Skip to content

Commit efd080e

Browse files
ChristopherHXChristopherHX
committed
add permission org test
1 parent 82834ff commit efd080e

File tree

1 file changed

+58
-0
lines changed

1 file changed

+58
-0
lines changed

tests/integration/api_org_runner_test.go

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,3 +62,61 @@ func TestAPIRunnerOrgApi(t *testing.T) {
6262
req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", runnerList.Entries[0].ID)).AddTokenAuth(token)
6363
MakeRequest(t, req, http.StatusNotFound)
6464
}
65+
66+
func TestAPIRunnerDeleteReadScopeForbiddenOrgApi(t *testing.T) {
67+
defer tests.PrepareTestEnv(t)()
68+
userUsername := "user2"
69+
token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadOrganization)
70+
71+
// Verify delete the runner by id is forbidden with read scope
72+
req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34347)).AddTokenAuth(token)
73+
MakeRequest(t, req, http.StatusForbidden)
74+
}
75+
76+
func TestAPIRunnerGetOrgApi(t *testing.T) {
77+
defer tests.PrepareTestEnv(t)()
78+
userUsername := "user2"
79+
token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadOrganization)
80+
// Verify get the runner by id with read scope
81+
req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34347)).AddTokenAuth(token)
82+
runnerResp := MakeRequest(t, req, http.StatusOK)
83+
84+
runner := api.ActionRunner{}
85+
DecodeJSON(t, runnerResp, &runner)
86+
87+
assert.Equal(t, "runner_to_be_deleted-org", runner.Name)
88+
assert.Equal(t, int64(34347), runner.ID)
89+
assert.False(t, runner.Ephemeral)
90+
assert.Len(t, runner.Labels, 2)
91+
assert.Equal(t, "runner_to_be_deleted", runner.Labels[0].Name)
92+
assert.Equal(t, "linux", runner.Labels[1].Name)
93+
}
94+
95+
func TestAPIRunnerGetRepoScopeForbiddenOrgApi(t *testing.T) {
96+
defer tests.PrepareTestEnv(t)()
97+
userUsername := "user2"
98+
token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadRepository)
99+
// Verify get the runner by id with read scope
100+
req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34347)).AddTokenAuth(token)
101+
MakeRequest(t, req, http.StatusForbidden)
102+
}
103+
104+
func TestAPIRunnerGetAdminRunnerNotFoundOrgApi(t *testing.T) {
105+
defer tests.PrepareTestEnv(t)()
106+
userUsername := "user2"
107+
token := getUserToken(t, userUsername, auth_model.AccessTokenScopeReadOrganization)
108+
// Verify get a runner by id of different entity is not found
109+
// runner.Editable(ownerID, repoID) false
110+
req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34344)).AddTokenAuth(token)
111+
MakeRequest(t, req, http.StatusNotFound)
112+
}
113+
114+
func TestAPIRunnerDeleteAdminRunnerNotFoundOrgApi(t *testing.T) {
115+
defer tests.PrepareTestEnv(t)()
116+
userUsername := "user2"
117+
token := getUserToken(t, userUsername, auth_model.AccessTokenScopeWriteOrganization)
118+
// Verify delete a runner by id of different entity is not found
119+
// runner.Editable(ownerID, repoID) false
120+
req := NewRequest(t, "DELETE", fmt.Sprintf("/api/v1/orgs/org3/actions/runners/%d", 34344)).AddTokenAuth(token)
121+
MakeRequest(t, req, http.StatusNotFound)
122+
}

0 commit comments

Comments
 (0)