github.com/coincircle/mattermost-server@v4.8.1-0.20180321182714-9d701c704416+incompatible/api4/team_test.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "encoding/binary" 8 "fmt" 9 "net/http" 10 "strconv" 11 "strings" 12 "testing" 13 14 "encoding/base64" 15 16 "github.com/mattermost/mattermost-server/model" 17 "github.com/mattermost/mattermost-server/utils" 18 "github.com/stretchr/testify/assert" 19 "github.com/stretchr/testify/require" 20 ) 21 22 func TestCreateTeam(t *testing.T) { 23 th := Setup().InitBasic() 24 defer th.TearDown() 25 Client := th.Client 26 27 team := &model.Team{Name: GenerateTestUsername(), DisplayName: "Some Team", Type: model.TEAM_OPEN} 28 rteam, resp := Client.CreateTeam(team) 29 CheckNoError(t, resp) 30 CheckCreatedStatus(t, resp) 31 32 if rteam.Name != team.Name { 33 t.Fatal("names did not match") 34 } 35 36 if rteam.DisplayName != team.DisplayName { 37 t.Fatal("display names did not match") 38 } 39 40 if rteam.Type != team.Type { 41 t.Fatal("types did not match") 42 } 43 44 _, resp = Client.CreateTeam(rteam) 45 CheckBadRequestStatus(t, resp) 46 47 rteam.Id = "" 48 _, resp = Client.CreateTeam(rteam) 49 CheckErrorMessage(t, resp, "store.sql_team.save.domain_exists.app_error") 50 CheckBadRequestStatus(t, resp) 51 52 rteam.Name = "" 53 _, resp = Client.CreateTeam(rteam) 54 CheckErrorMessage(t, resp, "model.team.is_valid.characters.app_error") 55 CheckBadRequestStatus(t, resp) 56 57 if r, err := Client.DoApiPost("/teams", "garbage"); err == nil { 58 t.Fatal("should have errored") 59 } else { 60 if r.StatusCode != http.StatusBadRequest { 61 t.Log("actual: " + strconv.Itoa(r.StatusCode)) 62 t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) 63 t.Fatal("wrong status code") 64 } 65 } 66 67 Client.Logout() 68 69 _, resp = Client.CreateTeam(rteam) 70 CheckUnauthorizedStatus(t, resp) 71 72 // Update permission 73 th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableTeamCreation = false }) 74 75 th.LoginBasic() 76 _, resp = Client.CreateTeam(team) 77 CheckForbiddenStatus(t, resp) 78 } 79 80 func TestCreateTeamSanitization(t *testing.T) { 81 th := Setup().InitBasic().InitSystemAdmin() 82 defer th.TearDown() 83 84 // Non-admin users can create a team, but they become a team admin by doing so 85 86 t.Run("team admin", func(t *testing.T) { 87 team := &model.Team{ 88 DisplayName: t.Name() + "_1", 89 Name: GenerateTestTeamName(), 90 Email: th.GenerateTestEmail(), 91 Type: model.TEAM_OPEN, 92 AllowedDomains: "simulator.amazonses.com", 93 } 94 95 rteam, resp := th.Client.CreateTeam(team) 96 CheckNoError(t, resp) 97 if rteam.Email == "" { 98 t.Fatal("should not have sanitized email") 99 } else if rteam.AllowedDomains == "" { 100 t.Fatal("should not have sanitized allowed domains") 101 } 102 }) 103 104 t.Run("system admin", func(t *testing.T) { 105 team := &model.Team{ 106 DisplayName: t.Name() + "_2", 107 Name: GenerateTestTeamName(), 108 Email: th.GenerateTestEmail(), 109 Type: model.TEAM_OPEN, 110 AllowedDomains: "simulator.amazonses.com", 111 } 112 113 rteam, resp := th.SystemAdminClient.CreateTeam(team) 114 CheckNoError(t, resp) 115 if rteam.Email == "" { 116 t.Fatal("should not have sanitized email") 117 } else if rteam.AllowedDomains == "" { 118 t.Fatal("should not have sanitized allowed domains") 119 } 120 }) 121 } 122 123 func TestGetTeam(t *testing.T) { 124 th := Setup().InitBasic().InitSystemAdmin() 125 defer th.TearDown() 126 Client := th.Client 127 team := th.BasicTeam 128 129 rteam, resp := Client.GetTeam(team.Id, "") 130 CheckNoError(t, resp) 131 132 if rteam.Id != team.Id { 133 t.Fatal("wrong team") 134 } 135 136 _, resp = Client.GetTeam("junk", "") 137 CheckBadRequestStatus(t, resp) 138 139 _, resp = Client.GetTeam("", "") 140 CheckNotFoundStatus(t, resp) 141 142 _, resp = Client.GetTeam(model.NewId(), "") 143 CheckNotFoundStatus(t, resp) 144 145 th.LoginTeamAdmin() 146 147 team2 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN, AllowOpenInvite: false} 148 rteam2, _ := Client.CreateTeam(team2) 149 150 team3 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_INVITE, AllowOpenInvite: true} 151 rteam3, _ := Client.CreateTeam(team3) 152 153 th.LoginBasic() 154 // AllowInviteOpen is false and team is open, and user is not on team 155 _, resp = Client.GetTeam(rteam2.Id, "") 156 CheckForbiddenStatus(t, resp) 157 158 // AllowInviteOpen is true and team is invite, and user is not on team 159 _, resp = Client.GetTeam(rteam3.Id, "") 160 CheckForbiddenStatus(t, resp) 161 162 Client.Logout() 163 _, resp = Client.GetTeam(team.Id, "") 164 CheckUnauthorizedStatus(t, resp) 165 166 _, resp = th.SystemAdminClient.GetTeam(rteam2.Id, "") 167 CheckNoError(t, resp) 168 } 169 170 func TestGetTeamSanitization(t *testing.T) { 171 th := Setup().InitBasic().InitSystemAdmin() 172 defer th.TearDown() 173 174 team, resp := th.Client.CreateTeam(&model.Team{ 175 DisplayName: t.Name() + "_1", 176 Name: GenerateTestTeamName(), 177 Email: th.GenerateTestEmail(), 178 Type: model.TEAM_OPEN, 179 AllowedDomains: "simulator.amazonses.com", 180 }) 181 CheckNoError(t, resp) 182 183 t.Run("team user", func(t *testing.T) { 184 th.LinkUserToTeam(th.BasicUser2, team) 185 186 client := th.CreateClient() 187 th.LoginBasic2WithClient(client) 188 189 rteam, resp := client.GetTeam(team.Id, "") 190 CheckNoError(t, resp) 191 if rteam.Email != "" { 192 t.Fatal("should've sanitized email") 193 } else if rteam.AllowedDomains != "" { 194 t.Fatal("should've sanitized allowed domains") 195 } 196 }) 197 198 t.Run("team admin", func(t *testing.T) { 199 rteam, resp := th.Client.GetTeam(team.Id, "") 200 CheckNoError(t, resp) 201 if rteam.Email == "" { 202 t.Fatal("should not have sanitized email") 203 } else if rteam.AllowedDomains == "" { 204 t.Fatal("should not have sanitized allowed domains") 205 } 206 }) 207 208 t.Run("system admin", func(t *testing.T) { 209 rteam, resp := th.SystemAdminClient.GetTeam(team.Id, "") 210 CheckNoError(t, resp) 211 if rteam.Email == "" { 212 t.Fatal("should not have sanitized email") 213 } else if rteam.AllowedDomains == "" { 214 t.Fatal("should not have sanitized allowed domains") 215 } 216 }) 217 } 218 219 func TestGetTeamUnread(t *testing.T) { 220 th := Setup().InitBasic().InitSystemAdmin() 221 defer th.TearDown() 222 Client := th.Client 223 224 teamUnread, resp := Client.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) 225 CheckNoError(t, resp) 226 if teamUnread.TeamId != th.BasicTeam.Id { 227 t.Fatal("wrong team id returned for regular user call") 228 } 229 230 _, resp = Client.GetTeamUnread("junk", th.BasicUser.Id) 231 CheckBadRequestStatus(t, resp) 232 233 _, resp = Client.GetTeamUnread(th.BasicTeam.Id, "junk") 234 CheckBadRequestStatus(t, resp) 235 236 _, resp = Client.GetTeamUnread(model.NewId(), th.BasicUser.Id) 237 CheckForbiddenStatus(t, resp) 238 239 _, resp = Client.GetTeamUnread(th.BasicTeam.Id, model.NewId()) 240 CheckForbiddenStatus(t, resp) 241 242 Client.Logout() 243 _, resp = Client.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) 244 CheckUnauthorizedStatus(t, resp) 245 246 teamUnread, resp = th.SystemAdminClient.