1
0
Fork 0
forgejo/models/user/user_test.go

580 lines
19 KiB
Go
Raw Normal View History

// Copyright 2017 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package user_test
import (
"context"
"fmt"
"math/rand"
"strings"
"testing"
"time"
2022-01-02 08:12:35 -05:00
"code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/auth/password/hash"
"code.gitea.io/gitea/modules/container"
"code.gitea.io/gitea/modules/optional"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/timeutil"
"github.com/stretchr/testify/assert"
)
func TestOAuth2Application_LoadUser(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
app := unittest.AssertExistsAndLoadBean(t, &auth.OAuth2Application{ID: 1})
user, err := user_model.GetUserByID(db.DefaultContext, app.UID)
assert.NoError(t, err)
assert.NotNil(t, user)
}
func TestGetUserEmailsByNames(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
// ignore none active user email
assert.ElementsMatch(t, []string{"user8@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "user9"}))
assert.ElementsMatch(t, []string{"user8@example.com", "user5@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "user5"}))
assert.ElementsMatch(t, []string{"user8@example.com"}, user_model.GetUserEmailsByNames(db.DefaultContext, []string{"user8", "org7"}))
}
func TestCanCreateOrganization(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
admin := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
assert.True(t, admin.CanCreateOrganization())
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
assert.True(t, user.CanCreateOrganization())
// Disable user create organization permission.
user.AllowCreateOrganization = false
assert.False(t, user.CanCreateOrganization())
setting.Admin.DisableRegularOrgCreation = true
user.AllowCreateOrganization = true
assert.True(t, admin.CanCreateOrganization())
assert.False(t, user.CanCreateOrganization())
}
func TestSearchUsers(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
testSuccess := func(opts *user_model.SearchUserOptions, expectedUserOrOrgIDs []int64) {
users, _, err := user_model.SearchUsers(db.DefaultContext, opts)
assert.NoError(t, err)
cassText := fmt.Sprintf("ids: %v, opts: %v", expectedUserOrOrgIDs, opts)
if assert.Len(t, users, len(expectedUserOrOrgIDs), "case: %s", cassText) {
for i, expectedID := range expectedUserOrOrgIDs {
assert.EqualValues(t, expectedID, users[i].ID, "case: %s", cassText)
}
}
}
// test orgs
testOrgSuccess := func(opts *user_model.SearchUserOptions, expectedOrgIDs []int64) {
opts.Type = user_model.UserTypeOrganization
testSuccess(opts, expectedOrgIDs)
}
testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1, PageSize: 2}},
[]int64{3, 6})
testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 2, PageSize: 2}},
[]int64{7, 17})
testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 3, PageSize: 2}},
[]int64{19, 25})
testOrgSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 4, PageSize: 2}},
[]int64{26, 41})
testOrgSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 5, PageSize: 2}},
[]int64{})
// test users
testUserSuccess := func(opts *user_model.SearchUserOptions, expectedUserIDs []int64) {
opts.Type = user_model.UserTypeIndividual
testSuccess(opts, expectedUserIDs)
}
testUserSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}},
[]int64{1, 2, 4, 5, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24, 27, 28, 29, 30, 32, 34, 37, 38, 39, 40})
testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(false)},
[]int64{9})
testUserSuccess(&user_model.SearchUserOptions{OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
[]int64{1, 2, 4, 5, 8, 10, 11, 12, 13, 14, 15, 16, 18, 20, 21, 24, 27, 28, 29, 30, 32, 34, 37, 38, 39, 40})
testUserSuccess(&user_model.SearchUserOptions{Keyword: "user1", OrderBy: "id ASC", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})
// order by name asc default
testUserSuccess(&user_model.SearchUserOptions{Keyword: "user1", ListOptions: db.ListOptions{Page: 1}, IsActive: optional.Some(true)},
[]int64{1, 10, 11, 12, 13, 14, 15, 16, 18})
testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsAdmin: optional.Some(true)},
[]int64{1})
testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsRestricted: optional.Some(true)},
[]int64{29})
testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsProhibitLogin: optional.Some(true)},
[]int64{37})
testUserSuccess(&user_model.SearchUserOptions{ListOptions: db.ListOptions{Page: 1}, IsTwoFactorEnabled: optional.Some(true)},
[]int64{24})
}
func TestEmailNotificationPreferences(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
for _, test := range []struct {
expected string
userID int64
}{
{user_model.EmailNotificationsEnabled, 1},
{user_model.EmailNotificationsEnabled, 2},
{user_model.EmailNotificationsOnMention, 3},
{user_model.EmailNotificationsOnMention, 4},
{user_model.EmailNotificationsEnabled, 5},
{user_model.EmailNotificationsEnabled, 6},
{user_model.EmailNotificationsDisabled, 7},
{user_model.EmailNotificationsEnabled, 8},
{user_model.EmailNotificationsOnMention, 9},
} {
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: test.userID})
assert.Equal(t, test.expected, user.EmailNotificationsPreference)
}
}
func TestHashPasswordDeterministic(t *testing.T) {
b := make([]byte, 16)
u := &user_model.User{}
algos := hash.RecommendedHashAlgorithms
for j := 0; j < len(algos); j++ {
u.PasswdHashAlgo = algos[j]
for i := 0; i < 50; i++ {
// generate a random password
rand.Read(b)
pass := string(b)
// save the current password in the user - hash it and store the result
u.SetPassword(pass)
r1 := u.Passwd
// run again
u.SetPassword(pass)
r2 := u.Passwd
assert.NotEqual(t, r1, r2)
assert.True(t, u.ValidatePassword(pass))
}
}
}
func BenchmarkHashPassword(b *testing.B) {
// BenchmarkHashPassword ensures that it takes a reasonable amount of time
// to hash a password - in order to protect from brute-force attacks.
