Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extract api for UI from api v1 routes and remove session dependent for API/v1 #16052

Closed
wants to merge 26 commits into from
Closed

Extract api for UI from api v1 routes and remove session dependent for API/v1 #16052

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
f4652d9
Split UI API routes from API v1 routes
lunny Jun 2, 2021
62bbad4
remove swagger import
lunny Jun 2, 2021
86aaa71
Fix lint
lunny Jun 4, 2021
5cda626
Remove session sso check for api/v1
lunny Jun 4, 2021
810c999
Fix lint
lunny Jun 4, 2021
541205a
fix lint
lunny Jun 5, 2021
01d0418
Fix lint
lunny Jun 5, 2021
5726a51
Fix test
lunny Jun 6, 2021
b10a9fe
Fix test
lunny Jun 6, 2021
5e09cb9
Remove duplicated functions
lunny Jun 9, 2021
40ab875
resolve conflicts
lunny Jun 10, 2021
66d3a59
Fix test
lunny Jun 24, 2021
9fb8d78
Fix test
lunny Aug 20, 2021
f777be0
Fix more tests
lunny Aug 20, 2021
127ed02
Fix tests
lunny Aug 21, 2021
40db221
Fix merge
lunny Oct 14, 2021
acb09a0
Fix test
lunny Oct 15, 2021
a10a1c8
Fix test
lunny Oct 15, 2021
7b70c7a
Fix lint
lunny Oct 15, 2021
53a31d8
merge main branch
lunny Oct 21, 2021
76ff5a8
improve code
lunny Oct 21, 2021
ebe10a9
Fix test
lunny Oct 22, 2021
3486a8b
Fix test
lunny Oct 22, 2021
330bdae
Fix test
lunny Nov 19, 2021
f10724f
Merge
lunny Dec 13, 2021
d133972
Rebase
lunny Mar 25, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 11 additions & 10 deletions integrations/api_admin_org_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,13 @@ import (
"github.com/stretchr/testify/assert"
)

func getUserToken(t testing.TB, userName string) string {
return getTokenForLoggedInUser(t, loginUser(t, userName))
}

func TestAPIAdminOrgCreate(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
session := loginUser(t, "user1")
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user1")

org := api.CreateOrgOption{
UserName: "user2_org",
Expand All @@ -31,7 +34,7 @@ func TestAPIAdminOrgCreate(t *testing.T) {
Visibility: "private",
}
req := NewRequestWithJSON(t, "POST", "/api/v1/admin/users/user2/orgs?token="+token, &org)
resp := session.MakeRequest(t, req, http.StatusCreated)
resp := MakeRequest(t, req, http.StatusCreated)

var apiOrg api.Organization
DecodeJSON(t, resp, &apiOrg)
Expand All @@ -53,8 +56,7 @@ func TestAPIAdminOrgCreate(t *testing.T) {

func TestAPIAdminOrgCreateBadVisibility(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
session := loginUser(t, "user1")
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user1")

org := api.CreateOrgOption{
UserName: "user2_org",
Expand All @@ -65,15 +67,14 @@ func TestAPIAdminOrgCreateBadVisibility(t *testing.T) {
Visibility: "notvalid",
}
req := NewRequestWithJSON(t, "POST", "/api/v1/admin/users/user2/orgs?token="+token, &org)
session.MakeRequest(t, req, http.StatusUnprocessableEntity)
MakeRequest(t, req, http.StatusUnprocessableEntity)
})
}

func TestAPIAdminOrgCreateNotAdmin(t *testing.T) {
defer prepareTestEnv(t)()
nonAdminUsername := "user2"
session := loginUser(t, nonAdminUsername)
token := getTokenForLoggedInUser(t, session)

token := getUserToken(t, "user2")
org := api.CreateOrgOption{
UserName: "user2_org",
FullName: "User2's organization",
Expand All @@ -83,5 +84,5 @@ func TestAPIAdminOrgCreateNotAdmin(t *testing.T) {
Visibility: "public",
}
req := NewRequestWithJSON(t, "POST", "/api/v1/admin/users/user2/orgs?token="+token, &org)
session.MakeRequest(t, req, http.StatusForbidden)
MakeRequest(t, req, http.StatusForbidden)
}
59 changes: 24 additions & 35 deletions integrations/api_admin_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,17 +20,16 @@ import (

func TestAPIAdminCreateAndDeleteSSHKey(t *testing.T) {
defer prepareTestEnv(t)()

