forgejo/tests/integration/repofiles_change_test.go

455 lines
17 KiB
Go
Raw Normal View History

2019-05-11 17:29:17 +02:00
// Copyright 2019 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
2019-05-11 17:29:17 +02:00
package integration
2019-05-11 17:29:17 +02:00
import (
"net/url"
"path/filepath"
"strings"
2019-05-11 17:29:17 +02:00
"testing"
"time"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
2019-05-11 17:29:17 +02:00
"code.gitea.io/gitea/modules/git"
"code.gitea.io/gitea/modules/gitrepo"
2019-05-11 17:29:17 +02:00
"code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs"
files_service "code.gitea.io/gitea/services/repository/files"
"code.gitea.io/gitea/tests"
2019-05-11 17:29:17 +02:00
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
2019-05-11 17:29:17 +02:00
)
func getCreateRepoFilesOptions(repo *repo_model.Repository) *files_service.ChangeRepoFilesOptions {
return &files_service.ChangeRepoFilesOptions{
Files: []*files_service.ChangeRepoFile{
{
Operation: "create",
TreePath: "new/file.txt",
ContentReader: strings.NewReader("This is a NEW file"),
},
},
2019-05-11 17:29:17 +02:00
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
Message: "Creates new/file.txt",
Author: nil,
Committer: nil,
}
}
func getUpdateRepoFilesOptions(repo *repo_model.Repository) *files_service.ChangeRepoFilesOptions {
return &files_service.ChangeRepoFilesOptions{
Files: []*files_service.ChangeRepoFile{
{
Operation: "update",
TreePath: "README.md",
SHA: "4b4851ad51df6a7d9f25c979345979eaeb5b349f",
ContentReader: strings.NewReader("This is UPDATED content for the README file"),
},
},
2019-05-11 17:29:17 +02:00
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
Message: "Updates README.md",
Author: nil,
Committer: nil,
}
}
func getDeleteRepoFilesOptions(repo *repo_model.Repository) *files_service.ChangeRepoFilesOptions {
return &files_service.ChangeRepoFilesOptions{
Files: []*files_service.ChangeRepoFile{
{
Operation: "delete",
TreePath: "README_new.md",
SHA: "dbf8d00e022e05b7e5cf7e535de857de57925647",
},
},
LastCommitID: "",
OldBranch: repo.DefaultBranch,
NewBranch: repo.DefaultBranch,
Message: "Deletes README.md",
Author: &files_service.IdentityOptions{
Name: "Bob Smith",
Email: "bob@smith.com",
},
Committer: nil,
}
}
func getExpectedFileResponseForRepofilesDelete() *api.FileResponse {
// Just returns fields that don't change, i.e. fields with commit SHAs and dates can't be determined
return &api.FileResponse{
Content: nil,
Commit: &api.FileCommitResponse{
Author: &api.CommitUser{
Identity: api.Identity{
Name: "Bob Smith",
Email: "bob@smith.com",
},
},
Committer: &api.CommitUser{
Identity: api.Identity{
Name: "Bob Smith",
Email: "bob@smith.com",
},
},
Message: "Deletes README.md\n",
},
Verification: &api.PayloadCommitVerification{
Verified: false,
Reason: "gpg.error.not_signed_commit",
Signature: "",
Payload: "",
},
}
}
func getExpectedFileResponseForRepofilesCreate(commitID, lastCommitSHA string) *api.FileResponse {
treePath := "new/file.txt"
encoding := "base64"
content := "VGhpcyBpcyBhIE5FVyBmaWxl"
selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + treePath + "?ref=master"
htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + treePath
gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/103ff9234cefeee5ec5361d22b49fbb04d385885"
downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + treePath
2019-05-11 17:29:17 +02:00
return &api.FileResponse{
Content: &api.ContentsResponse{
Name: filepath.Base(treePath),
Path: treePath,
SHA: "103ff9234cefeee5ec5361d22b49fbb04d385885",
LastCommitSHA: lastCommitSHA,
Type: "file",
Size: 18,
Encoding: &encoding,
Content: &content,
URL: &selfURL,
HTMLURL: &htmlURL,
GitURL: &gitURL,
DownloadURL: &downloadURL,
2019-05-11 17:29:17 +02:00
Links: &api.FileLinksResponse{
Self: &selfURL,
GitURL: &gitURL,
HTMLURL: &htmlURL,
2019-05-11 17:29:17 +02:00
},
},
Commit: &api.FileCommitResponse{
CommitMeta: api.CommitMeta{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/" + commitID,
SHA: commitID,
},
HTMLURL: setting.AppURL + "user2/repo1/commit/" + commitID,
Author: &api.CommitUser{
Identity: api.Identity{
Name: "User Two",
Email: "user2@noreply.example.org",
},
Date: time.Now().UTC().Format(time.RFC3339),
},
Committer: &api.CommitUser{
Identity: api.Identity{
Name: "User Two",
