2017-11-02 20:51:03 +03:00
// Copyright 2017 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2017-11-02 20:51:03 +03:00
2022-09-02 22:18:23 +03:00
package integration
2017-11-02 20:51:03 +03:00
import (
Prevent double use of `git cat-file` session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297
Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)
commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)
entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)
b := entry.Blob()
// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()
// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```
The problem is the check in `CatFileBatch`:
https://github.com/go-gitea/gitea/blob/79217ea63c1f77de7ca79813ae45950724e63d02/modules/git/repo_base_nogogit.go#L81-L87
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.
(cherry picked from commit f74c869221624092999097af38b6f7fae4701420)
2024-02-21 21:54:17 +03:00
"bytes"
2024-04-27 19:50:35 +03:00
"crypto/rand"
2021-04-10 11:27:29 +03:00
"encoding/hex"
2018-01-16 14:07:47 +03:00
"fmt"
2019-02-12 18:09:43 +03:00
"net/http"
2017-12-08 15:21:37 +03:00
"net/url"
2021-09-22 08:38:34 +03:00
"os"
2019-02-12 18:09:43 +03:00
"path"
2017-11-02 20:51:03 +03:00
"path/filepath"
2019-05-31 13:12:15 +03:00
"strconv"
2017-11-02 20:51:03 +03:00
"testing"
"time"
2023-01-18 00:46:03 +03:00
auth_model "code.gitea.io/gitea/models/auth"
2022-05-20 17:08:52 +03:00
"code.gitea.io/gitea/models/db"
2024-02-25 21:50:46 +03:00
git_model "code.gitea.io/gitea/models/git"
2022-06-13 12:37:59 +03:00
issues_model "code.gitea.io/gitea/models/issues"
2021-11-28 14:58:28 +03:00
"code.gitea.io/gitea/models/perm"
2021-12-10 04:27:50 +03:00
repo_model "code.gitea.io/gitea/models/repo"
2021-11-16 11:53:21 +03:00
"code.gitea.io/gitea/models/unittest"
2021-11-24 12:49:20 +03:00
user_model "code.gitea.io/gitea/models/user"
2019-03-27 12:33:00 +03:00
"code.gitea.io/gitea/modules/git"
Prevent double use of `git cat-file` session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297
Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)
commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)
entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)
b := entry.Blob()
// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()
// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```
The problem is the check in `CatFileBatch`:
https://github.com/go-gitea/gitea/blob/79217ea63c1f77de7ca79813ae45950724e63d02/modules/git/repo_base_nogogit.go#L81-L87
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.
(cherry picked from commit f74c869221624092999097af38b6f7fae4701420)
2024-02-21 21:54:17 +03:00
"code.gitea.io/gitea/modules/gitrepo"
2021-04-09 01:25:57 +03:00
"code.gitea.io/gitea/modules/lfs"
2019-10-12 03:13:27 +03:00
"code.gitea.io/gitea/modules/setting"
2019-05-31 13:12:15 +03:00
api "code.gitea.io/gitea/modules/structs"
2024-02-27 10:12:22 +03:00
gitea_context "code.gitea.io/gitea/services/context"
Prevent double use of `git cat-file` session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297
Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)
commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)
entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)
b := entry.Blob()
// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()
// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```
The problem is the check in `CatFileBatch`:
https://github.com/go-gitea/gitea/blob/79217ea63c1f77de7ca79813ae45950724e63d02/modules/git/repo_base_nogogit.go#L81-L87
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.
(cherry picked from commit f74c869221624092999097af38b6f7fae4701420)
2024-02-21 21:54:17 +03:00
files_service "code.gitea.io/gitea/services/repository/files"
2022-09-02 22:18:23 +03:00
"code.gitea.io/gitea/tests"
2017-11-02 20:51:03 +03:00
"github.com/stretchr/testify/assert"
2024-02-14 02:35:38 +03:00
"github.com/stretchr/testify/require"
2017-11-02 20:51:03 +03:00
)
2018-01-16 14:07:47 +03:00
const (
2022-01-20 20:46:10 +03:00
littleSize = 1024 // 1ko
bigSize = 128 * 1024 * 1024 // 128Mo
2018-01-16 14:07:47 +03:00
)
2019-02-04 02:56:53 +03:00
func TestGit ( t * testing . T ) {
onGiteaRun ( t , testGit )
}
2017-11-02 20:51:03 +03:00
2019-02-04 02:56:53 +03:00
func testGit ( t * testing . T , u * url . URL ) {
username := "user2"
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
- `activitypub`
- `admin` (hidden if user is not a site admin)
- `misc`
- `notification`
- `organization`
- `package`
- `issue`
- `repository`
- `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
- `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
- `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection
### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">
## tokenRequiresScopes Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error
## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
- _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
- _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
- _This should be addressed in this PR_
- For example:
```go
m.Group("/users/{username}/orgs", func() {
m.Get("", reqToken(), org.ListUserOrgs)
m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
```
## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default
Closes #24501
Closes #24799
Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 21:57:16 +03:00
baseAPITestContext := NewAPITestContext ( t , username , "repo1" , auth_model . AccessTokenScopeWriteRepository , auth_model . AccessTokenScopeWriteUser )
2017-11-02 20:51:03 +03:00
2019-02-04 02:56:53 +03:00
u . Path = baseAPITestContext . GitPath ( )
2017-11-02 20:51:03 +03:00
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
- `activitypub`
- `admin` (hidden if user is not a site admin)
- `misc`
- `notification`
- `organization`
- `package`
- `issue`
- `repository`
- `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
- `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
- `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection
### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">
## tokenRequiresScopes Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error
## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
- _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
- _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
- _This should be addressed in this PR_
- For example:
```go
m.Group("/users/{username}/orgs", func() {
m.Get("", reqToken(), org.ListUserOrgs)
m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
```
## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default
Closes #24501
Closes #24799
Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 21:57:16 +03:00
forkedUserCtx := NewAPITestContext ( t , "user4" , "repo1" , auth_model . AccessTokenScopeWriteRepository , auth_model . AccessTokenScopeWriteUser )
2019-06-22 20:35:34 +03:00
2019-02-04 02:56:53 +03:00
t . Run ( "HTTP" , func ( t * testing . T ) {
2019-06-22 20:35:34 +03:00
ensureAnonymousClone ( t , u )
2024-05-16 12:25:52 +03:00
forEachObjectFormat ( t , func ( t * testing . T , objectFormat git . ObjectFormat ) {
defer tests . PrintCurrentTest ( t ) ( )
httpContext := baseAPITestContext
httpContext . Reponame = "repo-tmp-17-" + objectFormat . Name ( )
forkedUserCtx . Reponame = httpContext . Reponame
2019-06-22 20:35:34 +03:00
2024-05-16 12:25:52 +03:00
dstPath := t . TempDir ( )
2019-02-12 18:09:43 +03:00
2024-05-16 12:25:52 +03:00
t . Run ( "CreateRepoInDifferentUser" , doAPICreateRepository ( forkedUserCtx , false , objectFormat ) )
t . Run ( "AddUserAsCollaborator" , doAPIAddCollaborator ( forkedUserCtx , httpContext . Username , perm . AccessModeRead ) )
2019-02-12 18:09:43 +03:00
2024-05-16 12:25:52 +03:00
t . Run ( "ForkFromDifferentUser" , doAPIForkRepository ( httpContext , forkedUserCtx . Username ) )
2019-05-28 13:32:41 +03:00
2024-05-16 12:25:52 +03:00
u . Path = httpContext . GitPath ( )
u . User = url . UserPassword ( username , userPassword )
2022-01-24 00:19:32 +03:00
2024-05-16 12:25:52 +03:00
t . Run ( "Clone" , doGitClone ( dstPath , u ) )
2022-01-24 00:19:32 +03:00
2024-05-16 12:25:52 +03:00
dstPath2 := t . TempDir ( )
