From a4764a5c10ec59820eec7338d97be48d41c1a4d6 Mon Sep 17 00:00:00 2001 From: George Goldberg Date: Thu, 30 Mar 2017 02:10:51 +0100 Subject: PLT-6083: API to get users not in a specific team. (#5888) --- api4/user.go | 13 +++++++++++++ api4/user_test.go | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) (limited to 'api4') diff --git a/api4/user.go b/api4/user.go index 4eb4479c2..298c5cc8d 100644 --- a/api4/user.go +++ b/api4/user.go @@ -266,6 +266,7 @@ func setProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { func getUsers(c *Context, w http.ResponseWriter, r *http.Request) { inTeamId := r.URL.Query().Get("in_team") + notInTeamId := r.URL.Query().Get("not_in_team") inChannelId := r.URL.Query().Get("in_channel") notInChannelId := r.URL.Query().Get("not_in_channel") @@ -285,6 +286,18 @@ func getUsers(c *Context, w http.ResponseWriter, r *http.Request) { } profiles, err = app.GetUsersNotInChannelPage(inTeamId, notInChannelId, c.Params.Page, c.Params.PerPage, c.IsSystemAdmin()) + } else if len(notInTeamId) > 0 { + if !app.SessionHasPermissionToTeam(c.Session, notInTeamId, model.PERMISSION_VIEW_TEAM) { + c.SetPermissionError(model.PERMISSION_VIEW_TEAM) + return + } + + etag = app.GetUsersNotInTeamEtag(inTeamId) + if HandleEtag(etag, "Get Users Not in Team", w, r) { + return + } + + profiles, err = app.GetUsersNotInTeamPage(notInTeamId, c.Params.Page, c.Params.PerPage, c.IsSystemAdmin()) } else if len(inTeamId) > 0 { if !app.SessionHasPermissionToTeam(c.Session, inTeamId, model.PERMISSION_VIEW_TEAM) { c.SetPermissionError(model.PERMISSION_VIEW_TEAM) diff --git a/api4/user_test.go b/api4/user_test.go index fe53229a5..f6561310b 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -897,6 +897,52 @@ func TestGetUsersInTeam(t *testing.T) { CheckNoError(t, resp) } +func TestGetUsersNotInTeam(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + teamId := th.BasicTeam.Id + + rusers, resp := Client.GetUsersNotInTeam(teamId, 0, 60, "") + CheckNoError(t, resp) + for _, u := range rusers { + CheckUserSanitization(t, u) + } + + rusers, resp = Client.GetUsersNotInTeam(teamId, 0, 60, resp.Etag) + CheckEtag(t, rusers, resp) + + rusers, resp = Client.GetUsersNotInTeam(teamId, 0, 1, "") + CheckNoError(t, resp) + if len(rusers) != 1 { + t.Fatal("should be 1 per page") + } + + rusers, resp = Client.GetUsersNotInTeam(teamId, 1, 1, "") + CheckNoError(t, resp) + if len(rusers) != 1 { + t.Fatal("should be 1 per page") + } + + rusers, resp = Client.GetUsersNotInTeam(teamId, 10000, 100, "") + CheckNoError(t, resp) + if len(rusers) != 0 { + t.Fatal("should be no users") + } + + Client.Logout() + _, resp = Client.GetUsersNotInTeam(teamId, 0, 60, "") + CheckUnauthorizedStatus(t, resp) + + user := th.CreateUser() + Client.Login(user.Email, user.Password) + _, resp = Client.GetUsersNotInTeam(teamId, 0, 60, "") + CheckForbiddenStatus(t, resp) + + _, resp = th.SystemAdminClient.GetUsersNotInTeam(teamId, 0, 60, "") + CheckNoError(t, resp) +} + func TestGetUsersInChannel(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() -- cgit v1.2.3-1-g7c22