Merge branch 'stable-3.3'
* stable-3.3:
Address comments by Sasa Zivkov
Add integration tests
Fix import of InternalGroup
Change-Id: I36ce6193db6d6eab20f43063af0740c2701e008d
diff --git a/BUILD b/BUILD
index d74886f..e7b7df1 100644
--- a/BUILD
+++ b/BUILD
@@ -16,20 +16,23 @@
],
)
-TEST_SRCS = "src/test/java/**/*Test.java"
-
TEST_DEPS = PLUGIN_DEPS + PLUGIN_TEST_DEPS + [
"@commons-io//jar",
"@mime-types//jar",
":uploadvalidator__plugin",
]
+TEST_SRCS = [
+ "src/test/java/**/*Test.java",
+ "src/test/java/**/*IT.java",
+]
+
java_library(
name = "testutils",
testonly = 1,
srcs = glob(
["src/test/java/**/*.java"],
- exclude = [TEST_SRCS],
+ exclude = TEST_SRCS,
),
deps = TEST_DEPS,
)
@@ -37,7 +40,19 @@
junit_tests(
name = "uploadvalidator_tests",
testonly = 1,
- srcs = glob([TEST_SRCS]),
+ srcs = glob(
+ ["src/test/java/**/*Test.java"]),
+ tags = ["uploadvalidator"],
+ deps = TEST_DEPS + [
+ ":testutils",
+ ],
+)
+
+junit_tests(
+ name = "uploadvalidator_integration_tests",
+ testonly = 1,
+ srcs = glob(
+ ["src/test/java/**/*IT.java"]),
tags = ["uploadvalidator"],
deps = TEST_DEPS + [
":testutils",
diff --git a/src/test/java/com/googlesource/gerrit/plugins/uploadvalidator/UploadValidatorIT.java b/src/test/java/com/googlesource/gerrit/plugins/uploadvalidator/UploadValidatorIT.java
new file mode 100644
index 0000000..a558336
--- /dev/null
+++ b/src/test/java/com/googlesource/gerrit/plugins/uploadvalidator/UploadValidatorIT.java
@@ -0,0 +1,164 @@
+// Copyright (C) 2021 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.googlesource.gerrit.plugins.uploadvalidator;
+
+import static com.google.common.truth.Truth.assertThat;
+import static com.google.gerrit.acceptance.testsuite.project.TestProjectUpdate.allow;
+import static com.google.gerrit.testing.GerritJUnit.assertThrows;
+
+import com.google.common.base.Joiner;
+import com.google.common.collect.ImmutableMap;
+import com.google.gerrit.acceptance.GitUtil;
+import com.google.gerrit.acceptance.LightweightPluginDaemonTest;
+import com.google.gerrit.acceptance.PushOneCommit;
+import com.google.gerrit.acceptance.TestPlugin;
+import com.google.gerrit.acceptance.testsuite.project.ProjectOperations;
+import com.google.gerrit.entities.Permission;
+import com.google.gerrit.entities.RefNames;
+import com.google.gerrit.extensions.api.changes.DraftInput;
+import com.google.gerrit.extensions.api.changes.ReviewInput;
+import com.google.gerrit.extensions.api.changes.ReviewInput.DraftHandling;
+import com.google.gerrit.extensions.restapi.BadRequestException;
+import com.google.gerrit.server.group.SystemGroupBackend;
+import com.google.inject.Inject;
+import org.eclipse.jgit.internal.storage.dfs.InMemoryRepository;
+import org.eclipse.jgit.junit.TestRepository;
+import org.junit.Before;
+import org.junit.Test;
+
+@TestPlugin(
+ name = "uploadvalidator",
+ sysModule = "com.googlesource.gerrit.plugins.uploadvalidator.Module")
+public class UploadValidatorIT extends LightweightPluginDaemonTest {
+
+ @Inject ProjectOperations projectOperations;
+
+ TestRepository<InMemoryRepository> clone;
+
+ void pushConfig(String config) throws Exception {
+ TestRepository<InMemoryRepository> allProjectRepo = cloneProject(allProjects, admin);
+ GitUtil.fetch(allProjectRepo, RefNames.REFS_CONFIG + ":config");
