Convert to url auth to header auth in tests (#28484)

Related #28390
2025-10-31 21:28:11 +09:00 · 2023-12-22 00:59:59 +01:00
parent 04b235d094
commit 838db2f891
102 changed files with 1715 additions and 1523 deletions
--- a/tests/integration/api_admin_test.go
+++ b/tests/integration/api_admin_test.go
@@ -27,11 +27,11 @@ func TestAPIAdminCreateAndDeleteSSHKey(t *testing.T) {
 	keyOwner := unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "user2"})

 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteAdmin)
-	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys?token=%s", keyOwner.Name, token)
+	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys", keyOwner.Name)
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"key":   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n",
 		"title": "test-key",
-	})
+	}).AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusCreated)

 	var newPublicKey api.PublicKey
@@ -43,8 +43,8 @@ func TestAPIAdminCreateAndDeleteSSHKey(t *testing.T) {
 		OwnerID:     keyOwner.ID,
 	})

-	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d?token=%s",
-		keyOwner.Name, newPublicKey.ID, token)
+	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d", keyOwner.Name, newPublicKey.ID).
+		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNoContent)
 	unittest.AssertNotExistsBean(t, &asymkey_model.PublicKey{ID: newPublicKey.ID})
 }
@@ -54,7 +54,8 @@ func TestAPIAdminDeleteMissingSSHKey(t *testing.T) {

 	// user1 is an admin user
 	token := getUserToken(t, "user1", auth_model.AccessTokenScopeWriteAdmin)
-	req := NewRequestf(t, "DELETE", "/api/v1/admin/users/user1/keys/%d?token=%s", unittest.NonexistentID, token)
+	req := NewRequestf(t, "DELETE", "/api/v1/admin/users/user1/keys/%d", unittest.NonexistentID).
+		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNotFound)
 }

@@ -64,18 +65,18 @@ func TestAPIAdminDeleteUnauthorizedKey(t *testing.T) {
 	normalUsername := "user2"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeWriteAdmin)

-	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys?token=%s", adminUsername, token)
+	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys", adminUsername)
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"key":   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n",
 		"title": "test-key",
-	})
+	}).AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusCreated)
 	var newPublicKey api.PublicKey
 	DecodeJSON(t, resp, &newPublicKey)

 	token = getUserToken(t, normalUsername)
-	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d?token=%s",
-		adminUsername, newPublicKey.ID, token)
+	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d", adminUsername, newPublicKey.ID).
+		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusForbidden)
 }

@@ -85,8 +86,8 @@ func TestAPISudoUser(t *testing.T) {
 	normalUsername := "user2"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeReadUser)

-	urlStr := fmt.Sprintf("/api/v1/user?sudo=%s&token=%s", normalUsername, token)
-	req := NewRequest(t, "GET", urlStr)
+	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/user?sudo=%s", normalUsername)).
+		AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusOK)
 	var user api.User
 	DecodeJSON(t, resp, &user)
@@ -100,8 +101,8 @@ func TestAPISudoUserForbidden(t *testing.T) {
 	normalUsername := "user2"

 	token := getUserToken(t, normalUsername, auth_model.AccessTokenScopeReadAdmin)
-	urlStr := fmt.Sprintf("/api/v1/user?sudo=%s&token=%s", adminUsername, token)
-	req := NewRequest(t, "GET", urlStr)
+	req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/user?sudo=%s", adminUsername)).
+		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusForbidden)
 }

@@ -110,8 +111,8 @@ func TestAPIListUsers(t *testing.T) {
 	adminUsername := "user1"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeReadAdmin)

-	urlStr := fmt.Sprintf("/api/v1/admin/users?token=%s", token)
-	req := NewRequest(t, "GET", urlStr)
+	req := NewRequest(t, "GET", "/api/v1/admin/users").
+		AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusOK)
 	var users []api.User
 	DecodeJSON(t, resp, &users)
@@ -137,7 +138,8 @@ func TestAPIListUsersNonAdmin(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	nonAdminUsername := "user2"
 	token := getUserToken(t, nonAdminUsername)
-	req := NewRequestf(t, "GET", "/api/v1/admin/users?token=%s", token)
+	req := NewRequest(t, "GET", "/api/v1/admin/users").
+		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusForbidden)
 }

@@ -145,8 +147,7 @@ func TestAPICreateUserInvalidEmail(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	adminUsername := "user1"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeWriteAdmin)
-	urlStr := fmt.Sprintf("/api/v1/admin/users?token=%s", token)
-	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
+	req := NewRequestWithValues(t, "POST", "/api/v1/admin/users", map[string]string{
 		"email":                "invalid_email@domain.com\r\n",
 		"full_name":            "invalid user",
 		"login_name":           "invalidUser",
@@ -155,7 +156,7 @@ func TestAPICreateUserInvalidEmail(t *testing.T) {
 		"send_notify":          "true",
 		"source_id":            "0",
 		"username":             "invalidUser",
-	})
+	}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusUnprocessableEntity)
 }

@@ -167,7 +168,7 @@ func TestAPICreateAndDeleteUser(t *testing.T) {
 	req := NewRequestWithValues(
 		t,
 		"POST",
-		fmt.Sprintf("/api/v1/admin/users?token=%s", token),
+		"/api/v1/admin/users",
 		map[string]string{
 			"email":                "deleteme@domain.com",
 			"full_name":            "delete me",
@@ -178,10 +179,11 @@ func TestAPICreateAndDeleteUser(t *testing.T) {
 			"source_id":            "0",
 			"username":             "deleteme",
 		},
-	)
+	).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusCreated)

