From 1f6c271b3bedd6656ae7155714423b1b39a669c1 Mon Sep 17 00:00:00 2001 From: Joram Wilander Date: Wed, 16 May 2018 13:43:22 -0400 Subject: MM-8708 Remove api package (#8784) * Remove api package * Remove api dependency from cmd package * Remove EnableAPIv3 setting * Update web tests * Add more websocket tests * Move some ws and oauth tests to api4 package * Move command tests into api4 package * Test fixes * Fix msg command test * Add some app file tests --- api/team_test.go | 1196 ------------------------------------------------------ 1 file changed, 1196 deletions(-) delete mode 100644 api/team_test.go (limited to 'api/team_test.go') diff --git a/api/team_test.go b/api/team_test.go deleted file mode 100644 index b7af0f1e8..000000000 --- a/api/team_test.go +++ /dev/null @@ -1,1196 +0,0 @@ -// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. -// See License.txt for license information. - -package api - -import ( - "testing" - - "github.com/mattermost/mattermost-server/model" - "github.com/mattermost/mattermost-server/store" - "github.com/mattermost/mattermost-server/utils" -) - -func TestCreateTeam(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - - team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - rteam, err := Client.CreateTeam(&team) - if err != nil { - t.Fatal(err) - } - - user := &model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - th.LinkUserToTeam(user, rteam.Data.(*model.Team)) - store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) - - Client.Login(user.Email, "passwd1") - Client.SetTeamId(rteam.Data.(*model.Team).Id) - - c1 := Client.Must(Client.GetChannels("")).Data.(*model.ChannelList) - if len(*c1) != 2 { - t.Fatal("default channels not created") - } - - if rteam.Data.(*model.Team).DisplayName != team.DisplayName { - t.Fatal("full name didn't match") - } - - if _, err := Client.CreateTeam(rteam.Data.(*model.Team)); err == nil { - t.Fatal("Cannot create an existing") - } - - rteam.Data.(*model.Team).Id = "" - if _, err := Client.CreateTeam(rteam.Data.(*model.Team)); err != nil { - if err.Message != "A team with that name already exists" { - t.Fatal(err) - } - } - - if _, err := Client.DoApiPost("/teams/create", "garbage"); err == nil { - t.Fatal("should have been an error") - } -} - -func TestCreateTeamSanitization(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - // Non-admin users can create a team, but they become a team admin by doing so - - t.Run("team admin", func(t *testing.T) { - team := &model.Team{ - DisplayName: t.Name() + "_1", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - } - - if res, err := th.BasicClient.CreateTeam(team); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email == "" { - t.Fatal("should not have sanitized email") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - }) - - t.Run("system admin", func(t *testing.T) { - team := &model.Team{ - DisplayName: t.Name() + "_2", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - } - - if res, err := th.SystemAdminClient.CreateTeam(team); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email == "" { - t.Fatal("should not have sanitized email") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - }) -} - -func TestAddUserToTeam(t *testing.T) { - th := Setup().InitSystemAdmin().InitBasic() - defer th.TearDown() - - th.BasicClient.Logout() - - // Test adding a user to a team you are not a member of. - th.SystemAdminClient.SetTeamId(th.BasicTeam.Id) - th.SystemAdminClient.Must(th.SystemAdminClient.RemoveUserFromTeam(th.BasicTeam.Id, th.BasicUser2.Id)) - - th.LoginBasic2() - - user2 := th.CreateUser(th.BasicClient) - - if _, err := th.BasicClient.AddUserToTeam(th.BasicTeam.Id, user2.Id); err == nil { - t.Fatal("Should have failed because of not being a team member") - } - - // Test adding a user to a team you are a member of. - th.BasicClient.Logout() - th.LoginBasic() - - if _, err := th.BasicClient.AddUserToTeam(th.BasicTeam.Id, user2.Id); err != nil { - t.Fatal(err) - } - - // Check it worked properly. - if result, err := th.BasicClient.AddUserToTeam(th.BasicTeam.Id, user2.Id); err != nil { - t.Fatal(err) - } else { - rm := result.Data.