From 0c4078b6b05b4b436c459c4f58faa5302ace8e12 Mon Sep 17 00:00:00 2001 From: George Goldberg Date: Tue, 5 Jun 2018 12:41:03 +0100 Subject: MM-9730 & MM-9729: Missing Server PRs (#8908) * MM-9730: API endpoint to update scheme-derived roles of TeamMembers. * MM-9729: API to update scheme-derived roles of ChannelMembers. --- api4/channel.go | 26 ++++++++++++++++++ api4/channel_test.go | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++ api4/team.go | 27 ++++++++++++++++++- api4/team_test.go | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 203 insertions(+), 1 deletion(-) (limited to 'api4') diff --git a/api4/channel.go b/api4/channel.go index e5101ada8..b2c920ddb 100644 --- a/api4/channel.go +++ b/api4/channel.go @@ -45,6 +45,7 @@ func (api *API) InitChannel() { api.BaseRoutes.ChannelMember.Handle("", api.ApiSessionRequired(getChannelMember)).Methods("GET") api.BaseRoutes.ChannelMember.Handle("", api.ApiSessionRequired(removeChannelMember)).Methods("DELETE") api.BaseRoutes.ChannelMember.Handle("/roles", api.ApiSessionRequired(updateChannelMemberRoles)).Methods("PUT") + api.BaseRoutes.ChannelMember.Handle("/schemeRoles", api.ApiSessionRequired(updateChannelMemberSchemeRoles)).Methods("PUT") api.BaseRoutes.ChannelMember.Handle("/notify_props", api.ApiSessionRequired(updateChannelMemberNotifyProps)).Methods("PUT") } @@ -811,6 +812,31 @@ func updateChannelMemberRoles(c *Context, w http.ResponseWriter, r *http.Request ReturnStatusOK(w) } +func updateChannelMemberSchemeRoles(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireChannelId().RequireUserId() + if c.Err != nil { + return + } + + schemeRoles := model.SchemeRolesFromJson(r.Body) + if schemeRoles == nil { + c.SetInvalidParam("scheme_roles") + return + } + + if !c.App.SessionHasPermissionToChannel(c.Session, c.Params.ChannelId, model.PERMISSION_MANAGE_CHANNEL_ROLES) { + c.SetPermissionError(model.PERMISSION_MANAGE_CHANNEL_ROLES) + return + } + + if _, err := c.App.UpdateChannelMemberSchemeRoles(c.Params.ChannelId, c.Params.UserId, schemeRoles.SchemeUser, schemeRoles.SchemeAdmin); err != nil { + c.Err = err + return + } + + ReturnStatusOK(w) +} + func updateChannelMemberNotifyProps(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireChannelId().RequireUserId() if c.Err != nil { diff --git a/api4/channel_test.go b/api4/channel_test.go index 7b677f77f..d66c2a640 100644 --- a/api4/channel_test.go +++ b/api4/channel_test.go @@ -15,6 +15,7 @@ import ( "github.com/mattermost/mattermost-server/model" "github.com/mattermost/mattermost-server/utils" + "github.com/stretchr/testify/assert" ) func TestCreateChannel(t *testing.T) { @@ -1537,6 +1538,81 @@ func TestUpdateChannelRoles(t *testing.T) { CheckForbiddenStatus(t, resp) } +func TestUpdateChannelMemberSchemeRoles(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer th.TearDown() + SystemAdminClient := th.SystemAdminClient + th.LoginBasic() + + s1 := &model.SchemeRoles{ + SchemeAdmin: false, + SchemeUser: false, + } + _, r1 := SystemAdminClient.UpdateChannelMemberSchemeRoles(th.BasicChannel.Id, th.BasicUser.Id, s1) + CheckNoError(t, r1) + + tm1, rtm1 := SystemAdminClient.GetChannelMember(th.BasicChannel.Id, th.BasicUser.Id, "") + CheckNoError(t, rtm1) + assert.Equal(t, false, tm1.SchemeUser) + assert.Equal(t, false, tm1.SchemeAdmin) + + s2 := &model.SchemeRoles{ + SchemeAdmin: false, + SchemeUser: true, + } + _, r2 := SystemAdminClient.UpdateChannelMemberSchemeRoles(th.BasicChannel.Id, th.BasicUser.Id, s2) + CheckNoError(t, r2) + + tm2, rtm2 := SystemAdminClient.GetChannelMember(th.BasicChannel.Id, th.BasicUser.Id, "") + CheckNoError(t, rtm2) + assert.Equal(t, true, tm2.SchemeUser) + assert.Equal(t, false, tm2.SchemeAdmin) + + s3 := &model.SchemeRoles{ + SchemeAdmin: true, + SchemeUser: false, + } + _, r3 := SystemAdminClient.UpdateChannelMemberSchemeRoles(th.BasicChannel.Id, th.BasicUser.Id, s3) + CheckNoError(t, r3) + + tm3, rtm3 := SystemAdminClient.GetChannelMember(th.BasicChannel.Id, th.BasicUser.Id, "") + CheckNoError(t, rtm3) + assert.Equal(t, false, tm3.SchemeUser) + assert.Equal(t, true, tm3.SchemeAdmin) + + s4 := &model.SchemeRoles{ + SchemeAdmin: true, + SchemeUser: true, + } + _, r4 := SystemAdminClient.UpdateChannelMemberSchemeRoles(th.BasicChannel.Id, th.BasicUser.Id, s4) + CheckNoError(t, r4) + + tm4, rtm4 := SystemAdminClient.GetChannelMember(th.BasicChannel.Id, th.BasicUser.Id, "") + CheckNoError(t, rtm4) + assert.Equal(t, true, tm4.SchemeUser) + assert.Equal(t, true, tm4.SchemeAdmin) + + _, resp := SystemAdminClient.UpdateChannelMemberSchemeRoles(model.NewId(), th.BasicUser.Id, s4) + CheckForbiddenStatus(t, resp) + + _, resp = SystemAdminClient.UpdateChannelMemberSchemeRoles(th.BasicChannel.Id, model.NewId(), s4) + CheckNotFoundStatus(t, resp) + + _, resp = SystemAdminClient.UpdateChannelMemberSchemeRoles("ASDF", th.BasicUser.Id, s4) + CheckBadRequestStatus(t, resp) + + _, resp = SystemAdminClient.UpdateChannelMemberSchemeRoles(th.BasicChannel.Id, "ASDF", s4) + CheckBadRequestStatus(t, resp) + + th.LoginBasic2() + _, resp = th.Client.UpdateChannelMemberSchemeRoles(th.BasicChannel.Id, th.BasicUser.Id, s4) + CheckForbiddenStatus(t, resp) + + SystemAdminClient.Logout() + _, resp = SystemAdminClient.UpdateChannelMemberSchemeRoles(th.BasicChannel.Id, th.SystemAdminUser.Id, s4) + CheckUnauthorizedStatus(t, resp) +} + func TestUpdateChannelNotifyProps(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer th.TearDown() diff --git a/api4/team.go b/api4/team.go index 74b385122..adb8ae355 100644 --- a/api4/team.go +++ b/api4/team.go @@ -49,7 +49,7 @@ func (api *API) InitTeam() { api.BaseRoutes.TeamMember.Handle("", api.ApiSessionRequired(getTeamMember)).Methods("GET") api.BaseRoutes.TeamByName.Handle("/exists", api.ApiSessionRequired(teamExists)).Methods("GET") api.BaseRoutes.TeamMember.Handle("/roles", api.ApiSessionRequired(updateTeamMemberRoles)).Methods("PUT") - + api.BaseRoutes.TeamMember.Handle("/schemeRoles", api.ApiSessionRequired(updateTeamMemberSchemeRoles)).Methods("PUT") api.BaseRoutes.Team.Handle("/import", api.ApiSessionRequired(importTeam)).Methods("POST") api.BaseRoutes.Team.Handle("/invite/email", api.ApiSessionRequired(inviteUsersToTeam)).Methods("POST") api.BaseRoutes.Teams.Handle("/invite/{invite_id:[A-Za-z0-9]+}", api.ApiHandler(getInviteInfo)).Methods("GET") @@ -539,6 +539,31 @@ func updateTeamMemberRoles(c *Context, w http.ResponseWriter, r *http.Request) { ReturnStatusOK(w) } +func updateTeamMemberSchemeRoles(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireTeamId().RequireUserId() + if c.Err != nil { + return + } + + schemeRoles := model.SchemeRolesFromJson(r.Body) + if schemeRoles == nil { + c.SetInvalidParam("scheme_roles") + return + } + + if !c.App.