2017-05-26 16:15:45 +03:00
// Copyright 2017 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package integrations
import (
2019-04-28 02:32:33 +03:00
"fmt"
2017-05-26 16:15:45 +03:00
"net/http"
2019-04-28 02:32:33 +03:00
"sort"
2017-05-26 16:15:45 +03:00
"testing"
2022-03-29 09:29:02 +03:00
"code.gitea.io/gitea/models/organization"
2022-05-01 18:39:04 +03:00
"code.gitea.io/gitea/models/repo"
2022-01-05 06:37:00 +03:00
"code.gitea.io/gitea/models/unit"
2021-11-16 11:53:21 +03:00
"code.gitea.io/gitea/models/unittest"
2021-11-24 12:49:20 +03:00
user_model "code.gitea.io/gitea/models/user"
2019-11-10 07:41:51 +03:00
"code.gitea.io/gitea/modules/convert"
2019-05-11 13:21:34 +03:00
api "code.gitea.io/gitea/modules/structs"
2017-05-26 16:15:45 +03:00
"github.com/stretchr/testify/assert"
)
func TestAPITeam ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2019-04-24 08:32:35 +03:00
2022-03-29 09:29:02 +03:00
teamUser := unittest . AssertExistsAndLoadBean ( t , & organization . TeamUser { } ) . ( * organization . TeamUser )
team := unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : teamUser . TeamID } ) . ( * organization . Team )
2021-11-24 12:49:20 +03:00
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : teamUser . UID } ) . ( * user_model . User )
2017-05-26 16:15:45 +03:00
2017-06-17 07:49:45 +03:00
session := loginUser ( t , user . Name )
2018-09-10 19:15:52 +03:00
token := getTokenForLoggedInUser ( t , session )
req := NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamUser . TeamID )
2017-07-07 22:36:47 +03:00
resp := session . MakeRequest ( t , req , http . StatusOK )
2017-05-26 16:15:45 +03:00
var apiTeam api . Team
2017-06-18 12:06:17 +03:00
DecodeJSON ( t , resp , & apiTeam )
2017-05-26 16:15:45 +03:00
assert . EqualValues ( t , team . ID , apiTeam . ID )
assert . Equal ( t , team . Name , apiTeam . Name )
2019-04-24 08:32:35 +03:00
// non team member user will not access the teams details
2022-03-29 09:29:02 +03:00
teamUser2 := unittest . AssertExistsAndLoadBean ( t , & organization . TeamUser { ID : 3 } ) . ( * organization . TeamUser )
2021-11-24 12:49:20 +03:00
user2 := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : teamUser2 . UID } ) . ( * user_model . User )
2019-04-24 08:32:35 +03:00
session = loginUser ( t , user2 . Name )
token = getTokenForLoggedInUser ( t , session )
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamUser . TeamID )
2019-07-22 10:11:16 +03:00
_ = session . MakeRequest ( t , req , http . StatusForbidden )
2019-04-24 08:32:35 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d" , teamUser . TeamID )
2019-07-22 10:11:16 +03:00
_ = session . MakeRequest ( t , req , http . StatusUnauthorized )
2019-04-28 02:32:33 +03:00
// Get an admin user able to create, update and delete teams.
2021-11-24 12:49:20 +03:00
user = unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 1 } ) . ( * user_model . User )
2019-04-28 02:32:33 +03:00
session = loginUser ( t , user . Name )
token = getTokenForLoggedInUser ( t , session )
2021-11-24 12:49:20 +03:00
org := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 6 } ) . ( * user_model . User )
2019-04-28 02:32:33 +03:00
// Create team.
