IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
cef5028cbeed93b6493f6d1f379afe4ca85535c8
mattermost/api/webhook_test.go
Poornima 19b753467d Adding edit of incoming webhook (#5272) 
Adding edit of outgoing webhook
Fixing spelling of error
Fixing style
Changing from PUT to POST for updates
Fixing test failures due to merge
2017-02-26 13:48:20 -05:00

1097 lines
35 KiB
Go
Raw Blame History

// Copyright (c) 2015 Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package api
import (
"fmt"
"net/http"
"testing"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/utils"
)
func TestCreateIncomingHook(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
user := th.SystemAdminUser
team := th.SystemAdminTeam
channel1 := th.CreateChannel(Client, team)
channel2 := th.CreatePrivateChannel(Client, team)
channel3 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook := &model.IncomingWebhook{ChannelId: channel1.Id}
var rhook *model.IncomingWebhook
if result, err := Client.CreateIncomingWebhook(hook); err != nil {
t.Fatal(err)
} else {
rhook = result.Data.(*model.IncomingWebhook)
}
if hook.ChannelId != rhook.ChannelId {
t.Fatal("channel ids didn't match")
}
if rhook.UserId != user.Id {
t.Fatal("user ids didn't match")
}
if rhook.TeamId != team.Id {
t.Fatal("team ids didn't match")
}
hook = &model.IncomingWebhook{ChannelId: "junk"}
if _, err := Client.CreateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - bad channel id")
}
hook = &model.IncomingWebhook{ChannelId: channel2.Id, UserId: "123", TeamId: "456"}
if result, err := Client.CreateIncomingWebhook(hook); err != nil {
t.Fatal(err)
} else {
if result.Data.(*model.IncomingWebhook).UserId != user.Id {
t.Fatal("bad user id wasn't overwritten")
}
if result.Data.(*model.IncomingWebhook).TeamId != team.Id {
t.Fatal("bad team id wasn't overwritten")
}
}
Client.Must(Client.LeaveChannel(channel3.Id))
hook = &model.IncomingWebhook{ChannelId: channel3.Id, UserId: user.Id, TeamId: team.Id}
if _, err := Client.CreateIncomingWebhook(hook); err != nil {
t.Fatal(err)
}
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
hook = &model.IncomingWebhook{ChannelId: channel1.Id}
if _, err := Client.CreateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - not system/team admin")
}
Client.Logout()
UpdateUserToTeamAdmin(user2, team)
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
if _, err := Client.CreateIncomingWebhook(hook); err != nil {
t.Fatal(err)
}
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
if _, err := Client.CreateIncomingWebhook(hook); err != nil {
t.Fatal(err)
}
hook = &model.IncomingWebhook{ChannelId: channel2.Id}
if _, err := Client.CreateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - channel is private and not a member")
}
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
if _, err := Client.CreateIncomingWebhook(hook); err == nil {
t.Fatal("should have errored - webhooks turned off")
}
}
func TestUpdateIncomingHook(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
team := th.SystemAdminTeam
channel1 := th.CreateChannel(Client, team)
channel2 := th.CreatePrivateChannel(Client, team)
channel3 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
team2 := th.CreateTeam(Client)
user3 := th.CreateUser(Client)
LinkUserToTeam(user3, team2)
UpdateUserToTeamAdmin(user3, team2)
enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook := createIncomingWebhook(channel1.Id, Client, t)
t.Run("UpdateIncomingHook", func(t *testing.T) {
hook.DisplayName = "hook2"
hook.Description = "description"
hook.ChannelId = channel3.Id
if result, err := Client.UpdateIncomingWebhook(hook); err != nil {
t.Fatal("Update hook should not fail")
} else {
updatedHook := result.Data.(*model.IncomingWebhook)
if updatedHook.DisplayName != "hook2" {
t.Fatal("Hook name is not updated")
}
if updatedHook.Description != "description" {
