github.com/coincircle/mattermost-server@v4.8.1-0.20180321182714-9d701c704416+incompatible/api/admin_test.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api 5 6 import ( 7 "net/http" 8 "strings" 9 "testing" 10 11 "github.com/mattermost/mattermost-server/model" 12 "github.com/mattermost/mattermost-server/store" 13 "github.com/stretchr/testify/assert" 14 ) 15 16 func TestGetLogs(t *testing.T) { 17 th := Setup().InitSystemAdmin().InitBasic() 18 defer th.TearDown() 19 20 if _, err := th.BasicClient.GetLogs(); err == nil { 21 t.Fatal("Shouldn't have permissions") 22 } 23 24 if logs, err := th.SystemAdminClient.GetLogs(); err != nil { 25 t.Fatal(err) 26 } else if len(logs.Data.([]string)) <= 0 { 27 t.Fatal() 28 } 29 } 30 31 func TestGetClusterInfos(t *testing.T) { 32 if testing.Short() { 33 t.SkipNow() 34 } 35 th := Setup().InitSystemAdmin().InitBasic() 36 defer th.TearDown() 37 38 if _, err := th.BasicClient.GetClusterStatus(); err == nil { 39 t.Fatal("Shouldn't have permissions") 40 } 41 42 if _, err := th.SystemAdminClient.GetClusterStatus(); err != nil { 43 t.Fatal(err) 44 } 45 } 46 47 func TestGetAllAudits(t *testing.T) { 48 th := Setup().InitBasic().InitSystemAdmin() 49 defer th.TearDown() 50 51 if _, err := th.BasicClient.GetAllAudits(); err == nil { 52 t.Fatal("Shouldn't have permissions") 53 } 54 55 if audits, err := th.SystemAdminClient.GetAllAudits(); err != nil { 56 t.Fatal(err) 57 } else if len(audits.Data.(model.Audits)) <= 0 { 58 t.Fatal() 59 } 60 } 61 62 func TestGetConfig(t *testing.T) { 63 th := Setup().InitBasic().InitSystemAdmin() 64 defer th.TearDown() 65 66 if _, err := th.BasicClient.GetConfig(); err == nil { 67 t.Fatal("Shouldn't have permissions") 68 } 69 70 if result, err := th.SystemAdminClient.GetConfig(); err != nil { 71 t.Fatal(err) 72 } else { 73 cfg := result.Data.(*model.Config) 74 75 if len(cfg.TeamSettings.SiteName) == 0 { 76 t.Fatal() 77 } 78 79 if *cfg.LdapSettings.BindPassword != model.FAKE_SETTING && len(*cfg.LdapSettings.BindPassword) != 0 { 80 t.Fatal("did not sanitize properly") 81 } 82 if *cfg.FileSettings.PublicLinkSalt != model.FAKE_SETTING { 83 t.Fatal("did not sanitize properly") 84 } 85 if cfg.FileSettings.AmazonS3SecretAccessKey != model.FAKE_SETTING && len(cfg.FileSettings.AmazonS3SecretAccessKey) != 0 { 86 t.Fatal("did not sanitize properly") 87 } 88 if cfg.EmailSettings.InviteSalt != model.FAKE_SETTING { 89 t.Fatal("did not sanitize properly") 90 } 91 if cfg.EmailSettings.SMTPPassword != model.FAKE_SETTING && len(cfg.EmailSettings.SMTPPassword) != 0 { 92 t.Fatal("did not sanitize properly") 93 } 94 if cfg.GitLabSettings.Secret != model.FAKE_SETTING && len(cfg.GitLabSettings.Secret) != 0 { 95 t.Fatal("did not sanitize properly") 96 } 97 if *cfg.SqlSettings.DataSource != model.FAKE_SETTING { 98 t.Fatal("did not sanitize properly") 99 } 100 if cfg.SqlSettings.AtRestEncryptKey != model.FAKE_SETTING { 101 t.Fatal("did not sanitize properly") 102 } 103 if !strings.Contains(strings.Join(cfg.SqlSettings.DataSourceReplicas, " "), model.FAKE_SETTING) && len(cfg.SqlSettings.DataSourceReplicas) != 0 { 104 t.Fatal("did not sanitize properly") 105 } 106 } 107 } 108 109 func TestReloadConfig(t *testing.T) { 110 th := Setup().InitBasic().InitSystemAdmin() 111 defer th.TearDown() 112 113 if _, err := th.BasicClient.ReloadConfig(); err == nil { 114 t.Fatal("Shouldn't have permissions") 115 } 116 117 if _, err := th.SystemAdminClient.ReloadConfig(); err != nil { 118 t.Fatal(err) 119 } 120 121 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.MaxUsersPerTeam = 50 }) 122 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableOpenServer = true }) 123 } 124 125 func TestInvalidateAllCache(t *testing.T) { 126 th := Setup().InitBasic().InitSystemAdmin() 127 defer th.TearDown() 128 129 if _, err := th.BasicClient.InvalidateAllCaches(); err == nil { 130 t.Fatal("Shouldn't have permissions") 131 } 132 133 if _, err := th.SystemAdminClient.InvalidateAllCaches(); err != nil { 134 t.Fatal(err) 135 } 136 } 137 138 func TestSaveConfig(t *testing.T) { 139 th := Setup().InitBasic().InitSystemAdmin() 140 defer th.TearDown() 141 142 if _, err := th.BasicClient.SaveConfig(th.App.Config()); err == nil { 143 t.Fatal("Shouldn't have permissions") 144 } 145 146 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableOpenServer = false }) 147 148 if _, err := th.SystemAdminClient.SaveConfig(th.App.Config()); err != nil { 149 t.Fatal(err) 150 } 151 152 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableOpenServer = true }) 153 154 // Should not be able to modify PluginSettings.EnableUploads 155 oldEnableUploads := *th.App.GetConfig().PluginSettings.EnableUploads 156 cfg := &model.Config{} 157 cfg.SetDefaults() 158 *cfg.PluginSettings.EnableUploads = !oldEnableUploads 159 160 if _, err := th.SystemAdminClient.SaveConfig(cfg); err != nil { 161 t.Fatal(err) 162 } 163 164 assert.Equal(t, oldEnableUploads, *th.App.Config().PluginSettings.EnableUploads) 165 } 166 167 func TestRecycleDatabaseConnection(t *testing.T) { 168 th := Setup().InitBasic().InitSystemAdmin() 169 defer th.TearDown() 170 171 if _, err := th.BasicClient.RecycleDatabaseConnection(); err == nil { 172 t.Fatal("Shouldn't have permissions") 173 } 174 175 if _, err := th.SystemAdminClient.RecycleDatabaseConnection(); err != nil { 176 t.Fatal(err) 177 } 178 } 179 180 func TestEmailTest(t *testing.T) { 181 th := Setup().InitBasic().InitSystemAdmin() 182 defer th.TearDown() 183 184 SendEmailNotifications := th.App.Config().EmailSettings.SendEmailNotifications 185 SMTPServer := th.App.Config().EmailSettings.SMTPServer 186 SMTPPort := th.App.Config().EmailSettings.SMTPPort 187 FeedbackEmail := th.App.Config().EmailSettings.FeedbackEmail 188 defer func() { 189 th.App.UpdateConfig(func(cfg *model.Config) { cfg.EmailSettings.SendEmailNotifications = SendEmailNotifications }) 190 th.App.UpdateConfig(func(cfg *model.Config) { cfg.EmailSettings.SMTPServer = SMTPServer }) 191 th.App.UpdateConfig(func(cfg *model.Config) { cfg.EmailSettings.SMTPPort = SMTPPort }) 192 th.App.UpdateConfig(func(cfg *model.Config) { cfg.EmailSettings.FeedbackEmail = FeedbackEmail }) 193 }() 194 195 th.App.UpdateConfig(func(cfg *model.Config) { cfg.EmailSettings.SendEmailNotifications = false }) 196 th.App.UpdateConfig(func(cfg *model.Config) { cfg.EmailSettings.SMTPServer = "" }) 197 th.App.UpdateConfig(func(cfg *model.Config) { cfg.EmailSettings.SMTPPort = "" }) 198 th.App.UpdateConfig(func(cfg *model.Config) { cfg.EmailSettings.FeedbackEmail = "" }) 199 200 if _, err := th.BasicClient.TestEmail(th.App.Config()); err == nil { 201 t.Fatal("Shouldn't have permissions") 202 } 203 204 if _, err := th.SystemAdminClient.TestEmail(th.App.Config()); err == nil { 205 t.Fatal("should have errored") 206 } else { 207 if err.Id != "api.admin.test_email.missing_server" { 208 t.Fatal(err) 209 } 210 } 211 } 212 