2019-02-12 18:09:43 +03:00
2024-05-16 12:25:52 +03:00
t . Run ( "Partial Clone" , doPartialGitClone ( dstPath2 , u ) )
2019-05-31 13:12:15 +03:00
little , big := standardCommitAndPushTest ( t , dstPath )
littleLFS , bigLFS := lfsCommitAndPushTest ( t , dstPath )
2024-05-16 12:25:52 +03:00
rawTest ( t , & httpContext , little , big , littleLFS , bigLFS )
mediaTest ( t , & httpContext , little , big , littleLFS , bigLFS )
t . Run ( "CreateAgitFlowPull" , doCreateAgitFlowPull ( dstPath , & httpContext , "test/head" ) )
t . Run ( "InternalReferences" , doInternalReferences ( & httpContext , dstPath ) )
2024-06-01 15:13:30 +03:00
t . Run ( "BranchProtect" , doBranchProtect ( & httpContext , dstPath ) )
2024-05-16 12:25:52 +03:00
t . Run ( "AutoMerge" , doAutoPRMerge ( & httpContext , dstPath ) )
t . Run ( "CreatePRAndSetManuallyMerged" , doCreatePRAndSetManuallyMerged ( httpContext , httpContext , dstPath , "master" , "test-manually-merge" ) )
2019-06-22 20:35:34 +03:00
t . Run ( "MergeFork" , func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2024-05-16 12:25:52 +03:00
t . Run ( "CreatePRAndMerge" , doMergeFork ( httpContext , forkedUserCtx , "master" , httpContext . Username + ":master" ) )
2019-06-22 20:35:34 +03:00
rawTest ( t , & forkedUserCtx , little , big , littleLFS , bigLFS )
mediaTest ( t , & forkedUserCtx , little , big , littleLFS , bigLFS )
} )
2019-12-15 05:49:52 +03:00
2024-05-16 12:25:52 +03:00
t . Run ( "PushCreate" , doPushCreate ( httpContext , u , objectFormat ) )
} )
} )
t . Run ( "SSH" , func ( t * testing . T ) {
forEachObjectFormat ( t , func ( t * testing . T , objectFormat git . ObjectFormat ) {
defer tests . PrintCurrentTest ( t ) ( )
sshContext := baseAPITestContext
sshContext . Reponame = "repo-tmp-18-" + objectFormat . Name ( )
keyname := "my-testing-key"
forkedUserCtx . Reponame = sshContext . Reponame
t . Run ( "CreateRepoInDifferentUser" , doAPICreateRepository ( forkedUserCtx , false , objectFormat ) )
t . Run ( "AddUserAsCollaborator" , doAPIAddCollaborator ( forkedUserCtx , sshContext . Username , perm . AccessModeRead ) )
t . Run ( "ForkFromDifferentUser" , doAPIForkRepository ( sshContext , forkedUserCtx . Username ) )
// Setup key the user ssh key
withKeyFile ( t , keyname , func ( keyFile string ) {
t . Run ( "CreateUserKey" , doAPICreateUserKey ( sshContext , "test-key-" + objectFormat . Name ( ) , keyFile ) )
// Setup remote link
// TODO: get url from api
sshURL := createSSHUrl ( sshContext . GitPath ( ) , u )
// Setup clone folder
dstPath := t . TempDir ( )
t . Run ( "Clone" , doGitClone ( dstPath , sshURL ) )
little , big := standardCommitAndPushTest ( t , dstPath )
littleLFS , bigLFS := lfsCommitAndPushTest ( t , dstPath )
rawTest ( t , & sshContext , little , big , littleLFS , bigLFS )
mediaTest ( t , & sshContext , little , big , littleLFS , bigLFS )
t . Run ( "CreateAgitFlowPull" , doCreateAgitFlowPull ( dstPath , & sshContext , "test/head2" ) )
t . Run ( "InternalReferences" , doInternalReferences ( & sshContext , dstPath ) )
2024-06-01 15:13:30 +03:00
t . Run ( "BranchProtect" , doBranchProtect ( & sshContext , dstPath ) )
2024-05-16 12:25:52 +03:00
t . Run ( "MergeFork" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
t . Run ( "CreatePRAndMerge" , doMergeFork ( sshContext , forkedUserCtx , "master" , sshContext . Username + ":master" ) )
rawTest ( t , & forkedUserCtx , little , big , littleLFS , bigLFS )
mediaTest ( t , & forkedUserCtx , little , big , littleLFS , bigLFS )
} )
t . Run ( "PushCreate" , doPushCreate ( sshContext , sshURL , objectFormat ) )
} )
2017-12-08 15:21:37 +03:00
} )
2017-11-02 20:51:03 +03:00
} )
}
2018-01-16 14:07:47 +03:00
2019-02-04 02:56:53 +03:00
func ensureAnonymousClone ( t * testing . T , u * url . URL ) {
2022-09-04 18:14:53 +03:00
dstLocalPath := t . TempDir ( )
2019-02-04 02:56:53 +03:00
t . Run ( "CloneAnonymous" , doGitClone ( dstLocalPath , u ) )
}
2019-05-31 13:12:15 +03:00
func standardCommitAndPushTest ( t * testing . T , dstPath string ) ( little , big string ) {
t . Run ( "Standard" , func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
little , big = commitAndPushTest ( t , dstPath , "data-file-" )
} )
2022-06-20 13:02:49 +03:00
return little , big
2019-05-31 13:12:15 +03:00
}
func lfsCommitAndPushTest ( t * testing . T , dstPath string ) ( littleLFS , bigLFS string ) {
t . Run ( "LFS" , func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
prefix := "lfs-data-file-"
2022-04-01 05:55:30 +03:00
err := git . NewCommand ( git . DefaultContext , "lfs" ) . AddArguments ( "install" ) . Run ( & git . RunOpts { Dir : dstPath } )
2019-05-31 13:12:15 +03:00
assert . NoError ( t , err )
2022-10-23 17:44:45 +03:00
_ , _ , err = git . NewCommand ( git . DefaultContext , "lfs" ) . AddArguments ( "track" ) . AddDynamicArguments ( prefix + "*" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
2019-05-31 13:12:15 +03:00
assert . NoError ( t , err )
err = git . AddChanges ( dstPath , false , ".gitattributes" )
assert . NoError ( t , err )
2019-11-27 03:35:52 +03:00
2022-01-25 21:15:58 +03:00
err = git . CommitChangesWithArgs ( dstPath , git . AllowLFSFiltersArgs ( ) , git . CommitChangesOptions {
2019-10-12 03:13:27 +03:00
Committer : & git . Signature {
Email : "user2@example.com" ,
Name : "User Two" ,
When : time . Now ( ) ,
} ,
Author : & git . Signature {
Email : "user2@example.com" ,
Name : "User Two" ,
When : time . Now ( ) ,
} ,
Message : fmt . Sprintf ( "Testing commit @ %v" , time . Now ( ) ) ,
} )
2019-11-16 21:21:39 +03:00
assert . NoError ( t , err )
2019-05-31 13:12:15 +03:00
littleLFS , bigLFS = commitAndPushTest ( t , dstPath , prefix )
t . Run ( "Locks" , func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
lockTest ( t , dstPath )
} )
} )
2022-06-20 13:02:49 +03:00
return littleLFS , bigLFS
2019-05-31 13:12:15 +03:00
}
func commitAndPushTest ( t * testing . T , dstPath , prefix string ) ( little , big string ) {
t . Run ( "PushCommit" , func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
t . Run ( "Little" , func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
little = doCommitAndPush ( t , littleSize , dstPath , prefix )
} )
t . Run ( "Big" , func ( t * testing . T ) {
if testing . Short ( ) {
t . Skip ( "Skipping test in short mode." )
return
}
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
big = doCommitAndPush ( t , bigSize , dstPath , prefix )
} )
} )
2022-06-20 13:02:49 +03:00
return little , big
2019-05-31 13:12:15 +03:00
}
func rawTest ( t * testing . T , ctx * APITestContext , little , big , littleLFS , bigLFS string ) {
t . Run ( "Raw" , func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
username := ctx . Username
reponame := ctx . Reponame
session := loginUser ( t , username )
// Request raw paths
req := NewRequest ( t , "GET" , path . Join ( "/" , username , reponame , "/raw/branch/master/" , little ) )
2021-04-06 19:44:02 +03:00
resp := session . MakeRequestNilResponseRecorder ( t , req , http . StatusOK )
assert . Equal ( t , littleSize , resp . Length )
2019-05-31 13:12:15 +03:00
2019-10-12 03:13:27 +03:00
if setting . LFS . StartServer {
req = NewRequest ( t , "GET" , path . Join ( "/" , username , reponame , "/raw/branch/master/" , littleLFS ) )
2021-04-06 19:44:02 +03:00
resp := session . MakeRequest ( t , req , http . StatusOK )
2019-10-12 03:13:27 +03:00
assert . NotEqual ( t , littleSize , resp . Body . Len ( ) )
2021-03-14 18:53:59 +03:00
assert . LessOrEqual ( t , resp . Body . Len ( ) , 1024 )
if resp . Body . Len ( ) != littleSize && resp . Body . Len ( ) <= 1024 {
2021-04-09 01:25:57 +03:00
assert . Contains ( t , resp . Body . String ( ) , lfs . MetaFileIdentifier )
2021-03-14 18:53:59 +03:00
}
2019-10-12 03:13:27 +03:00
}
2019-05-31 13:12:15 +03:00
if ! testing . Short ( ) {
req = NewRequest ( t , "GET" , path . Join ( "/" , username , reponame , "/raw/branch/master/" , big ) )
2021-04-06 19:44:02 +03:00
resp := session . MakeRequestNilResponseRecorder ( t , req , http . StatusOK )
assert . Equal ( t , bigSize , resp . Length )
2019-05-31 13:12:15 +03:00
2019-10-12 03:13:27 +03:00
if setting . LFS . StartServer {
