mirror of https://github.com/go-gitea/gitea
Add API to query collaborators permission for a repository (#18761)
Targeting #14936, #15332 Adds a collaborator permissions API endpoint according to GitHub API: https://docs.github.com/en/rest/collaborators/collaborators#get-repository-permissions-for-a-user to retrieve a collaborators permissions for a specific repository. ### Checks the repository permissions of a collaborator. `GET` `/repos/{owner}/{repo}/collaborators/{collaborator}/permission` Possible `permission` values are `admin`, `write`, `read`, `owner`, `none`. ```json { "permission": "admin", "role_name": "admin", "user": {} } ``` Where `permission` and `role_name` hold the same `permission` value and `user` is filled with the user API object. Only admins are allowed to use this API endpoint.pull/19556/head
parent
e5c6c001c5
commit
ad6d08d155
@ -0,0 +1,131 @@ |
||||
// Copyright 2022 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package integrations |
||||
|
||||
import ( |
||||
"net/http" |
||||
"net/url" |
||||
"testing" |
||||
|
||||
"code.gitea.io/gitea/models/perm" |
||||
repo_model "code.gitea.io/gitea/models/repo" |
||||
"code.gitea.io/gitea/models/unittest" |
||||
user_model "code.gitea.io/gitea/models/user" |
||||
api "code.gitea.io/gitea/modules/structs" |
||||
|
||||
"github.com/stretchr/testify/assert" |
||||
) |
||||
|
||||
func TestAPIRepoCollaboratorPermission(t *testing.T) { |
||||
onGiteaRun(t, func(t *testing.T, u *url.URL) { |
||||
repo2 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 2}).(*repo_model.Repository) |
||||
repo2Owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo2.OwnerID}).(*user_model.User) |
||||
|
||||
user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4}).(*user_model.User) |
||||
user5 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5}).(*user_model.User) |
||||
user10 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 10}).(*user_model.User) |
||||
user11 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 11}).(*user_model.User) |
||||
|
||||
session := loginUser(t, repo2Owner.Name) |
||||
testCtx := NewAPITestContext(t, repo2Owner.Name, repo2.Name) |
||||
|
||||
t.Run("RepoOwnerShouldBeOwner", func(t *testing.T) { |
||||
req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, repo2Owner.Name, testCtx.Token) |
||||
resp := session.MakeRequest(t, req, http.StatusOK) |
||||
|
||||
var repoPermission api.RepoCollaboratorPermission |
||||
DecodeJSON(t, resp, &repoPermission) |
||||
|
||||
assert.Equal(t, "owner", repoPermission.Permission) |
||||
}) |
||||
|
||||
t.Run("CollaboratorWithReadAccess", func(t *testing.T) { |
||||
t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeRead)) |
||||
|
||||
req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user4.Name, testCtx.Token) |
||||
resp := session.MakeRequest(t, req, http.StatusOK) |
||||
|
||||
var repoPermission api.RepoCollaboratorPermission |
||||
DecodeJSON(t, resp, &repoPermission) |
||||
|
||||
assert.Equal(t, "read", repoPermission.Permission) |
||||
}) |
||||
|
||||
t.Run("CollaboratorWithWriteAccess", func(t *testing.T) { |
||||
t.Run("AddUserAsCollaboratorWithWriteAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeWrite)) |
||||
|
||||
req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user4.Name, testCtx.Token) |
||||
resp := session.MakeRequest(t, req, http.StatusOK) |
||||
|
||||
var repoPermission api.RepoCollaboratorPermission |
||||
DecodeJSON(t, resp, &repoPermission) |
||||
|
||||
assert.Equal(t, "write", repoPermission.Permission) |
||||
}) |
||||
|
||||
t.Run("CollaboratorWithAdminAccess", func(t *testing.T) { |
||||
t.Run("AddUserAsCollaboratorWithAdminAccess", doAPIAddCollaborator(testCtx, user4.Name, perm.AccessModeAdmin)) |
||||
|
||||
req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user4.Name, testCtx.Token) |
||||
resp := session.MakeRequest(t, req, http.StatusOK) |
||||
|
||||
var repoPermission api.RepoCollaboratorPermission |
||||
DecodeJSON(t, resp, &repoPermission) |
||||
|
||||
assert.Equal(t, "admin", repoPermission.Permission) |
||||
}) |
||||
|
||||
t.Run("CollaboratorNotFound", func(t *testing.T) { |
||||
req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, "non-existent-user", testCtx.Token) |
||||
session.MakeRequest(t, req, http.StatusNotFound) |
||||
}) |
||||
|
||||
t.Run("CollaboratorCanQueryItsPermissions", func(t *testing.T) { |
||||
t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user5.Name, perm.AccessModeRead)) |
||||
|
||||
_session := loginUser(t, user5.Name) |
||||
_testCtx := NewAPITestContext(t, user5.Name, repo2.Name) |
||||
|
||||
req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user5.Name, _testCtx.Token) |
||||
resp := _session.MakeRequest(t, req, http.StatusOK) |
||||
|
||||
var repoPermission api.RepoCollaboratorPermission |
||||
DecodeJSON(t, resp, &repoPermission) |
||||
|
||||
assert.Equal(t, "read", repoPermission.Permission) |
||||
}) |
||||
|
||||
t.Run("CollaboratorCanQueryItsPermissions", func(t *testing.T) { |
||||
t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user5.Name, perm.AccessModeRead)) |
||||
|
||||
_session := loginUser(t, user5.Name) |
||||
_testCtx := NewAPITestContext(t, user5.Name, repo2.Name) |
||||
|
||||
req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user5.Name, _testCtx.Token) |
||||
resp := _session.MakeRequest(t, req, http.StatusOK) |
||||
|
||||
var repoPermission api.RepoCollaboratorPermission |
||||
DecodeJSON(t, resp, &repoPermission) |
||||
|
||||
assert.Equal(t, "read", repoPermission.Permission) |
||||
}) |
||||
|
||||
t.Run("RepoAdminCanQueryACollaboratorsPermissions", func(t *testing.T) { |
||||
t.Run("AddUserAsCollaboratorWithAdminAccess", doAPIAddCollaborator(testCtx, user10.Name, perm.AccessModeAdmin)) |
||||
t.Run("AddUserAsCollaboratorWithReadAccess", doAPIAddCollaborator(testCtx, user11.Name, perm.AccessModeRead)) |
||||
|
||||
_session := loginUser(t, user10.Name) |
||||
_testCtx := NewAPITestContext(t, user10.Name, repo2.Name) |
||||
|
||||
req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/collaborators/%s/permission?token=%s", repo2Owner.Name, repo2.Name, user11.Name, _testCtx.Token) |
||||
resp := _session.MakeRequest(t, req, http.StatusOK) |
||||
|
||||
var repoPermission api.RepoCollaboratorPermission |
||||
DecodeJSON(t, resp, &repoPermission) |
||||
|
||||
assert.Equal(t, "read", repoPermission.Permission) |
||||
}) |
||||
}) |
||||
} |
Loading…
Reference in new issue