github.com/gigforks/mattermost-server@v4.9.1-0.20180619094218-800d97fa55d0+incompatible/api/user_test.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api 5 6 import ( 7 "bytes" 8 "image" 9 "image/color" 10 "io" 11 "mime/multipart" 12 "net/http" 13 "os" 14 "path/filepath" 15 "strings" 16 "testing" 17 "time" 18 19 "github.com/stretchr/testify/assert" 20 21 "github.com/mattermost/mattermost-server/app" 22 "github.com/mattermost/mattermost-server/model" 23 "github.com/mattermost/mattermost-server/store" 24 "github.com/mattermost/mattermost-server/utils" 25 ) 26 27 func TestCreateUser(t *testing.T) { 28 th := Setup() 29 defer th.TearDown() 30 31 Client := th.CreateClient() 32 33 user := model.User{Email: strings.ToLower("success+"+model.NewId()) + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "hello1", Username: "n" + model.NewId()} 34 35 ruser, err := Client.CreateUser(&user, "") 36 if err != nil { 37 t.Fatal(err) 38 } 39 40 Client.Login(user.Email, user.Password) 41 42 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 43 rteam, _ := Client.CreateTeam(&team) 44 45 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 46 47 if ruser.Data.(*model.User).Nickname != user.Nickname { 48 t.Fatal("nickname didn't match") 49 } 50 51 if ruser.Data.(*model.User).Password != "" { 52 t.Fatal("password wasn't blank") 53 } 54 55 if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err == nil { 56 t.Fatal("Cannot create an existing") 57 } 58 59 ruser.Data.(*model.User).Id = "" 60 ruser.Data.(*model.User).Username = "n" + model.NewId() 61 ruser.Data.(*model.User).Password = "passwd1" 62 if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err != nil { 63 if err.Message != "An account with that email already exists." { 64 t.Fatal(err) 65 } 66 } 67 68 ruser.Data.(*model.User).Email = "success+" + model.NewId() + "@simulator.amazonses.com" 69 ruser.Data.(*model.User).Username = user.Username 70 if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err != nil { 71 if err.Message != "An account with that username already exists." { 72 t.Fatal(err) 73 } 74 } 75 76 ruser.Data.(*model.User).Email = "" 77 if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err != nil { 78 if err.Message != "Invalid email" { 79 t.Fatal(err) 80 } 81 } 82 83 if _, err := Client.DoApiPost("/users/create", "garbage"); err == nil { 84 t.Fatal("should have been an error") 85 } 86 } 87 88 func TestLogin(t *testing.T) { 89 th := Setup().InitBasic() 90 defer th.TearDown() 91 92 Client := th.BasicClient 93 94 th.App.UpdateConfig(func(cfg *model.Config) { 95 *cfg.EmailSettings.EnableSignInWithEmail = false 96 *cfg.EmailSettings.EnableSignInWithUsername = false 97 *cfg.LdapSettings.Enable = false 98 }) 99 100 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 101 rteam, _ := Client.CreateTeam(&team) 102 103 team2 := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_INVITE} 104 rteam2 := Client.Must(Client.CreateTeam(&team2)) 105 106 Client.Logout() 107 108 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Username: "corey" + model.NewId(), Password: "passwd1"} 109 ruser, _ := Client.CreateUser(&user, "") 110 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 111 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 112 113 if result, err := Client.LoginById(ruser.Data.(*model.User).Id, user.Password); err != nil { 114 t.Fatal(err) 115 } else { 116 if result.Data.(*model.User).Email != user.Email { 117 t.Fatal("emails didn't match") 118 } 119 } 120 121 if _, err := Client.Login(user.Email, user.Password); err == nil { 122 t.Fatal("shouldn't be able to log in by email when disabled") 123 } 124 125 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.EmailSettings.EnableSignInWithEmail = true }) 126 if result, err := Client.Login(user.Email, user.Password); err != nil { 127 t.Fatal(err) 128 } else { 129 if result.Data.