req = NewRequest ( t , "GET" , path . Join ( "/" , username , reponame , "/raw/branch/master/" , bigLFS ) )
2021-04-06 19:44:02 +03:00
resp := session . MakeRequest ( t , req , http . StatusOK )
2019-10-12 03:13:27 +03:00
assert . NotEqual ( t , bigSize , resp . Body . Len ( ) )
2021-03-14 18:53:59 +03:00
if resp . Body . Len ( ) != bigSize && resp . Body . Len ( ) <= 1024 {
2021-04-09 01:25:57 +03:00
assert . Contains ( t , resp . Body . String ( ) , lfs . MetaFileIdentifier )
2021-03-14 18:53:59 +03:00
}
2019-10-12 03:13:27 +03:00
}
2019-05-31 13:12:15 +03:00
}
} )
}
func mediaTest ( t * testing . T , ctx * APITestContext , little , big , littleLFS , bigLFS string ) {
t . Run ( "Media" , func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
username := ctx . Username
reponame := ctx . Reponame
session := loginUser ( t , username )
// Request media paths
req := NewRequest ( t , "GET" , path . Join ( "/" , username , reponame , "/media/branch/master/" , little ) )
resp := session . MakeRequestNilResponseRecorder ( t , req , http . StatusOK )
assert . Equal ( t , littleSize , resp . Length )
2022-08-09 06:22:24 +03:00
req = NewRequest ( t , "GET" , path . Join ( "/" , username , reponame , "/media/branch/master/" , littleLFS ) )
resp = session . MakeRequestNilResponseRecorder ( t , req , http . StatusOK )
assert . Equal ( t , littleSize , resp . Length )
2019-05-31 13:12:15 +03:00
if ! testing . Short ( ) {
req = NewRequest ( t , "GET" , path . Join ( "/" , username , reponame , "/media/branch/master/" , big ) )
resp = session . MakeRequestNilResponseRecorder ( t , req , http . StatusOK )
assert . Equal ( t , bigSize , resp . Length )
2019-10-12 03:13:27 +03:00
if setting . LFS . StartServer {
req = NewRequest ( t , "GET" , path . Join ( "/" , username , reponame , "/media/branch/master/" , bigLFS ) )
resp = session . MakeRequestNilResponseRecorder ( t , req , http . StatusOK )
assert . Equal ( t , bigSize , resp . Length )
}
2019-05-31 13:12:15 +03:00
}
} )
}
func lockTest ( t * testing . T , repoPath string ) {
2019-05-28 13:32:41 +03:00
lockFileTest ( t , "README.md" , repoPath )
}
func lockFileTest ( t * testing . T , filename , repoPath string ) {
2022-04-01 05:55:30 +03:00
_ , _ , err := git . NewCommand ( git . DefaultContext , "lfs" ) . AddArguments ( "locks" ) . RunStdString ( & git . RunOpts { Dir : repoPath } )
2018-01-16 14:07:47 +03:00
assert . NoError ( t , err )
2022-10-23 17:44:45 +03:00
_ , _ , err = git . NewCommand ( git . DefaultContext , "lfs" ) . AddArguments ( "lock" ) . AddDynamicArguments ( filename ) . RunStdString ( & git . RunOpts { Dir : repoPath } )
2018-01-16 14:07:47 +03:00
assert . NoError ( t , err )
2022-04-01 05:55:30 +03:00
_ , _ , err = git . NewCommand ( git . DefaultContext , "lfs" ) . AddArguments ( "locks" ) . RunStdString ( & git . RunOpts { Dir : repoPath } )
2018-01-16 14:07:47 +03:00
assert . NoError ( t , err )
2022-10-23 17:44:45 +03:00
_ , _ , err = git . NewCommand ( git . DefaultContext , "lfs" ) . AddArguments ( "unlock" ) . AddDynamicArguments ( filename ) . RunStdString ( & git . RunOpts { Dir : repoPath } )
2018-01-16 14:07:47 +03:00
assert . NoError ( t , err )
}
2019-05-31 13:12:15 +03:00
func doCommitAndPush ( t * testing . T , size int , repoPath , prefix string ) string {
name , err := generateCommitWithNewData ( size , repoPath , "user2@example.com" , "User Two" , prefix )
2018-01-16 14:07:47 +03:00
assert . NoError ( t , err )
2022-04-01 05:55:30 +03:00
_ , _ , err = git . NewCommand ( git . DefaultContext , "push" , "origin" , "master" ) . RunStdString ( & git . RunOpts { Dir : repoPath } ) // Push
2018-01-16 14:07:47 +03:00
assert . NoError ( t , err )
2019-02-12 18:09:43 +03:00
return name
2018-01-16 14:07:47 +03:00
}
2019-05-31 13:12:15 +03:00
func generateCommitWithNewData ( size int , repoPath , email , fullName , prefix string ) ( string , error ) {
2022-01-20 20:46:10 +03:00
// Generate random file
2020-04-27 14:20:09 +03:00
bufSize := 4 * 1024
if bufSize > size {
bufSize = size
2018-01-16 14:07:47 +03:00
}
2020-04-27 14:20:09 +03:00
buffer := make ( [ ] byte , bufSize )
2021-09-22 08:38:34 +03:00
tmpFile , err := os . CreateTemp ( repoPath , prefix )
2018-01-16 14:07:47 +03:00
if err != nil {
2019-02-12 18:09:43 +03:00
return "" , err
2018-01-16 14:07:47 +03:00
}
defer tmpFile . Close ( )
2020-04-27 14:20:09 +03:00
written := 0
for written < size {
n := size - written
if n > bufSize {
n = bufSize
}
_ , err := rand . Read ( buffer [ : n ] )
if err != nil {
return "" , err
}
n , err = tmpFile . Write ( buffer [ : n ] )
if err != nil {
return "" , err
}
written += n
}
2018-01-16 14:07:47 +03:00
2022-01-20 20:46:10 +03:00
// Commit
2019-10-12 03:13:27 +03:00
// Now here we should explicitly allow lfs filters to run
2022-01-25 21:15:58 +03:00
globalArgs := git . AllowLFSFiltersArgs ( )
2019-11-27 03:35:52 +03:00
err = git . AddChangesWithArgs ( repoPath , globalArgs , false , filepath . Base ( tmpFile . Name ( ) ) )
2018-01-16 14:07:47 +03:00
if err != nil {
2019-02-12 18:09:43 +03:00
return "" , err
2018-01-16 14:07:47 +03:00
}
2019-11-27 03:35:52 +03:00
err = git . CommitChangesWithArgs ( repoPath , globalArgs , git . CommitChangesOptions {
2018-01-16 14:07:47 +03:00
Committer : & git . Signature {
Email : email ,
Name : fullName ,
When : time . Now ( ) ,
} ,
Author : & git . Signature {
Email : email ,
Name : fullName ,
When : time . Now ( ) ,
} ,
Message : fmt . Sprintf ( "Testing commit @ %v" , time . Now ( ) ) ,
} )
2019-02-12 18:09:43 +03:00
return filepath . Base ( tmpFile . Name ( ) ) , err
2018-01-16 14:07:47 +03:00
}
2019-05-31 13:12:15 +03:00
2024-06-01 15:13:30 +03:00
func doBranchProtect ( baseCtx * APITestContext , dstPath string ) func ( t * testing . T ) {
2019-05-31 13:12:15 +03:00
return func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-05-31 13:12:15 +03:00
t . Run ( "CreateBranchProtected" , doGitCreateBranch ( dstPath , "protected" ) )
t . Run ( "PushProtectedBranch" , doGitPushTestRepository ( dstPath , "origin" , "protected" ) )
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
- `activitypub`
- `admin` (hidden if user is not a site admin)
- `misc`
- `notification`
- `organization`
- `package`
- `issue`
- `repository`
- `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
- `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
- `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection
### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">
## tokenRequiresScopes Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error
## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
- _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
- _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
- _This should be addressed in this PR_
- For example:
```go
m.Group("/users/{username}/orgs", func() {
m.Get("", reqToken(), org.ListUserOrgs)
m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
```
## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default
Closes #24501
Closes #24799
Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 21:57:16 +03:00
ctx := NewAPITestContext ( t , baseCtx . Username , baseCtx . Reponame , auth_model . AccessTokenScopeWriteRepository )
2024-06-01 15:13:30 +03:00
t . Run ( "FailToPushToProtectedBranch" , func ( t * testing . T ) {
t . Run ( "ProtectProtectedBranch" , doProtectBranch ( ctx , "protected" ) )
t . Run ( "Create modified-protected-branch" , doGitCheckoutBranch ( dstPath , "-b" , "modified-protected-branch" , "protected" ) )
t . Run ( "GenerateCommit" , func ( t * testing . T ) {
_ , err := generateCommitWithNewData ( littleSize , dstPath , "user2@example.com" , "User Two" , "branch-data-file-" )
assert . NoError ( t , err )
} )
doGitPushTestRepositoryFail ( dstPath , "origin" , "modified-protected-branch:protected" ) ( t )
2020-02-21 21:18:13 +03:00
} )
2021-09-11 17:21:17 +03:00
2024-06-01 15:13:30 +03:00
t . Run ( "PushToUnprotectedBranch" , doGitPushTestRepository ( dstPath , "origin" , "modified-protected-branch:unprotected" ) )
2024-06-01 23:28:42 +03:00
t . Run ( "FailToPushProtectedFilesToProtectedBranch" , func ( t * testing . T ) {