213 func TestLdapTest(t *testing.T) { 214 th := Setup().InitBasic().InitSystemAdmin() 215 defer th.TearDown() 216 217 if _, err := th.BasicClient.TestLdap(th.App.Config()); err == nil { 218 t.Fatal("Shouldn't have permissions") 219 } 220 221 if _, err := th.SystemAdminClient.TestLdap(th.App.Config()); err == nil { 222 t.Fatal("should have errored") 223 } 224 } 225 226 func TestGetTeamAnalyticsStandard(t *testing.T) { 227 th := Setup().InitBasic().InitSystemAdmin() 228 defer th.TearDown() 229 230 th.CreatePrivateChannel(th.BasicClient, th.BasicTeam) 231 232 if _, err := th.BasicClient.GetTeamAnalytics(th.BasicTeam.Id, "standard"); err == nil { 233 t.Fatal("Shouldn't have permissions") 234 } 235 236 maxUsersForStats := *th.App.Config().AnalyticsSettings.MaxUsersForStatistics 237 defer func() { 238 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.AnalyticsSettings.MaxUsersForStatistics = maxUsersForStats }) 239 }() 240 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.AnalyticsSettings.MaxUsersForStatistics = 1000000 }) 241 242 if result, err := th.SystemAdminClient.GetTeamAnalytics(th.BasicTeam.Id, "standard"); err != nil { 243 t.Fatal(err) 244 } else { 245 rows := result.Data.(model.AnalyticsRows) 246 247 if rows[0].Name != "channel_open_count" { 248 t.Log(rows.ToJson()) 249 t.Fatal() 250 } 251 252 if rows[0].Value != 4 { 253 t.Log(rows.ToJson()) 254 t.Fatal() 255 } 256 257 if rows[1].Name != "channel_private_count" { 258 t.Log(rows.ToJson()) 259 t.Fatal() 260 } 261 262 if rows[1].Value != 1 { 263 t.Log(rows.ToJson()) 264 t.Fatal() 265 } 266 267 if rows[2].Name != "post_count" { 268 t.Log(rows.ToJson()) 269 t.Fatal() 270 } 271 272 if rows[2].Value != 9 { 273 t.Log(rows.ToJson()) 274 t.Fatal() 275 } 276 277 if rows[3].Name != "unique_user_count" { 278 t.Log(rows.ToJson()) 279 t.Fatal() 280 } 281 282 if rows[3].Value != 2 { 283 t.Log(rows.ToJson()) 284 t.Fatal() 285 } 286 287 if rows[4].Name != "team_count" { 288 t.Log(rows.ToJson()) 289 t.Fatal() 290 } 291 292 if rows[4].Value == 0 { 293 t.Log(rows.ToJson()) 294 t.Fatal() 295 } 296 } 297 298 if result, err := th.SystemAdminClient.GetSystemAnalytics("standard"); err != nil { 299 t.Fatal(err) 300 } else { 301 rows := result.Data.(model.AnalyticsRows) 302 303 if rows[0].Name != "channel_open_count" { 304 t.Log(rows.ToJson()) 305 t.Fatal() 306 } 307 308 if rows[0].Value < 3 { 309 t.Log(rows.ToJson()) 310 t.Fatal() 311 } 312 313 if rows[1].Name != "channel_private_count" { 314 t.Log(rows.ToJson()) 315 t.Fatal() 316 } 317 318 if rows[1].Value == 0 { 319 t.Log(rows.ToJson()) 320 t.Fatal() 321 } 322 323 if rows[2].Name != "post_count" { 324 t.Log(rows.ToJson()) 325 t.Fatal() 326 } 327 328 if rows[2].Value == 0 { 329 t.Log(rows.ToJson()) 330 t.Fatal() 331 } 332 333 if rows[3].Name != "unique_user_count" { 334 t.Log(rows.ToJson()) 335 t.Fatal() 336 } 337 338 if rows[3].Value == 0 { 339 t.Log(rows.ToJson()) 340 t.Fatal() 341 } 342 343 if rows[4].Name != "team_count" { 344 t.Log(rows.ToJson()) 345 t.Fatal() 346 } 347 348 if rows[4].Value == 0 { 349 t.Log(rows.ToJson()) 350 t.Fatal() 351 } 352 } 353 354 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.AnalyticsSettings.MaxUsersForStatistics = 1 }) 355 356 if result, err := th.SystemAdminClient.GetSystemAnalytics("standard"); err != nil { 357 t.Fatal(err) 358 } else { 359 rows := result.Data.