(*model.User).Email != user.Email { 130 t.Fatal("emails didn't match") 131 } 132 } 133 134 if _, err := Client.Login(user.Username, user.Password); err == nil { 135 t.Fatal("shouldn't be able to log in by username when disabled") 136 } 137 138 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.EmailSettings.EnableSignInWithUsername = true }) 139 if result, err := Client.Login(user.Username, user.Password); err != nil { 140 t.Fatal(err) 141 } else { 142 if result.Data.(*model.User).Email != user.Email { 143 t.Fatal("emails didn't match") 144 } 145 } 146 147 if _, err := Client.Login(user.Email, user.Password+"invalid"); err == nil { 148 t.Fatal("Invalid Password") 149 } 150 151 if _, err := Client.Login(user.Username, user.Password+"invalid"); err == nil { 152 t.Fatal("Invalid Password") 153 } 154 155 if _, err := Client.Login("", user.Password); err == nil { 156 t.Fatal("should have failed") 157 } 158 159 if _, err := Client.Login("", user.Password); err == nil { 160 t.Fatal("should have failed") 161 } 162 163 authToken := Client.AuthToken 164 Client.AuthToken = "invalid" 165 166 if _, err := Client.GetUser(ruser.Data.(*model.User).Id, ""); err == nil { 167 t.Fatal("should have failed") 168 } 169 170 Client.AuthToken = "" 171 172 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 173 174 if _, err := Client.CreateUserFromSignup(&user2, "junk", "1231312"); err == nil { 175 t.Fatal("Should have errored, signed up without hashed email") 176 } 177 178 token := model.NewToken( 179 app.TOKEN_TYPE_TEAM_INVITATION, 180 model.MapToJson(map[string]string{"teamId": rteam2.Data.(*model.Team).Id, "email": user2.Email}), 181 ) 182 <-th.App.Srv.Store.Token().Save(token) 183 props := make(map[string]string) 184 props["email"] = user2.Email 185 props["display_name"] = rteam2.Data.(*model.Team).DisplayName 186 data := model.MapToJson(props) 187 188 ruser2, err := Client.CreateUserFromSignup(&user2, data, token.Token) 189 if err != nil { 190 t.Fatal(err) 191 } 192 if result := <-th.App.Srv.Store.Token().GetByToken(token.Token); result.Err == nil { 193 t.Fatal("The token must be deleted after be used") 194 } 195 196 if _, err := Client.Login(ruser2.Data.(*model.User).Email, user2.Password); err != nil { 197 t.Fatal("From verified token") 198 } 199 200 Client.AuthToken = authToken 201 202 user3 := &model.User{ 203 Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", 204 Nickname: "Corey Hulen", 205 Username: "corey" + model.NewId(), 206 Password: "passwd1", 207 AuthService: model.USER_AUTH_SERVICE_LDAP, 208 } 209 ruser3 := Client.Must(Client.CreateUser(user3, "")).Data.(*model.User) 210 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser3.Id)) 211 212 if _, err := Client.Login(ruser3.Id, user3.Password); err == nil { 213 t.Fatal("AD/LDAP user should not be able to log in with AD/LDAP disabled") 214 } 215 } 216 217 func TestLoginUnverifiedEmail(t *testing.T) { 218 assert := assert.New(t) 219 220 th := Setup().InitBasic() 221 defer th.TearDown() 222 223 Client := th.BasicClient 224 225 th.App.UpdateConfig(func(cfg *model.Config) { 226 *cfg.EmailSettings.EnableSignInWithEmail = true 227 cfg.EmailSettings.RequireEmailVerification = true 228 }) 229 230 Client.Logout() 231 232 user := &model.User{ 233 Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", 234 Nickname: "Corey Hulen", 235 Username: "corey" + model.NewId(), 236 Password: "passwd1", 237 EmailVerified: false, 238 } 239 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 240 241 _, err := Client.Login(user.Email, user.Password+"invalid") 242 if assert.NotNil(err) { 243 assert.Equal("api.user.check_user_password.invalid.app_error", err.Id) 244 } 245 246 _, err = Client.Login(user.Email, "passwd1") 247 if assert.NotNil(err) { 248 assert.Equal("api.user.login.not_verified.app_error", err.Id) 249 } 250 } 251 252 func TestLoginByLdap(t *testing.T) { 253 th := Setup().InitBasic() 254 defer th.TearDown() 255 256 Client := th.BasicClient 257 258 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 259 rteam, _ := Client.CreateTeam(&team) 260 261 Client.Logout() 262 263 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Username: "corey" + model.NewId(), Password: "passwd1"} 264 ruser, _ := Client.CreateUser(&user, "") 265 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 266 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 267 268 if _, err := Client.LoginByLdap(ruser.Data.(*model.User).Id, user.Password); err == nil { 269 t.Fatal("should have failed to log in with non AD/LDAP user") 270 } 271 } 272 273 func TestLoginWithDeviceId(t *testing.T) { 274 th := Setup().InitBasic() 275 defer th.TearDown() 276 277 Client := th.BasicClient 278 user := th.BasicUser 279 Client.Must(Client.Logout()) 280 281 deviceId := model.NewId() 282 if result, err := Client.LoginWithDevice(user.Email, user.Password, deviceId); err != nil { 283 t.Fatal(err) 284 } else { 285 ruser := result.Data.(*model.User) 286 287 if ssresult, err := Client.GetSessions(ruser.Id); err != nil { 288 t.Fatal(err) 289 } else { 290 sessions := ssresult.Data.([]*model.Session) 291 if _, err := Client.LoginWithDevice(user.Email, user.Password, deviceId); err != nil { 292 t.Fatal(err) 293 } 294 295 if sresult := <-th.App.Srv.Store.Session().Get(sessions[0].Id); sresult.Err == nil { 296 t.Fatal("session should have been removed") 297 } 298 } 299 } 300 } 301 302 func TestPasswordGuessLockout(t *testing.T) { 303 th := Setup().InitBasic() 304 defer th.TearDown() 305 306 Client := th.BasicClient 307 user := th.BasicUser 308 Client.Must(Client.Logout()) 309 310 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.EmailSettings.EnableSignInWithEmail = true }) 311 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.MaximumLoginAttempts = 2 }) 312 313 // OK to log in 314 if _, err := Client.Login(user.Username, user.Password); err != nil { 315 t.Fatal(err) 316 } 317 318 Client.Must(Client.Logout()) 319 320 // Fail twice 321 if _, err := Client.Login(user.Email, "notthepassword"); err == nil { 322 t.Fatal("Shouldn't be able to login with bad password.") 323 } 324 if _, err := Client.Login(user.Email, "notthepassword"); err == nil { 325 t.Fatal("Shouldn't be able to login with bad password.") 326 } 327 328 // Locked out 329 if _, err := Client.Login(user.Email, user.Password); err == nil { 330 t.Fatal("Shouldn't be able to login with password when account is locked out.") 331 } 332 } 333 334 func TestSessions(t *testing.T) { 335 th := Setup().InitBasic() 336 defer th.TearDown() 337 338 Client := th.BasicClient 339 user := th.BasicUser 340 Client.Must(Client.Logout()) 341 342 deviceId := model.NewId() 343 Client.LoginWithDevice(user.Email, user.Password, deviceId) 344 Client.Login(user.Email, user.Password) 345 346 r1, err := Client.GetSessions(user.Id) 347 if err != nil { 348 t.Fatal(err) 349 } 350 351 sessions := r1.Data.