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_MANAGE_TEAM_ROLES) { + c.SetPermissionError(model.PERMISSION_MANAGE_TEAM_ROLES) + return + } + + if _, err := c.App.UpdateTeamMemberSchemeRoles(c.Params.TeamId, c.Params.UserId, schemeRoles.SchemeUser, schemeRoles.SchemeAdmin); err != nil { + c.Err = err + return + } + + ReturnStatusOK(w) +} + func getAllTeams(c *Context, w http.ResponseWriter, r *http.Request) { var teams []*model.Team var err *model.AppError diff --git a/api4/team_test.go b/api4/team_test.go index 079ba37ec..48e3404eb 100644 --- a/api4/team_test.go +++ b/api4/team_test.go @@ -1712,6 +1712,81 @@ func TestUpdateTeamMemberRoles(t *testing.T) { CheckNoError(t, resp) } +func TestUpdateTeamMemberSchemeRoles(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer th.TearDown() + SystemAdminClient := th.SystemAdminClient + th.LoginBasic() + + s1 := &model.SchemeRoles{ + SchemeAdmin: false, + SchemeUser: false, + } + _, r1 := SystemAdminClient.UpdateTeamMemberSchemeRoles(th.BasicTeam.Id, th.BasicUser.Id, s1) + CheckNoError(t, r1) + + tm1, rtm1 := SystemAdminClient.GetTeamMember(th.BasicTeam.Id, th.BasicUser.Id, "") + CheckNoError(t, rtm1) + assert.Equal(t, false, tm1.SchemeUser) + assert.Equal(t, false, tm1.SchemeAdmin) + + s2 := &model.SchemeRoles{ + SchemeAdmin: false, + SchemeUser: true, + } + _, r2 := SystemAdminClient.UpdateTeamMemberSchemeRoles(th.BasicTeam.Id, th.BasicUser.Id, s2) + CheckNoError(t, r2) + + tm2, rtm2 := SystemAdminClient.GetTeamMember(th.BasicTeam.Id, th.BasicUser.Id, "") + CheckNoError(t, rtm2) + assert.Equal(t, true, tm2.SchemeUser) + assert.Equal(t, false, tm2.SchemeAdmin) + + s3 := &model.SchemeRoles{ + SchemeAdmin: true, + SchemeUser: false, + } + _, r3 := SystemAdminClient.UpdateTeamMemberSchemeRoles(th.BasicTeam.Id, th.BasicUser.Id, s3) + CheckNoError(t, r3) + + tm3, rtm3 := SystemAdminClient.GetTeamMember(th.BasicTeam.Id, th.BasicUser.Id, "") + CheckNoError(t, rtm3) + assert.Equal(t, false, tm3.SchemeUser) + assert.Equal(t, true, tm3.SchemeAdmin) + + s4 := &model.SchemeRoles{ + SchemeAdmin: true, + SchemeUser: true, + } + _, r4 := SystemAdminClient.UpdateTeamMemberSchemeRoles(th.BasicTeam.Id, th.BasicUser.Id, s4) + CheckNoError(t, r4) + + tm4, rtm4 := SystemAdminClient.GetTeamMember(th.BasicTeam.Id, th.BasicUser.Id, "") + CheckNoError(t, rtm4) + assert.Equal(t, true, tm4.SchemeUser) + assert.Equal(t, true, tm4.SchemeAdmin) + + _, resp := SystemAdminClient.UpdateTeamMemberSchemeRoles(model.NewId(), th.BasicUser.Id, s4) + CheckNotFoundStatus(t, resp) + + _, resp = SystemAdminClient.UpdateTeamMemberSchemeRoles(th.BasicTeam.Id, model.NewId(), s4) + CheckNotFoundStatus(t, resp) + + _, resp = SystemAdminClient.UpdateTeamMemberSchemeRoles("ASDF", th.BasicUser.Id, s4) + CheckBadRequestStatus(t, resp) + + _, resp = SystemAdminClient.UpdateTeamMemberSchemeRoles(th.BasicTeam.Id, "ASDF", s4) + CheckBadRequestStatus(t, resp) + + th.LoginBasic2() + _, resp = th.Client.UpdateTeamMemberSchemeRoles(th.BasicTeam.Id, th.BasicUser.Id, s4) + CheckForbiddenStatus(t, resp) + + SystemAdminClient.Logout() + _, resp = SystemAdminClient.UpdateTeamMemberSchemeRoles(th.BasicTeam.Id, th.SystemAdminUser.Id, s4) + CheckUnauthorizedStatus(t, resp) +} + func TestGetMyTeamsUnread(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer th.TearDown() -- cgit v1.2.3-1-g7c22