6be764ec6e
Hop-State: A_06FNB7D05ZQ3AHD1V0GY5P8 Hop-Proposal: R_06FNB7CDK6ZKM505CPR2DY8 Hop-Task: T_06FNB715NCG0M3SVDJAGHY8 Hop-Attempt: AT_06FNB715NCK5MKAVH59TE0G
166 lines
5.4 KiB
Go
166 lines
5.4 KiB
Go
package gitea
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
)
|
|
|
|
func TestRepositoryUsesTokenAndDecodesResponse(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.URL.Path != "/gitea/api/v1/repos/hop/demo" {
|
|
t.Fatalf("path = %q", r.URL.Path)
|
|
}
|
|
if got := r.Header.Get("Authorization"); got != "token gitea-token" {
|
|
t.Fatalf("authorization = %q", got)
|
|
}
|
|
w.Header().Set("Content-Type", "application/json")
|
|
_, _ = w.Write([]byte(`{"id":42,"owner":{"login":"hop"},"name":"demo","full_name":"hop/demo","clone_url":"http://gitea/hop/demo.git","default_branch":"main"}`))
|
|
}))
|
|
defer server.Close()
|
|
|
|
client, err := NewClient(server.URL+"/gitea", "gitea-token")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
repository, err := client.Repository(context.Background(), "hop", "demo")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if repository.ID != 42 || repository.OwnerName() != "hop" || repository.DefaultBranch != "main" {
|
|
t.Fatalf("unexpected repository: %#v", repository)
|
|
}
|
|
}
|
|
|
|
func TestRepositoryRequiresToken(t *testing.T) {
|
|
client, err := NewClient("http://gitea.test", "")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if _, err := client.Repository(context.Background(), "hop", "demo"); err != ErrTokenNotConfigured {
|
|
t.Fatalf("error = %v, want %v", err, ErrTokenNotConfigured)
|
|
}
|
|
}
|
|
|
|
func TestUserUsesTokenAndDecodesStableID(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.URL.Path != "/api/v1/users/alice" {
|
|
t.Fatalf("path = %q", r.URL.Path)
|
|
}
|
|
if got := r.Header.Get("Authorization"); got != "token gitea-token" {
|
|
t.Fatalf("authorization = %q", got)
|
|
}
|
|
_, _ = w.Write([]byte(`{"id":42,"login":"alice"}`))
|
|
}))
|
|
defer server.Close()
|
|
client, err := NewClient(server.URL, "gitea-token")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
user, err := client.User(context.Background(), "alice")
|
|
if err != nil || user.ID != 42 || user.LoginName() != "alice" {
|
|
t.Fatalf("user = %#v, err = %v", user, err)
|
|
}
|
|
}
|
|
|
|
func TestAuthenticatedUserForwardsSessionCookie(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.URL.Path != "/user/settings" {
|
|
t.Fatalf("path = %q", r.URL.Path)
|
|
}
|
|
if got := r.Header.Get("Cookie"); got != "i_like_gitea=session" {
|
|
t.Fatalf("cookie = %q", got)
|
|
}
|
|
_, _ = w.Write([]byte(`<meta name="hop-signed-user-id" content="42"><meta name="hop-signed-user-login" content="alice">`))
|
|
}))
|
|
defer server.Close()
|
|
client, err := NewClient(server.URL, "")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
user, authenticated, err := client.AuthenticatedUser(context.Background(), "i_like_gitea=session")
|
|
if err != nil || !authenticated || user.ID != 42 || user.LoginName() != "alice" {
|
|
t.Fatalf("user = %#v, authenticated = %t, err = %v", user, authenticated, err)
|
|
}
|
|
}
|
|
|
|
func TestAuthenticatedUserRejectsLoginRedirect(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
http.Redirect(w, r, "/user/login", http.StatusSeeOther)
|
|
}))
|
|
defer server.Close()
|
|
client, err := NewClient(server.URL, "gitea-token")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
user, authenticated, err := client.AuthenticatedUser(context.Background(), "i_like_gitea=expired")
|
|
if err != nil || authenticated || user.ID != 0 {
|
|
t.Fatalf("user = %#v, authenticated = %t, err = %v", user, authenticated, err)
|
|
}
|
|
}
|
|
|
|
func TestAuthenticatedUserRejectsUnidentifiableSettingsPage(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
|
|
_, _ = w.Write([]byte(`<main>settings changed</main>`))
|
|
}))
|
|
defer server.Close()
|
|
client, err := NewClient(server.URL, "gitea-token")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
_, authenticated, err := client.AuthenticatedUser(context.Background(), "i_like_gitea=session")
|
|
if err == nil || authenticated {
|
|
t.Fatalf("authenticated = %t, err = %v", authenticated, err)
|
|
}
|
|
}
|
|
|
|
func TestAuthenticatedUserRejectsMissingSession(t *testing.T) {
|
|
client, err := NewClient("http://gitea.test", "")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
user, authenticated, err := client.AuthenticatedUser(context.Background(), "")
|
|
if err != nil || authenticated || user.ID != 0 {
|
|
t.Fatalf("user = %#v, authenticated = %t, err = %v", user, authenticated, err)
|
|
}
|
|
}
|
|
|
|
func TestViewerCanReadRepositoryForwardsSessionCookie(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.URL.Path != "/hop/private" {
|
|
t.Fatalf("path = %q", r.URL.Path)
|
|
}
|
|
if got := r.Header.Get("Cookie"); got != "i_like_gitea=session" {
|
|
t.Fatalf("cookie = %q", got)
|
|
}
|
|
w.WriteHeader(http.StatusOK)
|
|
}))
|
|
defer server.Close()
|
|
|
|
client, err := NewClient(server.URL, "")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
allowed, err := client.ViewerCanReadRepository(context.Background(), "i_like_gitea=session", "hop", "private")
|
|
if err != nil || !allowed {
|
|
t.Fatalf("allowed = %t, err = %v", allowed, err)
|
|
}
|
|
}
|
|
|
|
func TestViewerCannotReadMissingRepository(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
w.WriteHeader(http.StatusNotFound)
|
|
}))
|
|
defer server.Close()
|
|
|
|
client, err := NewClient(server.URL, "")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
allowed, err := client.ViewerCanReadRepository(context.Background(), "i_like_gitea=session", "hop", "missing")
|
|
if err != nil || allowed {
|
|
t.Fatalf("allowed = %t, err = %v", allowed, err)
|
|
}
|
|
}
|