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) 247 CheckNoError(t, resp) 248 if teamUnread.TeamId != th.BasicTeam.Id { 249 t.Fatal("wrong team id returned") 250 } 251 } 252 253 func TestUpdateTeam(t *testing.T) { 254 th := Setup().InitBasic().InitSystemAdmin() 255 defer th.TearDown() 256 Client := th.Client 257 258 team := &model.Team{DisplayName: "Name", Description: "Some description", AllowOpenInvite: false, InviteId: "inviteid0", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN} 259 team, _ = Client.CreateTeam(team) 260 261 team.Description = "updated description" 262 uteam, resp := Client.UpdateTeam(team) 263 CheckNoError(t, resp) 264 265 if uteam.Description != "updated description" { 266 t.Fatal("Update failed") 267 } 268 269 team.DisplayName = "Updated Name" 270 uteam, resp = Client.UpdateTeam(team) 271 CheckNoError(t, resp) 272 273 if uteam.DisplayName != "Updated Name" { 274 t.Fatal("Update failed") 275 } 276 277 team.AllowOpenInvite = true 278 uteam, resp = Client.UpdateTeam(team) 279 CheckNoError(t, resp) 280 281 if !uteam.AllowOpenInvite { 282 t.Fatal("Update failed") 283 } 284 285 team.InviteId = "inviteid1" 286 uteam, resp = Client.UpdateTeam(team) 287 CheckNoError(t, resp) 288 289 if uteam.InviteId != "inviteid1" { 290 t.Fatal("Update failed") 291 } 292 293 team.AllowedDomains = "domain" 294 uteam, resp = Client.UpdateTeam(team) 295 CheckNoError(t, resp) 296 297 if uteam.AllowedDomains != "domain" { 298 t.Fatal("Update failed") 299 } 300 301 team.Name = "Updated name" 302 uteam, resp = Client.UpdateTeam(team) 303 CheckNoError(t, resp) 304 305 if uteam.Name == "Updated name" { 306 t.Fatal("Should not update name") 307 } 308 309 team.Email = "test@domain.com" 310 uteam, resp = Client.UpdateTeam(team) 311 CheckNoError(t, resp) 312 313 if uteam.Email == "test@domain.com" { 314 t.Fatal("Should not update email") 315 } 316 317 team.Type = model.TEAM_INVITE 318 uteam, resp = Client.UpdateTeam(team) 319 CheckNoError(t, resp) 320 321 if uteam.Type == model.TEAM_INVITE { 322 t.Fatal("Should not update type") 323 } 324 325 originalTeamId := team.Id 326 team.Id = model.NewId() 327 328 if r, err := Client.DoApiPut(Client.GetTeamRoute(originalTeamId), team.ToJson()); err != nil { 329 t.Fatal(err) 330 } else { 331 uteam = model.TeamFromJson(r.Body) 332 } 333 334 if uteam.Id != originalTeamId { 335 t.Fatal("wrong team id") 336 } 337 338 team.Id = "fake" 339 _, resp = Client.UpdateTeam(team) 340 CheckBadRequestStatus(t, resp) 341 342 Client.Logout() 343 _, resp = Client.UpdateTeam(team) 344 CheckUnauthorizedStatus(t, resp) 345 346 team.Id = originalTeamId 347 _, resp = th.SystemAdminClient.UpdateTeam(team) 348 CheckNoError(t, resp) 349 } 350 351 func TestUpdateTeamSanitization(t *testing.T) { 352 th := Setup().InitBasic().InitSystemAdmin() 353 defer th.TearDown() 354 355 team, resp := th.Client.CreateTeam(&model.Team{ 356 DisplayName: t.Name() + "_1", 357 Name: GenerateTestTeamName(), 358 Email: th.GenerateTestEmail(), 359 Type: model.TEAM_OPEN, 360 AllowedDomains: "simulator.amazonses.com", 361 }) 362 CheckNoError(t, resp) 363 364 // Non-admin users cannot update the team 365 366 t.Run("team admin", func(t *testing.T) { 367 rteam, resp := th.Client.UpdateTeam(team) 368 CheckNoError(t, resp) 369 if rteam.Email == "" { 370 t.Fatal("should not have sanitized email for admin") 371 } else if rteam.AllowedDomains == "" { 372 t.Fatal("should not have sanitized allowed domains") 373 } 374 }) 375 376 t.Run("system admin", func(t *testing.T) { 377 rteam, resp := th.SystemAdminClient.UpdateTeam(team) 378 CheckNoError(t, resp) 379 if rteam.Email == "" { 380 t.Fatal("should not have sanitized email for admin") 381 } else if rteam.AllowedDomains == "" { 382 t.Fatal("should not have sanitized allowed domains") 383 } 384 }) 385 } 386 387 func TestPatchTeam(t *testing.T) { 388 th := Setup().InitBasic().InitSystemAdmin() 389 defer th.TearDown() 390 Client := th.Client 391 392 team := &model.Team{DisplayName: "Name", Description: "Some description", CompanyName: "Some company name", AllowOpenInvite: false, InviteId: "inviteid0", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN} 393 team, _ = Client.CreateTeam(team) 394 395 patch := &model.TeamPatch{} 396 397 patch.DisplayName = model.NewString("Other name") 398 patch.Description = model.NewString("Other description") 399 patch.CompanyName = model.NewString("Other company name") 400 patch.InviteId = model.NewString("inviteid1") 401 patch.AllowOpenInvite = model.NewBool(true) 402 403 rteam, resp := Client.PatchTeam(team.Id, patch) 404 CheckNoError(t, resp) 405 406 if rteam.DisplayName != "Other name" { 407 t.Fatal("DisplayName did not update properly") 408 } 409 if rteam.Description != "Other description" { 410 t.Fatal("Description did not update properly") 411 } 412 if rteam.CompanyName != "Other company name" { 413 t.Fatal("CompanyName did not update properly") 414 } 415 if rteam.InviteId != "inviteid1" { 416 t.Fatal("InviteId did not update properly") 417 } 418 if !rteam.AllowOpenInvite { 419 t.Fatal("AllowOpenInvite did not update properly") 420 } 421 422 _, resp = Client.PatchTeam("junk", patch) 423 CheckBadRequestStatus(t, resp) 424 425 _, resp = Client.PatchTeam(GenerateTestId(), patch) 426 CheckForbiddenStatus(t, resp) 427 428 if r, err := Client.DoApiPut("/teams/"+team.Id+"/patch", "garbage"); err == nil { 429 t.Fatal("should have errored") 430 } else { 431 if r.StatusCode != http.StatusBadRequest { 432 t.Log("actual: " + strconv.Itoa(r.StatusCode)) 433 t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) 434 t.Fatal("wrong status code") 435 } 436 } 437 438 Client.Logout() 439 _, resp = Client.PatchTeam(team.Id, patch) 440 CheckUnauthorizedStatus(t, resp) 441 442 th.LoginBasic2() 443 _, resp = Client.PatchTeam(team.Id, patch) 444 CheckForbiddenStatus(t, resp) 445 446 _, resp = th.SystemAdminClient.PatchTeam(team.Id, patch) 447 CheckNoError(t, resp) 448 } 449 450 func TestPatchTeamSanitization(t *testing.T) { 451 th := Setup().InitBasic().InitSystemAdmin() 452 defer th.TearDown() 453 454 team, resp := th.Client.CreateTeam(&model.Team{ 455 DisplayName: t.Name() + "_1", 456 Name: GenerateTestTeamName(), 457 Email: th.GenerateTestEmail(), 458 Type: model.TEAM_OPEN, 459 AllowedDomains: "simulator.amazonses.com", 460 }) 461 CheckNoError(t, resp) 462 463 // Non-admin users cannot update the team 464 465 t.Run("team admin", func(t *testing.T) { 466 rteam, resp := th.Client.PatchTeam(team.Id, &model.TeamPatch{}) 467 CheckNoError(t, resp) 468 if rteam.Email == "" { 469 t.Fatal("should not have sanitized email for admin") 470 } else if rteam.AllowedDomains == "" { 471 t.Fatal("should not have sanitized allowed domains") 472 } 473 }) 474 475 t.Run("system admin", func(t *testing.T) { 476 rteam, resp := th.SystemAdminClient.PatchTeam(team.Id, &model.TeamPatch{}) 477 CheckNoError(t, resp) 478 if rteam.Email == "" { 479 t.Fatal("should not have sanitized email for admin") 480 } else if rteam.AllowedDomains == "" { 481 t.Fatal("should not have sanitized allowed domains") 482 } 483 }) 484 } 485 486 func TestSoftDeleteTeam(t *testing.T) { 487 th := Setup().InitBasic().InitSystemAdmin() 488 defer th.TearDown() 489 Client := th.Client 490 491 team := &model.Team{DisplayName: "DisplayName", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN} 492 team, _ = Client.CreateTeam(team) 493 494 ok, resp := Client.SoftDeleteTeam(team.Id) 495 CheckNoError(t, resp) 496 497 if !ok { 498 t.Fatal("should have returned true") 499 } 500 501 rteam, err := th.App.GetTeam(team.Id) 502 if err != nil { 503 t.Fatal("should have returned archived team") 504 } 505 if rteam.DeleteAt == 0 { 506 t.Fatal("should have not set to zero") 507 } 508 509 ok, resp = Client.SoftDeleteTeam("junk") 510 CheckBadRequestStatus(t, resp) 511 512 if ok { 513 t.Fatal("should have returned false") 514 } 515 516 otherTeam := th.BasicTeam 517 _, resp = Client.SoftDeleteTeam(otherTeam.Id) 518 CheckForbiddenStatus(t, resp) 519 520 Client.Logout() 521 _, resp = Client.SoftDeleteTeam(otherTeam.Id) 522 CheckUnauthorizedStatus(t, resp) 523 524 _, resp = th.SystemAdminClient.SoftDeleteTeam(otherTeam.Id) 525 CheckNoError(t, resp) 526 } 527 528 func TestPermanentDeleteTeam(t *testing.T) { 529 th := Setup().InitBasic().InitSystemAdmin() 530 defer th.TearDown() 531 Client := th.Client 