5da6a40f10
Universal: PR Check / Branch Policy (pull_request) Failing after 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Validate PR (pull_request) Failing after 9s
Generic: Project CI / Lint & Validate (pull_request) Successful in 41s
PR RC Release / Build RC Release (pull_request) Failing after 1m15s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Failing after 1m19s
Universal: PR Check / Secret Scan (pull_request) Successful in 1m23s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 1m38s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 13m43s
Generic: Project CI / Tests (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report: Scripts Governance (pull_request) Has been cancelled
Generic: Repo Health / Report: Repository Health (pull_request) Has been cancelled
- Remove residual <<<<<<< HEAD marker from api_org_test.go - Convert code.gitea.io/gitea to mokoconsulting paths in 5 new test files: cmd/serv_test.go, models/auth/twofactor_test.go, modules/git/commit_info_nogogit_test.go, routers/private/hook_pre_receive_test.go, services/actions/notifier_helper_test.go - Add changelog entries for new features (#460, #507, #513) Claude-Session: https://claude.ai/code/session_011AAFzotGMf3ayvXhEmStCd
57 lines
1.9 KiB
Go
57 lines
1.9 KiB
Go
// Copyright 2026 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package cmd
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/perm"
|
|
"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/git"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestGetAccessMode(t *testing.T) {
|
|
cases := []struct {
|
|
verb, lfsVerb string
|
|
expected perm.AccessMode
|
|
}{
|
|
{git.CmdVerbUploadPack, "", perm.AccessModeRead},
|
|
{git.CmdVerbUploadArchive, "", perm.AccessModeRead},
|
|
{git.CmdVerbReceivePack, "", perm.AccessModeWrite},
|
|
{git.CmdVerbLfsAuthenticate, git.CmdSubVerbLfsUpload, perm.AccessModeWrite},
|
|
{git.CmdVerbLfsAuthenticate, git.CmdSubVerbLfsDownload, perm.AccessModeRead},
|
|
{git.CmdVerbLfsTransfer, git.CmdSubVerbLfsUpload, perm.AccessModeWrite},
|
|
{git.CmdVerbLfsTransfer, git.CmdSubVerbLfsDownload, perm.AccessModeRead},
|
|
}
|
|
for _, tc := range cases {
|
|
t.Run(tc.verb+"/"+tc.lfsVerb, func(t *testing.T) {
|
|
mode, ok := getAccessMode(tc.verb, tc.lfsVerb)
|
|
assert.True(t, ok)
|
|
assert.Equal(t, tc.expected, mode)
|
|
})
|
|
}
|
|
}
|
|
|
|
// TestGetAccessModeUnknownVerb locks in the invariant that getAccessMode reports
|
|
// ok=false for unrecognised verbs and LFS sub-verbs, so runServ rejects them. An
|
|
// unknown verb has no valid access mode; if it were treated as AccessModeNone (0)
|
|
// it would pass the `userMode < mode` permission check in routers/private/serv.go
|
|
// and hand out valid LFS JWTs for any private repository.
|
|
func TestGetAccessModeUnknownVerb(t *testing.T) {
|
|
cases := []struct{ verb, lfsVerb string }{
|
|
{git.CmdVerbLfsAuthenticate, ""},
|
|
{git.CmdVerbLfsAuthenticate, "badverb"},
|
|
{git.CmdVerbLfsTransfer, "badverb"},
|
|
{"git-unknown-verb", ""},
|
|
}
|
|
for _, tc := range cases {
|
|
t.Run(tc.verb+"/"+tc.lfsVerb, func(t *testing.T) {
|
|
mode, ok := getAccessMode(tc.verb, tc.lfsVerb)
|
|
assert.False(t, ok)
|
|
assert.Equal(t, perm.AccessModeNone, mode)
|
|
})
|
|
}
|
|
}
|