forkjo/tests/integration/version_test.go
Ada 41676a8634 Fix #2512 /api/forgejo/v1/version auth check (#2582)
Add the same auth check and middlewares as the /v1/ API.
It require to export some variable from /v1 API, i am not sure if is the correct way to do

Co-authored-by: oliverpool <git@olivier.pfad.fr>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2582
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Ada <ada@gnous.eu>
Co-committed-by: Ada <ada@gnous.eu>
2024-03-19 07:16:19 +00:00

62 lines
1.7 KiB
Go

// Copyright 2017 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package integration
import (
"net/http"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/routers"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
)
func TestVersion(t *testing.T) {
defer tests.PrepareTestEnv(t)()
t.Run("Version", func(t *testing.T) {
setting.AppVer = "test-version-1"
req := NewRequest(t, "GET", "/api/v1/version")
resp := MakeRequest(t, req, http.StatusOK)
var version structs.ServerVersion
DecodeJSON(t, resp, &version)
assert.Equal(t, setting.AppVer, version.Version)
})
t.Run("Versions with REQUIRE_SIGNIN_VIEW enabled", func(t *testing.T) {
defer test.MockVariableValue(&setting.Service.RequireSignInView, true)()
defer test.MockVariableValue(&testWebRoutes, routers.NormalRoutes())()
setting.AppVer = "test-version-1"
t.Run("Get version without auth", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
// GET api without auth
req := NewRequest(t, "GET", "/api/v1/version")
MakeRequest(t, req, http.StatusForbidden)
})
t.Run("Get version without auth", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
username := "user1"
session := loginUser(t, username)
token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
// GET api with auth
req := NewRequest(t, "GET", "/api/v1/version").AddTokenAuth(token)
resp := MakeRequest(t, req, http.StatusOK)
var version structs.ServerVersion
DecodeJSON(t, resp, &version)
assert.Equal(t, setting.AppVer, version.Version)
})
})
}