532 533 team := &model.Team{DisplayName: "DisplayName", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN} 534 team, _ = Client.CreateTeam(team) 535 536 ok, resp := Client.PermanentDeleteTeam(team.Id) 537 CheckNoError(t, resp) 538 539 if !ok { 540 t.Fatal("should have returned true") 541 } 542 543 // The team is deleted in the background, its only soft deleted at this 544 // time 545 rteam, err := th.App.GetTeam(team.Id) 546 if err != nil { 547 t.Fatal("should have returned archived team") 548 } 549 if rteam.DeleteAt == 0 { 550 t.Fatal("should have not set to zero") 551 } 552 553 ok, resp = Client.PermanentDeleteTeam("junk") 554 CheckBadRequestStatus(t, resp) 555 556 if ok { 557 t.Fatal("should have returned false") 558 } 559 } 560 561 func TestGetAllTeams(t *testing.T) { 562 th := Setup().InitBasic().InitSystemAdmin() 563 defer th.TearDown() 564 Client := th.Client 565 566 team := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN, AllowOpenInvite: true} 567 _, resp := Client.CreateTeam(team) 568 CheckNoError(t, resp) 569 570 team2 := &model.Team{DisplayName: "Name2", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN, AllowOpenInvite: true} 571 _, resp = Client.CreateTeam(team2) 572 CheckNoError(t, resp) 573 574 rrteams, resp := Client.GetAllTeams("", 0, 1) 575 CheckNoError(t, resp) 576 577 if len(rrteams) != 1 { 578 t.Log(len(rrteams)) 579 t.Fatal("wrong number of teams - should be 1") 580 } 581 582 for _, rt := range rrteams { 583 if !rt.AllowOpenInvite { 584 t.Fatal("not all teams are open") 585 } 586 } 587 588 rrteams, resp = Client.GetAllTeams("", 0, 10) 589 CheckNoError(t, resp) 590 591 for _, rt := range rrteams { 592 if !rt.AllowOpenInvite { 593 t.Fatal("not all teams are open") 594 } 595 } 596 597 rrteams1, resp := Client.GetAllTeams("", 1, 0) 598 CheckNoError(t, resp) 599 600 if len(rrteams1) != 0 { 601 t.Fatal("wrong number of teams - should be 0") 602 } 603 604 rrteams2, resp := th.SystemAdminClient.GetAllTeams("", 1, 1) 605 CheckNoError(t, resp) 606 607 if len(rrteams2) != 1 { 608 t.Fatal("wrong number of teams - should be 1") 609 } 610 611 rrteams2, resp = Client.GetAllTeams("", 1, 0) 612 CheckNoError(t, resp) 613 614 if len(rrteams2) != 0 { 615 t.Fatal("wrong number of teams - should be 0") 616 } 617 618 rrteams, resp = Client.GetAllTeams("", 0, 2) 619 CheckNoError(t, resp) 620 rrteams2, resp = Client.GetAllTeams("", 1, 2) 621 CheckNoError(t, resp) 622 623 for _, t1 := range rrteams { 624 for _, t2 := range rrteams2 { 625 assert.NotEqual(t, t1.Id, t2.Id, "different pages should not have the same teams") 626 } 627 } 628 629 Client.Logout() 630 _, resp = Client.GetAllTeams("", 1, 10) 631 CheckUnauthorizedStatus(t, resp) 632 } 633 634 func TestGetAllTeamsSanitization(t *testing.T) { 635 th := Setup().InitBasic().InitSystemAdmin() 636 defer th.TearDown() 637 638 team, resp := th.Client.CreateTeam(&model.Team{ 639 DisplayName: t.Name() + "_1", 640 Name: GenerateTestTeamName(), 641 Email: th.GenerateTestEmail(), 642 Type: model.TEAM_OPEN, 643 AllowedDomains: "simulator.amazonses.com", 644 AllowOpenInvite: true, 645 }) 646 CheckNoError(t, resp) 647 team2, resp := th.SystemAdminClient.CreateTeam(&model.Team{ 648 DisplayName: t.Name() + "_2", 649 Name: GenerateTestTeamName(), 650 Email: th.GenerateTestEmail(), 651 Type: model.TEAM_OPEN, 652 AllowedDomains: "simulator.amazonses.com", 653 AllowOpenInvite: true, 654 }) 655 CheckNoError(t, resp) 656 657 // This may not work if the server has over 1000 open teams on it 658 659 t.Run("team admin/non-admin", func(t *testing.T) { 660 teamFound := false 661 team2Found := false 662 663 rteams, resp := th.Client.GetAllTeams("", 0, 1000) 664 CheckNoError(t, resp) 665 for _, rteam := range rteams { 666 if rteam.Id == team.Id { 667 teamFound = true 668 if rteam.Email == "" { 669 t.Fatal("should not have sanitized email for team admin") 670 } else if rteam.AllowedDomains == "" { 671 t.Fatal("should not have sanitized allowed domains for team admin") 672 } 673 } else if rteam.Id == team2.Id { 674 team2Found = true 675 if rteam.Email != "" { 676 t.Fatal("should've sanitized email for non-admin") 677 } else if rteam.AllowedDomains != "" { 678 t.Fatal("should've sanitized allowed domains for non-admin") 679 } 680 } 681 } 682 683 if !teamFound || !team2Found { 684 t.Fatal("wasn't returned the expected teams so the test wasn't run correctly") 685 } 686 }) 687 688 t.Run("system admin", func(t *testing.T) { 689 rteams, resp := th.SystemAdminClient.GetAllTeams("", 0, 1000) 690 CheckNoError(t, resp) 691 for _, rteam := range rteams { 692 if rteam.Id != team.Id && rteam.Id != team2.Id { 693 continue 694 } 695 696 if rteam.Email == "" { 697 t.Fatal("should not have sanitized email") 698 } else if rteam.AllowedDomains == "" { 699 t.Fatal("should not have sanitized allowed domains") 700 } 701 } 702 }) 703 } 704 705 func TestGetTeamByName(t *testing.T) { 706 th := Setup().InitBasic().InitSystemAdmin() 707 defer th.TearDown() 708 Client := th.Client 709 team := th.BasicTeam 710 711 rteam, resp := Client.GetTeamByName(team.Name, "") 712 CheckNoError(t, resp) 713 714 if rteam.Name != team.Name { 715 t.Fatal("wrong team") 716 } 717 718 _, resp = Client.GetTeamByName("junk", "") 719 CheckNotFoundStatus(t, resp) 720 721 _, resp = Client.GetTeamByName("", "") 722 CheckNotFoundStatus(t, resp) 723 724 _, resp = th.SystemAdminClient.GetTeamByName(strings.ToUpper(team.Name), "") 725 CheckNoError(t, resp) 726 727 Client.Logout() 728 _, resp = Client.GetTeamByName(team.Name, "") 729 CheckUnauthorizedStatus(t, resp) 730 731 _, resp = th.SystemAdminClient.GetTeamByName(team.Name, "") 732 CheckNoError(t, resp) 733 734 th.LoginTeamAdmin() 735 736 team2 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN, AllowOpenInvite: false} 737 rteam2, _ := Client.CreateTeam(team2) 738 739 team3 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_INVITE, AllowOpenInvite: true} 740 rteam3, _ := Client.CreateTeam(team3) 741 742 th.LoginBasic() 743 // AllowInviteOpen is false and team is open, and user is not on team 744 _, resp = Client.GetTeamByName(rteam2.Name, "") 745 CheckForbiddenStatus(t, resp) 746 747 // AllowInviteOpen is true and team is invite only, and user is not on team 748 _, resp = Client.GetTeamByName(rteam3.Name, "") 749 CheckForbiddenStatus(t, resp) 750 } 751 752 func TestGetTeamByNameSanitization(t *testing.T) { 753 th := Setup().InitBasic().InitSystemAdmin() 754 defer th.TearDown() 755 756 team, resp := th.Client.CreateTeam(&model.Team{ 757 DisplayName: t.Name() + "_1", 758 Name: GenerateTestTeamName(), 759 Email: th.GenerateTestEmail(), 760 Type: model.TEAM_OPEN, 761 AllowedDomains: "simulator.amazonses.com", 762 }) 763 CheckNoError(t, resp) 764 765 t.Run("team user", func(t *testing.T) { 766 th.LinkUserToTeam(th.BasicUser2, team) 767 768 client := th.CreateClient() 769 th.LoginBasic2WithClient(client) 770 771 rteam, resp := client.GetTeamByName(team.Name, "") 772 CheckNoError(t, resp) 773 if rteam.Email != "" { 774 t.Fatal("should've sanitized email") 775 } else if rteam.AllowedDomains != "" { 776 t.Fatal("should've sanitized allowed domains") 777 } 778 }) 779 780 t.Run("team admin/non-admin", func(t *testing.T) { 781 rteam, resp := th.Client.GetTeamByName(team.Name, "") 782 CheckNoError(t, resp) 783 if rteam.Email == "" { 784 t.Fatal("should not have sanitized email") 785 } else if rteam.AllowedDomains == "" { 786 t.Fatal("should not have sanitized allowed domains") 787 } 788 }) 789 790 t.Run("system admin", func(t *testing.T) { 791 rteam, resp := th.SystemAdminClient.GetTeamByName(team.Name, "") 792 CheckNoError(t, resp) 793 if rteam.Email == "" { 794 t.Fatal("should not have sanitized email") 795 } else if rteam.AllowedDomains == "" { 796 t.Fatal("should not have sanitized allowed domains") 797 } 798 }) 799 } 800 801 func TestSearchAllTeams(t *testing.T) { 802 th := Setup().InitBasic().InitSystemAdmin() 803 defer th.TearDown() 804 Client := th.Client 805 oTeam := th.BasicTeam 806 oTeam.AllowOpenInvite = true 807 808 if updatedTeam, err := th.App.UpdateTeam(oTeam); err != nil { 809 t.Fatal(err) 810 } else { 811 oTeam.UpdateAt = updatedTeam.UpdateAt 812 } 813 814 pTeam := &model.Team{DisplayName: "PName", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_INVITE} 815 Client.CreateTeam(pTeam) 816 817 rteams, resp := Client.SearchTeams(&model.TeamSearch{Term: oTeam.Name}) 818 CheckNoError(t, resp) 819 820 if len(rteams) != 1 { 821 t.Fatal("should have returned 1 team") 822 } 823 824 if oTeam.Id != rteams[0].Id { 825 t.Fatal("invalid team") 826 } 827 828 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: oTeam.DisplayName}) 829 CheckNoError(t, resp) 830 831 if len(rteams) != 1 { 832 t.Fatal("should have returned 1 team") 833 } 834 835 if rteams[0].Id != oTeam.Id { 836 t.Fatal("invalid team") 837 } 838 839 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: pTeam.Name}) 840 CheckNoError(t, resp) 841 842 if len(rteams) != 0 { 843 t.Fatal("should have not returned team") 844 } 845 846 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: pTeam.DisplayName}) 847 CheckNoError(t, resp) 848 849 if len(rteams) != 0 { 850 t.Fatal("should have not returned team") 851 } 852 853 rteams, resp = th.SystemAdminClient.SearchTeams(&model.TeamSearch{Term: oTeam.Name}) 854 CheckNoError(t, resp) 855 856 if len(rteams) != 1 { 857 t.Fatal("should have returned 1 team") 858 } 859 860 rteams, resp = th.SystemAdminClient.SearchTeams(&model.TeamSearch{Term: pTeam.DisplayName}) 861 CheckNoError(t, resp) 862 863 if len(rteams) != 1 { 864 t.Fatal("should have returned 1 team") 865 } 866 867 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: "junk"}) 868 CheckNoError(t, resp) 869 870 if len(rteams) != 0 { 871 t.Fatal("should have not returned team") 872 } 873 874 Client.Logout() 875 876 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: pTeam.Name}) 877 CheckUnauthorizedStatus(t, resp) 878 879 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: pTeam.DisplayName}) 880 CheckUnauthorizedStatus(t, resp) 881 } 882 883 func TestSearchAllTeamsSanitization(t *testing.T) { 884 th := Setup().InitBasic().InitSystemAdmin() 885 defer th.TearDown() 886 887 team, resp := th.Client.CreateTeam(&model.Team{ 888 DisplayName: t.Name() + "_1", 889 Name: GenerateTestTeamName(), 890 Email: th.GenerateTestEmail(), 891 Type: model.TEAM_OPEN, 892 AllowedDomains: "simulator.amazonses.com", 893 }) 894 CheckNoError(t, resp) 895 team2, resp := th.Client.CreateTeam(&model.Team{ 896 DisplayName: t.Name() + "_2", 897 Name: GenerateTestTeamName(), 898 Email: th.GenerateTestEmail(), 899 Type: model.TEAM_OPEN, 900 AllowedDomains: "simulator.amazonses.com", 901 }) 902 CheckNoError(t, resp) 903 904 t.Run("non-team user", func(t *testing.T) { 905 client := th.CreateClient() 906 th.LoginBasic2WithClient(client) 907 908 rteams, resp := client.SearchTeams(&model.TeamSearch{Term: t.Name()}) 909 CheckNoError(t, resp) 910 for _, rteam := range rteams { 911 if rteam.Email != "" { 912 t.Fatal("should've sanitized email") 913 } else if rteam.AllowedDomains != "" { 914 t.Fatal("should've sanitized allowed domains") 915 } 916 } 917 }) 918 919 t.Run("team user", func(t *testing.T) { 920 th.LinkUserToTeam(th.BasicUser2, team) 921 922 client := th.CreateClient() 923 th.LoginBasic2WithClient(client) 924 925 rteams, resp := client.SearchTeams(&model.TeamSearch{Term: t.Name()}) 926 CheckNoError(t, resp) 927 for _, rteam := range rteams { 928 if rteam.Email != "" { 929 t.Fatal("should've sanitized email") 930 } else if rteam.AllowedDomains != "" { 931 t.Fatal("should've sanitized allowed domains") 932 } 933 } 934 }) 935 936 t.Run("team admin", func(t *testing.T) { 937 rteams, resp := th.Client.SearchTeams(&model.TeamSearch{Term: t.Name()}) 938 CheckNoError(t, resp) 939 for _, rteam := range rteams { 940 if rteam.Id == team.Id || rteam.Id == team2.Id || rteam.Id == th.BasicTeam.Id { 941 if rteam.Email == "" { 942 t.Fatal("should not have sanitized email") 943 } else if rteam.AllowedDomains == "" { 944 t.Fatal("should not have sanitized allowed domains") 945 } 946 } 947 } 948 }) 949 950 t.Run("system admin", func(t *testing.T) { 951 rteams, resp := th.SystemAdminClient.SearchTeams(&model.TeamSearch{Term: t.Name()}) 952 CheckNoError(t, resp) 953 for _, rteam := range rteams { 954 if rteam.Email == "" { 955 t.Fatal("should not have sanitized email") 956 } else if rteam.AllowedDomains == "" { 957 t.Fatal("should not have sanitized allowed domains") 958 } 959 } 960 }) 961 } 962 963 func TestGetTeamsForUser(t *testing.T) { 964 th := Setup().InitBasic().InitSystemAdmin() 965 defer th.TearDown() 966 Client := th.Client 967 968 team2 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_INVITE} 969 rteam2, _ := Client.CreateTeam(team2) 970 971 teams, resp := Client.GetTeamsForUser(th.BasicUser.Id, "") 972 CheckNoError(t, resp) 973 974 if len(teams) != 2 { 975 t.Fatal("wrong number of teams") 976 } 977 978 found1 := false 979 found2 := false 980 for _, t := range teams { 981 if t.Id == th.BasicTeam.Id { 982 found1 = true 983 } else if t.Id == rteam2.Id { 984 found2 = true 985 } 986 } 987 988 if !found1 || !found2 { 989 t.Fatal("missing team") 990 } 991 992 _, resp = Client.GetTeamsForUser("junk", "") 993 CheckBadRequestStatus(t, resp) 994 995 _, resp = Client.GetTeamsForUser(model.NewId(), "") 996 CheckForbiddenStatus(t, resp) 997 998 _, resp = Client.GetTeamsForUser(th.BasicUser2.Id, "") 999 CheckForbiddenStatus(t, resp) 1000 1001 _, resp = th.SystemAdminClient.GetTeamsForUser(th.BasicUser2.Id, "") 1002 CheckNoError(t, resp) 1003 } 1004 1005 func TestGetTeamsForUserSanitization(t *testing.T) { 1006 th := Setup().InitBasic().InitSystemAdmin() 1007 defer th.TearDown() 1008 1009 team, resp := th.Client.CreateTeam(&model.Team{ 1010 DisplayName: t.Name() + "_1", 1011 Name: GenerateTestTeamName(), 1012 Email: th.GenerateTestEmail(), 1013 Type: model.TEAM_OPEN, 1014 AllowedDomains: "simulator.amazonses.com", 1015 }) 1016 CheckNoError(t, resp) 1017 team2, resp := th.Client.CreateTeam(&model.Team{ 1018 DisplayName: t.Name() + "_2", 1019 Name: GenerateTestTeamName(), 1020 Email: th.GenerateTestEmail(), 1021 Type: model.TEAM_OPEN, 1022 AllowedDomains: "simulator.amazonses.com", 1023 }) 1024 CheckNoError(t, resp) 1025 1026 t.Run("team user", func(t *testing.T) { 1027 th.LinkUserToTeam(th.BasicUser2, team) 1028 th.LinkUserToTeam(th.BasicUser2, team2) 1029 1030 client := th.CreateClient() 1031 th.LoginBasic2WithClient(client) 1032 1033 rteams, resp := client.GetTeamsForUser(th.BasicUser2.Id, "") 1034 CheckNoError(t, resp) 1035 for _, rteam := range rteams { 1036 if rteam.Id != team.Id && rteam.Id != team2.Id { 1037 continue 1038 } 1039 1040 if rteam.Email != "" { 1041 t.Fatal("should've sanitized email") 1042 } else if rteam.AllowedDomains != "" { 1043 t.Fatal("should've sanitized allowed domains") 1044 } 1045 } 1046 }) 1047 1048 t.Run("team admin", func(t *testing.T) { 1049 rteams, resp := th.Client.GetTeamsForUser(th.BasicUser.Id, "") 1050 CheckNoError(t, resp) 1051 for _, rteam := range rteams { 1052 if rteam.Id != team.Id && rteam.Id != team2.Id { 1053 continue 1054 } 1055 1056 if rteam.Email == "" { 1057 t.Fatal("should not have sanitized email") 1058 } else if rteam.AllowedDomains == "" { 1059 t.Fatal("should not have sanitized allowed domains") 1060 } 1061 } 1062 }) 1063 1064 t.Run("system admin", func(t *testing.T) { 1065 rteams, resp := th.SystemAdminClient.GetTeamsForUser(th.BasicUser.Id, "") 