forgejo/integrations
zeripath 17c5c654a5
Prevent double-login for Git HTTP and LFS and simplify login (#15303)
* Prevent double-login for Git HTTP and LFS and simplify login

There are a number of inconsistencies with our current methods for
logging in for git and lfs. The first is that there is a double login
process. This is particularly evident in 1.13 where there are no less
than 4 hash checks for basic authentication due to the previous
IsPasswordSet behaviour.

This duplicated code had individual inconsistencies that were not
helpful and caused confusion.

This PR does the following:

* Remove the specific login code from the git and lfs handlers except
for the lfs special bearer token
* Simplify the meaning of DisableBasicAuthentication to allow Token and
Oauth2 sign-in.
* The removal of the specific code from git and lfs means that these
both now have the same login semantics and can - if not
DisableBasicAuthentication - login from external services. Further it
allows Oauth2 token authentication as per our standard mechanisms.
* The change in the recovery handler prevents the service from
re-attempting to login - primarily because this could easily cause a
further panic and it is wasteful.

* add test

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-05-15 17:32:09 +02:00
..
gitea-repositories-meta Add LFS Migration and Mirror (#14726) 2021-04-08 18:25:57 -04:00
migration-test
admin_user_test.go Add option to change username to the admin panel (#14229) 2021-01-10 14:14:02 +02:00
api_admin_org_test.go
api_admin_test.go Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
api_branch_test.go Fix Benchmark tests, remove a broken one & add two new (#15250) 2021-04-16 20:30:16 +02:00
api_comment_test.go
api_fork_test.go
api_gpg_keys_test.go
api_helper_for_declarative_test.go Always set the merge base used to merge the commit (#15352) 2021-04-10 09:27:29 +01:00
api_issue_label_test.go Never add labels not from this repository or organisation and remove org labels on transfer (#14928) 2021-03-12 18:45:49 +01:00
api_issue_milestone_test.go
api_issue_reaction_test.go [refactor] Unify the export of user data via API (#15144) 2021-03-27 17:45:26 +01:00
api_issue_stopwatch_test.go Display current stopwatch in navbar (#14122) 2021-01-21 15:51:52 +01:00
api_issue_subscription_test.go
api_issue_test.go Issues overview should not show issues from archived repos (#13220) 2021-01-12 23:19:17 -05:00
api_issue_tracked_time_test.go
api_keys_test.go
api_notification_test.go
api_oauth2_apps_test.go Fix delete nonexist oauth application 500 and prevent deadlock (#15384) 2021-04-10 16:49:10 -04:00
api_org_test.go
api_pull_review_test.go Expose resolver via API (#15167) 2021-03-28 00:37:51 +01:00
api_pull_test.go Move modules/forms to services/forms (#15305) 2021-04-06 20:44:05 +01:00
api_releases_test.go [API] Add delete release by tag & fix unreleased inconsistency (#14563) 2021-02-07 19:32:18 +01:00
api_repo_edit_test.go [API] make change repo settings work on empty repos (#15778) 2021-05-08 14:11:36 +02:00
api_repo_file_create_test.go Fix Benchmark tests, remove a broken one & add two new (#15250) 2021-04-16 20:30:16 +02:00
api_repo_file_delete_test.go
api_repo_file_helpers.go Fix Benchmark tests, remove a broken one & add two new (#15250) 2021-04-16 20:30:16 +02:00
api_repo_file_update_test.go
api_repo_get_contents_list_test.go
api_repo_get_contents_test.go
api_repo_git_blobs_test.go
api_repo_git_commits_test.go [API] Add affected files of commits to commit struct (#14579) 2021-02-07 15:43:40 +01:00
api_repo_git_hook_test.go
api_repo_git_ref_test.go
api_repo_git_tags_test.go [API] Add delete release by tag & fix unreleased inconsistency (#14563) 2021-02-07 19:32:18 +01:00
api_repo_git_trees_test.go
api_repo_languages_test.go
api_repo_lfs_locks_test.go Prevent double-login for Git HTTP and LFS and simplify login (#15303) 2021-05-15 17:32:09 +02:00
api_repo_lfs_migrate_test.go Add LFS Migration and Mirror (#14726) 2021-04-08 18:25:57 -04:00
api_repo_raw_test.go
api_repo_tags_test.go
api_repo_teams_test.go [API] List, Check, Add & delete endpoints for repository teams (#13630) 2021-02-01 22:57:12 +01:00
