use std::{ fs, path::{Path, PathBuf}, process::Command, sync::Arc, time::{SystemTime, UNIX_EPOCH}, }; use actix_http::Request; use actix_web::{ App, body::BoxBody, dev::{Service, ServiceResponse}, http::StatusCode, test, }; use gitr::{ app::AppState, conf::{AppConfig, CoreAppConfig, DatabaseConfig, RepositoryConfig, ServerConfig}, db::Database, http::build_scope, models::{ AccessMode, ApiCollaboratorResponse, ApiLoginResponse, ApiPullRequestDetailResponse, ApiPullRequestResponse, ApiRepositoryResponse, ApiUser, Branch, CompareResponse, CreateAccessTokenResponse, AccessTokenResponse, PullRequestStatus, }, }; use serde_json::Value; #[actix_web::test] async fn create_user_and_bare_repo_via_http() { let env = TestEnv::new("bare"); let app = env.app().await; let user = create_user(&app, "alice").await; assert_eq!(user.name, "alice"); let token = login(&app, "alice").await.token; let repo = create_repo(&app, &token, "demo", false).await; assert_eq!(repo.owner.name, "alice"); assert_eq!(repo.repo.name, "demo"); assert!(repo.repo.is_bare); let repo_path = env.repo_path("alice", "demo"); assert!(repo_path.exists()); assert!(repo_path.join("HEAD").exists()); assert_eq!( git(&repo_path, &["symbolic-ref", "HEAD"]), "refs/heads/main" ); } #[actix_web::test] async fn create_repo_with_auto_init_creates_first_commit() { let env = TestEnv::new("autoinit"); let app = env.app().await; create_user(&app, "bob").await; let token = login(&app, "bob").await.token; let repo = create_repo(&app, &token, "seeded", true).await; assert!(!repo.repo.is_bare); let repo_path = env.repo_path("bob", "seeded"); let head = git(&repo_path, &["rev-parse", "refs/heads/main"]); assert_eq!(head.len(), 40); let readme = git(&repo_path, &["show", "refs/heads/main:README.md"]); assert_eq!(readme, "# seeded"); } #[actix_web::test] async fn duplicate_user_is_rejected() { let env = TestEnv::new("duplicate-user"); let app = env.app().await; create_user(&app, "carol").await; let admin_token = login(&app, "carol").await.token; let request = test::TestRequest::post() .uri("/api/admin/users") .insert_header(("authorization", format!("Bearer {admin_token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"username":"carol","email":"carol@example.com","password":"password123"}"#) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::CONFLICT); assert_error_response( response, StatusCode::CONFLICT, "conflict", "user already exists: carol", ) .await; } #[actix_web::test] async fn duplicate_repo_is_rejected() { let env = TestEnv::new("duplicate-repo"); let app = env.app().await; create_user(&app, "dave").await; let token = login(&app, "dave").await.token; create_repo(&app, &token, "demo", false).await; let request = test::TestRequest::post() .uri("/api/repos") .insert_header(("authorization", format!("Bearer {token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"demo","description":"again","auto_init":false}"#) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::CONFLICT); } #[actix_web::test] async fn missing_authorization_is_rejected() { let env = TestEnv::new("missing-auth"); let app = env.app().await; let request = test::TestRequest::post() .uri("/api/repos") .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"demo","description":"demo","auto_init":false}"#) .to_request(); let response = test::call_service(&app, request).await; assert_error_response( response, StatusCode::UNAUTHORIZED, "unauthorized", "missing authorization header", ) .await; } #[actix_web::test] async fn invalid_repo_name_is_rejected() { let env = TestEnv::new("invalid-repo"); let app = env.app().await; create_user(&app, "erin").await; let token = login(&app, "erin").await.token; let request = test::TestRequest::post() .uri("/api/repos") .insert_header(("authorization", format!("Bearer {token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"bad/name","description":"demo","auto_init":false}"#) .to_request(); let response = test::call_service(&app, request).await; assert_error_response( response, StatusCode::BAD_REQUEST, "validation_error", "repository name must contain only ASCII letters, digits, '-', '_' or '.'", ) .await; } #[actix_web::test] async fn invalid_user_name_is_rejected() { let env = TestEnv::new("invalid-user"); let app = env.app().await; let request = test::TestRequest::post() .uri("/api/admin/users") .insert_header(("content-type", "application/json")) .set_payload( r#"{"username":"bad/name","email":"bad@example.com","password":"password123"}"#, ) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::BAD_REQUEST); } #[actix_web::test] async fn git_init_failure_does_not_leave_repo_record() { let env = TestEnv::new("git-init-failure"); let app = env .app_with_git_binary("definitely-not-a-real-git-binary") .await; create_user(&app, "frank").await; let token = login(&app, "frank").await.token; let request = test::TestRequest::post() .uri("/api/repos") .insert_header(("authorization", format!("Bearer {token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"blocked","description":"demo","auto_init":false}"#) .to_request(); let response = test::call_service(&app, request).await; assert_error_response( response, StatusCode::INTERNAL_SERVER_ERROR, "internal_error", "internal server error", ) .await; let get_request = test::TestRequest::get() .uri("/api/repos/frank/blocked") .to_request(); let get_response = test::call_service(&app, get_request).await; assert_eq!(get_response.status(), StatusCode::NOT_FOUND); } #[actix_web::test] async fn login_rejects_bad_password() { let env = TestEnv::new("bad-login"); let app = env.app().await; create_user(&app, "grace").await; let request = test::TestRequest::post() .uri("/api/user/login") .insert_header(("content-type", "application/json")) .set_payload(r#"{"login":"grace","password":"wrong-password"}"#) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::UNAUTHORIZED); } #[actix_web::test] async fn login_replaces_existing_login_token() { let env = TestEnv::new("repeat-login"); let app = env.app().await; create_user(&app, "grace").await; let first = login(&app, "grace").await; let second = login(&app, "grace").await; assert_ne!(first.token, second.token); let first_request = test::TestRequest::get() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", first.token))) .to_request(); let first_response = test::call_service(&app, first_request).await; assert_eq!(first_response.status(), StatusCode::UNAUTHORIZED); let second_request = test::TestRequest::get() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", second.token))) .to_request(); let second_response = test::call_service(&app, second_request).await; assert_eq!