Email: "user2@noreply.example.org",
},
Date: time.Now().UTC().Format(time.RFC3339),
},
Parents: []*api.CommitMeta{
{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/65f1bf27bc3bf70f64657658635e66094edbcb4d",
SHA: "65f1bf27bc3bf70f64657658635e66094edbcb4d",
},
},
Message: "Updates README.md\n",
Tree: &api.CommitMeta{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/trees/f93e3a1a1525fb5b91020da86e44810c87a2d7bc",
SHA: "f93e3a1a1525fb5b91020git dda86e44810c87a2d7bc",
},
},
Verification: &api.PayloadCommitVerification{
Verified: false,
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however. ## Features - [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.) - [x] Verify commits signed with the default gpg as valid - [x] Signer, Committer and Author can all be different - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon. - [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg - [x] Try to match the default key with a user on gitea - this is done at verification time - [x] Make things configurable? - app.ini configuration done - [x] when checking commits are signed need to check if they're actually verifiable too - [x] Add documentation I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 15:42:42 +02:00
Reason: "gpg.error.not_signed_commit",
2019-05-11 17:29:17 +02:00
Signature: "",
Payload: "",
},
}
}
func getExpectedFileResponseForRepofilesUpdate(commitID, filename, lastCommitSHA string) *api.FileResponse {
encoding := "base64"
content := "VGhpcyBpcyBVUERBVEVEIGNvbnRlbnQgZm9yIHRoZSBSRUFETUUgZmlsZQ=="
selfURL := setting.AppURL + "api/v1/repos/user2/repo1/contents/" + filename + "?ref=master"
htmlURL := setting.AppURL + "user2/repo1/src/branch/master/" + filename
gitURL := setting.AppURL + "api/v1/repos/user2/repo1/git/blobs/dbf8d00e022e05b7e5cf7e535de857de57925647"
downloadURL := setting.AppURL + "user2/repo1/raw/branch/master/" + filename
2019-05-11 17:29:17 +02:00
return &api.FileResponse{
Content: &api.ContentsResponse{
Name: filename,
Path: filename,
SHA: "dbf8d00e022e05b7e5cf7e535de857de57925647",
LastCommitSHA: lastCommitSHA,
Type: "file",
Size: 43,
Encoding: &encoding,
Content: &content,
URL: &selfURL,
HTMLURL: &htmlURL,
GitURL: &gitURL,
DownloadURL: &downloadURL,
2019-05-11 17:29:17 +02:00
Links: &api.FileLinksResponse{
Self: &selfURL,
GitURL: &gitURL,
HTMLURL: &htmlURL,
2019-05-11 17:29:17 +02:00
},
},
Commit: &api.FileCommitResponse{
CommitMeta: api.CommitMeta{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/" + commitID,
SHA: commitID,
},
HTMLURL: setting.AppURL + "user2/repo1/commit/" + commitID,
Author: &api.CommitUser{
Identity: api.Identity{
Name: "User Two",
Email: "user2@noreply.example.org",
},
Date: time.Now().UTC().Format(time.RFC3339),
},
Committer: &api.CommitUser{
Identity: api.Identity{
Name: "User Two",
Email: "user2@noreply.example.org",
},
Date: time.Now().UTC().Format(time.RFC3339),
},
Parents: []*api.CommitMeta{
{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/commits/65f1bf27bc3bf70f64657658635e66094edbcb4d",
SHA: "65f1bf27bc3bf70f64657658635e66094edbcb4d",
},
},
Message: "Updates README.md\n",
Tree: &api.CommitMeta{
URL: setting.AppURL + "api/v1/repos/user2/repo1/git/trees/f93e3a1a1525fb5b91020da86e44810c87a2d7bc",
SHA: "f93e3a1a1525fb5b91020da86e44810c87a2d7bc",
},
},
Verification: &api.PayloadCommitVerification{
Verified: false,
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631) This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however. ## Features - [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.) - [x] Verify commits signed with the default gpg as valid - [x] Signer, Committer and Author can all be different - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon. - [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg - [x] Try to match the default key with a user on gitea - this is done at verification time - [x] Make things configurable? - app.ini configuration done - [x] when checking commits are signed need to check if they're actually verifiable too - [x] Add documentation I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 15:42:42 +02:00
Reason: "gpg.error.not_signed_commit",
2019-05-11 17:29:17 +02:00
Signature: "",
Payload: "",
},
}
}
func TestChangeRepoFiles(t *testing.T) {
2019-05-11 17:29:17 +02:00