t.Fatal("Hook description is not updated")
}
if updatedHook.ChannelId != channel3.Id {
t.Fatal("Hook channel is not updated")
}
}
})
t.Run("RetainCreateAt", func(t *testing.T) {
hook2 := &model.IncomingWebhook{ChannelId: channel1.Id, CreateAt: 100}
if result, err := Client.CreateIncomingWebhook(hook2); err != nil {
t.Fatal("hook creation failed")
} else {
createdHook := result.Data.(*model.IncomingWebhook)
createdHook.DisplayName = "Name2"
if result, err := Client.UpdateIncomingWebhook(createdHook); err != nil {
t.Fatal("Update hook should not fail")
} else {
updatedHook := result.Data.(*model.IncomingWebhook)
if updatedHook.CreateAt != createdHook.CreateAt {
t.Fatal("failed - hook create at should not be changed")
}
}
}
})
t.Run("ModifyUpdateAt", func(t *testing.T) {
hook.DisplayName = "Name3"
if result, err := Client.UpdateIncomingWebhook(hook); err != nil {
t.Fatal("Update hook should not fail")
} else {
updatedHook := result.Data.(*model.IncomingWebhook)
if updatedHook.UpdateAt == hook.UpdateAt {
t.Fatal("failed - hook updateAt is not updated")
}
}
})
t.Run("UpdateNonExistentHook", func(t *testing.T) {
nonExistentHook := &model.IncomingWebhook{ChannelId: channel1.Id}
if _, err := Client.UpdateIncomingWebhook(nonExistentHook); err == nil {
t.Fatal("should have failed - update a non-existent hook")
}
})
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
t.Run("UserIsNotAdminOfTeam", func(t *testing.T) {
if _, err := Client.UpdateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - user is not admin of team")
}
})
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
t.Run("OnlyAdminIntegrationsDisabled", func(t *testing.T) {
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
t.Run("UpdateHookOfSameUser", func(t *testing.T) {
sameUserHook := &model.IncomingWebhook{ChannelId: channel1.Id, UserId: user2.Id}
if result, err := Client.CreateIncomingWebhook(sameUserHook); err != nil {
t.Fatal("Hook creation failed")
} else {
sameUserHook = result.Data.(*model.IncomingWebhook)
}
if _, err := Client.UpdateIncomingWebhook(sameUserHook); err != nil {
t.Fatal("should not fail - only admin integrations are disabled & hook of same user")
}
})
t.Run("UpdateHookOfDifferentUser", func(t *testing.T) {
if _, err := Client.UpdateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - user does not have permissions to update other user's hooks")
}
})
})
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
Client.Logout()
UpdateUserToTeamAdmin(user2, team)
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
t.Run("UpdateByDifferentUser", func(t *testing.T) {
if result, err := Client.UpdateIncomingWebhook(hook); err != nil {
t.Fatal("Update hook should not fail")
} else {
updatedHook := result.Data.(*model.IncomingWebhook)
if updatedHook.UserId == user2.Id {
t.Fatal("Hook's creator userId is not retained")
}
}
})
t.Run("IncomingHooksDisabled", func(t *testing.T) {
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
if _, err := Client.UpdateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - incoming hooks are disabled")
}
})
t.Run("PrivateChannel", func(t *testing.T) {
hook.ChannelId = channel2.Id
if _, err := Client.UpdateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - updating to a private channel where the user is not a member")
}
})
t.Run("UpdateToNonExistentChannel", func(t *testing.T) {
hook.ChannelId = "junk"
if _, err := Client.UpdateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - bad channel id")
}
})
Client.Logout()
Client.Must(Client.LoginById(user3.Id, user3.Password))
Client.SetTeamId(team2.Id)
t.Run("UpdateToADifferentTeam", func(t *testing.T) {
if _, err := Client.UpdateIncomingWebhook(hook); err == nil {
t.Fatal("should have failed - update to a different team is not allowed")
}
})
}
func createIncomingWebhook(channelID string, Client *model.Client, t *testing.T) *model.IncomingWebhook {
