code.gitea.io/gitea@v1.22.3/tests/integration/api_issue_attachment_test.go (about) 1 // Copyright 2021 The Gitea Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package integration 5 6 import ( 7 "bytes" 8 "fmt" 9 "io" 10 "mime/multipart" 11 "net/http" 12 "testing" 13 14 auth_model "code.gitea.io/gitea/models/auth" 15 issues_model "code.gitea.io/gitea/models/issues" 16 repo_model "code.gitea.io/gitea/models/repo" 17 "code.gitea.io/gitea/models/unittest" 18 user_model "code.gitea.io/gitea/models/user" 19 api "code.gitea.io/gitea/modules/structs" 20 "code.gitea.io/gitea/tests" 21 22 "github.com/stretchr/testify/assert" 23 ) 24 25 func TestAPIGetIssueAttachment(t *testing.T) { 26 defer tests.PrepareTestEnv(t)() 27 28 attachment := unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: 1}) 29 repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: attachment.RepoID}) 30 issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{RepoID: attachment.IssueID}) 31 repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID}) 32 33 session := loginUser(t, repoOwner.Name) 34 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadIssue) 35 36 req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/assets/%d", repoOwner.Name, repo.Name, issue.Index, attachment.ID)). 37 AddTokenAuth(token) 38 resp := session.MakeRequest(t, req, http.StatusOK) 39 apiAttachment := new(api.Attachment) 40 DecodeJSON(t, resp, &apiAttachment) 41 42 unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: apiAttachment.ID, IssueID: issue.ID}) 43 } 44 45 func TestAPIListIssueAttachments(t *testing.T) { 46 defer tests.PrepareTestEnv(t)() 47 48 attachment := unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: 1}) 49 repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: attachment.RepoID}) 50 issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{RepoID: attachment.IssueID}) 51 repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID}) 52 53 session := loginUser(t, repoOwner.Name) 54 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadIssue) 55 56 req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/assets", repoOwner.Name, repo.Name, issue.Index)). 57 AddTokenAuth(token) 58 resp := session.MakeRequest(t, req, http.StatusOK) 59 apiAttachment := new([]api.Attachment) 60 DecodeJSON(t, resp, &apiAttachment) 61 62 unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: (*apiAttachment)[0].ID, IssueID: issue.ID}) 63 } 64 65 func TestAPICreateIssueAttachment(t *testing.T) { 66 defer tests.PrepareTestEnv(t)() 67 68 repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1}) 69 issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{RepoID: repo.ID}) 70 repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID}) 71 72 session := loginUser(t, repoOwner.Name) 73 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteIssue) 74 75 filename := "image.png" 76 buff := generateImg() 77 body := &bytes.Buffer{} 78 79 // Setup multi-part 80 writer := multipart.NewWriter(body) 81 part, err := writer.CreateFormFile("attachment", filename) 82 assert.NoError(t, err) 83 _, err = io.Copy(part, &buff) 84 assert.NoError(t, err) 85 err = writer.Close() 86 assert.NoError(t, err) 87 88 req := NewRequestWithBody(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/assets", repoOwner.Name, repo.Name, issue.Index), body). 89 AddTokenAuth(token) 90 req.Header.Add("Content-Type", writer.FormDataContentType()) 91 resp := session.MakeRequest(t, req, http.StatusCreated) 92 93 apiAttachment := new(api.Attachment) 94 DecodeJSON(t, resp, &apiAttachment) 95 96 unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: apiAttachment.ID, IssueID: issue.ID}) 97 } 98 99 func TestAPICreateIssueAttachmentWithUnallowedFile(t *testing.T) { 100 defer tests.PrepareTestEnv(t)() 101 102 repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1}) 103 issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{RepoID: repo.ID}) 104 repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID}) 105 106 session := loginUser(t, repoOwner.Name) 107 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteIssue) 108 109 filename := "file.bad" 110 body := &bytes.Buffer{} 111 112 // Setup multi-part. 113 writer := multipart.NewWriter(body) 114 _, err := writer.CreateFormFile("attachment", filename) 115 assert.NoError(t, err) 116 err = writer.Close() 117 assert.NoError(t, err) 118 119 req := NewRequestWithBody(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/assets", repoOwner.Name, repo.Name, issue.Index), body). 120 AddTokenAuth(token) 121 req.Header.Add("Content-Type", writer.FormDataContentType()) 122 123 session.MakeRequest(t, req, http.StatusUnprocessableEntity) 124 } 125 126 func TestAPIEditIssueAttachment(t *testing.T) { 127 defer tests.PrepareTestEnv(t)() 128 129 const newAttachmentName = "newAttachmentName" 130 131 attachment := unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: 1}) 132 repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: attachment.RepoID}) 133 issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{RepoID: attachment.IssueID}) 134 repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID}) 135 136 session := loginUser(t, repoOwner.Name) 137 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteIssue) 138 urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/assets/%d", 139 repoOwner.Name, repo.Name, issue.Index, attachment.ID) 140 req := NewRequestWithValues(t, "PATCH", urlStr, map[string]string{ 141 "name": newAttachmentName, 142 }).AddTokenAuth(token) 143 resp := session.MakeRequest(t, req, http.StatusCreated) 144 apiAttachment := new(api.Attachment) 145 DecodeJSON(t, resp, &apiAttachment) 146 147 unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: apiAttachment.ID, IssueID: issue.ID, Name: apiAttachment.Name}) 148 } 149 150 func TestAPIDeleteIssueAttachment(t *testing.T) { 151 defer tests.PrepareTestEnv(t)() 152 153 attachment := unittest.AssertExistsAndLoadBean(t, &repo_model.Attachment{ID: 1}) 154 repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: attachment.RepoID}) 155 issue := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{RepoID: attachment.IssueID}) 156 repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID}) 157 158 session := loginUser(t, repoOwner.Name) 159 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteIssue) 160 161 req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/assets/%d", repoOwner.Name, repo.Name, issue.Index, attachment.ID)). 162 AddTokenAuth(token) 163 session.MakeRequest(t, req, http.StatusNoContent) 164 165 unittest.AssertNotExistsBean(t, &repo_model.Attachment{ID: attachment.ID, IssueID: issue.ID}) 166 }