onGiteaRun(t, func(t *testing.T, u *url.URL) {
doer := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
2019-05-11 17:29:17 +02:00
gitRepo, err := gitrepo.OpenRepository(git.DefaultContext, repo)
require.NoError(t, err)
defer gitRepo.Close()
t.Run("Create", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
opts := getCreateRepoFilesOptions(repo)
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
require.NoError(t, err)
commitID, err := gitRepo.GetBranchCommitID(opts.NewBranch)
require.NoError(t, err)
lastCommit, err := gitRepo.GetCommitByPath("new/file.txt")
require.NoError(t, err)
expectedFileResponse := getExpectedFileResponseForRepofilesCreate(commitID, lastCommit.ID.String())
assert.EqualValues(t, expectedFileResponse.Content, filesResponse.Files[0])
assert.EqualValues(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, filesResponse.Commit.Author.Email)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, filesResponse.Commit.Author.Name)
})
2019-05-11 17:29:17 +02:00
t.Run("Update", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
opts := getUpdateRepoFilesOptions(repo)
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
require.NoError(t, err)
commit, err := gitRepo.GetBranchCommit(opts.NewBranch)
require.NoError(t, err)
lastCommit, err := commit.GetCommitByPath(opts.Files[0].TreePath)
require.NoError(t, err)
expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String())
assert.EqualValues(t, expectedFileResponse.Content, filesResponse.Files[0])
assert.EqualValues(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Email, filesResponse.Commit.Author.Email)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Name, filesResponse.Commit.Author.Name)
})
t.Run("Update and move", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
opts := getUpdateRepoFilesOptions(repo)
opts.Files[0].SHA = "dbf8d00e022e05b7e5cf7e535de857de57925647"
opts.Files[0].FromTreePath = "README.md"
opts.Files[0].TreePath = "README_new.md" // new file name, README_new.md
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
require.NoError(t, err)
commit, err := gitRepo.GetBranchCommit(opts.NewBranch)
require.NoError(t, err)
lastCommit, err := commit.GetCommitByPath(opts.Files[0].TreePath)
require.NoError(t, err)
expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String())
// assert that the old file no longer exists in the last commit of the branch
fromEntry, err := commit.GetTreeEntryByPath(opts.Files[0].FromTreePath)
switch err.(type) {
case git.ErrNotExist:
// correct, continue
default:
t.Fatalf("expected git.ErrNotExist, got:%v", err)
}
toEntry, err := commit.GetTreeEntryByPath(opts.Files[0].TreePath)
require.NoError(t, err)
assert.Nil(t, fromEntry) // Should no longer exist here
assert.NotNil(t, toEntry) // Should exist here
// assert SHA has remained the same but paths use the new file name
assert.EqualValues(t, expectedFileResponse.Content.SHA, filesResponse.Files[0].SHA)
assert.EqualValues(t, expectedFileResponse.Content.Name, filesResponse.Files[0].Name)
assert.EqualValues(t, expectedFileResponse.Content.Path, filesResponse.Files[0].Path)
assert.EqualValues(t, expectedFileResponse.Content.URL, filesResponse.Files[0].URL)
assert.EqualValues(t, expectedFileResponse.Commit.SHA, filesResponse.Commit.SHA)
assert.EqualValues(t, expectedFileResponse.Commit.HTMLURL, filesResponse.Commit.HTMLURL)
})
t.Run("Change without branch names", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
opts := getUpdateRepoFilesOptions(repo)
opts.OldBranch = ""
opts.NewBranch = ""
opts.Files[0].TreePath = "README_new.md"
opts.Files[0].SHA = "dbf8d00e022e05b7e5cf7e535de857de57925647"
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
require.NoError(t, err)
commit, _ := gitRepo.GetBranchCommit(repo.DefaultBranch)
lastCommit, _ := commit.GetCommitByPath(opts.Files[0].TreePath)
expectedFileResponse := getExpectedFileResponseForRepofilesUpdate(commit.ID.String(), opts.Files[0].TreePath, lastCommit.ID.String())
assert.EqualValues(t, expectedFileResponse.Content, filesResponse.Files[0])
})
2019-05-11 17:29:17 +02:00
t.Run("Delete files", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
opts := getDeleteRepoFilesOptions(repo)
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
require.NoError(t, err)