t . Run ( "Create modified-protected-file-protected-branch" , doGitCheckoutBranch ( dstPath , "-b" , "modified-protected-file-protected-branch" , "protected" ) )
t . Run ( "GenerateCommit" , func ( t * testing . T ) {
_ , err := generateCommitWithNewData ( littleSize , dstPath , "user2@example.com" , "User Two" , "protected-file-" )
assert . NoError ( t , err )
} )
t . Run ( "ProtectedFilePathsApplyToAdmins" , doProtectBranch ( ctx , "protected" ) )
doGitPushTestRepositoryFail ( dstPath , "origin" , "modified-protected-file-protected-branch:protected" ) ( t )
doGitCheckoutBranch ( dstPath , "protected" ) ( t )
doGitPull ( dstPath , "origin" , "protected" ) ( t )
} )
2024-06-01 15:13:30 +03:00
t . Run ( "PushUnprotectedFilesToProtectedBranch" , func ( t * testing . T ) {
t . Run ( "Create modified-unprotected-file-protected-branch" , doGitCheckoutBranch ( dstPath , "-b" , "modified-unprotected-file-protected-branch" , "protected" ) )
t . Run ( "UnprotectedFilePaths" , doProtectBranch ( ctx , "protected" , parameterProtectBranch {
"unprotected_file_patterns" : "unprotected-file-*" ,
} ) )
t . Run ( "GenerateCommit" , func ( t * testing . T ) {
_ , err := generateCommitWithNewData ( littleSize , dstPath , "user2@example.com" , "User Two" , "unprotected-file-" )
assert . NoError ( t , err )
} )
doGitPushTestRepository ( dstPath , "origin" , "modified-unprotected-file-protected-branch:protected" ) ( t )
doGitCheckoutBranch ( dstPath , "protected" ) ( t )
doGitPull ( dstPath , "origin" , "protected" ) ( t )
2021-09-11 17:21:17 +03:00
} )
2024-06-01 11:35:01 +03:00
user , err := user_model . GetUserByName ( db . DefaultContext , baseCtx . Username )
assert . NoError ( t , err )
2024-06-01 15:13:30 +03:00
t . Run ( "WhitelistUsers" , doProtectBranch ( ctx , "protected" , parameterProtectBranch {
2024-06-01 11:35:01 +03:00
"enable_push" : "whitelist" ,
"enable_whitelist" : "on" ,
"whitelist_users" : strconv . FormatInt ( user . ID , 10 ) ,
} ) )
2019-05-31 13:12:15 +03:00
2024-06-01 15:13:30 +03:00
t . Run ( "WhitelistedUserFailToForcePushToProtectedBranch" , func ( t * testing . T ) {
t . Run ( "Create toforce" , doGitCheckoutBranch ( dstPath , "-b" , "toforce" , "master" ) )
t . Run ( "GenerateCommit" , func ( t * testing . T ) {
_ , err := generateCommitWithNewData ( littleSize , dstPath , "user2@example.com" , "User Two" , "branch-data-file-" )
assert . NoError ( t , err )
} )
doGitPushTestRepositoryFail ( dstPath , "-f" , "origin" , "toforce:protected" ) ( t )
} )
t . Run ( "WhitelistedUserPushToProtectedBranch" , func ( t * testing . T ) {
t . Run ( "Create topush" , doGitCheckoutBranch ( dstPath , "-b" , "topush" , "protected" ) )
t . Run ( "GenerateCommit" , func ( t * testing . T ) {
_ , err := generateCommitWithNewData ( littleSize , dstPath , "user2@example.com" , "User Two" , "branch-data-file-" )
assert . NoError ( t , err )
} )
doGitPushTestRepository ( dstPath , "origin" , "topush:protected" ) ( t )
2019-05-31 13:12:15 +03:00
} )
}
}
2024-06-01 11:35:01 +03:00
type parameterProtectBranch map [ string ] string
func doProtectBranch ( ctx APITestContext , branch string , addParameter ... parameterProtectBranch ) func ( t * testing . T ) {
2019-05-31 13:12:15 +03:00
// We are going to just use the owner to set the protection.
return func ( t * testing . T ) {
2024-02-25 21:50:46 +03:00
repo := unittest . AssertExistsAndLoadBean ( t , & repo_model . Repository { Name : ctx . Reponame , OwnerName : ctx . Username } )
rule := & git_model . ProtectedBranch { RuleName : branch , RepoID : repo . ID }
unittest . LoadBeanIfExists ( rule )
2019-05-31 13:12:15 +03:00
csrf := GetCSRF ( t , ctx . Session , fmt . Sprintf ( "/%s/%s/settings/branches" , url . PathEscape ( ctx . Username ) , url . PathEscape ( ctx . Reponame ) ) )
2024-06-01 11:35:01 +03:00
parameter := parameterProtectBranch {
"_csrf" : csrf ,
"rule_id" : strconv . FormatInt ( rule . ID , 10 ) ,
"rule_name" : branch ,
}
if len ( addParameter ) > 0 {
for k , v := range addParameter [ 0 ] {
parameter [ k ] = v
}
2019-05-31 13:12:15 +03:00
}
2024-06-01 11:35:01 +03:00
// Change branch to protected
req := NewRequestWithValues ( t , "POST" , fmt . Sprintf ( "/%s/%s/settings/branches/edit" , url . PathEscape ( ctx . Username ) , url . PathEscape ( ctx . Reponame ) ) , parameter )
ctx . Session . MakeRequest ( t , req , http . StatusSeeOther )
2019-05-31 13:12:15 +03:00
// Check if master branch has been locked successfully
2023-04-13 22:45:33 +03:00
flashCookie := ctx . Session . GetCookie ( gitea_context . CookieNameFlash )
2019-05-31 13:12:15 +03:00
assert . NotNil ( t , flashCookie )
2023-04-18 01:04:26 +03:00
assert . EqualValues ( t , "success%3DBranch%2Bprotection%2Bfor%2Brule%2B%2522" + url . QueryEscape ( branch ) + "%2522%2Bhas%2Bbeen%2Bupdated." , flashCookie . Value )
2019-05-31 13:12:15 +03:00
}
}
2019-06-22 20:35:34 +03:00
func doMergeFork ( ctx , baseCtx APITestContext , baseBranch , headBranch string ) func ( t * testing . T ) {
return func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2019-06-22 20:35:34 +03:00
var pr api . PullRequest
var err error
2020-04-28 11:32:23 +03:00
2024-02-23 03:26:17 +03:00
// Create a test pull request
2019-06-22 20:35:34 +03:00
t . Run ( "CreatePullRequest" , func ( t * testing . T ) {
pr , err = doAPICreatePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , baseBranch , headBranch ) ( t )
assert . NoError ( t , err )
} )
2020-04-28 11:32:23 +03:00
2023-12-20 00:18:07 +03:00
// Ensure the PR page works.
// For the base repository owner, the PR is not editable (maintainer edits are not enabled):
t . Run ( "EnsureCanSeePull" , doEnsureCanSeePull ( baseCtx , pr , false ) )
// For the head repository owner, the PR is editable:
headSession := loginUser ( t , "user2" )
headToken := getTokenForLoggedInUser ( t , headSession , auth_model . AccessTokenScopeReadRepository , auth_model . AccessTokenScopeReadUser )
headCtx := APITestContext {
Session : headSession ,
Token : headToken ,
Username : baseCtx . Username ,
Reponame : baseCtx . Reponame ,
}
t . Run ( "EnsureCanSeePull" , doEnsureCanSeePull ( headCtx , pr , true ) )
2020-04-28 11:32:23 +03:00
2024-02-23 03:26:17 +03:00
// Confirm that there is no AGit Label
// TODO: Refactor and move this check to a function
t . Run ( "AGitLabelIsMissing" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
session := loginUser ( t , ctx . Username )
req := NewRequest ( t , "GET" , fmt . Sprintf ( "/%s/%s/pulls/%d" , baseCtx . Username , baseCtx . Reponame , pr . Index ) )
resp := session . MakeRequest ( t , req , http . StatusOK )
htmlDoc := NewHTMLParser ( t , resp . Body )
htmlDoc . AssertElement ( t , "#agit-label" , false )
} )
2020-04-28 11:32:23 +03:00
// Then get the diff string
2021-04-06 19:44:02 +03:00
var diffHash string
2021-04-10 11:27:29 +03:00
var diffLength int
2020-04-03 16:21:41 +03:00
t . Run ( "GetDiff" , func ( t * testing . T ) {
req := NewRequest ( t , "GET" , fmt . Sprintf ( "/%s/%s/pulls/%d.diff" , url . PathEscape ( baseCtx . Username ) , url . PathEscape ( baseCtx . Reponame ) , pr . Index ) )
2021-04-06 19:44:02 +03:00
resp := ctx . Session . MakeRequestNilResponseHashSumRecorder ( t , req , http . StatusOK )
diffHash = string ( resp . Hash . Sum ( nil ) )
2021-04-10 11:27:29 +03:00
diffLength = resp . Length
2020-04-03 16:21:41 +03:00
} )
2020-04-28 11:32:23 +03:00
// Now: Merge the PR & make sure that doesn't break the PR page or change its diff
2019-06-22 20:35:34 +03:00
t . Run ( "MergePR" , doAPIMergePullRequest ( baseCtx , baseCtx . Username , baseCtx . Reponame , pr . Index ) )
2023-12-20 00:18:07 +03:00
// for both users the PR is still visible but not editable anymore after it was merged
t . Run ( "EnsureCanSeePull" , doEnsureCanSeePull ( baseCtx , pr , false ) )
t . Run ( "EnsureCanSeePull" , doEnsureCanSeePull ( headCtx , pr , false ) )
2021-04-10 11:27:29 +03:00
t . Run ( "CheckPR" , func ( t * testing . T ) {
oldMergeBase := pr . MergeBase
pr2 , err := doAPIGetPullRequest ( baseCtx , baseCtx . Username , baseCtx . Reponame , pr . Index ) ( t )
assert . NoError ( t , err )
assert . Equal ( t , oldMergeBase , pr2 . MergeBase )
} )
t . Run ( "EnsurDiffNoChange" , doEnsureDiffNoChange ( baseCtx , pr , diffHash , diffLength ) )
