diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-02-01 16:13:16 -0500 |
---|---|---|
committer | Christopher Speller <crspeller@gmail.com> | 2017-02-01 16:13:16 -0500 |
commit | 36f43edba3481a19476943942bff1ab53cc14e0f (patch) | |
tree | 4f2925a492cb594e6c80a7f569395528139307ce /api4 | |
parent | 187aff9fa8bd7616b5a93aefaa2e9166d5d3d4ab (diff) | |
download | chat-36f43edba3481a19476943942bff1ab53cc14e0f.tar.gz chat-36f43edba3481a19476943942bff1ab53cc14e0f.tar.bz2 chat-36f43edba3481a19476943942bff1ab53cc14e0f.zip |
Implement PUT /users/{user_id}/roles endpoint for APIv4 (#5238)
Diffstat (limited to 'api4')
-rw-r--r-- | api4/apitestlib.go | 16 | ||||
-rw-r--r-- | api4/user.go | 30 | ||||
-rw-r--r-- | api4/user_test.go | 24 |
3 files changed, 69 insertions, 1 deletions
diff --git a/api4/apitestlib.go b/api4/apitestlib.go index 44a730621..6b129dd8f 100644 --- a/api4/apitestlib.go +++ b/api4/apitestlib.go @@ -6,6 +6,7 @@ package api4 import ( "net/http" "reflect" + "runtime/debug" "strconv" "strings" "testing" @@ -213,10 +214,12 @@ func CheckUserSanitization(t *testing.T, user *model.User) { func CheckEtag(t *testing.T, data interface{}, resp *model.Response) { if !reflect.ValueOf(data).IsNil() { + debug.PrintStack() t.Fatal("etag data was not nil") } if resp.StatusCode != http.StatusNotModified { + debug.PrintStack() t.Log("actual: " + strconv.Itoa(resp.StatusCode)) t.Log("expected: " + strconv.Itoa(http.StatusNotModified)) t.Fatal("wrong status code for etag") @@ -225,17 +228,20 @@ func CheckEtag(t *testing.T, data interface{}, resp *model.Response) { func CheckNoError(t *testing.T, resp *model.Response) { if resp.Error != nil { - t.Fatal(resp.Error) + debug.PrintStack() + t.Fatal("Expected no error, got " + resp.Error.Error()) } } func CheckForbiddenStatus(t *testing.T, resp *model.Response) { if resp.Error == nil { + debug.PrintStack() t.Fatal("should have errored with status:" + strconv.Itoa(http.StatusForbidden)) return } if resp.StatusCode != http.StatusForbidden { + debug.PrintStack() t.Log("actual: " + strconv.Itoa(resp.StatusCode)) t.Log("expected: " + strconv.Itoa(http.StatusForbidden)) t.Fatal("wrong status code") @@ -244,11 +250,13 @@ func CheckForbiddenStatus(t *testing.T, resp *model.Response) { func CheckUnauthorizedStatus(t *testing.T, resp *model.Response) { if resp.Error == nil { + debug.PrintStack() t.Fatal("should have errored with status:" + strconv.Itoa(http.StatusUnauthorized)) return } if resp.StatusCode != http.StatusUnauthorized { + debug.PrintStack() t.Log("actual: " + strconv.Itoa(resp.StatusCode)) t.Log("expected: " + strconv.Itoa(http.StatusUnauthorized)) t.Fatal("wrong status code") @@ -257,11 +265,13 @@ func CheckUnauthorizedStatus(t *testing.T, resp *model.Response) { func CheckNotFoundStatus(t *testing.T, resp *model.Response) { if resp.Error == nil { + debug.PrintStack() t.Fatal("should have errored with status:" + strconv.Itoa(http.StatusNotFound)) return } if resp.StatusCode != http.StatusNotFound { + debug.PrintStack() t.Log("actual: " + strconv.Itoa(resp.StatusCode)) t.Log("expected: " + strconv.Itoa(http.StatusNotFound)) t.Fatal("wrong status code") @@ -270,11 +280,13 @@ func CheckNotFoundStatus(t *testing.T, resp *model.Response) { func CheckBadRequestStatus(t *testing.T, resp *model.Response) { if resp.Error == nil { + debug.PrintStack() t.Fatal("should have errored with status:" + strconv.Itoa(http.StatusBadRequest)) return } if resp.StatusCode != http.StatusBadRequest { + debug.PrintStack() t.Log("actual: " + strconv.Itoa(resp.StatusCode)) t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) t.Fatal("wrong status code") @@ -283,11 +295,13 @@ func CheckBadRequestStatus(t *testing.T, resp *model.Response) { func CheckErrorMessage(t *testing.T, resp *model.Response, errorId string) { if resp.Error == nil { + debug.PrintStack() t.Fatal("should have errored with message:" + errorId) return } if resp.Error.Id != errorId { + debug.PrintStack() t.Log("actual: " + resp.Error.Id) t.Log("expected: " + errorId) t.Fatal("incorrect error message") diff --git a/api4/user.go b/api4/user.go index 9d38df1a1..f68d01d33 100644 --- a/api4/user.go +++ b/api4/user.go @@ -18,6 +18,7 @@ func InitUser() { BaseRoutes.Users.Handle("", ApiHandler(createUser)).Methods("POST") BaseRoutes.User.Handle("", ApiSessionRequired(getUser)).Methods("GET") BaseRoutes.User.Handle("", ApiSessionRequired(updateUser)).Methods("PUT") + BaseRoutes.User.Handle("/roles", ApiSessionRequired(updateUserRoles)).Methods("PUT") BaseRoutes.Users.Handle("/login", ApiHandler(login)).Methods("POST") BaseRoutes.Users.Handle("/logout", ApiHandler(logout)).Methods("POST") @@ -109,6 +110,35 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { } } +func updateUserRoles(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireUserId() + if c.Err != nil { + return + } + + props := model.MapFromJson(r.Body) + + newRoles := props["roles"] + if !model.IsValidUserRoles(newRoles) { + c.SetInvalidParam("roles") + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_ROLES) { + c.SetPermissionError(model.PERMISSION_MANAGE_ROLES) + return + } + + if _, err := app.UpdateUserRoles(c.Params.UserId, newRoles); err != nil { + c.Err = err + return + } else { + c.LogAuditWithUserId(c.Params.UserId, "roles="+newRoles) + } + + ReturnStatusOK(w) +} + func login(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) diff --git a/api4/user_test.go b/api4/user_test.go index c55c70b36..713e0268b 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -182,3 +182,27 @@ func TestUpdateUser(t *testing.T) { _, resp = th.SystemAdminClient.UpdateUser(user) CheckNoError(t, resp) } + +func TestUpdateUserRoles(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + Client := th.Client + SystemAdminClient := th.SystemAdminClient + + _, resp := Client.UpdateUserRoles(th.SystemAdminUser.Id, model.ROLE_SYSTEM_USER.Id) + CheckForbiddenStatus(t, resp) + + _, resp = SystemAdminClient.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id) + CheckNoError(t, resp) + + _, resp = SystemAdminClient.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_ADMIN.Id) + CheckNoError(t, resp) + + _, resp = SystemAdminClient.UpdateUserRoles(th.BasicUser.Id, "junk") + CheckBadRequestStatus(t, resp) + + _, resp = SystemAdminClient.UpdateUserRoles("junk", model.ROLE_SYSTEM_USER.Id) + CheckBadRequestStatus(t, resp) + + _, resp = SystemAdminClient.UpdateUserRoles(model.NewId(), model.ROLE_SYSTEM_USER.Id) + CheckBadRequestStatus(t, resp) +} |