forgejo/tests/integration/migrate_test.go

115 lines
3.8 KiB
Go
Raw Normal View History

// Copyright 2021 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package integration
import (
[FEAT] add Forgero Git Service Signed-off-by: cassiozareck <cassiomilczareck@gmail.com> (cherry picked from commit a878adfe628cf6dc367a17c3715fcd3499aa02b6) Adding description and Forgejo SVG (cherry picked from commit 13738c03804d019f28550e46a4ebc37dbe3a5cfc) Undo reordering and tmpl redirection (cherry picked from commit 9ae51c46f42acecac834371857e638098ebf6d27) (cherry picked from commit 70fffdc61d06dd1d70b6a31496676a23d3d0c2fc) (cherry picked from commit c0ebfa9da3db3e60d7b403a1bf8b8a19c32c5dc7) (cherry picked from commit 9922c92787eccaba0021486ba0a3eb28583969e1) (cherry picked from commit 00c0effbc74aedc7a4167a69c8a410ef324d576b) (cherry picked from commit e4c9525b137205fa9ffdb4e0d7492bbbda9be6b5) (cherry picked from commit 09d7b83211652d045975b0e3bb790856267d52a5) (cherry picked from commit bbcd5975c91f6932f7f2ee07fbd63e84560ba96a) (cherry picked from commit 55c70a0e18d33d8ac0da9ffb97f6d994ed88a319) (cherry picked from commit 76596410c0dd0137cd497c9728c3e1d1c98f2430) (cherry picked from commit 1308043931388bf6de691ad0f766861b77fb08a5) (cherry picked from commit 919d6aedfed6abc8ec9def19f8deec2ee413252b) [FEAT] add Forgero Git Service (squash) more tests Previously only Gitea service was being tested under self-hosted migrations. Since Forgejo is also self-hosted and in fact use the same downloader/migrator we can add to this suite another test that will do the same, migrating the same repository under the same local instance but for the Forgejo service (represented by 9) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1709 Co-authored-by: zareck <cassiomilczareck@gmail.com> Co-committed-by: zareck <cassiomilczareck@gmail.com> (cherry picked from commit 40a4b8f1a8637f78cf2f48104f0b336377652df9) (cherry picked from commit 3198b4a64240b7d4e8b33d8b858a12d046db38c9) (cherry picked from commit 4edda1f3890eb1b5bb9b1eeec1214dbc11f8e343) (cherry picked from commit 4d91b77d29fd4b20be12bf21c31447722ff6da40)
2023-08-14 21:52:44 +02:00
"context"
"fmt"
"net/http"
"net/url"
"os"
"path/filepath"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/services/migrations"
[FEAT] add Forgero Git Service Signed-off-by: cassiozareck <cassiomilczareck@gmail.com> (cherry picked from commit a878adfe628cf6dc367a17c3715fcd3499aa02b6) Adding description and Forgejo SVG (cherry picked from commit 13738c03804d019f28550e46a4ebc37dbe3a5cfc) Undo reordering and tmpl redirection (cherry picked from commit 9ae51c46f42acecac834371857e638098ebf6d27) (cherry picked from commit 70fffdc61d06dd1d70b6a31496676a23d3d0c2fc) (cherry picked from commit c0ebfa9da3db3e60d7b403a1bf8b8a19c32c5dc7) (cherry picked from commit 9922c92787eccaba0021486ba0a3eb28583969e1) (cherry picked from commit 00c0effbc74aedc7a4167a69c8a410ef324d576b) (cherry picked from commit e4c9525b137205fa9ffdb4e0d7492bbbda9be6b5) (cherry picked from commit 09d7b83211652d045975b0e3bb790856267d52a5) (cherry picked from commit bbcd5975c91f6932f7f2ee07fbd63e84560ba96a) (cherry picked from commit 55c70a0e18d33d8ac0da9ffb97f6d994ed88a319) (cherry picked from commit 76596410c0dd0137cd497c9728c3e1d1c98f2430) (cherry picked from commit 1308043931388bf6de691ad0f766861b77fb08a5) (cherry picked from commit 919d6aedfed6abc8ec9def19f8deec2ee413252b) [FEAT] add Forgero Git Service (squash) more tests Previously only Gitea service was being tested under self-hosted migrations. Since Forgejo is also self-hosted and in fact use the same downloader/migrator we can add to this suite another test that will do