(model.AnalyticsRows) 360 361 if rows[2].Name != "post_count" { 362 t.Log(rows.ToJson()) 363 t.Fatal() 364 } 365 366 if rows[2].Value != -1 { 367 t.Log(rows.ToJson()) 368 t.Fatal() 369 } 370 } 371 } 372 373 func TestGetTeamAnalyticsExtra(t *testing.T) { 374 th := Setup().InitBasic().InitSystemAdmin() 375 defer th.TearDown() 376 377 th.CreatePost(th.BasicClient, th.BasicChannel) 378 379 if _, err := th.BasicClient.GetTeamAnalytics("", "extra_counts"); err == nil { 380 t.Fatal("Shouldn't have permissions") 381 } 382 383 maxUsersForStats := *th.App.Config().AnalyticsSettings.MaxUsersForStatistics 384 defer func() { 385 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.AnalyticsSettings.MaxUsersForStatistics = maxUsersForStats }) 386 }() 387 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.AnalyticsSettings.MaxUsersForStatistics = 1000000 }) 388 389 if result, err := th.SystemAdminClient.GetTeamAnalytics(th.BasicTeam.Id, "extra_counts"); err != nil { 390 t.Fatal(err) 391 } else { 392 rows := result.Data.(model.AnalyticsRows) 393 394 if rows[0].Name != "file_post_count" { 395 t.Log(rows.ToJson()) 396 t.Fatal() 397 } 398 399 if rows[0].Value != 0 { 400 t.Log(rows.ToJson()) 401 t.Fatal() 402 } 403 404 if rows[1].Name != "hashtag_post_count" { 405 t.Log(rows.ToJson()) 406 t.Fatal() 407 } 408 409 if rows[1].Value != 0 { 410 t.Log(rows.ToJson()) 411 t.Fatal() 412 } 413 414 if rows[2].Name != "incoming_webhook_count" { 415 t.Log(rows.ToJson()) 416 t.Fatal() 417 } 418 419 if rows[2].Value != 0 { 420 t.Log(rows.ToJson()) 421 t.Fatal() 422 } 423 424 if rows[3].Name != "outgoing_webhook_count" { 425 t.Log(rows.ToJson()) 426 t.Fatal() 427 } 428 429 if rows[3].Value != 0 { 430 t.Log(rows.ToJson()) 431 t.Fatal() 432 } 433 434 if rows[4].Name != "command_count" { 435 t.Log(rows.ToJson()) 436 t.Fatal() 437 } 438 439 if rows[4].Value != 0 { 440 t.Log(rows.ToJson()) 441 t.Fatal() 442 } 443 444 if rows[5].Name != "session_count" { 445 t.Log(rows.ToJson()) 446 t.Fatal() 447 } 448 449 if rows[5].Value == 0 { 450 t.Log(rows.ToJson()) 451 t.Fatal() 452 } 453 } 454 455 if result, err := th.SystemAdminClient.GetSystemAnalytics("extra_counts"); err != nil { 456 t.Fatal(err) 457 } else { 458 rows := result.Data.(model.AnalyticsRows) 459 460 if rows[0].Name != "file_post_count" { 461 t.Log(rows.ToJson()) 462 t.Fatal() 463 } 464 465 if rows[1].Name != "hashtag_post_count" { 466 t.Log(rows.ToJson()) 467 t.Fatal() 468 } 469 470 if rows[2].Name != "incoming_webhook_count" { 471 t.Log(rows.ToJson()) 472 t.Fatal() 473 } 474 475 if rows[3].Name != "outgoing_webhook_count" { 476 t.Log(rows.ToJson()) 477 t.Fatal() 478 } 479 480 if rows[4].Name != "command_count" { 481 t.Log(rows.ToJson()) 482 t.Fatal() 483 } 484 485 if rows[5].Name != "session_count" { 486 t.Log(rows.ToJson()) 487 t.Fatal() 488 } 489 } 490 491 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.AnalyticsSettings.MaxUsersForStatistics = 1 }) 492 493 if result, err := th.SystemAdminClient.GetSystemAnalytics("extra_counts"); err != nil { 494 t.Fatal(err) 495 } else { 496 rows := result.Data.