IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
ccb034382850b7e8ea924a4559e47ef44203155c
mattermost/api4/user_test.go
Joram Wilander ccb0343828 Implement POST /users/ids endpoint for APIv4 (#5274)
2017-02-03 09:30:57 -05:00

245 lines
6.4 KiB
Go
Raw Blame History

// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package api4
import (
"net/http"
"strconv"
"testing"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/utils"
)
func TestCreateUser(t *testing.T) {
th := Setup().InitBasic()
defer TearDown()
Client := th.Client
user := model.User{Email: GenerateTestEmail(), Nickname: "Corey Hulen", Password: "hello1", Username: GenerateTestUsername(), Roles: model.ROLE_SYSTEM_ADMIN.Id + " " + model.ROLE_SYSTEM_USER.Id}
ruser, resp := Client.CreateUser(&user)
CheckNoError(t, resp)
Client.Login(user.Email, user.Password)
if ruser.Nickname != user.Nickname {
t.Fatal("nickname didn't match")
}
if ruser.Roles != model.ROLE_SYSTEM_USER.Id {
t.Log(ruser.Roles)
t.Fatal("did not clear roles")
}
CheckUserSanitization(t, ruser)
_, resp = Client.CreateUser(ruser)
CheckBadRequestStatus(t, resp)
ruser.Id = ""
ruser.Username = GenerateTestUsername()
ruser.Password = "passwd1"
_, resp = Client.CreateUser(ruser)
CheckErrorMessage(t, resp, "store.sql_user.save.email_exists.app_error")
CheckBadRequestStatus(t, resp)
ruser.Email = GenerateTestEmail()
ruser.Username = user.Username
_, resp = Client.CreateUser(ruser)
CheckErrorMessage(t, resp, "store.sql_user.save.username_exists.app_error")
CheckBadRequestStatus(t, resp)
ruser.Email = ""
_, resp = Client.CreateUser(ruser)
CheckErrorMessage(t, resp, "model.user.is_valid.email.app_error")
CheckBadRequestStatus(t, resp)
if r, err := Client.DoApiPost("/users", "garbage"); err == nil {
t.Fatal("should have errored")
} else {
if r.StatusCode != http.StatusBadRequest {
t.Log("actual: " + strconv.Itoa(r.StatusCode))
t.Log("expected: " + strconv.Itoa(http.StatusBadRequest))
t.Fatal("wrong status code")
}
}
}
func TestGetUser(t *testing.T) {
th := Setup().InitBasic().InitSystemAdmin()
defer TearDown()
Client := th.Client
user := th.CreateUser()
ruser, resp := Client.GetUser(user.Id, "")
CheckNoError(t, resp)
CheckUserSanitization(t, ruser)
if ruser.Email != user.Email {
t.Fatal("emails did not match")
}
ruser, resp = Client.GetUser(user.Id, resp.Etag)
CheckEtag(t, ruser, resp)
_, resp = Client.GetUser("junk", "")
CheckBadRequestStatus(t, resp)
_, resp = Client.GetUser(model.NewId(), "")
CheckNotFoundStatus(t, resp)
// Check against privacy config settings
emailPrivacy := utils.Cfg.PrivacySettings.ShowEmailAddress
namePrivacy := utils.Cfg.PrivacySettings.ShowFullName
defer func() {
utils.Cfg.PrivacySettings.ShowEmailAddress = emailPrivacy
utils.Cfg.PrivacySettings.ShowFullName = namePrivacy
}()
utils.Cfg.PrivacySettings.ShowEmailAddress = false
utils.Cfg.PrivacySettings.ShowFullName = false
ruser, resp = Client.GetUser(user.Id, "")
CheckNoError(t, resp)
if ruser.Email != "" {
t.Fatal("email should be blank")
}
if ruser.FirstName != "" {
t.Fatal("first name should be blank")
}
if ruser.LastName != "" {
t.Fatal("last name should be blank")
}
Client.Logout()
_, resp = Client.GetUser(user.Id, "")
CheckUnauthorizedStatus(t, resp)
// System admins should ignore privacy settings