the same, migrating the same repository under the same local instance but for the Forgejo service (represented by 9) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1709 Co-authored-by: zareck <cassiomilczareck@gmail.com> Co-committed-by: zareck <cassiomilczareck@gmail.com> (cherry picked from commit 40a4b8f1a8637f78cf2f48104f0b336377652df9) (cherry picked from commit 3198b4a64240b7d4e8b33d8b858a12d046db38c9) (cherry picked from commit 4edda1f3890eb1b5bb9b1eeec1214dbc11f8e343) (cherry picked from commit 4d91b77d29fd4b20be12bf21c31447722ff6da40)
2023-08-14 21:52:44 +02:00
"code.gitea.io/gitea/services/repository"
"github.com/stretchr/testify/assert"
)
func TestMigrateLocalPath(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
adminUser := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user1"})
old := setting.ImportLocalPaths
setting.ImportLocalPaths = true
basePath := t.TempDir()
lowercasePath := filepath.Join(basePath, "lowercase")
err := os.Mkdir(lowercasePath, 0o700)
assert.NoError(t, err)
err = migrations.IsMigrateURLAllowed(lowercasePath, adminUser)
assert.NoError(t, err, "case lowercase path")
mixedcasePath := filepath.Join(basePath, "mIxeDCaSe")
err = os.Mkdir(mixedcasePath, 0o700)
assert.NoError(t, err)
err = migrations.IsMigrateURLAllowed(mixedcasePath, adminUser)
assert.NoError(t, err, "case mixedcase path")
setting.ImportLocalPaths = old
}
[FEAT] add Forgero Git Service Signed-off-by: cassiozareck <cassiomilczareck@gmail.com> (cherry picked from commit a878adfe628cf6dc367a17c3715fcd3499aa02b6) Adding description and Forgejo SVG (cherry picked from commit 13738c03804d019f28550e46a4ebc37dbe3a5cfc) Undo reordering and tmpl redirection (cherry picked from commit 9ae51c46f42acecac834371857e638098ebf6d27) (cherry picked from commit 70fffdc61d06dd1d70b6a31496676a23d3d0c2fc) (cherry picked from commit c0ebfa9da3db3e60d7b403a1bf8b8a19c32c5dc7) (cherry picked from commit 9922c92787eccaba0021486ba0a3eb28583969e1) (cherry picked from commit 00c0effbc74aedc7a4167a69c8a410ef324d576b) (cherry picked from commit e4c9525b137205fa9ffdb4e0d7492bbbda9be6b5) (cherry picked from commit 09d7b83211652d045975b0e3bb790856267d52a5) (cherry picked from commit bbcd5975c91f6932f7f2ee07fbd63e84560ba96a) (cherry picked from commit 55c70a0e18d33d8ac0da9ffb97f6d994ed88a319) (cherry picked from commit 76596410c0dd0137cd497c9728c3e1d1c98f2430) (cherry picked from commit 1308043931388bf6de691ad0f766861b77fb08a5) (cherry picked from commit 919d6aedfed6abc8ec9def19f8deec2ee413252b) [FEAT] add Forgero Git Service (squash) more tests Previously only Gitea service was being tested under self-hosted migrations. Since Forgejo is also self-hosted and in fact use the same downloader/migrator we can add to this suite another test that will do the same, migrating the same repository under the same local instance but for the Forgejo service (represented by 9) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1709 Co-authored-by: zareck <cassiomilczareck@gmail.com> Co-committed-by: zareck <cassiomilczareck@gmail.com> (cherry picked from commit 40a4b8f1a8637f78cf2f48104f0b336377652df9) (cherry picked from commit 3198b4a64240b7d4e8b33d8b858a12d046db38c9) (cherry picked from commit 4edda1f3890eb1b5bb9b1eeec1214dbc11f8e343) (cherry picked from commit 4d91b77d29fd4b20be12bf21c31447722ff6da40)
2023-08-14 21:52:44 +02:00
func TestMigrate(t *testing.T) {
onGiteaRun(t, func(t *testing.T, u *url.URL) {
AllowLocalNetworks := setting.Migrations.AllowLocalNetworks
setting.Migrations.AllowLocalNetworks = true
AppVer := setting.AppVer
// Gitea SDK (go-sdk) need to parse the AppVer from server response, so we must set it to a valid version string.
