e286457990
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/7337 - Massive replacement of changing `code.gitea.io/gitea` to `forgejo.org`. - Resolves forgejo/discussions#258 Co-authored-by: Gusted <postmaster@gusted.xyz> Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7354 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org> Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org>
67 lines
2.5 KiB
Go
67 lines
2.5 KiB
Go
// Copyright 2024 The Forgejo Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package auth
|
|
|
|
import (
|
|
"net/http"
|
|
"testing"
|
|
|
|
"forgejo.org/models/db"
|
|
"forgejo.org/models/unittest"
|
|
user_model "forgejo.org/models/user"
|
|
"forgejo.org/modules/setting"
|
|
"forgejo.org/modules/test"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestReverseProxyAuth(t *testing.T) {
|
|
defer test.MockVariableValue(&setting.Service.EnableReverseProxyEmail, true)()
|
|
defer test.MockVariableValue(&setting.Service.EnableReverseProxyFullName, true)()
|
|
defer test.MockVariableValue(&setting.Service.EnableReverseProxyFullName, true)()
|
|
require.NoError(t, unittest.PrepareTestDatabase())
|
|
|
|
require.NoError(t, db.TruncateBeans(db.DefaultContext, &user_model.User{}))
|
|
require.EqualValues(t, 0, user_model.CountUsers(db.DefaultContext, nil))
|
|
|
|
t.Run("First user should be admin", func(t *testing.T) {
|
|
req, err := http.NewRequest("GET", "/", nil)
|
|
require.NoError(t, err)
|
|
|
|
req.Header.Add(setting.ReverseProxyAuthUser, "Edgar")
|
|
req.Header.Add(setting.ReverseProxyAuthFullName, "Edgar Allan Poe")
|
|
req.Header.Add(setting.ReverseProxyAuthEmail, "edgar@example.org")
|
|
|
|
rp := &ReverseProxy{}
|
|
user := rp.newUser(req)
|
|
|
|
require.EqualValues(t, 1, user_model.CountUsers(db.DefaultContext, nil))
|
|
unittest.AssertExistsAndLoadBean(t, &user_model.User{Email: "edgar@example.org", Name: "Edgar", LowerName: "edgar", FullName: "Edgar Allan Poe", IsAdmin: true})
|
|
require.EqualValues(t, "edgar@example.org", user.Email)
|
|
require.EqualValues(t, "Edgar", user.Name)
|
|
require.EqualValues(t, "edgar", user.LowerName)
|
|
require.EqualValues(t, "Edgar Allan Poe", user.FullName)
|
|
require.True(t, user.IsAdmin)
|
|
})
|
|
|
|
t.Run("Second user shouldn't be admin", func(t *testing.T) {
|
|
req, err := http.NewRequest("GET", "/", nil)
|
|
require.NoError(t, err)
|
|
|
|
req.Header.Add(setting.ReverseProxyAuthUser, " Gusted ")
|
|
req.Header.Add(setting.ReverseProxyAuthFullName, "❤‿❤")
|
|
req.Header.Add(setting.ReverseProxyAuthEmail, "gusted@example.org")
|
|
|
|
rp := &ReverseProxy{}
|
|
user := rp.newUser(req)
|
|
|
|
require.EqualValues(t, 2, user_model.CountUsers(db.DefaultContext, nil))
|
|
unittest.AssertExistsAndLoadBean(t, &user_model.User{Email: "gusted@example.org", Name: "Gusted", LowerName: "gusted", FullName: "❤‿❤"}, "is_admin = false")
|
|
require.EqualValues(t, "gusted@example.org", user.Email)
|
|
require.EqualValues(t, "Gusted", user.Name)
|
|
require.EqualValues(t, "gusted", user.LowerName)
|
|
require.EqualValues(t, "❤‿❤", user.FullName)
|
|
require.False(t, user.IsAdmin)
|
|
})
|
|
}
|