(map[string]string) - if rm["user_id"] != user2.Id { - t.Fatal("ids didn't match") - } - } - - if _, err := th.BasicClient.GetTeamMember(th.BasicTeam.Id, user2.Id); err != nil { - t.Fatal(err) - } - - // Check the appropriate permissions are enforced. - defaultRolePermissions := th.SaveDefaultRolePermissions() - defer func() { - th.RestoreDefaultRolePermissions(defaultRolePermissions) - }() - - // Set the config so that only team admins can add a user to a team. - th.AddPermissionToRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_ADMIN_ROLE_ID) - th.AddPermissionToRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_ADMIN_ROLE_ID) - th.RemovePermissionFromRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_USER_ROLE_ID) - th.RemovePermissionFromRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_USER_ROLE_ID) - - // Check that a regular user can't add someone to the team. - user4 := th.CreateUser(th.BasicClient) - if _, err := th.BasicClient.AddUserToTeam(th.BasicTeam.Id, user4.Id); err == nil { - t.Fatal("should have failed due to permissions error") - } - - // Should work as team admin. - th.UpdateUserToTeamAdmin(th.BasicUser, th.BasicTeam) - th.App.InvalidateAllCaches() - - // Change permission level to team user - th.AddPermissionToRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_USER_ROLE_ID) - th.AddPermissionToRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_USER_ROLE_ID) - th.RemovePermissionFromRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_ADMIN_ROLE_ID) - th.RemovePermissionFromRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_ADMIN_ROLE_ID) - - user5 := th.CreateUser(th.BasicClient) - if _, err := th.BasicClient.AddUserToTeam(th.BasicTeam.Id, user5.Id); err != nil { - t.Fatal(err) - } -} - -func TestRemoveUserFromTeam(t *testing.T) { - th := Setup().InitSystemAdmin().InitBasic() - defer th.TearDown() - - if _, err := th.BasicClient.RemoveUserFromTeam(th.SystemAdminTeam.Id, th.SystemAdminUser.Id); err == nil { - t.Fatal("should fail not enough permissions") - } else { - if err.Id != "api.context.permissions.app_error" { - t.Fatal("wrong error. Got: " + err.Id) - } - } - - if _, err := th.BasicClient.RemoveUserFromTeam("", th.SystemAdminUser.Id); err == nil { - t.Fatal("should fail not enough permissions") - } else { - if err.Id != "api.context.permissions.app_error" { - t.Fatal("wrong error") - } - } - - if _, err := th.BasicClient.RemoveUserFromTeam("", th.BasicUser.Id); err != nil { - t.Fatal("should have removed the user from the team") - } - - th.BasicClient.Logout() - th.LoginSystemAdmin() - - th.SystemAdminClient.Must(th.SystemAdminClient.AddUserToTeam(th.BasicTeam.Id, th.BasicUser.Id)) - - if _, err := th.SystemAdminClient.RemoveUserFromTeam(th.BasicTeam.Id, th.BasicUser.Id); err != nil { - t.Fatal("should have removed the user from the team") - } -} - -func TestAddUserToTeamFromInvite(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - user2 := th.CreateUser(th.BasicClient) - th.BasicClient.Must(th.BasicClient.Logout()) - th.BasicClient.Must(th.BasicClient.Login(user2.Email, user2.Password)) - - if result, err := th.BasicClient.AddUserToTeamFromInvite("", "", th.BasicTeam.InviteId); err != nil { - t.Fatal(err) - } else { - rtm := result.Data.(*model.Team) - if rtm.Id != th.BasicTeam.Id { - t.Fatal() - } - } -} - -func TestGetAllTeams(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - Client := th.BasicClient - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - Client.Logout() - - user := &model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - th.LinkUserToTeam(user, team) - store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) - - Client.Login(user.Email, "passwd1") - Client.SetTeamId(team.Id) - - if r1, err := Client.GetAllTeams(); err != nil { - t.Fatal(err) - } else if teams := r1.Data.(map[string]*model.Team); len(teams) != 1 { - t.Fatal("non admin users only get the teams that they're a member of") - } else if receivedTeam, ok := teams[team.Id]; !ok || receivedTeam.Id != team.Id { - t.Fatal("should've received team that the user is a member of") - } - - if r1, err := th.SystemAdminClient.GetAllTeams(); err != nil { - t.Fatal(err) - } else if teams := r1.Data.