diff options
Diffstat (limited to 'tests/integration/api_fork_test.go')
-rw-r--r-- | tests/integration/api_fork_test.go | 153 |
1 files changed, 153 insertions, 0 deletions
diff --git a/tests/integration/api_fork_test.go b/tests/integration/api_fork_test.go new file mode 100644 index 0000000..15b60f8 --- /dev/null +++ b/tests/integration/api_fork_test.go @@ -0,0 +1,153 @@ +// Copyright 2017 The Gogs Authors. All rights reserved. +// Copyright 2024 The Forgejo Authors c/o Codeberg e.V.. All rights reserved. +// SPDX-License-Identifier: MIT + +package integration + +import ( + "fmt" + "net/http" + "net/url" + "testing" + + auth_model "code.gitea.io/gitea/models/auth" + "code.gitea.io/gitea/models/unittest" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/setting" + api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/test" + "code.gitea.io/gitea/routers" + "code.gitea.io/gitea/tests" + + "github.com/stretchr/testify/assert" +) + +func TestAPIForkAsAdminIgnoringLimits(t *testing.T) { + defer tests.PrepareTestEnv(t)() + defer test.MockVariableValue(&setting.Repository.AllowForkWithoutMaximumLimit, false)() + defer test.MockVariableValue(&setting.Repository.MaxCreationLimit, 0)() + + user := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"}) + userSession := loginUser(t, user.Name) + userToken := getTokenForLoggedInUser(t, userSession, auth_model.AccessTokenScopeWriteRepository) + adminUser := unittest.AssertExistsAndLoadBean(t, &user_model.User{IsAdmin: true}) + adminSession := loginUser(t, adminUser.Name) + adminToken := getTokenForLoggedInUser(t, adminSession, + auth_model.AccessTokenScopeWriteRepository, + auth_model.AccessTokenScopeWriteOrganization) + + originForkURL := "/api/v1/repos/user12/repo10/forks" + orgName := "fork-org" + + // Create an organization + req := NewRequestWithJSON(t, "POST", "/api/v1/orgs", &api.CreateOrgOption{ + UserName: orgName, + }).AddTokenAuth(adminToken) + MakeRequest(t, req, http.StatusCreated) + + // Create a team + teamToCreate := &api.CreateTeamOption{ + Name: "testers", + IncludesAllRepositories: true, + Permission: "write", + Units: []string{"repo.code", "repo.issues"}, + } + + req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams", orgName), &teamToCreate).AddTokenAuth(adminToken) + resp := MakeRequest(t, req, http.StatusCreated) + var team api.Team + DecodeJSON(t, resp, &team) + + // Add user2 to the team + req = NewRequestf(t, "PUT", "/api/v1/teams/%d/members/user2", team.ID).AddTokenAuth(adminToken) + MakeRequest(t, req, http.StatusNoContent) + + t.Run("forking as regular user", func(t *testing.T) { + defer tests.PrintCurrentTest(t)() + + req := NewRequestWithJSON(t, "POST", originForkURL, &api.CreateForkOption{ + Organization: &orgName, + }).AddTokenAuth(userToken) + MakeRequest(t, req, http.StatusConflict) + }) + + t.Run("forking as an instance admin", func(t *testing.T) { + defer tests.PrintCurrentTest(t)() + + req := NewRequestWithJSON(t, "POST", originForkURL, &api.CreateForkOption{ + Organization: &orgName, + }).AddTokenAuth(adminToken) + MakeRequest(t, req, http.StatusAccepted) + }) +} + +func TestCreateForkNoLogin(t *testing.T) { + defer tests.PrepareTestEnv(t)() + req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/forks", &api.CreateForkOption{}) + MakeRequest(t, req, http.StatusUnauthorized) +} + +func TestAPIDisabledForkRepo(t *testing.T) { + onGiteaRun(t, func(t *testing.T, u *url.URL) { + defer test.MockVariableValue(&setting.Repository.DisableForks, true)() + defer test.MockVariableValue(&testWebRoutes, routers.NormalRoutes())() + + t.Run("fork listing", func(t *testing.T) { + defer tests.PrintCurrentTest(t)() + + req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/forks") + MakeRequest(t, req, http.StatusNotFound) + }) + + t.Run("forking", func(t *testing.T) { + defer tests.PrintCurrentTest(t)() + + session := loginUser(t, "user5") + token := getTokenForLoggedInUser(t, session) + + req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/forks", &api.CreateForkOption{}).AddTokenAuth(token) + session.MakeRequest(t, req, http.StatusNotFound) + }) + }) +} + +func TestAPIForkListPrivateRepo(t *testing.T) { + defer tests.PrepareTestEnv(t)() + + session := loginUser(t, "user5") + token := getTokenForLoggedInUser(t, session, + auth_model.AccessTokenScopeWriteRepository, + auth_model.AccessTokenScopeWriteOrganization) + org23 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 23, Visibility: api.VisibleTypePrivate}) + + req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/forks", &api.CreateForkOption{ + Organization: &org23.Name, + }).AddTokenAuth(token) + MakeRequest(t, req, http.StatusAccepted) + + t.Run("Anomynous", func(t *testing.T) { + defer tests.PrintCurrentTest(t)() + + req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/forks") + resp := MakeRequest(t, req, http.StatusOK) + + var forks []*api.Repository + DecodeJSON(t, resp, &forks) + + assert.Empty(t, forks) + assert.EqualValues(t, "0", resp.Header().Get("X-Total-Count")) + }) + + t.Run("Logged in", func(t *testing.T) { + defer tests.PrintCurrentTest(t)() + + req := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/forks").AddTokenAuth(token) + resp := MakeRequest(t, req, http.StatusOK) + + var forks []*api.Repository + DecodeJSON(t, resp, &forks) + + assert.Len(t, forks, 1) + assert.EqualValues(t, "1", resp.Header().Get("X-Total-Count")) + }) +} |