pass := "password1337"
u := &user_model.User{Passwd: pass}
b.ResetTimer()
for i := 0; i < b.N; i++ {
u.SetPassword(pass)
}
}
func TestNewGitSig(t *testing.T) {
users := make([]*user_model.User, 0, 20)
err := db.GetEngine(db.DefaultContext).Find(&users)
assert.NoError(t, err)
for _, user := range users {
sig := user.NewGitSig()
assert.NotContains(t, sig.Name, "<")
assert.NotContains(t, sig.Name, ">")
assert.NotContains(t, sig.Name, "\n")
assert.NotEqual(t, len(strings.TrimSpace(sig.Name)), 0)
}
}
func TestDisplayName(t *testing.T) {
users := make([]*user_model.User, 0, 20)
err := db.GetEngine(db.DefaultContext).Find(&users)
assert.NoError(t, err)
for _, user := range users {
displayName := user.DisplayName()
assert.Equal(t, strings.TrimSpace(displayName), displayName)
if len(strings.TrimSpace(user.FullName)) == 0 {
assert.Equal(t, user.Name, displayName)
}
assert.NotEqual(t, len(strings.TrimSpace(displayName)), 0)
}
}
func TestCreateUserInvalidEmail(t *testing.T) {
user := &user_model.User{
Name: "GiteaBot",
Email: "GiteaBot@gitea.io\r\n",
Passwd: ";p['////..-++']",
IsAdmin: false,
Theme: setting.UI.DefaultTheme,
MustChangePassword: false,
}
err := user_model.CreateUser(db.DefaultContext, user)
assert.Error(t, err)
assert.True(t, user_model.IsErrEmailCharIsNotSupported(err))
}
func TestCreateUserEmailAlreadyUsed(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
// add new user with user2's email
user.Name = "testuser"
user.LowerName = strings.ToLower(user.Name)
user.ID = 0
err := user_model.CreateUser(db.DefaultContext, user)
assert.Error(t, err)
assert.True(t, user_model.IsErrEmailAlreadyUsed(err))
}
func TestCreateUserCustomTimestamps(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
// Add new user with a custom creation timestamp.
var creationTimestamp timeutil.TimeStamp = 12345
user.Name = "testuser"
user.LowerName = strings.ToLower(user.Name)
user.ID = 0
user.Email = "unique@example.com"
user.CreatedUnix = creationTimestamp
err := user_model.CreateUser(db.DefaultContext, user)
assert.NoError(t, err)
fetched, err := user_model.GetUserByID(context.Background(), user.ID)
assert.NoError(t, err)
assert.Equal(t, creationTimestamp, fetched.CreatedUnix)
assert.Equal(t, creationTimestamp, fetched.UpdatedUnix)
}
func TestCreateUserWithoutCustomTimestamps(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
// There is no way to use a mocked time for the XORM auto-time functionality,
// so use the real clock to approximate the expected timestamp.
timestampStart := time.Now().Unix()
// Add new user without a custom creation timestamp.
user.Name = "Testuser"
user.LowerName = strings.ToLower(user.Name)
user.ID = 0
user.Email = "unique@example.com"
user.CreatedUnix = 0
user.UpdatedUnix = 0
err := user_model.CreateUser(db.DefaultContext, user)
assert.NoError(t, err)
timestampEnd := time.Now().Unix()
fetched, err := user_model.GetUserByID(context.Background(), user.ID)
assert.NoError(t, err)
assert.LessOrEqual(t, timestampStart, fetched.CreatedUnix)
assert.LessOrEqual(t, fetched.CreatedUnix, timestampEnd)
assert.LessOrEqual(t, timestampStart, fetched.UpdatedUnix)
assert.LessOrEqual(t, fetched.UpdatedUnix, timestampEnd)
}
func TestGetUserIDsByNames(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
// ignore non existing
IDs, err := user_model.GetUserIDsByNames(db.DefaultContext, []string{"user1", "user2", "none_existing_user"}, true)
assert.NoError(t, err)
assert.Equal(t, []int64{1, 2}, IDs)
// ignore non existing
IDs, err = user_model.GetUserIDsByNames(db.DefaultContext, []string{"user1", "do_not_exist"}, false)
assert.Error(t, err)
assert.Equal(t, []int64(nil), IDs)
}
func TestGetMaileableUsersByIDs(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
results, err := user_model.GetMaileableUsersByIDs(db.DefaultContext, []int64{1, 4}, false)
assert.NoError(t, err)
assert.Len(t, results, 1)
if len(results) > 1 {
assert.Equal(t, results[0].ID, 1)
}
results, err = user_model.GetMaileableUsersByIDs(db.DefaultContext, []int64{1, 4}, true)
assert.NoError(t, err)
assert.Len(t, results, 2)
if len(results) > 2 {
assert.Equal(t, results[0].ID, 1)
assert.Equal(t, results[1].ID, 4)
}
}
func TestNewUserRedirect(t *testing.T) {
// redirect to a completely new name
assert.NoError(t, unittest.PrepareTestDatabase())
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
assert.NoError(t, user_model.NewUserRedirect(db.DefaultContext, user.ID, user.Name, "newusername"))
unittest.AssertExistsAndLoadBean(t, &user_model.Redirect{
LowerName: user.LowerName,
RedirectUserID: user.ID,
})
unittest.AssertExistsAndLoadBean(t, &user_model.Redirect{
LowerName: "olduser1",
RedirectUserID: user.ID,
})
}
func TestNewUserRedirect2(t *testing.T) {
// redirect to previously used name
