github.com/demisto/mattermost-server@v4.9.0-rc3+incompatible/api4/team_test.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "encoding/binary" 8 "fmt" 9 "net/http" 10 "strconv" 11 "strings" 12 "testing" 13 14 "encoding/base64" 15 16 "github.com/mattermost/mattermost-server/model" 17 "github.com/mattermost/mattermost-server/utils" 18 "github.com/stretchr/testify/assert" 19 "github.com/stretchr/testify/require" 20 ) 21 22 func TestCreateTeam(t *testing.T) { 23 th := Setup().InitBasic() 24 defer th.TearDown() 25 Client := th.Client 26 27 team := &model.Team{Name: GenerateTestUsername(), DisplayName: "Some Team", Type: model.TEAM_OPEN} 28 rteam, resp := Client.CreateTeam(team) 29 CheckNoError(t, resp) 30 CheckCreatedStatus(t, resp) 31 32 if rteam.Name != team.Name { 33 t.Fatal("names did not match") 34 } 35 36 if rteam.DisplayName != team.DisplayName { 37 t.Fatal("display names did not match") 38 } 39 40 if rteam.Type != team.Type { 41 t.Fatal("types did not match") 42 } 43 44 _, resp = Client.CreateTeam(rteam) 45 CheckBadRequestStatus(t, resp) 46 47 rteam.Id = "" 48 _, resp = Client.CreateTeam(rteam) 49 CheckErrorMessage(t, resp, "store.sql_team.save.domain_exists.app_error") 50 CheckBadRequestStatus(t, resp) 51 52 rteam.Name = "" 53 _, resp = Client.CreateTeam(rteam) 54 CheckErrorMessage(t, resp, "model.team.is_valid.characters.app_error") 55 CheckBadRequestStatus(t, resp) 56 57 if r, err := Client.DoApiPost("/teams", "garbage"); err == nil { 58 t.Fatal("should have errored") 59 } else { 60 if r.StatusCode != http.StatusBadRequest { 61 t.Log("actual: " + strconv.Itoa(r.StatusCode)) 62 t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) 63 t.Fatal("wrong status code") 64 } 65 } 66 67 Client.Logout() 68 69 _, resp = Client.CreateTeam(rteam) 70 CheckUnauthorizedStatus(t, resp) 71 72 // Check the appropriate permissions are enforced. 73 defaultRolePermissions := th.SaveDefaultRolePermissions() 74 defer func() { 75 th.RestoreDefaultRolePermissions(defaultRolePermissions) 76 }() 77 78 th.RemovePermissionFromRole(model.PERMISSION_CREATE_TEAM.Id, model.SYSTEM_USER_ROLE_ID) 79 th.AddPermissionToRole(model.PERMISSION_CREATE_TEAM.Id, model.SYSTEM_ADMIN_ROLE_ID) 80 81 th.LoginBasic() 82 _, resp = Client.CreateTeam(team) 83 CheckForbiddenStatus(t, resp) 84 } 85 86 func TestCreateTeamSanitization(t *testing.T) { 87 th := Setup().InitBasic().InitSystemAdmin() 88 defer th.TearDown() 89 90 // Non-admin users can create a team, but they become a team admin by doing so 91 92 t.Run("team admin", func(t *testing.T) { 93 team := &model.Team{ 94 DisplayName: t.Name() + "_1", 95 Name: GenerateTestTeamName(), 96 Email: th.GenerateTestEmail(), 97 Type: model.TEAM_OPEN, 98 AllowedDomains: "simulator.amazonses.com", 99 } 100 101 rteam, resp := th.Client.CreateTeam(team) 102 CheckNoError(t, resp) 103 if rteam.Email == "" { 104 t.Fatal("should not have sanitized email") 105 } else if rteam.AllowedDomains == "" { 106 t.Fatal("should not have sanitized allowed domains") 107 } 108 }) 109 110 t.Run("system admin", func(t *testing.T) { 111 team := &model.Team{ 112 DisplayName: t.Name() + "_2", 113 Name: GenerateTestTeamName(), 114 Email: th.GenerateTestEmail(), 115 Type: model.TEAM_OPEN, 116 AllowedDomains: "simulator.amazonses.com", 117 } 118 119 rteam, resp := th.SystemAdminClient.CreateTeam(team) 120 CheckNoError(t, resp) 121 if rteam.Email == "" { 122 t.Fatal("should not have sanitized email") 123 } else if rteam.AllowedDomains == "" { 124 t.Fatal("should not have sanitized allowed domains") 125 } 126 }) 127 } 128 129 func TestGetTeam(t *testing.T) { 130 th := Setup().InitBasic().InitSystemAdmin() 131 defer th.TearDown() 132 Client := th.Client 133 team := th.BasicTeam 134 135 rteam, resp := Client.GetTeam(team.Id, "") 136 CheckNoError(t, resp) 137 138 if rteam.Id != team.Id { 139 t.Fatal("wrong team") 140 } 141 142 _, resp = Client.GetTeam("junk", "") 143 CheckBadRequestStatus(t, resp) 144 145 _, resp = Client.GetTeam("", "") 146 CheckNotFoundStatus(t, resp) 147 148 _, resp = Client.GetTeam(model.NewId(), "") 149 CheckNotFoundStatus(t, resp) 150 151 th.LoginTeamAdmin() 152 153 team2 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN, AllowOpenInvite: false} 154 rteam2, _ := Client.CreateTeam(team2) 155 156 team3 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_INVITE, AllowOpenInvite: true} 157 rteam3, _ := Client.CreateTeam(team3) 158 159 th.LoginBasic() 160 // AllowInviteOpen is false and team is open, and user is not on team 161 _, resp = Client.GetTeam(rteam2.Id, "") 162 CheckForbiddenStatus(t, resp) 163 164 // AllowInviteOpen is true and team is invite, and user is not on team 165 _, resp = Client.GetTeam(rteam3.Id, "") 166 CheckForbiddenStatus(t, resp) 167 168 Client.Logout() 169 _, resp = Client.GetTeam(team.Id, "") 170 CheckUnauthorizedStatus(t, resp) 171 172 _, resp = th.SystemAdminClient.GetTeam(rteam2.Id, "") 173 CheckNoError(t, resp) 174 } 175 176 func TestGetTeamSanitization(t *testing.T) { 177 th := Setup().InitBasic().InitSystemAdmin() 178 defer th.TearDown() 179 180 team, resp := th.Client.CreateTeam(&model.Team{ 181 DisplayName: t.Name() + "_1", 182 Name: GenerateTestTeamName(), 183 Email: th.GenerateTestEmail(), 184 Type: model.TEAM_OPEN, 185 AllowedDomains: "simulator.amazonses.com", 186 }) 187 CheckNoError(t, resp) 188 189 t.Run("team user", func(t *testing.T) { 190 th.LinkUserToTeam(th.BasicUser2, team) 191 192 client := th.CreateClient() 193 th.LoginBasic2WithClient(client) 194 195 rteam, resp := client.GetTeam(team.Id, "") 196 CheckNoError(t, resp) 197 if rteam.Email != "" { 198 t.Fatal("should've sanitized email") 199 } else if rteam.AllowedDomains != "" { 200 t.Fatal("should've sanitized allowed domains") 201 } 202 }) 203 204 t.Run("team admin", func(t *testing.T) { 205 rteam, resp := th.Client.GetTeam(team.Id, "") 206 CheckNoError(t, resp) 207 if rteam.Email == "" { 208 t.Fatal("should not have sanitized email") 209 } else if rteam.AllowedDomains == "" { 210 t.Fatal("should not have sanitized allowed domains") 211 } 212 }) 213 214 t.Run("system admin", func(t *testing.T) { 215 rteam, resp := th.SystemAdminClient.GetTeam(team.Id, "") 216 CheckNoError(t, resp) 217 if rteam.Email == "" { 218 t.Fatal("should not have sanitized email") 219 } else if rteam.AllowedDomains == "" { 220 t.Fatal("should not have sanitized allowed domains") 221 } 222 }) 223 } 224 225 func TestGetTeamUnread(t *testing.T) { 226 th := Setup().InitBasic().InitSystemAdmin() 227 defer th.TearDown() 228 Client := th.Client 229 230 teamUnread, resp := Client.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) 231 CheckNoError(t, resp) 232 if teamUnread.TeamId != th.BasicTeam.Id { 233 t.Fatal("wrong team id returned for regular user call") 234 } 235 236 _, resp = Client.GetTeamUnread("junk", th.BasicUser.Id) 237 CheckBadRequestStatus(t, resp) 238 239 _, resp = Client.GetTeamUnread(th.BasicTeam.Id, "junk") 240 CheckBadRequestStatus(t, resp) 241 242 _, resp = Client.GetTeamUnread(model.NewId(), th.BasicUser.Id) 243 CheckForbiddenStatus(t, resp) 244 245 _, resp = Client.GetTeamUnread(th.BasicTeam.Id, model.NewId()) 246 CheckForbiddenStatus(t, resp) 247 248 Client.Logout() 249 _, resp = Client.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) 250 CheckUnauthorizedStatus(t, resp) 251 252 teamUnread, resp = th.SystemAdminClient.