(second_response.status(), StatusCode::OK); let tokens: Vec = test::read_body_json(second_response).await; assert_eq!(tokens.len(), 1); assert_eq!(tokens[0].name, "login"); } #[actix_web::test] async fn token_endpoint_creates_second_token() { let env = TestEnv::new("token-endpoint"); let app = env.app().await; create_user(&app, "heidi").await; let login = login(&app, "heidi").await; let request = test::TestRequest::post() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", login.token))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"cli"}"#) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::OK); let token: CreateAccessTokenResponse = test::read_body_json(response).await; assert_eq!(token.name, "cli"); assert!(!token.token.is_empty()); assert_eq!(token.updated_unix, 0); } #[actix_web::test] async fn access_token_names_must_be_unique_per_user() { let env = TestEnv::new("token-unique"); let app = env.app().await; create_user(&app, "alice").await; let login = login(&app, "alice").await; let first = test::TestRequest::post() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", login.token))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"cli"}"#) .to_request(); let first_response = test::call_service(&app, first).await; assert_eq!(first_response.status(), StatusCode::OK); let second = test::TestRequest::post() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", login.token))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"cli"}"#) .to_request(); let second_response = test::call_service(&app, second).await; assert_eq!(second_response.status(), StatusCode::CONFLICT); } #[actix_web::test] async fn access_token_can_be_listed_and_deleted() { let env = TestEnv::new("token-list-delete"); let app = env.app().await; create_user(&app, "alice").await; let login = login(&app, "alice").await; let create = test::TestRequest::post() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", login.token))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"cli"}"#) .to_request(); let create_response = test::call_service(&app, create).await; assert_eq!(create_response.status(), StatusCode::OK); let token: CreateAccessTokenResponse = test::read_body_json(create_response).await; assert_eq!(token.updated_unix, 0); let list = test::TestRequest::get() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", login.token))) .to_request(); let list_response = test::call_service(&app, list).await; assert_eq!(list_response.status(), StatusCode::OK); let list_body: Value = test::read_body_json(list_response).await; let list_entries = list_body .as_array() .expect("token list response should be an array"); assert_eq!(list_entries.len(), 2); assert!(list_entries .iter() .any(|entry| entry.get("id").and_then(Value::as_i64) == Some(token.id))); assert!(list_entries.iter().all(|entry| entry.get("token").is_none())); let delete = test::TestRequest::delete() .uri(&format!("/api/user/tokens/{}", token.id)) .insert_header(("authorization", format!("Bearer {}", login.token))) .to_request(); let delete_response = test::call_service(&app, delete).await; assert_eq!(delete_response.status(), StatusCode::NO_CONTENT); let list_again = test::TestRequest::get() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", login.token))) .to_request(); let list_again_response = test::call_service(&app, list_again).await; assert_eq!(list_again_response.status(), StatusCode::OK); let list_again_body: Value = test::read_body_json(list_again_response).await; let list_again_entries = list_again_body .as_array() .expect("token list response should be an array"); assert_eq!(list_again_entries.len(), 1); assert!(list_again_entries .iter() .all(|entry| entry.get("id").and_then(Value::as_i64) != Some(token.id))); } #[actix_web::test] async fn access_token_updated_unix_changes_after_use() { let env = TestEnv::new("token-touch"); let app = env.app().await; create_user(&app, "alice").await; let login = login(&app, "alice").await; let create = test::TestRequest::post() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", login.token))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"cli"}"#) .to_request(); let create_response = test::call_service(&app, create).await; assert_eq!(create_response.status(), StatusCode::OK); let token: CreateAccessTokenResponse = test::read_body_json(create_response).await; assert_eq!(token.updated_unix, 0); let use_cli = test::TestRequest::get() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", token.token))) .to_request(); let use_cli_response = test::call_service(&app, use_cli).await; assert_eq!(use_cli_response.status(), StatusCode::OK); let list = test::TestRequest::get() .uri("/api/user/tokens") .insert_header(("authorization", format!("Bearer {}", login.token))) .to_request(); let list_response = test::call_service(&app, list).await; assert_eq!(list_response.status(), StatusCode::OK); let list_body: Value = test::read_body_json(list_response).await; let list_entries = list_body .as_array() .expect("token list response should be an array"); let cli_entry = list_entries .iter() .find(|entry| entry.get("id").and_then(Value::as_i64) == Some(token.id)) .expect("cli token should exist"); assert!( cli_entry .get("updated_unix") .and_then(Value::as_i64) .unwrap_or_default() > 0 ); } #[actix_web::test] async fn admin_user_creation_requires_bootstrap_or_admin_token() { let env = TestEnv::new("admin-auth"); let app = env.app().await; create_user(&app, "admin").await; let admin_token = login(&app, "admin").await.token; let anonymous = test::TestRequest::post() .uri("/api/admin/users") .insert_header(("content-type", "application/json")) .set_payload(r#"{"username":"member","email":"member@example.com","password":"password123"}"#) .to_request(); let anonymous_response = test::call_service(&app, anonymous).await; assert_eq!(anonymous_response.status(), StatusCode::UNAUTHORIZED); let member = create_user_as_admin(&app, &admin_token, "member").await; assert_eq!(member.name, "member"); } #[actix_web::test] async fn api_responses_do_not_expose_password_hash() { let env = TestEnv::new("redaction"); let app = env.app().await; create_user(&app, "alice").await; let token = login(&app, "alice").await.token; let user_request = test::TestRequest::get().uri("/api/users/alice").to_request(); let user_response = test::call_service(&app, user_request).await; assert_eq!(user_response.status(), StatusCode::OK); let user_body: Value = test::read_body_json(user_response).await; assert!(user_body.get("password_hash").is_none()); assert_eq!(user_body.get("email").and_then(Value::as_str), Some("")); let repo_request = test::TestRequest::post() .uri("/api/repos") .insert_header(("authorization", format!