// user1 is an admin user
session := loginUser(t, "user1")
token := getUserToken(t, "user1")
keyOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"}).(*user_model.User)

token := getTokenForLoggedInUser(t, session)
urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys?token=%s", keyOwner.Name, token)
req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n",
"title": "test-key",
})
resp := session.MakeRequest(t, req, http.StatusCreated)
resp := MakeRequest(t, req, http.StatusCreated)

var newPublicKey api.PublicKey
DecodeJSON(t, resp, &newPublicKey)
Expand All @@ -44,53 +43,48 @@ func TestAPIAdminCreateAndDeleteSSHKey(t *testing.T) {

req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d?token=%s",
keyOwner.Name, newPublicKey.ID, token)
session.MakeRequest(t, req, http.StatusNoContent)
MakeRequest(t, req, http.StatusNoContent)
unittest.AssertNotExistsBean(t, &asymkey_model.PublicKey{ID: newPublicKey.ID})
}

func TestAPIAdminDeleteMissingSSHKey(t *testing.T) {
defer prepareTestEnv(t)()
// user1 is an admin user
session := loginUser(t, "user1")

token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user1")
req := NewRequestf(t, "DELETE", "/api/v1/admin/users/user1/keys/%d?token=%s", unittest.NonexistentID, token)
session.MakeRequest(t, req, http.StatusNotFound)
MakeRequest(t, req, http.StatusNotFound)
}

func TestAPIAdminDeleteUnauthorizedKey(t *testing.T) {
defer prepareTestEnv(t)()
adminUsername := "user1"
normalUsername := "user2"
session := loginUser(t, adminUsername)
token := getUserToken(t, adminUsername)

token := getTokenForLoggedInUser(t, session)
urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys?token=%s", adminUsername, token)
req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n",
"title": "test-key",
})
resp := session.MakeRequest(t, req, http.StatusCreated)
resp := MakeRequest(t, req, http.StatusCreated)
var newPublicKey api.PublicKey
DecodeJSON(t, resp, &newPublicKey)

session = loginUser(t, normalUsername)
token = getTokenForLoggedInUser(t, session)
token = getUserToken(t, normalUsername)
req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d?token=%s",
adminUsername, newPublicKey.ID, token)
session.MakeRequest(t, req, http.StatusForbidden)
MakeRequest(t, req, http.StatusForbidden)
}

func TestAPISudoUser(t *testing.T) {
defer prepareTestEnv(t)()
adminUsername := "user1"
normalUsername := "user2"
session := loginUser(t, adminUsername)
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, adminUsername)

urlStr := fmt.Sprintf("/api/v1/user?sudo=%s&token=%s", normalUsername, token)
req := NewRequest(t, "GET", urlStr)
resp := session.MakeRequest(t, req, http.StatusOK)
resp := MakeRequest(t, req, http.StatusOK)
var user api.User
DecodeJSON(t, resp, &user)

