mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
a78913178c
* api4: fix TestGetUsersNotInTeam assertions This test was relying on data from a previous test run. With the data cleared before each test, the assertions much match reality. * *testlib: always InitSystemAdmin Some tests implicitly relied on the basic user having system administrator privileges because it was the first user created as such. Eliminate `InitSystemAdmin` and explicitly create the system admin user instead to avoid this ambiguity going forward. * *testlib: drop all tables before each test * api4: split up TestChannelDelete to avoid duplicate InitBasic * api4: teardown in TestResetPassword, for when this test comes back * invalidate cache on DropAllTables This is necessary since the test store persists across tests. * disable parallel tests While tests within a package must be explicitly parallelized using `t.Parallel()`, tests across packages are run in parallel by default. This causes problems given that the tests all currently share the same database instance. Unfortunately, this also means that running the tests is much slower, but we can return to this later.
738 lines
22 KiB
Go
738 lines
22 KiB
Go
// Copyright (c) 2018-present Mattermost, Inc. All Rights Reserved.
|
|
// See License.txt for license information.
|
|
|
|
package api4
|
|
|
|
import (
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/mattermost/mattermost-server/model"
|
|
)
|
|
|
|
func TestCreateScheme(t *testing.T) {
|
|
th := Setup().InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
// Basic test of creating a team scheme.
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
|
|
s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
|
|
assert.Equal(t, s1.DisplayName, scheme1.DisplayName)
|
|
assert.Equal(t, s1.Name, scheme1.Name)
|
|
assert.Equal(t, s1.Description, scheme1.Description)
|
|
assert.NotZero(t, s1.CreateAt)
|
|
assert.Equal(t, s1.CreateAt, s1.UpdateAt)
|
|
assert.Zero(t, s1.DeleteAt)
|
|
assert.Equal(t, s1.Scope, scheme1.Scope)
|
|
assert.NotZero(t, len(s1.DefaultTeamAdminRole))
|
|
assert.NotZero(t, len(s1.DefaultTeamUserRole))
|
|
assert.NotZero(t, len(s1.DefaultChannelAdminRole))
|
|
assert.NotZero(t, len(s1.DefaultChannelUserRole))
|
|
|
|
// Check the default roles have been created.
|
|
_, roleRes1 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole)
|
|
CheckNoError(t, roleRes1)
|
|
_, roleRes2 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole)
|
|
CheckNoError(t, roleRes2)
|
|
_, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole)
|
|
CheckNoError(t, roleRes3)
|
|
_, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole)
|
|
CheckNoError(t, roleRes4)
|
|
|
|
// Basic Test of a Channel scheme.
|
|
scheme2 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_CHANNEL,
|
|
}
|
|
|
|
s2, r2 := th.SystemAdminClient.CreateScheme(scheme2)
|
|
CheckNoError(t, r2)
|
|
|
|
assert.Equal(t, s2.DisplayName, scheme2.DisplayName)
|
|
assert.Equal(t, s2.Name, scheme2.Name)
|
|
assert.Equal(t, s2.Description, scheme2.Description)
|
|
assert.NotZero(t, s2.CreateAt)
|
|
assert.Equal(t, s2.CreateAt, s2.UpdateAt)
|
|
assert.Zero(t, s2.DeleteAt)
|
|
assert.Equal(t, s2.Scope, scheme2.Scope)
|
|
assert.Zero(t, len(s2.DefaultTeamAdminRole))
|
|
assert.Zero(t, len(s2.DefaultTeamUserRole))
|
|
assert.NotZero(t, len(s2.DefaultChannelAdminRole))
|
|
assert.NotZero(t, len(s2.DefaultChannelUserRole))
|
|
|
|
// Check the default roles have been created.
