diff options
Diffstat (limited to 'api4')
-rw-r--r-- | api4/apitestlib.go | 10 | ||||
-rw-r--r-- | api4/team.go | 30 | ||||
-rw-r--r-- | api4/team_test.go | 69 |
3 files changed, 109 insertions, 0 deletions
diff --git a/api4/apitestlib.go b/api4/apitestlib.go index 6d1822ae9..c6c1dfa94 100644 --- a/api4/apitestlib.go +++ b/api4/apitestlib.go @@ -380,6 +380,16 @@ func CheckUserSanitization(t *testing.T, user *model.User) { } } +func CheckTeamSanitization(t *testing.T, team *model.Team) { + if team.Email != "" { + t.Fatal("email wasn't blank") + } + + if team.AllowedDomains != "" { + t.Fatal("'allowed domains' wasn't blank") + } +} + func CheckEtag(t *testing.T, data interface{}, resp *model.Response) { if !reflect.ValueOf(data).IsNil() { debug.PrintStack() diff --git a/api4/team.go b/api4/team.go index 26fff7ce1..a9be5c8ab 100644 --- a/api4/team.go +++ b/api4/team.go @@ -22,6 +22,7 @@ func InitTeam() { BaseRoutes.Team.Handle("", ApiSessionRequired(getTeam)).Methods("GET") BaseRoutes.Team.Handle("", ApiSessionRequired(updateTeam)).Methods("PUT") + BaseRoutes.Team.Handle("/patch", ApiSessionRequired(patchTeam)).Methods("PUT") BaseRoutes.Team.Handle("/stats", ApiSessionRequired(getTeamStats)).Methods("GET") BaseRoutes.TeamMembers.Handle("", ApiSessionRequired(getTeamMembers)).Methods("GET") BaseRoutes.TeamMembers.Handle("/ids", ApiSessionRequired(getTeamMembersByIds)).Methods("POST") @@ -127,6 +128,35 @@ func updateTeam(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(updatedTeam.ToJson())) } +func patchTeam(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireTeamId() + if c.Err != nil { + return + } + + team := model.TeamPatchFromJson(r.Body) + + if team == nil { + c.SetInvalidParam("team") + return + } + + if !app.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_MANAGE_TEAM) { + c.SetPermissionError(model.PERMISSION_MANAGE_TEAM) + return + } + + patchedTeam, err := app.PatchTeam(c.Params.TeamId, team) + + if err != nil { + c.Err = err + return + } + + c.LogAudit("") + w.Write([]byte(patchedTeam.ToJson())) +} + func getTeamsForUser(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireUserId() if c.Err != nil { diff --git a/api4/team_test.go b/api4/team_test.go index 2076a8c1d..1f1e031b3 100644 --- a/api4/team_test.go +++ b/api4/team_test.go @@ -247,6 +247,75 @@ func TestUpdateTeam(t *testing.T) { CheckNoError(t, resp) } +func TestPatchTeam(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + team := &model.Team{DisplayName: "Name", Description: "Some description", CompanyName: "Some company name", AllowOpenInvite: false, InviteId: "inviteid0", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN} + team, _ = Client.CreateTeam(team) + + patch := &model.TeamPatch{} + + patch.DisplayName = new(string) + *patch.DisplayName = "Other name" + patch.Description = new(string) + *patch.Description = "Other description" + patch.CompanyName = new(string) + *patch.CompanyName = "Other company name" + patch.InviteId = new(string) + *patch.InviteId = "inviteid1" + patch.AllowOpenInvite = new(bool) + *patch.AllowOpenInvite = true + + rteam, resp := Client.PatchTeam(team.Id, patch) + CheckNoError(t, resp) + CheckTeamSanitization(t, rteam) + + if rteam.DisplayName != "Other name" { + t.Fatal("DisplayName did not update properly") + } + if rteam.Description != "Other description" { + t.Fatal("Description did not update properly") + } + if rteam.CompanyName != "Other company name" { + t.Fatal("CompanyName did not update properly") + } + if rteam.InviteId != "inviteid1" { + t.Fatal("InviteId did not update properly") + } + if rteam.AllowOpenInvite != true { + t.Fatal("AllowOpenInvite did not update properly") + } + + _, resp = Client.PatchTeam("junk", patch) + CheckBadRequestStatus(t, resp) + + _, resp = Client.PatchTeam(GenerateTestId(), patch) + CheckForbiddenStatus(t, resp) + + if r, err := Client.DoApiPut("/teams/"+team.Id+"/patch", "garbage"); err == nil { + t.Fatal("should have errored") + } else { + if r.StatusCode != http.StatusBadRequest { + t.Log("actual: " + strconv.Itoa(r.StatusCode)) + t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) + t.Fatal("wrong status code") + } + } + + Client.Logout() + _, resp = Client.PatchTeam(team.Id, patch) + CheckUnauthorizedStatus(t, resp) + + th.LoginBasic2() + _, resp = Client.PatchTeam(team.Id, patch) + CheckForbiddenStatus(t, resp) + + _, resp = th.SystemAdminClient.PatchTeam(team.Id, patch) + CheckNoError(t, resp) +} + func TestGetAllTeams(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() |