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) 253 CheckNoError(t, resp) 254 if teamUnread.TeamId != th.BasicTeam.Id { 255 t.Fatal("wrong team id returned") 256 } 257 } 258 259 func TestUpdateTeam(t *testing.T) { 260 th := Setup().InitBasic().InitSystemAdmin() 261 defer th.TearDown() 262 Client := th.Client 263 264 team := &model.Team{DisplayName: "Name", Description: "Some description", AllowOpenInvite: false, InviteId: "inviteid0", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN} 265 team, _ = Client.CreateTeam(team) 266 267 team.Description = "updated description" 268 uteam, resp := Client.UpdateTeam(team) 269 CheckNoError(t, resp) 270 271 if uteam.Description != "updated description" { 272 t.Fatal("Update failed") 273 } 274 275 team.DisplayName = "Updated Name" 276 uteam, resp = Client.UpdateTeam(team) 277 CheckNoError(t, resp) 278 279 if uteam.DisplayName != "Updated Name" { 280 t.Fatal("Update failed") 281 } 282 283 team.AllowOpenInvite = true 284 uteam, resp = Client.UpdateTeam(team) 285 CheckNoError(t, resp) 286 287 if !uteam.AllowOpenInvite { 288 t.Fatal("Update failed") 289 } 290 291 team.InviteId = "inviteid1" 292 uteam, resp = Client.UpdateTeam(team) 293 CheckNoError(t, resp) 294 295 if uteam.InviteId != "inviteid1" { 296 t.Fatal("Update failed") 297 } 298 299 team.AllowedDomains = "domain" 300 uteam, resp = Client.UpdateTeam(team) 301 CheckNoError(t, resp) 302 303 if uteam.AllowedDomains != "domain" { 304 t.Fatal("Update failed") 305 } 306 307 team.Name = "Updated name" 308 uteam, resp = Client.UpdateTeam(team) 309 CheckNoError(t, resp) 310 311 if uteam.Name == "Updated name" { 312 t.Fatal("Should not update name") 313 } 314 315 team.Email = "test@domain.com" 316 uteam, resp = Client.UpdateTeam(team) 317 CheckNoError(t, resp) 318 319 if uteam.Email == "test@domain.com" { 320 t.Fatal("Should not update email") 321 } 322 323 team.Type = model.TEAM_INVITE 324 uteam, resp = Client.UpdateTeam(team) 325 CheckNoError(t, resp) 326 327 if uteam.Type == model.TEAM_INVITE { 328 t.Fatal("Should not update type") 329 } 330 331 originalTeamId := team.Id 332 team.Id = model.NewId() 333 334 if r, err := Client.DoApiPut(Client.GetTeamRoute(originalTeamId), team.ToJson()); err != nil { 335 t.Fatal(err) 336 } else { 337 uteam = model.TeamFromJson(r.Body) 338 } 339 340 if uteam.Id != originalTeamId { 341 t.Fatal("wrong team id") 342 } 343 344 team.Id = "fake" 345 _, resp = Client.UpdateTeam(team) 346 CheckBadRequestStatus(t, resp) 347 348 Client.Logout() 349 _, resp = Client.UpdateTeam(team) 350 CheckUnauthorizedStatus(t, resp) 351 352 team.Id = originalTeamId 353 _, resp = th.SystemAdminClient.UpdateTeam(team) 354 CheckNoError(t, resp) 355 } 356 357 func TestUpdateTeamSanitization(t *testing.T) { 358 th := Setup().InitBasic().InitSystemAdmin() 359 defer th.TearDown() 360 361 team, resp := th.Client.CreateTeam(&model.Team{ 362 DisplayName: t.Name() + "_1", 363 Name: GenerateTestTeamName(), 364 Email: th.GenerateTestEmail(), 365 Type: model.TEAM_OPEN, 366 AllowedDomains: "simulator.amazonses.com", 367 }) 368 CheckNoError(t, resp) 369 370 // Non-admin users cannot update the team 371 372 t.Run("team admin", func(t *testing.T) { 373 rteam, resp := th.Client.UpdateTeam(team) 374 CheckNoError(t, resp) 375 if rteam.Email == "" { 376 t.Fatal("should not have sanitized email for admin") 377 } else if rteam.AllowedDomains == "" { 378 t.Fatal("should not have sanitized allowed domains") 379 } 380 }) 381 382 t.Run("system admin", func(t *testing.T) { 383 rteam, resp := th.SystemAdminClient.UpdateTeam(team) 384 CheckNoError(t, resp) 385 if rteam.Email == "" { 386 t.Fatal("should not have sanitized email for admin") 387 } else if rteam.AllowedDomains == "" { 388 t.Fatal("should not have sanitized allowed domains") 389 } 390 }) 391 } 392 393 func TestPatchTeam(t *testing.T) { 394 th := Setup().InitBasic().InitSystemAdmin() 395 defer th.TearDown() 396 Client := th.Client 397 398 team := &model.Team{DisplayName: "Name", Description: "Some description", CompanyName: "Some company name", AllowOpenInvite: false, InviteId: "inviteid0", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN} 399 team, _ = Client.CreateTeam(team) 400 401 patch := &model.TeamPatch{} 402 403 patch.DisplayName = model.NewString("Other name") 404 patch.Description = model.NewString("Other description") 405 patch.CompanyName = model.NewString("Other company name") 406 patch.InviteId = model.NewString("inviteid1") 407 patch.AllowOpenInvite = model.NewBool(true) 408 409 rteam, resp := Client.PatchTeam(team.Id, patch) 410 CheckNoError(t, resp) 411 412 if rteam.DisplayName != "Other name" { 413 t.Fatal("DisplayName did not update properly") 414 } 415 if rteam.Description != "Other description" { 416 t.Fatal("Description did not update properly") 417 } 418 if rteam.CompanyName != "Other company name" { 419 t.Fatal("CompanyName did not update properly") 420 } 421 if rteam.InviteId != "inviteid1" { 422 t.Fatal("InviteId did not update properly") 423 } 424 if !rteam.AllowOpenInvite { 425 t.Fatal("AllowOpenInvite did not update properly") 426 } 427 428 _, resp = Client.PatchTeam("junk", patch) 429 CheckBadRequestStatus(t, resp) 430 431 _, resp = Client.PatchTeam(GenerateTestId(), patch) 432 CheckForbiddenStatus(t, resp) 433 434 if r, err := Client.DoApiPut("/teams/"+team.Id+"/patch", "garbage"); err == nil { 435 t.Fatal("should have errored") 436 } else { 437 if r.StatusCode != http.StatusBadRequest { 438 t.Log("actual: " + strconv.Itoa(r.StatusCode)) 439 t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) 440 t.Fatal("wrong status code") 441 } 442 } 443 444 Client.Logout() 445 _, resp = Client.PatchTeam(team.Id, patch) 446 CheckUnauthorizedStatus(t, resp) 447 448 th.LoginBasic2() 449 _, resp = Client.PatchTeam(team.Id, patch) 450 CheckForbiddenStatus(t, resp) 451 452 _, resp = th.SystemAdminClient.PatchTeam(team.Id, patch) 453 CheckNoError(t, resp) 454 } 455 456 func TestPatchTeamSanitization(t *testing.T) { 457 th := Setup().InitBasic().InitSystemAdmin() 458 defer th.TearDown() 459 460 team, resp := th.Client.CreateTeam(&model.Team{ 461 DisplayName: t.Name() + "_1", 462 Name: GenerateTestTeamName(), 463 Email: th.GenerateTestEmail(), 464 Type: model.TEAM_OPEN, 465 AllowedDomains: "simulator.amazonses.com", 466 }) 467 CheckNoError(t, resp) 468 469 // Non-admin users cannot update the team 470 471 t.Run("team admin", func(t *testing.T) { 472 rteam, resp := th.Client.PatchTeam(team.Id, &model.TeamPatch{}) 473 CheckNoError(t, resp) 474 if rteam.Email == "" { 475 t.Fatal("should not have sanitized email for admin") 476 } else if rteam.AllowedDomains == "" { 477 t.Fatal("should not have sanitized allowed domains") 478 } 479 }) 480 481 t.Run("system admin", func(t *testing.T) { 482 rteam, resp := th.SystemAdminClient.PatchTeam(team.Id, &model.TeamPatch{}) 483 CheckNoError(t, resp) 484 if rteam.Email == "" { 485 t.Fatal("should not have sanitized email for admin") 486 } else if rteam.AllowedDomains == "" { 487 t.Fatal("should not have sanitized allowed domains") 488 } 489 }) 490 } 491 492 func TestSoftDeleteTeam(t *testing.T) { 493 th := Setup().InitBasic().InitSystemAdmin() 494 defer th.TearDown() 495 Client := th.Client 496 497 team := &model.Team{DisplayName: "DisplayName", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN} 498 team, _ = Client.CreateTeam(team) 499 500 ok, resp := Client.SoftDeleteTeam(team.Id) 501 CheckNoError(t, resp) 502 503 if !ok { 504 t.Fatal("should have returned true") 505 } 506 507 rteam, err := th.App.GetTeam(team.Id) 508 if err != nil { 509 t.Fatal("should have returned archived team") 510 } 511 if rteam.DeleteAt == 0 { 512 t.Fatal("should have not set to zero") 513 } 514 515 ok, resp = Client.SoftDeleteTeam("junk") 516 CheckBadRequestStatus(t, resp) 517 518 if ok { 519 t.Fatal("should have returned false") 520 } 521 522 otherTeam := th.BasicTeam 523 _, resp = Client.SoftDeleteTeam(otherTeam.Id) 524 CheckForbiddenStatus(t, resp) 525 526 Client.Logout() 527 _, resp = Client.SoftDeleteTeam(otherTeam.Id) 528 CheckUnauthorizedStatus(t, resp) 529 530 _, resp = th.SystemAdminClient.SoftDeleteTeam(otherTeam.Id) 