woodpecker/server/remote/bitbucket/bitbucket_test.go

// Copyright 2022 Woodpecker Authors
// Copyright 2018 Drone.IO Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package bitbucket

import (
	"bytes"
	"context"
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/franela/goblin"
	"github.com/gin-gonic/gin"

	"github.com/woodpecker-ci/woodpecker/server/model"
	"github.com/woodpecker-ci/woodpecker/server/remote/bitbucket/fixtures"
	"github.com/woodpecker-ci/woodpecker/server/remote/bitbucket/internal"
)

func Test_bitbucket(t *testing.T) {
	gin.SetMode(gin.TestMode)

	s := httptest.NewServer(fixtures.Handler())
	c := &config{URL: s.URL, API: s.URL}

	g := goblin.Goblin(t)
	ctx := context.Background()
	g.Describe("Bitbucket client", func() {
		g.After(func() {
			s.Close()
		})

		g.It("Should return client with default endpoint", func() {
			remote, _ := New(&Opts{Client: "4vyW6b49Z", Secret: "a5012f6c6"})
			g.Assert(remote.(*config).URL).Equal(DefaultURL)
			g.Assert(remote.(*config).API).Equal(DefaultAPI)
			g.Assert(remote.(*config).Client).Equal("4vyW6b49Z")
			g.Assert(remote.(*config).Secret).Equal("a5012f6c6")
		})

		g.It("Should return the netrc file", func() {
			remote, _ := New(&Opts{})
			netrc, _ := remote.Netrc(fakeUser, fakeRepo)
			g.Assert(netrc.Machine).Equal("bitbucket.org")
			g.Assert(netrc.Login).Equal("x-token-auth")
			g.Assert(netrc.Password).Equal(fakeUser.Token)
		})

		g.Describe("Given an authorization request", func() {
			g.It("Should redirect to authorize", func() {
				w := httptest.NewRecorder()
				r, _ := http.NewRequest("GET", "", nil)
				_, err := c.Login(ctx, w, r)
				g.Assert(err).IsNil()
				g.Assert(w.Code).Equal(http.StatusSeeOther)
			})
			g.It("Should return authenticated user", func() {
				r, _ := http.NewRequest("GET", "?code=code", nil)
				u, err := c.Login(ctx, nil, r)
				g.Assert(err).IsNil()
				g.Assert(u.Login).Equal(fakeUser.Login)
				g.Assert(u.Token).Equal("2YotnFZFEjr1zCsicMWpAA")
				g.Assert(u.Secret).Equal("tGzv3JOkF0XG5Qx2TlKWIA")
			})
			g.It("Should handle failure to exchange code", func() {
				w := httptest.NewRecorder()
				r, _ := http.NewRequest("GET", "?code=code_bad_request", nil)
				_, err := c.Login(ctx, w, r)
				g.Assert(err).IsNotNil()
			})
			g.It("Should handle failure to resolve user", func() {
				r, _ := http.NewRequest("GET", "?code=code_user_not_found", nil)
				_, err := c.Login(ctx, nil, r)
				g.Assert(err).IsNotNil()
			})
			g.It("Should handle authentication errors", func() {
				r, _ := http.NewRequest("GET", "?error=invalid_scope", nil)
				_, err := c.Login(ctx, nil, r)
				g.Assert(err).IsNotNil()
			})
		})

		g.Describe("Given an access token", func() {
			g.It("Should return the authenticated user", func() {
				login, err := c.Auth(ctx, fakeUser.Token, fakeUser.Secret)
				g.Assert(err).IsNil()
				g.Assert(login).Equal(fakeUser.Login)
			})
			g.It("Should handle a failure to resolve user", func() {
				_, err := c.Auth(ctx, fakeUserNotFound.Token, fakeUserNotFound.Secret)
				g.Assert(err).IsNotNil()
			})
		})

		g.Describe("Given a refresh token", func() {
			g.It("Should return a refresh access token", func() {
				ok, err := c.Refresh(ctx, fakeUserRefresh)
				g.Assert(err).IsNil()
				g.Assert(ok).IsTrue()
				g.Assert(fakeUserRefresh.Token).Equal("2YotnFZFEjr1zCsicMWpAA")
				g.Assert(fakeUserRefresh.Secret).Equal("tGzv3JOkF0XG5Qx2TlKWIA")
			})
			g.It("Should handle an empty access token", func() {
				ok, err := c.Refresh(ctx, fakeUserRefreshEmpty)
				g.Assert(err).IsNotNil()
				g.Assert(ok).IsFalse()
			})
			g.It("Should handle a failure to refresh", func() {
				ok, err := c.Refresh(ctx, fakeUserRefreshFail)
				g.Assert(err).IsNotNil()
				g.Assert(ok).IsFalse()
			})
		})

