mirror of
https://github.com/grafana/grafana.git
synced 2024-12-02 13:39:19 -06:00
2a78d2a61c
* pkg/services: Check errors * pkg/services: Don't treat context.Canceled|context.DeadlineExceeded as error
280 lines
11 KiB
Go
280 lines
11 KiB
Go
package sqlstore
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"testing"
|
|
|
|
. "github.com/smartystreets/goconvey/convey"
|
|
|
|
"github.com/grafana/grafana/pkg/models"
|
|
)
|
|
|
|
func TestTeamCommandsAndQueries(t *testing.T) {
|
|
|
|
Convey("Testing Team commands & queries", t, func() {
|
|
InitTestDB(t)
|
|
|
|
Convey("Given saved users and two teams", func() {
|
|
var userIds []int64
|
|
for i := 0; i < 5; i++ {
|
|
userCmd := &models.CreateUserCommand{
|
|
Email: fmt.Sprint("user", i, "@test.com"),
|
|
Name: fmt.Sprint("user", i),
|
|
Login: fmt.Sprint("loginuser", i),
|
|
}
|
|
err := CreateUser(context.Background(), userCmd)
|
|
So(err, ShouldBeNil)
|
|
userIds = append(userIds, userCmd.Result.Id)
|
|
}
|
|
|
|
var testOrgId int64 = 1
|
|
group1 := models.CreateTeamCommand{OrgId: testOrgId, Name: "group1 name", Email: "test1@test.com"}
|
|
group2 := models.CreateTeamCommand{OrgId: testOrgId, Name: "group2 name", Email: "test2@test.com"}
|
|
|
|
err := CreateTeam(&group1)
|
|
So(err, ShouldBeNil)
|
|
err = CreateTeam(&group2)
|
|
So(err, ShouldBeNil)
|
|
|
|
Convey("Should be able to create teams and add users", func() {
|
|
query := &models.SearchTeamsQuery{OrgId: testOrgId, Name: "group1 name", Page: 1, Limit: 10}
|
|
err = SearchTeams(query)
|
|
So(err, ShouldBeNil)
|
|
So(query.Page, ShouldEqual, 1)
|
|
|
|
team1 := query.Result.Teams[0]
|
|
So(team1.Name, ShouldEqual, "group1 name")
|
|
So(team1.Email, ShouldEqual, "test1@test.com")
|
|
So(team1.OrgId, ShouldEqual, testOrgId)
|
|
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: team1.Id, UserId: userIds[0]})
|
|
So(err, ShouldBeNil)
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: team1.Id, UserId: userIds[1], External: true})
|
|
So(err, ShouldBeNil)
|
|
|
|
q1 := &models.GetTeamMembersQuery{OrgId: testOrgId, TeamId: team1.Id}
|
|
err = GetTeamMembers(q1)
|
|
So(err, ShouldBeNil)
|
|
So(q1.Result, ShouldHaveLength, 2)
|
|
So(q1.Result[0].TeamId, ShouldEqual, team1.Id)
|
|
So(q1.Result[0].Login, ShouldEqual, "loginuser0")
|
|
So(q1.Result[0].OrgId, ShouldEqual, testOrgId)
|
|
So(q1.Result[1].TeamId, ShouldEqual, team1.Id)
|
|
So(q1.Result[1].Login, ShouldEqual, "loginuser1")
|
|
So(q1.Result[1].OrgId, ShouldEqual, testOrgId)
|
|
So(q1.Result[1].External, ShouldEqual, true)
|
|
|
|
q2 := &models.GetTeamMembersQuery{OrgId: testOrgId, TeamId: team1.Id, External: true}
|
|
err = GetTeamMembers(q2)
|
|
So(err, ShouldBeNil)
|
|
So(q2.Result, ShouldHaveLength, 1)
|
|
So(q2.Result[0].TeamId, ShouldEqual, team1.Id)
|
|
So(q2.Result[0].Login, ShouldEqual, "loginuser1")
|
|
So(q2.Result[0].OrgId, ShouldEqual, testOrgId)
|
|
So(q2.Result[0].External, ShouldEqual, true)
|
|
})
|
|
|
|
Convey("Should return latest auth module for users when getting team members", func() {
|
|
userId := userIds[1]
|
|
err := SetAuthInfo(&models.SetAuthInfoCommand{UserId: userId, AuthModule: "oauth_github", AuthId: "1234567"})
|
|
So(err, ShouldBeNil)
|
|
|
|
teamQuery := &models.SearchTeamsQuery{OrgId: testOrgId, Name: "group1 name", Page: 1, Limit: 10}
|
|
err = SearchTeams(teamQuery)
|
|
So(err, ShouldBeNil)
|
|
So(teamQuery.Page, ShouldEqual, 1)
|
|
|
|
team1 := teamQuery.Result.Teams[0]
|
|
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: team1.Id, UserId: userId, External: true})
|
|
So(err, ShouldBeNil)
|
|
|
|
memberQuery := &models.GetTeamMembersQuery{OrgId: testOrgId, TeamId: team1.Id, External: true}
|
|
err = GetTeamMembers(memberQuery)
|
|
So(err, ShouldBeNil)
|
|
So(memberQuery.Result, ShouldHaveLength, 1)