assert.NoError(t, unittest.PrepareTestDatabase())
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
assert.NoError(t, user_model.NewUserRedirect(db.DefaultContext, user.ID, user.Name, "olduser1"))
unittest.AssertExistsAndLoadBean(t, &user_model.Redirect{
LowerName: user.LowerName,
RedirectUserID: user.ID,
})
unittest.AssertNotExistsBean(t, &user_model.Redirect{
LowerName: "olduser1",
RedirectUserID: user.ID,
})
}
func TestNewUserRedirect3(t *testing.T) {
// redirect for a previously-unredirected user
assert.NoError(t, unittest.PrepareTestDatabase())
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
assert.NoError(t, user_model.NewUserRedirect(db.DefaultContext, user.ID, user.Name, "newusername"))
unittest.AssertExistsAndLoadBean(t, &user_model.Redirect{
LowerName: user.LowerName,
RedirectUserID: user.ID,
})
}
func TestGetUserByOpenID(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
_, err := user_model.GetUserByOpenID(db.DefaultContext, "https://unknown")
if assert.Error(t, err) {
assert.True(t, user_model.IsErrUserNotExist(err))
}
user, err := user_model.GetUserByOpenID(db.DefaultContext, "https://user1.domain1.tld")
if assert.NoError(t, err) {
assert.Equal(t, int64(1), user.ID)
}
user, err = user_model.GetUserByOpenID(db.DefaultContext, "https://domain1.tld/user2/")
if assert.NoError(t, err) {
assert.Equal(t, int64(2), user.ID)
}
}
func TestFollowUser(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
testSuccess := func(followerID, followedID int64) {
assert.NoError(t, user_model.FollowUser(db.DefaultContext, followerID, followedID))
unittest.AssertExistsAndLoadBean(t, &user_model.Follow{UserID: followerID, FollowID: followedID})
}
testSuccess(4, 2)
testSuccess(5, 2)
assert.NoError(t, user_model.FollowUser(db.DefaultContext, 2, 2))
[MODERATION] User blocking - Add the ability to block a user via their profile page. - This will unstar their repositories and visa versa. - Blocked users cannot create issues or pull requests on your the doer's repositories (mind that this is not the case for organizations). - Blocked users cannot comment on the doer's opened issues or pull requests. - Blocked users cannot add reactions to doer's comments. - Blocked users cannot cause a notification trough mentioning the doer. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/540 (cherry picked from commit 687d852480388897db4d7b0cb397cf7135ab97b1) (cherry picked from commit 0c32a4fde531018f74e01d9db6520895fcfa10cc) (cherry picked from commit 1791130e3cb8470b9b39742e0004d5e4c7d1e64d) (cherry picked from commit 37858b7e8fb6ba6c6ea0ac2562285b3b144efa19) (cherry picked from commit a3e2bfd7e9eab82cc2c17061f6bb4e386a108c46) (cherry picked from commit 7009b9fe87696b6182fab65ae82bf5a25cd39971) Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014 routers/web/user/profile.go templates/user/profile.tmpl (cherry picked from commit b2aec3479177e725cfc7cbbb9d94753226928d1c) (cherry picked from commit e2f1b73752f6bd3f830297d8f4ac438837471226) [MODERATION] organization blocking a user (#802) - Resolves #476 - Follow up for: #540 - Ensure that the doer and blocked person cannot follow each other. - Ensure that the block person cannot watch doer's repositories. - Add unblock button to the blocked user list. - Add blocked since information to the blocked user list. - Add extra testing to moderation code. - Blocked user will unwatch doer's owned repository upon blocking. - Add flash messages to let the user know the block/unblock action was successful. - Add "You haven't blocked any users" message. - Add organization blocking a user. Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/802 (cherry picked from commit 0505a1042197bd9136b58bc70ec7400a23471585) (cherry picked from commit 37b4e6ef9b85e97d651cf350c9f3ea272ee8d76a) (cherry picked from commit c17c121f2cf1f00e2a8d6fd6847705df47d0771e) [MODERATION] organization blocking a user (#802) (squash) Changes to adapt to: 6bbccdd177 Improve AJAX link and modal confirm dialog (#25210) Refs: https://codeberg.org/forgejo/forgejo/pulls/882/files#issuecomment-945962 Refs: https://codeberg.org/forgejo/forgejo/pulls/882#issue-330561 (cherry picked from commit 523635f83cb2a1a4386769b79326088c5c4bbec7) (cherry picked from commit 4743eaa6a0be0ef47de5b17c211dfe8bad1b7af9) (cherry picked from commit eff5b43d2e843d5d537756d4fa58a8a010b6b527) Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014 routers/web/user/profile.go (cherry picked from commit 9d359be5ed11237088ccf6328571939af814984e) (cherry picked from commit b1f3069a22a03734cffbfcd503ce004ba47561b7) [MODERATION] add user blocking API - Follow up for: #540, #802 - Add API routes for user blocking from user and organization perspective. - The new routes have integration testing. - The