531 CheckNoError(t, resp) 532 } 533 534 func TestPermanentDeleteTeam(t *testing.T) { 535 th := Setup().InitBasic().InitSystemAdmin() 536 defer th.TearDown() 537 Client := th.Client 538 539 team := &model.Team{DisplayName: "DisplayName", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN} 540 team, _ = Client.CreateTeam(team) 541 542 ok, resp := Client.PermanentDeleteTeam(team.Id) 543 CheckNoError(t, resp) 544 545 if !ok { 546 t.Fatal("should have returned true") 547 } 548 549 // The team is deleted in the background, its only soft deleted at this 550 // time 551 rteam, err := th.App.GetTeam(team.Id) 552 if err != nil { 553 t.Fatal("should have returned archived team") 554 } 555 if rteam.DeleteAt == 0 { 556 t.Fatal("should have not set to zero") 557 } 558 559 ok, resp = Client.PermanentDeleteTeam("junk") 560 CheckBadRequestStatus(t, resp) 561 562 if ok { 563 t.Fatal("should have returned false") 564 } 565 } 566 567 func TestGetAllTeams(t *testing.T) { 568 th := Setup().InitBasic().InitSystemAdmin() 569 defer th.TearDown() 570 Client := th.Client 571 572 team := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN, AllowOpenInvite: true} 573 _, resp := Client.CreateTeam(team) 574 CheckNoError(t, resp) 575 576 team2 := &model.Team{DisplayName: "Name2", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN, AllowOpenInvite: true} 577 _, resp = Client.CreateTeam(team2) 578 CheckNoError(t, resp) 579 580 rrteams, resp := Client.GetAllTeams("", 0, 1) 581 CheckNoError(t, resp) 582 583 if len(rrteams) != 1 { 584 t.Log(len(rrteams)) 585 t.Fatal("wrong number of teams - should be 1") 586 } 587 588 for _, rt := range rrteams { 589 if !rt.AllowOpenInvite { 590 t.Fatal("not all teams are open") 591 } 592 } 593 594 rrteams, resp = Client.GetAllTeams("", 0, 10) 595 CheckNoError(t, resp) 596 597 for _, rt := range rrteams { 598 if !rt.AllowOpenInvite { 599 t.Fatal("not all teams are open") 600 } 601 } 602 603 rrteams1, resp := Client.GetAllTeams("", 1, 0) 604 CheckNoError(t, resp) 605 606 if len(rrteams1) != 0 { 607 t.Fatal("wrong number of teams - should be 0") 608 } 609 610 rrteams2, resp := th.SystemAdminClient.GetAllTeams("", 1, 1) 611 CheckNoError(t, resp) 612 613 if len(rrteams2) != 1 { 614 t.Fatal("wrong number of teams - should be 1") 615 } 616 617 rrteams2, resp = Client.GetAllTeams("", 1, 0) 618 CheckNoError(t, resp) 619 620 if len(rrteams2) != 0 { 621 t.Fatal("wrong number of teams - should be 0") 622 } 623 624 rrteams, resp = Client.GetAllTeams("", 0, 2) 625 CheckNoError(t, resp) 626 rrteams2, resp = Client.GetAllTeams("", 1, 2) 627 CheckNoError(t, resp) 628 629 for _, t1 := range rrteams { 630 for _, t2 := range rrteams2 { 631 assert.NotEqual(t, t1.Id, t2.Id, "different pages should not have the same teams") 632 } 633 } 634 635 Client.Logout() 636 _, resp = Client.GetAllTeams("", 1, 10) 637 CheckUnauthorizedStatus(t, resp) 638 } 639 640 func TestGetAllTeamsSanitization(t *testing.T) { 641 th := Setup().InitBasic().InitSystemAdmin() 642 defer th.TearDown() 643 644 team, resp := th.Client.CreateTeam(&model.Team{ 645 DisplayName: t.Name() + "_1", 646 Name: GenerateTestTeamName(), 647 Email: th.GenerateTestEmail(), 648 Type: model.TEAM_OPEN, 649 AllowedDomains: "simulator.amazonses.com", 650 AllowOpenInvite: true, 651 }) 652 CheckNoError(t, resp) 653 team2, resp := th.SystemAdminClient.CreateTeam(&model.Team{ 654 DisplayName: t.Name() + "_2", 655 Name: GenerateTestTeamName(), 656 Email: th.GenerateTestEmail(), 657 Type: model.TEAM_OPEN, 658 AllowedDomains: "simulator.amazonses.com", 659 AllowOpenInvite: true, 660 }) 661 CheckNoError(t, resp) 662 663 // This may not work if the server has over 1000 open teams on it 664 665 t.Run("team admin/non-admin", func(t *testing.T) { 666 teamFound := false 667 team2Found := false 668 669 rteams, resp := th.Client.GetAllTeams("", 0, 1000) 670 CheckNoError(t, resp) 671 for _, rteam := range rteams { 672 if rteam.Id == team.Id { 673 teamFound = true 674 if rteam.Email == "" { 675 t.Fatal("should not have sanitized email for team admin") 676 } else if rteam.AllowedDomains == "" { 677 t.Fatal("should not have sanitized allowed domains for team admin") 678 } 679 } else if rteam.Id == team2.Id { 680 team2Found = true 681 if rteam.Email != "" { 682 t.Fatal("should've sanitized email for non-admin") 683 } else if rteam.AllowedDomains != "" { 684 t.Fatal("should've sanitized allowed domains for non-admin") 685 } 686 } 687 } 688 689 if !teamFound || !team2Found { 690 t.Fatal("wasn't returned the expected teams so the test wasn't run correctly") 691 } 692 }) 693 694 t.Run("system admin", func(t *testing.T) { 695 rteams, resp := th.SystemAdminClient.GetAllTeams("", 0, 1000) 696 CheckNoError(t, resp) 697 for _, rteam := range rteams { 698 if rteam.Id != team.Id && rteam.Id != team2.Id { 699 continue 700 } 701 702 if rteam.Email == "" { 703 t.Fatal("should not have sanitized email") 704 } else if rteam.AllowedDomains == "" { 705 t.Fatal("should not have sanitized allowed domains") 706 } 707 } 708 }) 709 } 710 711 func TestGetTeamByName(t *testing.T) { 712 th := Setup().InitBasic().InitSystemAdmin() 713 defer th.TearDown() 714 Client := th.Client 715 team := th.BasicTeam 716 717 rteam, resp := Client.GetTeamByName(team.Name, "") 718 CheckNoError(t, resp) 719 720 if rteam.Name != team.Name { 721 t.Fatal("wrong team") 722 } 723 724 _, resp = Client.GetTeamByName("junk", "") 725 CheckNotFoundStatus(t, resp) 726 727 _, resp = Client.GetTeamByName("", "") 728 CheckNotFoundStatus(t, resp) 729 730 _, resp = th.SystemAdminClient.GetTeamByName(strings.ToUpper(team.Name), "") 731 CheckNoError(t, resp) 732 733 Client.Logout() 734 _, resp = Client.GetTeamByName(team.Name, "") 735 CheckUnauthorizedStatus(t, resp) 736 737 _, resp = th.SystemAdminClient.GetTeamByName(team.Name, "") 738 CheckNoError(t, resp) 739 740 th.LoginTeamAdmin() 741 742 team2 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_OPEN, AllowOpenInvite: false} 743 rteam2, _ := Client.CreateTeam(team2) 744 745 team3 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_INVITE, AllowOpenInvite: true} 746 rteam3, _ := Client.CreateTeam(team3) 747 748 th.LoginBasic() 749 // AllowInviteOpen is false and team is open, and user is not on team 750 _, resp = Client.GetTeamByName(rteam2.Name, "") 751 CheckForbiddenStatus(t, resp) 752 753 // AllowInviteOpen is true and team is invite only, and user is not on team 754 _, resp = Client.GetTeamByName(rteam3.Name, "") 755 CheckForbiddenStatus(t, resp) 756 } 757 758 func TestGetTeamByNameSanitization(t *testing.T) { 759 th := Setup().InitBasic().InitSystemAdmin() 760 defer th.TearDown() 761 762 team, resp := th.Client.CreateTeam(&model.Team{ 763 DisplayName: t.Name() + "_1", 764 Name: GenerateTestTeamName(), 765 Email: th.GenerateTestEmail(), 766 Type: model.TEAM_OPEN, 767 AllowedDomains: "simulator.amazonses.com", 768 }) 769 CheckNoError(t, resp) 770 771 t.Run("team user", func(t *testing.T) { 772 th.LinkUserToTeam(th.BasicUser2, team) 773 774 client := th.CreateClient() 775 th.LoginBasic2WithClient(client) 776 777 rteam, resp := client.GetTeamByName(team.Name, "") 778 CheckNoError(t, resp) 779 if rteam.Email != "" { 780 t.Fatal("should've sanitized email") 781 } else if rteam.AllowedDomains != "" { 782 t.Fatal("should've sanitized allowed domains") 783 } 784 }) 785 786 t.Run("team admin/non-admin", func(t *testing.T) { 787 rteam, resp := th.Client.GetTeamByName(team.Name, "") 788 CheckNoError(t, resp) 789 if rteam.Email == "" { 790 t.Fatal("should not have sanitized email") 791 } else if rteam.AllowedDomains == "" { 792 t.Fatal("should not have sanitized allowed domains") 793 } 794 }) 795 796 t.Run("system admin", func(t *testing.T) { 797 rteam, resp := th.SystemAdminClient.GetTeamByName(team.Name, "") 