Skip to content

Commit a1baff5

Browse files
zeripathzeripath
committed
Add integration test
1 parent 6bd8fb1 commit a1baff5

File tree

1 file changed

+102
-0
lines changed

1 file changed

+102
-0
lines changed

integrations/api_keys_test.go

Lines changed: 102 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,8 +7,11 @@ package integrations
77
import (
88
"fmt"
99
"net/http"
10+
"net/url"
1011
"testing"
1112

13+
"github.com/stretchr/testify/assert"
14+
1215
"code.gitea.io/gitea/models"
1316
api "code.gitea.io/sdk/gitea"
1417
)
@@ -90,3 +93,102 @@ func TestCreateReadWriteDeployKey(t *testing.T) {
9093
Mode: models.AccessModeWrite,
9194
})
9295
}
96+
97+
func TestCreateUserKey(t *testing.T) {
98+
prepareTestEnv(t)
99+
user := models.AssertExistsAndLoadBean(t, &models.User{Name: "user1"}).(*models.User)
100+
101+
session := loginUser(t, "user1")
102+
token := url.QueryEscape(getTokenForLoggedInUser(t, session))
103+
keysURL := fmt.Sprintf("/api/v1/user/keys?token=%s", token)
104+
keyType := "ssh-rsa"
105+
keyContent := "AAAAB3NzaC1yc2EAAAADAQABAAABAQCyTiPTeHJl6Gs5D1FyHT0qTWpVkAy9+LIKjctQXklrePTvUNVrSpt4r2exFYXNMPeA8V0zCrc3Kzs1SZw3jWkG3i53te9onCp85DqyatxOD2pyZ30/gPn1ZUg40WowlFM8gsUFMZqaH7ax6d8nsBKW7N/cRyqesiOQEV9up3tnKjIB8XMTVvC5X4rBWgywz7AFxSv8mmaTHnUgVW4LgMPwnTWo0pxtiIWbeMLyrEE4hIM74gSwp6CRQYo6xnG3fn4yWkcK2X2mT9adQ241IDdwpENJHcry/T6AJ8dNXduEZ67egnk+rVlQ2HM4LpymAv9DAAFFeaQK0hT+3aMDoumV"
106+
rawKeyBody := api.CreateKeyOption{
107+
Title: "test-key",
108+
Key: keyType + " " + keyContent,
109+
}
110+
req := NewRequestWithJSON(t, "POST", keysURL, rawKeyBody)
111+
resp := session.MakeRequest(t, req, http.StatusCreated)
112+
113+
var newPublicKey api.PublicKey
114+
DecodeJSON(t, resp, &newPublicKey)
115+
models.AssertExistsAndLoadBean(t, &models.PublicKey{
116+
ID: newPublicKey.ID,
117+
OwnerID: user.ID,
118+
Name: rawKeyBody.Title,
119+
Content: rawKeyBody.Key,
120+
Mode: models.AccessModeWrite,
121+
})
122+
123+
// Search by fingerprint
124+
fingerprintURL := fmt.Sprintf("/api/v1/user/keys?token=%s&fingerprint=%s", token, newPublicKey.Fingerprint)
125+
126+
req = NewRequest(t, "GET", fingerprintURL)
127+
resp = session.MakeRequest(t, req, http.StatusOK)
128+
129+
var fingerprintPublicKeys []api.PublicKey
130+
DecodeJSON(t, resp, &fingerprintPublicKeys)
131+
assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)
132+
assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)
133+
assert.Equal(t, user.ID, fingerprintPublicKeys[0].Owner.ID)
134+
135+
fingerprintURL = fmt.Sprintf("/api/v1/users/%s/keys?token=%s&fingerprint=%s", user.Name, token, newPublicKey.Fingerprint)
136+
137+
req = NewRequest(t, "GET", fingerprintURL)
138+
resp = session.MakeRequest(t, req, http.StatusOK)
139+
140+
DecodeJSON(t, resp, &fingerprintPublicKeys)
141+
assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)
142+
assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)
143+
assert.Equal(t, user.ID, fingerprintPublicKeys[0].Owner.ID)
144+
145+
// Fail search by fingerprint
146+
fingerprintURL = fmt.Sprintf("/api/v1/user/keys?token=%s&fingerprint=%sA", token, newPublicKey.Fingerprint)
147+
148+
req = NewRequest(t, "GET", fingerprintURL)
149+
resp = session.MakeRequest(t, req, http.StatusOK)
150+
151+
DecodeJSON(t, resp, &fingerprintPublicKeys)
152+
assert.Len(t, fingerprintPublicKeys, 0)
153+
154+
// Fail searching for wrong users key
155+
fingerprintURL = fmt.Sprintf("/api/v1/users/%s/keys?token=%s&fingerprint=%s", "user2", token, newPublicKey.Fingerprint)
156+
req = NewRequest(t, "GET", fingerprintURL)
157+
resp = session.MakeRequest(t, req, http.StatusOK)
158+
159+
DecodeJSON(t, resp, &fingerprintPublicKeys)
160+
assert.Len(t, fingerprintPublicKeys, 0)
161+
162+
// Now login as user 2
163+
session2 := loginUser(t, "user2")
164+
token2 := url.QueryEscape(getTokenForLoggedInUser(t, session2))
165+
166+
// Should find key even though not ours, but we shouldn't know whose it is
167+
fingerprintURL = fmt.Sprintf("/api/v1/user/keys?token=%s&fingerprint=%s", token2, newPublicKey.Fingerprint)
168+
req = NewRequest(t, "GET", fingerprintURL)
169+
resp = session.MakeRequest(t, req, http.StatusOK)
170+
171+
DecodeJSON(t, resp, &fingerprintPublicKeys)
172+
assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)
173+
assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)
174+
assert.Nil(t, fingerprintPublicKeys[0].Owner)
175+
176+
// Should find key even though not ours, but we shouldn't know whose it is
177+
fingerprintURL = fmt.Sprintf("/api/v1/users/%s/keys?token=%s&fingerprint=%s", user.Name, token2, newPublicKey.Fingerprint)
178+
179+
req = NewRequest(t, "GET", fingerprintURL)
180+
resp = session.MakeRequest(t, req, http.StatusOK)
181+
182+
DecodeJSON(t, resp, &fingerprintPublicKeys)
183+
assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)
184+
assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)
185+
assert.Nil(t, fingerprintPublicKeys[0].Owner)
186+
187+
// Fail when searching for key if it is not ours
188+
fingerprintURL = fmt.Sprintf("/api/v1/users/%s/keys?token=%s&fingerprint=%s", "user2", token2, newPublicKey.Fingerprint)
189+
req = NewRequest(t, "GET", fingerprintURL)
190+
resp = session.MakeRequest(t, req, http.StatusOK)
191+
192+
DecodeJSON(t, resp, &fingerprintPublicKeys)
193+
assert.Len(t, fingerprintPublicKeys, 0)
194+
}

0 commit comments

Comments
 (0)