osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
Watch 15
Star 7
Wiki 捐赠
本站源代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 4f0cac5ea6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4f0cac5ea6'
${ noResults }
com/models/user_test.go

376 lines
10KB
Raw Blame History 

  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"fmt"

  9. 	"math/rand"

  10. 	"strings"

  11. 	"testing"

  12. 

  13. 	"code.gitea.io/gitea/modules/setting"

  14. 	"code.gitea.io/gitea/modules/util"

  15. 

  16. 	"github.com/stretchr/testify/assert"

  17. )

  18. 

  19. func TestUserIsPublicMember(t *testing.T) {

  20. 	assert.NoError(t, PrepareTestDatabase())

  21. 

  22. 	tt := []struct {

  23. 		uid      int64

  24. 		orgid    int64

  25. 		expected bool

  26. 	}{

  27. 		{2, 3, true},

  28. 		{4, 3, false},

  29. 		{5, 6, true},

  30. 		{5, 7, false},

  31. 	}

  32. 	for _, v := range tt {

  33. 		t.Run(fmt.Sprintf("UserId%dIsPublicMemberOf%d", v.uid, v.orgid), func(t *testing.T) {

  34. 			testUserIsPublicMember(t, v.uid, v.orgid, v.expected)

  35. 		})

  36. 	}

  37. }

  38. 

  39. func testUserIsPublicMember(t *testing.T, uid int64, orgID int64, expected bool) {

  40. 	user, err := GetUserByID(uid)

  41. 	assert.NoError(t, err)

  42. 	assert.Equal(t, expected, user.IsPublicMember(orgID))

  43. }

  44. 

  45. func TestIsUserOrgOwner(t *testing.T) {

  46. 	assert.NoError(t, PrepareTestDatabase())

  47. 

  48. 	tt := []struct {

  49. 		uid      int64

  50. 		orgid    int64

  51. 		expected bool

  52. 	}{

  53. 		{2, 3, true},

  54. 		{4, 3, false},

  55. 		{5, 6, true},

  56. 		{5, 7, true},

  57. 	}

  58. 	for _, v := range tt {

  59. 		t.Run(fmt.Sprintf("UserId%dIsOrgOwnerOf%d", v.uid, v.orgid), func(t *testing.T) {

  60. 			testIsUserOrgOwner(t, v.uid, v.orgid, v.expected)

  61. 		})

  62. 	}

  63. }

  64. 

  65. func testIsUserOrgOwner(t *testing.T, uid int64, orgID int64, expected bool) {

  66. 	user, err := GetUserByID(uid)

  67. 	assert.NoError(t, err)

  68. 	assert.Equal(t, expected, user.IsUserOrgOwner(orgID))

  69. }

  70. 

  71. func TestGetUserEmailsByNames(t *testing.T) {

  72. 	assert.NoError(t, PrepareTestDatabase())

  73. 

  74. 	// ignore none active user email

  75. 	assert.Equal(t, []string{"user8@example.com"}, GetUserEmailsByNames([]string{"user8", "user9"}))

  76. 	assert.Equal(t, []string{"user8@example.com", "user5@example.com"}, GetUserEmailsByNames([]string{"user8", "user5"}))

  77. 

  78. 	assert.Equal(t, []string{"user8@example.com"}, GetUserEmailsByNames([]string{"user8", "user7"}))

  79. }

  80. 

  81. func TestUser_APIFormat(t *testing.T) {

  82. 

  83. 	user, err := GetUserByID(1)

  84. 	assert.NoError(t, err)

  85. 	assert.True(t, user.IsAdmin)

  86. 

  87. 	apiUser := user.APIFormat()

  88. 	assert.True(t, apiUser.IsAdmin)

  89. 

  90. 	user, err = GetUserByID(2)

  91. 	assert.NoError(t, err)

  92. 	assert.False(t, user.IsAdmin)

  93. 

  94. 	apiUser = user.APIFormat()

  95. 	assert.False(t, apiUser.IsAdmin)

  96. }

  97. 

  98. func TestCanCreateOrganization(t *testing.T) {

  99. 	assert.NoError(t, PrepareTestDatabase())

  100. 

  101. 	admin := AssertExistsAndLoadBean(t, &User{ID: 1}).(*User)

  102. 	assert.True(t, admin.CanCreateOrganization())

  103. 

