code.gitea.io/gitea@v1.21.7/tests/integration/api_org_test.go (about) 1 // Copyright 2018 The Gitea Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package integration 5 6 import ( 7 "fmt" 8 "net/http" 9 "net/url" 10 "strings" 11 "testing" 12 13 auth_model "code.gitea.io/gitea/models/auth" 14 "code.gitea.io/gitea/models/db" 15 org_model "code.gitea.io/gitea/models/organization" 16 "code.gitea.io/gitea/models/perm" 17 unit_model "code.gitea.io/gitea/models/unit" 18 "code.gitea.io/gitea/models/unittest" 19 user_model "code.gitea.io/gitea/models/user" 20 "code.gitea.io/gitea/modules/setting" 21 api "code.gitea.io/gitea/modules/structs" 22 "code.gitea.io/gitea/tests" 23 24 "github.com/stretchr/testify/assert" 25 ) 26 27 func TestAPIOrgCreate(t *testing.T) { 28 onGiteaRun(t, func(*testing.T, *url.URL) { 29 token := getUserToken(t, "user1", auth_model.AccessTokenScopeWriteOrganization) 30 31 org := api.CreateOrgOption{ 32 UserName: "user1_org", 33 FullName: "User1's organization", 34 Description: "This organization created by user1", 35 Website: "https://try.gitea.io", 36 Location: "Shanghai", 37 Visibility: "limited", 38 } 39 req := NewRequestWithJSON(t, "POST", "/api/v1/orgs?token="+token, &org) 40 resp := MakeRequest(t, req, http.StatusCreated) 41 42 var apiOrg api.Organization 43 DecodeJSON(t, resp, &apiOrg) 44 45 assert.Equal(t, org.UserName, apiOrg.Name) 46 assert.Equal(t, org.FullName, apiOrg.FullName) 47 assert.Equal(t, org.Description, apiOrg.Description) 48 assert.Equal(t, org.Website, apiOrg.Website) 49 assert.Equal(t, org.Location, apiOrg.Location) 50 assert.Equal(t, org.Visibility, apiOrg.Visibility) 51 52 unittest.AssertExistsAndLoadBean(t, &user_model.User{ 53 Name: org.UserName, 54 LowerName: strings.ToLower(org.UserName), 55 FullName: org.FullName, 56 }) 57 58 // Check owner team permission 59 ownerTeam, _ := org_model.GetOwnerTeam(db.DefaultContext, apiOrg.ID) 60 61 for _, ut := range unit_model.AllRepoUnitTypes { 62 up := perm.AccessModeOwner 63 if ut == unit_model.TypeExternalTracker || ut == unit_model.TypeExternalWiki { 64 up = perm.AccessModeRead 65 } 66 unittest.AssertExistsAndLoadBean(t, &org_model.TeamUnit{ 67 OrgID: apiOrg.ID, 68 TeamID: ownerTeam.ID, 69 Type: ut, 70 AccessMode: up, 71 }) 72 } 73 74 req = NewRequestf(t, "GET", "/api/v1/orgs/%s?token=%s", org.UserName, token) 75 resp = MakeRequest(t, req, http.StatusOK) 76 DecodeJSON(t, resp, &apiOrg) 77 assert.EqualValues(t, org.UserName, apiOrg.Name) 78 79 req = NewRequestf(t, "GET", "/api/v1/orgs/%s/repos?token=%s", org.UserName, token) 80 resp = MakeRequest(t, req, http.StatusOK) 81 82 var repos []*api.Repository 83 DecodeJSON(t, resp, &repos) 84 for _, repo := range repos { 85 assert.False(t, repo.Private) 86 } 87 88 req = NewRequestf(t, "GET", "/api/v1/orgs/%s/members?token=%s", org.UserName, token) 89 resp = MakeRequest(t, req, http.StatusOK) 90 91 // user1 on this org is public 92 var users []*api.User 93 DecodeJSON(t, resp, &users) 94 assert.Len(t, users, 1) 95 assert.EqualValues(t, "user1", users[0].UserName) 96 }) 97 } 98 99 func TestAPIOrgEdit(t *testing.T) { 100 onGiteaRun(t, func(*testing.T, *url.URL) { 101 session := loginUser(t, "user1") 102 103 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteOrganization) 104 org := api.EditOrgOption{ 105 FullName: "Org3 organization new full name", 106 Description: "A new description", 107 Website: "https://try.gitea.io/new", 108 Location: "Beijing", 109 Visibility: "private", 110 } 111 req := NewRequestWithJSON(t, "PATCH", "/api/v1/orgs/org3?token="+token, &org) 112 resp := MakeRequest(t, req, http.StatusOK) 113 114 var apiOrg api.Organization 115 DecodeJSON(t, resp, &apiOrg) 