|
|
_, roleRes5 := th.SystemAdminClient.GetRoleByName(s2.DefaultChannelAdminRole)
|
|
CheckNoError(t, roleRes5)
|
|
_, roleRes6 := th.SystemAdminClient.GetRoleByName(s2.DefaultChannelUserRole)
|
|
CheckNoError(t, roleRes6)
|
|
|
|
// Try and create a scheme with an invalid scope.
|
|
scheme3 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.NewId(),
|
|
}
|
|
|
|
_, r3 := th.SystemAdminClient.CreateScheme(scheme3)
|
|
CheckBadRequestStatus(t, r3)
|
|
|
|
// Try and create a scheme with an invalid display name.
|
|
scheme4 := &model.Scheme{
|
|
DisplayName: strings.Repeat(model.NewId(), 100),
|
|
Name: "Name",
|
|
Description: model.NewId(),
|
|
Scope: model.NewId(),
|
|
}
|
|
_, r4 := th.SystemAdminClient.CreateScheme(scheme4)
|
|
CheckBadRequestStatus(t, r4)
|
|
|
|
// Try and create a scheme with an invalid name.
|
|
scheme8 := &model.Scheme{
|
|
DisplayName: "DisplayName",
|
|
Name: strings.Repeat(model.NewId(), 100),
|
|
Description: model.NewId(),
|
|
Scope: model.NewId(),
|
|
}
|
|
_, r8 := th.SystemAdminClient.CreateScheme(scheme8)
|
|
CheckBadRequestStatus(t, r8)
|
|
|
|
// Try and create a scheme without the appropriate permissions.
|
|
scheme5 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
_, r5 := th.Client.CreateScheme(scheme5)
|
|
CheckForbiddenStatus(t, r5)
|
|
|
|
// Try and create a scheme without a license.
|
|
th.App.SetLicense(nil)
|
|
scheme6 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
_, r6 := th.SystemAdminClient.CreateScheme(scheme6)
|
|
CheckNotImplementedStatus(t, r6)
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(false)
|
|
|
|
th.LoginSystemAdmin()
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
scheme7 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
_, r7 := th.SystemAdminClient.CreateScheme(scheme7)
|
|
CheckNotImplementedStatus(t, r7)
|
|
}
|
|
|
|
func TestGetScheme(t *testing.T) {
|
|
th := Setup().InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
// Basic test of creating a team scheme.
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
|
|
assert.Equal(t, s1.DisplayName, scheme1.DisplayName)
|
|
assert.Equal(t, s1.Name, scheme1.Name)
|
|
assert.Equal(t, s1.Description, scheme1.Description)
|
|
assert.NotZero(t, s1.CreateAt)
|
|
assert.Equal(t, s1.CreateAt, s1.UpdateAt)
|
|
assert.Zero(t, s1.DeleteAt)
|
|
assert.Equal(t, s1.Scope, scheme1.Scope)
|
|
assert.NotZero(t, len(s1.DefaultTeamAdminRole))
|
|
assert.NotZero(t, len(s1.DefaultTeamUserRole))
|
|
assert.NotZero(t, len(s1.DefaultChannelAdminRole))
|
|
assert.NotZero(t, len(s1.DefaultChannelUserRole))
|
|
|
|
s2, r2 := th.SystemAdminClient.GetScheme(s1.Id)
|
|
CheckNoError(t, r2)
|
|
|
|
assert.Equal(t, s1, s2)
|
|
|
|
_, r3 := th.SystemAdminClient.GetScheme(model.NewId())
|
|
CheckNotFoundStatus(t, r3)
|
|
|
|
_, r4 := th.SystemAdminClient.GetScheme("12345")
|
|
CheckBadRequestStatus(t, r4)
|
|
|
|
th.SystemAdminClient.Logout()
|
|
_, r5 := th.SystemAdminClient.GetScheme(s1.Id)
|
|
CheckUnauthorizedStatus(t, r5)
|
|
|
|
th.SystemAdminClient.Login(th.SystemAdminUser.Username, th.SystemAdminUser.Password)
|
|
th.App.SetLicense(nil)
|
|
_, r6 := th.SystemAdminClient.GetScheme(s1.Id)
|
|
