mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
42081a1441
* Remove unncessary recover() calls A recover which is not called inside a defer will always return nil. So there's no use of calling it. And even if we did call it inside a defer, recovering and immediately panicking does not make sense either. So we just remove it. * Fixed another instance
374 lines
14 KiB
Go
374 lines
14 KiB
Go
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
|
|
// See LICENSE.txt for license information.
|
|
|
|
package web
|
|
|
|
import (
|
|
"fmt"
|
|
"io/ioutil"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/mattermost/mattermost-server/v5/app"
|
|
"github.com/mattermost/mattermost-server/v5/config"
|
|
"github.com/mattermost/mattermost-server/v5/model"
|
|
"github.com/mattermost/mattermost-server/v5/plugin"
|
|
"github.com/mattermost/mattermost-server/v5/store"
|
|
"github.com/mattermost/mattermost-server/v5/store/localcachelayer"
|
|
"github.com/mattermost/mattermost-server/v5/store/storetest/mocks"
|
|
"github.com/mattermost/mattermost-server/v5/testlib"
|
|
"github.com/mattermost/mattermost-server/v5/utils"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
var ApiClient *model.Client4
|
|
var URL string
|
|
|
|
type TestHelper struct {
|
|
App app.AppIface
|
|
Server *app.Server
|
|
Web *Web
|
|
|
|
BasicUser *model.User
|
|
BasicChannel *model.Channel
|
|
BasicTeam *model.Team
|
|
|
|
SystemAdminUser *model.User
|
|
|
|
tempWorkspace string
|
|
|
|
IncludeCacheLayer bool
|
|
}
|
|
|
|
func SetupWithStoreMock(tb testing.TB) *TestHelper {
|
|
if testing.Short() {
|
|
tb.SkipNow()
|
|
}
|
|
store := testlib.GetMockStoreForSetupFunctions()
|
|
th := setupTestHelper(tb, store, false)
|
|
emptyMockStore := mocks.Store{}
|
|
emptyMockStore.On("Close").Return(nil)
|
|
th.App.Srv().Store = &emptyMockStore
|
|
return th
|
|
}
|
|
|
|
func Setup(tb testing.TB) *TestHelper {
|
|
if testing.Short() {
|
|
tb.SkipNow()
|
|
}
|
|
store := mainHelper.GetStore()
|
|
store.DropAllTables()
|
|
return setupTestHelper(tb, store, true)
|
|
}
|
|
|
|
func setupTestHelper(t testing.TB, store store.Store, includeCacheLayer bool) *TestHelper {
|
|
memoryStore, err := config.NewMemoryStoreWithOptions(&config.MemoryStoreOptions{IgnoreEnvironmentOverrides: true})
|
|
if err != nil {
|
|
panic("failed to initialize memory store: " + err.Error())
|
|
}
|
|
|
|
var options []app.Option
|
|
options = append(options, app.ConfigStore(memoryStore))
|
|
options = append(options, app.StoreOverride(mainHelper.Store))
|
|
|
|
s, err := app.NewServer(options...)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
if includeCacheLayer {
|
|
// Adds the cache layer to the test store
|
|
s.Store = localcachelayer.NewLocalCacheLayer(s.Store, s.Metrics, s.Cluster, s.CacheProvider)
|
|
}
|
|
|
|
a := s.FakeApp()
|
|
prevListenAddress := *a.Config().ServiceSettings.ListenAddress
|
|
a.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ListenAddress = ":0" })
|
|
serverErr := s.Start()
|
|
if serverErr != nil {
|
|
panic(serverErr)
|
|
}
|
|
a.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ListenAddress = prevListenAddress })
|
|
|
|
// Disable strict password requirements for test
|
|
a.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.PasswordSettings.MinimumLength = 5
|
|
*cfg.PasswordSettings.Lowercase = false
|
|
*cfg.PasswordSettings.Uppercase = false
|
|
*cfg.PasswordSettings.Symbol = false
|
|
*cfg.PasswordSettings.Number = false
|
|
})
|
|
|
|
web := New(s, s.AppOptions, s.Router)
|
|
URL = fmt.Sprintf("http://localhost:%v", a.Srv().ListenAddr.Port)
|
|
ApiClient = model.NewAPIv4Client(URL)
|
|
|
|
a.DoAppMigrations()
|
|
|
|
a.Srv().Store.MarkSystemRanUnitTests()
|
|
|
|
a.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.TeamSettings.EnableOpenServer = true
|
|
})
|
|
|
|
th := &TestHelper{
|
|
App: a,
|
|
Server: s,
|
|
Web: web,
|
|
IncludeCacheLayer: includeCacheLayer,
