2023-07-29 17:13:24 +03:00
|
|
|
// Copyright 2023 The Gitea Authors. All rights reserved.
|
|
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
|
|
|
|
package integration
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
2024-05-08 16:44:57 +03:00
|
|
|
"slices"
|
2023-07-29 17:13:24 +03:00
|
|
|
"testing"
|
|
|
|
|
|
|
|
unit_model "code.gitea.io/gitea/models/unit"
|
|
|
|
"code.gitea.io/gitea/tests"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestOrgProjectAccess(t *testing.T) {
|
|
|
|
defer tests.PrepareTestEnv(t)()
|
2024-05-20 07:35:38 +03:00
|
|
|
|
|
|
|
disabledRepoUnits := unit_model.DisabledRepoUnitsGet()
|
|
|
|
unit_model.DisabledRepoUnitsSet(append(slices.Clone(disabledRepoUnits), unit_model.TypeProjects))
|
|
|
|
defer unit_model.DisabledRepoUnitsSet(disabledRepoUnits)
|
2023-07-29 17:13:24 +03:00
|
|
|
|
|
|
|
// repo project, 404
|
|
|
|
req := NewRequest(t, "GET", "/user2/repo1/projects")
|
|
|
|
MakeRequest(t, req, http.StatusNotFound)
|
|
|
|
|
|
|
|
// user project, 200
|
|
|
|
req = NewRequest(t, "GET", "/user2/-/projects")
|
|
|
|
MakeRequest(t, req, http.StatusOK)
|
|
|
|
|
|
|
|
// org project, 200
|
2023-09-14 05:59:53 +03:00
|
|
|
req = NewRequest(t, "GET", "/org3/-/projects")
|
2023-07-29 17:13:24 +03:00
|
|
|
MakeRequest(t, req, http.StatusOK)
|
|
|
|
|
|
|
|
// change the org's visibility to private
|
|
|
|
session := loginUser(t, "user2")
|
2023-09-14 05:59:53 +03:00
|
|
|
req = NewRequestWithValues(t, "POST", "/org/org3/settings", map[string]string{
|
2024-10-10 06:48:21 +03:00
|
|
|
"_csrf": GetUserCSRFToken(t, session),
|
2023-09-14 05:59:53 +03:00
|
|
|
"name": "org3",
|
2023-07-29 17:13:24 +03:00
|
|
|
"visibility": "2",
|
|
|
|
})
|
|
|
|
session.MakeRequest(t, req, http.StatusSeeOther)
|
|
|
|
|
|
|
|
// user4 can still access the org's project because its team(team1) has the permission
|
|
|
|
session = loginUser(t, "user4")
|
2023-09-14 05:59:53 +03:00
|
|
|
req = NewRequest(t, "GET", "/org3/-/projects")
|
2023-07-29 17:13:24 +03:00
|
|
|
session.MakeRequest(t, req, http.StatusOK)
|
|
|
|
|
|
|
|
// disable team1's project unit
|
|
|
|
session = loginUser(t, "user2")
|
2023-09-14 05:59:53 +03:00
|
|
|
req = NewRequestWithValues(t, "POST", "/org/org3/teams/team1/edit", map[string]string{
|
2024-10-10 06:48:21 +03:00
|
|
|
"_csrf": GetUserCSRFToken(t, session),
|
2023-07-29 17:13:24 +03:00
|
|
|
"team_name": "team1",
|
|
|
|
"repo_access": "specific",
|
|
|
|
"permission": "read",
|
|
|
|
"unit_8": "0",
|
|
|
|
})
|
|
|
|
session.MakeRequest(t, req, http.StatusSeeOther)
|
|
|
|
|
|
|
|
// user4 can no longer access the org's project
|
|
|
|
session = loginUser(t, "user4")
|
2023-09-14 05:59:53 +03:00
|
|
|
req = NewRequest(t, "GET", "/org3/-/projects")
|
2023-07-29 17:13:24 +03:00
|
|
|
session.MakeRequest(t, req, http.StatusNotFound)
|
|
|
|
}
|