams?token=%s" , org . Name , token ) , teamToCreate )
2022-12-02 06:39:42 +03:00
resp = MakeRequest ( t , req , http . StatusCreated )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "CreateTeam2" , & apiTeam , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
"read" , nil , teamToCreate . UnitsMap )
checkTeamBean ( t , apiTeam . ID , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
"read" , nil , teamToCreate . UnitsMap )
teamID = apiTeam . ID
// Edit team.
editDescription = "team 1"
editFalse = false
teamToEdit = & api . EditTeamOption {
Name : "teamtwo" ,
Description : & editDescription ,
Permission : "write" ,
IncludesAllRepositories : & editFalse ,
UnitsMap : map [ string ] string { "repo.code" : "read" , "repo.pulls" : "read" , "repo.releases" : "write" } ,
}
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEdit )
2022-12-02 06:39:42 +03:00
resp = MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "EditTeam2" , & apiTeam , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
"read" , nil , teamToEdit . UnitsMap )
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
"read" , nil , teamToEdit . UnitsMap )
// Edit team Description only
editDescription = "second team"
teamToEditDesc = api . EditTeamOption { Description : & editDescription }
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEditDesc )
2022-12-02 06:39:42 +03:00
resp = MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "EditTeam2_DescOnly" , & apiTeam , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
"read" , nil , teamToEdit . UnitsMap )
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
"read" , nil , teamToEdit . UnitsMap )
// Read team.
2022-08-16 05:22:25 +03:00
teamRead = unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : teamID } )
2022-01-05 06:37:00 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamID )
2022-12-02 06:39:42 +03:00
resp = MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
DecodeJSON ( t , resp , & apiTeam )
assert . NoError ( t , teamRead . GetUnits ( ) )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "ReadTeam2" , & apiTeam , teamRead . Name , * teamToEditDesc . Description , teamRead . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamRead . AccessMode . String ( ) , teamRead . GetUnitNames ( ) , teamRead . GetUnitsMap ( ) )
2019-04-28 02:32:33 +03:00
// Delete team.
req = NewRequestf ( t , "DELETE" , "/api/v1/teams/%d?token=" + token , teamID )
2022-12-02 06:39:42 +03:00
MakeRequest ( t , req , http . StatusNoContent )
2022-03-29 09:29:02 +03:00
unittest . AssertNotExistsBean ( t , & organization . Team { ID : teamID } )
2019-04-28 02:32:33 +03:00
}
2022-05-13 20:27:58 +03:00
func checkTeamResponse ( t * testing . T , testName string , apiTeam * api . Team , name , description string , includesAllRepositories bool , permission string , units [ ] string , unitsMap map [ string ] string ) {
t . Run ( testName , func ( t * testing . T ) {
2022-01-05 06:37:00 +03:00
assert . Equal ( t , name , apiTeam . Name , "name" )
assert . Equal ( t , description , apiTeam . Description , "description" )
assert . Equal ( t , includesAllRepositories , apiTeam . IncludesAllRepositories , "includesAllRepositories" )
assert . Equal ( t , permission , apiTeam . Permission , "permission" )
if units != nil {
sort . StringSlice ( units ) . Sort ( )
sort . StringSlice ( apiTeam . Units ) . Sort ( )
assert . EqualValues ( t , units , apiTeam . Units , "units" )
}
if unitsMap != nil {
assert . EqualValues ( t , unitsMap , apiTeam . UnitsMap , "unitsMap" )
}
} )
2019-04-28 02:32:33 +03:00
}
2022-01-05 06:37:00 +03:00
func checkTeamBean ( t * testing . T , id int64 , name , description string , includesAllRepositories bool , permission string , units [ ] string , unitsMap map [ string ] string ) {
2022-08-16 05:22:25 +03:00
team := unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : id } )
2019-04-28 02:32:33 +03:00
assert . NoError ( t , team . GetUnits ( ) , "GetUnits" )
2022-05-13 20:27:58 +03:00
apiTeam , err := convert . ToTeam ( team )
assert . NoError ( t , err )
checkTeamResponse ( t , fmt . Sprintf ( "checkTeamBean/%s_%s" , name , description ) , apiTeam , name , description , includesAllRepositories , permission , units , unitsMap )
2017-05-26 16:15:45 +03:00
}
2019-10-01 08:32:28 +03:00
type TeamSearchResults struct {
OK bool ` json:"ok" `
Data [ ] * api . Team ` json:"data" `
}
func TestAPITeamSearch ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2019-10-01 08:32:28 +03:00
2022-08-16 05:22:25 +03:00
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 2 } )
2022-08-21 19:24:05 +03:00
org := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 17 } )
2019-10-01 08:32:28 +03:00
var results TeamSearchResults
2022-04-08 07:22:10 +03:00
token := getUserToken ( t , user . Name )
req := NewRequestf ( t , "GET" , "/api/v1/orgs/%s/teams/search?q=%s&token=%s" , org . Name , "_team" , token )
resp := MakeRequest ( t , req , http . StatusOK )
2019-10-01 08:32:28 +03:00
DecodeJSON ( t , resp , & results )
assert . NotEmpty ( t , results . Data )
2021-06-07 08:27:09 +03:00
assert . Len ( t , results . Data , 1 )
2019-10-01 08:32:28 +03:00
assert . Equal ( t , "test_team" , results . Data [ 0 ] . Name )
// no access if not organization member
2022-08-16 05:22:25 +03:00
user5 := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 5 } )
2022-04-08 07:22:10 +03:00
token5 := getUserToken ( t , user5 . Name )
req = NewRequestf ( t , "GET" , "/api/v1/orgs/%s/teams/search?q=%s&token=%s" , org . Name , "team" , token5 )
MakeRequest ( t , req , http . StatusForbidden )
2019-10-01 08:32:28 +03:00
}
2022-05-01 18:39:04 +03:00
func TestAPIGetTeamRepo ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2022-05-01 18:39:04 +03:00
2022-08-16 05:22:25 +03:00
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 15 } )
teamRepo := unittest . AssertExistsAndLoadBean ( t , & repo . Repository { ID : 24 } )
team := unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : 5 } )
2022-05-01 18:39:04 +03:00
var results api . Repository
token := getUserToken ( t , user . Name )
req := NewRequestf ( t , "GET" , "/api/v1/teams/%d/repos/%s/?token=%s" , team . ID , teamRepo . FullName ( ) , token )
resp := MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & results )
assert . Equal ( t , "big_test_private_4" , teamRepo . Name )
// no access if not organization member
2022-08-16 05:22:25 +03:00
user5 := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 5 } )
2022-05-01 18:39:04 +03:00
token5 := getUserToken ( t , user5 . Name )
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d/repos/%s/?token=%s" , team . ID , teamRepo . FullName ( ) , token5 )
MakeRequest ( t , req , http . StatusNotFound )
}