  104. 	user := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)

  105. 	assert.True(t, user.CanCreateOrganization())

  106. 	// Disable user create organization permission.

  107. 	user.AllowCreateOrganization = false

  108. 	assert.False(t, user.CanCreateOrganization())

  109. 

  110. 	setting.Admin.DisableRegularOrgCreation = true

  111. 	user.AllowCreateOrganization = true

  112. 	assert.True(t, admin.CanCreateOrganization())

  113. 	assert.False(t, user.CanCreateOrganization())

  114. }

  115. 

  116. func TestSearchUsers(t *testing.T) {

  117. 	assert.NoError(t, PrepareTestDatabase())

  118. 	testSuccess := func(opts *SearchUserOptions, expectedUserOrOrgIDs []int64) {

  119. 		users, _, err := SearchUsers(opts)

  120. 		assert.NoError(t, err)

  121. 		if assert.Len(t, users, len(expectedUserOrOrgIDs)) {

  122. 			for i, expectedID := range expectedUserOrOrgIDs {

  123. 				assert.EqualValues(t, expectedID, users[i].ID)

  124. 			}

  125. 		}

  126. 	}

  127. 

  128. 	// test orgs

  129. 	testOrgSuccess := func(opts *SearchUserOptions, expectedOrgIDs []int64) {

  130. 		opts.Type = UserTypeOrganization

  131. 		testSuccess(opts, expectedOrgIDs)

  132. 	}

  133. 

  134. 	testOrgSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 1, PageSize: 2},

  135. 		[]int64{3, 6})

  136. 

  137. 	testOrgSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 2, PageSize: 2},

  138. 		[]int64{7, 17})

  139. 

  140. 	testOrgSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 3, PageSize: 2},

  141. 		[]int64{19, 25})

  142. 

  143. 	testOrgSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 4, PageSize: 2},

  144. 		[]int64{26})

  145. 

  146. 	testOrgSuccess(&SearchUserOptions{Page: 5, PageSize: 2},

  147. 		[]int64{})

  148. 

  149. 	// test users

  150. 	testUserSuccess := func(opts *SearchUserOptions, expectedUserIDs []int64) {

  151. 		opts.Type = UserTypeIndividual

  152. 		testSuccess(opts, expectedUserIDs)

  153. 	}

  154. 

  155. 	testUserSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 1},

  156. 		[]int64{1, 2, 4, 5, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24})

  157. 

  158. 	testUserSuccess(&SearchUserOptions{Page: 1, IsActive: util.OptionalBoolFalse},

  159. 		[]int64{9})

  160. 

  161. 	testUserSuccess(&SearchUserOptions{OrderBy: "id ASC", Page: 1, IsActive: util.OptionalBoolTrue},

  162. 		[]int64{1, 2, 4, 5, 8, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24})

  163. 

  164. 	testUserSuccess(&SearchUserOptions{Keyword: "user1", OrderBy: "id ASC", Page: 1, IsActive: util.OptionalBoolTrue},

  165. 		[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})

  166. 

  167. 	// order by name asc default

  168. 	testUserSuccess(&SearchUserOptions{Keyword: "user1", Page: 1, IsActive: util.OptionalBoolTrue},

  169. 		[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})

  170. }

  171. 

  172. func TestDeleteUser(t *testing.T) {

  173. 	test := func(userID int64) {

  174. 		assert.NoError(t, PrepareTestDatabase())

  175. 		user := AssertExistsAndLoadBean(t, &User{ID: userID}).(*User)

  176. 

  177. 		ownedRepos := make([]*Repository, 0, 10)

  178. 		assert.NoError(t, x.Find(&ownedRepos, &Repository{OwnerID: userID}))

  179. 		if len(ownedRepos) > 0 {

  180. 			err := DeleteUser(user)

  181. 			assert.Error(t, err)

  182. 			assert.True(t, IsErrUserOwnRepos(err))

  183. 			return

  184. 		}

  185. 