ruser, resp = th.SystemAdminClient.GetUser(user.Id, resp.Etag)
if ruser.Email == "" {
t.Fatal("email should not be blank")
}
if ruser.FirstName == "" {
t.Fatal("first name should not be blank")
}
if ruser.LastName == "" {
t.Fatal("last name should not be blank")
}
}
func TestGetUsersByIds(t *testing.T) {
th := Setup().InitBasic()
Client := th.Client
users, resp := Client.GetUsersByIds([]string{th.BasicUser.Id})
CheckNoError(t, resp)
if users[0].Id != th.BasicUser.Id {
t.Fatal("returned wrong user")
}
CheckUserSanitization(t, users[0])
_, resp = Client.GetUsersByIds([]string{})
CheckBadRequestStatus(t, resp)
users, resp = Client.GetUsersByIds([]string{"junk"})
CheckNoError(t, resp)
if len(users) > 0 {
t.Fatal("no users should be returned")
}
users, resp = Client.GetUsersByIds([]string{"junk", th.BasicUser.Id})
CheckNoError(t, resp)
if len(users) != 1 {
t.Fatal("1 user should be returned")
}
Client.Logout()
_, resp = Client.GetUsersByIds([]string{th.BasicUser.Id})
CheckUnauthorizedStatus(t, resp)
}
func TestUpdateUser(t *testing.T) {
th := Setup().InitBasic().InitSystemAdmin()
defer TearDown()
Client := th.Client
user := th.CreateUser()
Client.Login(user.Email, user.Password)
user.Nickname = "Joram Wilander"
user.Roles = model.ROLE_SYSTEM_ADMIN.Id
user.LastPasswordUpdate = 123
ruser, resp := Client.UpdateUser(user)
CheckNoError(t, resp)
CheckUserSanitization(t, ruser)
if ruser.Nickname != "Joram Wilander" {
t.Fatal("Nickname did not update properly")
}
if ruser.Roles != model.ROLE_SYSTEM_USER.Id {
t.Fatal("Roles should not have updated")
}
if ruser.LastPasswordUpdate == 123 {
t.Fatal("LastPasswordUpdate should not have updated")
}
ruser.Id = "junk"
_, resp = Client.UpdateUser(ruser)
CheckBadRequestStatus(t, resp)
ruser.Id = model.NewId()
_, resp = Client.UpdateUser(ruser)
CheckForbiddenStatus(t, resp)
if r, err := Client.DoApiPut("/users/"+ruser.Id, "garbage"); err == nil {
t.Fatal("should have errored")
} else {
if r.StatusCode != http.StatusBadRequest {
t.Log("actual: " + strconv.Itoa(r.StatusCode))
t.Log("expected: " + strconv.Itoa(http.StatusBadRequest))
t.Fatal("wrong status code")
}
}
Client.Logout()
_, resp = Client.UpdateUser(user)
CheckUnauthorizedStatus(t, resp)
th.LoginBasic()
_, resp = Client.UpdateUser(user)
CheckForbiddenStatus(t, resp)
_, resp = th.SystemAdminClient.UpdateUser(user)
CheckNoError(t, resp)
}
func TestUpdateUserRoles(t *testing.T) {
th := Setup().InitBasic().InitSystemAdmin()
Client := th.Client
SystemAdminClient := th.SystemAdminClient
_, resp := Client.UpdateUserRoles(th.SystemAdminUser.Id, model.ROLE_SYSTEM_USER.Id)
CheckForbiddenStatus(t, resp)
_, resp = SystemAdminClient.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id)
CheckNoError(t, resp)
_, resp = SystemAdminClient.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_ADMIN.Id)
CheckNoError(t, resp)
_, resp = SystemAdminClient.UpdateUserRoles(th.BasicUser.Id, "junk")
CheckBadRequestStatus(t, resp)
_, resp = SystemAdminClient.UpdateUserRoles("junk", model.ROLE_SYSTEM_USER.Id)
CheckBadRequestStatus(t, resp)
_, resp = SystemAdminClient.UpdateUserRoles(model.NewId(), model.ROLE_SYSTEM_USER.Id)
CheckBadRequestStatus(t, resp)
}
Reference in New Issue View Git Blame Copy Permalink