code.gitea.io/gitea@v1.21.7/models/auth/token_scope_test.go (about)

     1  // Copyright 2022 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package auth
     5  
     6  import (
     7  	"fmt"
     8  	"testing"
     9  
    10  	"github.com/stretchr/testify/assert"
    11  )
    12  
    13  type scopeTestNormalize struct {
    14  	in  AccessTokenScope
    15  	out AccessTokenScope
    16  	err error
    17  }
    18  
    19  func TestAccessTokenScope_Normalize(t *testing.T) {
    20  	tests := []scopeTestNormalize{
    21  		{"", "", nil},
    22  		{"write:misc,write:notification,read:package,write:notification,public-only", "public-only,write:misc,write:notification,read:package", nil},
    23  		{"all", "all", nil},
    24  		{"write:activitypub,write:admin,write:misc,write:notification,write:organization,write:package,write:issue,write:repository,write:user", "all", nil},
    25  		{"write:activitypub,write:admin,write:misc,write:notification,write:organization,write:package,write:issue,write:repository,write:user,public-only", "public-only,all", nil},
    26  	}
    27  
    28  	for _, scope := range []string{"activitypub", "admin", "misc", "notification", "organization", "package", "issue", "repository", "user"} {
    29  		tests = append(tests,
    30  			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("read:%s", scope)), AccessTokenScope(fmt.Sprintf("read:%s", scope)), nil},
    31  			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("write:%s", scope)), AccessTokenScope(fmt.Sprintf("write:%s", scope)), nil},
    32  			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("write:%[1]s,read:%[1]s", scope)), AccessTokenScope(fmt.Sprintf("write:%s", scope)), nil},
    33  			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("read:%[1]s,write:%[1]s", scope)), AccessTokenScope(fmt.Sprintf("write:%s", scope)), nil},
    34  			scopeTestNormalize{AccessTokenScope(fmt.Sprintf("read:%[1]s,write:%[1]s,write:%[1]s", scope)), AccessTokenScope(fmt.Sprintf("write:%s", scope)), nil},
    35  		)
    36  	}
    37  
    38  	for _, test := range tests {
    39  		t.Run(string(test.in), func(t *testing.T) {
    40  			scope, err := test.in.Normalize()
    41  			assert.Equal(t, test.out, scope)
    42  			assert.Equal(t, test.err, err)
    43  		})
    44  	}
    45  }
    46  
    47  type scopeTestHasScope struct {
    48  	in    AccessTokenScope
    49  	scope AccessTokenScope
    50  	out   bool
    51  	err   error
    52  }
    53  
    54  func TestAccessTokenScope_HasScope(t *testing.T) {
    55  	tests := []scopeTestHasScope{
    56  		{"read:admin", "write:package", false, nil},
    57  		{"all", "write:package", true, nil},
    58  		{"write:package", "all", false, nil},
    59  		{"public-only", "read:issue", false, nil},
    60  	}
    61  
    62  	for _, scope := range []string{"activitypub", "admin", "misc", "notification", "organization", "package", "issue", "repository", "user"} {
    63  		tests = append(tests,
    64  			scopeTestHasScope{
    65  				AccessTokenScope(fmt.Sprintf("read:%s", scope)),
    66  				AccessTokenScope(fmt.Sprintf("read:%s", scope)), true, nil,
    67  			},
    68  			scopeTestHasScope{
    69  				AccessTokenScope(fmt.Sprintf("write:%s", scope)),
    70  				AccessTokenScope(fmt.Sprintf("write:%s", scope)), true, nil,
    71  			},
    72  			scopeTestHasScope{
    73  				AccessTokenScope(fmt.Sprintf("write:%s", scope)),
    74  				AccessTokenScope(fmt.Sprintf("read:%s", scope)), true, nil,
    75  			},
    76  			scopeTestHasScope{
    77  				AccessTokenScope(fmt.Sprintf("read:%s", scope)),
    78  				AccessTokenScope(fmt.Sprintf("write:%s", scope)), false, nil,
    79  			},
    80  		)
    81  	}
    82  
    83  	for _, test := range tests {
    84  		t.Run(string(test.in), func(t *testing.T) {
    85  			hasScope, err := test.in.HasScope(test.scope)
    86  			assert.Equal(t, test.out, hasScope)
    87  			assert.Equal(t, test.err, err)
    88  		})
    89  	}
    90  }