798 CheckNoError(t, resp) 799 if rteam.Email == "" { 800 t.Fatal("should not have sanitized email") 801 } else if rteam.AllowedDomains == "" { 802 t.Fatal("should not have sanitized allowed domains") 803 } 804 }) 805 } 806 807 func TestSearchAllTeams(t *testing.T) { 808 th := Setup().InitBasic().InitSystemAdmin() 809 defer th.TearDown() 810 Client := th.Client 811 oTeam := th.BasicTeam 812 oTeam.AllowOpenInvite = true 813 814 if updatedTeam, err := th.App.UpdateTeam(oTeam); err != nil { 815 t.Fatal(err) 816 } else { 817 oTeam.UpdateAt = updatedTeam.UpdateAt 818 } 819 820 pTeam := &model.Team{DisplayName: "PName", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_INVITE} 821 Client.CreateTeam(pTeam) 822 823 rteams, resp := Client.SearchTeams(&model.TeamSearch{Term: oTeam.Name}) 824 CheckNoError(t, resp) 825 826 if len(rteams) != 1 { 827 t.Fatal("should have returned 1 team") 828 } 829 830 if oTeam.Id != rteams[0].Id { 831 t.Fatal("invalid team") 832 } 833 834 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: oTeam.DisplayName}) 835 CheckNoError(t, resp) 836 837 if len(rteams) != 1 { 838 t.Fatal("should have returned 1 team") 839 } 840 841 if rteams[0].Id != oTeam.Id { 842 t.Fatal("invalid team") 843 } 844 845 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: pTeam.Name}) 846 CheckNoError(t, resp) 847 848 if len(rteams) != 0 { 849 t.Fatal("should have not returned team") 850 } 851 852 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: pTeam.DisplayName}) 853 CheckNoError(t, resp) 854 855 if len(rteams) != 0 { 856 t.Fatal("should have not returned team") 857 } 858 859 rteams, resp = th.SystemAdminClient.SearchTeams(&model.TeamSearch{Term: oTeam.Name}) 860 CheckNoError(t, resp) 861 862 if len(rteams) != 1 { 863 t.Fatal("should have returned 1 team") 864 } 865 866 rteams, resp = th.SystemAdminClient.SearchTeams(&model.TeamSearch{Term: pTeam.DisplayName}) 867 CheckNoError(t, resp) 868 869 if len(rteams) != 1 { 870 t.Fatal("should have returned 1 team") 871 } 872 873 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: "junk"}) 874 CheckNoError(t, resp) 875 876 if len(rteams) != 0 { 877 t.Fatal("should have not returned team") 878 } 879 880 Client.Logout() 881 882 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: pTeam.Name}) 883 CheckUnauthorizedStatus(t, resp) 884 885 rteams, resp = Client.SearchTeams(&model.TeamSearch{Term: pTeam.DisplayName}) 886 CheckUnauthorizedStatus(t, resp) 887 } 888 889 func TestSearchAllTeamsSanitization(t *testing.T) { 890 th := Setup().InitBasic().InitSystemAdmin() 891 defer th.TearDown() 892 893 team, resp := th.Client.CreateTeam(&model.Team{ 894 DisplayName: t.Name() + "_1", 895 Name: GenerateTestTeamName(), 896 Email: th.GenerateTestEmail(), 897 Type: model.TEAM_OPEN, 898 AllowedDomains: "simulator.amazonses.com", 899 }) 900 CheckNoError(t, resp) 901 team2, resp := th.Client.CreateTeam(&model.Team{ 902 DisplayName: t.Name() + "_2", 903 Name: GenerateTestTeamName(), 904 Email: th.GenerateTestEmail(), 905 Type: model.TEAM_OPEN, 906 AllowedDomains: "simulator.amazonses.com", 907 }) 908 CheckNoError(t, resp) 909 910 t.Run("non-team user", func(t *testing.T) { 911 client := th.CreateClient() 912 th.LoginBasic2WithClient(client) 913 914 rteams, resp := client.SearchTeams(&model.TeamSearch{Term: t.Name()}) 915 CheckNoError(t, resp) 916 for _, rteam := range rteams { 917 if rteam.Email != "" { 918 t.Fatal("should've sanitized email") 919 } else if rteam.AllowedDomains != "" { 920 t.Fatal("should've sanitized allowed domains") 921 } 922 } 923 }) 924 925 t.Run("team user", func(t *testing.T) { 926 th.LinkUserToTeam(th.BasicUser2, team) 927 928 client := th.CreateClient() 929 th.LoginBasic2WithClient(client) 930 931 rteams, resp := client.SearchTeams(&model.TeamSearch{Term: t.Name()}) 932 CheckNoError(t, resp) 933 for _, rteam := range rteams { 934 if rteam.Email != "" { 935 t.Fatal("should've sanitized email") 936 } else if rteam.AllowedDomains != "" { 937 t.Fatal("should've sanitized allowed domains") 938 } 939 } 940 }) 941 942 t.Run("team admin", func(t *testing.T) { 943 rteams, resp := th.Client.SearchTeams(&model.TeamSearch{Term: t.Name()}) 944 CheckNoError(t, resp) 945 for _, rteam := range rteams { 946 if rteam.Id == team.Id || rteam.Id == team2.Id || rteam.Id == th.BasicTeam.Id { 947 if rteam.Email == "" { 948 t.Fatal("should not have sanitized email") 949 } else if rteam.AllowedDomains == "" { 950 t.Fatal("should not have sanitized allowed domains") 951 } 952 } 953 } 954 }) 955 956 t.Run("system admin", func(t *testing.T) { 957 rteams, resp := th.SystemAdminClient.SearchTeams(&model.TeamSearch{Term: t.Name()}) 958 CheckNoError(t, resp) 959 for _, rteam := range rteams { 960 if rteam.Email == "" { 961 t.Fatal("should not have sanitized email") 962 } else if rteam.AllowedDomains == "" { 963 t.Fatal("should not have sanitized allowed domains") 964 } 965 } 966 }) 967 } 968 969 func TestGetTeamsForUser(t *testing.T) { 970 th := Setup().InitBasic().InitSystemAdmin() 971 defer th.TearDown() 972 Client := th.Client 973 974 team2 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: th.GenerateTestEmail(), Type: model.TEAM_INVITE} 975 rteam2, _ := Client.CreateTeam(team2) 976 977 teams, resp := Client.GetTeamsForUser(th.BasicUser.Id, "") 978 CheckNoError(t, resp) 979 980 if len(teams) != 2 { 981 t.Fatal("wrong number of teams") 982 } 983 984 found1 := false 985 found2 := false 986 for _, t := range teams { 987 if t.Id == th.BasicTeam.Id { 988 found1 = true 989 } else if t.Id == rteam2.Id { 990 found2 = true 991 } 992 } 993 994 if !found1 || !found2 { 995 t.Fatal("missing team") 996 } 997 998 _, resp = Client.GetTeamsForUser("junk", "") 999 CheckBadRequestStatus(t, resp) 1000 1001 _, resp = Client.GetTeamsForUser(model.NewId(), "") 1002 CheckForbiddenStatus(t, resp) 1003 1004 _, resp = Client.GetTeamsForUser(th.BasicUser2.Id, "") 1005 CheckForbiddenStatus(t, resp) 1006 1007 _, resp = th.SystemAdminClient.GetTeamsForUser(th.BasicUser2.Id, "") 1008 CheckNoError(t, resp) 1009 } 1010 1011 func TestGetTeamsForUserSanitization(t *testing.T) { 1012 th := Setup().InitBasic().InitSystemAdmin() 1013 defer th.TearDown() 1014 1015 team, resp := th.Client.CreateTeam(&model.Team{ 1016 DisplayName: t.Name() + "_1", 1017 Name: GenerateTestTeamName(), 1018 Email: th.GenerateTestEmail(), 1019 Type: model.TEAM_OPEN, 1020 AllowedDomains: "simulator.amazonses.com", 1021 }) 1022 CheckNoError(t, resp) 1023 team2, resp := th.Client.CreateTeam(&model.Team{ 1024 DisplayName: t.Name() + "_2", 1025 Name: GenerateTestTeamName(), 1026 Email: th.GenerateTestEmail(), 1027 Type: model.TEAM_OPEN, 1028 AllowedDomains: "simulator.amazonses.com", 1029 }) 1030 CheckNoError(t, resp) 1031 1032 t.Run("team user", func(t *testing.T) { 1033 th.LinkUserToTeam(th.BasicUser2, team) 1034 th.LinkUserToTeam(th.BasicUser2, team2) 1035 1036 client := th.CreateClient() 1037 th.LoginBasic2WithClient(client) 1038 1039 rteams, resp := client.GetTeamsForUser(th.BasicUser2.Id, "") 1040 CheckNoError(t, resp) 1041 for _, rteam := range rteams { 1042 if rteam.Id != team.Id && rteam.Id != team2.Id { 1043 continue 1044 } 1045 1046 if rteam.Email != "" { 1047 t.Fatal("should've sanitized email") 1048 } else if rteam.AllowedDomains != "" { 1049 t.Fatal("should've sanitized allowed domains") 1050 } 1051 } 1052 }) 1053 1054 t.Run("team admin", func(t *testing.T) { 1055 rteams, resp := th.Client.GetTeamsForUser(th.BasicUser.Id, "") 1056 CheckNoError(t, resp) 1057 for _, rteam := range rteams { 1058 if rteam.Id != team.Id && rteam.Id != team2.Id { 1059 continue 1060 } 1061 1062 if rteam.Email == "" { 1063 t.Fatal("should not have sanitized email") 1064 } else if rteam.AllowedDomains == "" { 1065 