xaizek / rocketgit (License: AGPLv3+) (since 2018-12-09)
Light and fast Git hosting solution suitable to serve both as a hub or as a personal code storage with its tickets, pull requests, API and much more.
<root> / tests / http_settings.php (1238817519058d422d1d1391f64f608845e0d3e0) (6,664B) (mode 100644) [raw]
<?php
error_reporting(E_ALL | E_STRICT);
ini_set("track_errors", "On");

$rg_cache_debug = TRUE;

$INC = dirname(__FILE__) . "/../inc";
require_once(dirname(__FILE__) . "/config.php");
require_once($INC . "/init.inc.php");
require_once($INC . "/util.inc.php");
require_once("helpers.inc.php");
require_once("http.inc.php");

rg_log_set_file("http_settings.log");

$rg_sql = "host=localhost user=rocketgit dbname=rocketgit connect_timeout=10";
$rg_no_db = TRUE;
require_once("common.php");

$_testns = 'http_settings';
$rg_cache_enable = TRUE;

$now = time();

rg_log("Test if caching works cache_enable=" . ($rg_cache_enable ? "true" : "false"));
rg_cache_set("test::a", "1");
$r = rg_cache_get("test::a");
if (strcmp($r, "1") != 0) {
	rg_log("Main cache (set) is not working!");
	exit(1);
}
rg_cache_unset("test::a");
$r = rg_cache_get("test::a");
if ($r !== FALSE) {
	rg_log("Main cache (unset) is not working!");
	exit(1);
}

test_restore($db);

rg_test_create_user($db, $rg_ui);
$r = test_login($test_url, $rg_ui, $good_sid);
if ($r === FALSE) {
	rg_log("Cannot login!");
	exit(1);
}

rg_log("Loading change pass form");
$data = array();
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/change_pass?t=load_change_pass_form", $data, $headers);
if (!strstr($r['body'], "action=\"/op/settings/change_pass\"")) {
	file_put_contents("http_settings_change_pass.log", $r['body']);
	rg_log_ml("Cannot load change pass form!");
	exit(1);
}
$good_token = $r['token'];

rg_log("Posting change pass form");
$data = array(
	"doit" => 1,
	"token" => $good_token,
	"old_pass" => $rg_ui['pass'],
	"pass1" => "bbbb",
	"pass2" => "bbbb"
	);
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/change_pass?t=post_change_pass_form", $data, $headers);
if (!strstr($r['body'], "Password was updated with success")) {
	file_put_contents("http_settings_change_pass.log", $r['body']);
	rg_log_ml("Cannot change pass!");
	exit(1);
}


rg_log("Now, try to login with the old password");
$r2 = test_login($test_url, $rg_ui, $junk);
if ($r2 !== FALSE) {
	rg_log_ml("Seems we were able to login with the old password!");
	exit(1);
}


rg_log("Change back the password");
$data = array();
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/change_pass?t=load_change_pass_form", $data, $headers);
if (!strstr($r['body'], "action=\"/op/settings/change_pass\"")) {
	file_put_contents("http_settings_change_pass.log", $r['body']);
	rg_log_ml("Cannot load change pass form!");
	exit(1);
}
$good_token = $r['token'];
$data = array(
	"doit" => 1,
	"token" => $good_token,
	"old_pass" => "bbbb",
	"pass1" => $rg_ui['pass'],
	"pass2" => $rg_ui['pass']
	);
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/change_pass?t=change_back_the_password", $data, $headers);
if ($r === FALSE) {
	file_put_contents("http_settings_change_back.log", $r['body']);
	rg_log_ml("Cannot change back the pass to aaaa!");
	exit(1);
}


rg_log("Testing edit info section");

rg_log("Loading edit info form");
$data = array();
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/edit_info?t=load_edit_info_form", $data, $headers);
if ($r === FALSE) {
	rg_log_ml("Cannot load form!");
	exit(1);
}

