code.gitea.io/gitea@v1.22.3/tests/integration/api_repo_collaborator_test.go

code.gitea.io/gitea@v1.22.3/tests/integration/api_repo_collaborator_test.go (about)

     1  // Copyright 2022 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package integration
     5  
     6  import (
     7  	"net/http"
     8  	"net/url"
     9  	"testing"
    10  
    11  	auth_model "code.gitea.io/gitea/models/auth"
    12  	"code.gitea.io/gitea/models/perm"
    13  	repo_model "code.gitea.io/gitea/models/repo"
    14  	"code.gitea.io/gitea/models/unittest"
    15  	user_model "code.gitea.io/gitea/models/user"
    16  	api "code.gitea.io/gitea/modules/structs"
    17  
    18  	"github.com/stretchr/testify/assert"
    19  )
    20  
    21  func TestAPIRepoCollaboratorPermission(t *testing.T) {
    22  	onGiteaRun(t, func(t *testing.T, u *url.URL) {
    23  		repo2 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2})
    24  		repo2Owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo2.OwnerID})
    25  
    26  		user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4})
    27  		user5 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})
    28  		user10 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 10})
    29  		user11 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 11})
    30  		user34 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 34})
    31  
    32  		testCtx := NewAPITestContext(t, repo2Owner.Name, repo2.Name, auth_model.AccessTokenScopeWriteRepository)
    33  
    34  		t.Run("RepoOwnerShouldBeOwner", func(t *testing.T) {
    35  			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission", repo2Owner.Name, repo2.Name, repo2Owner.Name).
    36  				AddTokenAuth(testCtx.Token)
    37  			resp := MakeRequest(t, req, http.StatusOK)
    38  
    39  			var repoPermission api.RepoCollaboratorPermission
    40  			DecodeJSON(t, resp, &repoPermission)
    41  
    42  			assert.Equal(t, "owner", repoPermission.Permission)
    43  		})
    44  
    45  		t.Run("CollaboratorWithReadAccess", func(t *testing.T) {
    46  			t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeRead))
    47  
    48  			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission", repo2Owner.Name, repo2.Name, user4.Name).
    49  				AddTokenAuth(testCtx.Token)
    50  			resp := MakeRequest(t, req, http.StatusOK)
    51  
    52  			var repoPermission api.RepoCollaboratorPermission
    53  			DecodeJSON(t, resp, &repoPermission)
    54  
    55  			assert.Equal(t, "read", repoPermission.Permission)
    56  		})
    57  
    58  		t.Run("CollaboratorWithWriteAccess", func(t *testing.T) {
    59  			t.Run("AddUserAsCollaboratorWithWriteAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeWrite))
    60  
    61  			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission", repo2Owner.Name, repo2.Name, user4.Name).
    62  				AddTokenAuth(testCtx.Token)
    63  			resp := MakeRequest(t, req, http.StatusOK)
    64  
    65  			var repoPermission api.RepoCollaboratorPermission
    66  			DecodeJSON(t, resp, &repoPermission)
    67  
    68  			assert.Equal(t, "write", repoPermission.Permission)
    69  		})
    70  
    71  		t.Run("CollaboratorWithAdminAccess", func(t *testing.T) {
    72  			t.Run("AddUserAsCollaboratorWithAdminAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeAdmin))
    73  
    74  			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission", repo2Owner.Name, repo2.Name, user4.Name).
    75  				AddTokenAuth(testCtx.Token)
    76  			resp := MakeRequest(t, req, http.StatusOK)
    77  
    78  			var repoPermission api.RepoCollaboratorPermission
    79  			DecodeJSON(t, resp, &repoPermission)
    80  
    81  			assert.Equal(t, "admin", repoPermission.Permission)
    82  		})
    83  
    84  		t.Run("CollaboratorNotFound", func(t *testing.T) {
    85  			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission", repo2Owner.Name, repo2.Name, "non-existent-user").
    86  				AddTokenAuth(testCtx.Token)
    87  			MakeRequest(t, req, http.StatusNotFound)
    88  		})
    89  
    90  		t.Run("CollaboratorBlocked", func(t *testing.T) {
    91  			ctx := NewAPITestContext(t, repo2Owner.Name, repo2.Name, auth_model.AccessTokenScopeWriteRepository)
    92  			ctx.ExpectedCode = http.StatusForbidden
    93  			doAPIAddCollaborator(ctx, user34.Name, perm.AccessModeAdmin)(t)
    94  		})
    95  
    96  		t.Run("CollaboratorCanQueryItsPermissions", func(t *testing.T) {
    97  			t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user5.Name, perm.AccessModeRead))
    98  
    99  			_session := loginUser(t, user5.Name)
   100  			_testCtx := NewAPITestContext(t, user5.Name, repo2.Name, auth_model.AccessTokenScopeReadRepository)
   101  
   102  			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission", repo2Owner.Name, repo2.Name, user5.Name).
   103  				AddTokenAuth(_testCtx.Token)
   104  			resp := _session.MakeRequest(t, req, http.StatusOK)
   105  
   106  			var repoPermission api.RepoCollaboratorPermission
   107  			DecodeJSON(t, resp, &repoPermission)
   108  
   109  			assert.Equal(t, "read", repoPermission.Permission)
   110  		})
   111  
   112  		t.Run("CollaboratorCanQueryItsPermissions", func(t *testing.T) {
   113  			t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user5.Name, perm.AccessModeRead))
   114  
   115  			_session := loginUser(t, user5.Name)
   116  			_testCtx := NewAPITestContext(t, user5.Name, repo2.Name, auth_model.AccessTokenScopeReadRepository)
   117  
   118  			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission", repo2Owner.Name, repo2.Name, user5.Name).
   119  				AddTokenAuth(_testCtx.Token)
   120  			resp := _session.MakeRequest(t, req, http.StatusOK)
   121  
   122  			var repoPermission api.RepoCollaboratorPermission
   123  			DecodeJSON(t, resp, &repoPermission)
   124  
   125  			assert.Equal(t, "read", repoPermission.Permission)
   126  		})
   127  
   128  		t.Run("RepoAdminCanQueryACollaboratorsPermissions", func(t *testing.T) {
   129  			t.Run("AddUserAsCollaboratorWithAdminAccess", doAPIAddCollaborator(testCtx, user10.Name, perm.AccessModeAdmin))
   130  			t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user11.Name, perm.AccessModeRead))
   131  
   132  			_session := loginUser(t, user10.Name)
   133  			_testCtx := NewAPITestContext(t, user10.Name, repo2.Name, auth_model.AccessTokenScopeReadRepository)
   134  
   135  			req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission", repo2Owner.Name, repo2.Name, user11.Name).
   136  				AddTokenAuth(_testCtx.Token)
   137  			resp := _session.MakeRequest(t, req, http.StatusOK)
   138  
   139  			var repoPermission api.RepoCollaboratorPermission
   140  			DecodeJSON(t, resp, &repoPermission)
   141  
   142  			assert.Equal(t, "read", repoPermission.Permission)
   143  		})
   144  	})
   145  }