([]*model.Session) 352 otherSession := "" 353 354 if len(sessions) != 2 { 355 t.Fatal("invalid number of sessions") 356 } 357 358 for _, session := range sessions { 359 if session.DeviceId == deviceId { 360 otherSession = session.Id 361 } 362 363 if len(session.Token) != 0 { 364 t.Fatal("shouldn't return session tokens") 365 } 366 } 367 368 if _, err := Client.RevokeSession(otherSession); err != nil { 369 t.Fatal(err) 370 } 371 372 r2, err := Client.GetSessions(user.Id) 373 if err != nil { 374 t.Fatal(err) 375 } 376 377 sessions2 := r2.Data.([]*model.Session) 378 379 if len(sessions2) != 1 { 380 t.Fatal("invalid number of sessions") 381 } 382 } 383 384 func TestGetUser(t *testing.T) { 385 th := Setup().InitBasic() 386 defer th.TearDown() 387 388 Client := th.BasicClient 389 390 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 391 rteam, _ := Client.CreateTeam(&team) 392 393 team2 := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 394 rteam2, _ := Client.CreateTeam(&team2) 395 396 Client.Logout() 397 398 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 399 ruser, _ := Client.CreateUser(&user, "") 400 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 401 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 402 403 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", FirstName: "Corey", LastName: "Hulen"} 404 ruser2, _ := Client.CreateUser(&user2, "") 405 th.LinkUserToTeam(ruser2.Data.(*model.User), rteam.Data.(*model.Team)) 406 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser2.Data.(*model.User).Id)) 407 408 user3 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 409 ruser3, _ := Client.CreateUser(&user3, "") 410 th.LinkUserToTeam(ruser3.Data.(*model.User), rteam2.Data.(*model.Team)) 411 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser3.Data.(*model.User).Id)) 412 413 Client.Login(user.Email, user.Password) 414 415 rId := ruser.Data.(*model.User).Id 416 if result, err := Client.GetUser(rId, ""); err != nil { 417 t.Fatal("Failed to get user") 418 } else { 419 if result.Data.(*model.User).Password != "" { 420 t.Fatal("User shouldn't have any password data once set") 421 } 422 423 if cache_result, err := Client.GetUser(rId, result.Etag); err != nil { 424 t.Fatal(err) 425 } else if cache_result.Data.(*model.User) != nil { 426 t.Fatal("cache should be empty") 427 } 428 } 429 430 if result, err := Client.GetMe(""); err != nil { 431 t.Fatal("Failed to get user") 432 } else { 433 if result.Data.(*model.User).Password != "" { 434 t.Fatal("User shouldn't have any password data once set") 435 } 436 } 437 438 if _, err := Client.GetUser("FORBIDDENERROR", ""); err == nil { 439 t.Fatal("shouldn't exist") 440 } 441 442 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 443 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 444 445 if result, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err != nil { 446 t.Fatal(err) 447 } else { 448 u := result.Data.(*model.User) 449 if u.Password != "" { 450 t.Fatal("password must be empty") 451 } 452 if *u.AuthData != "" { 453 t.Fatal("auth data must be empty") 454 } 455 if u.Email != "" { 456 t.Fatal("email should be sanitized") 457 } 458 if u.FirstName != "" { 459 t.Fatal("full name should be sanitized") 460 } 461 if u.LastName != "" { 462 t.Fatal("full name should be sanitized") 463 } 464 } 465 466 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 467 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = true }) 468 469 if result, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err != nil { 470 t.Fatal(err) 471 } else { 472 u := result.Data.(*model.User) 473 if u.Email == "" { 474 t.Fatal("email should not be sanitized") 475 } 476 if u.FirstName == "" { 477 t.Fatal("full name should not be sanitized") 478 } 479 if u.LastName == "" { 480 t.Fatal("full name should not be sanitized") 481 } 482 } 483 484 if userMap, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 0, 100, ""); err != nil { 485 t.Fatal(err) 486 } else if len(userMap.Data.