new model functions have unit tests. - Actually quite boring to write and to read this pull request. (cherry picked from commit f3afaf15c7e34038363c9ce8e1ef957ec1e22b06) (cherry picked from commit 6d754db3e5faff93a58fab2867737f81f40f6599) (cherry picked from commit 2a89ddc0acffa9aea0f02b721934ef9e2b496a88) (cherry picked from commit 4a147bff7e963ab9dffcfaefa5c2c01c59b4c732) Conflicts: routers/api/v1/api.go templates/swagger/v1_json.tmpl (cherry picked from commit bb8c33918569f65f25b014f0d7fe6ac20f9036fc) (cherry picked from commit 5a11569a011b7d0a14391e2b5c07d0af825d7b0e) (cherry picked from commit 2373c801ee6b84c368b498b16e6ad18650b38f42) [MODERATION] restore redirect on unblock ctx.RedirectToFirst(ctx.FormString("redirect_to"), ctx.ContextUser.HomeLink()) was replaced by ctx.JSONOK() in 128d77a3a Following up fixes for "Fix inconsistent user profile layout across tabs" (#25739) thus changing the behavior (nicely spotted by the tests). This restores it. (cherry picked from commit 597c243707c3c86e7256faf1e6ba727224554de3) (cherry picked from commit cfa539e590127b4b953b010fba3dea21c82a1714) [MODERATION] Add test case (squash) - Add an test case, to test an property of the function. (cherry picked from commit 70dadb1916bfef8ba8cbc4e9b042cc8740f45e28) [MODERATION] Block adding collaborators - Ensure that the doer and blocked user cannot add each other as collaborators to repositories. - The Web UI gets an detailed message of the specific situation, the API gets an generic Forbidden code. - Unit tests has been added. - Integration testing for Web and API has been added. - This commit doesn't introduce removing each other as collaborators on the block action, due to the complexity of database calls that needs to be figured out. That deserves its own commit and test code. (cherry picked from commit 747be949a1b3cd06f6586512f1af4630e55d7ad4) [MODERATION] move locale_en-US.ini strings to avoid conflicts Conflicts: web_src/css/org.css web_src/css/user.css https://codeberg.org/forgejo/forgejo/pulls/1180 (cherry picked from commit e53f955c888ebaafc863a6e463da87f70f5605da) Conflicts: services/issue/comments.go https://codeberg.org/forgejo/forgejo/pulls/1212 (cherry picked from commit b4a454b576eee0c7738b2f7df1acaf5bf7810d12) Conflicts: models/forgejo_migrations/migrate.go options/locale/locale_en-US.ini services/pull/pull.go https://codeberg.org/forgejo/forgejo/pulls/1264 [MODERATION] Remove blocked user collaborations with doer - When the doer blocks an user, who is also an collaborator on an repository that the doer owns, remove that collaboration. - Added unit tests. - Refactor the unit test to be more organized. (cherry picked from commit ec8701617830152680d69d50d64cb43cc2054a89) (cherry picked from commit 313e6174d832501c57724ae7a6285194b7b81aab) [MODERATION] QoL improvements (squash) - Ensure that organisations cannot be blocked. It currently has no effect, as all blocked operations cannot be executed from an organisation standpoint. - Refactored the API route to make use of the `UserAssignmentAPI` middleware. - Make more use of `t.Run` so that the test code is more clear about which block of code belongs to which test case. - Added more integration testing (to ensure the organisations cannot be blocked and some authorization/permission checks). (cherry picked from commit e9d638d0756ee20b6bf1eb999c988533a5066a68) [MODERATION] s/{{avatar/{{ctx.AvatarUtils.Avatar/ (cherry picked from commit ce8b30be1327ab98df2ba061dd7e2a278b278c5b) (cherry picked from commit f911dc402508b04cd5d5fb2f3332c2d640e4556e) Conflicts: options/locale/locale_en-US.ini https://codeberg.org/forgejo/forgejo/pulls/1354 (cherry picked from commit c1b37b7fdaf06ee60da341dff76d703990c08082) (cherry picked from commit 856a2e09036adf56d987c6eee364c431bc37fb2e) [MODERATION] Show graceful error on comment creation - When someone is blocked by the repository owner or issue poster and try to comment on that issue, they get shown a graceful error. - Adds integration test. (cherry picked from commit 490646302e1e3dc3c59c9d75938b4647b6873ce7) (cherry picked from commit d3d88667cbb928a6ff80658eba8ef0c6c508c9e0) (cherry picked from commit 6818de13a921753e082b7c3d64c23917cc884e4b) [MODERATION] Show graceful error on comment creation (squash) typo (cherry picked from commit 1588d4834a37a744f092f2aeea6c9ef4795d7356) (cherry picked from commit d510ea52d091503e841d66f2f604348add8b4535) (cherry picked from commit 8249e93a14f628bb0e89fe3be678e4966539944e) [MODERATION] Refactor integration testing (squash) - Motivation for this PR is that I'd noticed that a lot of repeated calls are happening between the test functions and that certain tests weren't using helper functions like `GetCSRF`, therefor this refactor