("Bearer {token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"demo","description":"demo","auto_init":false}"#) .to_request(); let repo_response = test::call_service(&app, repo_request).await; assert_eq!(repo_response.status(), StatusCode::OK); let repo_body: Value = test::read_body_json(repo_response).await; assert!( repo_body .get("owner") .and_then(|owner| owner.get("password_hash")) .is_none() ); } #[actix_web::test] async fn private_repo_metadata_is_not_visible_without_read_access() { let env = TestEnv::new("private-repo-opaque"); let app = env.app().await; create_user(&app, "owner").await; let owner_token = login(&app, "owner").await.token; create_repo_with_visibility(&app, &owner_token, "secret", true, true).await; create_user_as_admin(&app, &owner_token, "outsider").await; let outsider_token = login(&app, "outsider").await.token; let anonymous = test::TestRequest::get() .uri("/api/repos/owner/secret") .to_request(); let anonymous_response = test::call_service(&app, anonymous).await; assert_error_response( anonymous_response, StatusCode::NOT_FOUND, "not_found", "repository not found: owner/secret", ) .await; let outsider = test::TestRequest::get() .uri("/api/repos/owner/secret") .insert_header(("authorization", format!("Bearer {outsider_token}"))) .to_request(); let outsider_response = test::call_service(&app, outsider).await; assert_error_response( outsider_response, StatusCode::NOT_FOUND, "not_found", "repository not found: owner/secret", ) .await; } #[actix_web::test] async fn private_repo_read_endpoints_are_not_visible_without_access() { let env = TestEnv::new("private-repo-read-opaque"); let app = env.app().await; create_user(&app, "owner").await; let owner_token = login(&app, "owner").await.token; create_repo_with_visibility(&app, &owner_token, "secret", true, true).await; create_user_as_admin(&app, &owner_token, "outsider").await; let outsider_token = login(&app, "outsider").await.token; let branches = test::TestRequest::get() .uri("/api/repos/owner/secret/branches") .insert_header(("authorization", format!("Bearer {outsider_token}"))) .to_request(); let branches_response = test::call_service(&app, branches).await; assert_eq!(branches_response.status(), StatusCode::NOT_FOUND); let pulls = test::TestRequest::get() .uri("/api/repos/owner/secret/pulls") .insert_header(("authorization", format!("Bearer {outsider_token}"))) .to_request(); let pulls_response = test::call_service(&app, pulls).await; assert_eq!(pulls_response.status(), StatusCode::NOT_FOUND); let forks = test::TestRequest::post() .uri("/api/repos/owner/secret/forks") .insert_header(("authorization", format!("Bearer {outsider_token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"secret-fork","description":"x"}"#) .to_request(); let forks_response = test::call_service(&app, forks).await; assert_eq!(forks_response.status(), StatusCode::NOT_FOUND); let compare = test::TestRequest::get() .uri("/api/repos/owner/secret/compare?base=main&head_owner=owner&head_repo=secret&head_branch=main") .insert_header(("authorization", format!("Bearer {outsider_token}"))) .to_request(); let compare_response = test::call_service(&app, compare).await; assert_eq!(compare_response.status(), StatusCode::NOT_FOUND); let create_pr = test::TestRequest::post() .uri("/api/repos/owner/secret/pulls") .insert_header(("authorization", format!("Bearer {outsider_token}"))) .insert_header(("content-type", "application/json")) .set_payload( r#"{"head_owner":"owner","head_repo":"secret","head_branch":"main","base_branch":"main","title":"x","body":""}"#, ) .to_request(); let create_pr_response = test::call_service(&app, create_pr).await; assert_eq!(create_pr_response.status(), StatusCode::NOT_FOUND); } #[actix_web::test] async fn list_user_repositories_hides_private_repos_without_access() { let env = TestEnv::new("list-user-repos"); let app = env.app().await; create_user(&app, "owner").await; let owner_token = login(&app, "owner").await.token; create_repo_with_visibility(&app, &owner_token, "public", true, false).await; create_repo_with_visibility(&app, &owner_token, "secret", true, true).await; create_user_as_admin(&app, &owner_token, "outsider").await; let outsider_token = login(&app, "outsider").await.token; let anonymous_repos = list_user_repositories(&app, None, "owner", "").await; assert_eq!(anonymous_repos.len(), 1); assert_eq!(anonymous_repos[0].repo.name, "public"); assert_eq!(anonymous_repos[0].permission.mode, AccessMode::Read); let outsider_repos = list_user_repositories(&app, Some(&outsider_token), "owner", "").await; assert_eq!(outsider_repos.len(), 1); assert_eq!(outsider_repos[0].repo.name, "public"); assert!(outsider_repos[0].permission.can_read); assert!(!outsider_repos[0].permission.can_write); let owner_repos = list_user_repositories(&app, Some(&owner_token), "owner", "").await; assert_eq!(owner_repos.len(), 2); assert!(owner_repos.iter().any(|repo| repo.repo.name == "secret")); assert!(owner_repos.iter().all(|repo| repo.permission.is_owner)); } #[actix_web::test] async fn current_user_repo_list_includes_visible_repositories() { let env = TestEnv::new("current-user-repos"); let app = env.app().await; create_user(&app, "alice").await; let alice_token = login(&app, "alice").await.token; create_repo_with_visibility(&app, &alice_token, "own-public", true, false).await; create_repo_with_visibility(&app, &alice_token, "own-private", true, true).await; create_user_as_admin(&app, &alice_token, "bob").await; let bob_token = login(&app, "bob").await.token; create_repo_with_visibility(&app, &bob_token, "bob-public", true, false).await; create_repo_with_visibility(&app, &bob_token, "bob-shared", true, true).await; add_collaborator(&app, &bob_token, "bob", "bob-shared", "alice", "read").await; let repos = list_current_user_repositories(&app, &alice_token, "").await; assert_eq!(repos.len(), 4); assert!(repos.iter().any(|repo| { repo.owner.name == "alice" && repo.repo.name == "own-private" && repo.permission.is_owner })); assert!(repos.iter().any(|repo| { repo.owner.name == "bob" && repo.repo.name == "bob-public" && repo.permission.can_read && !repo.permission.can_write })); assert!(repos.iter().any(|repo| { repo.owner.name == "bob" && repo.repo.name == "bob-shared" && repo.permission.can_read && !repo.permission.can_write })); } #[actix_web::test] async fn repository_search_filters_to_visible_results() { let env = TestEnv::new("search-repos"); let app = env.app().await; create_user(&app, "searcher").await; let searcher_token = login(&app, "searcher").await.token; create_user_as_admin(&app, &searcher_token, "owner").await; let owner_token = login(&app, "owner").await.token; create_repo_with_visibility(&app, &owner_token, "rust-public", true, false).await; create_repo_with_visibility(&app, &owner_token, "python-public", true, false).await; create_repo_with_visibility(&app, &owner_token, "rust-secret", true, true).await; add_collaborator(&app, &owner_token, "owner", "rust-secret", "searcher", "read").await; let anonymous = search_repositories(&app, None, "rust").await; assert_eq!