116 117 assert.Equal(t, "org3", apiOrg.Name) 118 assert.Equal(t, org.FullName, apiOrg.FullName) 119 assert.Equal(t, org.Description, apiOrg.Description) 120 assert.Equal(t, org.Website, apiOrg.Website) 121 assert.Equal(t, org.Location, apiOrg.Location) 122 assert.Equal(t, org.Visibility, apiOrg.Visibility) 123 }) 124 } 125 126 func TestAPIOrgEditBadVisibility(t *testing.T) { 127 onGiteaRun(t, func(*testing.T, *url.URL) { 128 session := loginUser(t, "user1") 129 130 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteOrganization) 131 org := api.EditOrgOption{ 132 FullName: "Org3 organization new full name", 133 Description: "A new description", 134 Website: "https://try.gitea.io/new", 135 Location: "Beijing", 136 Visibility: "badvisibility", 137 } 138 req := NewRequestWithJSON(t, "PATCH", "/api/v1/orgs/org3?token="+token, &org) 139 MakeRequest(t, req, http.StatusUnprocessableEntity) 140 }) 141 } 142 143 func TestAPIOrgDeny(t *testing.T) { 144 onGiteaRun(t, func(*testing.T, *url.URL) { 145 setting.Service.RequireSignInView = true 146 defer func() { 147 setting.Service.RequireSignInView = false 148 }() 149 150 orgName := "user1_org" 151 req := NewRequestf(t, "GET", "/api/v1/orgs/%s", orgName) 152 MakeRequest(t, req, http.StatusNotFound) 153 154 req = NewRequestf(t, "GET", "/api/v1/orgs/%s/repos", orgName) 155 MakeRequest(t, req, http.StatusNotFound) 156 157 req = NewRequestf(t, "GET", "/api/v1/orgs/%s/members", orgName) 158 MakeRequest(t, req, http.StatusNotFound) 159 }) 160 } 161 162 func TestAPIGetAll(t *testing.T) { 163 defer tests.PrepareTestEnv(t)() 164 165 token := getUserToken(t, "user1", auth_model.AccessTokenScopeReadOrganization) 166 167 // accessing with a token will return all orgs 168 req := NewRequestf(t, "GET", "/api/v1/orgs?token=%s", token) 169 resp := MakeRequest(t, req, http.StatusOK) 170 var apiOrgList []*api.Organization 171 172 DecodeJSON(t, resp, &apiOrgList) 173 assert.Len(t, apiOrgList, 11) 174 assert.Equal(t, "Limited Org 36", apiOrgList[1].FullName) 175 assert.Equal(t, "limited", apiOrgList[1].Visibility) 176 177 // accessing without a token will return only public orgs 178 req = NewRequestf(t, "GET", "/api/v1/orgs") 179 resp = MakeRequest(t, req, http.StatusOK) 180 181 DecodeJSON(t, resp, &apiOrgList) 182 assert.Len(t, apiOrgList, 7) 183 assert.Equal(t, "org 17", apiOrgList[0].FullName) 184 assert.Equal(t, "public", apiOrgList[0].Visibility) 185 } 186 187 func TestAPIOrgSearchEmptyTeam(t *testing.T) { 188 onGiteaRun(t, func(*testing.T, *url.URL) { 189 token := getUserToken(t, "user1", auth_model.AccessTokenScopeWriteOrganization) 190 orgName := "org_with_empty_team" 191 192 // create org 193 req := NewRequestWithJSON(t, "POST", "/api/v1/orgs?token="+token, &api.CreateOrgOption{ 194 UserName: orgName, 195 }) 196 MakeRequest(t, req, http.StatusCreated) 197 198 // create team with no member 199 req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/orgs/%s/teams?token=%s", orgName, token), &api.CreateTeamOption{ 200 Name: "Empty", 201 IncludesAllRepositories: true, 202 Permission: "read", 203 Units: []string{"repo.code", "repo.issues", "repo.ext_issues", "repo.wiki", "repo.pulls"}, 204 }) 205 MakeRequest(t, req, http.StatusCreated) 206 207 // case-insensitive search for teams that have no members 208 req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/%s/teams/search?q=%s&token=%s", orgName, "empty", token)) 209 resp := MakeRequest(t, req, http.StatusOK) 210 data := struct { 211 Ok bool 212 Data []*api.Team 213 }{} 214 DecodeJSON(t, resp, &data) 215 assert.True(t, data.Ok) 216 if assert.Len(t, data.Data, 1) { 217 assert.EqualValues(t, "Empty", data.Data[0].Name) 218 } 219 }) 220 }