1066 CheckNoError(t, resp) 1067 for _, rteam := range rteams { 1068 if rteam.Id != team.Id && rteam.Id != team2.Id { 1069 continue 1070 } 1071 1072 if rteam.Email == "" { 1073 t.Fatal("should not have sanitized email") 1074 } else if rteam.AllowedDomains == "" { 1075 t.Fatal("should not have sanitized allowed domains") 1076 } 1077 } 1078 }) 1079 } 1080 1081 func TestGetTeamMember(t *testing.T) { 1082 th := Setup().InitBasic().InitSystemAdmin() 1083 defer th.TearDown() 1084 Client := th.Client 1085 team := th.BasicTeam 1086 user := th.BasicUser 1087 1088 rmember, resp := Client.GetTeamMember(team.Id, user.Id, "") 1089 CheckNoError(t, resp) 1090 1091 if rmember.TeamId != team.Id { 1092 t.Fatal("wrong team id") 1093 } 1094 1095 if rmember.UserId != user.Id { 1096 t.Fatal("wrong team id") 1097 } 1098 1099 _, resp = Client.GetTeamMember("junk", user.Id, "") 1100 CheckBadRequestStatus(t, resp) 1101 1102 _, resp = Client.GetTeamMember(team.Id, "junk", "") 1103 CheckBadRequestStatus(t, resp) 1104 1105 _, resp = Client.GetTeamMember("junk", "junk", "") 1106 CheckBadRequestStatus(t, resp) 1107 1108 _, resp = Client.GetTeamMember(team.Id, model.NewId(), "") 1109 CheckNotFoundStatus(t, resp) 1110 1111 _, resp = Client.GetTeamMember(model.NewId(), user.Id, "") 1112 CheckForbiddenStatus(t, resp) 1113 1114 _, resp = th.SystemAdminClient.GetTeamMember(team.Id, user.Id, "") 1115 CheckNoError(t, resp) 1116 } 1117 1118 func TestGetTeamMembers(t *testing.T) { 1119 th := Setup().InitBasic().InitSystemAdmin() 1120 defer th.TearDown() 1121 Client := th.Client 1122 team := th.BasicTeam 1123 userNotMember := th.CreateUser() 1124 1125 rmembers, resp := Client.GetTeamMembers(team.Id, 0, 100, "") 1126 CheckNoError(t, resp) 1127 1128 t.Logf("rmembers count %v\n", len(rmembers)) 1129 1130 if len(rmembers) == 0 { 1131 t.Fatal("should have results") 1132 } 1133 1134 for _, rmember := range rmembers { 1135 if rmember.TeamId != team.Id || rmember.UserId == userNotMember.Id { 1136 t.Fatal("user should be a member of team") 1137 } 1138 } 1139 1140 rmembers, resp = Client.GetTeamMembers(team.Id, 0, 1, "") 1141 CheckNoError(t, resp) 1142 if len(rmembers) != 1 { 1143 t.Fatal("should be 1 per page") 1144 } 1145 1146 rmembers, resp = Client.GetTeamMembers(team.Id, 1, 1, "") 1147 CheckNoError(t, resp) 1148 if len(rmembers) != 1 { 1149 t.Fatal("should be 1 per page") 1150 } 1151 1152 rmembers, resp = Client.GetTeamMembers(team.Id, 10000, 100, "") 1153 CheckNoError(t, resp) 1154 if len(rmembers) != 0 { 1155 t.Fatal("should be no member") 1156 } 1157 1158 rmembers, resp = Client.GetTeamMembers(team.Id, 0, 2, "") 1159 CheckNoError(t, resp) 1160 rmembers2, resp := Client.GetTeamMembers(team.Id, 1, 2, "") 1161 CheckNoError(t, resp) 1162 1163 for _, tm1 := range rmembers { 1164 for _, tm2 := range rmembers2 { 1165 assert.NotEqual(t, tm1.UserId+tm1.TeamId, tm2.UserId+tm2.TeamId, "different pages should not have the same members") 1166 } 1167 } 1168 1169 _, resp = Client.GetTeamMembers("junk", 0, 100, "") 1170 CheckBadRequestStatus(t, resp) 1171 1172 _, resp = Client.GetTeamMembers(model.NewId(), 0, 100, "") 1173 CheckForbiddenStatus(t, resp) 1174 1175 Client.Logout() 1176 rmembers, resp = Client.GetTeamMembers(team.Id, 0, 1, "") 1177 CheckUnauthorizedStatus(t, resp) 1178 1179 rmembers, resp = th.SystemAdminClient.GetTeamMembers(team.Id, 0, 100, "") 1180 CheckNoError(t, resp) 1181 } 1182 1183 func TestGetTeamMembersForUser(t *testing.T) { 1184 th := Setup().InitBasic().InitSystemAdmin() 1185 defer th.TearDown() 1186 Client := th.Client 1187 1188 members, resp := Client.GetTeamMembersForUser(th.BasicUser.Id, "") 1189 CheckNoError(t, resp) 1190 1191 found := false 1192 for _, m := range members { 1193 if m.TeamId == th.BasicTeam.Id { 1194 found = true 1195 } 1196 } 1197 1198 if !found { 1199 t.Fatal("missing team member") 1200 } 1201 1202 _, resp = Client.GetTeamMembersForUser("junk", "") 1203 CheckBadRequestStatus(t, resp) 1204 1205 _, resp = Client.GetTeamMembersForUser(model.NewId(), "") 1206 CheckForbiddenStatus(t, resp) 1207 1208 Client.Logout() 1209 _, resp = Client.GetTeamMembersForUser(th.BasicUser.Id, "") 1210 CheckUnauthorizedStatus(t, resp) 1211 1212 user := th.CreateUser() 1213 Client.Login(user.Email, user.Password) 1214 _, resp = Client.GetTeamMembersForUser(th.BasicUser.Id, "") 1215 CheckForbiddenStatus(t, resp) 1216 1217 _, resp = th.SystemAdminClient.GetTeamMembersForUser(th.BasicUser.Id, "") 1218 CheckNoError(t, resp) 1219 } 1220 1221 func TestGetTeamMembersByIds(t *testing.T) { 1222 th := Setup().InitBasic() 1223 defer th.TearDown() 1224 Client := th.Client 1225 1226 tm, resp := Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{th.BasicUser.Id}) 1227 CheckNoError(t, resp) 1228 1229 if tm[0].UserId != th.BasicUser.Id { 1230 t.Fatal("returned wrong user") 1231 } 1232 1233 _, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{}) 1234 CheckBadRequestStatus(t, resp) 1235 1236 tm1, resp := Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{"junk"}) 1237 CheckNoError(t, resp) 1238 if len(tm1) > 0 { 1239 t.Fatal("no users should be returned") 1240 } 1241 1242 tm1, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{"junk", th.BasicUser.Id}) 1243 CheckNoError(t, resp) 1244 if len(tm1) != 1 { 1245 t.Fatal("1 user should be returned") 1246 } 1247 1248 tm1, resp = Client.GetTeamMembersByIds("junk", []string{th.BasicUser.Id}) 1249 CheckBadRequestStatus(t, resp) 1250 1251 tm1, resp = Client.GetTeamMembersByIds(model.NewId(), []string{th.BasicUser.Id}) 1252 CheckForbiddenStatus(t, resp) 1253 1254 Client.Logout() 1255 _, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{th.BasicUser.Id}) 1256 CheckUnauthorizedStatus(t, resp) 1257 } 1258 1259 func TestAddTeamMember(t *testing.T) { 1260 th := Setup().InitBasic().InitSystemAdmin() 1261 defer th.TearDown() 1262 Client := th.Client 1263 team := th.BasicTeam 1264 otherUser := th.CreateUser() 1265 1266 if err := th.App.RemoveUserFromTeam(th.BasicTeam.Id, th.BasicUser2.Id, ""); err != nil { 1267 t.Fatalf(err.Error()) 1268 } 1269 1270 // Regular user can't add a member to a team they don't belong to. 1271 th.LoginBasic2() 1272 tm, resp := Client.AddTeamMember(team.Id, otherUser.Id) 1273 CheckForbiddenStatus(t, resp) 1274 if resp.Error == nil { 1275 t.Fatalf("Error is nil") 1276 } 1277 Client.Logout() 1278 1279 // Regular user can add a member to a team they belong to. 1280 th.LoginBasic() 1281 tm, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1282 CheckNoError(t, resp) 1283 CheckCreatedStatus(t, resp) 1284 1285 // Check all the returned data. 1286 if tm == nil { 1287 t.Fatal("should have returned team member") 1288 } 1289 1290 if tm.UserId != otherUser.Id { 1291 t.Fatal("user ids should have matched") 1292 } 1293 1294 if tm.TeamId != team.Id { 1295 t.Fatal("team ids should have matched") 1296 } 1297 1298 // Check with various invalid requests. 1299 tm, resp = Client.AddTeamMember(team.Id, "junk") 1300 CheckBadRequestStatus(t, resp) 1301 1302 if tm != nil { 1303 t.Fatal("should have not returned team member") 1304 } 1305 1306 _, resp = Client.AddTeamMember("junk", otherUser.Id) 1307 CheckBadRequestStatus(t, resp) 1308 1309 _, resp = Client.AddTeamMember(GenerateTestId(), otherUser.Id) 1310 CheckForbiddenStatus(t, resp) 1311 1312 _, resp = Client.AddTeamMember(team.Id, GenerateTestId()) 1313 CheckNotFoundStatus(t, resp) 1314 1315 Client.Logout() 1316 1317 // Set the config so that only team admins can add a user to a team. 1318 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_TEAM_ADMIN }) 1319 th.LoginBasic() 1320 1321 // Test without the EE license to see that the permission restriction is ignored. 