mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
Various patches
This commit is contained in:
JoramWilander
@@ -10,6 +10,7 @@ import (
|
||||
|
||||
l4g "github.com/alecthomas/log4go"
|
||||
|
||||
"github.com/mattermost/platform/app"
|
||||
"github.com/mattermost/platform/model"
|
||||
"github.com/mattermost/platform/utils"
|
||||
)
|
||||
@@ -30,7 +31,14 @@ func logClient(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
forceToDebug := false
|
||||
|
||||
if !*utils.Cfg.ServiceSettings.EnableDeveloper {
|
||||
forceToDebug = true
|
||||
if c.Session.UserId == "" {
|
||||
c.Err = model.NewAppError("Permissions", "api.context.permissions.app_error", nil, "", http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
|
||||
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
|
||||
forceToDebug = true
|
||||
}
|
||||
}
|
||||
|
||||
m := model.MapFromJson(r.Body)
|
||||
|
||||
@@ -5,6 +5,8 @@ package api
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/mattermost/platform/utils"
|
||||
)
|
||||
|
||||
func TestGetClientProperties(t *testing.T) {
|
||||
@@ -25,6 +27,24 @@ func TestLogClient(t *testing.T) {
|
||||
if ret, _ := th.BasicClient.LogClient("this is a test"); !ret {
|
||||
t.Fatal("failed to log")
|
||||
}
|
||||
|
||||
enableDeveloper := *utils.Cfg.ServiceSettings.EnableDeveloper
|
||||
defer func() {
|
||||
*utils.Cfg.ServiceSettings.EnableDeveloper = enableDeveloper
|
||||
}()
|
||||
*utils.Cfg.ServiceSettings.EnableDeveloper = false
|
||||
|
||||
th.BasicClient.Logout()
|
||||
|
||||
if _, err := th.BasicClient.LogClient("this is a test"); err == nil {
|
||||
t.Fatal("should have failed")
|
||||
}
|
||||
|
||||
*utils.Cfg.ServiceSettings.EnableDeveloper = true
|
||||
|
||||
if ret, _ := th.BasicClient.LogClient("this is a test"); !ret {
|
||||
t.Fatal("failed to log")
|
||||
}
|
||||
}
|
||||
|
||||
func TestGetPing(t *testing.T) {
|
||||
|
||||
@@ -41,6 +41,10 @@ func registerOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
|
||||
oauthApp.IsTrusted = false
|
||||
}
|
||||
|
||||
oauthApp.CreatorId = c.Session.UserId
|
||||
|
||||
rapp, err := app.CreateOAuthApp(oauthApp)
|
||||
|
||||
@@ -22,7 +22,7 @@ func TestOAuthRegisterApp(t *testing.T) {
|
||||
th := Setup().InitBasic().InitSystemAdmin()
|
||||
Client := th.BasicClient
|
||||
|
||||
oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
|
||||
oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}, IsTrusted: true}
|
||||
|
||||
utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = false
|
||||
if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider {
|
||||
@@ -82,10 +82,29 @@ func TestOAuthRegisterApp(t *testing.T) {
|
||||
Client.Logout()
|
||||
Client.Login(user.Email, user.Password)
|
||||
|
||||
oauthApp = &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
|
||||
oauthApp = &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}, IsTrusted: true}
|
||||
if _, err := Client.RegisterApp(oauthApp); err == nil {
|
||||
t.Fatal("should have failed. not enough permissions")
|
||||
}
|
||||
|
||||
adminOnly := *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
|
||||
defer func() {
|
||||
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly
|
||||
utils.SetDefaultRolesBasedOnConfig()
|
||||
}()
|
||||
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
|
||||
utils.SetDefaultRolesBasedOnConfig()
|
||||
|
||||
th.LoginBasic()
|
||||
|
||||
if result, err := th.BasicClient.RegisterApp(oauthApp); err != nil {
|
||||
t.Fatal(err)
|
||||
} else {
|
||||
rapp := result.Data.(*model.OAuthApp)
|
||||
if rapp.IsTrusted {
|
||||
t.Fatal("trusted should be false - created by non admin")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestOAuthAllow(t *testing.T) {
|
||||
@@ -463,7 +482,17 @@ func TestOAuthAuthorize(t *testing.T) {
|
||||
th := Setup().InitBasic()
|
||||
Client := th.BasicClient
|
||||
|
||||
enableOAuth := utils.Cfg.ServiceSettings.EnableOAuthServiceProvider
|
||||
adminOnly := *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
|
||||
defer func() {
|
||||
utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth
|
||||
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly
|
||||
utils.SetDefaultRolesBasedOnConfig()
|
||||
}()
|
||||
utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = false
|
||||
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
|
||||
utils.SetDefaultRolesBasedOnConfig()
|
||||
|
||||
if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider {
|
||||
if r, err := HttpGet(Client.Url+"/oauth/authorize", Client.HttpClient, "", true); err == nil {
|
||||
t.Fatal("should have failed - oauth providing turned off")
|
||||
@@ -483,7 +512,7 @@ func TestOAuthAuthorize(t *testing.T) {
|
||||
}
|
||||
|
||||
// register an app to authorize it
|
||||
oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
|
||||
oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://example.com"}}
|
||||
oauthApp = Client.Must(Client.RegisterApp(oauthApp)).Data.(*model.OAuthApp)
|
||||
if r, err := HttpGet(Client.Url+"/oauth/authorize?client_id="+oauthApp.Id+"&&redirect_uri=http://example.com&response_type="+model.AUTHCODE_RESPONSE_TYPE, Client.HttpClient, "", true); err == nil {
|
||||
t.Fatal("should have failed - user not logged")
|
||||
@@ -491,9 +520,12 @@ func TestOAuthAuthorize(t *testing.T) {
|
||||
}
|
||||
|
||||
authToken := Client.AuthType + " " + Client.AuthToken
|
||||
if r, err := HttpGet(Client.Url+"/oauth/authorize?client_id="+oauthApp.Id+"&redirect_uri=http://example.com&response_type="+model.AUTHCODE_RESPONSE_TYPE, Client.HttpClient, authToken, true); err != nil {
|
||||
if _, err := HttpGet(Client.Url+"/oauth/authorize?client_id="+oauthApp.Id+"&redirect_uri=http://bad-redirect.com&response_type="+model.AUTHCODE_RESPONSE_TYPE, Client.HttpClient, authToken, true); err == nil {
|
||||
t.Fatal("should have failed - bad redirect uri")
|
||||
}
|
||||
|
||||
if _, err := HttpGet(Client.Url+"/oauth/authorize?client_id="+oauthApp.Id+"&redirect_uri=https://example.com&response_type="+model.AUTHCODE_RESPONSE_TYPE, Client.HttpClient, authToken, true); err != nil {
|
||||
t.Fatal(err)
|
||||
closeBody(r)
|
||||
}
|
||||
|
||||
// lets authorize the app
|
||||
|
||||
Reference in New Issue
Block a user