Expand All @@ -102,23 +96,21 @@ func TestAPISudoUserForbidden(t *testing.T) {
adminUsername := "user1"
normalUsername := "user2"

session := loginUser(t, normalUsername)
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, normalUsername)

urlStr := fmt.Sprintf("/api/v1/user?sudo=%s&token=%s", adminUsername, token)
req := NewRequest(t, "GET", urlStr)
session.MakeRequest(t, req, http.StatusForbidden)
MakeRequest(t, req, http.StatusForbidden)
}

func TestAPIListUsers(t *testing.T) {
defer prepareTestEnv(t)()
adminUsername := "user1"
session := loginUser(t, adminUsername)
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, adminUsername)

urlStr := fmt.Sprintf("/api/v1/admin/users?token=%s", token)
req := NewRequest(t, "GET", urlStr)
resp := session.MakeRequest(t, req, http.StatusOK)
resp := MakeRequest(t, req, http.StatusOK)
var users []api.User
DecodeJSON(t, resp, &users)

Expand All @@ -142,17 +134,15 @@ func TestAPIListUsersNotLoggedIn(t *testing.T) {
func TestAPIListUsersNonAdmin(t *testing.T) {
defer prepareTestEnv(t)()
nonAdminUsername := "user2"
session := loginUser(t, nonAdminUsername)
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, nonAdminUsername)
req := NewRequestf(t, "GET", "/api/v1/admin/users?token=%s", token)
session.MakeRequest(t, req, http.StatusForbidden)
MakeRequest(t, req, http.StatusForbidden)
}

func TestAPICreateUserInvalidEmail(t *testing.T) {
defer prepareTestEnv(t)()
adminUsername := "user1"
session := loginUser(t, adminUsername)
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, adminUsername)
urlStr := fmt.Sprintf("/api/v1/admin/users?token=%s", token)
req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
"email": "invalid_email@domain.com\r\n",
Expand All @@ -164,14 +154,13 @@ func TestAPICreateUserInvalidEmail(t *testing.T) {
"source_id": "0",
"username": "invalidUser",
})
session.MakeRequest(t, req, http.StatusUnprocessableEntity)
MakeRequest(t, req, http.StatusUnprocessableEntity)
}

func TestAPIEditUser(t *testing.T) {
defer prepareTestEnv(t)()
adminUsername := "user1"
session := loginUser(t, adminUsername)
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, adminUsername)
urlStr := fmt.Sprintf("/api/v1/admin/users/%s?token=%s", "user2", token)

req := NewRequestWithValues(t, "PATCH", urlStr, map[string]string{
Expand All @@ -181,15 +170,15 @@ func TestAPIEditUser(t *testing.T) {
// to change
"full_name": "Full Name User 2",
})
session.MakeRequest(t, req, http.StatusOK)
MakeRequest(t, req, http.StatusOK)

empty := ""
req = NewRequestWithJSON(t, "PATCH", urlStr, api.EditUserOption{
LoginName: "user2",
SourceID: 0,
Email: &empty,
})
resp := session.MakeRequest(t, req, http.StatusUnprocessableEntity)
resp := MakeRequest(t, WithToken(req, token), http.StatusUnprocessableEntity)

errMap := make(map[string]interface{})
json.Unmarshal(resp.Body.Bytes(), &errMap)
Expand All @@ -205,7 +194,7 @@ func TestAPIEditUser(t *testing.T) {
// to change
Restricted: &bTrue,
})
session.MakeRequest(t, req, http.StatusOK)
MakeRequest(t, WithToken(req, token), http.StatusOK)
user2 = unittest.AssertExistsAndLoadBean(t, &user_model.User{LoginName: "user2"}).(*user_model.User)
assert.True(t, user2.IsRestricted)
}
39 changes: 16 additions & 23 deletions integrations/api_branch_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,9 @@ import (
)

func testAPIGetBranch(t *testing.T, branchName string, exists bool) {
session := loginUser(t, "user2")
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user2")
req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branches/%s?token=%s", branchName, token)
resp := session.MakeRequest(t, req, NoExpectedStatus)
resp := MakeRequest(t, req, NoExpectedStatus)
if !exists {
assert.EqualValues(t, http.StatusNotFound, resp.Code)
return
Expand All @@ -32,10 +31,9 @@ func testAPIGetBranch(t *testing.T, branchName string, exists bool) {
}