1322 _, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1323 CheckNoError(t, resp) 1324 1325 // Add an EE license. 1326 th.App.SetLicense(model.NewTestLicense()) 1327 th.LoginBasic() 1328 1329 // Check that a regular user can't add someone to the team. 1330 _, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1331 CheckForbiddenStatus(t, resp) 1332 1333 // Update user to team admin 1334 th.UpdateUserToTeamAdmin(th.BasicUser, th.BasicTeam) 1335 th.App.InvalidateAllCaches() 1336 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_TEAM_ADMIN }) 1337 th.App.SetLicense(model.NewTestLicense()) 1338 th.LoginBasic() 1339 1340 // Should work as a team admin. 1341 _, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1342 CheckNoError(t, resp) 1343 1344 // Change permission level to System Admin 1345 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_SYSTEM_ADMIN }) 1346 1347 // Should not work as team admin. 1348 _, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1349 CheckForbiddenStatus(t, resp) 1350 1351 // Should work as system admin. 1352 _, resp = th.SystemAdminClient.AddTeamMember(team.Id, otherUser.Id) 1353 CheckNoError(t, resp) 1354 1355 // Change permission level to All 1356 th.UpdateUserToNonTeamAdmin(th.BasicUser, th.BasicTeam) 1357 th.App.InvalidateAllCaches() 1358 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_ALL }) 1359 th.App.SetLicense(model.NewTestLicense()) 1360 th.LoginBasic() 1361 1362 // Should work as a regular user. 1363 _, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1364 CheckNoError(t, resp) 1365 1366 th.LoginBasic() 1367 1368 // by hash and data 1369 Client.Login(otherUser.Email, otherUser.Password) 1370 1371 dataObject := make(map[string]string) 1372 dataObject["time"] = fmt.Sprintf("%v", model.GetMillis()) 1373 dataObject["id"] = team.Id 1374 dataObject["invite_id"] = team.InviteId 1375 1376 data := model.MapToJson(dataObject) 1377 hashed := utils.HashSha256(fmt.Sprintf("%v:%v", data, th.App.Config().EmailSettings.InviteSalt)) 1378 1379 tm, resp = Client.AddTeamMemberFromInvite(hashed, data, "") 1380 CheckNoError(t, resp) 1381 1382 if tm == nil { 1383 t.Fatal("should have returned team member") 1384 } 1385 1386 if tm.UserId != otherUser.Id { 1387 t.Fatal("user ids should have matched") 1388 } 1389 1390 if tm.TeamId != team.Id { 1391 t.Fatal("team ids should have matched") 1392 } 1393 1394 tm, resp = Client.AddTeamMemberFromInvite("junk", data, "") 1395 CheckBadRequestStatus(t, resp) 1396 1397 if tm != nil { 1398 t.Fatal("should have not returned team member") 1399 } 1400 1401 _, resp = Client.AddTeamMemberFromInvite(hashed, "junk", "") 1402 CheckBadRequestStatus(t, resp) 1403 1404 // expired data of more than 50 hours 1405 dataObject["time"] = fmt.Sprintf("%v", model.GetMillis()-1000*60*60*50) 1406 data = model.MapToJson(dataObject) 1407 hashed = utils.HashSha256(fmt.Sprintf("%v:%v", data, th.App.Config().EmailSettings.InviteSalt)) 1408 1409 tm, resp = Client.AddTeamMemberFromInvite(hashed, data, "") 1410 CheckBadRequestStatus(t, resp) 1411 1412 // invalid team id 1413 dataObject["id"] = GenerateTestId() 1414 data = model.MapToJson(dataObject) 1415 hashed = utils.HashSha256(fmt.Sprintf("%v:%v", data, th.App.Config().EmailSettings.InviteSalt)) 1416 1417 tm, resp = Client.AddTeamMemberFromInvite(hashed, data, "") 1418 CheckBadRequestStatus(t, resp) 1419 1420 // by invite_id 1421 Client.Login(otherUser.Email, otherUser.Password) 1422 1423 tm, resp = Client.AddTeamMemberFromInvite("", "", team.InviteId) 1424 CheckNoError(t, resp) 1425 1426 if tm == nil { 1427 t.Fatal("should have returned team member") 1428 } 1429 1430 if tm.UserId != otherUser.Id { 1431 t.Fatal("user ids should have matched") 1432 } 1433 1434 if tm.TeamId != team.Id { 1435 t.Fatal("team ids should have matched") 1436 } 1437 1438 tm, resp = Client.AddTeamMemberFromInvite("", "", "junk") 1439 CheckNotFoundStatus(t, resp) 1440 1441 if tm != nil { 1442 t.Fatal("should have not returned team member") 1443 } 1444 } 1445 1446 func TestAddTeamMembers(t *testing.T) { 1447 th := Setup().InitBasic().InitSystemAdmin() 1448 defer th.TearDown() 1449 Client := th.Client 1450 team := th.BasicTeam 1451 otherUser := th.CreateUser() 1452 userList := []string{ 1453 otherUser.Id, 1454 } 1455 1456 if err := th.App.RemoveUserFromTeam(th.BasicTeam.Id, th.BasicUser2.Id, ""); err != nil { 1457 t.Fatalf(err.Error()) 1458 } 1459 1460 // Regular user can't add a member to a team they don't belong to. 1461 th.LoginBasic2() 1462 tm, resp := Client.AddTeamMembers(team.Id, userList) 1463 CheckForbiddenStatus(t, resp) 1464 Client.Logout() 1465 1466 // Regular user can add a member to a team they belong to. 1467 th.LoginBasic() 1468 tm, resp = Client.AddTeamMembers(team.Id, userList) 1469 CheckNoError(t, resp) 1470 CheckCreatedStatus(t, resp) 1471 1472 // Check all the returned data. 1473 if tm[0] == nil { 1474 t.Fatal("should have returned team member") 1475 } 1476 1477 if tm[0].UserId != otherUser.Id { 1478 t.Fatal("user ids should have matched") 1479 } 1480 1481 if tm[0].TeamId != team.Id { 1482 t.Fatal("team ids should have matched") 1483 } 1484 1485 // Check with various invalid requests. 1486 _, resp = Client.AddTeamMembers("junk", userList) 1487 CheckBadRequestStatus(t, resp) 1488 1489 _, resp = Client.AddTeamMembers(GenerateTestId(), userList) 1490 CheckForbiddenStatus(t, resp) 1491 1492 testUserList := append(userList, GenerateTestId()) 1493 _, resp = Client.AddTeamMembers(team.Id, testUserList) 1494 CheckNotFoundStatus(t, resp) 1495 1496 // Test with many users. 1497 for i := 0; i < 25; i++ { 1498 testUserList = append(testUserList, GenerateTestId()) 1499 } 1500 _, resp = Client.AddTeamMembers(team.Id, testUserList) 1501 CheckBadRequestStatus(t, resp) 1502 1503 Client.Logout() 1504 1505 // Set the config so that only team admins can add a user to a team. 1506 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_TEAM_ADMIN }) 1507 th.LoginBasic() 1508 1509 // Test without the EE license to see that the permission restriction is ignored. 1510 _, resp = Client.AddTeamMembers(team.Id, userList) 1511 CheckNoError(t, resp) 1512 1513 // Add an EE license. 1514 th.App.SetLicense(model.NewTestLicense()) 1515 th.LoginBasic() 1516 1517 // Check that a regular user can't add someone to the team. 1518 _, resp = Client.AddTeamMembers(team.Id, userList) 1519 CheckForbiddenStatus(t, resp) 1520 1521 // Update user to team admin 1522 th.UpdateUserToTeamAdmin(th.BasicUser, th.BasicTeam) 1523 th.App.InvalidateAllCaches() 1524 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_TEAM_ADMIN }) 1525 th.App.SetLicense(model.NewTestLicense()) 1526 th.LoginBasic() 1527 1528 // Should work as a team admin. 1529 _, resp = Client.AddTeamMembers(team.Id, userList) 1530 CheckNoError(t, resp) 1531 1532 // Change permission level to System Admin 1533 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_SYSTEM_ADMIN }) 1534 1535 // Should not work as team admin. 1536 _, resp = Client.AddTeamMembers(team.Id, userList) 1537 CheckForbiddenStatus(t, resp) 1538 1539 // Should work as system admin. 