2020-04-28 11:32:23 +03:00
// Then: Delete the head branch & make sure that doesn't break the PR page or change its diff
2020-04-03 16:21:41 +03:00
t . Run ( "DeleteHeadBranch" , doBranchDelete ( baseCtx , baseCtx . Username , baseCtx . Reponame , headBranch ) )
2023-12-20 00:18:07 +03:00
t . Run ( "EnsureCanSeePull" , doEnsureCanSeePull ( baseCtx , pr , false ) )
2021-04-10 11:27:29 +03:00
t . Run ( "EnsureDiffNoChange" , doEnsureDiffNoChange ( baseCtx , pr , diffHash , diffLength ) )
2020-04-28 11:32:23 +03:00
// Delete the head repository & make sure that doesn't break the PR page or change its diff
t . Run ( "DeleteHeadRepository" , doAPIDeleteRepository ( ctx ) )
2023-12-20 00:18:07 +03:00
t . Run ( "EnsureCanSeePull" , doEnsureCanSeePull ( baseCtx , pr , false ) )
2021-04-10 11:27:29 +03:00
t . Run ( "EnsureDiffNoChange" , doEnsureDiffNoChange ( baseCtx , pr , diffHash , diffLength ) )
2020-04-28 11:32:23 +03:00
}
}
2021-03-04 06:41:23 +03:00
func doCreatePRAndSetManuallyMerged ( ctx , baseCtx APITestContext , dstPath , baseBranch , headBranch string ) func ( t * testing . T ) {
return func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2021-03-04 06:41:23 +03:00
var (
pr api . PullRequest
err error
lastCommitID string
)
trueBool := true
falseBool := false
t . Run ( "AllowSetManuallyMergedAndSwitchOffAutodetectManualMerge" , doAPIEditRepository ( baseCtx , & api . EditRepoOption {
HasPullRequests : & trueBool ,
AllowManualMerge : & trueBool ,
AutodetectManualMerge : & falseBool ,
} ) )
t . Run ( "CreateHeadBranch" , doGitCreateBranch ( dstPath , headBranch ) )
Refactor git command package to improve security and maintainability (#22678)
This PR follows #21535 (and replace #22592)
## Review without space diff
https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1
## Purpose of this PR
1. Make git module command completely safe (risky user inputs won't be
passed as argument option anymore)
2. Avoid low-level mistakes like
https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918
3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg`
type
4. Simplify code when using git command
## The main idea of this PR
* Move the `git.CmdArg` to the `internal` package, then no other package
except `git` could use it. Then developers could never do
`AddArguments(git.CmdArg(userInput))` any more.
* Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already
trusted arguments. It's only used in a few cases, for example: use git
arguments from config file, help unit test with some arguments.
* Introduce `AddOptionValues` and `AddOptionFormat`, they make code more
clear and simple:
* Before: `AddArguments("-m").AddDynamicArguments(message)`
* After: `AddOptionValues("-m", message)`
* -
* Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'",
sig.Name, sig.Email)))`
* After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)`
## FAQ
### Why these changes were not done in #21535 ?
#21535 is mainly a search&replace, it did its best to not change too
much logic.
Making the framework better needs a lot of changes, so this separate PR
is needed as the second step.
### The naming of `AddOptionXxx`
According to git's manual, the `--xxx` part is called `option`.
### How can it guarantee that `internal.CmdArg` won't be not misused?
Go's specification guarantees that. Trying to access other package's
internal package causes compilation error.
And, `golangci-lint` also denies the git/internal package. Only the
`git/command.go` can use it carefully.
### There is still a `ToTrustedCmdArgs`, will it still allow developers
to make mistakes and pass untrusted arguments?
Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code
will be very complex (see the changes for examples). Then developers and
reviewers can know that something might be unreasonable.
### Why there was a `CmdArgCheck` and why it's removed?
At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck`
was introduced as a hacky patch. Now, almost all code could be written
as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for
`CmdArgCheck` anymore.
### Why many codes for `signArg == ""` is deleted?
Because in the old code, `signArg` could never be empty string, it's
either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just
dead code.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 05:30:43 +03:00
t . Run ( "PushToHeadBranch" , doGitPushTestRepository ( dstPath , "origin" , headBranch ) )
2021-03-04 06:41:23 +03:00
t . Run ( "CreateEmptyPullRequest" , func ( t * testing . T ) {
pr , err = doAPICreatePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , baseBranch , headBranch ) ( t )
assert . NoError ( t , err )
} )
lastCommitID = pr . Base . Sha
t . Run ( "ManuallyMergePR" , doAPIManuallyMergePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , lastCommitID , pr . Index ) )
}
}
2023-12-20 00:18:07 +03:00
func doEnsureCanSeePull ( ctx APITestContext , pr api . PullRequest , editable bool ) func ( t * testing . T ) {
2020-04-28 11:32:23 +03:00
return func ( t * testing . T ) {
req := NewRequest ( t , "GET" , fmt . Sprintf ( "/%s/%s/pulls/%d" , url . PathEscape ( ctx . Username ) , url . PathEscape ( ctx . Reponame ) , pr . Index ) )
ctx . Session . MakeRequest ( t , req , http . StatusOK )
req = NewRequest ( t , "GET" , fmt . Sprintf ( "/%s/%s/pulls/%d/files" , url . PathEscape ( ctx . Username ) , url . PathEscape ( ctx . Reponame ) , pr . Index ) )
2023-12-20 00:18:07 +03:00
resp := ctx . Session . MakeRequest ( t , req , http . StatusOK )
doc := NewHTMLParser ( t , resp . Body )
editButtonCount := doc . doc . Find ( "div.diff-file-header-actions a[href*='/_edit/']" ) . Length ( )
if editable {
assert . Greater ( t , editButtonCount , 0 , "Expected to find a button to edit a file in the PR diff view but there were none" )
} else {
assert . Equal ( t , 0 , editButtonCount , "Expected not to find any buttons to edit files in PR diff view but there were some" )
}
2020-04-28 11:32:23 +03:00
req = NewRequest ( t , "GET" , fmt . Sprintf ( "/%s/%s/pulls/%d/commits" , url . PathEscape ( ctx . Username ) , url . PathEscape ( ctx . Reponame ) , pr . Index ) )
ctx . Session . MakeRequest ( t , req , http . StatusOK )
}
}
2021-04-10 11:27:29 +03:00
func doEnsureDiffNoChange ( ctx APITestContext , pr api . PullRequest , diffHash string , diffLength int ) func ( t * testing . T ) {
2020-04-28 11:32:23 +03:00
return func ( t * testing . T ) {
req := NewRequest ( t , "GET" , fmt . Sprintf ( "/%s/%s/pulls/%d.diff" , url . PathEscape ( ctx . Username ) , url . PathEscape ( ctx . Reponame ) , pr . Index ) )
2021-04-06 19:44:02 +03:00
resp := ctx . Session . MakeRequestNilResponseHashSumRecorder ( t , req , http . StatusOK )
actual := string ( resp . Hash . Sum ( nil ) )
2021-04-10 11:27:29 +03:00
actualLength := resp . Length
2021-03-21 22:51:54 +03:00
2021-04-06 19:44:02 +03:00
equal := diffHash == actual
2021-04-10 11:27:29 +03:00
assert . True ( t , equal , "Unexpected change in the diff string: expected hash: %s size: %d but was actually: %s size: %d" , hex . EncodeToString ( [ ] byte ( diffHash ) ) , diffLength , hex . EncodeToString ( [ ] byte ( actual ) ) , actualLength )
2019-06-22 20:35:34 +03:00
}
}
2019-12-15 05:49:52 +03:00
2024-05-16 12:25:52 +03:00
func doPushCreate ( ctx APITestContext , u * url . URL , objectFormat git . ObjectFormat ) func ( t * testing . T ) {
2019-12-15 05:49:52 +03:00
return func ( t * testing . T ) {
2024-05-21 15:21:36 +03:00
if objectFormat == git . Sha256ObjectFormat {
t . Skipf ( "push-create not supported for %s, see https://codeberg.org/forgejo/forgejo/issues/3783" , objectFormat )
}
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2020-04-28 11:32:23 +03:00
// create a context for a currently non-existent repository
2019-12-15 05:49:52 +03:00
ctx . Reponame = fmt . Sprintf ( "repo-tmp-push-create-%s" , u . Scheme )
u . Path = ctx . GitPath ( )
2020-04-28 11:32:23 +03:00
// Create a temporary directory
2022-09-04 18:14:53 +03:00
tmpDir := t . TempDir ( )
2019-12-15 05:49:52 +03:00
2020-04-28 11:32:23 +03:00
// Now create local repository to push as our test and set its origin
2024-05-16 12:25:52 +03:00