(map[string]*model.Team); len(teams) == 1 { - t.Fatal("admin users should receive all teams") - } else if receivedTeam, ok := teams[team.Id]; !ok || receivedTeam.Id != team.Id { - t.Fatal("admin should've received team that they aren't a member of") - } - - Client.Logout() - if _, err := Client.GetAllTeams(); err == nil { - t.Fatal("Should have failed due to not being logged in.") - } -} - -func TestGetAllTeamsSanitization(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - var team *model.Team - if res, err := th.BasicClient.CreateTeam(&model.Team{ - DisplayName: t.Name() + "_1", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - }); err != nil { - t.Fatal(err) - } else { - team = res.Data.(*model.Team) - } - - var team2 *model.Team - if res, err := th.SystemAdminClient.CreateTeam(&model.Team{ - DisplayName: t.Name() + "_2", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - }); err != nil { - t.Fatal(err) - } else { - team2 = res.Data.(*model.Team) - } - - t.Run("team admin/team user", func(t *testing.T) { - if res, err := th.BasicClient.GetAllTeams(); err != nil { - t.Fatal(err) - } else { - for _, rteam := range res.Data.(map[string]*model.Team) { - if rteam.Id == team.Id { - if rteam.Email == "" { - t.Fatal("should not have sanitized email for team admin") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains for team admin") - } - } else if rteam.Id == team2.Id { - if rteam.Email != "" { - t.Fatal("should've sanitized email for non-admin") - } else if rteam.AllowedDomains != "" { - t.Fatal("should've sanitized allowed domains for non-admin") - } - } - } - } - }) - - t.Run("system admin", func(t *testing.T) { - if res, err := th.SystemAdminClient.GetAllTeams(); err != nil { - t.Fatal(err) - } else { - for _, rteam := range res.Data.(map[string]*model.Team) { - if rteam.Id != team.Id && rteam.Id != team2.Id { - continue - } - - if rteam.Email == "" { - t.Fatal("should not have sanitized email") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - } - } - }) -} - -func TestGetAllTeamListings(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN, AllowOpenInvite: true} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - Client.Logout() - - user := &model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - th.LinkUserToTeam(user, team) - store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) - - Client.Login(user.Email, "passwd1") - Client.SetTeamId(team.Id) - - if r1, err := Client.GetAllTeamListings(); err != nil { - t.Fatal(err) - } else { - teams := r1.Data.(map[string]*model.Team) - if teams[team.Id].Name != team.Name { - t.Fatal("team name doesn't match") - } - } - - th.App.UpdateUserRoles(user.Id, model.SYSTEM_ADMIN_ROLE_ID, false) - - Client.Login(user.Email, "passwd1") - Client.SetTeamId(team.Id) - - if r1, err := Client.GetAllTeams(); err != nil { - t.Fatal(err) - } else { - teams := r1.Data.(map[string]*model.Team) - if teams[team.Id].Name != team.Name { - t.Fatal("team name doesn't match") - } - } -} - -func TestGetAllTeamListingsSanitization(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - var team *model.Team - if res, err := th.BasicClient.CreateTeam(&model.Team{ - DisplayName: t.Name() + "_1", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - AllowOpenInvite: true, - }); err != nil { - t.Fatal(err) - } else { - team = res.Data.(*model.Team) - } - - var team2 *model.Team - if res, err := th.SystemAdminClient.CreateTeam(&model.Team{ - DisplayName: t.Name() + "_2", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - AllowOpenInvite: true, - }); err != nil { - t.Fatal(err) - } else { - team2 = res.Data.(*model.Team) - } - - t.Run("team admin/non-admin", func(t *testing.T) { - if res, err := th.BasicClient.GetAllTeamListings(); err != nil { - t.Fatal(err) - } else { - for _, rteam := range res.Data.(map[string]*model.Team) { - if rteam.Id == team.Id { - if rteam.Email == "" { - t.Fatal("should not have sanitized email for team admin") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains for team admin") - } - } else if rteam.Id == team2.Id { - if rteam.Email != "" { - t.Fatal("should've sanitized email for non-admin") - } else if rteam.AllowedDomains != "" { - t.Fatal("should've sanitized allowed domains for non-admin") - } - } - } - } - }) - - t.Run("system admin", func(t *testing.T) { - if res, err := th.SystemAdminClient.GetAllTeamListings(); err != nil { - t.Fatal(err) - } else { - for _, rteam := range res.Data.