hook := &model.IncomingWebhook{ChannelId: channelID}
if result, err := Client.CreateIncomingWebhook(hook); err != nil {
t.Fatal("Hook creation failed")
} else {
hook = result.Data.(*model.IncomingWebhook)
}
return hook
}
func createOutgoingWebhook(channelID string, callbackURLs []string, triggerWords []string, Client *model.Client, t *testing.T) *model.OutgoingWebhook {
hook := &model.OutgoingWebhook{ChannelId: channelID, CallbackURLs: callbackURLs, TriggerWords: triggerWords}
if result, err := Client.CreateOutgoingWebhook(hook); err != nil {
t.Fatal("Hook creation failed")
} else {
hook = result.Data.(*model.OutgoingWebhook)
}
return hook
}
func TestListIncomingHooks(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
team := th.SystemAdminTeam
channel1 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook1 := &model.IncomingWebhook{ChannelId: channel1.Id}
hook1 = Client.Must(Client.CreateIncomingWebhook(hook1)).Data.(*model.IncomingWebhook)
hook2 := &model.IncomingWebhook{ChannelId: channel1.Id}
hook2 = Client.Must(Client.CreateIncomingWebhook(hook2)).Data.(*model.IncomingWebhook)
if result, err := Client.ListIncomingWebhooks(); err != nil {
t.Fatal(err)
} else {
hooks := result.Data.([]*model.IncomingWebhook)
if len(hooks) != 2 {
t.Fatal("incorrect number of hooks")
}
}
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
if _, err := Client.ListIncomingWebhooks(); err == nil {
t.Fatal("should have errored - not system/team admin")
}
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
if _, err := Client.ListIncomingWebhooks(); err != nil {
t.Fatal(err)
}
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
if _, err := Client.ListIncomingWebhooks(); err == nil {
t.Fatal("should have errored - webhooks turned off")
}
}
func TestDeleteIncomingHook(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
team := th.SystemAdminTeam
channel1 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook := &model.IncomingWebhook{ChannelId: channel1.Id}
hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
if _, err := Client.DeleteIncomingWebhook(hook.Id); err != nil {
t.Fatal(err)
}
if _, err := Client.DeleteIncomingWebhook("junk"); err == nil {
t.Fatal("should have failed - bad id")
}
if _, err := Client.DeleteIncomingWebhook(""); err == nil {
t.Fatal("should have failed - empty id")
}
hooks := Client.Must(Client.ListIncomingWebhooks()).Data.([]*model.IncomingWebhook)
if len(hooks) != 0 {
t.Fatal("delete didn't work properly")
}
hook = &model.IncomingWebhook{ChannelId: channel1.Id}
hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
if _, err := Client.DeleteIncomingWebhook(hook.Id); err == nil {
t.Fatal("should have failed - not system/team admin")
}
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
if _, err := Client.DeleteIncomingWebhook(hook.Id); err == nil {
t.Fatal("should have failed - not creator or team admin")
}
hook = &model.IncomingWebhook{ChannelId: channel1.Id}
hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
if _, err := Client.DeleteIncomingWebhook(hook.Id); err != nil {
t.Fatal(err)
}
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
if _, err := Client.DeleteIncomingWebhook(hook.Id); err == nil {
t.Fatal("should have errored - webhooks turned off")
}
}
func TestCreateOutgoingHook(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
user := th.SystemAdminUser
team := th.SystemAdminTeam
team2 := th.CreateTeam(Client)
channel1 := th.CreateChannel(Client, team)
channel2 := th.CreatePrivateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
user3 := th.CreateUser(Client)
LinkUserToTeam(user3, team2)
enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
var rhook *model.OutgoingWebhook
if result, err := Client.CreateOutgoingWebhook(hook); err != nil {
t.Fatal(err)
} else {