  186. 		orgUsers := make([]*OrgUser, 0, 10)

  187. 		assert.NoError(t, x.Find(&orgUsers, &OrgUser{UID: userID}))

  188. 		for _, orgUser := range orgUsers {

  189. 			if err := RemoveOrgUser(orgUser.OrgID, orgUser.UID); err != nil {

  190. 				assert.True(t, IsErrLastOrgOwner(err))

  191. 				return

  192. 			}

  193. 		}

  194. 		assert.NoError(t, DeleteUser(user))

  195. 		AssertNotExistsBean(t, &User{ID: userID})

  196. 		CheckConsistencyFor(t, &User{}, &Repository{})

  197. 	}

  198. 	test(2)

  199. 	test(4)

  200. 	test(8)

  201. 	test(11)

  202. }

  203. 

  204. func TestEmailNotificationPreferences(t *testing.T) {

  205. 	assert.NoError(t, PrepareTestDatabase())

  206. 	for _, test := range []struct {

  207. 		expected string

  208. 		userID   int64

  209. 	}{

  210. 		{EmailNotificationsEnabled, 1},

  211. 		{EmailNotificationsEnabled, 2},

  212. 		{EmailNotificationsOnMention, 3},

  213. 		{EmailNotificationsOnMention, 4},

  214. 		{EmailNotificationsEnabled, 5},

  215. 		{EmailNotificationsEnabled, 6},

  216. 		{EmailNotificationsDisabled, 7},

  217. 		{EmailNotificationsEnabled, 8},

  218. 		{EmailNotificationsOnMention, 9},

  219. 	} {

  220. 		user := AssertExistsAndLoadBean(t, &User{ID: test.userID}).(*User)

  221. 		assert.Equal(t, test.expected, user.EmailNotifications())

  222. 

  223. 		// Try all possible settings

  224. 		assert.NoError(t, user.SetEmailNotifications(EmailNotificationsEnabled))

  225. 		assert.Equal(t, EmailNotificationsEnabled, user.EmailNotifications())

  226. 

  227. 		assert.NoError(t, user.SetEmailNotifications(EmailNotificationsOnMention))

  228. 		assert.Equal(t, EmailNotificationsOnMention, user.EmailNotifications())

  229. 

  230. 		assert.NoError(t, user.SetEmailNotifications(EmailNotificationsDisabled))

  231. 		assert.Equal(t, EmailNotificationsDisabled, user.EmailNotifications())

  232. 	}

  233. }

  234. 

  235. func TestHashPasswordDeterministic(t *testing.T) {

  236. 	b := make([]byte, 16)

  237. 	rand.Read(b)

  238. 	u := &User{Salt: string(b)}

  239. 	algos := []string{"pbkdf2", "argon2", "scrypt", "bcrypt"}

  240. 	for j := 0; j < len(algos); j++ {

  241. 		u.PasswdHashAlgo = algos[j]

  242. 		for i := 0; i < 50; i++ {

  243. 			// generate a random password

  244. 			rand.Read(b)

  245. 			pass := string(b)

  246. 

  247. 			// save the current password in the user - hash it and store the result

  248. 			u.HashPassword(pass)

  249. 			r1 := u.Passwd

  250. 

  251. 			// run again

  252. 			u.HashPassword(pass)

  253. 			r2 := u.Passwd

  254. 

  255. 			// assert equal (given the same salt+pass, the same result is produced) except bcrypt

  256. 			if u.PasswdHashAlgo == "bcrypt" {

  257. 				assert.NotEqual(t, r1, r2)

  258. 			} else {

  259. 				assert.Equal(t, r1, r2)

  260. 			}

  261. 		}

  262. 	}

  263. }

  264. 

  265. func BenchmarkHashPassword(b *testing.B) {

  266. 	// BenchmarkHashPassword ensures that it takes a reasonable amount of time

  267. 	// to hash a password - in order to protect from brute-force attacks.

  268. 	pass := "password1337"

  269. 	bs := make([]byte, 16)

  270. 	rand.Read(bs)

  271. 	u := &User{Salt: string(bs), Passwd: pass}

  272. 	b.ResetTimer()

  273. 	for i := 0; i < b.N; i++ {

  274. 		u.HashPassword(pass)

  275. 	}

  276. }

  277. 

  278. func TestGetOrgRepositoryIDs(t *testing.T) {

  279. 	assert.NoError(t, PrepareTestDatabase())

  280. 	user2 := AssertExistsAndLoadBean(t, &User{ID: 2}).(*User)

  281. 	user4 := AssertExistsAndLoadBean(t, &User{ID: 4}).(*User)

  282. 	user5 := AssertExistsAndLoadBean(t, &User{ID: 5}).(*User)

  283. 