(map[string]*model.User)) != 3 { 487 t.Fatal("should have been 3") 488 } else if userMap.Data.(map[string]*model.User)[rId].Id != rId { 489 t.Fatal("should have been valid") 490 } else { 491 492 // test etag caching 493 if cache_result, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 0, 100, userMap.Etag); err != nil { 494 t.Fatal(err) 495 } else if cache_result.Data.(map[string]*model.User) != nil { 496 t.Log(cache_result.Data) 497 t.Fatal("cache should be empty") 498 } 499 } 500 501 if userMap, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 0, 1, ""); err != nil { 502 t.Fatal(err) 503 } else if len(userMap.Data.(map[string]*model.User)) != 1 { 504 t.Fatal("should have been 1") 505 } 506 507 if userMap, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 1, 1, ""); err != nil { 508 t.Fatal(err) 509 } else if len(userMap.Data.(map[string]*model.User)) != 1 { 510 t.Fatal("should have been 1") 511 } 512 513 if userMap, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 10, 10, ""); err != nil { 514 t.Fatal(err) 515 } else if len(userMap.Data.(map[string]*model.User)) != 0 { 516 t.Fatal("should have been 0") 517 } 518 519 if _, err := Client.GetProfilesInTeam(rteam2.Data.(*model.Team).Id, 0, 100, ""); err == nil { 520 t.Fatal("shouldn't have access") 521 } 522 523 Client.AuthToken = "" 524 if _, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err == nil { 525 t.Fatal("shouldn't have accss") 526 } 527 528 th.App.UpdateUserRoles(ruser.Data.(*model.User).Id, model.SYSTEM_ADMIN_ROLE_ID, false) 529 530 Client.Login(user.Email, "passwd1") 531 532 if _, err := Client.GetProfilesInTeam(rteam2.Data.(*model.Team).Id, 0, 100, ""); err != nil { 533 t.Fatal(err) 534 } 535 } 536 537 func TestGetProfiles(t *testing.T) { 538 th := Setup().InitBasic() 539 defer th.TearDown() 540 541 th.BasicClient.Must(th.BasicClient.CreateDirectChannel(th.BasicUser2.Id)) 542 543 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 544 545 if result, err := th.BasicClient.GetProfiles(0, 100, ""); err != nil { 546 t.Fatal(err) 547 } else { 548 users := result.Data.(map[string]*model.User) 549 550 if len(users) < 1 { 551 t.Fatal("map was wrong length") 552 } 553 554 for _, user := range users { 555 if user.Email == "" { 556 t.Fatal("problem with show email") 557 } 558 } 559 560 // test etag caching 561 if cache_result, err := th.BasicClient.GetProfiles(0, 100, result.Etag); err != nil { 562 t.Fatal(err) 563 } else if cache_result.Data.(map[string]*model.User) != nil { 564 t.Log(cache_result.Etag) 565 t.Log(result.Etag) 566 t.Fatal("cache should be empty") 567 } 568 } 569 570 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 571 572 if result, err := th.BasicClient.GetProfiles(0, 100, ""); err != nil { 573 t.Fatal(err) 574 } else { 575 users := result.Data.(map[string]*model.User) 576 577 if len(users) < 1 { 578 t.Fatal("map was wrong length") 579 } 580 581 for _, user := range users { 582 if user.Email != "" { 583 t.Fatal("problem with show email") 584 } 585 } 586 } 587 } 588 589 func TestGetProfilesByIds(t *testing.T) { 590 th := Setup().InitBasic() 591 defer th.TearDown() 592 593 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 594 595 if result, err := th.BasicClient.GetProfilesByIds([]string{th.BasicUser.Id}); err != nil { 596 t.Fatal(err) 597 } else { 598 users := result.Data.