CheckNoError(t, r6)
|
|
|
|
_, r7 := th.Client.GetScheme(s1.Id)
|
|
CheckForbiddenStatus(t, r7)
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(false)
|
|
|
|
_, r8 := th.SystemAdminClient.GetScheme(s1.Id)
|
|
CheckNotImplementedStatus(t, r8)
|
|
}
|
|
|
|
func TestGetSchemes(t *testing.T) {
|
|
th := Setup().InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
|
|
scheme2 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_CHANNEL,
|
|
}
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
_, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
_, r2 := th.SystemAdminClient.CreateScheme(scheme2)
|
|
CheckNoError(t, r2)
|
|
|
|
l3, r3 := th.SystemAdminClient.GetSchemes("", 0, 100)
|
|
CheckNoError(t, r3)
|
|
|
|
assert.NotZero(t, len(l3))
|
|
|
|
l4, r4 := th.SystemAdminClient.GetSchemes("team", 0, 100)
|
|
CheckNoError(t, r4)
|
|
|
|
for _, s := range l4 {
|
|
assert.Equal(t, "team", s.Scope)
|
|
}
|
|
|
|
l5, r5 := th.SystemAdminClient.GetSchemes("channel", 0, 100)
|
|
CheckNoError(t, r5)
|
|
|
|
for _, s := range l5 {
|
|
assert.Equal(t, "channel", s.Scope)
|
|
}
|
|
|
|
_, r6 := th.SystemAdminClient.GetSchemes("asdf", 0, 100)
|
|
CheckBadRequestStatus(t, r6)
|
|
|
|
th.Client.Logout()
|
|
_, r7 := th.Client.GetSchemes("", 0, 100)
|
|
CheckUnauthorizedStatus(t, r7)
|
|
|
|
th.Client.Login(th.BasicUser.Username, th.BasicUser.Password)
|
|
_, r8 := th.Client.GetSchemes("", 0, 100)
|
|
CheckForbiddenStatus(t, r8)
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(false)
|
|
|
|
_, r9 := th.SystemAdminClient.GetSchemes("", 0, 100)
|
|
CheckNotImplementedStatus(t, r9)
|
|
}
|
|
|
|
func TestGetTeamsForScheme(t *testing.T) {
|
|
th := Setup().InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
scheme1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
|
|
team1 := &model.Team{
|
|
Name: GenerateTestUsername(),
|
|
DisplayName: "A Test Team",
|
|
Type: model.TEAM_OPEN,
|
|
}
|
|
|
|
result1 := <-th.App.Srv.Store.Team().Save(team1)
|
|
assert.Nil(t, result1.Err)
|
|
team1 = result1.Data.(*model.Team)
|
|
|
|
l2, r2 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100)
|
|
CheckNoError(t, r2)
|
|
assert.Zero(t, len(l2))
|
|
|
|
team1.SchemeId = &scheme1.Id
|
|
result2 := <-th.App.Srv.Store.Team().Update(team1)
|
|
assert.Nil(t, result2.Err)
|
|
team1 = result2.Data.(*model.Team)
|
|
|
|
l3, r3 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100)
|
|
CheckNoError(t, r3)
|
|
assert.Len(t, l3, 1)
|
|
assert.Equal(t, team1.Id, l3[0].Id)
|
|
|
|
team2 := &model.Team{
|
|
Name: GenerateTestUsername(),
|
|
DisplayName: "B Test Team",
|
|
Type: model.TEAM_OPEN,
|
|
SchemeId: &scheme1.Id,
|
|
}
|
|
result3 := <-th.App.Srv.Store.Team().Save(team2)
|
|
assert.Nil(t, result3.Err)
|
|
team2 = result3.Data.(*model.Team)
|
|
|
|
l4, r4 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100)
|
|
CheckNoError(t, r4)
|
|
assert.Len(t, l4, 2)
|
|
assert.Equal(t, team1.Id, l4[0].Id)
|
|
assert.Equal(t, team2.Id, l4[1].Id)
|
|
|
|
l5, r5 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 1, 1)
|
|
CheckNoError(t, r5)
|
|
assert.Len(t, l5, 1)
|
|
assert.Equal(t, team2.Id, l5[0].Id)
|
|
|
|
// Check various error cases.