(anonymous.len(), 1); assert_eq!(anonymous[0].repo.name, "rust-public"); let authed = search_repositories(&app, Some(&searcher_token), "rust").await; assert_eq!(authed.len(), 2); assert!(authed.iter().any(|repo| repo.repo.name == "rust-public")); assert!(authed.iter().any(|repo| repo.repo.name == "rust-secret")); } #[actix_web::test] async fn invalid_collaborator_permission_is_rejected() { let env = TestEnv::new("invalid-collab-permission"); let app = env.app().await; create_user(&app, "owner").await; let owner_token = login(&app, "owner").await.token; create_user_as_admin(&app, &owner_token, "guest").await; create_repo_with_visibility(&app, &owner_token, "shared", true, true).await; let request = test::TestRequest::post() .uri("/api/repos/owner/shared/collaborators") .insert_header(("authorization", format!("Bearer {owner_token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"username":"guest","permission":"super"}"#) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::BAD_REQUEST); } #[actix_web::test] async fn collaborator_list_and_check_return_expected_permissions() { let env = TestEnv::new("list-collaborators"); let app = env.app().await; create_user(&app, "owner").await; let owner_token = login(&app, "owner").await.token; create_user_as_admin(&app, &owner_token, "reader").await; create_user_as_admin(&app, &owner_token, "adminer").await; create_repo_with_visibility(&app, &owner_token, "shared", true, true).await; add_collaborator(&app, &owner_token, "owner", "shared", "reader", "read").await; add_collaborator(&app, &owner_token, "owner", "shared", "adminer", "admin").await; let collaborators = list_collaborators(&app, Some(&owner_token), "owner", "shared").await; assert_eq!(collaborators.len(), 2); assert_eq!(collaborators[0].user.name, "adminer"); assert_eq!(collaborators[1].user.name, "reader"); let reader = get_collaborator(&app, Some(&owner_token), "owner", "shared", "reader").await; assert_eq!(reader.user.name, "reader"); assert_eq!(format!("{:?}", reader.mode), "Read"); } #[actix_web::test] async fn private_collaborator_endpoints_are_not_visible_without_access() { let env = TestEnv::new("private-collaborator-opaque"); let app = env.app().await; create_user(&app, "owner").await; let owner_token = login(&app, "owner").await.token; create_repo_with_visibility(&app, &owner_token, "secret", true, true).await; create_user_as_admin(&app, &owner_token, "outsider").await; let outsider_token = login(&app, "outsider").await.token; let list = test::TestRequest::get() .uri("/api/repos/owner/secret/collaborators") .insert_header(("authorization", format!("Bearer {outsider_token}"))) .to_request(); let list_response = test::call_service(&app, list).await; assert_eq!(list_response.status(), StatusCode::NOT_FOUND); let get = test::TestRequest::get() .uri("/api/repos/owner/secret/collaborators/outsider") .insert_header(("authorization", format!("Bearer {outsider_token}"))) .to_request(); let get_response = test::call_service(&app, get).await; assert_eq!(get_response.status(), StatusCode::NOT_FOUND); } #[actix_web::test] async fn public_git_info_refs_allows_anonymous_pull() { let env = TestEnv::new("public-git-http"); let app = env.app().await; create_user(&app, "ivan").await; let token = login(&app, "ivan").await.token; create_repo_with_visibility(&app, &token, "public", true, false).await; let request = test::TestRequest::get() .uri("/ivan/public.git/info/refs?service=git-upload-pack") .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::OK); assert_eq!( response .headers() .get("content-type") .and_then(|v| v.to_str().ok()), Some("application/x-git-upload-pack-advertisement") ); } #[actix_web::test] async fn private_git_info_refs_requires_basic_auth() { let env = TestEnv::new("private-git-http"); let app = env.app().await; create_user(&app, "judy").await; let token = login(&app, "judy").await.token; create_repo_with_visibility(&app, &token, "private", true, true).await; let unauthenticated = test::TestRequest::get() .uri("/judy/private.git/info/refs?service=git-upload-pack") .to_request(); let unauthenticated_response = test::call_service(&app, unauthenticated).await; assert_eq!(unauthenticated_response.status(), StatusCode::UNAUTHORIZED); let basic = basic_auth_header("judy", "password123"); let authenticated = test::TestRequest::get() .uri("/judy/private.git/info/refs?service=git-upload-pack") .insert_header(("authorization", basic)) .to_request(); let authenticated_response = test::call_service(&app, authenticated).await; assert_eq!(authenticated_response.status(), StatusCode::OK); } #[actix_web::test] async fn private_git_info_refs_allows_read_collaborator() { let env = TestEnv::new("private-collab-read"); let app = env.app().await; create_user(&app, "kate").await; let owner_token = login(&app, "kate").await.token; create_user_as_admin(&app, &owner_token, "louis").await; create_repo_with_visibility(&app, &owner_token, "shared", true, true).await; add_collaborator(&app, &owner_token, "kate", "shared", "louis", "read").await; let collaborator = test::TestRequest::get() .uri("/kate/shared.git/info/refs?service=git-upload-pack") .insert_header(("authorization", basic_auth_header("louis", "password123"))) .to_request(); let collaborator_response = test::call_service(&app, collaborator).await; assert_eq!(collaborator_response.status(), StatusCode::OK); } #[actix_web::test] async fn read_collaborator_cannot_advertise_receive_pack() { let env = TestEnv::new("private-collab-read-no-push"); let app = env.app().await; create_user(&app, "mike").await; let owner_token = login(&app, "mike").await.token; create_user_as_admin(&app, &owner_token, "nina").await; create_repo_with_visibility(&app, &owner_token, "shared", true, true).await; add_collaborator(&app, &owner_token, "mike", "shared", "nina", "read").await; let collaborator = test::TestRequest::get() .uri("/mike/shared.git/info/refs?service=git-receive-pack") .insert_header(("authorization", basic_auth_header("nina", "password123"))) .to_request(); let collaborator_response = test::call_service(&app, collaborator).await; assert_eq!(collaborator_response.status(), StatusCode::FORBIDDEN); } #[actix_web::test] async fn fork_repository_clones_base_repo() { let env = TestEnv::new("fork-repository"); let app = env.app().await; create_user(&app, "olivia").await; let owner_token = login(&app, "olivia").await.token; create_user_as_admin(&app, &owner_token, "peter").await; let forker_token = login(&app, "peter").