-	req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/admin/users/deleteme?token=%s", token))
+	req = NewRequest(t, "DELETE", "/api/v1/admin/users/deleteme").
+		AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNoContent)
 }

@@ -189,7 +191,7 @@ func TestAPIEditUser(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	adminUsername := "user1"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeWriteAdmin)
-	urlStr := fmt.Sprintf("/api/v1/admin/users/%s?token=%s", "user2", token)
+	urlStr := fmt.Sprintf("/api/v1/admin/users/%s", "user2")

 	req := NewRequestWithValues(t, "PATCH", urlStr, map[string]string{
 		// required
@@ -197,7 +199,7 @@ func TestAPIEditUser(t *testing.T) {
 		"source_id":  "0",
 		// to change
 		"full_name": "Full Name User 2",
-	})
+	}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusOK)

 	empty := ""
@@ -205,7 +207,7 @@ func TestAPIEditUser(t *testing.T) {
 		LoginName: "user2",
 		SourceID:  0,
 		Email:     &empty,
-	})
+	}).AddTokenAuth(token)
 	resp := MakeRequest(t, req, http.StatusUnprocessableEntity)

 	errMap := make(map[string]any)
@@ -221,7 +223,7 @@ func TestAPIEditUser(t *testing.T) {
 		SourceID:  0,
 		// to change
 		Restricted: &bTrue,
-	})
+	}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusOK)
 	user2 = unittest.AssertExistsAndLoadBean(t, &user_model.User{LoginName: "user2"})
 	assert.True(t, user2.IsRestricted)
@@ -235,11 +237,11 @@ func TestAPICreateRepoForUser(t *testing.T) {
 	req := NewRequestWithJSON(
 		t,
 		"POST",
-		fmt.Sprintf("/api/v1/admin/users/%s/repos?token=%s", adminUsername, token),
+		fmt.Sprintf("/api/v1/admin/users/%s/repos", adminUsername),
 		&api.CreateRepoOption{
 			Name: "admincreatedrepo",
 		},
-	)
+	).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusCreated)
 }

@@ -247,40 +249,38 @@ func TestAPIRenameUser(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	adminUsername := "user1"
 	token := getUserToken(t, adminUsername, auth_model.AccessTokenScopeWriteAdmin)
-	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/rename?token=%s", "user2", token)
+	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/rename", "user2")
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		// required
 		"new_name": "User2",
-	})
+	}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusOK)

-	urlStr = fmt.Sprintf("/api/v1/admin/users/%s/rename?token=%s", "User2", token)
+	urlStr = fmt.Sprintf("/api/v1/admin/users/%s/rename", "User2")
 	req = NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		// required
 		"new_name": "User2-2-2",
-	})
+	}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusOK)

-	urlStr = fmt.Sprintf("/api/v1/admin/users/%s/rename?token=%s", "User2", token)
 	req = NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		// required
 		"new_name": "user1",
-	})
+	}).AddTokenAuth(token)
 	// the old user name still be used by with a redirect
 	MakeRequest(t, req, http.StatusTemporaryRedirect)

-	urlStr = fmt.Sprintf("/api/v1/admin/users/%s/rename?token=%s", "User2-2-2", token)
+	urlStr = fmt.Sprintf("/api/v1/admin/users/%s/rename", "User2-2-2")
 	req = NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		// required
 		"new_name": "user1",
-	})
+	}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusUnprocessableEntity)

-	urlStr = fmt.Sprintf("/api/v1/admin/users/%s/rename?token=%s", "User2-2-2", token)
 	req = NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		// required
 		"new_name": "user2",
-	})
+	}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusOK)
 }

@@ -294,8 +294,9 @@ func TestAPICron(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()

 		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadAdmin)
-		urlStr := fmt.Sprintf("/api/v1/admin/cron?token=%s", token)
-		req := NewRequest(t, "GET", urlStr)
+
+		req := NewRequest(t, "GET", "/api/v1/admin/cron").
+			AddTokenAuth(token)
 		resp := MakeRequest(t, req, http.StatusOK)

 		assert.Equal(t, "28", resp.Header().Get("X-Total-Count"))
@@ -313,13 +314,13 @@ func TestAPICron(t *testing.T) {
 		// Archive cleanup is harmless, because in the test environment there are none
 		// and is thus an NOOP operation and therefore doesn't interfere with any other
 		// tests.
-		urlStr := fmt.Sprintf("/api/v1/admin/cron/archive_cleanup?token=%s", token)
-		req := NewRequest(t, "POST", urlStr)
+		req := NewRequest(t, "POST", "/api/v1/admin/cron/archive_cleanup").
+			AddTokenAuth(token)
 		MakeRequest(t, req, http.StatusNoContent)

 		// Check for the latest run time for this cron, to ensure it has been run.
-		urlStr = fmt.Sprintf("/api/v1/admin/cron?token=%s", token)
-		req = NewRequest(t, "GET", urlStr)
+		req = NewRequest(t, "GET", "/api/v1/admin/cron").
+			AddTokenAuth(token)
 		resp := MakeRequest(t, req, http.StatusOK)

 		var crons []api.Cron