|
|
_, ri1 := th.SystemAdminClient.GetTeamsForScheme(model.NewId(), 0, 100)
|
|
CheckNotFoundStatus(t, ri1)
|
|
|
|
_, ri2 := th.SystemAdminClient.GetTeamsForScheme("", 0, 100)
|
|
CheckBadRequestStatus(t, ri2)
|
|
|
|
th.Client.Logout()
|
|
_, ri3 := th.Client.GetTeamsForScheme(model.NewId(), 0, 100)
|
|
CheckUnauthorizedStatus(t, ri3)
|
|
|
|
th.Client.Login(th.BasicUser.Username, th.BasicUser.Password)
|
|
_, ri4 := th.Client.GetTeamsForScheme(model.NewId(), 0, 100)
|
|
CheckForbiddenStatus(t, ri4)
|
|
|
|
scheme2 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_CHANNEL,
|
|
}
|
|
scheme2, rs2 := th.SystemAdminClient.CreateScheme(scheme2)
|
|
CheckNoError(t, rs2)
|
|
|
|
_, ri5 := th.SystemAdminClient.GetTeamsForScheme(scheme2.Id, 0, 100)
|
|
CheckBadRequestStatus(t, ri5)
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(false)
|
|
|
|
_, ri6 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100)
|
|
CheckNotImplementedStatus(t, ri6)
|
|
}
|
|
|
|
func TestGetChannelsForScheme(t *testing.T) {
|
|
th := Setup().InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_CHANNEL,
|
|
}
|
|
scheme1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
|
|
channel1 := &model.Channel{
|
|
TeamId: model.NewId(),
|
|
DisplayName: "A Name",
|
|
Name: model.NewId(),
|
|
Type: model.CHANNEL_OPEN,
|
|
}
|
|
|
|
result1 := <-th.App.Srv.Store.Channel().Save(channel1, 1000000)
|
|
assert.Nil(t, result1.Err)
|
|
channel1 = result1.Data.(*model.Channel)
|
|
|
|
l2, r2 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100)
|
|
CheckNoError(t, r2)
|
|
assert.Zero(t, len(l2))
|
|
|
|
channel1.SchemeId = &scheme1.Id
|
|
result2 := <-th.App.Srv.Store.Channel().Update(channel1)
|
|
assert.Nil(t, result2.Err)
|
|
channel1 = result2.Data.(*model.Channel)
|
|
|
|
l3, r3 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100)
|
|
CheckNoError(t, r3)
|
|
assert.Len(t, l3, 1)
|
|
assert.Equal(t, channel1.Id, l3[0].Id)
|
|
|
|
channel2 := &model.Channel{
|
|
TeamId: model.NewId(),
|
|
DisplayName: "B Name",
|
|
Name: model.NewId(),
|
|
Type: model.CHANNEL_OPEN,
|
|
SchemeId: &scheme1.Id,
|
|
}
|
|
result3 := <-th.App.Srv.Store.Channel().Save(channel2, 1000000)
|
|
assert.Nil(t, result3.Err)
|
|
channel2 = result3.Data.(*model.Channel)
|
|
|
|
l4, r4 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100)
|
|
CheckNoError(t, r4)
|
|
assert.Len(t, l4, 2)
|
|
assert.Equal(t, channel1.Id, l4[0].Id)
|
|
assert.Equal(t, channel2.Id, l4[1].Id)
|
|
|
|
l5, r5 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 1, 1)
|
|
CheckNoError(t, r5)
|
|
assert.Len(t, l5, 1)
|
|
assert.Equal(t, channel2.Id, l5[0].Id)
|
|
|
|
// Check various error cases.