func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPStatus int) {
session := loginUser(t, "user2")
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user2")
req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branch_protections/%s?token=%s", branchName, token)
resp := session.MakeRequest(t, req, expectedHTTPStatus)
resp := MakeRequest(t, req, expectedHTTPStatus)

if resp.Code == http.StatusOK {
var branchProtection api.BranchProtection
Expand All @@ -45,12 +43,11 @@ func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPSta
}

func testAPICreateBranchProtection(t *testing.T, branchName string, expectedHTTPStatus int) {
session := loginUser(t, "user2")
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user2")
req := NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/branch_protections?token="+token, &api.BranchProtection{
BranchName: branchName,
})
resp := session.MakeRequest(t, req, expectedHTTPStatus)
resp := MakeRequest(t, req, expectedHTTPStatus)

if resp.Code == http.StatusCreated {
var branchProtection api.BranchProtection
Expand All @@ -60,10 +57,9 @@ func testAPICreateBranchProtection(t *testing.T, branchName string, expectedHTTP
}

func testAPIEditBranchProtection(t *testing.T, branchName string, body *api.BranchProtection, expectedHTTPStatus int) {
session := loginUser(t, "user2")
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user2")
req := NewRequestWithJSON(t, "PATCH", "/api/v1/repos/user2/repo1/branch_protections/"+branchName+"?token="+token, body)
resp := session.MakeRequest(t, req, expectedHTTPStatus)
resp := MakeRequest(t, req, expectedHTTPStatus)

if resp.Code == http.StatusOK {
var branchProtection api.BranchProtection
Expand All @@ -73,17 +69,15 @@ func testAPIEditBranchProtection(t *testing.T, branchName string, body *api.Bran
}

func testAPIDeleteBranchProtection(t *testing.T, branchName string, expectedHTTPStatus int) {
session := loginUser(t, "user2")
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user2")
req := NewRequestf(t, "DELETE", "/api/v1/repos/user2/repo1/branch_protections/%s?token=%s", branchName, token)
session.MakeRequest(t, req, expectedHTTPStatus)
MakeRequest(t, req, expectedHTTPStatus)
}

func testAPIDeleteBranch(t *testing.T, branchName string, expectedHTTPStatus int) {
session := loginUser(t, "user2")
token := getTokenForLoggedInUser(t, session)
token := getUserToken(t, "user2")
req := NewRequestf(t, "DELETE", "/api/v1/repos/user2/repo1/branches/%s?token=%s", branchName, token)
session.MakeRequest(t, req, expectedHTTPStatus)
MakeRequest(t, req, expectedHTTPStatus)
}

func TestAPIGetBranch(t *testing.T) {
Expand Down Expand Up @@ -149,18 +143,17 @@ func testAPICreateBranches(t *testing.T, giteaURL *url.URL) {
}
for _, test := range tests {
defer resetFixtures(t)
session := ctx.Session
testAPICreateBranch(t, session, "user2", "my-noo-repo", test.OldBranch, test.NewBranch, test.ExpectedHTTPStatus)
testAPICreateBranch(t, username, "my-noo-repo", test.OldBranch, test.NewBranch, test.ExpectedHTTPStatus)
}
}

func testAPICreateBranch(t testing.TB, session *TestSession, user, repo, oldBranch, newBranch string, status int) bool {
token := getTokenForLoggedInUser(t, session)
func testAPICreateBranch(t testing.TB, user, repo, oldBranch, newBranch string, status int) bool {
token := getUserToken(t, user)
req := NewRequestWithJSON(t, "POST", "/api/v1/repos/"+user+"/"+repo+"/branches?token="+token, &api.CreateBranchRepoOption{
BranchName: newBranch,
OldBranchName: oldBranch,
})
resp := session.MakeRequest(t, req, status)
resp := MakeRequest(t, req, status)

var branch api.Branch
DecodeJSON(t, resp, &branch)
Expand Down
Loading