|
|
So(memberQuery.Result[0].TeamId, ShouldEqual, team1.Id)
|
|
So(memberQuery.Result[0].Login, ShouldEqual, "loginuser1")
|
|
So(memberQuery.Result[0].OrgId, ShouldEqual, testOrgId)
|
|
So(memberQuery.Result[0].External, ShouldEqual, true)
|
|
So(memberQuery.Result[0].AuthModule, ShouldEqual, "oauth_github")
|
|
})
|
|
|
|
Convey("Should be able to update users in a team", func() {
|
|
userId := userIds[0]
|
|
team := group1.Result
|
|
addMemberCmd := models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: team.Id, UserId: userId}
|
|
err = AddTeamMember(&addMemberCmd)
|
|
So(err, ShouldBeNil)
|
|
|
|
qBeforeUpdate := &models.GetTeamMembersQuery{OrgId: testOrgId, TeamId: team.Id}
|
|
err = GetTeamMembers(qBeforeUpdate)
|
|
So(err, ShouldBeNil)
|
|
So(qBeforeUpdate.Result[0].Permission, ShouldEqual, 0)
|
|
|
|
err = UpdateTeamMember(&models.UpdateTeamMemberCommand{
|
|
UserId: userId,
|
|
OrgId: testOrgId,
|
|
TeamId: team.Id,
|
|
Permission: models.PERMISSION_ADMIN,
|
|
})
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
qAfterUpdate := &models.GetTeamMembersQuery{OrgId: testOrgId, TeamId: team.Id}
|
|
err = GetTeamMembers(qAfterUpdate)
|
|
So(err, ShouldBeNil)
|
|
So(qAfterUpdate.Result[0].Permission, ShouldEqual, models.PERMISSION_ADMIN)
|
|
})
|
|
|
|
Convey("Should default to member permission level when updating a user with invalid permission level", func() {
|
|
userID := userIds[0]
|
|
team := group1.Result
|
|
addMemberCmd := models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: team.Id, UserId: userID}
|
|
err = AddTeamMember(&addMemberCmd)
|
|
So(err, ShouldBeNil)
|
|
|
|
qBeforeUpdate := &models.GetTeamMembersQuery{OrgId: testOrgId, TeamId: team.Id}
|
|
err = GetTeamMembers(qBeforeUpdate)
|
|
So(err, ShouldBeNil)
|
|
So(qBeforeUpdate.Result[0].Permission, ShouldEqual, 0)
|
|
|
|
invalidPermissionLevel := models.PERMISSION_EDIT
|
|
err = UpdateTeamMember(&models.UpdateTeamMemberCommand{
|
|
UserId: userID,
|
|
OrgId: testOrgId,
|
|
TeamId: team.Id,
|
|
Permission: invalidPermissionLevel,
|
|
})
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
qAfterUpdate := &models.GetTeamMembersQuery{OrgId: testOrgId, TeamId: team.Id}
|
|
err = GetTeamMembers(qAfterUpdate)
|
|
So(err, ShouldBeNil)
|
|
So(qAfterUpdate.Result[0].Permission, ShouldEqual, 0)
|
|
})
|
|
|
|
Convey("Shouldn't be able to update a user not in the team.", func() {
|
|
err = UpdateTeamMember(&models.UpdateTeamMemberCommand{
|
|
UserId: 1,
|
|
OrgId: testOrgId,
|
|
TeamId: group1.Result.Id,
|
|
Permission: models.PERMISSION_ADMIN,
|
|
})
|
|
|
|
So(err, ShouldEqual, models.ErrTeamMemberNotFound)
|
|
})
|
|
|
|
Convey("Should be able to search for teams", func() {
|
|
query := &models.SearchTeamsQuery{OrgId: testOrgId, Query: "group", Page: 1}
|
|
err = SearchTeams(query)
|
|
So(err, ShouldBeNil)
|
|
So(len(query.Result.Teams), ShouldEqual, 2)
|
|
So(query.Result.TotalCount, ShouldEqual, 2)
|
|
|
|
query2 := &models.SearchTeamsQuery{OrgId: testOrgId, Query: ""}
|
|
err = SearchTeams(query2)
|
|
So(err, ShouldBeNil)
|
|
So(len(query2.Result.Teams), ShouldEqual, 2)
|
|
})
|
|
|
|
Convey("Should be able to return all teams a user is member of", func() {
|
|
groupId := group2.Result.Id
|
|
err := AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: groupId, UserId: userIds[0]})
|
|
So(err, ShouldBeNil)
|
|
|
|
query := &models.GetTeamsByUserQuery{OrgId: testOrgId, UserId: userIds[0]}
|
|
err = GetTeamsByUser(query)
|
|
So(err, ShouldBeNil)
|
|
So(len(query.Result), ShouldEqual, 1)
|
|
So(query.Result[0].Name, ShouldEqual, "group2 name")
|
|
So(query.Result[0].Email, ShouldEqual, "test2@test.com")
|
|
})
|
|
|
|
Convey("Should be able to remove users from a group", func() {
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[0]})
