code.gitea.io/gitea@v1.22.3/tests/integration/api_repo_branch_test.go (about) 1 // Copyright 2021 The Gitea Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package integration 5 6 import ( 7 "bytes" 8 "fmt" 9 "io" 10 "net/http" 11 "net/url" 12 "testing" 13 14 auth_model "code.gitea.io/gitea/models/auth" 15 repo_model "code.gitea.io/gitea/models/repo" 16 "code.gitea.io/gitea/models/unittest" 17 user_model "code.gitea.io/gitea/models/user" 18 "code.gitea.io/gitea/modules/json" 19 "code.gitea.io/gitea/modules/setting" 20 api "code.gitea.io/gitea/modules/structs" 21 "code.gitea.io/gitea/tests" 22 23 "github.com/stretchr/testify/assert" 24 ) 25 26 func TestAPIRepoBranchesPlain(t *testing.T) { 27 onGiteaRun(t, func(*testing.T, *url.URL) { 28 repo3 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 3}) 29 user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1}) 30 session := loginUser(t, user1.LowerName) 31 32 // public only token should be forbidden 33 publicOnlyToken := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopePublicOnly, auth_model.AccessTokenScopeWriteRepository) 34 link, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches", repo3.Name)) // a plain repo 35 MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden) 36 37 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository) 38 resp := MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusOK) 39 bs, err := io.ReadAll(resp.Body) 40 assert.NoError(t, err) 41 42 var branches []*api.Branch 43 assert.NoError(t, json.Unmarshal(bs, &branches)) 44 assert.Len(t, branches, 2) 45 assert.EqualValues(t, "test_branch", branches[0].Name) 46 assert.EqualValues(t, "master", branches[1].Name) 47 48 link2, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches/test_branch", repo3.Name)) 49 MakeRequest(t, NewRequest(t, "GET", link2.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden) 50 51 resp = MakeRequest(t, NewRequest(t, "GET", link2.String()).AddTokenAuth(token), http.StatusOK) 52 bs, err = io.ReadAll(resp.Body) 53 assert.NoError(t, err) 54 var branch api.Branch 55 assert.NoError(t, json.Unmarshal(bs, &branch)) 56 assert.EqualValues(t, "test_branch", branch.Name) 57 58 MakeRequest(t, NewRequest(t, "POST", link.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden) 59 60 req := NewRequest(t, "POST", link.String()).AddTokenAuth(token) 61 req.Header.Add("Content-Type", "application/json") 62 req.Body = io.NopCloser(bytes.NewBufferString(`{"new_branch_name":"test_branch2", "old_branch_name": "test_branch", "old_ref_name":"refs/heads/test_branch"}`)) 63 resp = MakeRequest(t, req, http.StatusCreated) 64 bs, err = io.ReadAll(resp.Body) 65 assert.NoError(t, err) 66 var branch2 api.Branch 67 assert.NoError(t, json.Unmarshal(bs, &branch2)) 68 assert.EqualValues(t, "test_branch2", branch2.Name) 69 assert.EqualValues(t, branch.Commit.ID, branch2.Commit.ID) 70 71 resp = MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusOK) 72 bs, err = io.ReadAll(resp.Body) 73 assert.NoError(t, err) 74 75 branches = []*api.Branch{} 76 assert.NoError(t, json.Unmarshal(bs, &branches)) 77 assert.Len(t, branches, 3) 78 assert.EqualValues(t, "test_branch", branches[0].Name) 79 assert.EqualValues(t, "test_branch2", branches[1].Name) 80 assert.EqualValues(t, "master", branches[2].Name) 81 82 link3, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches/test_branch2", repo3.Name)) 83 MakeRequest(t, NewRequest(t, "DELETE", link3.String()), http.StatusNotFound) 84 MakeRequest(t, NewRequest(t, "DELETE", link3.String()).AddTokenAuth(publicOnlyToken), http.StatusForbidden) 85 86 MakeRequest(t, NewRequest(t, "DELETE", link3.String()).AddTokenAuth(token), http.StatusNoContent) 87 assert.NoError(t, err) 88 }) 89 } 90 91 func TestAPIRepoBranchesMirror(t *testing.T) { 92 defer tests.PrepareTestEnv(t)() 93 94 repo5 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 5}) 95 user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1}) 96 session := loginUser(t, user1.LowerName) 97 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository) 98 99 link, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches", repo5.Name)) // a mirror repo 100 resp := MakeRequest(t, NewRequest(t, "GET", link.String()).AddTokenAuth(token), http.StatusOK) 101 bs, err := io.ReadAll(resp.Body) 102 assert.NoError(t, err) 103 104 var branches []*api.Branch 105 assert.NoError(t, json.Unmarshal(bs, &branches)) 106 assert.Len(t, branches, 2) 107 assert.EqualValues(t, "test_branch", branches[0].Name) 108 assert.EqualValues(t, "master", branches[1].Name) 109 110 link2, _ := url.Parse(fmt.Sprintf("/api/v1/repos/org3/%s/branches/test_branch", repo5.Name)) 111 resp = MakeRequest(t, NewRequest(t, "GET", link2.String()).AddTokenAuth(token), http.StatusOK) 112 bs, err = io.ReadAll(resp.Body) 113 assert.NoError(t, err) 114 var branch api.Branch 115 assert.NoError(t, json.Unmarshal(bs, &branch)) 116 assert.EqualValues(t, "test_branch", branch.Name) 117 118 req := NewRequest(t, "POST", link.String()).AddTokenAuth(token) 119 req.Header.Add("Content-Type", "application/json") 120 req.Body = io.NopCloser(bytes.NewBufferString(`{"new_branch_name":"test_branch2", "old_branch_name": "test_branch", "old_ref_name":"refs/heads/test_branch"}`)) 121 resp = MakeRequest(t, req, http.StatusForbidden) 122 bs, err = io.ReadAll(resp.Body) 123 assert.NoError(t, err) 124 assert.EqualValues(t, "{\"message\":\"Git Repository is a mirror.\",\"url\":\""+setting.AppURL+"api/swagger\"}\n", string(bs)) 125 126 resp = MakeRequest(t, NewRequest(t, "DELETE", link2.String()).AddTokenAuth(token), http.StatusForbidden) 127 bs, err = io.ReadAll(resp.Body) 128 assert.NoError(t, err) 129 assert.EqualValues(t, "{\"message\":\"Git Repository is a mirror.\",\"url\":\""+setting.AppURL+"api/swagger\"}\n", string(bs)) 130 }