expectedFileResponse := getExpectedFileResponseForRepofilesDelete()
assert.NotNil(t, filesResponse)
assert.Nil(t, filesResponse.Files[0])
assert.EqualValues(t, expectedFileResponse.Commit.Message, filesResponse.Commit.Message)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Identity, filesResponse.Commit.Author.Identity)
assert.EqualValues(t, expectedFileResponse.Commit.Committer.Identity, filesResponse.Commit.Committer.Identity)
assert.EqualValues(t, expectedFileResponse.Verification, filesResponse.Verification)
filesResponse, err = files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
assert.Nil(t, filesResponse)
expectedError := "repository file does not exist [path: " + opts.Files[0].TreePath + "]"
assert.EqualError(t, err, expectedError)
})
t.Run("Delete without branch name", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
opts := getDeleteRepoFilesOptions(repo)
opts.OldBranch = ""
opts.NewBranch = ""
opts.Files[0].SHA = "103ff9234cefeee5ec5361d22b49fbb04d385885"
opts.Files[0].TreePath = "new/file.txt"
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
require.NoError(t, err)
expectedFileResponse := getExpectedFileResponseForRepofilesDelete()
assert.NotNil(t, filesResponse)
assert.Nil(t, filesResponse.Files[0])
assert.EqualValues(t, expectedFileResponse.Commit.Message, filesResponse.Commit.Message)
assert.EqualValues(t, expectedFileResponse.Commit.Author.Identity, filesResponse.Commit.Author.Identity)
assert.EqualValues(t, expectedFileResponse.Commit.Committer.Identity, filesResponse.Commit.Committer.Identity)
assert.EqualValues(t, expectedFileResponse.Verification, filesResponse.Verification)
})
})
}
func TestChangeRepoFilesErrors(t *testing.T) {
2019-05-11 17:29:17 +02:00
// setup
onGiteaRun(t, func(t *testing.T, u *url.URL) {
doer := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
2019-05-11 17:29:17 +02:00
t.Run("bad branch", func(t *testing.T) {
opts := getUpdateRepoFilesOptions(repo)
2019-05-11 17:29:17 +02:00
opts.OldBranch = "bad_branch"
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
require.Error(t, err)
assert.Nil(t, filesResponse)
2019-05-11 17:29:17 +02:00
expectedError := "branch does not exist [name: " + opts.OldBranch + "]"
assert.EqualError(t, err, expectedError)
})
t.Run("bad SHA", func(t *testing.T) {
opts := getUpdateRepoFilesOptions(repo)
origSHA := opts.Files[0].SHA
opts.Files[0].SHA = "bad_sha"
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
assert.Nil(t, filesResponse)
require.Error(t, err)
expectedError := "sha does not match [given: " + opts.Files[0].SHA + ", expected: " + origSHA + "]"
2019-05-11 17:29:17 +02:00
assert.EqualError(t, err, expectedError)
})
t.Run("new branch already exists", func(t *testing.T) {
opts := getUpdateRepoFilesOptions(repo)
2019-05-11 17:29:17 +02:00
opts.NewBranch = "develop"
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
assert.Nil(t, filesResponse)
require.Error(t, err)
2019-05-11 17:29:17 +02:00
expectedError := "branch already exists [name: " + opts.NewBranch + "]"
assert.EqualError(t, err, expectedError)
})
t.Run("treePath is empty:", func(t *testing.T) {
opts := getUpdateRepoFilesOptions(repo)
opts.Files[0].TreePath = ""
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
assert.Nil(t, filesResponse)
require.Error(t, err)
2019-05-11 17:29:17 +02:00
expectedError := "path contains a malformed path component [path: ]"
assert.EqualError(t, err, expectedError)
})
t.Run("treePath is a git directory:", func(t *testing.T) {
opts := getUpdateRepoFilesOptions(repo)
opts.Files[0].TreePath = ".git"
filesResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
assert.Nil(t, filesResponse)
require.Error(t, err)
expectedError := "path contains a malformed path component [path: " + opts.Files[0].TreePath + "]"
2019-05-11 17:29:17 +02:00
assert.EqualError(t, err, expectedError)
})
t.Run("create file that already exists", func(t *testing.T) {
opts := getCreateRepoFilesOptions(repo)
opts.Files[0].TreePath = "README.md" // already exists
fileResponse, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, doer, opts)
2019-05-11 17:29:17 +02:00
assert.Nil(t, fileResponse)
require.Error(t, err)
expectedError := "repository file already exists [path: " + opts.Files[0].TreePath + "]"
2019-05-11 17:29:17 +02:00
assert.EqualError(t, err, expectedError)
})
})
}