|
|
}
|
|
|
|
return th
|
|
}
|
|
|
|
func (th *TestHelper) InitPlugins() *TestHelper {
|
|
pluginDir := filepath.Join(th.tempWorkspace, "plugins")
|
|
webappDir := filepath.Join(th.tempWorkspace, "webapp")
|
|
|
|
th.App.InitPlugins(pluginDir, webappDir)
|
|
|
|
return th
|
|
}
|
|
|
|
func (th *TestHelper) InitBasic() *TestHelper {
|
|
th.SystemAdminUser, _ = th.App.CreateUser(&model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", EmailVerified: true, Roles: model.SYSTEM_ADMIN_ROLE_ID})
|
|
|
|
user, _ := th.App.CreateUser(&model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", EmailVerified: true, Roles: model.SYSTEM_USER_ROLE_ID})
|
|
|
|
team, _ := th.App.CreateTeam(&model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: user.Email, Type: model.TEAM_OPEN})
|
|
|
|
th.App.JoinUserToTeam(team, user, "")
|
|
|
|
channel, _ := th.App.CreateChannel(&model.Channel{DisplayName: "Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id, CreatorId: user.Id}, true)
|
|
|
|
th.BasicUser = user
|
|
th.BasicChannel = channel
|
|
th.BasicTeam = team
|
|
|
|
return th
|
|
}
|
|
|
|
func (th *TestHelper) TearDown() {
|
|
if th.IncludeCacheLayer {
|
|
// Clean all the caches
|
|
th.App.InvalidateAllCaches()
|
|
}
|
|
th.Server.Shutdown()
|
|
}
|
|
|
|
func TestStaticFilesRequest(t *testing.T) {
|
|
th := Setup(t).InitPlugins()
|
|
defer th.TearDown()
|
|
|
|
pluginID := "com.mattermost.sample"
|
|
|
|
// Setup the directory directly in the plugin working path.
|
|
pluginDir := filepath.Join(*th.App.Config().PluginSettings.Directory, pluginID)
|
|
err := os.MkdirAll(pluginDir, 0777)
|
|
require.NoError(t, err)
|
|
pluginDir, err = filepath.Abs(pluginDir)
|
|
require.NoError(t, err)
|
|
|
|
// Compile the backend
|
|
backend := filepath.Join(pluginDir, "backend.exe")
|
|
pluginCode := `
|
|
package main
|
|
|
|
import (
|
|
"github.com/mattermost/mattermost-server/v5/plugin"
|
|
)
|
|
|
|
type MyPlugin struct {
|
|
plugin.MattermostPlugin
|
|
}
|
|
|
|
func main() {
|
|
plugin.ClientMain(&MyPlugin{})
|
|
}
|
|
`
|
|
utils.CompileGo(t, pluginCode, backend)
|
|
|
|
// Write out the frontend
|
|
mainJS := `var x = alert();`
|
|
mainJSPath := filepath.Join(pluginDir, "main.js")
|
|
require.NoError(t, err)
|
|
err = ioutil.WriteFile(mainJSPath, []byte(mainJS), 0777)
|
|
require.NoError(t, err)
|
|
|
|
// Write the plugin.json manifest
|
|
pluginManifest := `{"id": "com.mattermost.sample", "server": {"executable": "backend.exe"}, "webapp": {"bundle_path":"main.js"}, "settings_schema": {"settings": []}}`
|
|
ioutil.WriteFile(filepath.Join(pluginDir, "plugin.json"), []byte(pluginManifest), 0600)
|
|
|
|
// Activate the plugin
|
|
manifest, activated, reterr := th.App.GetPluginsEnvironment().Activate(pluginID)
|
|
require.Nil(t, reterr)
|
|
require.NotNil(t, manifest)
|
|
require.True(t, activated)
|
|
|
|
// Verify access to the bundle with requisite headers
|
|
req, _ := http.NewRequest("GET", "/static/plugins/com.mattermost.sample/com.mattermost.sample_724ed0e2ebb2b841_bundle.js", nil)
|
|
res := httptest.NewRecorder()
|
|
th.Web.MainRouter.ServeHTTP(res, req)
|
|
assert.Equal(t, http.StatusOK, res.Code)
|
|
assert.Equal(t, mainJS, res.Body.String())
|
|
assert.Equal(t, []string{"max-age=31556926, public"}, res.Result().Header[http.CanonicalHeaderKey("Cache-Control")])
|
|
|
|
// Verify cached access to the bundle with an If-Modified-Since timestamp in the future
|
|
future := time.Now().Add(24 * time.Hour)
|
|
req, _ = http.NewRequest("GET", "/static/plugins/com.mattermost.sample/com.mattermost.sample_724ed0e2ebb2b841_bundle.js", nil)
|
|
req.Header.Add("If-Modified-Since", future.Format(time.RFC850))
|
|
res = httptest.NewRecorder()
|
|
th.Web.MainRouter.ServeHTTP(res, req)
|
|
assert.Equal(t, http.StatusNotModified, res.Code)
|
|
assert.Empty(t, res.Body.String())
|
|
assert.Equal(t, []string{"max-age=31556926, public"}, res.Result().Header[http.CanonicalHeaderKey("Cache-Control")])
