public/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-11-08 05:02:38 +09:00
Code Issues Packages Projects Releases Wiki Activity

backport "Enforce token on api routes (#4840)" (#4905)

Browse Source
This commit is contained in:
techknowlogick
2018-09-11 10:39:32 -04:00
committed by GitHub
parent d918e63bc5
commit 1a68b3962f
17 changed files with 123 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
integrations/api_repo_raw_test.go
View File

@@ -16,16 +16,17 @@ func TestAPIReposRaw(t *testing.T) {
user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
// Login as User2.
session := loginUser(t, user.Name)
token := getTokenForLoggedInUser(t, session)
for _, ref := range [...]string{
"master", // Branch
"v1.1", // Tag
"65f1bf27bc3bf70f64657658635e66094edbcb4d", // Commit
} {
req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/%s/README.md", user.Name, ref)
req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/%s/README.md?token="+token, user.Name, ref)
session.MakeRequest(t, req, http.StatusOK)
}
// Test default branch
req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/README.md", user.Name)
req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/README.md?token="+token, user.Name)
session.MakeRequest(t, req, http.StatusOK)
}