0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-01-06 22:50:15 -05:00
forgejo/modules/validation/binding_test.go
Rowan Bohde 2e00ae4cdd
Validate OAuth Redirect URIs (#32643)
This fixes a TODO in the code to validate the RedirectURIs when adding
or editing an OAuth application in user settings.

This also includes a refactor of the user settings tests to only create
the DB once per top-level test to avoid reloading fixtures.

(cherry picked from commit 16a7d343d78807e39df124756e5d43a69a2203a3)

Conflicts:
	services/forms/user_form.go
	tests/integration/user_settings_test.go
  simple conflicts
2024-12-03 10:19:22 +01:00

63 lines
1.6 KiB
Go

// Copyright 2017 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package validation
import (
"net/http"
"net/http/httptest"
"testing"
"code.forgejo.org/go-chi/binding"
chi "github.com/go-chi/chi/v5"
"github.com/stretchr/testify/assert"
)
const (
testRoute = "/test"
)
type (
validationTestCase struct {
description string
data any
expectedErrors binding.Errors
}
TestForm struct {
BranchName string `form:"BranchName" binding:"GitRefName"`
URL string `form:"ValidUrl" binding:"ValidUrl"`
URLs string `form:"ValidUrls" binding:"ValidUrlList"`
GlobPattern string `form:"GlobPattern" binding:"GlobPattern"`
RegexPattern string `form:"RegexPattern" binding:"RegexPattern"`
}
)
func performValidationTest(t *testing.T, testCase validationTestCase) {
httpRecorder := httptest.NewRecorder()
m := chi.NewRouter()
m.Post(testRoute, func(resp http.ResponseWriter, req *http.Request) {
actual := binding.Validate(req, testCase.data)
// see https://github.com/stretchr/testify/issues/435
if actual == nil {
actual = binding.Errors{}
}
assert.Equal(t, testCase.expectedErrors, actual)
})
req, err := http.NewRequest("POST", testRoute, nil)
if err != nil {
panic(err)
}
req.Header.Add("Content-Type", "x-www-form-urlencoded")
m.ServeHTTP(httpRecorder, req)
switch httpRecorder.Code {
case http.StatusNotFound:
panic("Routing is messed up in test fixture (got 404): check methods and paths")
case http.StatusInternalServerError:
panic("Something bad happened on '" + testCase.description + "'")
}
}