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; let request = test::TestRequest::post() .uri("/api/repos/olivia/origin/forks") .insert_header(("authorization", format!("Bearer {forker_token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"name":"origin-fork","description":"forked"}"#) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::OK); let fork_path = env.repo_path("peter", "origin-fork"); assert!(fork_path.exists()); let head = git(&fork_path, &["rev-parse", "refs/heads/main"]); assert_eq!(head.len(), 40); } #[actix_web::test] async fn list_branches_returns_main_branch() { let env = TestEnv::new("list-branches"); let app = env.app().await; create_user(&app, "quinn").await; let token = login(&app, "quinn").await.token; create_repo_with_visibility(&app, &token, "branches", true, false).await; let request = test::TestRequest::get() .uri("/api/repos/quinn/branches/branches") .insert_header(("authorization", format!("Bearer {token}"))) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::OK); let branches: Vec = test::read_body_json(response).await; assert!(branches.iter().any(|branch| branch.name == "main")); } #[actix_web::test] async fn create_pull_request_from_fork_succeeds() { let env = TestEnv::new("create-pr"); let app = env.app().await; create_user(&app, "rachel").await; let owner_token = login(&app, "rachel").await.token; create_user_as_admin(&app, &owner_token, "sam").await; let forker_token = login(&app, "sam").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "rachel", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("sam", "origin-fork"), "main", "feature-one", "sam", "sam@example.com", "feature.txt", "hello from fork\n", ); let pull = create_pull_request( &app, &forker_token, "rachel", "origin", "sam", "origin-fork", "feature-one", "main", "Add feature one", ) .await; assert_eq!(pull.base_repo.owner.name, "rachel"); assert_eq!(pull.base_repo.repo.name, "origin"); assert_eq!(pull.head_repo.owner.name, "sam"); assert_eq!(pull.head_repo.repo.name, "origin-fork"); assert_eq!(pull.pull_request.index, 1); assert_eq!(pull.pull_request.head_branch, "feature-one"); assert_eq!(pull.pull_request.base_branch, "main"); assert_eq!(pull.pull_request.status, PullRequestStatus::Mergeable); assert!(!pull.pull_request.merge_base.is_empty()); } #[actix_web::test] async fn compare_endpoint_returns_commit_and_file_stats() { let env = TestEnv::new("compare-pr"); let app = env.app().await; create_user(&app, "rhea").await; let owner_token = login(&app, "rhea").await.token; create_user_as_admin(&app, &owner_token, "sora").await; let forker_token = login(&app, "sora").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "rhea", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("sora", "origin-fork"), "main", "feature-compare", "sora", "sora@example.com", "compare.txt", "compare body\n", ); let compare = compare_repositories( &app, &forker_token, "rhea", "origin", "main", "sora", "origin-fork", "feature-compare", ) .await; assert_eq!(compare.base_branch, "main"); assert_eq!(compare.head_branch, "feature-compare"); assert_eq!(compare.status, PullRequestStatus::Mergeable); assert_eq!(compare.commits.len(), 1); assert_eq!(compare.files.len(), 1); assert_eq!(compare.files[0].path, "compare.txt"); assert!(!compare.head_commit_id.is_empty()); assert!(!compare.merge_base.is_empty()); } #[actix_web::test] async fn duplicate_unmerged_pull_request_is_rejected() { let env = TestEnv::new("duplicate-pr"); let app = env.app().await; create_user(&app, "tina").await; let owner_token = login(&app, "tina").await.token; create_user_as_admin(&app, &owner_token, "uma").await; let forker_token = login(&app, "uma").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "tina", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("uma", "origin-fork"), "main", "feature-one", "uma", "uma@example.com", "feature.txt", "duplicate pr check\n", ); let _ = create_pull_request( &app, &forker_token, "tina", "origin", "uma", "origin-fork", "feature-one", "main", "First PR", ) .await; let request = test::TestRequest::post() .uri("/api/repos/tina/origin/pulls") .insert_header(("authorization", format!("Bearer {forker_token}"))) .insert_header(("content-type", "application/json")) .set_payload( r#"{"head_owner":"uma","head_repo":"origin-fork","head_branch":"feature-one","base_branch":"main","title":"First PR","body":""}"#, ) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::CONFLICT); } #[actix_web::test] async fn list_pull_requests_returns_created_pull_request() { let env = TestEnv::new("list-prs"); let app = env.app().await; create_user(&app, "victor").await; let owner_token = login(&app, "victor").await.token; create_user_as_admin(&app, &owner_token, "wendy").await; let forker_token = login(&app, "wendy").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "victor", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("wendy", "origin-fork"), "main", "feature-list", "wendy", "wendy@example.com", "list.txt", "list pull requests\n", ); let created = create_pull_request( &app, &forker_token, "victor", "origin", "wendy", "origin-fork", "feature-list", "main", "List PR", ) .await; let request = test::TestRequest::get() .uri("/api/repos/victor/origin/pulls") .insert_header(("authorization", format!("Bearer {owner_token}"))) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::OK); let pulls: Vec = test::read_body_json(response).await; assert_eq!(pulls.len(), 1); assert_eq!(pulls[0].pull_request.id, created.pull_request.id); assert_eq!(pulls[0].pull_request.title, "List PR"); assert_eq!(pulls[0].head_repo.repo.name, "origin-fork"); } #[actix_web::test] async fn get_pull_request_detail_returns_compare_payload() { let env = TestEnv::new("pr-detail"); let app = env.app().await; create_user(&app, "trent").await; let owner_token = login(&app, "trent").await.token; create_user_as_admin(&app, &owner_token, "ursula").await; let forker_token = login(&app, "ursula").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "trent", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("ursula", "origin-fork"), "main", "feature-detail", "ursula", "ursula@example.com", "detail.txt", "detail body\n", ); let created = create_pull_request( &app, &forker_token, "trent", "origin", "ursula", "origin-fork", "feature-detail", "main", "Detail PR", ) .await; let detail = get_pull_request(&app, &owner_token, "trent", "origin", 1).await; assert_eq!(detail.pull_request.id, created.pull_request.id); assert_eq!