1540 _, resp = th.SystemAdminClient.AddTeamMembers(team.Id, userList) 1541 CheckNoError(t, resp) 1542 1543 // Change permission level to All 1544 th.UpdateUserToNonTeamAdmin(th.BasicUser, th.BasicTeam) 1545 th.App.InvalidateAllCaches() 1546 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_ALL }) 1547 th.App.SetLicense(model.NewTestLicense()) 1548 th.LoginBasic() 1549 1550 // Should work as a regular user. 1551 _, resp = Client.AddTeamMembers(team.Id, userList) 1552 CheckNoError(t, resp) 1553 } 1554 1555 func TestRemoveTeamMember(t *testing.T) { 1556 th := Setup().InitBasic().InitSystemAdmin() 1557 defer th.TearDown() 1558 Client := th.Client 1559 1560 pass, resp := Client.RemoveTeamMember(th.BasicTeam.Id, th.BasicUser.Id) 1561 CheckNoError(t, resp) 1562 1563 if !pass { 1564 t.Fatal("should have passed") 1565 } 1566 1567 _, resp = th.SystemAdminClient.AddTeamMember(th.BasicTeam.Id, th.BasicUser.Id) 1568 CheckNoError(t, resp) 1569 1570 _, resp = Client.RemoveTeamMember(th.BasicTeam.Id, "junk") 1571 CheckBadRequestStatus(t, resp) 1572 1573 _, resp = Client.RemoveTeamMember("junk", th.BasicUser2.Id) 1574 CheckBadRequestStatus(t, resp) 1575 1576 _, resp = Client.RemoveTeamMember(th.BasicTeam.Id, th.BasicUser2.Id) 1577 CheckForbiddenStatus(t, resp) 1578 1579 _, resp = Client.RemoveTeamMember(model.NewId(), th.BasicUser.Id) 1580 CheckNotFoundStatus(t, resp) 1581 1582 _, resp = th.SystemAdminClient.RemoveTeamMember(th.BasicTeam.Id, th.BasicUser.Id) 1583 CheckNoError(t, resp) 1584 } 1585 1586 func TestGetTeamStats(t *testing.T) { 1587 th := Setup().InitBasic().InitSystemAdmin() 1588 defer th.TearDown() 1589 Client := th.Client 1590 team := th.BasicTeam 1591 1592 rstats, resp := Client.GetTeamStats(team.Id, "") 1593 CheckNoError(t, resp) 1594 1595 if rstats.TeamId != team.Id { 1596 t.Fatal("wrong team id") 1597 } 1598 1599 if rstats.TotalMemberCount != 3 { 1600 t.Fatal("wrong count") 1601 } 1602 1603 if rstats.ActiveMemberCount != 3 { 1604 t.Fatal("wrong count") 1605 } 1606 1607 _, resp = Client.GetTeamStats("junk", "") 1608 CheckBadRequestStatus(t, resp) 1609 1610 _, resp = Client.GetTeamStats(model.NewId(), "") 1611 CheckForbiddenStatus(t, resp) 1612 1613 _, resp = th.SystemAdminClient.GetTeamStats(team.Id, "") 1614 CheckNoError(t, resp) 1615 1616 // deactivate BasicUser2 1617 th.UpdateActiveUser(th.BasicUser2, false) 1618 1619 rstats, resp = th.SystemAdminClient.GetTeamStats(team.Id, "") 1620 CheckNoError(t, resp) 1621 1622 if rstats.TotalMemberCount != 3 { 1623 t.Fatal("wrong count") 1624 } 1625 1626 if rstats.ActiveMemberCount != 2 { 1627 t.Fatal("wrong count") 1628 } 1629 1630 // login with different user and test if forbidden 1631 user := th.CreateUser() 1632 Client.Login(user.Email, user.Password) 1633 _, resp = Client.GetTeamStats(th.BasicTeam.Id, "") 1634 CheckForbiddenStatus(t, resp) 1635 1636 Client.Logout() 1637 _, resp = Client.GetTeamStats(th.BasicTeam.Id, "") 1638 CheckUnauthorizedStatus(t, resp) 1639 } 1640 1641 func TestUpdateTeamMemberRoles(t *testing.T) { 1642 th := Setup().InitBasic().InitSystemAdmin() 1643 defer th.TearDown() 1644 Client := th.Client 1645 SystemAdminClient := th.SystemAdminClient 1646 1647 const TEAM_MEMBER = "team_user" 1648 const TEAM_ADMIN = "team_user team_admin" 1649 1650 // user 1 tries to promote user 2 1651 ok, resp := Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_ADMIN) 1652 CheckForbiddenStatus(t, resp) 1653 if ok { 1654 t.Fatal("should have returned false") 1655 } 1656 1657 // user 1 tries to promote himself 1658 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser.Id, TEAM_ADMIN) 1659 CheckForbiddenStatus(t, resp) 1660 1661 // user 1 tries to demote someone 1662 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.SystemAdminUser.Id, TEAM_MEMBER) 1663 CheckForbiddenStatus(t, resp) 1664 1665 // system admin promotes user 1 1666 ok, resp = SystemAdminClient.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser.Id, TEAM_ADMIN) 1667 CheckNoError(t, resp) 1668 if !ok { 1669 t.Fatal("should have returned true") 1670 } 1671 1672 // user 1 (team admin) promotes user 2 1673 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_ADMIN) 1674 CheckNoError(t, resp) 1675 1676 // user 1 (team admin) demotes user 2 (team admin) 1677 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_MEMBER) 1678 CheckNoError(t, resp) 1679 1680 // user 1 (team admin) tries to demote system admin (not member of a team) 1681 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.SystemAdminUser.Id, TEAM_MEMBER) 1682 CheckBadRequestStatus(t, resp) 1683 1684 // user 1 (team admin) demotes system admin (member of a team) 1685 th.LinkUserToTeam(th.SystemAdminUser, th.BasicTeam) 1686 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.SystemAdminUser.Id, TEAM_MEMBER) 1687 CheckNoError(t, resp) 1688 // Note from API v3 1689 // Note to anyone who thinks this (above) test is wrong: 1690 // This operation will not affect the system admin's permissions because they have global access to all teams. 1691 // Their team level permissions are irrelavent. A team admin should be able to manage team level permissions. 1692 1693 // System admins should be able to manipulate permission no matter what their team level permissions are. 1694 // system admin promotes user 2 1695 _, resp = SystemAdminClient.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_ADMIN) 1696 CheckNoError(t, resp) 1697 1698 // system admin demotes user 2 (team admin) 1699 _, resp = SystemAdminClient.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_MEMBER) 1700 CheckNoError(t, resp) 1701 1702 // user 1 (team admin) tries to promote himself to a random team 1703 _, resp = Client.UpdateTeamMemberRoles(model.NewId(), th.BasicUser.Id, TEAM_ADMIN) 1704 CheckForbiddenStatus(t, resp) 1705 1706 // user 1 (team admin) tries to promote a random user 1707 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, model.NewId(), TEAM_ADMIN) 1708 CheckBadRequestStatus(t, resp) 1709 1710 // user 1 (team admin) tries to promote invalid team permission 1711 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser.Id, "junk") 1712 CheckBadRequestStatus(t, resp) 1713 1714 // user 1 (team admin) demotes himself 1715 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser.Id, TEAM_MEMBER) 1716 CheckNoError(t, resp) 1717 } 1718 1719 func TestGetMyTeamsUnread(t *testing.T) { 1720 th := Setup().InitBasic().InitSystemAdmin() 1721 defer th.TearDown() 1722 Client := th.Client 1723 1724 user := th.BasicUser 1725 Client.Login(user.Email, user.Password) 1726 1727 teams, resp := Client.GetTeamsUnreadForUser(user.Id, "") 1728 CheckNoError(t, resp) 1729 if len(teams) == 0 { 1730 t.Fatal("should have results") 1731 } 1732 1733 teams, resp = Client.GetTeamsUnreadForUser(user.Id, th.BasicTeam.Id) 1734 CheckNoError(t, resp) 1735 if len(teams) != 0 { 1736 t.Fatal("should not have results") 1737 } 1738 1739 _, resp = Client.GetTeamsUnreadForUser("fail", "") 1740 CheckBadRequestStatus(t, resp) 1741 1742 _, resp = Client.GetTeamsUnreadForUser(model.NewId(), "") 1743 CheckForbiddenStatus(t, resp) 1744 1745 Client.Logout() 1746 _, resp = Client.GetTeamsUnreadForUser(user.Id, "") 1747 CheckUnauthorizedStatus(t, resp) 1748 } 1749 1750 func TestTeamExists(t *testing.T) { 1751 th := Setup().InitBasic().InitSystemAdmin() 1752 defer th.TearDown() 1753 Client := th.Client 1754 team := th.BasicTeam 1755 1756 th.LoginBasic() 1757 1758 exists, resp := Client.TeamExists(team.Name, "") 1759 CheckNoError(t, resp) 1760 if !exists { 1761 t.Fatal("team should exist") 1762 } 1763 1764 exists, resp = Client.TeamExists("testingteam", "") 1765 CheckNoError(t, resp) 1766 if exists { 1767 t.Fatal("team should not exist") 1768 } 1769 1770 Client.Logout() 1771 _, resp = Client.TeamExists(team.Name, "") 1772 CheckUnauthorizedStatus(t, resp) 1773 } 1774 1775 func TestImportTeam(t *testing.T) { 1776 th := Setup().InitBasic().InitSystemAdmin() 1777 defer th.TearDown() 1778 1779 t.Run("ImportTeam", func(t *testing.T) { 1780 var data []byte 1781 var err error 1782 data, err = readTestFile("Fake_Team_Import.zip") 1783 if err != nil && len(data) == 0 { 1784 t.Fatal("Error while reading the test file.") 1785 } 1786 1787 // Import the channels/users/posts 1788 fileResp, resp := th.SystemAdminClient.ImportTeam(data, binary.Size(data), "slack", "Fake_Team_Import.zip", th.BasicTeam.Id) 1789 