(map[string]*model.Team) { - if rteam.Id != team.Id && rteam.Id != team2.Id { - continue - } - - if rteam.Email == "" { - t.Fatal("should not have sanitized email") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - } - } - }) -} - -func TestTeamPermDelete(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - Client.Logout() - - user1 := &model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} - user1 = Client.Must(Client.CreateUser(user1, "")).Data.(*model.User) - th.LinkUserToTeam(user1, team) - store.Must(th.App.Srv.Store.User().VerifyEmail(user1.Id)) - - Client.Login(user1.Email, "passwd1") - Client.SetTeamId(team.Id) - - channel1 := &model.Channel{DisplayName: "TestGetPosts", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} - channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) - - post1 := &model.Post{ChannelId: channel1.Id, Message: "search for post1"} - post1 = Client.Must(Client.CreatePost(post1)).Data.(*model.Post) - - post2 := &model.Post{ChannelId: channel1.Id, Message: "search for post2"} - post2 = Client.Must(Client.CreatePost(post2)).Data.(*model.Post) - - post3 := &model.Post{ChannelId: channel1.Id, Message: "#hashtag search for post3"} - post3 = Client.Must(Client.CreatePost(post3)).Data.(*model.Post) - - post4 := &model.Post{ChannelId: channel1.Id, Message: "hashtag for post4"} - post4 = Client.Must(Client.CreatePost(post4)).Data.(*model.Post) - - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "test" - - err := th.App.PermanentDeleteTeam(team) - if err != nil { - t.Fatal(err) - } - - Client.ClearOAuthToken() -} - -func TestInviteMembers(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - Client := th.BasicClient - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - Client.Logout() - - user := &model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - th.LinkUserToTeam(user, team) - store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) - - Client.Login(user.Email, "passwd1") - Client.SetTeamId(team.Id) - - invite := make(map[string]string) - invite["email"] = "success+" + model.NewId() + "@simulator.amazonses.com" - invite["first_name"] = "Test" - invite["last_name"] = "Guy" - invites := &model.Invites{Invites: []map[string]string{invite}} - invites.Invites = append(invites.Invites, invite) - - if _, err := Client.InviteMembers(invites); err != nil { - t.Fatal(err) - } - - invites2 := &model.Invites{Invites: []map[string]string{}} - if _, err := Client.InviteMembers(invites2); err == nil { - t.Fatal("Should have errored out on no invites to send") - } - - // Check the appropriate permissions are enforced. - defaultRolePermissions := th.SaveDefaultRolePermissions() - defer func() { - th.RestoreDefaultRolePermissions(defaultRolePermissions) - }() - - // Set the config so that only team admins can add a user to a team. - th.AddPermissionToRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_ADMIN_ROLE_ID) - th.AddPermissionToRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_ADMIN_ROLE_ID) - th.RemovePermissionFromRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_USER_ROLE_ID) - th.RemovePermissionFromRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_USER_ROLE_ID) - - th.LoginBasic2() - th.LinkUserToTeam(th.BasicUser2, team) - - if _, err := Client.InviteMembers(invites); err == nil { - t.Fatal("should have errored not team admin and licensed") - } - - th.UpdateUserToTeamAdmin(th.BasicUser2, team) - Client.Logout() - th.LoginBasic2() - Client.SetTeamId(team.Id) - - if _, err := Client.InviteMembers(invites); err != nil { - t.Fatal(err) - } -} - -func TestUpdateTeamDisplayName(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - Client.Logout() - - user2 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} - user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) - th.LinkUserToTeam(user2, team) - store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) - - Client.Login(user2.Email, "passwd1") - Client.SetTeamId(team.Id) - - vteam := &model.Team{DisplayName: team.DisplayName, Name: team.Name, Email: team.Email, Type: team.Type} - vteam.DisplayName = "NewName" - if _, err := Client.UpdateTeam(vteam); err == nil { - t.Fatal("Should have errored, not admin") - } - - th.LoginBasic() - - vteam.DisplayName = "" - if _, err := Client.UpdateTeam(vteam); err == nil { - t.Fatal("Should have errored, empty name") - } - - vteam.DisplayName = "NewName" - if _, err := Client.UpdateTeam(vteam); err != nil { - t.Fatal(err) - } -} - -func TestUpdateTeamSanitization(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - var team *model.Team - if res, err := th.BasicClient.CreateTeam(&model.Team{ - DisplayName: t.Name() + "_1", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - }); err != nil { - t.Fatal(err) - } else { - team = res.Data.