of the integration tests to keep it: clean, small and hopefully more maintainable and understandable. - There are now three integration tests: `TestBlockUser`, `TestBlockUserFromOrganization` and `TestBlockActions` (and has been moved in that order in the source code). - `TestBlockUser` is for doing blocking related actions as an user and `TestBlockUserFromOrganization` as an organisation, even though they execute the same kind of tests they do not share any database calls or logic and therefor it currently doesn't make sense to merge them together (hopefully such oppurtinutiy might be presented in the future). - `TestBlockActions` now contain all tests for actions that should be blocked after blocking has happened, most tests now share the same doer and blocked users and a extra fixture has been added to make this possible for the comment test. - Less code, more comments and more re-use between tests. (cherry picked from commit ffb393213d2f1269aad3c019d039cf60d0fe4b10) (cherry picked from commit 85505e0f815fede589c272d301c95204f9596985) (cherry picked from commit 0f3cf17761f6caedb17550f69de96990c2090af1) [MODERATION] Fix network error (squash) - Fix network error toast messages on user actions such as follow and unfollow. This happened because the javascript code now expects an JSON to be returned, but this wasn't the case due to cfa539e590127b4953b010fba3dea21c82a1714. - The integration testing has been adjusted to instead test for the returned flash cookie. (cherry picked from commit 112bc25e548d317a4ee00f9efa9068794a733e3b) (cherry picked from commit 1194fe4899eb39dcb9a2410032ad0cc67a62b92b) (cherry picked from commit 9abb95a8441e227874fe156095349a3173cc5a81) [MODERATION] Modernize frontend (squash) - Unify blocked users list. - Use the new flex list classes for blocked users list to avoid using the CSS helper classes and thereby be consistent in the design. - Fix the modal by using the new modal class. - Remove the icon in the modal as looks too big in the new design. - Fix avatar not displaying as it was passing the context where the user should've been passed. - Don't use italics for 'Blocked since' text. - Use namelink template to display the user's name and homelink. (cherry picked from commit ec935a16a319b14e819ead828d1d9875280d9259) (cherry picked from commit 67f37c83461aa393c53a799918e9708cb9b89b30) Conflicts: models/user/follow.go models/user/user_test.go routers/api/v1/user/follower.go routers/web/shared/user/header.go routers/web/user/profile.go templates/swagger/v1_json.tmpl https://codeberg.org/forgejo/forgejo/pulls/1468 (cherry picked from commit 6a9626839c6342cd2767ea12757ee2f78eaf443b) Conflicts: tests/integration/api_nodeinfo_test.go https://codeberg.org/forgejo/forgejo/pulls/1508#issuecomment-1242385 (cherry picked from commit 7378b251b481ed1e60e816caf8f649e8397ee5fc) Conflicts: models/fixtures/watch.yml models/issues/reaction.go models/issues/reaction_test.go routers/api/v1/repo/issue_reaction.go routers/web/repo/issue.go services/issue/issue.go https://codeberg.org/forgejo/forgejo/pulls/1547 (cherry picked from commit c2028930c101223820de0bbafc318e9394c347b8) (cherry picked from commit d3f9134aeeef784586e8412e8dbba0a8fceb0cd4) (cherry picked from commit 7afe154c5c40bcc65accdf51c9224b2f7627a684) (cherry picked from commit 99ac7353eb1e834a77fe42aa89208791cc2364ff) (cherry picked from commit a9cde00c5c25ea8c427967cb7ab57abb618e44cb) Conflicts: services/user/delete.go https://codeberg.org/forgejo/forgejo/pulls/1736 (cherry picked from commit 008c0cc63d1a3b8eb694bffbf77a7b25c56afd57) [DEADCODE] add exceptions (cherry picked from commit 12ddd2b10e3309f6430b0af42855c6af832832ee) [MODERATION] Remove deadcode (squash) - Remove deadcode that's no longer used by Forgejo. (cherry picked from commit 0faeab4fa9b0aa59f86760b24ecbc07815026c82) [MODERATION] Add repo transfers to blocked functionality (squash) - When someone gets blocked, remove all pending repository transfers from the blocked user to the doer. - Do not allow to start transferring repositories to the doer as blocked user. - Added unit testing. - Added integration testing. (cherry picked from commit 8a3caac33013482ddbee2fa51510c6918ba54466) (cherry picked from commit a92b4cfeb63b90eb2d90d0feb51cec62e0502d84) (cherry picked from commit acaaaf07d999974dbe5f9c5e792621c597bfb542) (cherry picked from commit 735818863c1793aa6f6983afedc4bd3b36026ca5) (cherry picked from commit f50fa43b32160d0d88eca1dbdca09b5f575fb62b) (cherry picked from commit e16683643388fb3c60ea478f1419a6af4f4aa283) (cherry picked from commit 82a0e4a3814a66ce44be6a031bdf08484586c61b) (cherry picked from commit ff233c19c4a5edcc2b99a6f41a2d19dbe8c08b3b) (cherry picked from commit 8ad87d215f2b6adb978de77e53ba2bf7ea571430) [MODERATION] Fix