(detail.pull_request.title, "Detail PR"); assert_eq!(detail.compare.status, PullRequestStatus::Mergeable); assert_eq!(detail.compare.commits.len(), 1); assert_eq!(detail.compare.files.len(), 1); assert_eq!(detail.compare.files[0].path, "detail.txt"); } #[actix_web::test] async fn merge_pull_request_updates_base_branch() { let env = TestEnv::new("merge-pr"); let app = env.app().await; create_user(&app, "xavier").await; let owner_token = login(&app, "xavier").await.token; create_user_as_admin(&app, &owner_token, "yara").await; let forker_token = login(&app, "yara").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "xavier", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("yara", "origin-fork"), "main", "feature-merge", "yara", "yara@example.com", "merged.txt", "merged by pr\n", ); let created = create_pull_request( &app, &forker_token, "xavier", "origin", "yara", "origin-fork", "feature-merge", "main", "Merge PR", ) .await; let merged = merge_pull_request(&app, &owner_token, "xavier", "origin", 1).await; assert_eq!(merged.pull_request.id, created.pull_request.id); assert!(merged.pull_request.has_merged); assert!(merged.pull_request.is_closed); let merged_file = git( &env.repo_path("xavier", "origin"), &["show", "refs/heads/main:merged.txt"], ); assert_eq!(merged_file, "merged by pr"); } #[actix_web::test] async fn merged_pull_request_detail_excludes_base_only_commits() { let env = TestEnv::new("merged-pr-compare"); let app = env.app().await; create_user(&app, "owner").await; let owner_token = login(&app, "owner").await.token; create_user_as_admin(&app, &owner_token, "forker").await; let forker_token = login(&app, "forker").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "owner", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("forker", "origin-fork"), "main", "feature-merged", "forker", "forker@example.com", "feature.txt", "feature body\n", ); let _ = create_pull_request( &app, &forker_token, "owner", "origin", "forker", "origin-fork", "feature-merged", "main", "Merged PR", ) .await; push_commit_to_existing_branch( &env.repo_path("owner", "origin"), "main", "owner", "owner@example.com", "base.txt", "base only\n", ); let merged = merge_pull_request(&app, &owner_token, "owner", "origin", 1).await; assert!(merged.pull_request.has_merged); let detail = get_pull_request(&app, &owner_token, "owner", "origin", 1).await; assert_eq!(detail.compare.commits.len(), 1); assert_eq!(detail.compare.files.len(), 1); assert_eq!(detail.compare.files[0].path, "feature.txt"); } #[actix_web::test] async fn pull_request_poster_can_close_and_reopen() { let env = TestEnv::new("close-reopen-pr"); let app = env.app().await; create_user(&app, "zoe").await; let owner_token = login(&app, "zoe").await.token; create_user_as_admin(&app, &owner_token, "abby").await; let forker_token = login(&app, "abby").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "zoe", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("abby", "origin-fork"), "main", "feature-close", "abby", "abby@example.com", "close.txt", "close reopen\n", ); let created = create_pull_request( &app, &forker_token, "zoe", "origin", "abby", "origin-fork", "feature-close", "main", "Close PR", ) .await; assert!(!created.pull_request.is_closed); let closed = close_pull_request(&app, &forker_token, "zoe", "origin", 1).await; assert!(closed.pull_request.is_closed); assert!(!closed.pull_request.has_merged); let reopened = reopen_pull_request(&app, &forker_token, "zoe", "origin", 1).await; assert!(!reopened.pull_request.is_closed); assert_eq!(reopened.pull_request.status, PullRequestStatus::Mergeable); } #[actix_web::test] async fn reopen_pull_request_rejects_duplicate_open_pair() { let env = TestEnv::new("reopen-duplicate-pr"); let app = env.app().await; create_user(&app, "brad").await; let owner_token = login(&app, "brad").await.token; create_user_as_admin(&app, &owner_token, "cora").await; let forker_token = login(&app, "cora").await.token; create_repo_with_visibility(&app, &owner_token, "origin", true, false).await; fork_repo(&app, &forker_token, "brad", "origin", "origin-fork").await; push_commit_to_branch( &env.repo_path("cora", "origin-fork"), "main", "feature-dup", "cora", "cora@example.com", "dup.txt", "duplicate reopen\n", ); let _ = create_pull_request( &app, &forker_token, "brad", "origin", "cora", "origin-fork", "feature-dup", "main", "Closed PR", ) .await; let _ = close_pull_request(&app, &forker_token, "brad", "origin", 1).await; let _ = create_pull_request( &app, &forker_token, "brad", "origin", "cora", "origin-fork", "feature-dup", "main", "Open PR", ) .await; let request = test::TestRequest::post() .uri("/api/repos/brad/origin/pulls/1/reopen") .insert_header(("authorization", format!("Bearer {forker_token}"))) .to_request(); let response = test::call_service(&app, request).await; assert_eq!(response.status(), StatusCode::CONFLICT); } async fn create_user(app: &S, username: &str) -> ApiUser where S: Service, Error = actix_web::Error>, { let email = format!("{username}@example.com"); let body = format!( r#"{{"username":"{username}","email":"{email}","password":"password123","full_name":"{username}"}}"# ); let request = test::TestRequest::post() .uri("/api/admin/users") .insert_header(("content-type", "application/json")) .set_payload(body) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn create_user_as_admin(app: &S, admin_token: &str, username: &str) -> ApiUser where S: Service, Error = actix_web::Error>, { let email = format!("{username}@example.com"); let body = format!( r#"{{"username":"{username}","email":"{email}","password":"password123","full_name":"{username}"}}"# ); let request = test::TestRequest::post() .uri("/api/admin/users") .insert_header(("authorization", format!("Bearer {admin_token}"))) .insert_header(("content-type", "application/json")) .set_payload(body) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn login(app: &S, login: &str) -> ApiLoginResponse where S: Service, Error = actix_web::Error>, { let body = format!(r#"{{"login":"{login}","password":"password123"}}"#); let request = test::TestRequest::post() .uri("/api/user/login") .insert_header(("content-type", "application/json")) .set_payload(body) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn create_repo( app: &S, token: &str, name: &str, auto_init: bool, ) -> ApiRepositoryResponse where S: Service, Error = actix_web::Error>, { create_repo_with_visibility(app, token, name, auto_init, false).await } async fn create_repo_with_visibility( app: &S, token: &str, name: &str, auto_init: bool, is_private: bool, ) -> ApiRepositoryResponse where S: Service, Error = actix_web::Error>, { let body = format!