(*model.Team) - } - - // Non-admin users cannot update the team - - t.Run("team admin", func(t *testing.T) { - // API v3 always assumes you're updating the current team - th.BasicClient.SetTeamId(team.Id) - - if res, err := th.BasicClient.UpdateTeam(team); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email == "" { - t.Fatal("should not have sanitized email for admin") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - }) - - t.Run("system admin", func(t *testing.T) { - // API v3 always assumes you're updating the current team - th.SystemAdminClient.SetTeamId(team.Id) - - if res, err := th.SystemAdminClient.UpdateTeam(team); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email == "" { - t.Fatal("should not have sanitized email for admin") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - }) -} - -func TestFuzzyTeamCreate(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - - for i := 0; i < len(utils.FUZZY_STRINGS_NAMES) || i < len(utils.FUZZY_STRINGS_EMAILS); i++ { - testDisplayName := "Name" - testEmail := "test@nowhere.com" - - if i < len(utils.FUZZY_STRINGS_NAMES) { - testDisplayName = utils.FUZZY_STRINGS_NAMES[i] - } - if i < len(utils.FUZZY_STRINGS_EMAILS) { - testEmail = utils.FUZZY_STRINGS_EMAILS[i] - } - - team := model.Team{DisplayName: testDisplayName, Name: "z-z-" + model.NewId() + "a", Email: testEmail, Type: model.TEAM_OPEN} - - _, err := Client.CreateTeam(&team) - if err != nil { - t.Fatal(err) - } - } -} - -func TestGetMyTeam(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - rteam, _ := Client.CreateTeam(team) - team = rteam.Data.(*model.Team) - - Client.Logout() - - user := model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} - ruser, _ := Client.CreateUser(&user, "") - th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) - store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) - - Client.Login(user.Email, user.Password) - Client.SetTeamId(team.Id) - - if result, err := Client.GetMyTeam(""); err != nil { - t.Fatal(err) - } else { - if result.Data.(*model.Team).DisplayName != team.DisplayName { - t.Fatal("team names did not match") - } - if result.Data.(*model.Team).Name != team.Name { - t.Fatal("team domains did not match") - } - if result.Data.(*model.Team).Type != team.Type { - t.Fatal("team types did not match") - } - } -} - -func TestGetMyTeamSanitization(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - var team *model.Team - if res, err := th.BasicClient.CreateTeam(&model.Team{ - DisplayName: t.Name() + "_1", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - }); err != nil { - t.Fatal(err) - } else { - team = res.Data.(*model.Team) - } - - t.Run("team user", func(t *testing.T) { - th.LinkUserToTeam(th.BasicUser2, team) - - client := th.CreateClient() - client.Must(client.Login(th.BasicUser2.Email, th.BasicUser2.Password)) - - client.SetTeamId(team.Id) - - if res, err := client.GetMyTeam(""); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email != "" { - t.Fatal("should've sanitized email") - } else if rteam.AllowedDomains != "" { - t.Fatal("should've sanitized allowed domains") - } - }) - - t.Run("team admin", func(t *testing.T) { - th.BasicClient.SetTeamId(team.Id) - - if res, err := th.BasicClient.GetMyTeam(""); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email == "" { - t.Fatal("should not have sanitized email") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - }) - - t.Run("system admin", func(t *testing.T) { - th.SystemAdminClient.SetTeamId(team.Id) - - if res, err := th.SystemAdminClient.GetMyTeam(""); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email == "" { - t.Fatal("should not have sanitized email") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - }) -} - -func TestGetTeamMembers(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - if result, err := th.BasicClient.GetTeamMembers(th.BasicTeam.Id, 0, 100); err != nil { - t.Fatal(err) - } else { - members := result.Data.