setting.AppVer = "1.16.0"
defer func() {
setting.Migrations.AllowLocalNetworks = AllowLocalNetworks
setting.AppVer = AppVer
migrations.Init()
}()
assert.NoError(t, migrations.Init())
ownerName := "user2"
repoName := "repo1"
repoOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: ownerName})
session := loginUser(t, ownerName)
Redesign Scoped Access Tokens (#24767) ## Changes - Adds the following high level access scopes, each with `read` and `write` levels: - `activitypub` - `admin` (hidden if user is not a site admin) - `misc` - `notification` - `organization` - `package` - `issue` - `repository` - `user` - Adds new middleware function `tokenRequiresScopes()` in addition to `reqToken()` - `tokenRequiresScopes()` is used for each high-level api section - _if_ a scoped token is present, checks that the required scope is included based on the section and HTTP method - `reqToken()` is used for individual routes - checks that required authentication is present (but does not check scope levels as this will already have been handled by `tokenRequiresScopes()` - Adds migration to convert old scoped access tokens to the new set of scopes - Updates the user interface for scope selection ### User interface example <img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM" src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3"> <img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM" src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c"> ## tokenRequiresScopes Design Decision - `tokenRequiresScopes()` was added to more reliably cover api routes. For an incoming request, this function uses the given scope category (say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say `DELETE`) and verifies that any scoped tokens in use include `delete:organization`. - `reqToken()` is used to enforce auth for individual routes that require it. If a scoped token is not present for a request, `tokenRequiresScopes()` will not return an error ## TODO - [x] Alphabetize scope categories - [x] Change 'public repos only' to a radio button (private vs public). Also expand this to organizations - [X] Disable token creation if no scopes selected. Alternatively, show warning - [x] `reqToken()` is missing from many `POST/DELETE` routes in the api. `tokenRequiresScopes()` only checks that a given token has the correct scope, `reqToken()` must be used to check that a token (or some other auth) is present. - _This should be addressed in this PR_ - [x] The migration should be reviewed very carefully in order to minimize access changes to existing user tokens. - _This should be addressed in this PR_ - [x] Link to api to swagger documentation, clarify what read/write/delete levels correspond to - [x] Review cases where more than one scope is needed as this directly deviates from the api definition. - _This should be addressed in this PR_ - For example: ```go m.Group("/users/{username}/orgs", func() { m.Get("", reqToken(), org.ListUserOrgs) m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser, auth_model.AccessTokenScopeCategoryOrganization), context_service.UserAssignmentAPI()) ``` ## Future improvements - [ ] Add required scopes to swagger documentation - [ ] Redesign `reqToken()` to be opt-out rather than opt-in - [ ] Subdivide scopes like `repository` - [ ] Once a token is created, if it has no scopes, we should display text instead of an empty bullet point - [ ] If the 'public repos only' option is selected, should read categories be selected by default Closes #24501 Closes #24799 Co-authored-by: Jonathan Tran <jon@allspice.io> Co-authored-by: Kyle D <kdumontnu@gmail.com> Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 20:57:16 +02:00