unblock action (squash) - Pass the whole context instead of only giving pieces. - This fixes CSRF not correctly being inserted into the unblock buttons. (cherry picked from commit 2aa51922ba6a0ea2f8644277baa74fc8f34ab95a) (cherry picked from commit 7ee8db0f018340bc97f125415503e3e5db5f5082) (cherry picked from commit e4f8b999bcd3b68b3ef7f54f5b17c3ada0308121) (cherry picked from commit 05aea60b1302bbd3ea574a9c6c34e1005a5d73bf) (cherry picked from commit dc0d61b012cfaf2385f71e97cda5f220b58b9fa4) (cherry picked from commit f53fa583de671ff60a0a1d0f3ab8c260e1ba4e1f) (cherry picked from commit c65b89a58d11b32009c710c2f5e75f0cd3539395) (cherry picked from commit 69e50b9969db3ab71cefaed520757876a9629a5c) (cherry picked from commit ec127440b86cb5fcf51799d8bd76a9fd6b9cebcc) [MODERATION] cope with shared fixtures * There is one more issue in the fixtures and this breaks some tests * The users in the shared fixtures were renamed for clarity and that breaks some tests (cherry picked from commit 707a4edbdf67d0eb168d7bb430cf85dd8cd63c52) Conflicts: modules/indexer/issues/indexer_test.go https://codeberg.org/forgejo/forgejo/pulls/1508 (cherry picked from commit 82cc044366c749df80ffad44eed2988b8e64211e) (cherry picked from commit 2776aec7e85850f1d7f01a090a72491550fb9d29) (cherry picked from commit 1fbde36dc784b5b2cc6193f02ff0d436b0f2a629) (cherry picked from commit 1293db3c4e5df218501f5add9f9d41101ffcb8aa) (cherry picked from commit 6476802175bac3ef78dd8f24ff6bebc16f398a78) (cherry picked from commit 5740f2fc830356acb7929a02fe304008b94a0ca5) (cherry picked from commit afc12d7b6e9b773fa89718aa79cd95c0e0ce4406) [MODERATION] Fix transfer confirmation (squash) - Fix problem caused by the clearer confirmation for dangerous actions commit. (cherry picked from commit 3488f4a9cb1f7f73103ae0017d644f13ca3ab798) (cherry picked from commit ed7de91f6ace23a1459bc6552edf719d62c7c941) (cherry picked from commit 2d97929b9b7b8d979eb12bf0994d3f169d41f7fd) (cherry picked from commit 50d035a7b058b9c4486c38cd4be0b02a4e1bf4d9) (cherry picked from commit 0a0c07d78a1dee3489b97ab359bb957e3f7fb94b) (cherry picked from commit 85e55c4dbc2f513f3d5254dac20915e8c3c22886) (cherry picked from commit d8282122ad6e8b497de35d1ed89e3093a2cd5ee2) (cherry picked from commit 3f0b3b6cc582c3d672d371dd9fe1203a56cb88c0) [MODERATION] Purge issues on user deletion (squash) (cherry picked from commit 4f529d9596ffbfc4e754c28830ba028f6344dc5b) (cherry picked from commit f0e3acadd321fcb99e8ea3e3ce1c69df25c4ca4d) (cherry picked from commit 682c4effe69dc0d4ed304fa7ce6259d9ce573629) (cherry picked from commit e43c2d84fd4b6fd31e2370cec1034262d12e5c34) (cherry picked from commit 9c8e53ccc78053026e4f667889959c23c8d95934) (cherry picked from commit a9eb7ac783b2c16ee3702a88203bf857cb4147fc) [MODERATION] Purge issues on user deletion (squash) revert shared fixtures workarounds (cherry picked from commit 7224653a40e32186892e89bfedd49edecf5b8f81) (cherry picked from commit aa6e8672f9473a9100e7575051dec9eda37709a0) (cherry picked from commit 58c7947e95648f50237ddcd46b6bd025b224a70f) (cherry picked from commit f1aacb1851b232082febcd7870a40a56de3855a6) (cherry picked from commit 0bf174af87f7de9a8d869304f709e2bf41f3dde9) (cherry picked from commit f9706f4335df3b7688ed60853d917efa72fb464a) [MODERATION] Prepare moderation for context locale changes (squash) - Resolves https://codeberg.org/forgejo/forgejo/issues/1711 (cherry picked from commit 2e289baea943dcece88f02d110b03d344308a261) (cherry picked from commit 97b16bc19ae680db62608d6020b00fe5ac451c60) [MODERATION] User blocking (squash) do not use shared fixture It conflicts with a fixtured added in the commit Fix comment permissions (#28213) (#28216) (cherry picked from commit ab40799dcab24e9f495d765268b791931da81684) (cherry picked from commit 996c92cafdb5b33a6d2d05d94038e950d97eb7de) (cherry picked from commit 259912e3a69071c5ad57871464d0b79f69a8e72c) Conflicts: options/locale/locale_en-US.ini https://codeberg.org/forgejo/forgejo/pulls/1921 (cherry picked from commit 1e82abc032c18015b92c93a7617a5dd06d50bd2d) (cherry picked from commit a176fee1607d571b25b345184f1c50d403029610) (cherry picked from commit 0480b76dfeda968849e900da9454a3efd82590fa) (cherry picked from commit 4bc06b7b3841c74e3d790b1ef635c2b382ca7123) (cherry picked from commit 073094cf722a927a623408d66537c758d7d64e4c) (cherry picked from commit ac6201c647a4d3a2cfb2b0303b851a8fe7a29444) (cherry picked from commit 7e0812674da3fbd1e96bdda820962edad6826fbd) (cherry picked from commit 068c741e5696957710b3d1c2e18c00be2ffaa278) Conflicts: models/repo_transfer.go models/repo_transfer_test.go routers/web/user/profile.go https://codeberg.org/forgejo/forgejo/pulls/2298
2023-08-14 19:07:38 -04:00
// Blocked user.