rg_log("Posting edit info form");
$session_time = intval($now / 393956);
$data = array(
	"doit" => 1,
	"token" => $r['token'],
	"uid" => 4,
	"username" => $rg_ui['username'],
	"realname" => $rg_ui['realname'],
	"plan_id" => 5,
	"session_time" => $session_time
	);
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/edit_info?t=post_edit_info_form", $data, $headers);
if (!strstr($r['body'], "Information was updated with success")) {
	file_put_contents("http_settings_edit_info.log", $r['body']);
	rg_log_ml("Cannot change back the pass to aaaa: " . print_r($r, TRUE));
	exit(1);
}

rg_log("Verify against database");
$sql = "SELECT * FROM users WHERE username = '" . $rg_ui['username'] . "'";
$res = rg_sql_query($db, $sql);
$row = rg_sql_fetch_array($res);
rg_sql_free_result($res);
if (strcmp($rg_ui['realname'], $row['realname']) != 0) {
	file_put_contents("http_settings_edit_info.log", $r['body']);
	rg_log_ml("realname was not changed: " . print_r($row, TRUE));
	exit(1);
}
if ($row['plan_id'] != 5) {
	file_put_contents("http_settings_edit_info.log", $r['body']);
	rg_log_ml("plan_id was not changed: " . print_r($row, TRUE));
	exit(1);
}
if ($row['session_time'] != $session_time) {
	file_put_contents("http_settings_edit_info.log", $r['body']);
	rg_log_ml("session_time was not changed: " . print_r($row, TRUE));
	exit(1);
}


rg_log("Testing SSH keys");
rg_log("Loading ssh keys form");
$data = array();
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/keys?t=load_key_form_add", $data, $headers);
if ($r === FALSE) {
	rg_log_ml("Cannot load form!");
	exit(1);
}
rg_log("Posting keys form");
$key = "ssh-dss YWFh comment<xss>" . $rg_ui['uid'];
$data = array("add" => 1, "token" => $r['token'], "key" => $key);
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/keys?t=post_key_form_add", $data, $headers);
if ($r === FALSE) {
	file_put_contents("http_settings_key.log", $r['body']);
	rg_log_ml("Cannot upload key: " . print_r($r, TRUE));
	exit(1);
}
$sql = "SELECT * FROM keys WHERE key = 'ssh-dss YWFh commentxss" . $rg_ui['uid'] . "'";
$res = rg_sql_query($db, $sql);
$rows = rg_sql_num_rows($res);
if ($rows > 0)
	$row = rg_sql_fetch_array($res);
rg_sql_free_result($res);
if ($rows == 0) {
	rg_log("Key was not uploaded!");
	exit(1);
}
$key_id = $row['key_id'];

rg_log("Now, testing deletion: key_id=$key_id");
rg_log("Loading ssh keys form");
$data = array();
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/keys?t=load_key_form_del", $data, $headers);
if ($r === FALSE) {
	rg_log_ml("Cannot load form: " . print_r($r, TRUE));
	exit(1);
}
rg_log("Posting delete keys form");
$data = array("delete" => 1, "token" => $r['token'], "key_delete_ids[$key_id]" => "on");
$headers = array("Cookie: sid=" . $good_sid);
$r = do_req($test_url . "/op/settings/keys?t=post_key_form_del", $data, $headers);
if (!strstr($r['body'], "Selected keys were removed with success.")) {
	file_put_contents("http_settings_key_del.log", $r['body']);
	rg_log_ml("Cannot delete key!");
	exit(1);
}
$sql = "SELECT * FROM keys WHERE key_id = $key_id";
$res = rg_sql_query($db, $sql);
$rows = rg_sql_num_rows($res);
rg_sql_free_result($res);
if ($rows == 1) {
	rg_log_ml("key $key_id was not deleted!");
	exit(1);
}

rg_log("OK!");
?>
Hints

Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://code.reversed.top/user/xaizek/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a pull request:
... clone the repository ...
... make some changes and some commits ...
git push origin master