t.Fatal("should not have sanitized allowed domains") 1066 } 1067 } 1068 }) 1069 1070 t.Run("system admin", func(t *testing.T) { 1071 rteams, resp := th.SystemAdminClient.GetTeamsForUser(th.BasicUser.Id, "") 1072 CheckNoError(t, resp) 1073 for _, rteam := range rteams { 1074 if rteam.Id != team.Id && rteam.Id != team2.Id { 1075 continue 1076 } 1077 1078 if rteam.Email == "" { 1079 t.Fatal("should not have sanitized email") 1080 } else if rteam.AllowedDomains == "" { 1081 t.Fatal("should not have sanitized allowed domains") 1082 } 1083 } 1084 }) 1085 } 1086 1087 func TestGetTeamMember(t *testing.T) { 1088 th := Setup().InitBasic().InitSystemAdmin() 1089 defer th.TearDown() 1090 Client := th.Client 1091 team := th.BasicTeam 1092 user := th.BasicUser 1093 1094 rmember, resp := Client.GetTeamMember(team.Id, user.Id, "") 1095 CheckNoError(t, resp) 1096 1097 if rmember.TeamId != team.Id { 1098 t.Fatal("wrong team id") 1099 } 1100 1101 if rmember.UserId != user.Id { 1102 t.Fatal("wrong team id") 1103 } 1104 1105 _, resp = Client.GetTeamMember("junk", user.Id, "") 1106 CheckBadRequestStatus(t, resp) 1107 1108 _, resp = Client.GetTeamMember(team.Id, "junk", "") 1109 CheckBadRequestStatus(t, resp) 1110 1111 _, resp = Client.GetTeamMember("junk", "junk", "") 1112 CheckBadRequestStatus(t, resp) 1113 1114 _, resp = Client.GetTeamMember(team.Id, model.NewId(), "") 1115 CheckNotFoundStatus(t, resp) 1116 1117 _, resp = Client.GetTeamMember(model.NewId(), user.Id, "") 1118 CheckForbiddenStatus(t, resp) 1119 1120 _, resp = th.SystemAdminClient.GetTeamMember(team.Id, user.Id, "") 1121 CheckNoError(t, resp) 1122 } 1123 1124 func TestGetTeamMembers(t *testing.T) { 1125 th := Setup().InitBasic().InitSystemAdmin() 1126 defer th.TearDown() 1127 Client := th.Client 1128 team := th.BasicTeam 1129 userNotMember := th.CreateUser() 1130 1131 rmembers, resp := Client.GetTeamMembers(team.Id, 0, 100, "") 1132 CheckNoError(t, resp) 1133 1134 t.Logf("rmembers count %v\n", len(rmembers)) 1135 1136 if len(rmembers) == 0 { 1137 t.Fatal("should have results") 1138 } 1139 1140 for _, rmember := range rmembers { 1141 if rmember.TeamId != team.Id || rmember.UserId == userNotMember.Id { 1142 t.Fatal("user should be a member of team") 1143 } 1144 } 1145 1146 rmembers, resp = Client.GetTeamMembers(team.Id, 0, 1, "") 1147 CheckNoError(t, resp) 1148 if len(rmembers) != 1 { 1149 t.Fatal("should be 1 per page") 1150 } 1151 1152 rmembers, resp = Client.GetTeamMembers(team.Id, 1, 1, "") 1153 CheckNoError(t, resp) 1154 if len(rmembers) != 1 { 1155 t.Fatal("should be 1 per page") 1156 } 1157 1158 rmembers, resp = Client.GetTeamMembers(team.Id, 10000, 100, "") 1159 CheckNoError(t, resp) 1160 if len(rmembers) != 0 { 1161 t.Fatal("should be no member") 1162 } 1163 1164 rmembers, resp = Client.GetTeamMembers(team.Id, 0, 2, "") 1165 CheckNoError(t, resp) 1166 rmembers2, resp := Client.GetTeamMembers(team.Id, 1, 2, "") 1167 CheckNoError(t, resp) 1168 1169 for _, tm1 := range rmembers { 1170 for _, tm2 := range rmembers2 { 1171 assert.NotEqual(t, tm1.UserId+tm1.TeamId, tm2.UserId+tm2.TeamId, "different pages should not have the same members") 1172 } 1173 } 1174 1175 _, resp = Client.GetTeamMembers("junk", 0, 100, "") 1176 CheckBadRequestStatus(t, resp) 1177 1178 _, resp = Client.GetTeamMembers(model.NewId(), 0, 100, "") 1179 CheckForbiddenStatus(t, resp) 1180 1181 Client.Logout() 1182 rmembers, resp = Client.GetTeamMembers(team.Id, 0, 1, "") 1183 CheckUnauthorizedStatus(t, resp) 1184 1185 rmembers, resp = th.SystemAdminClient.GetTeamMembers(team.Id, 0, 100, "") 1186 CheckNoError(t, resp) 1187 } 1188 1189 func TestGetTeamMembersForUser(t *testing.T) { 1190 th := Setup().InitBasic().InitSystemAdmin() 1191 defer th.TearDown() 1192 Client := th.Client 1193 1194 members, resp := Client.GetTeamMembersForUser(th.BasicUser.Id, "") 1195 CheckNoError(t, resp) 1196 1197 found := false 1198 for _, m := range members { 1199 if m.TeamId == th.BasicTeam.Id { 1200 found = true 1201 } 1202 } 1203 1204 if !found { 1205 t.Fatal("missing team member") 1206 } 1207 1208 _, resp = Client.GetTeamMembersForUser("junk", "") 1209 CheckBadRequestStatus(t, resp) 1210 1211 _, resp = Client.GetTeamMembersForUser(model.NewId(), "") 1212 CheckForbiddenStatus(t, resp) 1213 1214 Client.Logout() 1215 _, resp = Client.GetTeamMembersForUser(th.BasicUser.Id, "") 1216 CheckUnauthorizedStatus(t, resp) 1217 1218 user := th.CreateUser() 1219 Client.Login(user.Email, user.Password) 1220 _, resp = Client.GetTeamMembersForUser(th.BasicUser.Id, "") 1221 CheckForbiddenStatus(t, resp) 1222 1223 _, resp = th.SystemAdminClient.GetTeamMembersForUser(th.BasicUser.Id, "") 1224 CheckNoError(t, resp) 1225 } 1226 1227 func TestGetTeamMembersByIds(t *testing.T) { 1228 th := Setup().InitBasic() 1229 defer th.TearDown() 1230 Client := th.Client 1231 1232 tm, resp := Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{th.BasicUser.Id}) 1233 CheckNoError(t, resp) 1234 1235 if tm[0].UserId != th.BasicUser.Id { 1236 t.Fatal("returned wrong user") 1237 } 1238 1239 _, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{}) 1240 CheckBadRequestStatus(t, resp) 1241 1242 tm1, resp := Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{"junk"}) 1243 CheckNoError(t, resp) 1244 if len(tm1) > 0 { 1245 t.Fatal("no users should be returned") 1246 } 1247 1248 tm1, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{"junk", th.BasicUser.Id}) 1249 CheckNoError(t, resp) 1250 if len(tm1) != 1 { 1251 t.Fatal("1 user should be returned") 1252 } 1253 1254 tm1, resp = Client.GetTeamMembersByIds("junk", []string{th.BasicUser.Id}) 1255 CheckBadRequestStatus(t, resp) 1256 1257 tm1, resp = Client.GetTeamMembersByIds(model.NewId(), []string{th.BasicUser.Id}) 1258 CheckForbiddenStatus(t, resp) 1259 1260 Client.Logout() 1261 _, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{th.BasicUser.Id}) 1262 CheckUnauthorizedStatus(t, resp) 1263 } 1264 1265 func TestAddTeamMember(t *testing.T) { 1266 th := Setup().InitBasic().InitSystemAdmin() 1267 defer th.TearDown() 1268 Client := th.Client 1269 team := th.BasicTeam 1270 otherUser := th.CreateUser() 1271 1272 if err := th.App.RemoveUserFromTeam(th.BasicTeam.Id, th.BasicUser2.Id, ""); err != nil { 1273 t.Fatalf(err.Error()) 1274 } 1275 1276 // Regular user can't add a member to a team they don't belong to. 1277 th.LoginBasic2() 1278 tm, resp := Client.AddTeamMember(team.Id, otherUser.Id) 1279 CheckForbiddenStatus(t, resp) 1280 if resp.Error == nil { 1281 t.Fatalf("Error is nil") 1282 } 1283 Client.Logout() 1284 1285 // Regular user can add a member to a team they belong to. 1286 th.LoginBasic() 1287 tm, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1288 CheckNoError(t, resp) 1289 CheckCreatedStatus(t, resp) 1290 1291 // Check all the returned data. 1292 if tm == nil { 1293 t.Fatal("should have returned team member") 1294 } 1295 1296 if tm.UserId != otherUser.Id { 1297 t.Fatal("user ids should have matched") 1298 } 1299 1300 if tm.TeamId != team.Id { 1301 t.Fatal("team ids should have matched") 1302 } 1303 1304 // Check with various invalid requests. 1305 tm, resp = Client.AddTeamMember(team.Id, "junk") 1306 CheckBadRequestStatus(t, resp) 1307 1308 if tm != nil { 1309 t.Fatal("should have not returned team member") 1310 } 1311 1312 _, resp = Client.AddTeamMember("junk", otherUser.Id) 1313 CheckBadRequestStatus(t, resp) 1314 1315 _, resp = Client.AddTeamMember(GenerateTestId(), otherUser.Id) 1316 CheckForbiddenStatus(t, resp) 1317 1318 _, resp = Client.AddTeamMember(team.Id, GenerateTestId()) 1319 CheckNotFoundStatus(t, resp) 1320 1321 Client.Logout() 1322 1323 // Check the appropriate permissions are enforced. 