teamToCreate := & api . CreateTeamOption {
2019-11-06 12:37:14 +03:00
Name : "team1" ,
Description : "team one" ,
IncludesAllRepositories : true ,
Permission : "write" ,
Units : [ ] string { "repo.code" , "repo.issues" } ,
2019-04-28 02:32:33 +03:00
}
req = NewRequestWithJSON ( t , "POST" , fmt . Sprintf ( "/api/v1/orgs/%s/teams?token=%s" , org . Name , token ) , teamToCreate )
resp = session . MakeRequest ( t , req , http . StatusCreated )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
2019-04-28 02:32:33 +03:00
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "CreateTeam1" , & apiTeam , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToCreate . Permission , teamToCreate . Units , nil )
2019-11-06 12:37:14 +03:00
checkTeamBean ( t , apiTeam . ID , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToCreate . Permission , teamToCreate . Units , nil )
2019-04-28 02:32:33 +03:00
teamID := apiTeam . ID
// Edit team.
2020-01-09 16:15:14 +03:00
editDescription := "team 1"
editFalse := false
2019-04-28 02:32:33 +03:00
teamToEdit := & api . EditTeamOption {
2019-11-06 12:37:14 +03:00
Name : "teamone" ,
2020-01-09 16:15:14 +03:00
Description : & editDescription ,
2019-11-06 12:37:14 +03:00
Permission : "admin" ,
2020-01-09 16:15:14 +03:00
IncludesAllRepositories : & editFalse ,
2019-11-06 12:37:14 +03:00
Units : [ ] string { "repo.code" , "repo.pulls" , "repo.releases" } ,
2019-04-28 02:32:33 +03:00
}
2020-01-09 16:15:14 +03:00
2019-04-28 02:32:33 +03:00
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEdit )
resp = session . MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
2019-04-28 02:32:33 +03:00
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "EditTeam1" , & apiTeam , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToEdit . Permission , unit . AllUnitKeyNames ( ) , nil )
2020-01-09 16:15:14 +03:00
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToEdit . Permission , unit . AllUnitKeyNames ( ) , nil )
2020-01-09 16:15:14 +03:00
// Edit team Description only
editDescription = "first team"
teamToEditDesc := api . EditTeamOption { Description : & editDescription }
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEditDesc )
resp = session . MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
2020-01-09 16:15:14 +03:00
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "EditTeam1_DescOnly" , & apiTeam , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToEdit . Permission , unit . AllUnitKeyNames ( ) , nil )
2020-01-09 16:15:14 +03:00
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamToEdit . Permission , unit . AllUnitKeyNames ( ) , nil )
2019-04-28 02:32:33 +03:00
// Read team.
2022-03-29 09:29:02 +03:00
teamRead := unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : teamID } ) . ( * organization . Team )
2022-01-05 06:37:00 +03:00
assert . NoError ( t , teamRead . GetUnits ( ) )
2019-04-28 02:32:33 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamID )
resp = session . MakeRequest ( t , req , http . StatusOK )
2022-01-05 06:37:00 +03:00
apiTeam = api . Team { }
2019-04-28 02:32:33 +03:00
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "ReadTeam1" , & apiTeam , teamRead . Name , * teamToEditDesc . Description , teamRead . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamRead . AccessMode . String ( ) , teamRead . GetUnitNames ( ) , teamRead . GetUnitsMap ( ) )
// Delete team.
req = NewRequestf ( t , "DELETE" , "/api/v1/teams/%d?token=" + token , teamID )
session . MakeRequest ( t , req , http . StatusNoContent )
2022-03-29 09:29:02 +03:00
unittest . AssertNotExistsBean ( t , & organization . Team { ID : teamID } )
2022-01-05 06:37:00 +03:00
// create team again via UnitsMap
// Create team.
teamToCreate = & api . CreateTeamOption {
Name : "team2" ,
Description : "team two" ,
IncludesAllRepositories : true ,
Permission : "write" ,
UnitsMap : map [ string ] string { "repo.code" : "read" , "repo.issues" : "write" , "repo.wiki" : "none" } ,
}
req = NewRequestWithJSON ( t , "POST" , fmt . Sprintf ( "/api/v1/orgs/%s/teams?token=%s" , org . Name , token ) , teamToCreate )
resp = session . MakeRequest ( t , req , http . StatusCreated )
apiTeam = api . Team { }
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "CreateTeam2" , & apiTeam , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
"read" , nil , teamToCreate . UnitsMap )
checkTeamBean ( t , apiTeam . ID , teamToCreate . Name , teamToCreate . Description , teamToCreate . IncludesAllRepositories ,
"read" , nil , teamToCreate . UnitsMap )
teamID = apiTeam . ID
// Edit team.