assert.ErrorIs(t, user_model.ErrBlockedByUser, user_model.FollowUser(db.DefaultContext, 1, 4))
assert.ErrorIs(t, user_model.ErrBlockedByUser, user_model.FollowUser(db.DefaultContext, 4, 1))
unittest.AssertNotExistsBean(t, &user_model.Follow{UserID: 1, FollowID: 4})
unittest.AssertNotExistsBean(t, &user_model.Follow{UserID: 4, FollowID: 1})
unittest.CheckConsistencyFor(t, &user_model.User{})
}
func TestUnfollowUser(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
testSuccess := func(followerID, followedID int64) {
assert.NoError(t, user_model.UnfollowUser(db.DefaultContext, followerID, followedID))
unittest.AssertNotExistsBean(t, &user_model.Follow{UserID: followerID, FollowID: followedID})
}
testSuccess(4, 2)
testSuccess(5, 2)
testSuccess(2, 2)
unittest.CheckConsistencyFor(t, &user_model.User{})
}
func TestIsUserVisibleToViewer(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1}) // admin, public
user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4}) // normal, public
user20 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 20}) // public, same team as user31
user29 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 29}) // public, is restricted
user31 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 31}) // private, same team as user20
user33 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 33}) // limited, follows 31
test := func(u, viewer *user_model.User, expected bool) {
name := func(u *user_model.User) string {
if u == nil {
return "<nil>"
}
return u.Name
}
assert.Equal(t, expected, user_model.IsUserVisibleToViewer(db.DefaultContext, u, viewer), "user %v should be visible to viewer %v: %v", name(u), name(viewer), expected)
}
// admin viewer
test(user1, user1, true)
test(user20, user1, true)
test(user31, user1, true)
test(user33, user1, true)
// non admin viewer
test(user4, user4, true)
test(user20, user4, true)
test(user31, user4, false)
test(user33, user4, true)
test(user4, nil, true)
// public user
test(user4, user20, true)
test(user4, user31, true)
test(user4, user33, true)
// limited user
test(user33, user33, true)
test(user33, user4, true)
test(user33, user29, false)
test(user33, nil, false)
// private user
test(user31, user31, true)
test(user31, user4, false)
test(user31, user20, true)
test(user31, user29, false)
test(user31, user33, true)
test(user31, nil, false)
}
[GITEA] notifies admins on new user registration Sends email with information on the new user (time of creation and time of last sign-in) and a link to manage the new user from the admin panel closes: https://codeberg.org/forgejo/forgejo/issues/480 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1371 Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net> Co-committed-by: Aravinth Manivannan <realaravinth@batsense.net> (cherry picked from commit c721aa828ba6aec5ef95459cfc632a0a1f7463e9) (cherry picked from commit 6487efcb9da61be1f802f1cd8007330153322770) Conflicts: modules/notification/base/notifier.go modules/notification/base/null.go modules/notification/notification.go https://codeberg.org/forgejo/forgejo/pulls/1422 (cherry picked from commit 7ea66ee1c5dd21d9e6a43f961e8adc71ec79b806) Conflicts: services/notify/notifier.go services/notify/notify.go services/notify/null.go https://codeberg.org/forgejo/forgejo/pulls/1469 (cherry picked from commit 7d2d9970115c94954dacb45684f9e3c16117ebfe) (cherry picked from commit 435a54f14039408b315c99063bdce28c7ef6fe2f) (cherry picked from commit 8ec7b3e4484383445fa2622a28bb4f5c990dd4f2) [GITEA] notifies admins on new user registration (squash) performance bottleneck Refs: https://codeberg.org/forgejo/forgejo/issues/1479 (cherry picked from commit 97ac9147ff3643cca0a059688c6b3c53479e28a7) (cherry picked from commit 19f295c16bd392aa438477fa3c42038d63d1a06a) (cherry picked from commit 3367dcb2cf5328e2afc89f7d5a008b64ede1c987) [GITEA] notifies admins on new user registration (squash) cosmetic changes Co-authored-by: delvh <dev.lh@web.de> (cherry picked from commit 9f1670e040b469ed4346aa2689a75088e4e71c8b) (cherry picked from commit de5bb2a224ab2ae9be891de1ee88a7454a07f7e9) (cherry picked from commit 8f8e52f31a4da080465521747a2c5c0c51ed65e3) (cherry picked from commit e0d51303129fe8763d87ed5f859eeae8f0cc6188) (cherry picked from commit f1288d6d9bfc9150596cb2f7ddb7300cf7ab6952) (cherry picked from commit 1db4736fd7cd75027f3cdf805e0f86c3a5f69c9d) (cherry picked from commit e8dcbb6cd68064209cdbe054d5886710cbe2925d) (cherry picked from commit 09625d647629b85397270e14dfe22258df2bcc43) [GITEA] notifies admins on new user registration (squash) ctx.Locale (cherry picked from commit dab7212fad44a252a1acf8da71b254b1a6715121) (cherry picked from commit 9b7bbae8c4cd5dc4d36726f10870462c8985e543) (cherry picked from commit f750b71d3db9a24dc2722effb8bbc2dded657cbb) (cherry picked from commit f79af366796a8ab581bbfa1f5609dc721798ae68) (cherry picked from commit e76eee334e446a45d841caf19a7c18eab89ca457) [GITEA] notifies admins on new user registration (squash) fix locale (cherry picked from commit 54cd100d8da37ccb0a545e2545995066f92180f0) (cherry picked from commit 053dbd3d50d3c7d1afae8d31c25bda92ceb8f8c0) [GITEA] notifies admins on new user registration (squash) fix URL 1. Use absolute URL in the admin panel link sent on new registrations 2. Include absolute URL of the newly signed-up user's profile. New email looks like this: <details><summary>Please click to expand</summary> ``` --153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 User Information: @realaravinth ( http://localhost:3000/realaravinth ) ---------------------------------------------------------------------- * Created: 