rhook = result.Data.(*model.OutgoingWebhook)
}
if hook.ChannelId != rhook.ChannelId {
t.Fatal("channel ids didn't match")
}
if rhook.CreatorId != user.Id {
t.Fatal("user ids didn't match")
}
if rhook.TeamId != team.Id {
t.Fatal("team ids didn't match")
}
hook = &model.OutgoingWebhook{ChannelId: channel1.Id, TriggerWords: []string{"cats", "dogs"}, CallbackURLs: []string{"http://nowhere.com", "http://cats.com"}}
hook1 := &model.OutgoingWebhook{ChannelId: channel1.Id, TriggerWords: []string{"cats"}, CallbackURLs: []string{"http://nowhere.com"}}
if _, err := Client.CreateOutgoingWebhook(hook); err != nil {
t.Fatal("multiple trigger words and urls failed")
}
if _, err := Client.CreateOutgoingWebhook(hook1); err == nil {
t.Fatal("should have failed - duplicate trigger words and urls")
}
hook = &model.OutgoingWebhook{ChannelId: "junk", CallbackURLs: []string{"http://nowhere.com"}}
if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - bad channel id")
}
hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CreatorId: "123", TeamId: "456", CallbackURLs: []string{"http://nowhere.com"}}
if result, err := Client.CreateOutgoingWebhook(hook); err != nil {
t.Fatal(err)
} else {
if result.Data.(*model.OutgoingWebhook).CreatorId != user.Id {
t.Fatal("bad user id wasn't overwritten")
}
if result.Data.(*model.OutgoingWebhook).TeamId != team.Id {
t.Fatal("bad team id wasn't overwritten")
}
}
hook = &model.OutgoingWebhook{ChannelId: channel2.Id, CallbackURLs: []string{"http://nowhere.com"}}
if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - private channel")
}
hook = &model.OutgoingWebhook{CallbackURLs: []string{"http://nowhere.com"}}
if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - blank channel and trigger words")
}
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - not system/team admin")
}
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
if _, err := Client.CreateOutgoingWebhook(hook); err != nil {
t.Fatal(err)
}
Client.Logout()
Client.Must(Client.LoginById(user3.Id, user3.Password))
Client.SetTeamId(team2.Id)
if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - wrong team")
}
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
t.Fatal("should have errored - webhooks turned off")
}
}
func TestListOutgoingHooks(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
team := th.SystemAdminTeam
channel1 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook1 := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
hook1 = Client.Must(Client.CreateOutgoingWebhook(hook1)).Data.(*model.OutgoingWebhook)
hook2 := &model.OutgoingWebhook{TriggerWords: []string{"trigger"}, CallbackURLs: []string{"http://nowhere.com"}}
hook2 = Client.Must(Client.CreateOutgoingWebhook(hook2)).Data.(*model.OutgoingWebhook)
if result, err := Client.ListOutgoingWebhooks(); err != nil {
t.Fatal(err)
} else {
hooks := result.Data.([]*model.OutgoingWebhook)
if len(hooks) != 2 {
t.Fatal("incorrect number of hooks")
}
}
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
if _, err := Client.ListOutgoingWebhooks(); err == nil {
t.Fatal("should have failed - not system/team admin")
}
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
if _, err := Client.ListOutgoingWebhooks(); err != nil {
t.Fatal(err)
}
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
if _, err := Client.ListOutgoingWebhooks(); err == nil {
t.Fatal("should have errored - webhooks turned off")
}
}
func TestUpdateOutgoingHook(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
user := th.SystemAdminUser
team := th.SystemAdminTeam
team2 := th.CreateTeam(Client)
channel1 := th.CreateChannel(Client, team)
channel2 := th.CreatePrivateChannel(Client, team)
channel3 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
user3 := th.CreateUser(Client)
LinkUserToTeam(user3, team2)
enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook := createOutgoingWebhook(channel1.Id, []string{"http://nowhere.com"}, []string{"cats"}, Client, t)
createOutgoingWebhook(channel1.Id, []string{"http://nowhere.com"}, []string{"dogs"}, Client, t)
hook.DisplayName = "Cats"
hook.Description = "Get me some cats"
t.Run("OutgoingHooksDisabled", func(t *testing.T) {
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
if _, err := Client.UpdateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - outgoing webhooks disabled")
}
})
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
t.Run("UpdateOutgoingWebhook", func(t *testing.T) {
if result, err := Client.UpdateOutgoingWebhook(hook); err != nil {
t.Fatal("failed to update outgoing web hook")
} else {
updatedHook := result.Data.(*model.OutgoingWebhook)
if updatedHook.DisplayName != hook.DisplayName {
t.Fatal("Hook display name did not get updated")
}
if updatedHook.Description != hook.Description {
t.Fatal("Hook description did not get updated")
}
}
})
t.Run("RetainCreateAt", func(t *testing.T) {
hook2 := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}, TriggerWords: []string{"rats"}}
if result, err := Client.CreateOutgoingWebhook(hook2); err != nil {
t.Fatal("hook creation failed")
} else {
createdHook := result.Data.(*model.OutgoingWebhook)
createdHook.DisplayName = "Name2"
if result, err := Client.UpdateOutgoingWebhook(createdHook); err != nil {
t.Fatal("Update hook should not fail")
} else {
updatedHook := result.Data.(*model.OutgoingWebhook)
if updatedHook.CreateAt != createdHook.CreateAt {
t.Fatal("failed - hook create at should not be changed")
}
}
}
})
t.Run("ModifyUpdateAt", func(t *testing.T) {
hook.DisplayName = "Name3"
if result, err := Client.UpdateOutgoingWebhook(hook); err != nil {
t.Fatal("Update hook should not fail")
} else {
updatedHook := result.Data.(*model.OutgoingWebhook)
if updatedHook.UpdateAt == hook.UpdateAt {
t.Fatal("failed - hook updateAt is not updated")
}
}
})
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
t.Run("UpdateByUserWithoutPermissions", func(t *testing.T) {
if _, err := Client.UpdateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - user does not have permissions to manage webhooks")
}
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
t.Run("WithoutOnlyAdminIntegrations", func(t *testing.T) {
if _, err := Client.UpdateOutgoingWebhook(hook); err != nil {
t.Fatal("update webhook failed when admin only integrations is turned off")
}
})
})
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
Client.Logout()
LinkUserToTeam(user3, team)
UpdateUserToTeamAdmin(user3, team)
Client.Must(Client.LoginById(user3.Id, user3.Password))
Client.SetTeamId(team.Id)
t.Run("RetainHookCreator", func(t *testing.T) {
if result, err := Client.UpdateOutgoingWebhook(hook); err != nil {
t.Fatal("failed to update outgoing web hook")
} else {
updatedHook := result.Data.(*model.OutgoingWebhook)
if updatedHook.CreatorId != user.Id {
t.Fatal("hook creator should not be changed")
}
}
})
Client.Logout()
Client.Must(Client.LoginById(user.Id, user.Password))
Client.SetTeamId(team.Id)
t.Run("UpdateToExistingTriggerWordAndCallback", func(t *testing.T) {
t.Run("OnSameChannel", func(t *testing.T) {
hook.TriggerWords = []string{"dogs"}
if _, err := Client.UpdateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - duplicate trigger words & channel urls")
}
})
t.Run("OnDifferentChannel", func(t *testing.T) {
hook.TriggerWords = []string{"dogs"}
hook.ChannelId = channel3.Id
if _, err := Client.UpdateOutgoingWebhook(hook); err != nil {
t.Fatal("update of hook failed with duplicate trigger word but different channel")
}
})
})
t.Run("UpdateToNonExistentChannel", func(t *testing.T) {
hook.ChannelId = "junk"
if _, err := Client.UpdateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - non existent channel")
}
})
t.Run("UpdateToPrivateChannel", func(t *testing.T) {