editDescription = "team 1"
editFalse = false
teamToEdit = & api . EditTeamOption {
Name : "teamtwo" ,
Description : & editDescription ,
Permission : "write" ,
IncludesAllRepositories : & editFalse ,
UnitsMap : map [ string ] string { "repo.code" : "read" , "repo.pulls" : "read" , "repo.releases" : "write" } ,
}
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEdit )
resp = session . MakeRequest ( t , req , http . StatusOK )
apiTeam = api . Team { }
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "EditTeam2" , & apiTeam , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
"read" , nil , teamToEdit . UnitsMap )
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEdit . Description , * teamToEdit . IncludesAllRepositories ,
"read" , nil , teamToEdit . UnitsMap )
// Edit team Description only
editDescription = "second team"
teamToEditDesc = api . EditTeamOption { Description : & editDescription }
req = NewRequestWithJSON ( t , "PATCH" , fmt . Sprintf ( "/api/v1/teams/%d?token=%s" , teamID , token ) , teamToEditDesc )
resp = session . MakeRequest ( t , req , http . StatusOK )
apiTeam = api . Team { }
DecodeJSON ( t , resp , & apiTeam )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "EditTeam2_DescOnly" , & apiTeam , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
"read" , nil , teamToEdit . UnitsMap )
checkTeamBean ( t , apiTeam . ID , teamToEdit . Name , * teamToEditDesc . Description , * teamToEdit . IncludesAllRepositories ,
"read" , nil , teamToEdit . UnitsMap )
// Read team.
2022-03-29 09:29:02 +03:00
teamRead = unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : teamID } ) . ( * organization . Team )
2022-01-05 06:37:00 +03:00
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d?token=" + token , teamID )
resp = session . MakeRequest ( t , req , http . StatusOK )
apiTeam = api . Team { }
DecodeJSON ( t , resp , & apiTeam )
assert . NoError ( t , teamRead . GetUnits ( ) )
2022-05-13 20:27:58 +03:00
checkTeamResponse ( t , "ReadTeam2" , & apiTeam , teamRead . Name , * teamToEditDesc . Description , teamRead . IncludesAllRepositories ,
2022-01-05 06:37:00 +03:00
teamRead . AccessMode . String ( ) , teamRead . GetUnitNames ( ) , teamRead . GetUnitsMap ( ) )
2019-04-28 02:32:33 +03:00
// Delete team.
req = NewRequestf ( t , "DELETE" , "/api/v1/teams/%d?token=" + token , teamID )
session . MakeRequest ( t , req , http . StatusNoContent )
2022-03-29 09:29:02 +03:00
unittest . AssertNotExistsBean ( t , & organization . Team { ID : teamID } )
2019-04-28 02:32:33 +03:00
}
2022-05-13 20:27:58 +03:00
func checkTeamResponse ( t * testing . T , testName string , apiTeam * api . Team , name , description string , includesAllRepositories bool , permission string , units [ ] string , unitsMap map [ string ] string ) {
t . Run ( testName , func ( t * testing . T ) {
2022-01-05 06:37:00 +03:00
assert . Equal ( t , name , apiTeam . Name , "name" )
assert . Equal ( t , description , apiTeam . Description , "description" )
assert . Equal ( t , includesAllRepositories , apiTeam . IncludesAllRepositories , "includesAllRepositories" )
assert . Equal ( t , permission , apiTeam . Permission , "permission" )
if units != nil {
sort . StringSlice ( units ) . Sort ( )
sort . StringSlice ( apiTeam . Units ) . Sort ( )
assert . EqualValues ( t , units , apiTeam . Units , "units" )
}
if unitsMap != nil {