|
|
_, ri1 := th.SystemAdminClient.GetChannelsForScheme(model.NewId(), 0, 100)
|
|
CheckNotFoundStatus(t, ri1)
|
|
|
|
_, ri2 := th.SystemAdminClient.GetChannelsForScheme("", 0, 100)
|
|
CheckBadRequestStatus(t, ri2)
|
|
|
|
th.Client.Logout()
|
|
_, ri3 := th.Client.GetChannelsForScheme(model.NewId(), 0, 100)
|
|
CheckUnauthorizedStatus(t, ri3)
|
|
|
|
th.Client.Login(th.BasicUser.Username, th.BasicUser.Password)
|
|
_, ri4 := th.Client.GetChannelsForScheme(model.NewId(), 0, 100)
|
|
CheckForbiddenStatus(t, ri4)
|
|
|
|
scheme2 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
scheme2, rs2 := th.SystemAdminClient.CreateScheme(scheme2)
|
|
CheckNoError(t, rs2)
|
|
|
|
_, ri5 := th.SystemAdminClient.GetChannelsForScheme(scheme2.Id, 0, 100)
|
|
CheckBadRequestStatus(t, ri5)
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(false)
|
|
|
|
_, ri6 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100)
|
|
CheckNotImplementedStatus(t, ri6)
|
|
}
|
|
|
|
func TestPatchScheme(t *testing.T) {
|
|
th := Setup().InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
// Basic test of creating a team scheme.
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
|
|
s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
|
|
assert.Equal(t, s1.DisplayName, scheme1.DisplayName)
|
|
assert.Equal(t, s1.Name, scheme1.Name)
|
|
assert.Equal(t, s1.Description, scheme1.Description)
|
|
assert.NotZero(t, s1.CreateAt)
|
|
assert.Equal(t, s1.CreateAt, s1.UpdateAt)
|
|
assert.Zero(t, s1.DeleteAt)
|
|
assert.Equal(t, s1.Scope, scheme1.Scope)
|
|
assert.NotZero(t, len(s1.DefaultTeamAdminRole))
|
|
assert.NotZero(t, len(s1.DefaultTeamUserRole))
|
|
assert.NotZero(t, len(s1.DefaultChannelAdminRole))
|
|
assert.NotZero(t, len(s1.DefaultChannelUserRole))
|
|
|
|
s2, r2 := th.SystemAdminClient.GetScheme(s1.Id)
|
|
CheckNoError(t, r2)
|
|
|
|
assert.Equal(t, s1, s2)
|
|
|
|
// Test with a valid patch.
|
|
schemePatch := &model.SchemePatch{
|
|
DisplayName: new(string),
|
|
Name: new(string),
|
|
Description: new(string),
|
|
}
|
|
*schemePatch.DisplayName = model.NewId()
|
|
*schemePatch.Name = model.NewId()
|
|
*schemePatch.Description = model.NewId()
|
|
|
|
s3, r3 := th.SystemAdminClient.PatchScheme(s2.Id, schemePatch)
|
|
CheckNoError(t, r3)
|
|
assert.Equal(t, s3.Id, s2.Id)
|
|
assert.Equal(t, s3.DisplayName, *schemePatch.DisplayName)
|
|
assert.Equal(t, s3.Name, *schemePatch.Name)
|
|
assert.Equal(t, s3.Description, *schemePatch.Description)
|
|
|
|
s4, r4 := th.SystemAdminClient.GetScheme(s3.Id)
|
|
CheckNoError(t, r4)
|
|
assert.Equal(t, s3, s4)
|
|
|
|
// Test with a partial patch.