t . Run ( "InitTestRepository" , doGitInitTestRepository ( tmpDir , objectFormat ) )
2020-04-28 11:32:23 +03:00
t . Run ( "AddRemote" , doGitAddRemote ( tmpDir , "origin" , u ) )
2019-12-15 05:49:52 +03:00
2020-04-28 11:32:23 +03:00
// Disable "Push To Create" and attempt to push
2019-12-15 05:49:52 +03:00
setting . Repository . EnablePushCreateUser = false
2020-04-28 11:32:23 +03:00
t . Run ( "FailToPushAndCreateTestRepository" , doGitPushTestRepositoryFail ( tmpDir , "origin" , "master" ) )
2019-12-15 05:49:52 +03:00
2020-04-28 11:32:23 +03:00
// Enable "Push To Create"
2019-12-15 05:49:52 +03:00
setting . Repository . EnablePushCreateUser = true
2020-02-05 12:40:35 +03:00
2020-04-28 11:32:23 +03:00
// Assert that cloning from a non-existent repository does not create it and that it definitely wasn't create above
t . Run ( "FailToCloneFromNonExistentRepository" , doGitCloneFail ( u ) )
2020-02-05 12:40:35 +03:00
2020-04-28 11:32:23 +03:00
// Then "Push To Create"x
t . Run ( "SuccessfullyPushAndCreateTestRepository" , doGitPushTestRepository ( tmpDir , "origin" , "master" ) )
2019-12-15 05:49:52 +03:00
2020-04-28 11:32:23 +03:00
// Finally, fetch repo from database and ensure the correct repository has been created
2022-12-03 05:48:26 +03:00
repo , err := repo_model . GetRepositoryByOwnerAndName ( db . DefaultContext , ctx . Username , ctx . Reponame )
2019-12-15 05:49:52 +03:00
assert . NoError ( t , err )
assert . False ( t , repo . IsEmpty )
assert . True ( t , repo . IsPrivate )
2020-04-28 11:32:23 +03:00
// Now add a remote that is invalid to "Push To Create"
invalidCtx := ctx
invalidCtx . Reponame = fmt . Sprintf ( "invalid/repo-tmp-push-create-%s" , u . Scheme )
u . Path = invalidCtx . GitPath ( )
t . Run ( "AddInvalidRemote" , doGitAddRemote ( tmpDir , "invalid" , u ) )
// Fail to "Push To Create" the invalid
t . Run ( "FailToPushAndCreateInvalidTestRepository" , doGitPushTestRepositoryFail ( tmpDir , "invalid" , "master" ) )
2019-12-15 05:49:52 +03:00
}
}
2020-04-03 16:21:41 +03:00
func doBranchDelete ( ctx APITestContext , owner , repo , branch string ) func ( * testing . T ) {
return func ( t * testing . T ) {
csrf := GetCSRF ( t , ctx . Session , fmt . Sprintf ( "/%s/%s/branches" , url . PathEscape ( owner ) , url . PathEscape ( repo ) ) )
req := NewRequestWithValues ( t , "POST" , fmt . Sprintf ( "/%s/%s/branches/delete?name=%s" , url . PathEscape ( owner ) , url . PathEscape ( repo ) , url . QueryEscape ( branch ) ) , map [ string ] string {
"_csrf" : csrf ,
} )
ctx . Session . MakeRequest ( t , req , http . StatusOK )
}
}
2021-07-28 12:42:56 +03:00
2022-05-07 20:05:52 +03:00
func doAutoPRMerge ( baseCtx * APITestContext , dstPath string ) func ( t * testing . T ) {
return func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2022-05-07 20:05:52 +03:00
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
- `activitypub`
- `admin` (hidden if user is not a site admin)
- `misc`
- `notification`
- `organization`
- `package`
- `issue`
- `repository`
- `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
- `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
- `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection
### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">
## tokenRequiresScopes Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error
## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
- _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
- _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
- _This should be addressed in this PR_
- For example:
```go
m.Group("/users/{username}/orgs", func() {
m.Get("", reqToken(), org.ListUserOrgs)
m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
```
## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default
Closes #24501
Closes #24799
Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 21:57:16 +03:00
ctx := NewAPITestContext ( t , baseCtx . Username , baseCtx . Reponame , auth_model . AccessTokenScopeWriteRepository )
2022-05-07 20:05:52 +03:00
t . Run ( "CheckoutProtected" , doGitCheckoutBranch ( dstPath , "protected" ) )
t . Run ( "PullProtected" , doGitPull ( dstPath , "origin" , "protected" ) )
t . Run ( "GenerateCommit" , func ( t * testing . T ) {
_ , err := generateCommitWithNewData ( littleSize , dstPath , "user2@example.com" , "User Two" , "branch-data-file-" )
assert . NoError ( t , err )
} )
t . Run ( "PushToUnprotectedBranch" , doGitPushTestRepository ( dstPath , "origin" , "protected:unprotected3" ) )
var pr api . PullRequest
var err error
t . Run ( "CreatePullRequest" , func ( t * testing . T ) {
pr , err = doAPICreatePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , "protected" , "unprotected3" ) ( t )
assert . NoError ( t , err )
} )
// Request repository commits page
req := NewRequest ( t , "GET" , fmt . Sprintf ( "/%s/%s/pulls/%d/commits" , baseCtx . Username , baseCtx . Reponame , pr . Index ) )
resp := ctx . Session . MakeRequest ( t , req , http . StatusOK )
doc := NewHTMLParser ( t , resp . Body )
// Get first commit URL
commitURL , exists := doc . doc . Find ( "#commits-table tbody tr td.sha a" ) . Last ( ) . Attr ( "href" )
assert . True ( t , exists )
assert . NotEmpty ( t , commitURL )
commitID := path . Base ( commitURL )
2023-02-20 11:43:04 +03:00
addCommitStatus := func ( status api . CommitStatusState ) func ( * testing . T ) {
return doAPICreateCommitStatus ( ctx , commitID , api . CreateStatusOption {
State : status ,
TargetURL : "http://test.ci/" ,
Description : "" ,
Context : "testci" ,
} )
}
2022-05-07 20:05:52 +03:00
// Call API to add Pending status for commit
2023-02-20 11:43:04 +03:00
t . Run ( "CreateStatus" , addCommitStatus ( api . CommitStatusPending ) )
2022-05-07 20:05:52 +03:00
// Cancel not existing auto merge
ctx . ExpectedCode = http . StatusNotFound
t . Run ( "CancelAutoMergePR" , doAPICancelAutoMergePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , pr . Index ) )
// Add auto merge request
ctx . ExpectedCode = http . StatusCreated
t . Run ( "AutoMergePR" , doAPIAutoMergePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , pr . Index ) )
// Can not create schedule twice
ctx . ExpectedCode = http . StatusConflict
t . Run ( "AutoMergePRTwice" , doAPIAutoMergePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , pr . Index ) )
// Cancel auto merge request
ctx . ExpectedCode = http . StatusNoContent
t . Run ( "CancelAutoMergePR" , doAPICancelAutoMergePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , pr . Index ) )
// Add auto merge request
ctx . ExpectedCode = http . StatusCreated
t . Run ( "AutoMergePR" , doAPIAutoMergePullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , pr . Index ) )
// Check pr status
ctx . ExpectedCode = 0
pr , err = doAPIGetPullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , pr . Index ) ( t )
assert . NoError ( t , err )
assert . False ( t , pr . HasMerged )
// Call API to add Failure status for commit
2023-02-20 11:43:04 +03:00
t . Run ( "CreateStatus" , addCommitStatus ( api . CommitStatusFailure ) )
2022-05-07 20:05:52 +03:00
// Check pr status
pr , err = doAPIGetPullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , pr . Index ) ( t )
assert . NoError ( t , err )
assert . False ( t , pr . HasMerged )
// Call API to add Success status for commit
2023-02-20 11:43:04 +03:00
t . Run ( "CreateStatus" , addCommitStatus ( api . CommitStatusSuccess ) )
2022-05-07 20:05:52 +03:00
// wait to let gitea merge stuff
time . Sleep ( time . Second )
// test pr status
pr , err = doAPIGetPullRequest ( ctx , baseCtx . Username , baseCtx . Reponame , pr . Index ) ( t )
assert . NoError ( t , err )
assert . True ( t , pr . HasMerged )
}
}
2024-03-27 01:28:10 +03:00
func doInternalReferences ( ctx * APITestContext , dstPath string ) func ( t * testing . T ) {
return func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
repo := unittest . AssertExistsAndLoadBean ( t , & repo_model . Repository { OwnerName : ctx . Username , Name : ctx . Reponame } )
pr1 := unittest . AssertExistsAndLoadBean ( t , & issues_model . PullRequest { HeadRepoID : repo . ID } )
