From dd136858f1ea40ad3c94191d647487fa4f31926c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 18 Oct 2024 20:33:49 +0200 Subject: Adding upstream version 9.0.0. Signed-off-by: Daniel Baumann --- tests/integration/links_test.go | 251 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 251 insertions(+) create mode 100644 tests/integration/links_test.go (limited to 'tests/integration/links_test.go') diff --git a/tests/integration/links_test.go b/tests/integration/links_test.go new file mode 100644 index 0000000..e9ad933 --- /dev/null +++ b/tests/integration/links_test.go @@ -0,0 +1,251 @@ +// Copyright 2017 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package integration + +import ( + "fmt" + "net/http" + "path" + "testing" + + "code.gitea.io/gitea/modules/setting" + api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/test" + forgejo_context "code.gitea.io/gitea/services/context" + "code.gitea.io/gitea/tests" + + "github.com/stretchr/testify/assert" +) + +func TestLinksNoLogin(t *testing.T) { + defer tests.PrepareTestEnv(t)() + + links := []string{ + "/explore/repos", + "/explore/repos?q=test", + "/explore/users", + "/explore/users?q=test", + "/explore/organizations", + "/explore/organizations?q=test", + "/", + "/user/sign_up", + "/user/login", + "/user/forgot_password", + "/api/swagger", + "/user2/repo1", + "/user2/repo1/", + "/user2/repo1/projects", + "/user2/repo1/projects/1", + "/.well-known/security.txt", + } + + for _, link := range links { + req := NewRequest(t, "GET", link) + MakeRequest(t, req, http.StatusOK) + } +} + +func TestRedirectsNoLogin(t *testing.T) { + defer tests.PrepareTestEnv(t)() + + redirects := map[string]string{ + "/user2/repo1/commits/master": "/user2/repo1/commits/branch/master", + "/user2/repo1/src/master": "/user2/repo1/src/branch/master", + "/user2/repo1/src/master/file.txt": "/user2/repo1/src/branch/master/file.txt", + "/user2/repo1/src/master/directory/file.txt": "/user2/repo1/src/branch/master/directory/file.txt", + "/user/avatar/Ghost/-1": "/assets/img/avatar_default.png", + "/api/v1/swagger": "/api/swagger", + } + for link, redirectLink := range redirects { + req := NewRequest(t, "GET", link) + resp := MakeRequest(t, req, http.StatusSeeOther) + assert.EqualValues(t, path.Join(setting.AppSubURL, redirectLink), test.RedirectURL(resp)) + } +} + +func TestNoLoginNotExist(t *testing.T) { + defer tests.PrepareTestEnv(t)() + + links := []string{ + "/user5/repo4/projects", + "/user5/repo4/projects/3", + } + + for _, link := range links { + req := NewRequest(t, "GET", link) + MakeRequest(t, req, http.StatusNotFound) + } +} + +func testLinksAsUser(userName string, t *testing.T) { + links := []string{ + "/explore/repos", + "/explore/repos?q=test", + "/explore/users", + "/explore/users?q=test", + "/explore/organizations", + "/explore/organizations?q=test", + "/", + "/user/forgot_password", + "/api/swagger", + "/issues", + "/issues?type=your_repositories&repos=[0]&sort=&state=open", + "/issues?type=assigned&repos=[0]&sort=&state=open", + "/issues?type=your_repositories&repos=[0]&sort=&state=closed", + "/issues?type=assigned&repos=[]&sort=&state=closed", + "/issues?type=assigned&sort=&state=open", + "/issues?type=created_by&repos=[1,2]&sort=&state=closed", + "/issues?type=created_by&repos=[1,2]&sort=&state=open", + "/pulls", + "/pulls?type=your_repositories&repos=[2]&sort=&state=open", + "/pulls?type=assigned&repos=[]&sort=&state=open", + "/pulls?type=created_by&repos=[0]&sort=&state=open", + "/pulls?type=your_repositories&repos=[0]&sort=&state=closed", + "/pulls?type=assigned&repos=[0]&sort=&state=closed", + "/pulls?type=created_by&repos=[0]&sort=&state=closed", + "/milestones", + "/milestones?sort=mostcomplete&state=closed", + "/milestones?type=your_repositories&sort=mostcomplete&state=closed", + "/milestones?sort=&repos=[1]&state=closed", + "/milestones?sort=&repos=[1]&state=open", + "/milestones?repos=[0]&sort=mostissues&state=open", + "/notifications", + "/repo/create", + "/repo/migrate", + "/org/create", + "/user2", + "/user2?tab=stars", + "/user2?tab=activity", + "/user/settings", + "/user/settings/account", + "/user/settings/security", + "/user/settings/security/two_factor/enroll", + "/user/settings/keys", + "/user/settings/organization", + "/user/settings/repos", + } + + session := loginUser(t, userName) + for _, link := range links { + req := NewRequest(t, "GET", link) + session.MakeRequest(t, req, http.StatusOK) + } + + reqAPI := NewRequestf(t, "GET", "/api/v1/users/%s/repos", userName) + respAPI := MakeRequest(t, reqAPI, http.StatusOK) + + var apiRepos []*api.Repository + DecodeJSON(t, respAPI, &apiRepos) + + repoLinks := []string{ + "", + "/issues", + "/pulls", + "/commits/branch/master", + "/graph", + "/settings", + "/settings/collaboration", + "/settings/branches", + "/settings/hooks", + // FIXME: below links should return 200 but 404 ?? + //"/settings/hooks/git", + //"/settings/hooks/git/pre-receive", + //"/settings/hooks/git/update", + //"/settings/hooks/git/post-receive", + "/settings/keys", + "/releases", + "/releases/new", + //"/wiki/_pages", + "/wiki/?action=_new", + "/activity", + } + + for _, repo := range apiRepos { + for _, link := range repoLinks { + req := NewRequest(t, "GET", fmt.Sprintf("/%s/%s%s", userName, repo.Name, link)) + session.MakeRequest(t, req, http.StatusOK) + } + } +} + +func TestLinksLogin(t *testing.T) { + defer tests.PrepareTestEnv(t)() + + testLinksAsUser("user2", t) +} + +func TestRedirectsWebhooks(t *testing.T) { + defer tests.PrepareTestEnv(t)() + + // + // A redirect means the route exists but not if it performs as intended. + // + for _, kind := range []string{"forgejo", "gitea"} { + redirects := []struct { + from string + to string + verb string + }{ + {from: "/user2/repo1/settings/hooks/" + kind + "/new", to: "/user/login", verb: "GET"}, + {from: "/user/settings/hooks/" + kind + "/new", to: "/user/login", verb: "GET"}, + {from: "/admin/system-hooks/" + kind + "/new", to: "/user/login", verb: "GET"}, + {from: "/admin/default-hooks/" + kind + "/new", to: "/user/login", verb: "GET"}, + } + for _, info := range redirects { + req := NewRequest(t, info.verb, info.from) + resp := MakeRequest(t, req, http.StatusSeeOther) + assert.EqualValues(t, path.Join(setting.AppSubURL, info.to), test.RedirectURL(resp), info.from) + } + } + + for _, kind := range []string{"forgejo", "gitea"} { + csrf := []struct { + from string + verb string + }{ + {from: "/user2/repo1/settings/hooks/" + kind + "/new", verb: "POST"}, + {from: "/admin/hooks/1", verb: "POST"}, + {from: "/admin/system-hooks/" + kind + "/new", verb: "POST"}, + {from: "/admin/default-hooks/" + kind + "/new", verb: "POST"}, + {from: "/user2/repo1/settings/hooks/1", verb: "POST"}, + } + for _, info := range csrf { + req := NewRequest(t, info.verb, info.from) + resp := MakeRequest(t, req, http.StatusBadRequest) + assert.Contains(t, resp.Body.String(), forgejo_context.CsrfErrorString) + } + } +} + +func TestRepoLinks(t *testing.T) { + defer tests.PrepareTestEnv(t)() + + // repo1 has enabled almost features, so we can test most links + repoLink := "/user2/repo1" + links := []string{ + "/actions", + "/packages", + "/projects", + } + + // anonymous user + for _, link := range links { + req := NewRequest(t, "GET", repoLink+link) + MakeRequest(t, req, http.StatusOK) + } + + // admin/owner user + session := loginUser(t, "user1") + for _, link := range links { + req := NewRequest(t, "GET", repoLink+link) + session.MakeRequest(t, req, http.StatusOK) + } + + // non-admin non-owner user + session = loginUser(t, "user2") + for _, link := range links { + req := NewRequest(t, "GET", repoLink+link) + session.MakeRequest(t, req, http.StatusOK) + } +} -- cgit v1.2.3