token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeReadMisc)
[FEAT] add Forgero Git Service Signed-off-by: cassiozareck <cassiomilczareck@gmail.com> (cherry picked from commit a878adfe628cf6dc367a17c3715fcd3499aa02b6) Adding description and Forgejo SVG (cherry picked from commit 13738c03804d019f28550e46a4ebc37dbe3a5cfc) Undo reordering and tmpl redirection (cherry picked from commit 9ae51c46f42acecac834371857e638098ebf6d27) (cherry picked from commit 70fffdc61d06dd1d70b6a31496676a23d3d0c2fc) (cherry picked from commit c0ebfa9da3db3e60d7b403a1bf8b8a19c32c5dc7) (cherry picked from commit 9922c92787eccaba0021486ba0a3eb28583969e1) (cherry picked from commit 00c0effbc74aedc7a4167a69c8a410ef324d576b) (cherry picked from commit e4c9525b137205fa9ffdb4e0d7492bbbda9be6b5) (cherry picked from commit 09d7b83211652d045975b0e3bb790856267d52a5) (cherry picked from commit bbcd5975c91f6932f7f2ee07fbd63e84560ba96a) (cherry picked from commit 55c70a0e18d33d8ac0da9ffb97f6d994ed88a319) (cherry picked from commit 76596410c0dd0137cd497c9728c3e1d1c98f2430) (cherry picked from commit 1308043931388bf6de691ad0f766861b77fb08a5) (cherry picked from commit 919d6aedfed6abc8ec9def19f8deec2ee413252b) [FEAT] add Forgero Git Service (squash) more tests Previously only Gitea service was being tested under self-hosted migrations. Since Forgejo is also self-hosted and in fact use the same downloader/migrator we can add to this suite another test that will do the same, migrating the same repository under the same local instance but for the Forgejo service (represented by 9) Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1709 Co-authored-by: zareck <cassiomilczareck@gmail.com> Co-committed-by: zareck <cassiomilczareck@gmail.com> (cherry picked from commit 40a4b8f1a8637f78cf2f48104f0b336377652df9) (cherry picked from commit 3198b4a64240b7d4e8b33d8b858a12d046db38c9) (cherry picked from commit 4edda1f3890eb1b5bb9b1eeec1214dbc11f8e343) (cherry picked from commit 4d91b77d29fd4b20be12bf21c31447722ff6da40)
2023-08-14 21:52:44 +02:00
for _, s := range []struct {
svc structs.GitServiceType
}{
{svc: structs.GiteaService},
{svc: structs.ForgejoService},
} {
// Step 0: verify the repo is available
req := NewRequestf(t, "GET", fmt.Sprintf("/%s/%s", ownerName, repoName))
_ = session.MakeRequest(t, req, http.StatusOK)
// Step 1: get the Gitea migration form
req = NewRequestf(t, "GET", "/repo/migrate/?service_type=%d", s.svc)
resp := session.MakeRequest(t, req, http.StatusOK)
// Step 2: load the form
htmlDoc := NewHTMLParser(t, resp.Body)
link, exists := htmlDoc.doc.Find(`form.ui.form[action^="/repo/migrate"]`).Attr("action")
assert.True(t, exists, "The template has changed")
// Step 4: submit the migration to only migrate issues
migratedRepoName := "otherrepo"
req = NewRequestWithValues(t, "POST", link, map[string]string{
"_csrf": htmlDoc.GetCSRF(),
"service": fmt.Sprintf("%d", s.svc),
"clone_addr": fmt.Sprintf("%s%s/%s", u, ownerName, repoName),
"auth_token": token,
"issues": "on",
"repo_name": migratedRepoName,
"description": "",
"uid": fmt.Sprintf("%d", repoOwner.ID),
})
resp = session.MakeRequest(t, req, http.StatusSeeOther)
// Step 5: a redirection displays the migrated repository
loc := resp.Header().Get("Location")
assert.EqualValues(t, fmt.Sprintf("/%s/%s", ownerName, migratedRepoName), loc)
// Step 6: check the repo was created
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{Name: migratedRepoName})
// Step 7: delete the repository, so we can test with other services
err := repository.DeleteRepository(context.Background(), repoOwner, repo, false)
assert.NoError(t, err)
}
})
}