		g.Describe("When requesting a repository", func() {
			g.It("Should return the details", func() {
				repo, err := c.Repo(ctx, fakeUser, "", fakeRepo.Owner, fakeRepo.Name)
				g.Assert(err).IsNil()
				g.Assert(repo.FullName).Equal(fakeRepo.FullName)
			})
			g.It("Should handle not found errors", func() {
				_, err := c.Repo(ctx, fakeUser, "", fakeRepoNotFound.Owner, fakeRepoNotFound.Name)
				g.Assert(err).IsNotNil()
			})
		})

		g.Describe("When requesting repository permissions", func() {
			g.It("Should handle not found errors", func() {
				_, err := c.Perm(ctx, fakeUser, fakeRepoNotFound)
				g.Assert(err).IsNotNil()
			})
			g.It("Should authorize read access", func() {
				perm, err := c.Perm(ctx, fakeUser, fakeRepoReadOnly)
				g.Assert(err).IsNil()
				g.Assert(perm.Pull).IsTrue()
				g.Assert(perm.Push).IsFalse()
				g.Assert(perm.Admin).IsFalse()
			})
			g.It("Should authorize write access", func() {
				perm, err := c.Perm(ctx, fakeUser, fakeRepoWriteOnly)
				g.Assert(err).IsNil()
				g.Assert(perm.Pull).IsTrue()
				g.Assert(perm.Push).IsTrue()
				g.Assert(perm.Admin).IsFalse()
			})
			g.It("Should authorize admin access", func() {
				perm, err := c.Perm(ctx, fakeUser, fakeRepoAdmin)
				g.Assert(err).IsNil()
				g.Assert(perm.Pull).IsTrue()
				g.Assert(perm.Push).IsTrue()
				g.Assert(perm.Admin).IsTrue()
			})
		})

		g.Describe("When requesting user repositories", func() {
			g.It("Should return the details", func() {
				repos, err := c.Repos(ctx, fakeUser)
				g.Assert(err).IsNil()
				g.Assert(repos[0].FullName).Equal(fakeRepo.FullName)
			})
			g.It("Should handle organization not found errors", func() {
				_, err := c.Repos(ctx, fakeUserNoTeams)
				g.Assert(err).IsNotNil()
			})
			g.It("Should handle not found errors", func() {
				_, err := c.Repos(ctx, fakeUserNoRepos)
				g.Assert(err).IsNotNil()
			})
		})

		g.Describe("When requesting user teams", func() {
			g.It("Should return the details", func() {
				teams, err := c.Teams(ctx, fakeUser)
				g.Assert(err).IsNil()
				g.Assert(teams[0].Login).Equal("ueberdev42")
				g.Assert(teams[0].Avatar).Equal("https://bitbucket.org/workspaces/ueberdev42/avatar/?ts=1658761964")
			})
			g.It("Should handle not found error", func() {
				_, err := c.Teams(ctx, fakeUserNoTeams)
				g.Assert(err).IsNotNil()
			})
		})

		g.Describe("When downloading a file", func() {
			g.It("Should return the bytes", func() {
				raw, err := c.File(ctx, fakeUser, fakeRepo, fakePipeline, "file")
				g.Assert(err).IsNil()
				g.Assert(len(raw) != 0).IsTrue()
			})
			g.It("Should handle not found error", func() {
				_, err := c.File(ctx, fakeUser, fakeRepo, fakePipeline, "file_not_found")
				g.Assert(err).IsNotNil()
			})
		})

		g.Describe("When activating a repository", func() {
			g.It("Should error when malformed hook", func() {
				err := c.Activate(ctx, fakeUser, fakeRepo, "%gh&%ij")
				g.Assert(err).IsNotNil()
			})
			g.It("Should create the hook", func() {
				err := c.Activate(ctx, fakeUser, fakeRepo, "http://127.0.0.1")
				g.Assert(err).IsNil()
			})
		})

