Add user secrets API integration tests (#27832)

Adds the missing user secrets API integration tests so #27829 does not happen again
2025-10-31 21:28:11 +09:00 · 2023-10-31 04:46:09 +01:00
parent 6ca234a356
commit 9106514e51
1 changed files with 98 additions and 0 deletions
--- a/tests/integration/api_user_secrets_test.go
+++ b/tests/integration/api_user_secrets_test.go
@@ -0,0 +1,98 @@
 // Copyright 2023 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 package integration
 import (
 	"fmt"
 	"net/http"
 	"testing"
 	auth_model "code.gitea.io/gitea/models/auth"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/tests"
 )
 func TestAPIUserSecrets(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 	session := loginUser(t, "user1")
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteUser)
 	t.Run("Create", func(t *testing.T) {
 		cases := []struct {
 			Name           string
 			ExpectedStatus int
 		}{
 			{
 				Name:           "",
 				ExpectedStatus: http.StatusNotFound,
 			},
 			{
 				Name:           "-",
 				ExpectedStatus: http.StatusBadRequest,
 			},
 			{
 				Name:           "_",
 				ExpectedStatus: http.StatusCreated,
 			},
 			{
 				Name:           "secret",
 				ExpectedStatus: http.StatusCreated,
 			},
 			{
 				Name:           "2secret",
 				ExpectedStatus: http.StatusBadRequest,
 			},
 			{
 				Name:           "GITEA_secret",
 				ExpectedStatus: http.StatusBadRequest,
 			},
 			{
 				Name:           "GITHUB_secret",
 				ExpectedStatus: http.StatusBadRequest,
 			},
 		}
 		for _, c := range cases {
 			req := NewRequestWithJSON(t, "PUT", fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", c.Name, token), api.CreateOrUpdateSecretOption{
 				Data: "data",
 			})
 			MakeRequest(t, req, c.ExpectedStatus)
 		}
 	})
 	t.Run("Update", func(t *testing.T) {
 		name := "update_secret"
 		url := fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", name, token)
 		req := NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
 			Data: "initial",
 		})
 		MakeRequest(t, req, http.StatusCreated)
 		req = NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
 			Data: "changed",
 		})
 		MakeRequest(t, req, http.StatusNoContent)
 	})
 	t.Run("Delete", func(t *testing.T) {
 		name := "delete_secret"
 		url := fmt.Sprintf("/api/v1/user/actions/secrets/%s?token=%s", name, token)
 		req := NewRequestWithJSON(t, "PUT", url, api.CreateOrUpdateSecretOption{
 			Data: "initial",
 		})
 		MakeRequest(t, req, http.StatusCreated)
 		req = NewRequest(t, "DELETE", url)
 		MakeRequest(t, req, http.StatusNoContent)
 		req = NewRequest(t, "DELETE", url)
 		MakeRequest(t, req, http.StatusNotFound)
 		req = NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/user/actions/secrets/000?token=%s", token))
 		MakeRequest(t, req, http.StatusBadRequest)
 	})
 }