|
|
|
|
// Verify access to the bundle with an If-Modified-Since timestamp in the past
|
|
past := time.Now().Add(-24 * time.Hour)
|
|
req, _ = http.NewRequest("GET", "/static/plugins/com.mattermost.sample/com.mattermost.sample_724ed0e2ebb2b841_bundle.js", nil)
|
|
req.Header.Add("If-Modified-Since", past.Format(time.RFC850))
|
|
res = httptest.NewRecorder()
|
|
th.Web.MainRouter.ServeHTTP(res, req)
|
|
assert.Equal(t, http.StatusOK, res.Code)
|
|
assert.Equal(t, mainJS, res.Body.String())
|
|
assert.Equal(t, []string{"max-age=31556926, public"}, res.Result().Header[http.CanonicalHeaderKey("Cache-Control")])
|
|
|
|
// Verify handling of 404.
|
|
req, _ = http.NewRequest("GET", "/static/plugins/com.mattermost.sample/404.js", nil)
|
|
res = httptest.NewRecorder()
|
|
th.Web.MainRouter.ServeHTTP(res, req)
|
|
assert.Equal(t, http.StatusNotFound, res.Code)
|
|
assert.Equal(t, "404 page not found\n", res.Body.String())
|
|
assert.Equal(t, []string{"no-cache, public"}, res.Result().Header[http.CanonicalHeaderKey("Cache-Control")])
|
|
}
|
|
|
|
func TestPublicFilesRequest(t *testing.T) {
|
|
th := Setup(t).InitPlugins()
|
|
defer th.TearDown()
|
|
|
|
pluginDir, err := ioutil.TempDir("", "")
|
|
require.NoError(t, err)
|
|
webappPluginDir, err := ioutil.TempDir("", "")
|
|
require.NoError(t, err)
|
|
defer os.RemoveAll(pluginDir)
|
|
defer os.RemoveAll(webappPluginDir)
|
|
|
|
env, err := plugin.NewEnvironment(th.App.NewPluginAPI, pluginDir, webappPluginDir, th.App.Log(), nil)
|
|
require.NoError(t, err)
|
|
|
|
pluginID := "com.mattermost.sample"
|
|
pluginCode :=
|
|
`
|
|
package main
|
|
|
|
import (
|
|
"github.com/mattermost/mattermost-server/v5/plugin"
|
|
)
|
|
|
|
type MyPlugin struct {
|
|
plugin.MattermostPlugin
|
|
}
|
|
|
|
func main() {
|
|
plugin.ClientMain(&MyPlugin{})
|
|
}
|
|
|
|
`
|
|
// Compile and write the plugin
|
|
backend := filepath.Join(pluginDir, pluginID, "backend.exe")
|
|
utils.CompileGo(t, pluginCode, backend)
|
|
|
|
// Write the plugin.json manifest
|
|
pluginManifest := `{"id": "com.mattermost.sample", "server": {"executable": "backend.exe"}, "settings_schema": {"settings": []}}`
|
|
ioutil.WriteFile(filepath.Join(pluginDir, pluginID, "plugin.json"), []byte(pluginManifest), 0600)
|
|
|
|
// Write the test public file
|
|
helloHTML := `Hello from the static files public folder for the com.mattermost.sample plugin!`
|
|
htmlFolderPath := filepath.Join(pluginDir, pluginID, "public")
|
|
os.MkdirAll(htmlFolderPath, os.ModePerm)
|
|
htmlFilePath := filepath.Join(htmlFolderPath, "hello.html")
|
|
|
|
htmlFileErr := ioutil.WriteFile(htmlFilePath, []byte(helloHTML), 0600)
|
|
assert.NoError(t, htmlFileErr)
|
|
|
|
nefariousHTML := `You shouldn't be able to get here!`
|
|
htmlFileErr = ioutil.WriteFile(filepath.Join(pluginDir, pluginID, "nefarious-file-access.html"), []byte(nefariousHTML), 0600)
|
|
assert.NoError(t, htmlFileErr)
|
|
|
|
manifest, activated, reterr := env.Activate(pluginID)
|
|
require.Nil(t, reterr)
|
|
require.NotNil(t, manifest)
|
|
require.True(t, activated)
|
|
|
|
th.App.SetPluginsEnvironment(env)
|
|
|
|
req, _ := http.NewRequest("GET", "/plugins/com.mattermost.sample/public/hello.html", nil)
|
|
res := httptest.NewRecorder()
|
|
th.Web.MainRouter.ServeHTTP(res, req)
|
|
assert.Equal(t, helloHTML, res.Body.String())
|
|
|
|
req, _ = http.NewRequest("GET", "/plugins/com.mattermost.sample/nefarious-file-access.html", nil)
|
|
res = httptest.NewRecorder()
|
|
th.Web.MainRouter.ServeHTTP(res, req)
|
|
assert.Equal(t, 404, res.Code)
|
|
|
|
req, _ = http.NewRequest("GET", "/plugins/com.mattermost.sample/public/../nefarious-file-access.html", nil)
|
|
res = httptest.NewRecorder()
|
|
th.Web.MainRouter.ServeHTTP(res, req)
|
|
assert.Equal(t, 301, res.Code)
|
|
}
|
|
|
|
/* Test disabled for now so we don't requrie the client to build. Maybe re-enable after client gets moved out.