([]*model.TeamMember) - if len(members) == 0 { - t.Fatal("should have results") - } - } - - if _, err := th.BasicClient.GetTeamMembers("junk", 0, 100); err == nil { - t.Fatal("should have errored - bad team id") - } -} - -func TestGetMyTeamMembers(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - if result, err := th.BasicClient.GetMyTeamMembers(); err != nil { - t.Fatal(err) - } else { - members := result.Data.([]*model.TeamMember) - if len(members) == 0 { - t.Fatal("should have results") - } - } -} - -func TestGetMyTeamsUnread(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - if result, err := th.BasicClient.GetMyTeamsUnread(""); err != nil { - t.Fatal(err) - } else { - members := result.Data.([]*model.TeamUnread) - if len(members) == 0 { - t.Fatal("should have results") - } - } - - if result, err := th.BasicClient.GetMyTeamsUnread(th.BasicTeam.Id); err != nil { - t.Fatal(err) - } else { - members := result.Data.([]*model.TeamUnread) - if len(members) != 0 { - t.Fatal("should not have results") - } - } -} - -func TestGetTeamMember(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - if result, err := th.BasicClient.GetTeamMember(th.BasicTeam.Id, th.BasicUser.Id); err != nil { - t.Fatal(err) - } else { - member := result.Data.(*model.TeamMember) - if member == nil { - t.Fatal("should be valid") - } - } - - if _, err := th.BasicClient.GetTeamMember("junk", th.BasicUser.Id); err == nil { - t.Fatal("should have errored - bad team id") - } - - if _, err := th.BasicClient.GetTeamMember(th.BasicTeam.Id, ""); err == nil { - t.Fatal("should have errored - blank user id") - } - - if _, err := th.BasicClient.GetTeamMember(th.BasicTeam.Id, "junk"); err == nil { - t.Fatal("should have errored - bad user id") - } - - if _, err := th.BasicClient.GetTeamMember(th.BasicTeam.Id, "12345678901234567890123456"); err == nil { - t.Fatal("should have errored - bad user id") - } -} - -func TestGetTeamMembersByIds(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - if result, err := th.BasicClient.GetTeamMembersByIds(th.BasicTeam.Id, []string{th.BasicUser.Id}); err != nil { - t.Fatal(err) - } else { - member := result.Data.([]*model.TeamMember)[0] - if member.UserId != th.BasicUser.Id { - t.Fatal("user id did not match") - } - if member.TeamId != th.BasicTeam.Id { - t.Fatal("team id did not match") - } - } - - if result, err := th.BasicClient.GetTeamMembersByIds(th.BasicTeam.Id, []string{th.BasicUser.Id, th.BasicUser2.Id, model.NewId()}); err != nil { - t.Fatal(err) - } else { - members := result.Data.([]*model.TeamMember) - if len(members) != 2 { - t.Fatal("length should have been 2") - } - } - - if _, err := th.BasicClient.GetTeamMembersByIds("junk", []string{th.BasicUser.Id}); err == nil { - t.Fatal("should have errored - bad team id") - } - - if _, err := th.BasicClient.GetTeamMembersByIds(th.BasicTeam.Id, []string{}); err == nil { - t.Fatal("should have errored - empty user ids") - } -} - -func TestUpdateTeamMemberRoles(t *testing.T) { - th := Setup().InitSystemAdmin().InitBasic() - defer th.TearDown() - - th.SystemAdminClient.SetTeamId(th.BasicTeam.Id) - th.LinkUserToTeam(th.SystemAdminUser, th.BasicTeam) - - const BASIC_MEMBER = "team_user" - const TEAM_ADMIN = "team_user team_admin" - - // user 1 trying to promote user 2 - if _, err := th.BasicClient.UpdateTeamRoles(th.BasicUser2.Id, TEAM_ADMIN); err == nil { - t.Fatal("Should have errored, not team admin") - } - - // user 1 trying to promote themselves - if _, err := th.BasicClient.UpdateTeamRoles(th.BasicUser.Id, TEAM_ADMIN); err == nil { - t.Fatal("Should have errored, not team admin") - } - - // user 1 trying to demote someone - if _, err := th.BasicClient.UpdateTeamRoles(th.SystemAdminUser.Id, BASIC_MEMBER); err == nil { - t.Fatal("Should have errored, not team admin") - } - - // system admin promoting user1 - if _, err := th.SystemAdminClient.UpdateTeamRoles(th.BasicUser.Id, TEAM_ADMIN); err != nil { - t.Fatal("Should have worked: " + err.Error()) - } - - // user 1 trying to promote user 2 - if _, err := th.BasicClient.UpdateTeamRoles(th.BasicUser2.Id, TEAM_ADMIN); err != nil { - t.Fatal("Should have worked, user is team admin: " + th.BasicUser.Id) - } - - // user 1 trying to demote user 2 - if _, err := th.BasicClient.UpdateTeamRoles(th.BasicUser2.Id, BASIC_MEMBER); err != nil { - t.Fatal("Should have worked, user is team admin") - } - - // user 1 trying to demote a system admin - if _, err := th.BasicClient.UpdateTeamRoles(th.SystemAdminUser.Id, BASIC_MEMBER); err != nil { - t.Fatal("Should have worked, user is team admin and has the ability to manage permissions on this team.") - // Note to anyone who thinks this test is wrong: - // This operation will not effect the system admin's permissions because they have global access to all teams. - // Their team level permissions are irrelevant. A team admin should be able to manage team level permissions. - } - - // System admins should be able to manipulate permission no matter what their team level permissions are. - // systemAdmin trying to promote user 2 - if _, err := th.SystemAdminClient.UpdateTeamRoles(th.BasicUser2.Id, TEAM_ADMIN); err != nil { - t.Fatal("Should have worked, user is system admin") - } - - // system admin trying to demote user 2 - if _, err := th.SystemAdminClient.UpdateTeamRoles(th.BasicUser2.Id, BASIC_MEMBER); err != nil { - t.Fatal("Should have worked, user is system admin") - } - - // user 1 trying to demote himself - if _, err := th.BasicClient.UpdateTeamRoles(th.BasicUser.Id, BASIC_MEMBER); err != nil { - t.Fatal("Should have worked, user is team admin") - } -} - -func TestGetTeamStats(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - Client := th.BasicClient - - if result, err := th.SystemAdminClient.GetTeamStats(th.BasicTeam.Id); err != nil { - t.Fatal(err) - } else { - if result.Data.(*model.TeamStats).TotalMemberCount != 2 { - t.Fatal("wrong count") - } - - if result.Data.(*model.TeamStats).ActiveMemberCount != 2 { - t.Fatal("wrong count") - } - } - - th.SystemAdminClient.Must(th.SystemAdminClient.UpdateActive(th.BasicUser2.Id, false)) - - if result, err := th.SystemAdminClient.GetTeamStats(th.BasicTeam.Id); err != nil { - t.Fatal(err) - } else { - if result.Data.(*model.TeamStats).TotalMemberCount != 2 { - t.Fatal("wrong count") - } - - if result.Data.(*model.TeamStats).ActiveMemberCount != 1 { - t.Fatal("wrong count") - } - } - - if _, err := th.SystemAdminClient.GetTeamStats("junk"); err == nil { - t.Fatal("should fail invalid teamid") - } else { - if err.Id != "store.sql_team.get.find.app_error" { - t.Fatal("wrong error. Got: " + err.Id) - } - } - - if result, err := th.SystemAdminClient.GetTeamStats(th.BasicTeam.Id); err != nil { - t.Fatal(err) - } else { - if result.Data.(*model.TeamStats).TotalMemberCount != 2 { - t.Fatal("wrong count") - } - } - - user := model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} - ruser, _ := Client.CreateUser(&user, "") - store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) - - Client.Login(user.Email, user.Password) - - if _, err := Client.GetTeamStats(th.BasicTeam.Id); err == nil { - t.Fatal("should have errored - not on team") - } -} - -func TestUpdateTeamDescription(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - Client.Logout() - - user2 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Jabba the Hutt", Password: "passwd1"} - user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) - th.LinkUserToTeam(user2, team) - store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) - - Client.Login(user2.Email, "passwd1") - Client.SetTeamId(team.Id) - - vteam := &model.Team{DisplayName: team.DisplayName, Name: team.Name, Description: team.Description, Email: team.Email, Type: team.Type} - vteam.Description = "yommamma" - if _, err := Client.UpdateTeam(vteam); err == nil { - t.Fatal("Should have errored, not admin") - } - - th.LoginBasic() - - vteam.Description = "" - if _, err := Client.UpdateTeam(vteam); err != nil { - t.Fatal("Should have errored, should save blank Description") - } - - vteam.Description = "yommamma" - if _, err := Client.UpdateTeam(vteam); err != nil { - t.Fatal(err) - } -} - -func TestGetTeamByName(t *testing.T) { - th := Setup().InitSystemAdmin().