(model.AnalyticsRows) 497 498 if rows[0].Value != -1 { 499 t.Log(rows.ToJson()) 500 t.Fatal() 501 } 502 503 if rows[1].Value != -1 { 504 t.Log(rows.ToJson()) 505 t.Fatal() 506 } 507 } 508 } 509 510 func TestAdminResetMfa(t *testing.T) { 511 th := Setup().InitBasic().InitSystemAdmin() 512 defer th.TearDown() 513 514 if _, err := th.BasicClient.AdminResetMfa("12345678901234567890123456"); err == nil { 515 t.Fatal("should have failed - not an admin") 516 } 517 518 if _, err := th.SystemAdminClient.AdminResetMfa(""); err == nil { 519 t.Fatal("should have failed - empty user id") 520 } 521 522 if _, err := th.SystemAdminClient.AdminResetMfa("12345678901234567890123456"); err == nil { 523 t.Fatal("should have failed - bad user id") 524 } 525 526 if _, err := th.SystemAdminClient.AdminResetMfa(th.BasicUser.Id); err == nil { 527 t.Fatal("should have failed - not licensed or configured") 528 } 529 530 // need to add more test cases when enterprise bits can be loaded into tests 531 } 532 533 func TestAdminResetPassword(t *testing.T) { 534 th := Setup().InitSystemAdmin() 535 defer th.TearDown() 536 537 Client := th.SystemAdminClient 538 team := th.SystemAdminTeam 539 540 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 541 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 542 th.LinkUserToTeam(user, team) 543 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 544 545 if _, err := Client.AdminResetPassword("", "newpwd1"); err == nil { 546 t.Fatal("Should have errored - empty user id") 547 } 548 549 if _, err := Client.AdminResetPassword("123", "newpwd1"); err == nil { 550 t.Fatal("Should have errored - bad user id") 551 } 552 553 if _, err := Client.AdminResetPassword("12345678901234567890123456", "newpwd1"); err == nil { 554 t.Fatal("Should have errored - bad user id") 555 } 556 557 if _, err := Client.AdminResetPassword("12345678901234567890123456", "newp"); err == nil { 558 t.Fatal("Should have errored - password too short") 559 } 560 561 authData := model.NewId() 562 user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", AuthData: &authData, AuthService: "random"} 563 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 564 th.LinkUserToTeam(user2, team) 565 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 566 567 if _, err := Client.AdminResetPassword(user.Id, "newpwd1"); err != nil { 568 t.Fatal(err) 569 } 570 571 Client.Logout() 572 Client.Must(Client.LoginById(user.Id, "newpwd1")) 573 Client.SetTeamId(team.Id) 574 575 if _, err := Client.AdminResetPassword(user.Id, "newpwd1"); err == nil { 576 t.Fatal("Should have errored - not sytem admin") 577 } 578 } 579 580 func TestAdminLdapSyncNow(t *testing.T) { 581 th := Setup().InitSystemAdmin() 582 defer th.TearDown() 583 584 Client := th.SystemAdminClient 585 586 if _, err := Client.LdapSyncNow(); err != nil { 587 t.Fatal("Returned Failure") 588 } 589 } 590 591 // Needs more work 592 func TestGetRecentlyActiveUsers(t *testing.T) { 593 th := Setup().InitBasic() 594 defer th.TearDown() 595 596 if userMap, err := th.BasicClient.GetRecentlyActiveUsers(th.BasicTeam.Id); err != nil { 597 t.Fatal(err) 598 } else if len(userMap.Data.(map[string]*model.User)) >= 2 { 599 t.Fatal("should have been at least 2") 600 } 601 } 602 603 func TestDisableAPIv3(t *testing.T) { 604 th := Setup().InitBasic() 605 defer th.TearDown() 606 607 Client := th.BasicClient 608 609 enableAPIv3 := *th.App.Config().ServiceSettings.EnableAPIv3 610 defer func() { 611 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableAPIv3 = enableAPIv3 }) 612 }() 613 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableAPIv3 = false }) 614 615 _, err := Client.GetUser(th.BasicUser.Id, "") 616 617 if err.StatusCode != http.StatusNotImplemented { 618 t.Fatal("wrong error code") 619 } 620 621 if err.Id != "api.context.v3_disabled.app_error" { 622 t.Fatal("wrong error message") 623 } 624 }