package admin import ( "errors" "fmt" "io/fs" "io/ioutil" "os" "path/filepath" "strings" "testing" "gopkg.in/ini.v1" ) func TestCasbinPolicies(t *testing.T) { roleName := "mr:role" repoName := "myrepo" pRO := &Permission{ Role: roleName, Mode: 0, } pW := &Permission{ Role: "my:admin", Mode: 1, } t.Run("test read only policies", func(t *testing.T) { roPolicies := readOnlyPaths(roleName, repoName) for _, v := range roPolicies { if v[0] != roleName { t.Fatalf("Missing rolename in policy %s %s", v[0], v[1]) } } if roPolicies[0][1] != fmt.Sprintf("/%s/info/refs", repoName) { t.Fatal("missing info/refs policy") } if roPolicies[1][1] != fmt.Sprintf("/%s/git-upload-pack", repoName) { t.Fatal("missing git-upload-pack policy") } if roPolicies[0][2] != "GET" { t.Fatal("missing info/refs policy") } if roPolicies[1][2] != "POST" { t.Fatal("missing git-upload-pack policy") } }) t.Run("testing write policies", func(t *testing.T) { wPolicies := writePaths(roleName, repoName) if wPolicies[0][0] != roleName { t.Fatal("Role name doesn't match") } if wPolicies[0][1] != fmt.Sprintf("/%s/git-recieve-pack", repoName) { t.Fatal("Policy missing write path") } }) t.Run("testing mode build policies", func(t *testing.T) { rOPolicy := pRO.Policy(roleName) wPolicy := pW.Policy(roleName) if len(rOPolicy) != 2 { t.Fatal("Didn't provide correct number of read policies") } if len(wPolicy) != 3 { t.Fatal("Didn't provide correct number of write policies") } }) t.Run("testing repo level policies", func(t *testing.T) { repo := &GitRepo{ Permissions: []*Permission{pRO, pW}, } policies := repo.CasbinPolicies() if len(policies) != 5 { t.Fatal("Repo was expected to have 5 policies generated") } }) } func TestConfigReconcile(t *testing.T) { tempDir := t.TempDir() defer os.RemoveAll(tempDir) // make "fake" repo testRepo := filepath.Join(tempDir, "testrepo.git") testConf := filepath.Join(testRepo, "config") os.Mkdir(testRepo, 0750) f, err := os.Create(filepath.Join(testRepo, "config")) if err != nil { t.Fatalf("couldn't create testdir, %s", err) } f.Close() repo := &GitRepo{ Public: true, Name: "testrepo", } t.Run("test add gitweb section and remove it", func(t *testing.T) { // make "fake" repo gw := &GitWeb{ "owner", "description", "category", "url", } gw.ReconcileGitConf(testRepo) cfg, err := ini.Load(testConf) if err != nil { t.Fatalf("an error occured loading config %s", err) } if !cfg.HasSection("gitweb") { t.Fatalf("reconciler conf didn't have a section `gitweb`") } section := cfg.Section("gitweb") for _, v := range []string{"owner", "description", "category", "url"} { val := section.Key(v).Value() if val != v { t.Fatalf("expected %s found %s", v, val) } } // flip public repo status emptyGitWeb := &GitWeb{} emptyGitWeb.ReconcileGitConf(testRepo) emptyCfg, err := ini.Load(testConf) if emptyCfg.HasSection("gitweb") { t.Fatalf("reconciler conf didn't remove section `gitweb`") } }) t.Run("test magic export file is created", func(t *testing.T) { exportPath := filepath.Join(testRepo, GitExportMagic) repo.ConfigureExport(testRepo) _, err := os.Stat(exportPath) if errors.Is(err, fs.ErrNotExist) { t.Fatal("expected export file to exist, but does not exist") } if err != nil { t.Fatalf("encountered an error %s", err) } // copy repo pvtRepo := repo pvtRepo.Public = false pvtRepo.ConfigureExport(testRepo) if _, err := os.Stat(exportPath); err == nil { t.Fatal("expected export file exist, but does not exist") } }) } func TestRepoReconcile(t *testing.T) { tempDir := t.TempDir() print(tempDir) // defer os.RemoveAll(tempDir) repo := &GitRepo{ Public: true, Name: "testrepo", GitWebConfig: &GitWeb{ "owner", "description", "category", "url", }, } repoPath := filepath.Join(tempDir, fmt.Sprintf("%s.git", repo.Name)) repo.ReconcileRepo(tempDir) if _, err := os.Stat(repoPath); errors.Is(err, fs.ErrNotExist) { t.Fatal("expected repo to be created, but does not exist") } defaultFile := []byte(` [core] bare = true `) // write the base config to repo tempConfigFile := filepath.Join(repoPath, "config") ioutil.WriteFile(tempConfigFile, defaultFile, 0644) // re-reconcile repo.ReconcileRepo(tempDir) content, err := ioutil.ReadFile(tempConfigFile) if err != nil { t.Fatal(err) } // check if description is in the file if !strings.Contains(string(content), "description") { t.Fatal("expected to find 'description' in config, didn't found", string(content)) } gitExportMagicPath := filepath.Join(tempDir, fmt.Sprintf("%s.git", repo.Name), GitExportMagic) if _, err := os.Stat(gitExportMagicPath); errors.Is(err, fs.ErrNotExist) { t.Fatal("expected git export magic to be created, but does not exist") } // Test that repo is switched back to private repo.Public = false // re-write the base config to repo ioutil.WriteFile(tempConfigFile, defaultFile, 0644) // re-reconcile repo.ReconcileRepo(tempDir) // check if description is *NOT* in the file if !strings.Contains(string(content), "description") { t.Fatal("expected to *NOT* find 'description' in config, didn't found", string(content)) } // make sure export is removed if _, err := os.Stat(gitExportMagicPath); !errors.Is(err, fs.ErrNotExist) { t.Fatal("expected git export magic to not exist, but *does* exist") } }