code.gitea.io/gitea@v1.21.7/tests/integration/api_user_secrets_test.go (about)

     1  // Copyright 2023 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package integration
     5  
     6  import (
     7  	"fmt"
     8  	"net/http"
     9  	"testing"
    10  
    11  	auth_model "code.gitea.io/gitea/models/auth"
    12  	api "code.gitea.io/gitea/modules/structs"
    13  	"code.gitea.io/gitea/tests"
    14  )
    15  
    16  func TestAPIUserSecrets(t *testing.T) {
    17  	defer tests.PrepareTestEnv(t)()
    18  
    19  	session := loginUser(t, "user1")
    20  	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteUser)
    21  
    22  	t.Run("Create", func(t *testing.T) {
    23  		cases := []struct {
    24  			Name           string
    25  			ExpectedStatus int
    26  		}{
    27  			{
    28  				Name:           "",
    29  				ExpectedStatus: http.StatusNotFound,
    30  			},
    31  			{
    32  				Name:           "-",
    33  				ExpectedStatus: http.StatusBadRequest,
    34  			},
    35  			{
    36  				Name:           "_",
    37  				ExpectedStatus: http.StatusCreated,
    38  			},
    39  			{
    40  				Name:           "secret",
    41  				ExpectedStatus: http.StatusCreated,
    42  			},
    43  			{
    44  				Name:           "2secret",
    45  				ExpectedStatus: http.StatusBadRequest,
    46  			},
    47  			{
    48  				Name:           "GITEA_secret",
    49  				ExpectedStatus: http.StatusBadRequest,
    50  			},
    51  			{
    52  				Name:           "GITHUB_secret",
    53  				ExpectedStatus: http.StatusBadRequest,
    54  			},
    55  		}
    56  
    57  		for _, c := range cases {
    58  			req := NewRequestWithJSON(t, "PUT", fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", c.Name, token), api.CreateOrUpdateSecretOption{
    59  				Data: "data",
    60  			})
    61  			MakeRequest(t, req, c.ExpectedStatus)
    62  		}
    63  	})
    64  
    65  	t.Run("Update", func(t *testing.T) {
    66  		name := "update_secret"
    67  		url := fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", name, token)
    68  
    69  		req := NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
    70  			Data: "initial",
    71  		})
    72  		MakeRequest(t, req, http.StatusCreated)
    73  
    74  		req = NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
    75  			Data: "changed",
    76  		})
    77  		MakeRequest(t, req, http.StatusNoContent)
    78  	})
    79  
    80  	t.Run("Delete", func(t *testing.T) {
    81  		name := "delete_secret"
    82  		url := fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", name, token)
    83  
    84  		req := NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
    85  			Data: "initial",
    86  		})
    87  		MakeRequest(t, req, http.StatusCreated)
    88  
    89  		req = NewRequest(t, "DELETE", url)
    90  		MakeRequest(t, req, http.StatusNoContent)
    91  
    92  		req = NewRequest(t, "DELETE", url)
    93  		MakeRequest(t, req, http.StatusNotFound)
    94  
    95  		req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/actions/secrets/000?token=%s", token))
    96  		MakeRequest(t, req, http.StatusBadRequest)
    97  	})
    98  }