diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/apptestlib.go | 18 | ||||
-rw-r--r-- | app/command_channel_header.go | 22 | ||||
-rw-r--r-- | app/command_channel_header_test.go | 82 |
3 files changed, 118 insertions, 4 deletions
diff --git a/app/apptestlib.go b/app/apptestlib.go index 818b21183..43d425e16 100644 --- a/app/apptestlib.go +++ b/app/apptestlib.go @@ -206,6 +206,10 @@ func (me *TestHelper) CreateChannel(team *model.Team) *model.Channel { return me.createChannel(team, model.CHANNEL_OPEN) } +func (me *TestHelper) CreatePrivateChannel(team *model.Team) *model.Channel { + return me.createChannel(team, model.CHANNEL_PRIVATE) +} + func (me *TestHelper) createChannel(team *model.Team, channelType string) *model.Channel { id := model.NewId() @@ -266,6 +270,20 @@ func (me *TestHelper) CreateDmChannel(user *model.User) *model.Channel { return channel } +func (me *TestHelper) CreateGroupChannel(user1 *model.User, user2 *model.User) *model.Channel { + utils.DisableDebugLogForTest() + var err *model.AppError + var channel *model.Channel + if channel, err = me.App.CreateGroupChannel([]string{me.BasicUser.Id, user1.Id, user2.Id}, me.BasicUser.Id); err != nil { + mlog.Error(err.Error()) + + time.Sleep(time.Second) + panic(err) + } + utils.EnableDebugLogForTest() + return channel +} + func (me *TestHelper) CreatePost(channel *model.Channel) *model.Post { id := model.NewId() diff --git a/app/command_channel_header.go b/app/command_channel_header.go index 63a9250a7..100135f48 100644 --- a/app/command_channel_header.go +++ b/app/command_channel_header.go @@ -40,11 +40,25 @@ func (me *HeaderProvider) DoCommand(a *App, args *model.CommandArgs, message str return &model.CommandResponse{Text: args.T("api.command_channel_header.channel.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} } - if channel.Type == model.CHANNEL_OPEN && !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) { - return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} - } + switch channel.Type { + case model.CHANNEL_OPEN: + if !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) { + return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} + } + + case model.CHANNEL_PRIVATE: + if !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) { + return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} + } + + case model.CHANNEL_GROUP, model.CHANNEL_DIRECT: + // Modifying the header is not linked to any specific permission for group/dm channels, so just check for membership. + channelMember, err := a.GetChannelMember(args.ChannelId, args.Session.UserId) + if err != nil || channelMember == nil { + return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} + } - if channel.Type == model.CHANNEL_PRIVATE && !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) { + default: return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} } diff --git a/app/command_channel_header_test.go b/app/command_channel_header_test.go index 2a6151fed..21735e044 100644 --- a/app/command_channel_header_test.go +++ b/app/command_channel_header_test.go @@ -12,6 +12,8 @@ func TestHeaderProviderDoCommand(t *testing.T) { defer th.TearDown() hp := HeaderProvider{} + + // Try a public channel *with* permission. args := &model.CommandArgs{ T: func(s string, args ...interface{}) string { return s }, ChannelId: th.BasicChannel.Id, @@ -25,4 +27,84 @@ func TestHeaderProviderDoCommand(t *testing.T) { actual := hp.DoCommand(th.App, args, msg).Text assert.Equal(t, expected, actual) } + + // Try a public channel *without* permission. + args = &model.CommandArgs{ + T: func(s string, args ...interface{}) string { return s }, + ChannelId: th.BasicChannel.Id, + Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}}, + } + + actual := hp.DoCommand(th.App, args, "hello").Text + assert.Equal(t, "api.command_channel_header.permission.app_error", actual) + + // Try a private channel *with* permission. + privateChannel := th.CreatePrivateChannel(th.BasicTeam) + + args = &model.CommandArgs{ + T: func(s string, args ...interface{}) string { return s }, + ChannelId: privateChannel.Id, + Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: model.TEAM_USER_ROLE_ID}}}, + } + + actual = hp.DoCommand(th.App, args, "hello").Text + assert.Equal(t, "", actual) + + // Try a private channel *without* permission. + args = &model.CommandArgs{ + T: func(s string, args ...interface{}) string { return s }, + ChannelId: privateChannel.Id, + Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}}, + } + + actual = hp.DoCommand(th.App, args, "hello").Text + assert.Equal(t, "api.command_channel_header.permission.app_error", actual) + + // Try a group channel *with* being a member. + user1 := th.CreateUser() + user2 := th.CreateUser() + user3 := th.CreateUser() + + groupChannel := th.CreateGroupChannel(user1, user2) + + args = &model.CommandArgs{ + T: func(s string, args ...interface{}) string { return s }, + ChannelId: groupChannel.Id, + Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}}, + } + + actual = hp.DoCommand(th.App, args, "hello").Text + assert.Equal(t, "", actual) + + // Try a group channel *without* being a member. + args = &model.CommandArgs{ + T: func(s string, args ...interface{}) string { return s }, + ChannelId: groupChannel.Id, + Session: model.Session{UserId: user3.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}}, + } + + actual = hp.DoCommand(th.App, args, "hello").Text + assert.Equal(t, "api.command_channel_header.permission.app_error", actual) + + // Try a direct channel *with* being a member. + directChannel := th.CreateDmChannel(user1) + + args = &model.CommandArgs{ + T: func(s string, args ...interface{}) string { return s }, + ChannelId: directChannel.Id, + Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}}, + } + + actual = hp.DoCommand(th.App, args, "hello").Text + assert.Equal(t, "", actual) + + // Try a direct channel *without* being a member. + args = &model.CommandArgs{ + T: func(s string, args ...interface{}) string { return s }, + ChannelId: directChannel.Id, + Session: model.Session{UserId: user2.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}}, + } + + actual = hp.DoCommand(th.App, args, "hello").Text + assert.Equal(t, "api.command_channel_header.permission.app_error", actual) } |