assert . EqualValues ( t , unitsMap , apiTeam . UnitsMap , "unitsMap" )
}
} )
2019-04-28 02:32:33 +03:00
}
2022-01-05 06:37:00 +03:00
func checkTeamBean ( t * testing . T , id int64 , name , description string , includesAllRepositories bool , permission string , units [ ] string , unitsMap map [ string ] string ) {
2022-03-29 09:29:02 +03:00
team := unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : id } ) . ( * organization . Team )
2019-04-28 02:32:33 +03:00
assert . NoError ( t , team . GetUnits ( ) , "GetUnits" )
2022-05-13 20:27:58 +03:00
apiTeam , err := convert . ToTeam ( team )
assert . NoError ( t , err )
checkTeamResponse ( t , fmt . Sprintf ( "checkTeamBean/%s_%s" , name , description ) , apiTeam , name , description , includesAllRepositories , permission , units , unitsMap )
2017-05-26 16:15:45 +03:00
}
2019-10-01 08:32:28 +03:00
type TeamSearchResults struct {
OK bool ` json:"ok" `
Data [ ] * api . Team ` json:"data" `
}
func TestAPITeamSearch ( t * testing . T ) {
2019-11-26 02:21:37 +03:00
defer prepareTestEnv ( t ) ( )
2019-10-01 08:32:28 +03:00
2021-11-24 12:49:20 +03:00
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 2 } ) . ( * user_model . User )
org := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 3 } ) . ( * user_model . User )
2019-10-01 08:32:28 +03:00
var results TeamSearchResults
2022-04-08 07:22:10 +03:00
token := getUserToken ( t , user . Name )
req := NewRequestf ( t , "GET" , "/api/v1/orgs/%s/teams/search?q=%s&token=%s" , org . Name , "_team" , token )
resp := MakeRequest ( t , req , http . StatusOK )
2019-10-01 08:32:28 +03:00
DecodeJSON ( t , resp , & results )
assert . NotEmpty ( t , results . Data )
2021-06-07 08:27:09 +03:00
assert . Len ( t , results . Data , 1 )
2019-10-01 08:32:28 +03:00
assert . Equal ( t , "test_team" , results . Data [ 0 ] . Name )
// no access if not organization member
2021-11-24 12:49:20 +03:00
user5 := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 5 } ) . ( * user_model . User )
2022-04-08 07:22:10 +03:00
token5 := getUserToken ( t , user5 . Name )
req = NewRequestf ( t , "GET" , "/api/v1/orgs/%s/teams/search?q=%s&token=%s" , org . Name , "team" , token5 )
MakeRequest ( t , req , http . StatusForbidden )
2019-10-01 08:32:28 +03:00
}
2022-05-01 18:39:04 +03:00
func TestAPIGetTeamRepo ( t * testing . T ) {
defer prepareTestEnv ( t ) ( )
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 15 } ) . ( * user_model . User )
teamRepo := unittest . AssertExistsAndLoadBean ( t , & repo . Repository { ID : 24 } ) . ( * repo . Repository )
team := unittest . AssertExistsAndLoadBean ( t , & organization . Team { ID : 5 } ) . ( * organization . Team )
var results api . Repository
token := getUserToken ( t , user . Name )
req := NewRequestf ( t , "GET" , "/api/v1/teams/%d/repos/%s/?token=%s" , team . ID , teamRepo . FullName ( ) , token )
resp := MakeRequest ( t , req , http . StatusOK )
DecodeJSON ( t , resp , & results )
assert . Equal ( t , "big_test_private_4" , teamRepo . Name )
// no access if not organization member
user5 := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 5 } ) . ( * user_model . User )
token5 := getUserToken ( t , user5 . Name )
req = NewRequestf ( t , "GET" , "/api/v1/teams/%d/repos/%s/?token=%s" , team . ID , teamRepo . FullName ( ) , token5 )
MakeRequest ( t , req , http . StatusNotFound )
}