|
|
*schemePatch.Name = model.NewId()
|
|
*schemePatch.DisplayName = model.NewId()
|
|
schemePatch.Description = nil
|
|
|
|
s5, r5 := th.SystemAdminClient.PatchScheme(s4.Id, schemePatch)
|
|
CheckNoError(t, r5)
|
|
assert.Equal(t, s5.Id, s4.Id)
|
|
assert.Equal(t, s5.DisplayName, *schemePatch.DisplayName)
|
|
assert.Equal(t, s5.Name, *schemePatch.Name)
|
|
assert.Equal(t, s5.Description, s4.Description)
|
|
|
|
s6, r6 := th.SystemAdminClient.GetScheme(s5.Id)
|
|
CheckNoError(t, r6)
|
|
assert.Equal(t, s5, s6)
|
|
|
|
// Test with invalid patch.
|
|
*schemePatch.Name = strings.Repeat(model.NewId(), 20)
|
|
_, r7 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch)
|
|
CheckBadRequestStatus(t, r7)
|
|
|
|
// Test with unknown ID.
|
|
*schemePatch.Name = model.NewId()
|
|
_, r8 := th.SystemAdminClient.PatchScheme(model.NewId(), schemePatch)
|
|
CheckNotFoundStatus(t, r8)
|
|
|
|
// Test with invalid ID.
|
|
_, r9 := th.SystemAdminClient.PatchScheme("12345", schemePatch)
|
|
CheckBadRequestStatus(t, r9)
|
|
|
|
// Test without required permissions.
|
|
_, r10 := th.Client.PatchScheme(s6.Id, schemePatch)
|
|
CheckForbiddenStatus(t, r10)
|
|
|
|
// Test without license.
|
|
th.App.SetLicense(nil)
|
|
_, r11 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch)
|
|
CheckNotImplementedStatus(t, r11)
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(false)
|
|
|
|
th.LoginSystemAdmin()
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
_, r12 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch)
|
|
CheckNotImplementedStatus(t, r12)
|
|
}
|
|
|
|
func TestDeleteScheme(t *testing.T) {
|
|
th := Setup().InitBasic()
|
|
defer th.TearDown()
|
|
|
|
t.Run("ValidTeamScheme", func(t *testing.T) {
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
// Create a team scheme.
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_TEAM,
|
|
}
|
|
|
|
s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
|
|
// Retrieve the roles and check they are not deleted.
|
|
role1, roleRes1 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole)
|
|
CheckNoError(t, roleRes1)
|
|
role2, roleRes2 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole)
|
|
CheckNoError(t, roleRes2)
|
|
role3, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole)
|
|
CheckNoError(t, roleRes3)
|
|
role4, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole)
|
|
CheckNoError(t, roleRes4)
|
|
|
|
assert.Zero(t, role1.DeleteAt)
|
|
assert.Zero(t, role2.DeleteAt)
|
|
assert.Zero(t, role3.DeleteAt)
|
|
assert.Zero(t, role4.DeleteAt)
|
|
|
|
// Make sure this scheme is in use by a team.
|
|
res := <-th.App.Srv.Store.Team().Save(&model.Team{
|
|
Name: model.NewId(),
|
|
DisplayName: model.NewId(),
|
|
Email: model.NewId() + "@nowhere.com",
|
|
Type: model.TEAM_OPEN,
|
|
SchemeId: &s1.Id,
|
|
})
|
|
assert.Nil(t, res.Err)
|
|
team := res.Data.(*model.Team)
|
|
|
|
// Delete the Scheme.
|
|
_, r3 := th.SystemAdminClient.DeleteScheme(s1.Id)
|
|
CheckNoError(t, r3)
|
|
|
|
// Check the roles were deleted.