		g.Describe("When deactivating a repository", func() {
			g.It("Should error when listing hooks fails", func() {
				err := c.Deactivate(ctx, fakeUser, fakeRepoNoHooks, "http://127.0.0.1")
				g.Assert(err).IsNotNil()
			})
			g.It("Should successfully remove hooks", func() {
				err := c.Deactivate(ctx, fakeUser, fakeRepo, "http://127.0.0.1")
				g.Assert(err).IsNil()
			})
			g.It("Should successfully deactivate when hook already removed", func() {
				err := c.Deactivate(ctx, fakeUser, fakeRepoEmptyHook, "http://127.0.0.1")
				g.Assert(err).IsNil()
			})
		})

		g.Describe("Given a list of hooks", func() {
			g.It("Should return the matching hook", func() {
				hooks := []*internal.Hook{
					{URL: "http://127.0.0.1/hook"},
				}
				hook := matchingHooks(hooks, "http://127.0.0.1/")
				g.Assert(hook).Equal(hooks[0])
			})
			g.It("Should handle no matches", func() {
				hooks := []*internal.Hook{
					{URL: "http://localhost/hook"},
				}
				hook := matchingHooks(hooks, "http://127.0.0.1/")
				g.Assert(hook).IsNil()
			})
			g.It("Should handle malformed hook urls", func() {
				var hooks []*internal.Hook
				hook := matchingHooks(hooks, "%gh&%ij")
				g.Assert(hook).IsNil()
			})
		})

		g.It("Should update the status", func() {
			err := c.Status(ctx, fakeUser, fakeRepo, fakePipeline, fakeStep)
			g.Assert(err).IsNil()
		})

		g.It("Should parse the hook", func() {
			buf := bytes.NewBufferString(fixtures.HookPush)
			req, _ := http.NewRequest("POST", "/hook", buf)
			req.Header = http.Header{}
			req.Header.Set(hookEvent, hookPush)

			r, b, err := c.Hook(ctx, req)
			g.Assert(err).IsNil()
			g.Assert(r.FullName).Equal("martinherren1984/publictestrepo")
			g.Assert(b.Commit).Equal("c14c1bb05dfb1fdcdf06b31485fff61b0ea44277")
		})
	})
}

var (
	fakeUser = &model.User{
		Login: "superman",
		Token: "cfcd2084",
	}

	fakeUserRefresh = &model.User{
		Login:  "superman",
		Secret: "cfcd2084",
	}

	fakeUserRefreshFail = &model.User{
		Login:  "superman",
		Secret: "refresh_token_not_found",
	}

	fakeUserRefreshEmpty = &model.User{
		Login:  "superman",
		Secret: "refresh_token_is_empty",
	}

	fakeUserNotFound = &model.User{
		Login: "superman",
		Token: "user_not_found",
	}

	fakeUserNoTeams = &model.User{
		Login: "superman",
		Token: "teams_not_found",
	}

	fakeUserNoRepos = &model.User{
		Login: "superman",
		Token: "repos_not_found",
	}

	fakeRepo = &model.Repo{
		Owner:    "test_name",
		Name:     "repo_name",
		FullName: "test_name/repo_name",
	}

	fakeRepoNotFound = &model.Repo{
		Owner:    "test_name",
		Name:     "repo_not_found",
		FullName: "test_name/repo_not_found",
	}

	fakeRepoNoHooks = &model.Repo{
		Owner:    "test_name",
		Name:     "hooks_not_found",
		FullName: "test_name/hooks_not_found",
	}

	fakeRepoEmptyHook = &model.Repo{
		Owner:    "test_name",
		Name:     "hook_empty",
		FullName: "test_name/hook_empty",
	}

	fakeRepoReadOnly = &model.Repo{
		Owner:    "test_name",
		Name:     "permission_read",
		FullName: "test_name/permission_read",
	}

	fakeRepoWriteOnly = &model.Repo{
		Owner:    "test_name",
		Name:     "permission_write",
		FullName: "test_name/permission_write",
	}

	fakeRepoAdmin = &model.Repo{
		Owner:    "test_name",
		Name:     "permission_admin",
		FullName: "test_name/permission_admin",
	}

	fakePipeline = &model.Pipeline{
		Commit: "9ecad50",
	}

	fakeStep = &model.Step{
		Name:  "test",
		State: model.StatusSuccess,
	}
)