peter/go-gitea
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

tokens api can only auth via basic auth

Browse Source
This commit is contained in:
Matti Ranta 2018-07-06 14:30:39 -04:00
parent 1afda067ca
commit be1687f44d
No known key found for this signature in database
GPG Key ID: D9B5613BEB813F99
2 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
integrations/api_token_test.go
View File

@ -15,32 +15,36 @@ import (
// TestAPICreateAndDeleteToken tests that token that was just created can be deleted // TestAPICreateAndDeleteToken tests that token that was just created can be deleted
func TestAPICreateAndDeleteToken(t *testing.T) { func TestAPICreateAndDeleteToken(t *testing.T) {
prepareTestEnv(t) prepareTestEnv(t)
session := loginUser(t, "user1") user := models.AssertExistsAndLoadBean(t, &models.User{ID: 1}).(*models.User)
req := NewRequestWithValues(t, "POST", "/api/v1/users/user1/tokens", map[string]string{ req := NewRequestWithJSON(t, "POST", "/api/v1/users/user1/tokens", map[string]string{
"name": "test-key-1", "name": "test-key-1",
}) })
resp := session.MakeRequest(t, req, http.StatusCreated) req = AddBasicAuthHeader(req, user.Name)
resp := MakeRequest(t, req, http.StatusCreated)
// api.AccessToken
var newAccessToken api.AccessToken var newAccessToken api.AccessToken
DecodeJSON(t, resp, &newAccessToken) DecodeJSON(t, resp, &newAccessToken)
models.AssertExistsAndLoadBean(t, &models.AccessToken{ models.AssertExistsAndLoadBean(t, &models.AccessToken{
ID: newAccessToken.ID, ID: newAccessToken.ID,
Name: newAccessToken.Name, Name: newAccessToken.Name,
Sha1: newAccessToken.Sha1, Sha1: newAccessToken.Sha1,
UID: user.ID,
}) })
req = NewRequestf(t, "DELETE", "/api/v1/users/user1/tokens/%d", newAccessToken.ID) req = NewRequestf(t, "DELETE", "/api/v1/users/user1/tokens/%d", newAccessToken.ID)
session.MakeRequest(t, req, http.StatusNoContent) req = AddBasicAuthHeader(req, user.Name)
MakeRequest(t, req, http.StatusNoContent)
models.AssertNotExistsBean(t, &models.AccessToken{ID: newAccessToken.ID}) models.AssertNotExistsBean(t, &models.AccessToken{ID: newAccessToken.ID})
} }
// TestAPIDeleteMissingToken ensures that error is thrown when token not found // TestAPIDeleteMissingToken ensures that error is thrown when token not found
func TestAPIDeleteMissingToken(t *testing.T) { func TestAPIDeleteMissingToken(t *testing.T) {
prepareTestEnv(t) prepareTestEnv(t)
session := loginUser(t, "user1") user := models.AssertExistsAndLoadBean(t, &models.User{ID: 1}).(*models.User)
req := NewRequestf(t, "DELETE", "/api/v1/users/user1/tokens/%d", models.NonexistentID) req := NewRequestf(t, "DELETE", "/api/v1/users/user1/tokens/%d", models.NonexistentID)
session.MakeRequest(t, req, http.StatusNotFound) req = AddBasicAuthHeader(req, user.Name)
MakeRequest(t, req, http.StatusNotFound)
} }

5
integrations/integration_test.go
View File

@ -256,6 +256,11 @@ func NewRequestWithBody(t testing.TB, method, urlStr string, body io.Reader) *ht
return request return request
} }
func AddBasicAuthHeader(request *http.Request, username string) *http.Request {
request.SetBasicAuth(username, userPassword)
return request
}
const NoExpectedStatus = -1 const NoExpectedStatus = -1
func MakeRequest(t testing.TB, req *http.Request, expectedStatus int) *httptest.ResponseRecorder { func MakeRequest(t testing.TB, req *http.Request, expectedStatus int) *httptest.ResponseRecorder {