hook.ChannelId = channel2.Id
if _, err := Client.UpdateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - update to a private channel")
}
})
t.Run("UpdateToBlankTriggerWordAndChannel", func(t *testing.T) {
hook.ChannelId = ""
hook.TriggerWords = nil
if _, err := Client.UpdateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - update to blank trigger words & channel")
}
})
Client.Logout()
Client.Must(Client.LoginById(user3.Id, user3.Password))
Client.SetTeamId(team2.Id)
t.Run("UpdateToADifferentTeam", func(t *testing.T) {
if _, err := Client.UpdateOutgoingWebhook(hook); err == nil {
t.Fatal("should have failed - update to a different team is not allowed")
}
})
}
func TestDeleteOutgoingHook(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
team := th.SystemAdminTeam
channel1 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
if _, err := Client.DeleteOutgoingWebhook("junk"); err == nil {
t.Fatal("should have failed - bad hook id")
}
if _, err := Client.DeleteOutgoingWebhook(""); err == nil {
t.Fatal("should have failed - empty hook id")
}
if _, err := Client.DeleteOutgoingWebhook(hook.Id); err != nil {
t.Fatal(err)
}
hooks := Client.Must(Client.ListOutgoingWebhooks()).Data.([]*model.OutgoingWebhook)
if len(hooks) != 0 {
t.Fatal("delete didn't work properly")
}
hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
if _, err := Client.DeleteOutgoingWebhook(hook.Id); err == nil {
t.Fatal("should have failed - not system/team admin")
}
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
if _, err := Client.DeleteOutgoingWebhook(hook.Id); err == nil {
t.Fatal("should have failed - not creator or team admin")
}
hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
if _, err := Client.DeleteOutgoingWebhook(hook.Id); err != nil {
t.Fatal(err)
}
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
if _, err := Client.DeleteOutgoingWebhook(hook.Id); err == nil {
t.Fatal("should have errored - webhooks turned off")
}
}
func TestRegenOutgoingHookToken(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
team := th.SystemAdminTeam
team2 := th.CreateTeam(Client)
channel1 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
user3 := th.CreateUser(Client)
LinkUserToTeam(user3, team2)
enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
defer func() {
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
utils.SetDefaultRolesBasedOnConfig()
}()
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
utils.SetDefaultRolesBasedOnConfig()
hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
if _, err := Client.RegenOutgoingWebhookToken("junk"); err == nil {
t.Fatal("should have failed - bad id")
}
if _, err := Client.RegenOutgoingWebhookToken(""); err == nil {
t.Fatal("should have failed - empty id")
}
if result, err := Client.RegenOutgoingWebhookToken(hook.Id); err != nil {
t.Fatal(err)
} else {
if result.Data.(*model.OutgoingWebhook).Token == hook.Token {
t.Fatal("regen didn't work properly")
}
}
Client.Logout()
Client.Must(Client.LoginById(user2.Id, user2.Password))
Client.SetTeamId(team.Id)
if _, err := Client.RegenOutgoingWebhookToken(hook.Id); err == nil {
t.Fatal("should have failed - not system/team admin")
}
*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
utils.SetDefaultRolesBasedOnConfig()
hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
if _, err := Client.RegenOutgoingWebhookToken(hook.Id); err != nil {
t.Fatal(err)
}
Client.Logout()
Client.Must(Client.LoginById(user3.Id, user3.Password))
Client.SetTeamId(team2.Id)
if _, err := Client.RegenOutgoingWebhookToken(hook.Id); err == nil {
t.Fatal("should have failed - wrong team")
}
utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
if _, err := Client.RegenOutgoingWebhookToken(hook.Id); err == nil {
t.Fatal("should have errored - webhooks turned off")
}
}
func TestIncomingWebhooks(t *testing.T) {
