summaryrefslogtreecommitdiffstats
path: root/tests/integration/api_user_orgs_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'tests/integration/api_user_orgs_test.go')
-rw-r--r--tests/integration/api_user_orgs_test.go132
1 files changed, 132 insertions, 0 deletions
diff --git a/tests/integration/api_user_orgs_test.go b/tests/integration/api_user_orgs_test.go
new file mode 100644
index 00000000..e3119940
--- /dev/null
+++ b/tests/integration/api_user_orgs_test.go
@@ -0,0 +1,132 @@
+// Copyright 2018 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+ "fmt"
+ "net/http"
+ "testing"
+
+ auth_model "code.gitea.io/gitea/models/auth"
+ "code.gitea.io/gitea/models/db"
+ "code.gitea.io/gitea/models/unittest"
+ user_model "code.gitea.io/gitea/models/user"
+ api "code.gitea.io/gitea/modules/structs"
+ "code.gitea.io/gitea/tests"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func TestUserOrgs(t *testing.T) {
+ defer tests.PrepareTestEnv(t)()
+ adminUsername := "user1"
+ normalUsername := "user2"
+ privateMemberUsername := "user4"
+ unrelatedUsername := "user5"
+
+ orgs := getUserOrgs(t, adminUsername, normalUsername)
+
+ org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org3"})
+ org17 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org17"})
+
+ assert.Equal(t, []*api.Organization{
+ {
+ ID: 17,
+ Name: org17.Name,
+ UserName: org17.Name,
+ FullName: org17.FullName,
+ Email: org17.Email,
+ AvatarURL: org17.AvatarLink(db.DefaultContext),
+ Description: "",
+ Website: "",
+ Location: "",
+ Visibility: "public",
+ },
+ {
+ ID: 3,
+ Name: org3.Name,
+ UserName: org3.Name,
+ FullName: org3.FullName,
+ Email: org3.Email,
+ AvatarURL: org3.AvatarLink(db.DefaultContext),
+ Description: "",
+ Website: "",
+ Location: "",
+ Visibility: "public",
+ },
+ }, orgs)
+
+ // user itself should get it's org's he is a member of
+ orgs = getUserOrgs(t, privateMemberUsername, privateMemberUsername)
+ assert.Len(t, orgs, 1)
+
+ // unrelated user should not get private org membership of privateMemberUsername
+ orgs = getUserOrgs(t, unrelatedUsername, privateMemberUsername)
+ assert.Empty(t, orgs)
+
+ // not authenticated call should not be allowed
+ testUserOrgsUnauthenticated(t, privateMemberUsername)
+}
+
+func getUserOrgs(t *testing.T, userDoer, userCheck string) (orgs []*api.Organization) {
+ token := ""
+ if len(userDoer) != 0 {
+ token = getUserToken(t, userDoer, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadUser)
+ }
+ req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/users/%s/orgs", userCheck)).
+ AddTokenAuth(token)
+ resp := MakeRequest(t, req, http.StatusOK)
+ DecodeJSON(t, resp, &orgs)
+ return orgs
+}
+
+func testUserOrgsUnauthenticated(t *testing.T, userCheck string) {
+ session := emptyTestSession(t)
+ req := NewRequestf(t, "GET", "/api/v1/users/%s/orgs", userCheck)
+ session.MakeRequest(t, req, http.StatusUnauthorized)
+}
+
+func TestMyOrgs(t *testing.T) {
+ defer tests.PrepareTestEnv(t)()
+
+ req := NewRequest(t, "GET", "/api/v1/user/orgs")
+ MakeRequest(t, req, http.StatusUnauthorized)
+
+ normalUsername := "user2"
+ token := getUserToken(t, normalUsername, auth_model.AccessTokenScopeReadOrganization, auth_model.AccessTokenScopeReadUser)
+ req = NewRequest(t, "GET", "/api/v1/user/orgs").
+ AddTokenAuth(token)
+ resp := MakeRequest(t, req, http.StatusOK)
+ var orgs []*api.Organization
+ DecodeJSON(t, resp, &orgs)
+ org3 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org3"})
+ org17 := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "org17"})
+
+ assert.Equal(t, []*api.Organization{
+ {
+ ID: 17,
+ Name: org17.Name,
+ UserName: org17.Name,
+ FullName: org17.FullName,
+ Email: org17.Email,
+ AvatarURL: org17.AvatarLink(db.DefaultContext),
+ Description: "",
+ Website: "",
+ Location: "",
+ Visibility: "public",
+ },
+ {
+ ID: 3,
+ Name: org3.Name,
+ UserName: org3.Name,
+ FullName: org3.FullName,
+ Email: org3.Email,
+ AvatarURL: org3.AvatarLink(db.DefaultContext),
+ Description: "",
+ Website: "",
+ Location: "",
+ Visibility: "public",
+ },
+ }, orgs)
+}