code.gitea.io/gitea@v1.21.7/models/git/protected_tag_test.go (about) 1 // Copyright 2021 The Gitea Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package git_test 5 6 import ( 7 "testing" 8 9 "code.gitea.io/gitea/models/db" 10 git_model "code.gitea.io/gitea/models/git" 11 "code.gitea.io/gitea/models/unittest" 12 13 "github.com/stretchr/testify/assert" 14 ) 15 16 func TestIsUserAllowed(t *testing.T) { 17 assert.NoError(t, unittest.PrepareTestDatabase()) 18 19 pt := &git_model.ProtectedTag{} 20 allowed, err := git_model.IsUserAllowedModifyTag(db.DefaultContext, pt, 1) 21 assert.NoError(t, err) 22 assert.False(t, allowed) 23 24 pt = &git_model.ProtectedTag{ 25 AllowlistUserIDs: []int64{1}, 26 } 27 allowed, err = git_model.IsUserAllowedModifyTag(db.DefaultContext, pt, 1) 28 assert.NoError(t, err) 29 assert.True(t, allowed) 30 31 allowed, err = git_model.IsUserAllowedModifyTag(db.DefaultContext, pt, 2) 32 assert.NoError(t, err) 33 assert.False(t, allowed) 34 35 pt = &git_model.ProtectedTag{ 36 AllowlistTeamIDs: []int64{1}, 37 } 38 allowed, err = git_model.IsUserAllowedModifyTag(db.DefaultContext, pt, 1) 39 assert.NoError(t, err) 40 assert.False(t, allowed) 41 42 allowed, err = git_model.IsUserAllowedModifyTag(db.DefaultContext, pt, 2) 43 assert.NoError(t, err) 44 assert.True(t, allowed) 45 46 pt = &git_model.ProtectedTag{ 47 AllowlistUserIDs: []int64{1}, 48 AllowlistTeamIDs: []int64{1}, 49 } 50 allowed, err = git_model.IsUserAllowedModifyTag(db.DefaultContext, pt, 1) 51 assert.NoError(t, err) 52 assert.True(t, allowed) 53 54 allowed, err = git_model.IsUserAllowedModifyTag(db.DefaultContext, pt, 2) 55 assert.NoError(t, err) 56 assert.True(t, allowed) 57 } 58 59 func TestIsUserAllowedToControlTag(t *testing.T) { 60 cases := []struct { 61 name string 62 userid int64 63 allowed bool 64 }{ 65 { 66 name: "test", 67 userid: 1, 68 allowed: true, 69 }, 70 { 71 name: "test", 72 userid: 3, 73 allowed: true, 74 }, 75 { 76 name: "gitea", 77 userid: 1, 78 allowed: true, 79 }, 80 { 81 name: "gitea", 82 userid: 3, 83 allowed: false, 84 }, 85 { 86 name: "test-gitea", 87 userid: 1, 88 allowed: true, 89 }, 90 { 91 name: "test-gitea", 92 userid: 3, 93 allowed: false, 94 }, 95 { 96 name: "gitea-test", 97 userid: 1, 98 allowed: true, 99 }, 100 { 101 name: "gitea-test", 102 userid: 3, 103 allowed: true, 104 }, 105 { 106 name: "v-1", 107 userid: 1, 108 allowed: false, 109 }, 110 { 111 name: "v-1", 112 userid: 2, 113 allowed: true, 114 }, 115 { 116 name: "release", 117 userid: 1, 118 allowed: false, 119 }, 120 } 121 122 t.Run("Glob", func(t *testing.T) { 123 protectedTags := []*git_model.ProtectedTag{ 124 { 125 NamePattern: `*gitea`, 126 AllowlistUserIDs: []int64{1}, 127 }, 128 { 129 NamePattern: `v-*`, 130 AllowlistUserIDs: []int64{2}, 131 }, 132 { 133 NamePattern: "release", 134 }, 135 } 136 137 for n, c := range cases { 138 isAllowed, err := git_model.IsUserAllowedToControlTag(db.DefaultContext, protectedTags, c.name, c.userid) 139 assert.NoError(t, err) 140 assert.Equal(t, c.allowed, isAllowed, "case %d: error should match", n) 141 } 142 }) 143 144 t.Run("Regex", func(t *testing.T) { 145 protectedTags := []*git_model.ProtectedTag{ 146 { 147 NamePattern: `/gitea\z/`, 148 AllowlistUserIDs: []int64{1}, 149 }, 150 { 151 NamePattern: `/\Av-/`, 152 AllowlistUserIDs: []int64{2}, 153 }, 154 { 155 NamePattern: "/release/", 156 }, 157 } 158 159 for n, c := range cases { 160 isAllowed, err := git_model.IsUserAllowedToControlTag(db.DefaultContext, protectedTags, c.name, c.userid) 161 assert.NoError(t, err) 162 assert.Equal(t, c.allowed, isAllowed, "case %d: error should match", n) 163 } 164 }) 165 }