nune/gitea
nune/gitea
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Fix nuget/conan/container packages upload bugs (#31967) (#31982)

Browse source 
Backport #31967 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
Giteabot 2024-09-05 15:34:41 +08:00 committed by GitHub
parent 244fb11c6b
commit b39aa8528b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 512 additions and 90 deletions
Download patch file Download diff file Expand all files Collapse all files

170
tests/integration/api_packages_conan_test.go
View file

@ -11,6 +11,7 @@ import (
"testing"
"time"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/packages"
conan_model "code.gitea.io/gitea/models/packages/conan"
@ -19,6 +20,7 @@ import (
conan_module "code.gitea.io/gitea/modules/packages/conan"
"code.gitea.io/gitea/modules/setting"
conan_router "code.gitea.io/gitea/routers/api/packages/conan"
package_service "code.gitea.io/gitea/services/packages"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
@ -225,7 +227,7 @@ func TestPackageConan(t *testing.T) {
token := ""
t.Run("Authenticate", func(t *testing.T) {
t.Run("UserName/Password Authenticate", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
req := NewRequest(t, "GET", fmt.Sprintf("%s/v1/users/authenticate", url)).
@ -234,6 +236,73 @@ func TestPackageConan(t *testing.T) {
token = resp.Body.String()
assert.NotEmpty(t, token)
pkgMeta, err := package_service.ParseAuthorizationToken(token)
assert.NoError(t, err)
assert.Equal(t, user.ID, pkgMeta.UserID)
assert.Equal(t, auth_model.AccessTokenScopeAll, pkgMeta.Scope)
})
badToken := ""
t.Run("Token Scope Authentication", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
session := loginUser(t, user.Name)
badToken = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadNotification)
testCase := func(t *testing.T, scope auth_model.AccessTokenScope, expectedAuthStatusCode, expectedStatusCode int) {
t.Helper()
token := getTokenForLoggedInUser(t, session, scope)
req := NewRequest(t, "GET", fmt.Sprintf("%s/v1/users/authenticate", url)).
AddTokenAuth(token)
resp := MakeRequest(t, req, expectedAuthStatusCode)
if expectedAuthStatusCode != http.StatusOK {
return
}
body := resp.Body.String()
assert.NotEmpty(t, body)
pkgMeta, err := package_service.ParseAuthorizationToken(body)
assert.NoError(t, err)
assert.Equal(t, user.ID, pkgMeta.UserID)
assert.Equal(t, scope, pkgMeta.Scope)
recipeURL := fmt.Sprintf("%s/v1/conans/%s/%s/%s/%s", url, "TestScope", version1, "testing", channel1)
req = NewRequestWithJSON(t, "POST", fmt.Sprintf("%s/upload_urls", recipeURL), map[string]int64{
conanfileName: 64,
"removed.txt": 0,
}).AddTokenAuth(token)
MakeRequest(t, req, expectedStatusCode)
}
t.Run("No Package permission", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
testCase(t, auth_model.AccessTokenScopeReadNotification, http.StatusUnauthorized, http.StatusForbidden)
})
t.Run("Package Read permission", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
testCase(t, auth_model.AccessTokenScopeReadPackage, http.StatusOK, http.StatusUnauthorized)
})
t.Run("Package Write permission", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
testCase(t, auth_model.AccessTokenScopeWritePackage, http.StatusOK, http.StatusOK)
})
t.Run("All permission", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
testCase(t, auth_model.AccessTokenScopeAll, http.StatusOK, http.StatusOK)
})
})
t.Run("CheckCredentials", func(t *testing.T) {
@ -431,6 +500,11 @@ func TestPackageConan(t *testing.T) {
req := NewRequestWithJSON(t, "POST", fmt.Sprintf("%s/v1/conans/%s/%s/%s/%s/packages/delete", url, name, version1, user1, c.Channel), map[string][]string{
"package_ids": c.References,
}).AddTokenAuth(badToken)
MakeRequest(t, req, http.StatusUnauthorized)
req = NewRequestWithJSON(t, "POST", fmt.Sprintf("%s/v1/conans/%s/%s/%s/%s/packages/delete", url, name, version1, user1, c.Channel), map[string][]string{
"package_ids": c.References,
}).AddTokenAuth(token)
MakeRequest(t, req, http.StatusOK)
@ -457,6 +531,10 @@ func TestPackageConan(t *testing.T) {
assert.NotEmpty(t, revisions)
req := NewRequest(t, "DELETE", fmt.Sprintf("%s/v1/conans/%s/%s/%s/%s", url, name, version1, user1, c.Channel)).
AddTokenAuth(badToken)
MakeRequest(t, req, http.StatusUnauthorized)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v1/conans/%s/%s/%s/%s", url, name, version1, user1, c.Channel)).
AddTokenAuth(token)
MakeRequest(t, req, http.StatusOK)
@ -480,7 +558,7 @@ func TestPackageConan(t *testing.T) {
token := ""
t.Run("Authenticate", func(t *testing.T) {
t.Run("UserName/Password Authenticate", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
req := NewRequest(t, "GET", fmt.Sprintf("%s/v2/users/authenticate", url)).