|
|
So(err, ShouldBeNil)
|
|
|
|
err = RemoveTeamMember(&models.RemoveTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[0]})
|
|
So(err, ShouldBeNil)
|
|
|
|
q2 := &models.GetTeamMembersQuery{OrgId: testOrgId, TeamId: group1.Result.Id}
|
|
err = GetTeamMembers(q2)
|
|
So(err, ShouldBeNil)
|
|
So(len(q2.Result), ShouldEqual, 0)
|
|
})
|
|
|
|
Convey("When ProtectLastAdmin is set to true", func() {
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[0], Permission: models.PERMISSION_ADMIN})
|
|
So(err, ShouldBeNil)
|
|
|
|
Convey("A user should not be able to remove the last admin", func() {
|
|
err = RemoveTeamMember(&models.RemoveTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[0], ProtectLastAdmin: true})
|
|
So(err, ShouldEqual, models.ErrLastTeamAdmin)
|
|
})
|
|
|
|
Convey("A user should be able to remove an admin if there are other admins", func() {
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[1], Permission: models.PERMISSION_ADMIN})
|
|
So(err, ShouldBeNil)
|
|
err = RemoveTeamMember(&models.RemoveTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[0], ProtectLastAdmin: true})
|
|
So(err, ShouldBeNil)
|
|
})
|
|
|
|
Convey("A user should not be able to remove the admin permission for the last admin", func() {
|
|
err = UpdateTeamMember(&models.UpdateTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[0], Permission: 0, ProtectLastAdmin: true})
|
|
So(err, ShouldBeError, models.ErrLastTeamAdmin)
|
|
})
|
|
|
|
Convey("A user should be able to remove the admin permission if there are other admins", func() {
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[1], Permission: models.PERMISSION_ADMIN})
|
|
So(err, ShouldBeNil)
|
|
err = UpdateTeamMember(&models.UpdateTeamMemberCommand{OrgId: testOrgId, TeamId: group1.Result.Id, UserId: userIds[0], Permission: 0, ProtectLastAdmin: true})
|
|
So(err, ShouldBeNil)
|
|
})
|
|
})
|
|
|
|
Convey("Should be able to remove a group with users and permissions", func() {
|
|
groupId := group2.Result.Id
|
|
err := AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: groupId, UserId: userIds[1]})
|
|
So(err, ShouldBeNil)
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: groupId, UserId: userIds[2]})
|
|
So(err, ShouldBeNil)
|
|
err = testHelperUpdateDashboardAcl(1, models.DashboardAcl{DashboardId: 1, OrgId: testOrgId, Permission: models.PERMISSION_EDIT, TeamId: groupId})
|
|
So(err, ShouldBeNil)
|
|
err = DeleteTeam(&models.DeleteTeamCommand{OrgId: testOrgId, Id: groupId})
|
|
So(err, ShouldBeNil)
|
|
|
|
query := &models.GetTeamByIdQuery{OrgId: testOrgId, Id: groupId}
|
|
err = GetTeamById(query)
|
|
So(err, ShouldEqual, models.ErrTeamNotFound)
|
|
|
|
permQuery := &models.GetDashboardAclInfoListQuery{DashboardId: 1, OrgId: testOrgId}
|
|
err = GetDashboardAclInfoList(permQuery)
|
|
So(err, ShouldBeNil)
|
|
|
|
So(len(permQuery.Result), ShouldEqual, 0)
|
|
})
|
|
|
|
Convey("Should be able to return if user is admin of teams or not", func() {
|
|
groupId := group2.Result.Id
|
|
err := AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: groupId, UserId: userIds[0]})
|
|
So(err, ShouldBeNil)
|
|
err = AddTeamMember(&models.AddTeamMemberCommand{OrgId: testOrgId, TeamId: groupId, UserId: userIds[1], Permission: models.PERMISSION_ADMIN})
|
|
So(err, ShouldBeNil)
|
|
|
|
query := &models.IsAdminOfTeamsQuery{SignedInUser: &models.SignedInUser{OrgId: testOrgId, UserId: userIds[0]}}
|
|
err = IsAdminOfTeams(query)
|
|
So(err, ShouldBeNil)
|
|
So(query.Result, ShouldBeFalse)
|
|
|
|
query = &models.IsAdminOfTeamsQuery{SignedInUser: &models.SignedInUser{OrgId: testOrgId, UserId: userIds[1]}}
|
|
err = IsAdminOfTeams(query)
|
|
So(err, ShouldBeNil)
|
|
So(query.Result, ShouldBeTrue)
|
|
})
|
|
})
|
|
})
|
|
}
|