th := Setup().InitSystemAdmin()
Client := th.SystemAdminClient
team := th.SystemAdminTeam
channel1 := th.CreateChannel(Client, team)
user2 := th.CreateUser(Client)
LinkUserToTeam(user2, team)
enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
defer func() {
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
}()
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
hook := &model.IncomingWebhook{ChannelId: channel1.Id}
hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
url := "/hooks/" + hook.Id
text := `this is a \"test\"
that contains a newline and a tab`
if _, err := Client.DoPost(url, "{\"text\":\"this is a test\"}", "application/json"); err != nil {
t.Fatal(err)
}
if _, err := Client.DoPost(url, "{\"text\":\""+text+"\"}", "application/json"); err != nil {
t.Fatal(err)
}
if _, err := Client.DoPost(url, fmt.Sprintf("{\"text\":\"this is a test\", \"channel\":\"%s\"}", channel1.Name), "application/json"); err != nil {
t.Fatal(err)
}
if _, err := Client.DoPost(url, fmt.Sprintf("{\"text\":\"this is a test\", \"channel\":\"#%s\"}", channel1.Name), "application/json"); err != nil {
t.Fatal(err)
}
if _, err := Client.DoPost(url, fmt.Sprintf("{\"text\":\"this is a test\", \"channel\":\"@%s\"}", user2.Username), "application/json"); err != nil {
t.Fatal(err)
}
if _, err := Client.DoPost(url, "payload={\"text\":\"this is a test\"}", "application/x-www-form-urlencoded"); err != nil {
t.Fatal(err)
}
if _, err := Client.DoPost(url, "payload={\"text\":\""+text+"\"}", "application/x-www-form-urlencoded"); err != nil {
t.Fatal(err)
}
attachmentPayload := `{
"text": "this is a test",
"attachments": [
{
"fallback": "Required plain-text summary of the attachment.",
"color": "#36a64f",
"pretext": "Optional text that appears above the attachment block",
"author_name": "Bobby Tables",
"author_link": "http://flickr.com/bobby/",
"author_icon": "http://flickr.com/icons/bobby.jpg",
"title": "Slack API Documentation",
"title_link": "https://api.slack.com/",
"text": "Optional text that appears within the attachment",
"fields": [
{
"title": "Priority",
"value": "High",
"short": false
}
],
"image_url": "http://my-website.com/path/to/image.jpg",
"thumb_url": "http://example.com/path/to/thumb.png"
}
]
}`
if _, err := Client.DoPost(url, attachmentPayload, "application/json"); err != nil {
t.Fatal(err)
}
if _, err := Client.DoPost(url, "{\"text\":\"\"}", "application/json"); err == nil || err.StatusCode != http.StatusBadRequest {
t.Fatal("should have failed - no text")
}
tooLongText := ""
for i := 0; i < 8200; i++ {
tooLongText += "a"
}
if _, err := Client.DoPost(url, "{\"text\":\""+tooLongText+"\"}", "application/json"); err == nil || err.StatusCode != http.StatusBadRequest {
t.Fatal("should have failed - text too long")
}
attachmentPayload = `{
"text": "this is a test",
"attachments": [
{
"fallback": "Required plain-text summary of the attachment.",
"color": "#36a64f",
"pretext": "Optional text that appears above the attachment block",
"author_name": "Bobby Tables",
"author_link": "http://flickr.com/bobby/",
"author_icon": "http://flickr.com/icons/bobby.jpg",
"title": "Slack API Documentation",
"title_link": "https://api.slack.com/",
"text": "` + tooLongText + `",
"fields": [
{
"title": "Priority",
"value": "High",
"short": false
}
],
"image_url": "http://my-website.com/path/to/image.jpg",
"thumb_url": "http://example.com/path/to/thumb.png"
}
]
}`
if _, err := Client.DoPost(url, attachmentPayload, "application/json"); err == nil || err.StatusCode != http.StatusBadRequest {
t.Fatal("should have failed with bad request - attachment too long")
}
utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
if _, err := Client.DoPost(url, "{\"text\":\"this is a test\"}", "application/json"); err == nil {
t.Fatal("should have failed - webhooks turned off")
}
}
Reference in New Issue View Git Blame Copy Permalink