mirror of
https://github.com/go-gitea/gitea
synced 2024-09-27 11:39:06 +02:00
44b8b07631
* Added tag protection in hook. * Prevent UI tag creation if protected. * Added settings page. * Added tests. * Added suggestions. * Moved tests. * Use individual errors. * Removed unneeded methods. * Switched delete selector. * Changed method names. * No reason to be unique. * Allow editing of protected tags. * Removed unique key from migration. * Added docs page. * Changed date. * Respond with 404 to not found tags. * Replaced glob with regex pattern. * Added support for glob and regex pattern. * Updated documentation. * Changed white* to allow*. * Fixed edit button link. * Added cancel button. Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
162 lines
2.9 KiB
Go
162 lines
2.9 KiB
Go
// Copyright 2021 The Gitea Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package models
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestIsUserAllowed(t *testing.T) {
|
|
assert.NoError(t, PrepareTestDatabase())
|
|
|
|
pt := &ProtectedTag{}
|
|
allowed, err := pt.IsUserAllowed(1)
|
|
assert.NoError(t, err)
|
|
assert.False(t, allowed)
|
|
|
|
pt = &ProtectedTag{
|
|
AllowlistUserIDs: []int64{1},
|
|
}
|
|
allowed, err = pt.IsUserAllowed(1)
|
|
assert.NoError(t, err)
|
|
assert.True(t, allowed)
|
|
|
|
allowed, err = pt.IsUserAllowed(2)
|
|
assert.NoError(t, err)
|
|
assert.False(t, allowed)
|
|
|
|
pt = &ProtectedTag{
|
|
AllowlistTeamIDs: []int64{1},
|
|
}
|
|
allowed, err = pt.IsUserAllowed(1)
|
|
assert.NoError(t, err)
|
|
assert.False(t, allowed)
|
|
|
|
allowed, err = pt.IsUserAllowed(2)
|
|
assert.NoError(t, err)
|
|
assert.True(t, allowed)
|
|
|
|
pt = &ProtectedTag{
|
|
AllowlistUserIDs: []int64{1},
|
|
AllowlistTeamIDs: []int64{1},
|
|
}
|
|
allowed, err = pt.IsUserAllowed(1)
|
|
assert.NoError(t, err)
|
|
assert.True(t, allowed)
|
|
|
|
allowed, err = pt.IsUserAllowed(2)
|
|
assert.NoError(t, err)
|
|
assert.True(t, allowed)
|
|
}
|
|
|
|
func TestIsUserAllowedToControlTag(t *testing.T) {
|
|
cases := []struct {
|
|
name string
|
|
userid int64
|
|
allowed bool
|
|
}{
|
|
{
|
|
name: "test",
|
|
userid: 1,
|
|
allowed: true,
|
|
},
|
|
{
|
|
name: "test",
|
|
userid: 3,
|
|
allowed: true,
|
|
},
|
|
{
|
|
name: "gitea",
|
|
userid: 1,
|
|
allowed: true,
|
|
},
|
|
{
|
|
name: "gitea",
|
|
userid: 3,
|
|
allowed: false,
|
|
},
|
|
{
|
|
name: "test-gitea",
|
|
userid: 1,
|
|
allowed: true,
|
|
},
|
|
{
|
|
name: "test-gitea",
|
|
userid: 3,
|
|
allowed: false,
|
|
},
|
|
{
|
|
name: "gitea-test",
|
|
userid: 1,
|
|
allowed: true,
|
|
},
|
|
{
|
|
name: "gitea-test",
|
|
userid: 3,
|
|
allowed: true,
|
|
},
|
|
{
|
|
name: "v-1",
|
|
userid: 1,
|
|
allowed: false,
|
|
},
|
|
{
|
|
name: "v-1",
|
|
userid: 2,
|
|
allowed: true,
|
|
},
|
|
{
|
|
name: "release",
|
|
userid: 1,
|
|
allowed: false,
|
|
},
|
|
}
|
|
|
|
t.Run("Glob", func(t *testing.T) {
|
|
protectedTags := []*ProtectedTag{
|
|
{
|
|
NamePattern: `*gitea`,
|
|
AllowlistUserIDs: []int64{1},
|
|
},
|
|
{
|
|
NamePattern: `v-*`,
|
|
AllowlistUserIDs: []int64{2},
|
|
},
|
|
{
|
|
NamePattern: "release",
|
|
},
|
|
}
|
|
|
|
for n, c := range cases {
|
|
isAllowed, err := IsUserAllowedToControlTag(protectedTags, c.name, c.userid)
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, c.allowed, isAllowed, "case %d: error should match", n)
|
|
}
|
|
})
|
|
|
|
t.Run("Regex", func(t *testing.T) {
|
|
protectedTags := []*ProtectedTag{
|
|
{
|
|
NamePattern: `/gitea\z/`,
|
|
AllowlistUserIDs: []int64{1},
|
|
},
|
|
{
|
|
NamePattern: `/\Av-/`,
|
|
AllowlistUserIDs: []int64{2},
|
|
},
|
|
{
|
|
NamePattern: "/release/",
|
|
},
|
|
}
|
|
|
|
for n, c := range cases {
|
|
isAllowed, err := IsUserAllowedToControlTag(protectedTags, c.name, c.userid)
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, c.allowed, isAllowed, "case %d: error should match", n)
|
|
}
|
|
})
|
|
}
|