code.gitea.io/gitea@v1.22.3/tests/integration/api_user_search_test.go (about) 1 // Copyright 2019 The Gitea Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package integration 5 6 import ( 7 "net/http" 8 "testing" 9 10 auth_model "code.gitea.io/gitea/models/auth" 11 "code.gitea.io/gitea/models/unittest" 12 user_model "code.gitea.io/gitea/models/user" 13 api "code.gitea.io/gitea/modules/structs" 14 "code.gitea.io/gitea/tests" 15 16 "github.com/stretchr/testify/assert" 17 ) 18 19 type SearchResults struct { 20 OK bool `json:"ok"` 21 Data []*api.User `json:"data"` 22 } 23 24 func TestAPIUserSearchLoggedIn(t *testing.T) { 25 defer tests.PrepareTestEnv(t)() 26 adminUsername := "user1" 27 session := loginUser(t, adminUsername) 28 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser) 29 query := "user2" 30 req := NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query). 31 AddTokenAuth(token) 32 resp := MakeRequest(t, req, http.StatusOK) 33 34 var results SearchResults 35 DecodeJSON(t, resp, &results) 36 assert.NotEmpty(t, results.Data) 37 for _, user := range results.Data { 38 assert.Contains(t, user.UserName, query) 39 assert.NotEmpty(t, user.Email) 40 } 41 42 publicToken := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser, auth_model.AccessTokenScopePublicOnly) 43 req = NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query). 44 AddTokenAuth(publicToken) 45 resp = MakeRequest(t, req, http.StatusOK) 46 results = SearchResults{} 47 DecodeJSON(t, resp, &results) 48 assert.NotEmpty(t, results.Data) 49 for _, user := range results.Data { 50 assert.Contains(t, user.UserName, query) 51 assert.NotEmpty(t, user.Email) 52 assert.True(t, user.Visibility == "public") 53 } 54 } 55 56 func TestAPIUserSearchNotLoggedIn(t *testing.T) { 57 defer tests.PrepareTestEnv(t)() 58 query := "user2" 59 req := NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query) 60 resp := MakeRequest(t, req, http.StatusOK) 61 62 var results SearchResults 63 DecodeJSON(t, resp, &results) 64 assert.NotEmpty(t, results.Data) 65 var modelUser *user_model.User 66 for _, user := range results.Data { 67 assert.Contains(t, user.UserName, query) 68 modelUser = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: user.ID}) 69 assert.EqualValues(t, modelUser.GetPlaceholderEmail(), user.Email) 70 } 71 } 72 73 func TestAPIUserSearchSystemUsers(t *testing.T) { 74 defer tests.PrepareTestEnv(t)() 75 for _, systemUser := range []*user_model.User{ 76 user_model.NewGhostUser(), 77 user_model.NewActionsUser(), 78 } { 79 t.Run(systemUser.Name, func(t *testing.T) { 80 req := NewRequestf(t, "GET", "/api/v1/users/search?uid=%d", systemUser.ID) 81 resp := MakeRequest(t, req, http.StatusOK) 82 83 var results SearchResults 84 DecodeJSON(t, resp, &results) 85 assert.NotEmpty(t, results.Data) 86 if assert.EqualValues(t, 1, len(results.Data)) { 87 user := results.Data[0] 88 assert.EqualValues(t, user.UserName, systemUser.Name) 89 assert.EqualValues(t, user.ID, systemUser.ID) 90 } 91 }) 92 } 93 } 94 95 func TestAPIUserSearchAdminLoggedInUserHidden(t *testing.T) { 96 defer tests.PrepareTestEnv(t)() 97 adminUsername := "user1" 98 session := loginUser(t, adminUsername) 99 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadUser) 100 query := "user31" 101 req := NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query). 102 AddTokenAuth(token) 103 resp := MakeRequest(t, req, http.StatusOK) 104 105 var results SearchResults 106 DecodeJSON(t, resp, &results) 107 assert.NotEmpty(t, results.Data) 108 for _, user := range results.Data { 109 assert.Contains(t, user.UserName, query) 110 assert.NotEmpty(t, user.Email) 111 assert.EqualValues(t, "private", user.Visibility) 112 } 113 } 114 115 func TestAPIUserSearchNotLoggedInUserHidden(t *testing.T) { 116 defer tests.PrepareTestEnv(t)() 117 query := "user31" 118 req := NewRequestf(t, "GET", "/api/v1/users/search?q=%s", query) 119 resp := MakeRequest(t, req, http.StatusOK) 120 121 var results SearchResults 122 DecodeJSON(t, resp, &results) 123 assert.Empty(t, results.Data) 124 }