Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-02-22 06:26:56 +01:00
Code Issues Packages Projects Releases Activity

add permission check to hal links for tags

Browse Source
This commit is contained in:
Konstantin Schaper
2020-11-30 15:25:29 +01:00
parent f575e038ec
commit e18480ad2b
9 changed files with 89 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
scm-webapp/src/test/java/sonia/scm/api/v2/resources/TagToTagDtoMapperTest.java
View File

@@ -24,11 +24,19 @@
package sonia.scm.api.v2.resources;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;
import sonia.scm.repository.NamespaceAndName;
import sonia.scm.repository.Repository;
import sonia.scm.repository.RepositoryTestData;
import sonia.scm.repository.Signature;
import sonia.scm.repository.SignatureStatus;
import sonia.scm.repository.Tag;
@@ -38,6 +46,7 @@ import java.time.Instant;
import java.util.Collections;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.when;
@ExtendWith(MockitoExtension.class)
class TagToTagDtoMapperTest {
@@ -48,6 +57,19 @@ class TagToTagDtoMapperTest {
@InjectMocks
private TagToTagDtoMapperImpl mapper;
@Mock
private Subject subject;
@BeforeEach
void setupSubject() {
ThreadContext.bind(subject);
}
@AfterEach
void tearDown() {
ThreadContext.unbindSubject();
}
@Test
void shouldAppendLinks() {
HalEnricherRegistry registry = new HalEnricherRegistry();
@@ -58,20 +80,20 @@ class TagToTagDtoMapperTest {
});
mapper.setRegistry(registry);
TagDto dto = mapper.map(new Tag("1.0.0", "42"), new NamespaceAndName("hitchhiker", "hog"));
TagDto dto = mapper.map(new Tag("1.0.0", "42"), new NamespaceAndName("hitchhiker", "hog"), RepositoryTestData.createHeartOfGold());
assertThat(dto.getLinks().getLinkBy("yo").get().getHref()).isEqualTo("http://hitchhiker/hog/1.0.0");
}
@Test
void shouldMapDate() {
final long now = Instant.now().getEpochSecond() * 1000;
TagDto dto = mapper.map(new Tag("1.0.0", "42", now), new NamespaceAndName("hitchhiker", "hog"));
TagDto dto = mapper.map(new Tag("1.0.0", "42", now), new NamespaceAndName("hitchhiker", "hog"), RepositoryTestData.createHeartOfGold());
assertThat(dto.getDate()).isEqualTo(Instant.ofEpochMilli(now));
}
@Test
void shouldContainSignatureArray() {
TagDto dto = mapper.map(new Tag("1.0.0", "42"), new NamespaceAndName("hitchhiker", "hog"));
TagDto dto = mapper.map(new Tag("1.0.0", "42"), new NamespaceAndName("hitchhiker", "hog"), RepositoryTestData.createHeartOfGold());
assertThat(dto.getSignatures()).isNotNull();
}
@@ -79,21 +101,30 @@ class TagToTagDtoMapperTest {
void shouldMapSignatures() {
final Tag tag = new Tag("1.0.0", "42");
tag.addSignature(new Signature("29v391239v", "gpg", SignatureStatus.VERIFIED, "me", Collections.emptySet()));
TagDto dto = mapper.map(tag, new NamespaceAndName("hitchhiker", "hog"));
TagDto dto = mapper.map(tag, new NamespaceAndName("hitchhiker", "hog"), RepositoryTestData.createHeartOfGold());
assertThat(dto.getSignatures()).isNotEmpty();
}
@Test
void shouldAddDeleteLinksByDefault() {
void shouldAddDeleteLink() {
Repository repository = RepositoryTestData.createHeartOfGold();
when(subject.isPermitted("repository:push:" + repository.getId())).thenReturn(true);
final Tag tag = new Tag("1.0.0", "42");
TagDto dto = mapper.map(tag, new NamespaceAndName("hitchhiker", "hog"));
TagDto dto = mapper.map(tag, new NamespaceAndName(repository.getNamespace(), repository.getName()), repository);
assertThat(dto.getLinks().getLinkBy("delete")).isNotEmpty();
}
@Test
void shouldNotAddDeleteLinkIfPermissionsAreMissing() {
final Tag tag = new Tag("1.0.0", "42");
TagDto dto = mapper.map(tag, new NamespaceAndName("hitchhiker", "hog"), RepositoryTestData.createHeartOfGold());
assertThat(dto.getLinks().getLinkBy("delete")).isEmpty();
}
@Test
void shouldNotAddDeleteLinksForUndeletableTags() {
final Tag tag = new Tag("1.0.0", "42", null, false);
TagDto dto = mapper.map(tag, new NamespaceAndName("hitchhiker", "hog"));
TagDto dto = mapper.map(tag, new NamespaceAndName("hitchhiker", "hog"), RepositoryTestData.createHeartOfGold());
assertThat(dto.getLinks().getLinkBy("delete")).isEmpty();
}