( r#"{{"name":"{name}","description":"repo {name}","auto_init":{auto_init},"is_private":{is_private}}}"# ); let request = test::TestRequest::post() .uri("/api/repos") .insert_header(("authorization", format!("Bearer {token}"))) .insert_header(("content-type", "application/json")) .set_payload(body) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn fork_repo( app: &S, token: &str, owner: &str, repo: &str, fork_name: &str, ) -> ApiRepositoryResponse where S: Service, Error = actix_web::Error>, { let body = format!(r#"{{"name":"{fork_name}","description":"fork {fork_name}"}}"#); let request = test::TestRequest::post() .uri(&format!("/api/repos/{owner}/{repo}/forks")) .insert_header(("authorization", format!("Bearer {token}"))) .insert_header(("content-type", "application/json")) .set_payload(body) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn create_pull_request( app: &S, token: &str, owner: &str, repo: &str, head_owner: &str, head_repo: &str, head_branch: &str, base_branch: &str, title: &str, ) -> ApiPullRequestResponse where S: Service, Error = actix_web::Error>, { let body = format!( r#"{{"head_owner":"{head_owner}","head_repo":"{head_repo}","head_branch":"{head_branch}","base_branch":"{base_branch}","title":"{title}","body":"{title} body"}}"# ); let request = test::TestRequest::post() .uri(&format!("/api/repos/{owner}/{repo}/pulls")) .insert_header(("authorization", format!("Bearer {token}"))) .insert_header(("content-type", "application/json")) .set_payload(body) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn compare_repositories( app: &S, token: &str, owner: &str, repo: &str, base: &str, head_owner: &str, head_repo: &str, head_branch: &str, ) -> CompareResponse where S: Service, Error = actix_web::Error>, { let request = test::TestRequest::get() .uri(&format!( "/api/repos/{owner}/{repo}/compare?base={base}&head_owner={head_owner}&head_repo={head_repo}&head_branch={head_branch}" )) .insert_header(("authorization", format!("Bearer {token}"))) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn get_pull_request( app: &S, token: &str, owner: &str, repo: &str, index: i64, ) -> ApiPullRequestDetailResponse where S: Service, Error = actix_web::Error>, { let request = test::TestRequest::get() .uri(&format!("/api/repos/{owner}/{repo}/pulls/{index}")) .insert_header(("authorization", format!("Bearer {token}"))) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn merge_pull_request( app: &S, token: &str, owner: &str, repo: &str, index: i64, ) -> ApiPullRequestResponse where S: Service, Error = actix_web::Error>, { let request = test::TestRequest::post() .uri(&format!("/api/repos/{owner}/{repo}/pulls/{index}/merge")) .insert_header(("authorization", format!("Bearer {token}"))) .insert_header(("content-type", "application/json")) .set_payload(r#"{"message":""}"#) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn close_pull_request( app: &S, token: &str, owner: &str, repo: &str, index: i64, ) -> ApiPullRequestResponse where S: Service, Error = actix_web::Error>, { let request = test::TestRequest::post() .uri(&format!("/api/repos/{owner}/{repo}/pulls/{index}/close")) .insert_header(("authorization", format!("Bearer {token}"))) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn reopen_pull_request( app: &S, token: &str, owner: &str, repo: &str, index: i64, ) -> ApiPullRequestResponse where S: Service, Error = actix_web::Error>, { let request = test::TestRequest::post() .uri(&format!("/api/repos/{owner}/{repo}/pulls/{index}/reopen")) .insert_header(("authorization", format!("Bearer {token}"))) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } fn basic_auth_header(username: &str, password: &str) -> String { format!("Basic {}", encode_base64(&format!("{username}:{password}"))) } async fn add_collaborator( app: &S, owner_token: &str, owner: &str, repo: &str, username: &str, permission: &str, ) where S: Service, Error = actix_web::Error>, { let body = format!(r#"{{"username":"{username}","permission":"{permission}"}}"#); let request = test::TestRequest::post() .uri(&format!("/api/repos/{owner}/{repo}/collaborators")) .insert_header(("authorization", format!("Bearer {owner_token}"))) .insert_header(("content-type", "application/json")) .set_payload(body) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); } async fn assert_error_response( response: ServiceResponse, expected_status: StatusCode, expected_code: &str, expected_message: &str, ) { assert_eq!(response.status(), expected_status); let body: Value = test::read_body_json(response).await; assert_eq!(body.get("code").and_then(Value::as_str), Some(expected_code)); assert_eq!( body.get("message").and_then(Value::as_str), Some(expected_message) ); assert_eq!( body.get("status").and_then(Value::as_u64), Some(expected_status.as_u16() as u64) ); } async fn list_current_user_repositories( app: &S, token: &str, query: &str, ) -> Vec where S: Service, Error = actix_web::Error>, { let request = test::TestRequest::get() .uri(&format!("/api/user/repos?q={query}")) .insert_header(("authorization", format!("Bearer {token}"))) .to_request(); let response = test::call_service(app, request).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn list_user_repositories( app: &S, token: Option<&str>, username: &str, query: &str, ) -> Vec where S: Service, Error = actix_web::Error>, { let mut request = test::TestRequest::get().uri(&format!("/api/users/{username}/repos?q={query}")); if let Some(token) = token { request = request.insert_header(("authorization", format!("Bearer {token}"))); } let response = test::call_service(app, request.to_request()).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn search_repositories( app: &S, token: Option<&str>, query: &str, ) -> Vec where S: Service, Error = actix_web::Error>, { let mut request = test::TestRequest::get().uri(&format!("/api/repos/search?q={query}")); if let Some(token) = token { request = request.insert_header(("authorization", format!("Bearer {token}"))); } let response = test::call_service(app, request.to_request()).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn list_collaborators( app: &S, token: Option<&str>, owner: &str, repo: &str, ) -> Vec where S: Service, Error = actix_web::Error>, { let mut request = test::TestRequest::get().uri(&format!("/api/repos/{owner}/{repo}/collaborators")); if let Some(token) = token { request = request.insert_header(("authorization", format!("Bearer {token}"))); } let response = test::call_service(app, request.to_request()).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } async fn get_collaborator( app: &S, token: Option<&str>, owner: &str, repo: &str, username: &str, ) -> ApiCollaboratorResponse where S: Service, Error = actix_web::Error>, { let mut request = test::TestRequest::get() .uri(&format!