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN, AllowOpenInvite: false} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - team2 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN, AllowOpenInvite: true} - team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team) - - team3 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_INVITE, AllowOpenInvite: true} - team3 = Client.Must(Client.CreateTeam(team3)).Data.(*model.Team) - - if _, err := Client.GetTeamByName(team.Name); err != nil { - t.Fatal("Failed to get team") - } - - if _, err := Client.GetTeamByName("InvalidTeamName"); err == nil { - t.Fatal("Should not exist this team") - } - - if _, err := Client.GetTeamByName(team2.Name); err != nil { - t.Fatal("Failed to get team") - } - - Client.Must(Client.Logout()) - - user2 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Jabba the Hutt", Password: "passwd1"} - user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) - store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) - - Client.Login(user2.Email, "passwd1") - - // AllowInviteOpen is false and team is open and user is not part of the team - if _, err := Client.GetTeamByName(team.Name); err == nil { - t.Fatal("Should fail dont have permissions to get the team") - } - - if _, err := Client.GetTeamByName("InvalidTeamName"); err == nil { - t.Fatal("Should not exist this team") - } - - // AllowInviteOpen is true and is open and user is not part of the team - if _, err := Client.GetTeamByName(team2.Name); err != nil { - t.Fatal("Should not fail team is open") - } - - // AllowInviteOpen is true and is invite only and user is not part of the team - if _, err := Client.GetTeamByName(team3.Name); err == nil { - t.Fatal("Should fail team is invite only") - } - - Client.Must(Client.Logout()) - th.BasicClient.Logout() - th.LoginSystemAdmin() - - if _, err := th.SystemAdminClient.GetTeamByName(team.Name); err != nil { - t.Fatal("Should not fail to get team the user is admin") - } - - if _, err := th.SystemAdminClient.GetTeamByName(team2.Name); err != nil { - t.Fatal("Should not fail to get team the user is admin and team is open") - } - - if _, err := th.SystemAdminClient.GetTeamByName(team3.Name); err != nil { - t.Fatal("Should not fail to get team the user is admin and team is invite") - } - - if _, err := Client.GetTeamByName("InvalidTeamName"); err == nil { - t.Fatal("Should not exist this team") - } - - Client.Logout() - if _, err := Client.GetTeamByName(th.BasicTeam.Name); err == nil { - t.Fatal("Should have failed when not logged in.") - } -} - -func TestGetTeamByNameSanitization(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() - - var team *model.Team - if res, err := th.BasicClient.CreateTeam(&model.Team{ - DisplayName: t.Name() + "_1", - Name: GenerateTestTeamName(), - Email: th.GenerateTestEmail(), - Type: model.TEAM_OPEN, - AllowedDomains: "simulator.amazonses.com", - }); err != nil { - t.Fatal(err) - } else { - team = res.Data.(*model.Team) - } - - t.Run("team user", func(t *testing.T) { - th.LinkUserToTeam(th.BasicUser2, team) - - client := th.CreateClient() - client.Must(client.Login(th.BasicUser2.Email, th.BasicUser2.Password)) - - if res, err := client.GetTeamByName(team.Name); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email != "" { - t.Fatal("should've sanitized email") - } else if rteam.AllowedDomains != "" { - t.Fatal("should've sanitized allowed domains") - } - }) - - t.Run("team admin", func(t *testing.T) { - if res, err := th.BasicClient.GetTeamByName(team.Name); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email == "" { - t.Fatal("should not have sanitized email") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - }) - - t.Run("system admin", func(t *testing.T) { - th.SystemAdminClient.SetTeamId(team.Id) - - if res, err := th.SystemAdminClient.GetTeamByName(team.Name); err != nil { - t.Fatal(err) - } else if rteam := res.Data.(*model.Team); rteam.Email == "" { - t.Fatal("should not have sanitized email") - } else if rteam.AllowedDomains == "" { - t.Fatal("should not have sanitized allowed domains") - } - }) -} - -func TestFindTeamByName(t *testing.T) { - th := Setup().InitBasic() - defer th.TearDown() - - Client := th.BasicClient - Client.Logout() - - if _, err := Client.FindTeamByName(th.BasicTeam.Name); err == nil { - t.Fatal("Should have failed when not logged in.") - } -} -- cgit v1.2.3-1-g7c22