2020-01-05 02:20:08 +03:00
// Copyright 2019 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2020-01-05 02:20:08 +03:00
2022-09-02 22:18:23 +03:00
package integration
2020-01-05 02:20:08 +03:00
import (
"bytes"
"image"
"image/png"
"io"
"mime/multipart"
"net/http"
2020-08-18 07:23:45 +03:00
"strings"
2020-01-05 02:20:08 +03:00
"testing"
2021-11-19 16:39:57 +03:00
repo_model "code.gitea.io/gitea/models/repo"
2020-08-18 07:23:45 +03:00
"code.gitea.io/gitea/modules/storage"
2020-01-05 02:20:08 +03:00
"code.gitea.io/gitea/modules/test"
2022-09-02 22:18:23 +03:00
"code.gitea.io/gitea/tests"
2020-01-05 02:20:08 +03:00
"github.com/stretchr/testify/assert"
)
func generateImg ( ) bytes . Buffer {
// Generate image
myImage := image . NewRGBA ( image . Rect ( 0 , 0 , 32 , 32 ) )
var buff bytes . Buffer
png . Encode ( & buff , myImage )
return buff
}
func createAttachment ( t * testing . T , session * TestSession , repoURL , filename string , buff bytes . Buffer , expectedStatus int ) string {
body := & bytes . Buffer { }
2022-01-20 20:46:10 +03:00
// Setup multi-part
2020-01-05 02:20:08 +03:00
writer := multipart . NewWriter ( body )
part , err := writer . CreateFormFile ( "file" , filename )
assert . NoError ( t , err )
_ , err = io . Copy ( part , & buff )
assert . NoError ( t , err )
err = writer . Close ( )
assert . NoError ( t , err )
csrf := GetCSRF ( t , session , repoURL )
2020-10-05 08:49:33 +03:00
req := NewRequestWithBody ( t , "POST" , repoURL + "/issues/attachments" , body )
2020-01-05 02:20:08 +03:00
req . Header . Add ( "X-Csrf-Token" , csrf )
req . Header . Add ( "Content-Type" , writer . FormDataContentType ( ) )
resp := session . MakeRequest ( t , req , expectedStatus )
if expectedStatus != http . StatusOK {
return ""
}
var obj map [ string ] string
DecodeJSON ( t , resp , & obj )
return obj [ "uuid" ]
}
func TestCreateAnonymousAttachment ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2020-01-05 02:20:08 +03:00
session := emptyTestSession ( t )
2022-03-23 07:54:07 +03:00
createAttachment ( t , session , "user2/repo1" , "image.png" , generateImg ( ) , http . StatusSeeOther )
2020-01-05 02:20:08 +03:00
}
func TestCreateIssueAttachment ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2020-01-05 02:20:08 +03:00
const repoURL = "user2/repo1"
session := loginUser ( t , "user2" )
uuid := createAttachment ( t , session , repoURL , "image.png" , generateImg ( ) , http . StatusOK )
req := NewRequest ( t , "GET" , repoURL + "/issues/new" )
resp := session . MakeRequest ( t , req , http . StatusOK )
htmlDoc := NewHTMLParser ( t , resp . Body )
2021-01-21 17:51:52 +03:00
link , exists := htmlDoc . doc . Find ( "form#new-issue" ) . Attr ( "action" )
2020-01-05 02:20:08 +03:00
assert . True ( t , exists , "The template has changed" )
postData := map [ string ] string {
"_csrf" : htmlDoc . GetCSRF ( ) ,
"title" : "New Issue With Attachment" ,
"content" : "some content" ,
"files" : uuid ,
}
req = NewRequestWithValues ( t , "POST" , link , postData )
2022-03-23 07:54:07 +03:00
resp = session . MakeRequest ( t , req , http . StatusSeeOther )
2020-01-05 02:20:08 +03:00
test . RedirectURL ( resp ) // check that redirect URL exists
2022-01-20 20:46:10 +03:00
// Validate that attachment is available
2020-01-05 02:20:08 +03:00
req = NewRequest ( t , "GET" , "/attachments/" + uuid )
session . MakeRequest ( t , req , http . StatusOK )
2023-05-31 20:06:17 +03:00
// anonymous visit should be allowed because user2/repo1 is a public repository
MakeRequest ( t , req , http . StatusOK )
2020-01-05 02:20:08 +03:00
}
func TestGetAttachment ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrepareTestEnv ( t ) ( )
2020-01-05 02:20:08 +03:00
adminSession := loginUser ( t , "user1" )
user2Session := loginUser ( t , "user2" )
user8Session := loginUser ( t , "user8" )
emptySession := emptyTestSession ( t )
testCases := [ ] struct {
name string
uuid string
createFile bool
session * TestSession
want int
} {
{ "LinkedIssueUUID" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a11" , true , user2Session , http . StatusOK } ,
{ "LinkedCommentUUID" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a17" , true , user2Session , http . StatusOK } ,
{ "linked_release_uuid" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a19" , true , user2Session , http . StatusOK } ,
{ "NotExistingUUID" , "b0eebc99-9c0b-4ef8-bb6d-6bb9bd380a18" , false , user2Session , http . StatusNotFound } ,
{ "FileMissing" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a18" , false , user2Session , http . StatusInternalServerError } ,
{ "NotLinked" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a20" , true , user2Session , http . StatusNotFound } ,
{ "NotLinkedAccessibleByUploader" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a20" , true , user8Session , http . StatusOK } ,
{ "PublicByNonLogged" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a11" , true , emptySession , http . StatusOK } ,
{ "PrivateByNonLogged" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a12" , true , emptySession , http . StatusNotFound } ,
{ "PrivateAccessibleByAdmin" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a12" , true , adminSession , http . StatusOK } ,
{ "PrivateAccessibleByUser" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a12" , true , user2Session , http . StatusOK } ,
{ "RepoNotAccessibleByUser" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a12" , true , user8Session , http . StatusNotFound } ,
{ "OrgNotAccessibleByUser" , "a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a21" , true , user8Session , http . StatusNotFound } ,
}
for _ , tc := range testCases {
t . Run ( tc . name , func ( t * testing . T ) {
2022-01-20 20:46:10 +03:00
// Write empty file to be available for response
2020-01-05 02:20:08 +03:00
if tc . createFile {
2021-11-19 16:39:57 +03:00
_ , err := storage . Attachments . Save ( repo_model . AttachmentRelativePath ( tc . uuid ) , strings . NewReader ( "hello world" ) , - 1 )
2020-01-05 02:20:08 +03:00
assert . NoError ( t , err )
}
2022-01-20 20:46:10 +03:00
// Actual test
2020-01-05 02:20:08 +03:00
req := NewRequest ( t , "GET" , "/attachments/" + tc . uuid )
tc . session . MakeRequest ( t , req , tc . want )
} )
}
}