2023-12-13 19:36:50 +05:30 Please click here ( http://localhost:3000/admin/users/9 ) to manage the use= r from the admin panel. --153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=UTF-8 <!DOCTYPE html> <html> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8"> <title>New user realaravinth just signed up</title> <style> blockquote { padding-left: 1em; margin: 1em 0; border-left: 1px solid gre= y; color: #777} .footer { font-size:small; color:#666;} </style> </head> <body> <ul> <h3>User Information: <a href=3D"http://localhost:3000/realaravinth">@rea= laravinth</a></h3> <li>Created: <relative-time format=3D"datetime" weekday=3D"" year=3D"nume= ric" month=3D"short" day=3D"numeric" hour=3D"numeric" minute=3D"numeric" se= cond=3D"numeric" datetime=3D"2023-12-13T19:36:50+05:30">2023-12-13 19:36:50= +05:30</relative-time></li> </ul> <p> Please <a href=3D"http://localhost:3000/admin/users/9" rel=3D"nofollow= ">click here</a> to manage the user from the admin panel. </p> </body> </html> --153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770-- ``` </details> fixes: https://codeberg.org/forgejo/forgejo/issues/1927 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1940 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net> Co-committed-by: Aravinth Manivannan <realaravinth@batsense.net> (cherry picked from commit b8d764e36a0cd8e60627805f87b84bb04152e9c1) (cherry picked from commit d48b84f623e369222e5e15965f22e27d74ff4243) Conflicts: routers/web/auth/auth.go https://codeberg.org/forgejo/forgejo/pulls/2034 (cherry picked from commit 02d3c125ccc97638849af33c7df315cbcb368127) (cherry picked from commit 367374ecc3832bb47d29ff79370103f907d0ca99) Conflicts: models/user/user_test.go https://codeberg.org/forgejo/forgejo/pulls/2119 (cherry picked from commit 4124fa5aa41c36b3ab3cc1c65d0e3d5e05ec4086) (cherry picked from commit 7f12610ff63d4907631d8cddcd7a49ae6f6e1508) [GITEA] notifies admins on new user registration (squash) DeleteByID trivial conflict because of 778ad795fd4a19dc15723b59a846a250034c7c3a Refactor deletion (#28610) (cherry picked from commit 05682614e5ef2462cbb6a1635ca01e296fe03d23) (cherry picked from commit 64bd374803a76c97619fe1e28bfc74f99ec91677) (cherry picked from commit 63d086f666a880b48d034b129e535fcfc82acf7d) (cherry picked from commit 3cd48ef4d53c55a81c97f1b666b8d4ba16a967c4) Conflicts: options/locale/locale_en-US.ini https://codeberg.org/forgejo/forgejo/pulls/2249 (cherry picked from commit 6578ec4ed64c8624bc202cefb18d67870eec1336) Conflicts: routers/web/auth/auth.go https://codeberg.org/forgejo/forgejo/pulls/2300
2023-09-07 03:11:29 -04:00
func TestGetAllAdmins(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
admins, err := user_model.GetAllAdmins(db.DefaultContext)
assert.NoError(t, err)
assert.Len(t, admins, 1)
assert.Equal(t, int64(1), admins[0].ID)
}
func Test_ValidateUser(t *testing.T) {
oldSetting := setting.Service.AllowedUserVisibilityModesSlice
defer func() {
setting.Service.AllowedUserVisibilityModesSlice = oldSetting
}()
setting.Service.AllowedUserVisibilityModesSlice = []bool{true, false, true}
kases := map[*user_model.User]bool{
{ID: 1, Visibility: structs.VisibleTypePublic}: true,
{ID: 2, Visibility: structs.VisibleTypeLimited}: false,
{ID: 2, Visibility: structs.VisibleTypePrivate}: true,
}
for kase, expected := range kases {
assert.EqualValues(t, expected, nil == user_model.ValidateUser(kase), fmt.Sprintf("case: %+v", kase))
}
}
func Test_NormalizeUserFromEmail(t *testing.T) {
oldSetting := setting.Service.AllowDotsInUsernames
defer func() {
setting.Service.AllowDotsInUsernames = oldSetting
}()
setting.Service.AllowDotsInUsernames = true
testCases := []struct {
Input string
Expected string
IsNormalizedValid bool
}{
{"test", "test", true},
{"Sinéad.O'Connor", "Sinead.OConnor", true},
{"Æsir", "AEsir", true},
// \u00e9\u0065\u0301
{"éé", "ee", true},
{"Awareness Hub", "Awareness-Hub", true},
{"double__underscore", "double__underscore", false}, // We should consider squashing double non-alpha characters
{".bad.", ".bad.", false},
{"new😀user", "new😀user", false}, // No plans to support
}
for _, testCase := range testCases {
normalizedName, err := user_model.NormalizeUserName(testCase.Input)
assert.NoError(t, err)
assert.EqualValues(t, testCase.Expected, normalizedName)
if testCase.IsNormalizedValid {
assert.NoError(t, user_model.IsUsableUsername(normalizedName))
} else {
assert.Error(t, user_model.IsUsableUsername(normalizedName))
}
}
}
func TestDisabledUserFeatures(t *testing.T) {
assert.NoError(t, unittest.PrepareTestDatabase())
testValues := container.SetOf(setting.UserFeatureDeletion,
setting.UserFeatureManageSSHKeys,
setting.UserFeatureManageGPGKeys)
oldSetting := setting.Admin.ExternalUserDisableFeatures
defer func() {
setting.Admin.ExternalUserDisableFeatures = oldSetting
}()
setting.Admin.ExternalUserDisableFeatures = testValues
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
assert.Len(t, setting.Admin.UserDisabledFeatures.Values(), 0)
// no features should be disabled with a plain login type
assert.LessOrEqual(t, user.LoginType, auth.Plain)
assert.Len(t, user_model.DisabledFeaturesWithLoginType(user).Values(), 0)
for _, f := range testValues.Values() {
assert.False(t, user_model.IsFeatureDisabledWithLoginType(user, f))
}
// check disabled features with external login type
user.LoginType = auth.OAuth2
// all features should be disabled
assert.NotEmpty(t, user_model.DisabledFeaturesWithLoginType(user).Values())
for _, f := range testValues.Values() {
assert.True(t, user_model.IsFeatureDisabledWithLoginType(user, f))
}
}