api_repo_test.go Ensure validation occurs on clone addresses too (#14994) 2021-03-15 17:52:11 -04:00
api_repo_topic_test.go
api_settings_test.go Export LFS & TimeTracking function status (#14753) 2021-02-20 11:17:51 +01:00
api_team_test.go
api_team_user_test.go [refactor] Unify the export of user data via API (#15144) 2021-03-27 17:45:26 +01:00
api_token_test.go
api_user_email_test.go rsponse 404 when delete not exist email (#15383) 2021-04-10 07:12:38 +01:00
api_user_heatmap_test.go
api_user_orgs_test.go Extend TestUserOrgs to cover permission cases (#14495) 2021-01-28 22:40:41 +01:00
api_user_search_test.go
attachment_test.go Add size to Save function (#15264) 2021-04-03 18:19:59 +02:00
auth_ldap_test.go
benchmarks_test.go Fix Benchmark tests, remove a broken one & add two new (#15250) 2021-04-16 20:30:16 +02:00
branches_test.go [API] Add pagination to ListBranches (#14524) 2021-02-03 20:06:13 +01:00
change_default_branch_test.go
cmd_keys_test.go
compare_test.go Add selecting tags on the compare page (#15723) 2021-05-07 23:10:05 +02:00
cors_test.go
create_no_session_test.go Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
delete_user_test.go Add option to change username to the admin panel (#14229) 2021-01-10 14:14:02 +02:00
download_test.go Display SVG files as images instead of text (#14101) 2021-01-12 22:45:19 -05:00
editor_test.go
empty_repo_test.go
eventsource_test.go
explore_repos_test.go
git_clone_wiki_test.go Add tests for clone from wiki (#15513) 2021-04-16 17:39:21 -04:00
git_helper_for_declarative_test.go Fix Benchmark tests, remove a broken one & add two new (#15250) 2021-04-16 20:30:16 +02:00
git_test.go Always set the merge base used to merge the commit (#15352) 2021-04-10 09:27:29 +01:00
goget_test.go Return go-get info on subdirs (#15642) 2021-05-09 22:50:06 +01:00
gpg_git_test.go
html_helper.go
integration_test.go Reduce memory usage in testgit (#15306) 2021-04-06 18:44:02 +02:00
issue_test.go
lfs_getobject_test.go Add LFS Migration and Mirror (#14726) 2021-04-08 18:25:57 -04:00
lfs_local_endpoint_test.go Add LFS Migration and Mirror (#14726) 2021-04-08 18:25:57 -04:00
links_test.go add /assets as root dir of public files (#15219) 2021-04-28 12:35:06 +00:00
migrate_test.go Do not convert file path to lowercase (#15023) 2021-03-18 13:58:47 +00:00
mssql.ini.tmpl Unify integration test configs. (#15650) 2021-05-01 10:54:55 +01:00
mysql.ini.tmpl Unify integration test configs. (#15650) 2021-05-01 10:54:55 +01:00
mysql8.ini.tmpl Unify integration test configs. (#15650) 2021-05-01 10:54:55 +01:00
nonascii_branches_test.go
oauth_test.go Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
org_count_test.go
org_test.go
pgsql.ini.tmpl Unify integration test configs. (#15650) 2021-05-01 10:54:55 +01:00
private-testing.key
privateactivity_test.go Show private heatmap on profile to self & admins (#14881) 2021-03-04 23:59:13 +01:00
pull_compare_test.go
pull_create_test.go
pull_merge_test.go
pull_review_test.go
pull_status_test.go Make manual merge autodetection optional and add manual merge as merge method (#12543) 2021-03-03 22:41:23 -05:00
pull_update_test.go
README.md
README_ZH.md
release_test.go fix some ui bug about draft release (#15137) 2021-05-06 05:12:50 +02:00
repo_activity_test.go
repo_branch_test.go
repo_commits_search_test.go
repo_commits_test.go Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
repo_fork_test.go
repo_generate_test.go
repo_migrate_test.go
repo_search_test.go
repo_test.go
repo_watch_test.go
repofiles_delete_test.go
repofiles_update_test.go
setting_test.go
signin_test.go
signout_test.go
signup_test.go
sqlite.ini.tmpl Unify integration test configs. (#15650) 2021-05-01 10:54:55 +01:00
ssh_key_test.go
testlogger.go Migrate to use jsoniter instead of encoding/json (#14841) 2021-03-01 22:08:10 +01:00
timetracking_test.go
user_avatar_test.go Fix broken avatars since #15301 (#15731) 2021-05-05 14:06:39 +01:00
user_test.go
version_test.go
view_test.go Display SVG files as images instead of text (#14101) 2021-01-12 22:45:19 -05:00
xss_test.go