("/api/repos/{owner}/{repo}/collaborators/{username}")); if let Some(token) = token { request = request.insert_header(("authorization", format!("Bearer {token}"))); } let response = test::call_service(app, request.to_request()).await; assert_eq!(response.status(), StatusCode::OK); test::read_body_json(response).await } fn encode_base64(input: &str) -> String { const TABLE: &[u8; 64] = b"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; let bytes = input.as_bytes(); let mut out = String::new(); let mut index = 0; while index < bytes.len() { let b0 = bytes[index]; let b1 = *bytes.get(index + 1).unwrap_or(&0); let b2 = *bytes.get(index + 2).unwrap_or(&0); out.push(TABLE[(b0 >> 2) as usize] as char); out.push(TABLE[((b0 & 0b0000_0011) << 4 | (b1 >> 4)) as usize] as char); if index + 1 < bytes.len() { out.push(TABLE[((b1 & 0b0000_1111) << 2 | (b2 >> 6)) as usize] as char); } else { out.push('='); } if index + 2 < bytes.len() { out.push(TABLE[(b2 & 0b0011_1111) as usize] as char); } else { out.push('='); } index += 3; } out } fn git(repo_path: &Path, args: &[&str]) -> String { let output = Command::new("git") .arg("--git-dir") .arg(repo_path) .args(args) .output() .expect("run git"); assert!( output.status.success(), "git command failed: {}", String::from_utf8_lossy(&output.stderr) ); String::from_utf8_lossy(&output.stdout).trim().to_string() } fn push_commit_to_branch( repo_path: &Path, base_branch: &str, branch: &str, author_name: &str, author_email: &str, file_name: &str, content: &str, ) { let unique = SystemTime::now() .duration_since(UNIX_EPOCH) .expect("clock") .as_nanos(); let worktree = std::env::temp_dir().join(format!("gitr-pr-work-{branch}-{unique}")); let _ = fs::remove_dir_all(&worktree); let clone = Command::new("git") .arg("clone") .arg(repo_path) .arg(&worktree) .output() .expect("clone repo"); assert!( clone.status.success(), "git clone failed: {}", String::from_utf8_lossy(&clone.stderr) ); let checkout = Command::new("git") .current_dir(&worktree) .arg("checkout") .arg("-b") .arg(branch) .arg(format!("origin/{base_branch}")) .output() .expect("checkout branch"); assert!( checkout.status.success(), "git checkout failed: {}", String::from_utf8_lossy(&checkout.stderr) ); fs::write(worktree.join(file_name), content).expect("write test file"); let add = Command::new("git") .current_dir(&worktree) .arg("add") .arg(file_name) .output() .expect("git add"); assert!( add.status.success(), "git add failed: {}", String::from_utf8_lossy(&add.stderr) ); let commit = Command::new("git") .current_dir(&worktree) .env("GIT_AUTHOR_NAME", author_name) .env("GIT_AUTHOR_EMAIL", author_email) .env("GIT_COMMITTER_NAME", author_name) .env("GIT_COMMITTER_EMAIL", author_email) .arg("commit") .arg("-m") .arg(format!("Add {file_name}")) .output() .expect("git commit"); assert!( commit.status.success(), "git commit failed: {}", String::from_utf8_lossy(&commit.stderr) ); let push = Command::new("git") .current_dir(&worktree) .arg("push") .arg("origin") .arg(format!("HEAD:refs/heads/{branch}")) .output() .expect("git push"); assert!( push.status.success(), "git push failed: {}", String::from_utf8_lossy(&push.stderr) ); let _ = fs::remove_dir_all(&worktree); } fn push_commit_to_existing_branch( repo_path: &Path, branch: &str, author_name: &str, author_email: &str, file_name: &str, content: &str, ) { let unique = SystemTime::now() .duration_since(UNIX_EPOCH) .expect("clock") .as_nanos(); let worktree = std::env::temp_dir().join(format!("gitr-base-work-{branch}-{unique}")); let _ = fs::remove_dir_all(&worktree); let clone = Command::new("git") .arg("clone") .arg(repo_path) .arg(&worktree) .output() .expect("clone repo"); assert!( clone.status.success(), "git clone failed: {}", String::from_utf8_lossy(&clone.stderr) ); let checkout = Command::new("git") .current_dir(&worktree) .arg("checkout") .arg(branch) .output() .expect("checkout branch"); assert!( checkout.status.success(), "git checkout failed: {}", String::from_utf8_lossy(&checkout.stderr) ); fs::write(worktree.join(file_name), content).expect("write test file"); let add = Command::new("git") .current_dir(&worktree) .arg("add") .arg(file_name) .output() .expect("git add"); assert!( add.status.success(), "git add failed: {}", String::from_utf8_lossy(&add.stderr) ); let commit = Command::new("git") .current_dir(&worktree) .env("GIT_AUTHOR_NAME", author_name) .env("GIT_AUTHOR_EMAIL", author_email) .env("GIT_COMMITTER_NAME", author_name) .env("GIT_COMMITTER_EMAIL", author_email) .arg("commit") .arg("-m") .arg(format!("Add {file_name}")) .output() .expect("git commit"); assert!( commit.status.success(), "git commit failed: {}", String::from_utf8_lossy(&commit.stderr) ); let push = Command::new("git") .current_dir(&worktree) .arg("push") .arg("origin") .arg(format!("HEAD:refs/heads/{branch}")) .output() .expect("git push"); assert!( push.status.success(), "git push failed: {}", String::from_utf8_lossy(&push.stderr) ); let _ = fs::remove_dir_all(&worktree); } struct TestEnv { root: PathBuf, } impl TestEnv { fn new(label: &str) -> Self { let unique = SystemTime::now() .duration_since(UNIX_EPOCH) .expect("clock") .as_nanos(); let root = std::env::temp_dir().join(format!("gitr-test-{label}-{unique}")); fs::create_dir_all(&root).expect("create temp root"); Self { root } } async fn app( &self, ) -> impl Service, Error = actix_web::Error> { self.app_with_git_binary("git").await } async fn app_with_git_binary( &self, git_binary: &str, ) -> impl Service, Error = actix_web::Error> { let database_path = self.root.join("data").join("gitr.db"); let repository_root = self.root.join("data").join("repositories"); fs::create_dir_all(&repository_root).expect("repo root"); let config = AppConfig { server: ServerConfig { bind: "127.0.0.1:0".to_string(), external_url: "http://127.0.0.1:3000/".to_string(), }, database: DatabaseConfig { path: database_path, }, repository: RepositoryConfig { root: repository_root, default_branch: "main".to_string(), git_binary: git_binary.to_string(), }, app: CoreAppConfig { run_user: "git".to_string(), }, }; config.prepare().expect("prepare config"); let db = Database::open(&config.database.path).expect("open db"); db.init_schema().expect("init schema"); test::init_service(App::new().service(build_scope(Arc::new(AppState::new(config, db))))) .await } fn repo_path(&self, owner: &str, repo: &str) -> PathBuf { self.root .join("data") .join("repositories") .join(owner) .join(format!("{repo}.git")) } } impl Drop for TestEnv { fn drop(&mut self) { let _ = fs::remove_dir_all(&self.root); } }