|
|
func TestStatic(t *testing.T) {
|
|
Setup()
|
|
|
|
// add a short delay to make sure the server is ready to receive requests
|
|
time.Sleep(1 * time.Second)
|
|
|
|
resp, err := http.Get(URL + "/static/root.html")
|
|
|
|
assert.NoErrorf(t, err, "got error while trying to get static files %v", err)
|
|
assert.Equalf(t, resp.StatusCode, http.StatusOK, "couldn't get static files %v", resp.StatusCode)
|
|
}
|
|
*/
|
|
|
|
func TestCheckClientCompatability(t *testing.T) {
|
|
//Browser Name, UA String, expected result (if the browser should fail the test false and if it should pass the true)
|
|
type uaTest struct {
|
|
Name string // Name of Browser
|
|
UserAgent string // Useragent of Browser
|
|
Result bool // Expected result (true if browser should be compatible, false if browser shouldn't be compatible)
|
|
}
|
|
var uaTestParameters = []uaTest{
|
|
{"Mozilla 40.1", "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1", true},
|
|
{"Chrome 60", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36", true},
|
|
{"Chrome Mobile", "Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Mobile Safari/537.36", true},
|
|
{"MM Classic App", "Mozilla/5.0 (Linux; Android 8.0.0; Nexus 5X Build/OPR6.170623.013; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/61.0.3163.81 Mobile Safari/537.36 Web-Atoms-Mobile-WebView", true},
|
|
{"MM App 3.7.1", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Mattermost/3.7.1 Chrome/56.0.2924.87 Electron/1.6.11 Safari/537.36", true},
|
|
{"Franz 4.0.4", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Franz/4.0.4 Chrome/52.0.2743.82 Electron/1.3.1 Safari/537.36", true},
|
|
{"Edge 14", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393", true},
|
|
{"Internet Explorer 9", "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0", false},
|
|
{"Internet Explorer 11", "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko", false},
|
|
{"Internet Explorer 11 2", "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Zoom 3.6.0; rv:11.0) like Gecko", false},
|
|
{"Internet Explorer 11 (Compatibility Mode) 1", "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; .NET CLR 1.1.4322; InfoPath.3; Zoom 3.6.0)", false},
|
|
{"Internet Explorer 11 (Compatibility Mode) 2", "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Zoom 3.6.0)", false},
|
|
{"Safari 12", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Safari/605.1.15", true},
|
|
{"Safari 11", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Safari/604.1.38", false},
|
|
{"Safari 10", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/602.4.8 (KHTML, like Gecko) Version/10.0.3 Safari/602.4.8", false},
|
|
{"Safari 9", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/601.4.4 (KHTML, like Gecko) Version/9.0.3 Safari/601.4.4", false},
|
|
{"Safari 8", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/600.7.12 (KHTML, like Gecko) Version/8.0.7 Safari/600.7.12", false},
|
|
{"Safari Mobile 12", "Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like macOS) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/12.0 Mobile/14A5335d Safari/602.1.50", true},
|
|
{"Safari Mobile 9", "Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B137 Safari/601.1", false},
|
|
}
|
|
for _, browser := range uaTestParameters {
|
|
t.Run(browser.Name, func(t *testing.T) {
|
|
result := CheckClientCompatability(browser.UserAgent)
|
|
require.Equalf(t, result, browser.Result, "user agent test failed for %s", browser.Name)
|
|
})
|
|
}
|
|
}
|