|
|
role1, roleRes1 = th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole)
|
|
CheckNoError(t, roleRes1)
|
|
role2, roleRes2 = th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole)
|
|
CheckNoError(t, roleRes2)
|
|
role3, roleRes3 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole)
|
|
CheckNoError(t, roleRes3)
|
|
role4, roleRes4 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole)
|
|
CheckNoError(t, roleRes4)
|
|
|
|
assert.NotZero(t, role1.DeleteAt)
|
|
assert.NotZero(t, role2.DeleteAt)
|
|
assert.NotZero(t, role3.DeleteAt)
|
|
assert.NotZero(t, role4.DeleteAt)
|
|
|
|
// Check the team now uses the default scheme
|
|
c2, resp := th.SystemAdminClient.GetTeam(team.Id, "")
|
|
CheckNoError(t, resp)
|
|
assert.Equal(t, "", *c2.SchemeId)
|
|
})
|
|
|
|
t.Run("ValidChannelScheme", func(t *testing.T) {
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
// Create a channel scheme.
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_CHANNEL,
|
|
}
|
|
|
|
s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
|
|
// Retrieve the roles and check they are not deleted.
|
|
role3, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole)
|
|
CheckNoError(t, roleRes3)
|
|
role4, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole)
|
|
CheckNoError(t, roleRes4)
|
|
|
|
assert.Zero(t, role3.DeleteAt)
|
|
assert.Zero(t, role4.DeleteAt)
|
|
|
|
// Make sure this scheme is in use by a team.
|
|
res := <-th.App.Srv.Store.Channel().Save(&model.Channel{
|
|
TeamId: model.NewId(),
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Type: model.CHANNEL_OPEN,
|
|
SchemeId: &s1.Id,
|
|
}, -1)
|
|
assert.Nil(t, res.Err)
|
|
channel := res.Data.(*model.Channel)
|
|
|
|
// Delete the Scheme.
|
|
_, r3 := th.SystemAdminClient.DeleteScheme(s1.Id)
|
|
CheckNoError(t, r3)
|
|
|
|
// Check the roles were deleted.
|
|
role3, roleRes3 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole)
|
|
CheckNoError(t, roleRes3)
|
|
role4, roleRes4 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole)
|
|
CheckNoError(t, roleRes4)
|
|
|
|
assert.NotZero(t, role3.DeleteAt)
|
|
assert.NotZero(t, role4.DeleteAt)
|
|
|
|
// Check the channel now uses the default scheme
|
|
c2, resp := th.SystemAdminClient.GetChannelByName(channel.Name, channel.TeamId, "")
|
|
CheckNoError(t, resp)
|
|
assert.Equal(t, "", *c2.SchemeId)
|
|
})
|
|
|
|
t.Run("FailureCases", func(t *testing.T) {
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(true)
|
|
|
|
scheme1 := &model.Scheme{
|
|
DisplayName: model.NewId(),
|
|
Name: model.NewId(),
|
|
Description: model.NewId(),
|
|
Scope: model.SCHEME_SCOPE_CHANNEL,
|
|
}
|
|
|
|
s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
|
|
CheckNoError(t, r1)
|
|
|
|
// Test with unknown ID.
|
|
_, r2 := th.SystemAdminClient.DeleteScheme(model.NewId())
|
|
CheckNotFoundStatus(t, r2)
|
|
|
|
// Test with invalid ID.
|
|
_, r3 := th.SystemAdminClient.DeleteScheme("12345")
|
|
CheckBadRequestStatus(t, r3)
|
|
|
|
// Test without required permissions.
|
|
_, r4 := th.Client.DeleteScheme(s1.Id)
|
|
CheckForbiddenStatus(t, r4)
|
|
|
|
// Test without license.
|
|
th.App.SetLicense(nil)
|
|
_, r5 := th.SystemAdminClient.DeleteScheme(s1.Id)
|
|
CheckNotImplementedStatus(t, r5)
|
|
|
|
th.App.SetPhase2PermissionsMigrationStatus(false)
|
|
|
|
th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
|
|
|
|
_, r6 := th.SystemAdminClient.DeleteScheme(s1.Id)
|
|
CheckNotImplementedStatus(t, r6)
|
|
})
|
|
}
|