@ -490,9 +568,75 @@ func TestPackageConan(t *testing.T) {
body := resp.Body.String()
assert.NotEmpty(t, body)
pkgMeta, err := package_service.ParseAuthorizationToken(body)
assert.NoError(t, err)
assert.Equal(t, user.ID, pkgMeta.UserID)
assert.Equal(t, auth_model.AccessTokenScopeAll, pkgMeta.Scope)
token = fmt.Sprintf("Bearer %s", body)
})
badToken := ""
t.Run("Token Scope Authentication", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
session := loginUser(t, user.Name)
badToken = getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadNotification)
testCase := func(t *testing.T, scope auth_model.AccessTokenScope, expectedAuthStatusCode, expectedStatusCode int) {
t.Helper()
token := getTokenForLoggedInUser(t, session, scope)
req := NewRequest(t, "GET", fmt.Sprintf("%s/v2/users/authenticate", url)).
AddTokenAuth(token)
resp := MakeRequest(t, req, expectedAuthStatusCode)
if expectedAuthStatusCode != http.StatusOK {
return
}
body := resp.Body.String()
assert.NotEmpty(t, body)
pkgMeta, err := package_service.ParseAuthorizationToken(body)
assert.NoError(t, err)
assert.Equal(t, user.ID, pkgMeta.UserID)
assert.Equal(t, scope, pkgMeta.Scope)
recipeURL := fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s", url, "TestScope", version1, "testing", channel1, revision1)
req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/files/%s", recipeURL, conanfileName), strings.NewReader("Demo Conan file")).
AddTokenAuth(token)
MakeRequest(t, req, expectedStatusCode)
}
t.Run("No Package permission", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
testCase(t, auth_model.AccessTokenScopeReadNotification, http.StatusUnauthorized, http.StatusUnauthorized)
})
t.Run("Package Read permission", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
testCase(t, auth_model.AccessTokenScopeReadPackage, http.StatusOK, http.StatusUnauthorized)
})
t.Run("Package Write permission", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
testCase(t, auth_model.AccessTokenScopeWritePackage, http.StatusOK, http.StatusCreated)
})
t.Run("All permission", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
testCase(t, auth_model.AccessTokenScopeAll, http.StatusOK, http.StatusCreated)
})
})
t.Run("CheckCredentials", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
@ -511,7 +655,7 @@ func TestPackageConan(t *testing.T) {
pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeConan)
assert.NoError(t, err)
assert.Len(t, pvs, 2)
assert.Len(t, pvs, 3)
})
})
@ -663,11 +807,19 @@ func TestPackageConan(t *testing.T) {
checkPackageRevisionCount(2)
req := NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s/packages/%s/revisions/%s", url, name, version1, user1, channel1, revision1, conanPackageReference, revision1)).
AddTokenAuth(badToken)
MakeRequest(t, req, http.StatusUnauthorized)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s/packages/%s/revisions/%s", url, name, version1, user1, channel1, revision1, conanPackageReference, revision1)).
AddTokenAuth(token)
MakeRequest(t, req, http.StatusOK)
checkPackageRevisionCount(1)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s/packages/%s", url, name, version1, user1, channel1, revision1, conanPackageReference)).
AddTokenAuth(badToken)
MakeRequest(t, req, http.StatusUnauthorized)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s/packages/%s", url, name, version1, user1, channel1, revision1, conanPackageReference)).
AddTokenAuth(token)
MakeRequest(t, req, http.StatusOK)
@ -678,6 +830,10 @@ func TestPackageConan(t *testing.T) {
checkPackageReferenceCount(1)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s/packages", url, name, version1, user1, channel1, revision2)).
AddTokenAuth(badToken)
MakeRequest(t, req, http.StatusUnauthorized)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s/packages", url, name, version1, user1, channel1, revision2)).
AddTokenAuth(token)
MakeRequest(t, req, http.StatusOK)
@ -699,11 +855,19 @@ func TestPackageConan(t *testing.T) {
checkRecipeRevisionCount(2)
req := NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s", url, name, version1, user1, channel1, revision1)).
AddTokenAuth(badToken)
MakeRequest(t, req, http.StatusUnauthorized)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s/revisions/%s", url, name, version1, user1, channel1, revision1)).
AddTokenAuth(token)
MakeRequest(t, req, http.StatusOK)
checkRecipeRevisionCount(1)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s", url, name, version1, user1, channel1)).
AddTokenAuth(badToken)
MakeRequest(t, req, http.StatusUnauthorized)
req = NewRequest(t, "DELETE", fmt.Sprintf("%s/v2/conans/%s/%s/%s/%s", url, name, version1, user1, channel1)).
AddTokenAuth(token)
MakeRequest(t, req, http.StatusOK)