  284. 	accessibleRepos, err := user2.GetOrgRepositoryIDs()

  285. 	assert.NoError(t, err)

  286. 	// User 2's team has access to private repos 3, 5, repo 32 is a public repo of the organization

  287. 	assert.Equal(t, []int64{3, 5, 23, 24, 32}, accessibleRepos)

  288. 

  289. 	accessibleRepos, err = user4.GetOrgRepositoryIDs()

  290. 	assert.NoError(t, err)

  291. 	// User 4's team has access to private repo 3, repo 32 is a public repo of the organization

  292. 	assert.Equal(t, []int64{3, 32}, accessibleRepos)

  293. 

  294. 	accessibleRepos, err = user5.GetOrgRepositoryIDs()

  295. 	assert.NoError(t, err)

  296. 	// User 5's team has no access to any repo

  297. 	assert.Len(t, accessibleRepos, 0)

  298. }

  299. 

  300. func TestNewGitSig(t *testing.T) {

  301. 	users := make([]*User, 0, 20)

  302. 	sess := x.NewSession()

  303. 	defer sess.Close()

  304. 	sess.Find(&users)

  305. 

  306. 	for _, user := range users {

  307. 		sig := user.NewGitSig()

  308. 		assert.NotContains(t, sig.Name, "<")

  309. 		assert.NotContains(t, sig.Name, ">")

  310. 		assert.NotContains(t, sig.Name, "\n")

  311. 		assert.NotEqual(t, len(strings.TrimSpace(sig.Name)), 0)

  312. 	}

  313. }

  314. 

  315. func TestDisplayName(t *testing.T) {

  316. 	users := make([]*User, 0, 20)

  317. 	sess := x.NewSession()

  318. 	defer sess.Close()

  319. 	sess.Find(&users)

  320. 

  321. 	for _, user := range users {

  322. 		displayName := user.DisplayName()

  323. 		assert.Equal(t, strings.TrimSpace(displayName), displayName)

  324. 		if len(strings.TrimSpace(user.FullName)) == 0 {

  325. 			assert.Equal(t, user.Name, displayName)

  326. 		}

  327. 		assert.NotEqual(t, len(strings.TrimSpace(displayName)), 0)

  328. 	}

  329. }

  330. 

  331. func TestCreateUser(t *testing.T) {

  332. 	user := &User{

  333. 		Name:               "GiteaBot",

  334. 		Email:              "GiteaBot@gitea.io",

  335. 		Passwd:             ";p['////..-++']",

  336. 		IsAdmin:            false,

  337. 		Theme:              setting.UI.DefaultTheme,

  338. 		MustChangePassword: false,

  339. 	}

  340. 

  341. 	assert.NoError(t, CreateUser(user))

  342. 

  343. 	assert.NoError(t, DeleteUser(user))

  344. }

  345. 

  346. func TestCreateUser_Issue5882(t *testing.T) {

  347. 

  348. 	// Init settings

  349. 	_ = setting.Admin

  350. 

  351. 	passwd := ".//.;1;;//.,-=_"

  352. 

  353. 	tt := []struct {

  354. 		user               *User

  355. 		disableOrgCreation bool

  356. 	}{

  357. 		{&User{Name: "GiteaBot", Email: "GiteaBot@gitea.io", Passwd: passwd, MustChangePassword: false}, false},

  358. 		{&User{Name: "GiteaBot2", Email: "GiteaBot2@gitea.io", Passwd: passwd, MustChangePassword: false}, true},

  359. 	}

  360. 

  361. 	setting.Service.DefaultAllowCreateOrganization = true

  362. 

  363. 	for _, v := range tt {

  364. 		setting.Admin.DisableRegularOrgCreation = v.disableOrgCreation

  365. 

  366. 		assert.NoError(t, CreateUser(v.user))

  367. 

  368. 		u, err := GetUserByEmail(v.user.Email)

  369. 		assert.NoError(t, err)

  370. 

  371. 		assert.Equal(t, !u.AllowCreateOrganization, v.disableOrgCreation)

  372. 

  373. 		assert.NoError(t, DeleteUser(v.user))

  374. 	}

  375. }
上海开阖软件有限公司 沪ICP备12045867号-1