Integrations tests

Integration tests can be run with make commands for the appropriate backends, namely:

make test-mysql
make test-pgsql
make test-sqlite

Make sure to perform a clean build before running tests:

make clean build

Run all tests via local drone

drone exec --local --build-event "pull_request"

Run sqlite integrations tests

Start tests

make test-sqlite

Run mysql integrations tests

Setup a mysql database inside docker

docker run -e "MYSQL_DATABASE=test" -e "MYSQL_ALLOW_EMPTY_PASSWORD=yes" -p 3306:3306 --rm --name mysql mysql:latest #(just ctrl-c to stop db and clean the container)
docker run -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" --rm --name elasticsearch elasticsearch:7.6.0 #(in a secound terminal, just ctrl-c to stop db and clean the container)

Start tests based on the database container

TEST_MYSQL_HOST=localhost:3306 TEST_MYSQL_DBNAME=test TEST_MYSQL_USERNAME=root TEST_MYSQL_PASSWORD='' make test-mysql

Run pgsql integrations tests

Setup a pgsql database inside docker

docker run -e "POSTGRES_DB=test" -p 5432:5432 --rm --name pgsql postgres:latest #(just ctrl-c to stop db and clean the container)

Start tests based on the database container

TEST_PGSQL_HOST=localhost:5432 TEST_PGSQL_DBNAME=test TEST_PGSQL_USERNAME=postgres TEST_PGSQL_PASSWORD=postgres make test-pgsql

Run mssql integrations tests

Setup a mssql database inside docker

docker run -e "ACCEPT_EULA=Y" -e "MSSQL_PID=Standard" -e "SA_PASSWORD=MwantsaSecurePassword1" -p 1433:1433 --rm --name mssql microsoft/mssql-server-linux:latest #(just ctrl-c to stop db and clean the container)

Start tests based on the database container

TEST_MSSQL_HOST=localhost:1433 TEST_MSSQL_DBNAME=gitea_test TEST_MSSQL_USERNAME=sa TEST_MSSQL_PASSWORD=MwantsaSecurePassword1 make test-mssql

Running individual tests

Example command to run GPG test:

For sqlite:

make test-sqlite#GPG

For other databases(replace MSSQL to MYSQL, MYSQL8, PGSQL):

TEST_MSSQL_HOST=localhost:1433 TEST_MSSQL_DBNAME=test TEST_MSSQL_USERNAME=sa TEST_MSSQL_PASSWORD=MwantsaSecurePassword1 make test-mssql#GPG

Setting timeouts for declaring long-tests and long-flushes

We appreciate that some testing machines may not be very powerful and the default timeouts for declaring a slow test or a slow clean-up flush may not be appropriate.

You can either:

  • Within the test ini file set the following section:
[integration-tests]
SLOW_TEST = 10s ; 10s is the default value
SLOW_FLUSH = 5S ; 5s is the default value
  • Set the following environment variables:
GITEA_SLOW_TEST_TIME="10s" GITEA_SLOW_FLUSH_TIME="5s" make test-sqlite