_ , stdErr , gitErr := git . NewCommand ( git . DefaultContext , "push" , "origin" ) . AddDynamicArguments ( fmt . Sprintf ( ":refs/pull/%d/head" , pr1 . Index ) ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
assert . Error ( t , gitErr )
assert . Contains ( t , stdErr , fmt . Sprintf ( "remote: Forgejo: The deletion of refs/pull/%d/head is skipped as it's an internal reference." , pr1 . Index ) )
assert . Contains ( t , stdErr , fmt . Sprintf ( "[remote rejected] refs/pull/%d/head (hook declined)" , pr1 . Index ) )
}
}
2024-04-30 15:34:40 +03:00
func doCreateAgitFlowPull ( dstPath string , ctx * APITestContext , headBranch string ) func ( t * testing . T ) {
2021-07-28 12:42:56 +03:00
return func ( t * testing . T ) {
2022-09-02 22:18:23 +03:00
defer tests . PrintCurrentTest ( t ) ( )
2021-07-28 12:42:56 +03:00
// skip this test if git version is low
if git . CheckGitVersionAtLeast ( "2.29" ) != nil {
return
}
2022-03-29 22:13:41 +03:00
gitRepo , err := git . OpenRepository ( git . DefaultContext , dstPath )
2021-07-28 12:42:56 +03:00
if ! assert . NoError ( t , err ) {
return
}
defer gitRepo . Close ( )
var (
2022-06-13 12:37:59 +03:00
pr1 , pr2 * issues_model . PullRequest
2021-07-28 12:42:56 +03:00
commit string
)
2022-12-03 05:48:26 +03:00
repo , err := repo_model . GetRepositoryByOwnerAndName ( db . DefaultContext , ctx . Username , ctx . Reponame )
2021-07-28 12:42:56 +03:00
if ! assert . NoError ( t , err ) {
return
}
2022-06-13 12:37:59 +03:00
pullNum := unittest . GetCount ( t , & issues_model . PullRequest { } )
2021-07-28 12:42:56 +03:00
t . Run ( "CreateHeadBranch" , doGitCreateBranch ( dstPath , headBranch ) )
t . Run ( "AddCommit" , func ( t * testing . T ) {
2022-01-20 20:46:10 +03:00
err := os . WriteFile ( path . Join ( dstPath , "test_file" ) , [ ] byte ( "## test content" ) , 0 o666 )
2021-07-28 12:42:56 +03:00
if ! assert . NoError ( t , err ) {
return
}
err = git . AddChanges ( dstPath , true )
assert . NoError ( t , err )
err = git . CommitChanges ( dstPath , git . CommitChangesOptions {
Committer : & git . Signature {
Email : "user2@example.com" ,
Name : "user2" ,
When : time . Now ( ) ,
} ,
Author : & git . Signature {
Email : "user2@example.com" ,
Name : "user2" ,
When : time . Now ( ) ,
} ,
Message : "Testing commit 1" ,
} )
assert . NoError ( t , err )
commit , err = gitRepo . GetRefCommitID ( "HEAD" )
assert . NoError ( t , err )
} )
t . Run ( "Push" , func ( t * testing . T ) {
2022-10-23 17:44:45 +03:00
err := git . NewCommand ( git . DefaultContext , "push" , "origin" , "HEAD:refs/for/master" , "-o" ) . AddDynamicArguments ( "topic=" + headBranch ) . Run ( & git . RunOpts { Dir : dstPath } )
2021-07-28 12:42:56 +03:00
if ! assert . NoError ( t , err ) {
return
}
2022-06-13 12:37:59 +03:00
unittest . AssertCount ( t , & issues_model . PullRequest { } , pullNum + 1 )
pr1 = unittest . AssertExistsAndLoadBean ( t , & issues_model . PullRequest {
2021-07-28 12:42:56 +03:00
HeadRepoID : repo . ID ,
2022-06-13 12:37:59 +03:00
Flow : issues_model . PullRequestFlowAGit ,
2022-08-16 05:22:25 +03:00
} )
2021-07-28 12:42:56 +03:00
if ! assert . NotEmpty ( t , pr1 ) {
return
}
prMsg , err := doAPIGetPullRequest ( * ctx , ctx . Username , ctx . Reponame , pr1 . Index ) ( t )
if ! assert . NoError ( t , err ) {
return
}
assert . Equal ( t , "user2/" + headBranch , pr1 . HeadBranch )
2023-04-23 00:56:27 +03:00
assert . False ( t , prMsg . HasMerged )
2021-07-28 12:42:56 +03:00
assert . Contains ( t , "Testing commit 1" , prMsg . Body )
assert . Equal ( t , commit , prMsg . Head . Sha )
2022-10-23 17:44:45 +03:00
_ , _ , err = git . NewCommand ( git . DefaultContext , "push" , "origin" ) . AddDynamicArguments ( "HEAD:refs/for/master/test/" + headBranch ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
2021-07-28 12:42:56 +03:00
if ! assert . NoError ( t , err ) {
return
}
2022-06-13 12:37:59 +03:00
unittest . AssertCount ( t , & issues_model . PullRequest { } , pullNum + 2 )
pr2 = unittest . AssertExistsAndLoadBean ( t , & issues_model . PullRequest {
2021-07-28 12:42:56 +03:00
HeadRepoID : repo . ID ,
Index : pr1 . Index + 1 ,
2022-06-13 12:37:59 +03:00
Flow : issues_model . PullRequestFlowAGit ,
2022-08-16 05:22:25 +03:00
} )
2021-07-28 12:42:56 +03:00
if ! assert . NotEmpty ( t , pr2 ) {
return
}
prMsg , err = doAPIGetPullRequest ( * ctx , ctx . Username , ctx . Reponame , pr2 . Index ) ( t )
if ! assert . NoError ( t , err ) {
return
}
assert . Equal ( t , "user2/test/" + headBranch , pr2 . HeadBranch )
2023-04-23 00:56:27 +03:00
assert . False ( t , prMsg . HasMerged )
2021-07-28 12:42:56 +03:00
} )
if pr1 == nil || pr2 == nil {
return
}
2024-02-23 03:26:17 +03:00
t . Run ( "AGitLabelIsPresent" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
session := loginUser ( t , ctx . Username )
req := NewRequest ( t , "GET" , fmt . Sprintf ( "/%s/%s/pulls/%d" , url . PathEscape ( ctx . Username ) , url . PathEscape ( ctx . Reponame ) , pr2 . Index ) )
resp := session . MakeRequest ( t , req , http . StatusOK )
htmlDoc := NewHTMLParser ( t , resp . Body )
htmlDoc . AssertElement ( t , "#agit-label" , true )
} )
2021-07-28 12:42:56 +03:00
t . Run ( "AddCommit2" , func ( t * testing . T ) {
2022-01-20 20:46:10 +03:00
err := os . WriteFile ( path . Join ( dstPath , "test_file" ) , [ ] byte ( "## test content \n ## test content 2" ) , 0 o666 )
2021-07-28 12:42:56 +03:00
if ! assert . NoError ( t , err ) {
return
}
err = git . AddChanges ( dstPath , true )
assert . NoError ( t , err )
err = git . CommitChanges ( dstPath , git . CommitChangesOptions {
Committer : & git . Signature {
Email : "user2@example.com" ,
Name : "user2" ,
When : time . Now ( ) ,
} ,
Author : & git . Signature {
Email : "user2@example.com" ,
Name : "user2" ,
When : time . Now ( ) ,
} ,
2024-02-14 02:35:38 +03:00
Message : "Testing commit 2\n\nLonger description." ,
2021-07-28 12:42:56 +03:00
} )
assert . NoError ( t , err )
commit , err = gitRepo . GetRefCommitID ( "HEAD" )
assert . NoError ( t , err )
} )
t . Run ( "Push2" , func ( t * testing . T ) {
2022-10-23 17:44:45 +03:00
err := git . NewCommand ( git . DefaultContext , "push" , "origin" , "HEAD:refs/for/master" , "-o" ) . AddDynamicArguments ( "topic=" + headBranch ) . Run ( & git . RunOpts { Dir : dstPath } )
2021-07-28 12:42:56 +03:00
if ! assert . NoError ( t , err ) {
return
}
2022-06-13 12:37:59 +03:00
unittest . AssertCount ( t , & issues_model . PullRequest { } , pullNum + 2 )
2021-07-28 12:42:56 +03:00
prMsg , err := doAPIGetPullRequest ( * ctx , ctx . Username , ctx . Reponame , pr1 . Index ) ( t )
if ! assert . NoError ( t , err ) {
return
}
2023-04-23 00:56:27 +03:00
assert . False ( t , prMsg . HasMerged )
2021-07-28 12:42:56 +03:00
assert . Equal ( t , commit , prMsg . Head . Sha )
2022-10-23 17:44:45 +03:00
_ , _ , err = git . NewCommand ( git . DefaultContext , "push" , "origin" ) . AddDynamicArguments ( "HEAD:refs/for/master/test/" + headBranch ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
2021-07-28 12:42:56 +03:00
if ! assert . NoError ( t , err ) {
return
}
2022-06-13 12:37:59 +03:00
unittest . AssertCount ( t , & issues_model . PullRequest { } , pullNum + 2 )
2021-07-28 12:42:56 +03:00
prMsg , err = doAPIGetPullRequest ( * ctx , ctx . Username , ctx . Reponame , pr2 . Index ) ( t )
if ! assert . NoError ( t , err ) {
return
}
2023-04-23 00:56:27 +03:00
assert . False ( t , prMsg . HasMerged )
2021-07-28 12:42:56 +03:00
assert . Equal ( t , commit , prMsg . Head . Sha )
} )
2024-02-14 02:35:38 +03:00
t . Run ( "PushParams" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
t . Run ( "NoParams" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
_ , _ , gitErr := git . NewCommand ( git . DefaultContext , "push" , "origin" ) . AddDynamicArguments ( "HEAD:refs/for/master/" + headBranch + "-implicit" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
assert . NoError ( t , gitErr )
unittest . AssertCount ( t , & issues_model . PullRequest { } , pullNum + 3 )
pr3 := unittest . AssertExistsAndLoadBean ( t , & issues_model . PullRequest {
HeadRepoID : repo . ID ,
Flow : issues_model . PullRequestFlowAGit ,
Index : pr1 . Index + 2 ,
} )
assert . NotEmpty ( t , pr3 )
err := pr3 . LoadIssue ( db . DefaultContext )
assert . NoError ( t , err )