1324 defaultRolePermissions := th.SaveDefaultRolePermissions() 1325 defer func() { 1326 th.RestoreDefaultRolePermissions(defaultRolePermissions) 1327 }() 1328 1329 // Set the config so that only team admins can add a user to a team. 1330 th.AddPermissionToRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_ADMIN_ROLE_ID) 1331 th.AddPermissionToRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_ADMIN_ROLE_ID) 1332 th.RemovePermissionFromRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_USER_ROLE_ID) 1333 th.RemovePermissionFromRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_USER_ROLE_ID) 1334 1335 th.LoginBasic() 1336 1337 // Check that a regular user can't add someone to the team. 1338 _, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1339 CheckForbiddenStatus(t, resp) 1340 1341 // Update user to team admin 1342 th.UpdateUserToTeamAdmin(th.BasicUser, th.BasicTeam) 1343 th.App.InvalidateAllCaches() 1344 th.LoginBasic() 1345 1346 // Should work as a team admin. 1347 _, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1348 CheckNoError(t, resp) 1349 1350 // Change permission level to team user 1351 th.AddPermissionToRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_USER_ROLE_ID) 1352 th.AddPermissionToRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_USER_ROLE_ID) 1353 th.RemovePermissionFromRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_ADMIN_ROLE_ID) 1354 th.RemovePermissionFromRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_ADMIN_ROLE_ID) 1355 1356 th.UpdateUserToNonTeamAdmin(th.BasicUser, th.BasicTeam) 1357 th.App.InvalidateAllCaches() 1358 th.LoginBasic() 1359 1360 // Should work as a regular user. 1361 _, resp = Client.AddTeamMember(team.Id, otherUser.Id) 1362 CheckNoError(t, resp) 1363 1364 // by hash and data 1365 Client.Login(otherUser.Email, otherUser.Password) 1366 1367 dataObject := make(map[string]string) 1368 dataObject["time"] = fmt.Sprintf("%v", model.GetMillis()) 1369 dataObject["id"] = team.Id 1370 1371 data := model.MapToJson(dataObject) 1372 hashed := utils.HashSha256(fmt.Sprintf("%v:%v", data, th.App.Config().EmailSettings.InviteSalt)) 1373 1374 tm, resp = Client.AddTeamMemberFromInvite(hashed, data, "") 1375 CheckNoError(t, resp) 1376 1377 if tm == nil { 1378 t.Fatal("should have returned team member") 1379 } 1380 1381 if tm.UserId != otherUser.Id { 1382 t.Fatal("user ids should have matched") 1383 } 1384 1385 if tm.TeamId != team.Id { 1386 t.Fatal("team ids should have matched") 1387 } 1388 1389 tm, resp = Client.AddTeamMemberFromInvite("junk", data, "") 1390 CheckBadRequestStatus(t, resp) 1391 1392 if tm != nil { 1393 t.Fatal("should have not returned team member") 1394 } 1395 1396 _, resp = Client.AddTeamMemberFromInvite(hashed, "junk", "") 1397 CheckBadRequestStatus(t, resp) 1398 1399 // expired data of more than 50 hours 1400 dataObject["time"] = fmt.Sprintf("%v", model.GetMillis()-1000*60*60*50) 1401 data = model.MapToJson(dataObject) 1402 hashed = utils.HashSha256(fmt.Sprintf("%v:%v", data, th.App.Config().EmailSettings.InviteSalt)) 1403 1404 tm, resp = Client.AddTeamMemberFromInvite(hashed, data, "") 1405 CheckBadRequestStatus(t, resp) 1406 1407 // invalid team id 1408 dataObject["id"] = GenerateTestId() 1409 data = model.MapToJson(dataObject) 1410 hashed = utils.HashSha256(fmt.Sprintf("%v:%v", data, th.App.Config().EmailSettings.InviteSalt)) 1411 1412 tm, resp = Client.AddTeamMemberFromInvite(hashed, data, "") 1413 CheckBadRequestStatus(t, resp) 1414 1415 // by invite_id 1416 Client.Login(otherUser.Email, otherUser.Password) 1417 1418 tm, resp = Client.AddTeamMemberFromInvite("", "", team.InviteId) 1419 CheckNoError(t, resp) 1420 1421 if tm == nil { 1422 t.Fatal("should have returned team member") 1423 } 1424 1425 if tm.UserId != otherUser.Id { 1426 t.Fatal("user ids should have matched") 1427 } 1428 1429 if tm.TeamId != team.Id { 1430 t.Fatal("team ids should have matched") 1431 } 1432 1433 tm, resp = Client.AddTeamMemberFromInvite("", "", "junk") 1434 CheckNotFoundStatus(t, resp) 1435 1436 if tm != nil { 1437 t.Fatal("should have not returned team member") 1438 } 1439 } 1440 1441 func TestAddTeamMembers(t *testing.T) { 1442 th := Setup().InitBasic().InitSystemAdmin() 1443 defer th.TearDown() 1444 Client := th.Client 1445 team := th.BasicTeam 1446 otherUser := th.CreateUser() 1447 userList := []string{ 1448 otherUser.Id, 1449 } 1450 1451 if err := th.App.RemoveUserFromTeam(th.BasicTeam.Id, th.BasicUser2.Id, ""); err != nil { 1452 t.Fatalf(err.Error()) 1453 } 1454 1455 // Regular user can't add a member to a team they don't belong to. 1456 th.LoginBasic2() 1457 tm, resp := Client.AddTeamMembers(team.Id, userList) 1458 CheckForbiddenStatus(t, resp) 1459 Client.Logout() 1460 1461 // Regular user can add a member to a team they belong to. 1462 th.LoginBasic() 1463 tm, resp = Client.AddTeamMembers(team.Id, userList) 1464 CheckNoError(t, resp) 1465 CheckCreatedStatus(t, resp) 1466 1467 // Check all the returned data. 1468 if tm[0] == nil { 1469 t.Fatal("should have returned team member") 1470 } 1471 1472 if tm[0].UserId != otherUser.Id { 1473 t.Fatal("user ids should have matched") 1474 } 1475 1476 if tm[0].TeamId != team.Id { 1477 t.Fatal("team ids should have matched") 1478 } 1479 1480 // Check with various invalid requests. 1481 _, resp = Client.AddTeamMembers("junk", userList) 1482 CheckBadRequestStatus(t, resp) 1483 1484 _, resp = Client.AddTeamMembers(GenerateTestId(), userList) 1485 CheckForbiddenStatus(t, resp) 1486 1487 testUserList := append(userList, GenerateTestId()) 1488 _, resp = Client.AddTeamMembers(team.Id, testUserList) 1489 CheckNotFoundStatus(t, resp) 1490 1491 // Test with many users. 1492 for i := 0; i < 25; i++ { 1493 testUserList = append(testUserList, GenerateTestId()) 1494 } 1495 _, resp = Client.AddTeamMembers(team.Id, testUserList) 1496 CheckBadRequestStatus(t, resp) 1497 1498 Client.Logout() 1499 1500 // Check the appropriate permissions are enforced. 1501 defaultRolePermissions := th.SaveDefaultRolePermissions() 1502 defer func() { 1503 th.RestoreDefaultRolePermissions(defaultRolePermissions) 1504 }() 1505 1506 // Set the config so that only team admins can add a user to a team. 1507 th.AddPermissionToRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_ADMIN_ROLE_ID) 1508 th.AddPermissionToRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_ADMIN_ROLE_ID) 1509 th.RemovePermissionFromRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_USER_ROLE_ID) 1510 th.RemovePermissionFromRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_USER_ROLE_ID) 1511 1512 th.LoginBasic() 1513 1514 // Check that a regular user can't add someone to the team. 1515 _, resp = Client.AddTeamMembers(team.Id, userList) 1516 CheckForbiddenStatus(t, resp) 1517 1518 // Update user to team admin 1519 th.UpdateUserToTeamAdmin(th.BasicUser, th.BasicTeam) 1520 th.App.InvalidateAllCaches() 1521 th.LoginBasic() 1522 1523 // Should work as a team admin. 