CheckNoError(t, resp) 1790 1791 fileData, err := base64.StdEncoding.DecodeString(fileResp["results"]) 1792 if err != nil { 1793 t.Fatal("failed to decode base64 results data") 1794 } 1795 1796 fileReturned := fmt.Sprintf("%s", fileData) 1797 if !strings.Contains(fileReturned, "darth.vader@stardeath.com") { 1798 t.Log(fileReturned) 1799 t.Fatal("failed to report the user was imported") 1800 } 1801 1802 // Checking the imported users 1803 importedUser, resp := th.SystemAdminClient.GetUserByUsername("bot_test", "") 1804 CheckNoError(t, resp) 1805 if importedUser.Username != "bot_test" { 1806 t.Fatal("username should match with the imported user") 1807 } 1808 1809 importedUser, resp = th.SystemAdminClient.GetUserByUsername("lordvader", "") 1810 CheckNoError(t, resp) 1811 if importedUser.Username != "lordvader" { 1812 t.Fatal("username should match with the imported user") 1813 } 1814 1815 // Checking the imported Channels 1816 importedChannel, resp := th.SystemAdminClient.GetChannelByName("testchannel", th.BasicTeam.Id, "") 1817 CheckNoError(t, resp) 1818 if importedChannel.Name != "testchannel" { 1819 t.Fatal("names did not match expected: testchannel") 1820 } 1821 1822 importedChannel, resp = th.SystemAdminClient.GetChannelByName("general", th.BasicTeam.Id, "") 1823 CheckNoError(t, resp) 1824 if importedChannel.Name != "general" { 1825 t.Fatal("names did not match expected: general") 1826 } 1827 1828 posts, resp := th.SystemAdminClient.GetPostsForChannel(importedChannel.Id, 0, 60, "") 1829 CheckNoError(t, resp) 1830 if posts.Posts[posts.Order[3]].Message != "This is a test post to test the import process" { 1831 t.Fatal("missing posts in the import process") 1832 } 1833 }) 1834 1835 t.Run("MissingFile", func(t *testing.T) { 1836 _, resp := th.SystemAdminClient.ImportTeam(nil, 4343, "slack", "Fake_Team_Import.zip", th.BasicTeam.Id) 1837 CheckBadRequestStatus(t, resp) 1838 }) 1839 1840 t.Run("WrongPermission", func(t *testing.T) { 1841 var data []byte 1842 var err error 1843 data, err = readTestFile("Fake_Team_Import.zip") 1844 if err != nil && len(data) == 0 { 1845 t.Fatal("Error while reading the test file.") 1846 } 1847 1848 // Import the channels/users/posts 1849 _, resp := th.Client.ImportTeam(data, binary.Size(data), "slack", "Fake_Team_Import.zip", th.BasicTeam.Id) 1850 CheckForbiddenStatus(t, resp) 1851 }) 1852 } 1853 1854 func TestInviteUsersToTeam(t *testing.T) { 1855 th := Setup().InitBasic().InitSystemAdmin() 1856 defer th.TearDown() 1857 1858 user1 := th.GenerateTestEmail() 1859 user2 := th.GenerateTestEmail() 1860 1861 emailList := []string{user1, user2} 1862 1863 //Delete all the messages before check the sample email 1864 utils.DeleteMailBox(user1) 1865 utils.DeleteMailBox(user2) 1866 1867 okMsg, resp := th.SystemAdminClient.InviteUsersToTeam(th.BasicTeam.Id, emailList) 1868 CheckNoError(t, resp) 1869 if !okMsg { 1870 t.Fatal("should return true") 1871 } 1872 1873 nameFormat := *th.App.Config().TeamSettings.TeammateNameDisplay 1874 expectedSubject := utils.T("api.templates.invite_subject", 1875 map[string]interface{}{"SenderName": th.SystemAdminUser.GetDisplayName(nameFormat), 1876 "TeamDisplayName": th.BasicTeam.DisplayName, 1877 "SiteName": th.App.ClientConfig()["SiteName"]}) 1878 1879 //Check if the email was send to the rigth email address 1880 for _, email := range emailList { 1881 var resultsMailbox utils.JSONMessageHeaderInbucket 1882 err := utils.RetryInbucket(5, func() error { 1883 var err error 1884 resultsMailbox, err = utils.GetMailBox(email) 1885 return err 1886 }) 1887 if err != nil { 1888 t.Log(err) 1889 t.Log("No email was received, maybe due load on the server. Disabling this verification") 1890 } 1891 if err == nil && len(resultsMailbox) > 0 { 1892 if !strings.ContainsAny(resultsMailbox[len(resultsMailbox)-1].To[0], email) { 1893 t.Fatal("Wrong To recipient") 1894 } else { 1895 if resultsEmail, err := utils.GetMessageFromMailbox(email, resultsMailbox[len(resultsMailbox)-1].ID); err == nil { 1896 if resultsEmail.Subject != expectedSubject { 1897 t.Log(resultsEmail.Subject) 1898 t.Log(expectedSubject) 1899 t.Fatal("Wrong Subject") 1900 } 1901 } 1902 } 1903 } 1904 } 1905 1906 th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.RestrictCreationToDomains = "@example.com" }) 1907 1908 err := th.App.InviteNewUsersToTeam(emailList, th.BasicTeam.Id, th.BasicUser.Id) 1909 1910 if err == nil { 1911 t.Fatal("Adding users with non-restricted domains was allowed") 1912 } 1913 if err.Where != "InviteNewUsersToTeam" || err.Id != "api.team.invite_members.invalid_email.app_error" { 1914 t.Log(err) 1915 t.Fatal("Got wrong error message!") 1916 } 1917 } 1918 1919 func TestGetTeamInviteInfo(t *testing.T) { 1920 th := Setup().InitBasic().InitSystemAdmin() 1921 defer th.TearDown() 1922 Client := th.Client 1923 team := th.BasicTeam 1924 1925 team, resp := Client.GetTeamInviteInfo(team.InviteId) 1926 CheckNoError(t, resp) 1927 1928 if team.DisplayName == "" { 1929 t.Fatal("should not be empty") 1930 } 1931 1932 if team.Email != "" { 1933 t.Fatal("should be empty") 1934 } 1935 1936 team.InviteId = "12345678901234567890123456789012" 1937 team, resp = th.SystemAdminClient.UpdateTeam(team) 1938 CheckNoError(t, resp) 1939 1940 team, resp = Client.GetTeamInviteInfo(team.InviteId) 1941 CheckNoError(t, resp) 1942 1943 _, resp = Client.GetTeamInviteInfo("junk") 1944 CheckNotFoundStatus(t, resp) 1945 } 1946 1947 func TestSetTeamIcon(t *testing.T) { 1948 th := Setup().InitBasic().InitSystemAdmin() 1949 defer th.TearDown() 1950 Client := th.Client 1951 team := th.BasicTeam 1952 1953 data, err := readTestFile("test.png") 1954 if err != nil { 1955 t.Fatal(err) 1956 } 1957 1958 th.LoginTeamAdmin() 1959 1960 ok, resp := Client.SetTeamIcon(team.Id, data) 1961 if !ok { 1962 t.Fatal(resp.Error) 1963 } 1964 CheckNoError(t, resp) 1965 1966 ok, resp = Client.SetTeamIcon(model.NewId(), data) 1967 if ok { 1968 t.Fatal("Should return false, set team icon not allowed") 1969 } 1970 CheckForbiddenStatus(t, resp) 1971 1972 th.LoginBasic() 1973 1974 _, resp = Client.SetTeamIcon(team.Id, data) 1975 if resp.StatusCode == http.StatusForbidden { 1976 CheckForbiddenStatus(t, resp) 1977 } else if resp.StatusCode == http.StatusUnauthorized { 1978 CheckUnauthorizedStatus(t, resp) 1979 } else { 1980 t.Fatal("Should have failed either forbidden or unauthorized") 1981 } 1982 1983 Client.Logout() 1984 1985 _, resp = Client.SetTeamIcon(team.Id, data) 1986 if resp.StatusCode == http.StatusForbidden { 1987 CheckForbiddenStatus(t, resp) 1988 } else if resp.StatusCode == http.StatusUnauthorized { 1989 CheckUnauthorizedStatus(t, resp) 1990 } else { 1991 t.Fatal("Should have failed either forbidden or unauthorized") 1992 } 1993 1994 teamBefore, err := th.App.GetTeam(team.Id) 1995 require.Nil(t, err) 1996 1997 _, resp = th.SystemAdminClient.SetTeamIcon(team.Id, data) 1998 CheckNoError(t, resp) 1999 2000 teamAfter, err := th.App.GetTeam(team.Id) 2001 require.Nil(t, err) 2002 assert.True(t, teamBefore.LastTeamIconUpdate < teamAfter.LastTeamIconUpdate, "LastTeamIconUpdate should have been updated for team") 2003 2004 info := &model.FileInfo{Path: "teams/" + team.Id + "/teamIcon.png"} 2005 if err := th.cleanupTestFile(info); err != nil { 2006 t.Fatal(err) 2007 } 2008 } 2009 2010 func TestGetTeamIcon(t *testing.T) { 2011 th := Setup().InitBasic().InitSystemAdmin() 2012 defer th.TearDown() 2013 Client := th.Client 2014 team := th.BasicTeam 2015 2016 // should always fail because no initial image and no auto creation 2017 _, resp := Client.GetTeamIcon(team.Id, "") 2018 CheckNotFoundStatus(t, resp) 2019 2020 Client.Logout() 2021 2022 _, resp = Client.GetTeamIcon(team.Id, "") 2023 CheckUnauthorizedStatus(t, resp) 2024 }