diff options
author | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2018-06-08 17:04:17 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-06-08 17:04:17 +0200 |
commit | 3bae67489f53ad6501d3632cfa8847b2d09ebaff (patch) | |
tree | 8858e3399e782271673eed2e9e79bb9e51919260 /api4 | |
parent | e09b3c566b2de1da1d916d3e209c96d43be739e2 (diff) | |
download | chat-3bae67489f53ad6501d3632cfa8847b2d09ebaff.tar.gz chat-3bae67489f53ad6501d3632cfa8847b2d09ebaff.tar.bz2 chat-3bae67489f53ad6501d3632cfa8847b2d09ebaff.zip |
Relese5.0 merge master 20180608 (#8933)
* Add missing diagnostics (#8911)
* Update diagnostics.go
* Update diagnostics.go
* Fix push notification styling backwards compatibility (#8913)
* MM-10803: remove premature user sanitization on deactivation (#8926)
* remove unused UpdateNonSSOUserActive
* MM-10803: stop prematurely sanitizing users on deactivate
This change was preceded by the removal of UpdateNonSSOUserActive to
ensure there are no APIs relying on the sanitized return value.
* MM-10803: test websocket events after UpdateUserActive
* MM-10264: Adds system scheme to permissions import/export. (#8924)
* MM-10264: Adds system scheme to permissions import/export.
* MM-10264: Switches to more likely unique name.
* MM-10264: Changed collision prevention string.
* MM-10264: Rolls back created schemes in all error cases.
* MM-10264: Test fix for more rollback cases.
Diffstat (limited to 'api4')
-rw-r--r-- | api4/apitestlib.go | 4 | ||||
-rw-r--r-- | api4/user_test.go | 184 |
2 files changed, 140 insertions, 48 deletions
diff --git a/api4/apitestlib.go b/api4/apitestlib.go index 22084a1d6..8293a03f7 100644 --- a/api4/apitestlib.go +++ b/api4/apitestlib.go @@ -271,6 +271,10 @@ func (me *TestHelper) CreateWebSocketClient() (*model.WebSocketClient, *model.Ap return model.NewWebSocketClient4(fmt.Sprintf("ws://localhost:%v", me.App.Srv.ListenAddr.Port), me.Client.AuthToken) } +func (me *TestHelper) CreateWebSocketSystemAdminClient() (*model.WebSocketClient, *model.AppError) { + return model.NewWebSocketClient4(fmt.Sprintf("ws://localhost:%v", me.App.Srv.ListenAddr.Port), me.SystemAdminClient.AuthToken) +} + func (me *TestHelper) CreateUser() *model.User { return me.CreateUserWithClient(me.Client) } diff --git a/api4/user_test.go b/api4/user_test.go index 53aaf7a99..10f65e766 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -513,7 +513,7 @@ func TestSearchUsers(t *testing.T) { t.Fatal("should have found user") } - _, err := th.App.UpdateNonSSOUserActive(th.BasicUser2.Id, false) + _, err := th.App.UpdateActive(th.BasicUser2, false) if err != nil { t.Fatal(err) } @@ -630,7 +630,7 @@ func TestSearchUsers(t *testing.T) { th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) - _, err = th.App.UpdateNonSSOUserActive(th.BasicUser2.Id, true) + _, err = th.App.UpdateActive(th.BasicUser2, true) if err != nil { t.Fatal(err) } @@ -1205,71 +1205,159 @@ func TestUpdateUserRoles(t *testing.T) { CheckBadRequestStatus(t, resp) } +func assertExpectedWebsocketEvent(t *testing.T, client *model.WebSocketClient, event string, test func(*model.WebSocketEvent)) { + for { + select { + case resp, ok := <-client.EventChannel: + if !ok { + t.Fatalf("channel closed before receiving expected event %s", model.WEBSOCKET_EVENT_USER_UPDATED) + } else if resp.Event == model.WEBSOCKET_EVENT_USER_UPDATED { + test(resp) + return + } + case <-time.After(5 * time.Second): + t.Fatalf("failed to receive expected event %s", model.WEBSOCKET_EVENT_USER_UPDATED) + } + } +} + +func assertWebsocketEventUserUpdatedWithEmail(t *testing.T, client *model.WebSocketClient, email string) { + assertExpectedWebsocketEvent(t, client, model.WEBSOCKET_EVENT_USER_UPDATED, func(event *model.WebSocketEvent) { + if eventUser, ok := event.Data["user"].(map[string]interface{}); !ok { + t.Fatalf("expected user") + } else if userEmail, ok := eventUser["email"].(string); !ok { + t.Fatalf("expected email %s, but got nil", email) + } else { + assert.Equal(t, email, userEmail) + } + }) +} + func TestUpdateUserActive(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() + t.Run("basic tests", func(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer th.TearDown() - Client := th.Client - SystemAdminClient := th.SystemAdminClient - user := th.BasicUser + Client := th.Client + SystemAdminClient := th.SystemAdminClient + user := th.BasicUser - EnableUserDeactivation := th.App.Config().TeamSettings.EnableUserDeactivation - defer func() { - th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableUserDeactivation = EnableUserDeactivation }) - }() + EnableUserDeactivation := th.App.Config().TeamSettings.EnableUserDeactivation + defer func() { + th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableUserDeactivation = EnableUserDeactivation }) + }() - th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) - pass, resp := Client.UpdateUserActive(user.Id, false) - CheckNoError(t, resp) + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) + pass, resp := Client.UpdateUserActive(user.Id, false) + CheckNoError(t, resp) - if !pass { - t.Fatal("should have returned true") - } + if !pass { + t.Fatal("should have returned true") + } - th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = false }) - pass, resp = Client.UpdateUserActive(user.Id, false) - CheckUnauthorizedStatus(t, resp) + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = false }) + pass, resp = Client.UpdateUserActive(user.Id, false) + CheckUnauthorizedStatus(t, resp) - if pass { - t.Fatal("should have returned false") - } + if pass { + t.Fatal("should have returned false") + } - th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) - pass, resp = Client.UpdateUserActive(user.Id, false) - CheckUnauthorizedStatus(t, resp) + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) + pass, resp = Client.UpdateUserActive(user.Id, false) + CheckUnauthorizedStatus(t, resp) - if pass { - t.Fatal("should have returned false") - } + if pass { + t.Fatal("should have returned false") + } - th.LoginBasic2() + th.LoginBasic2() - _, resp = Client.UpdateUserActive(user.Id, true) - CheckForbiddenStatus(t, resp) + _, resp = Client.UpdateUserActive(user.Id, true) + CheckForbiddenStatus(t, resp) - _, resp = Client.UpdateUserActive(GenerateTestId(), true) - CheckForbiddenStatus(t, resp) + _, resp = Client.UpdateUserActive(GenerateTestId(), true) + CheckForbiddenStatus(t, resp) - _, resp = Client.UpdateUserActive("junk", true) - CheckBadRequestStatus(t, resp) + _, resp = Client.UpdateUserActive("junk", true) + CheckBadRequestStatus(t, resp) - Client.Logout() + Client.Logout() - _, resp = Client.UpdateUserActive(user.Id, true) - CheckUnauthorizedStatus(t, resp) + _, resp = Client.UpdateUserActive(user.Id, true) + CheckUnauthorizedStatus(t, resp) - _, resp = SystemAdminClient.UpdateUserActive(user.Id, true) - CheckNoError(t, resp) + _, resp = SystemAdminClient.UpdateUserActive(user.Id, true) + CheckNoError(t, resp) - _, resp = SystemAdminClient.UpdateUserActive(user.Id, false) - CheckNoError(t, resp) + _, resp = SystemAdminClient.UpdateUserActive(user.Id, false) + CheckNoError(t, resp) - authData := model.NewId() - result := <-th.App.Srv.Store.User().UpdateAuthData(user.Id, "random", &authData, "", true) - require.Nil(t, result.Err) + authData := model.NewId() + result := <-th.App.Srv.Store.User().UpdateAuthData(user.Id, "random", &authData, "", true) + require.Nil(t, result.Err) - _, resp = SystemAdminClient.UpdateUserActive(user.Id, false) - CheckNoError(t, resp) + _, resp = SystemAdminClient.UpdateUserActive(user.Id, false) + CheckNoError(t, resp) + }) + + t.Run("websocket events", func(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer th.TearDown() + + SystemAdminClient := th.SystemAdminClient + user := th.BasicUser2 + + EnableUserDeactivation := th.App.Config().TeamSettings.EnableUserDeactivation + defer func() { + th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableUserDeactivation = EnableUserDeactivation }) + }() + + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) + + webSocketClient, err := th.CreateWebSocketClient() + assert.Nil(t, err) + defer webSocketClient.Close() + + webSocketClient.Listen() + + time.Sleep(300 * time.Millisecond) + if resp := <-webSocketClient.ResponseChannel; resp.Status != model.STATUS_OK { + t.Fatal("should have responded OK to authentication challenge") + } + + adminWebSocketClient, err := th.CreateWebSocketSystemAdminClient() + assert.Nil(t, err) + defer adminWebSocketClient.Close() + + adminWebSocketClient.Listen() + + time.Sleep(300 * time.Millisecond) + if resp := <-adminWebSocketClient.ResponseChannel; resp.Status != model.STATUS_OK { + t.Fatal("should have responded OK to authentication challenge") + } + + ShowEmailAddress := th.App.Config().PrivacySettings.ShowEmailAddress + defer func() { + th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = ShowEmailAddress }) + }() + + // Verify that both admins and regular users see the email when privacy settings allow same. + th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) + _, resp := SystemAdminClient.UpdateUserActive(user.Id, false) + CheckNoError(t, resp) + + assertWebsocketEventUserUpdatedWithEmail(t, webSocketClient, user.Email) + assertWebsocketEventUserUpdatedWithEmail(t, adminWebSocketClient, user.Email) + + // Verify that only admins see the email when privacy settings hide emails. + th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) + _, resp = SystemAdminClient.UpdateUserActive(user.Id, true) + CheckNoError(t, resp) + + assertWebsocketEventUserUpdatedWithEmail(t, webSocketClient, "") + assertWebsocketEventUserUpdatedWithEmail(t, adminWebSocketClient, user.Email) + }) } func TestGetUsers(t *testing.T) { |