1524 _, resp = Client.AddTeamMembers(team.Id, userList) 1525 CheckNoError(t, resp) 1526 1527 // Change permission level to team user 1528 th.AddPermissionToRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_USER_ROLE_ID) 1529 th.AddPermissionToRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_USER_ROLE_ID) 1530 th.RemovePermissionFromRole(model.PERMISSION_INVITE_USER.Id, model.TEAM_ADMIN_ROLE_ID) 1531 th.RemovePermissionFromRole(model.PERMISSION_ADD_USER_TO_TEAM.Id, model.TEAM_ADMIN_ROLE_ID) 1532 1533 th.UpdateUserToNonTeamAdmin(th.BasicUser, th.BasicTeam) 1534 th.App.InvalidateAllCaches() 1535 th.LoginBasic() 1536 1537 // Should work as a regular user. 1538 _, resp = Client.AddTeamMembers(team.Id, userList) 1539 CheckNoError(t, resp) 1540 } 1541 1542 func TestRemoveTeamMember(t *testing.T) { 1543 th := Setup().InitBasic().InitSystemAdmin() 1544 defer th.TearDown() 1545 Client := th.Client 1546 1547 pass, resp := Client.RemoveTeamMember(th.BasicTeam.Id, th.BasicUser.Id) 1548 CheckNoError(t, resp) 1549 1550 if !pass { 1551 t.Fatal("should have passed") 1552 } 1553 1554 _, resp = th.SystemAdminClient.AddTeamMember(th.BasicTeam.Id, th.BasicUser.Id) 1555 CheckNoError(t, resp) 1556 1557 _, resp = Client.RemoveTeamMember(th.BasicTeam.Id, "junk") 1558 CheckBadRequestStatus(t, resp) 1559 1560 _, resp = Client.RemoveTeamMember("junk", th.BasicUser2.Id) 1561 CheckBadRequestStatus(t, resp) 1562 1563 _, resp = Client.RemoveTeamMember(th.BasicTeam.Id, th.BasicUser2.Id) 1564 CheckForbiddenStatus(t, resp) 1565 1566 _, resp = Client.RemoveTeamMember(model.NewId(), th.BasicUser.Id) 1567 CheckNotFoundStatus(t, resp) 1568 1569 _, resp = th.SystemAdminClient.RemoveTeamMember(th.BasicTeam.Id, th.BasicUser.Id) 1570 CheckNoError(t, resp) 1571 } 1572 1573 func TestGetTeamStats(t *testing.T) { 1574 th := Setup().InitBasic().InitSystemAdmin() 1575 defer th.TearDown() 1576 Client := th.Client 1577 team := th.BasicTeam 1578 1579 rstats, resp := Client.GetTeamStats(team.Id, "") 1580 CheckNoError(t, resp) 1581 1582 if rstats.TeamId != team.Id { 1583 t.Fatal("wrong team id") 1584 } 1585 1586 if rstats.TotalMemberCount != 3 { 1587 t.Fatal("wrong count") 1588 } 1589 1590 if rstats.ActiveMemberCount != 3 { 1591 t.Fatal("wrong count") 1592 } 1593 1594 _, resp = Client.GetTeamStats("junk", "") 1595 CheckBadRequestStatus(t, resp) 1596 1597 _, resp = Client.GetTeamStats(model.NewId(), "") 1598 CheckForbiddenStatus(t, resp) 1599 1600 _, resp = th.SystemAdminClient.GetTeamStats(team.Id, "") 1601 CheckNoError(t, resp) 1602 1603 // deactivate BasicUser2 1604 th.UpdateActiveUser(th.BasicUser2, false) 1605 1606 rstats, resp = th.SystemAdminClient.GetTeamStats(team.Id, "") 1607 CheckNoError(t, resp) 1608 1609 if rstats.TotalMemberCount != 3 { 1610 t.Fatal("wrong count") 1611 } 1612 1613 if rstats.ActiveMemberCount != 2 { 1614 t.Fatal("wrong count") 1615 } 1616 1617 // login with different user and test if forbidden 1618 user := th.CreateUser() 1619 Client.Login(user.Email, user.Password) 1620 _, resp = Client.GetTeamStats(th.BasicTeam.Id, "") 1621 CheckForbiddenStatus(t, resp) 1622 1623 Client.Logout() 1624 _, resp = Client.GetTeamStats(th.BasicTeam.Id, "") 1625 CheckUnauthorizedStatus(t, resp) 1626 } 1627 1628 func TestUpdateTeamMemberRoles(t *testing.T) { 1629 th := Setup().InitBasic().InitSystemAdmin() 1630 defer th.TearDown() 1631 Client := th.Client 1632 SystemAdminClient := th.SystemAdminClient 1633 1634 const TEAM_MEMBER = "team_user" 1635 const TEAM_ADMIN = "team_user team_admin" 1636 1637 // user 1 tries to promote user 2 1638 ok, resp := Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_ADMIN) 1639 CheckForbiddenStatus(t, resp) 1640 if ok { 1641 t.Fatal("should have returned false") 1642 } 1643 1644 // user 1 tries to promote himself 1645 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser.Id, TEAM_ADMIN) 1646 CheckForbiddenStatus(t, resp) 1647 1648 // user 1 tries to demote someone 1649 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.SystemAdminUser.Id, TEAM_MEMBER) 1650 CheckForbiddenStatus(t, resp) 1651 1652 // system admin promotes user 1 1653 ok, resp = SystemAdminClient.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser.Id, TEAM_ADMIN) 1654 CheckNoError(t, resp) 1655 if !ok { 1656 t.Fatal("should have returned true") 1657 } 1658 1659 // user 1 (team admin) promotes user 2 1660 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_ADMIN) 1661 CheckNoError(t, resp) 1662 1663 // user 1 (team admin) demotes user 2 (team admin) 1664 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_MEMBER) 1665 CheckNoError(t, resp) 1666 1667 // user 1 (team admin) tries to demote system admin (not member of a team) 1668 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.SystemAdminUser.Id, TEAM_MEMBER) 1669 CheckBadRequestStatus(t, resp) 1670 1671 // user 1 (team admin) demotes system admin (member of a team) 1672 th.LinkUserToTeam(th.SystemAdminUser, th.BasicTeam) 1673 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.SystemAdminUser.Id, TEAM_MEMBER) 1674 CheckNoError(t, resp) 1675 // Note from API v3 1676 // Note to anyone who thinks this (above) test is wrong: 1677 // This operation will not affect the system admin's permissions because they have global access to all teams. 1678 // Their team level permissions are irrelevant. A team admin should be able to manage team level permissions. 1679 1680 // System admins should be able to manipulate permission no matter what their team level permissions are. 1681 // system admin promotes user 2 1682 _, resp = SystemAdminClient.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_ADMIN) 1683 CheckNoError(t, resp) 1684 1685 // system admin demotes user 2 (team admin) 1686 _, resp = SystemAdminClient.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser2.Id, TEAM_MEMBER) 1687 CheckNoError(t, resp) 1688 1689 // user 1 (team admin) tries to promote himself to a random team 1690 _, resp = Client.UpdateTeamMemberRoles(model.NewId(), th.BasicUser.Id, TEAM_ADMIN) 1691 CheckForbiddenStatus(t, resp) 1692 1693 // user 1 (team admin) tries to promote a random user 1694 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, model.NewId(), TEAM_ADMIN) 1695 CheckBadRequestStatus(t, resp) 1696 1697 // user 1 (team admin) tries to promote invalid team permission 1698 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser.Id, "junk") 1699 CheckBadRequestStatus(t, resp) 1700 1701 // user 1 (team admin) demotes himself 1702 _, resp = Client.UpdateTeamMemberRoles(th.BasicTeam.Id, th.BasicUser.Id, TEAM_MEMBER) 1703 CheckNoError(t, resp) 1704 } 1705 1706 func TestGetMyTeamsUnread(t *testing.T) { 1707 th := Setup().InitBasic().InitSystemAdmin() 1708 defer th.TearDown() 1709 Client := th.Client 1710 1711 user := th.BasicUser 1712 Client.Login(user.Email, user.Password) 1713 1714 teams, resp := Client.GetTeamsUnreadForUser(user.Id, "") 1715 CheckNoError(t, resp) 1716 if len(teams) == 0 { 1717 t.Fatal("should have results") 1718 } 1719 1720 teams, resp = Client.GetTeamsUnreadForUser(user.Id, th.BasicTeam.Id) 1721 CheckNoError(t, resp) 1722 if len(teams) != 0 { 1723 t.Fatal("should not have results") 1724 } 1725 1726 _, resp = Client.GetTeamsUnreadForUser("fail", "") 1727 CheckBadRequestStatus(t, resp) 1728 1729 _, resp = Client.GetTeamsUnreadForUser(model.NewId(), "") 1730 CheckForbiddenStatus(t, resp) 1731 1732 Client.Logout() 1733 _, resp = Client.GetTeamsUnreadForUser(user.Id, "") 1734 CheckUnauthorizedStatus(t, resp) 1735 } 1736 1737 func TestTeamExists(t *testing.T) { 1738 th := Setup().InitBasic().InitSystemAdmin() 1739 defer th.TearDown() 1740 Client := th.Client 1741 team := th.BasicTeam 1742 1743 th.LoginBasic() 1744 1745 exists, resp := Client.TeamExists(team.Name, "") 1746 CheckNoError(t, resp) 1747 if !exists { 1748 t.Fatal("team should exist") 1749 } 1750 1751 exists, resp = Client.TeamExists("testingteam", "") 1752 CheckNoError(t, resp) 1753 if exists { 1754 t.Fatal("team should not exist") 1755 } 1756 1757 Client.Logout() 1758 _, resp = Client.TeamExists(team.Name, "") 1759 CheckUnauthorizedStatus(t, resp) 1760 } 1761 1762 func TestImportTeam(t *testing.T) { 1763 th := Setup().InitBasic().InitSystemAdmin() 1764 defer th.TearDown() 1765 1766 t.Run("ImportTeam", func(t *testing.T) { 1767 var data []byte 1768 var err error 1769 data, err = readTestFile("Fake_Team_Import.zip") 1770 if err != nil && len(data) == 0 { 1771 t.Fatal("Error while reading the test file.") 1772 } 1773 1774 // Import the channels/users/posts 1775 fileResp, resp := th.SystemAdminClient.ImportTeam(data, binary.Size(data), "slack", "Fake_Team_Import.zip", th.BasicTeam.Id) 