+ allProjectRepo.reset("config");
+ PushOneCommit push =
+ pushFactory.create(admin.newIdent(), allProjectRepo, "Subject", "project.config", config);
+ PushOneCommit.Result res = push.to(RefNames.REFS_CONFIG);
+ res.assertOkStatus();
+ }
+
+ @Before
+ public void setup() throws Exception {
+
+ pushConfig(
+ Joiner.on("\n")
+ .join(
+ "[plugin \"uploadvalidator\"]",
+ " blockedFileExtension = jar",
+ " blockedFileExtension = .zip",
+ " blockedKeywordPattern = secr3t",
+ " invalidFilenamePattern = [%:@]",
+ " rejectWindowsLineEndings = true",
+ " maxPathLength = 20",
+ " rejectDuplicatePathnames = true"));
+
+ projectOperations
+ .project(allProjects)
+ .forUpdate()
+ .add(allow(Permission.READ).ref("refs/*").group(SystemGroupBackend.REGISTERED_USERS))
+ .add(allow(Permission.CREATE).ref("refs/*").group(SystemGroupBackend.REGISTERED_USERS))
+ .add(allow(Permission.PUSH).ref("refs/*").group(SystemGroupBackend.REGISTERED_USERS))
+ .update();
+
+ clone = GitUtil.cloneProject(project, registerRepoConnection(project, admin));
+ }
+
+ @Test
+ public void testFileExtension() throws Exception {
+ pushFactory
+ .create(admin.newIdent(), clone, "Subject", "file.jar", "content")
+ .to("refs/heads/master")
+ .assertErrorStatus("blocked file extensions");
+
+ pushFactory
+ .create(admin.newIdent(), clone, "Subject", "file.zip", "content")
+ .to("refs/heads/master")
+ .assertErrorStatus("blocked file extensions");
+ }
+
+ @Test
+ public void testKeywordInComment() throws Exception {
+ PushOneCommit.Result r1 = createChange("Subject", "file.txt", "content");
+ DraftInput in = new DraftInput();
+ in.message = "the password is secr3t ! ";
+ in.path = "file.txt";
+ gApi.changes().id(r1.getChangeId()).revision("current").createDraft(in);
+
+ ReviewInput reviewIn = new ReviewInput();
+ reviewIn.drafts = DraftHandling.PUBLISH;
+ BadRequestException e =
+ assertThrows(
+ BadRequestException.class,
+ () -> gApi.changes().id(r1.getChangeId()).revision("current").review(reviewIn));
+ assertThat(e.getMessage()).contains("banned words");
+ }
+
+ @Test
+ public void testKeywordInFile() throws Exception {
+ pushFactory
+ .create(admin.newIdent(), clone, "Subject", "file.txt", "blah secr3t blah")
+ .to("refs/heads/master")
+ .assertErrorStatus("blocked keywords");
+ }
+
+ @Test
+ public void testFilenamePattern() throws Exception {
+ pushFactory
+ .create(admin.newIdent(), clone, "Subject", "f:le.txt", "content")
+ .to("refs/heads/master")
+ .assertErrorStatus("invalid filename");
+ }
+
+ @Test
+ public void testWindowsLineEndings() throws Exception {
+ pushFactory
+ .create(admin.newIdent(), clone, "Subject", "win.ini", "content\r\nline2\r\n")
+ .to("refs/heads/master")
+ .assertErrorStatus("Windows line ending");
+ }
+
+ @Test
+ public void testPathLength() throws Exception {
+ pushFactory
+ .create(
+ admin.newIdent(),
+ clone,
+ "Subject",
+ "123456789012345678901234567890.txt",
+ "content\nline2\n")
+ .to("refs/heads/master")
+ .assertErrorStatus("too long paths");
+ }
+
+ @Test
+ public void testUniqueName() throws Exception {
+ pushFactory
+ .create(
+ admin.newIdent(),
+ clone,
+ "Subject",
+ ImmutableMap.of("a.txt", "content\nline2\n", "A.TXT", "content"))
+ .to("refs/heads/master")
+ .assertErrorStatus("duplicate pathnames");
+ }
+}