_ , err2 := doAPIGetPullRequest ( * ctx , ctx . Username , ctx . Reponame , pr3 . Index ) ( t )
require . NoError ( t , err2 )
assert . Equal ( t , "Testing commit 2" , pr3 . Issue . Title )
assert . Contains ( t , pr3 . Issue . Content , "Longer description." )
} )
t . Run ( "TitleOverride" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
_ , _ , gitErr := git . NewCommand ( git . DefaultContext , "push" , "origin" , "-o" , "title=my-shiny-title" ) . AddDynamicArguments ( "HEAD:refs/for/master/" + headBranch + "-implicit-2" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
assert . NoError ( t , gitErr )
unittest . AssertCount ( t , & issues_model . PullRequest { } , pullNum + 4 )
pr := unittest . AssertExistsAndLoadBean ( t , & issues_model . PullRequest {
HeadRepoID : repo . ID ,
Flow : issues_model . PullRequestFlowAGit ,
Index : pr1 . Index + 3 ,
} )
assert . NotEmpty ( t , pr )
err := pr . LoadIssue ( db . DefaultContext )
assert . NoError ( t , err )
_ , err = doAPIGetPullRequest ( * ctx , ctx . Username , ctx . Reponame , pr . Index ) ( t )
require . NoError ( t , err )
assert . Equal ( t , "my-shiny-title" , pr . Issue . Title )
assert . Contains ( t , pr . Issue . Content , "Longer description." )
} )
t . Run ( "DescriptionOverride" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
_ , _ , gitErr := git . NewCommand ( git . DefaultContext , "push" , "origin" , "-o" , "description=custom" ) . AddDynamicArguments ( "HEAD:refs/for/master/" + headBranch + "-implicit-3" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
assert . NoError ( t , gitErr )
unittest . AssertCount ( t , & issues_model . PullRequest { } , pullNum + 5 )
pr := unittest . AssertExistsAndLoadBean ( t , & issues_model . PullRequest {
HeadRepoID : repo . ID ,
Flow : issues_model . PullRequestFlowAGit ,
Index : pr1 . Index + 4 ,
} )
assert . NotEmpty ( t , pr )
err := pr . LoadIssue ( db . DefaultContext )
assert . NoError ( t , err )
_ , err = doAPIGetPullRequest ( * ctx , ctx . Username , ctx . Reponame , pr . Index ) ( t )
require . NoError ( t , err )
assert . Equal ( t , "Testing commit 2" , pr . Issue . Title )
assert . Contains ( t , pr . Issue . Content , "custom" )
} )
} )
2024-02-19 02:07:24 +03:00
2024-02-23 23:42:15 +03:00
upstreamGitRepo , err := git . OpenRepository ( git . DefaultContext , filepath . Join ( setting . RepoRootPath , ctx . Username , ctx . Reponame + ".git" ) )
require . NoError ( t , err )
defer upstreamGitRepo . Close ( )
2024-02-19 02:07:24 +03:00
t . Run ( "Force push" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
_ , _ , gitErr := git . NewCommand ( git . DefaultContext , "push" , "origin" ) . AddDynamicArguments ( "HEAD:refs/for/master/" + headBranch + "-force-push" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
require . NoError ( t , gitErr )
unittest . AssertCount ( t , & issues_model . PullRequest { } , pullNum + 6 )
pr := unittest . AssertExistsAndLoadBean ( t , & issues_model . PullRequest {
HeadRepoID : repo . ID ,
Flow : issues_model . PullRequestFlowAGit ,
Index : pr1 . Index + 5 ,
} )
headCommitID , err := upstreamGitRepo . GetRefCommitID ( pr . GetGitRefName ( ) )
require . NoError ( t , err )
_ , _ , gitErr = git . NewCommand ( git . DefaultContext , "reset" , "--hard" , "HEAD~1" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
require . NoError ( t , gitErr )
t . Run ( "Fails" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
_ , stdErr , gitErr := git . NewCommand ( git . DefaultContext , "push" , "origin" ) . AddDynamicArguments ( "HEAD:refs/for/master/" + headBranch + "-force-push" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
assert . Error ( t , gitErr )
assert . Contains ( t , stdErr , "-o force-push=true" )
currentHeadCommitID , err := upstreamGitRepo . GetRefCommitID ( pr . GetGitRefName ( ) )
assert . NoError ( t , err )
assert . EqualValues ( t , headCommitID , currentHeadCommitID )
} )
t . Run ( "Succeeds" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
2024-04-03 03:41:57 +03:00
_ , _ , gitErr := git . NewCommand ( git . DefaultContext , "push" , "origin" , "-o" , "force-push" ) . AddDynamicArguments ( "HEAD:refs/for/master/" + headBranch + "-force-push" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
2024-02-19 02:07:24 +03:00
assert . NoError ( t , gitErr )
currentHeadCommitID , err := upstreamGitRepo . GetRefCommitID ( pr . GetGitRefName ( ) )
assert . NoError ( t , err )
assert . NotEqualValues ( t , headCommitID , currentHeadCommitID )
} )
} )
2024-02-23 23:42:15 +03:00
t . Run ( "Branch already contains commit" , func ( t * testing . T ) {
defer tests . PrintCurrentTest ( t ) ( )
branchCommit , err := upstreamGitRepo . GetBranchCommit ( "master" )
require . NoError ( t , err )
_ , _ , gitErr := git . NewCommand ( git . DefaultContext , "reset" , "--hard" ) . AddDynamicArguments ( branchCommit . ID . String ( ) + "~1" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
require . NoError ( t , gitErr )
_ , stdErr , gitErr := git . NewCommand ( git . DefaultContext , "push" , "origin" ) . AddDynamicArguments ( "HEAD:refs/for/master/" + headBranch + "-already-contains" ) . RunStdString ( & git . RunOpts { Dir : dstPath } )
assert . Error ( t , gitErr )
assert . Contains ( t , stdErr , "already contains this commit" )
} )
2021-07-28 12:42:56 +03:00
t . Run ( "Merge" , doAPIMergePullRequest ( * ctx , ctx . Username , ctx . Reponame , pr1 . Index ) )
t . Run ( "CheckoutMasterAgain" , doGitCheckoutBranch ( dstPath , "master" ) )
}
}
Prevent double use of `git cat-file` session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297
Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)
commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)
entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)
b := entry.Blob()
// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()
// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```
The problem is the check in `CatFileBatch`:
https://github.com/go-gitea/gitea/blob/79217ea63c1f77de7ca79813ae45950724e63d02/modules/git/repo_base_nogogit.go#L81-L87
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.
(cherry picked from commit f74c869221624092999097af38b6f7fae4701420)
2024-02-21 21:54:17 +03:00
func TestDataAsync_Issue29101 ( t * testing . T ) {
onGiteaRun ( t , func ( t * testing . T , u * url . URL ) {
user := unittest . AssertExistsAndLoadBean ( t , & user_model . User { ID : 2 } )
repo := unittest . AssertExistsAndLoadBean ( t , & repo_model . Repository { ID : 1 } )
resp , err := files_service . ChangeRepoFiles ( db . DefaultContext , repo , user , & files_service . ChangeRepoFilesOptions {
Files : [ ] * files_service . ChangeRepoFile {
{
Operation : "create" ,
TreePath : "test.txt" ,
ContentReader : bytes . NewReader ( make ( [ ] byte , 10000 ) ) ,
} ,
} ,
OldBranch : repo . DefaultBranch ,
NewBranch : repo . DefaultBranch ,
} )
assert . NoError ( t , err )
sha := resp . Commit . SHA
gitRepo , err := gitrepo . OpenRepository ( db . DefaultContext , repo )
assert . NoError ( t , err )
2024-04-09 22:14:51 +03:00
defer gitRepo . Close ( )
Prevent double use of `git cat-file` session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297
Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)
commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)
entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)
b := entry.Blob()
// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()
// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```
The problem is the check in `CatFileBatch`:
https://github.com/go-gitea/gitea/blob/79217ea63c1f77de7ca79813ae45950724e63d02/modules/git/repo_base_nogogit.go#L81-L87
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.
(cherry picked from commit f74c869221624092999097af38b6f7fae4701420)
2024-02-21 21:54:17 +03:00
commit , err := gitRepo . GetCommit ( sha )
assert . NoError ( t , err )
entry , err := commit . GetTreeEntryByPath ( "test.txt" )
assert . NoError ( t , err )
b := entry . Blob ( )
r , err := b . DataAsync ( )
assert . NoError ( t , err )
defer r . Close ( )
r2 , err := b . DataAsync ( )
assert . NoError ( t , err )
defer r2 . Close ( )
} )
}