1776 CheckNoError(t, resp) 1777 1778 fileData, err := base64.StdEncoding.DecodeString(fileResp["results"]) 1779 if err != nil { 1780 t.Fatal("failed to decode base64 results data") 1781 } 1782 1783 fileReturned := fmt.Sprintf("%s", fileData) 1784 if !strings.Contains(fileReturned, "darth.vader@stardeath.com") { 1785 t.Log(fileReturned) 1786 t.Fatal("failed to report the user was imported") 1787 } 1788 1789 // Checking the imported users 1790 importedUser, resp := th.SystemAdminClient.GetUserByUsername("bot_test", "") 1791 CheckNoError(t, resp) 1792 if importedUser.Username != "bot_test" { 1793 t.Fatal("username should match with the imported user") 1794 } 1795 1796 importedUser, resp = th.SystemAdminClient.GetUserByUsername("lordvader", "") 1797 CheckNoError(t, resp) 1798 if importedUser.Username != "lordvader" { 1799 t.Fatal("username should match with the imported user") 1800 } 1801 1802 // Checking the imported Channels 1803 importedChannel, resp := th.SystemAdminClient.GetChannelByName("testchannel", th.BasicTeam.Id, "") 1804 CheckNoError(t, resp) 1805 if importedChannel.Name != "testchannel" { 1806 t.Fatal("names did not match expected: testchannel") 1807 } 1808 1809 importedChannel, resp = th.SystemAdminClient.GetChannelByName("general", th.BasicTeam.Id, "") 1810 CheckNoError(t, resp) 1811 if importedChannel.Name != "general" { 1812 t.Fatal("names did not match expected: general") 1813 } 1814 1815 posts, resp := th.SystemAdminClient.GetPostsForChannel(importedChannel.Id, 0, 60, "") 1816 CheckNoError(t, resp) 1817 if posts.Posts[posts.Order[3]].Message != "This is a test post to test the import process" { 1818 t.Fatal("missing posts in the import process") 1819 } 1820 }) 1821 1822 t.Run("MissingFile", func(t *testing.T) { 1823 _, resp := th.SystemAdminClient.ImportTeam(nil, 4343, "slack", "Fake_Team_Import.zip", th.BasicTeam.Id) 1824 CheckBadRequestStatus(t, resp) 1825 }) 1826 1827 t.Run("WrongPermission", func(t *testing.T) { 1828 var data []byte 1829 var err error 1830 data, err = readTestFile("Fake_Team_Import.zip") 1831 if err != nil && len(data) == 0 { 1832 t.Fatal("Error while reading the test file.") 1833 } 1834 1835 // Import the channels/users/posts 1836 _, resp := th.Client.ImportTeam(data, binary.Size(data), "slack", "Fake_Team_Import.zip", th.BasicTeam.Id) 1837 CheckForbiddenStatus(t, resp) 1838 }) 1839 } 1840 1841 func TestInviteUsersToTeam(t *testing.T) { 1842 th := Setup().InitBasic().InitSystemAdmin() 1843 defer th.TearDown() 1844 1845 user1 := th.GenerateTestEmail() 1846 user2 := th.GenerateTestEmail() 1847 1848 emailList := []string{user1, user2} 1849 1850 //Delete all the messages before check the sample email 1851 utils.DeleteMailBox(user1) 1852 utils.DeleteMailBox(user2) 1853 1854 okMsg, resp := th.SystemAdminClient.InviteUsersToTeam(th.BasicTeam.Id, emailList) 1855 CheckNoError(t, resp) 1856 if !okMsg { 1857 t.Fatal("should return true") 1858 } 1859 1860 nameFormat := *th.App.Config().TeamSettings.TeammateNameDisplay 1861 expectedSubject := utils.T("api.templates.invite_subject", 1862 map[string]interface{}{"SenderName": th.SystemAdminUser.GetDisplayName(nameFormat), 1863 "TeamDisplayName": th.BasicTeam.DisplayName, 1864 "SiteName": th.App.ClientConfig()["SiteName"]}) 1865 1866 //Check if the email was send to the rigth email address 1867 for _, email := range emailList { 1868 var resultsMailbox utils.JSONMessageHeaderInbucket 1869 err := utils.RetryInbucket(5, func() error { 1870 var err error 1871 resultsMailbox, err = utils.GetMailBox(email) 1872 return err 1873 }) 1874 if err != nil { 1875 t.Log(err) 1876 t.Log("No email was received, maybe due load on the server. Disabling this verification") 1877 } 1878 if err == nil && len(resultsMailbox) > 0 { 1879 if !strings.ContainsAny(resultsMailbox[len(resultsMailbox)-1].To[0], email) { 1880 t.Fatal("Wrong To recipient") 1881 } else { 1882 if resultsEmail, err := utils.GetMessageFromMailbox(email, resultsMailbox[len(resultsMailbox)-1].ID); err == nil { 1883 if resultsEmail.Subject != expectedSubject { 1884 t.Log(resultsEmail.Subject) 1885 t.Log(expectedSubject) 1886 t.Fatal("Wrong Subject") 1887 } 1888 } 1889 } 1890 } 1891 } 1892 1893 th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.RestrictCreationToDomains = "@example.com" }) 1894 1895 err := th.App.InviteNewUsersToTeam(emailList, th.BasicTeam.Id, th.BasicUser.Id) 1896 1897 if err == nil { 1898 t.Fatal("Adding users with non-restricted domains was allowed") 1899 } 1900 if err.Where != "InviteNewUsersToTeam" || err.Id != "api.team.invite_members.invalid_email.app_error" { 1901 t.Log(err) 1902 t.Fatal("Got wrong error message!") 1903 } 1904 } 1905 1906 func TestGetTeamInviteInfo(t *testing.T) { 1907 th := Setup().InitBasic().InitSystemAdmin() 1908 defer th.TearDown() 1909 Client := th.Client 1910 team := th.BasicTeam 1911 1912 team, resp := Client.GetTeamInviteInfo(team.InviteId) 1913 CheckNoError(t, resp) 1914 1915 if team.DisplayName == "" { 1916 t.Fatal("should not be empty") 1917 } 1918 1919 if team.Email != "" { 1920 t.Fatal("should be empty") 1921 } 1922 1923 team.InviteId = "12345678901234567890123456789012" 1924 team, resp = th.SystemAdminClient.UpdateTeam(team) 1925 CheckNoError(t, resp) 1926 1927 team, resp = Client.GetTeamInviteInfo(team.InviteId) 1928 CheckNoError(t, resp) 1929 1930 _, resp = Client.GetTeamInviteInfo("junk") 1931 CheckNotFoundStatus(t, resp) 1932 } 1933 1934 func TestSetTeamIcon(t *testing.T) { 1935 th := Setup().InitBasic().InitSystemAdmin() 1936 defer th.TearDown() 1937 Client := th.Client 1938 team := th.BasicTeam 1939 1940 data, err := readTestFile("test.png") 1941 if err != nil { 1942 t.Fatal(err) 1943 } 1944 1945 th.LoginTeamAdmin() 1946 1947 ok, resp := Client.SetTeamIcon(team.Id, data) 1948 if !ok { 1949 t.Fatal(resp.Error) 1950 } 1951 CheckNoError(t, resp) 1952 1953 ok, resp = Client.SetTeamIcon(model.NewId(), data) 1954 if ok { 1955 t.Fatal("Should return false, set team icon not allowed") 1956 } 1957 CheckForbiddenStatus(t, resp) 1958 1959 th.LoginBasic() 1960 1961 _, resp = Client.SetTeamIcon(team.Id, data) 1962 if resp.StatusCode == http.StatusForbidden { 1963 CheckForbiddenStatus(t, resp) 1964 } else if resp.StatusCode == http.StatusUnauthorized { 1965 CheckUnauthorizedStatus(t, resp) 1966 } else { 1967 t.Fatal("Should have failed either forbidden or unauthorized") 1968 } 1969 1970 Client.Logout() 1971 1972 _, resp = Client.SetTeamIcon(team.Id, data) 1973 if resp.StatusCode == http.StatusForbidden { 1974 CheckForbiddenStatus(t, resp) 1975 } else if resp.StatusCode == http.StatusUnauthorized { 1976 CheckUnauthorizedStatus(t, resp) 1977 } else { 1978 t.Fatal("Should have failed either forbidden or unauthorized") 1979 } 1980 1981 teamBefore, err := th.App.GetTeam(team.Id) 1982 require.Nil(t, err) 1983 1984 _, resp = th.SystemAdminClient.SetTeamIcon(team.Id, data) 1985 CheckNoError(t, resp) 1986 1987 teamAfter, err := th.App.GetTeam(team.Id) 1988 require.Nil(t, err) 1989 assert.True(t, teamBefore.LastTeamIconUpdate < teamAfter.LastTeamIconUpdate, "LastTeamIconUpdate should have been updated for team") 1990 1991 info := &model.FileInfo{Path: "teams/" + team.Id + "/teamIcon.png"} 1992 if err := th.cleanupTestFile(info); err != nil { 1993 t.Fatal(err) 1994 } 1995 } 1996 1997 func TestGetTeamIcon(t *testing.T) { 1998 th := Setup().InitBasic().InitSystemAdmin() 1999 defer th.TearDown() 2000 Client := th.Client 2001 team := th.BasicTeam 2002 2003 // should always fail because no initial image and no auto creation 2004 _, resp := Client.GetTeamIcon(team.Id, "") 2005 CheckNotFoundStatus(t, resp) 2006 2007 Client.Logout() 2008 2009 _, resp = Client.GetTeamIcon(team.Id, "") 2010 CheckUnauthorizedStatus(t, resp) 2011 }