(map[string]*model.User) 599 600 if len(users) != 1 { 601 t.Fatal("map was wrong length") 602 } 603 604 for _, user := range users { 605 if user.Email == "" { 606 t.Fatal("problem with show email") 607 } 608 } 609 } 610 611 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 612 613 if result, err := th.BasicClient.GetProfilesByIds([]string{th.BasicUser.Id}); err != nil { 614 t.Fatal(err) 615 } else { 616 users := result.Data.(map[string]*model.User) 617 618 if len(users) != 1 { 619 t.Fatal("map was wrong length") 620 } 621 622 for _, user := range users { 623 if user.Email != "" { 624 t.Fatal("problem with show email") 625 } 626 } 627 } 628 629 if result, err := th.BasicClient.GetProfilesByIds([]string{th.BasicUser.Id, th.BasicUser2.Id}); err != nil { 630 t.Fatal(err) 631 } else { 632 users := result.Data.(map[string]*model.User) 633 634 if len(users) != 2 { 635 t.Fatal("map was wrong length") 636 } 637 } 638 } 639 640 func TestGetAudits(t *testing.T) { 641 th := Setup().InitBasic() 642 defer th.TearDown() 643 644 Client := th.BasicClient 645 646 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 647 rteam, _ := Client.CreateTeam(&team) 648 649 Client.Logout() 650 651 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 652 ruser, _ := Client.CreateUser(&user, "") 653 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 654 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 655 656 time.Sleep(100 * time.Millisecond) 657 658 Client.Login(user.Email, user.Password) 659 660 time.Sleep(100 * time.Millisecond) 661 662 if result, err := Client.GetAudits(ruser.Data.(*model.User).Id, ""); err != nil { 663 t.Fatal(err) 664 } else { 665 666 if len(result.Data.(model.Audits)) != 1 { 667 t.Fatal(result.Data.(model.Audits)) 668 } 669 670 if cache_result, err := Client.GetAudits(ruser.Data.(*model.User).Id, result.Etag); err != nil { 671 t.Fatal(err) 672 } else if cache_result.Data.(model.Audits) != nil { 673 t.Fatal("cache should be empty") 674 } 675 } 676 677 if _, err := Client.GetAudits("FORBIDDENERROR", ""); err == nil { 678 t.Fatal("audit log shouldn't exist") 679 } 680 } 681 682 func TestUserCreateImage(t *testing.T) { 683 th := Setup().InitBasic() 684 defer th.TearDown() 685 686 Client := th.BasicClient 687 688 b, err := app.CreateProfileImage("Corey Hulen", "eo1zkdr96pdj98pjmq8zy35wba", th.App.Config().FileSettings.InitialFont) 689 if err != nil { 690 t.Fatal(err) 691 } 692 693 rdr := bytes.NewReader(b) 694 img, _, err2 := image.Decode(rdr) 695 if err2 != nil { 696 t.Fatal(err) 697 } 698 699 colorful := color.RGBA{116, 49, 196, 255} 700 701 if img.At(1, 1) != colorful { 702 t.Fatal("Failed to create correct color") 703 } 704 705 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 706 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 707 708 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 709 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 710 th.LinkUserToTeam(user, team) 711 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 712 713 Client.Login(user.Email, "passwd1") 714 715 if resp, err := Client.DoApiGet("/users/"+user.Id+"/image", "", ""); err != nil { 716 t.Fatal(err) 717 } else { 718 etag := resp.Header.Get(model.HEADER_ETAG_SERVER) 719 resp2, _ := Client.DoApiGet("/users/"+user.Id+"/image", "", etag) 720 if resp2.StatusCode == 304 { 721 t.Fatal("Shouldn't have hit etag") 722 } 723 } 724 725 if *th.App.Config().FileSettings.DriverName == model.IMAGE_DRIVER_S3 { 726 endpoint := th.App.Config().FileSettings.AmazonS3Endpoint 727 accessKey := th.App.Config().FileSettings.AmazonS3AccessKeyId 728 secretKey := th.App.Config().FileSettings.AmazonS3SecretAccessKey 729 secure := *th.App.Config().FileSettings.AmazonS3SSL 730 signV2 := *th.App.Config().FileSettings.AmazonS3SignV2 731 region := th.App.Config().FileSettings.AmazonS3Region 732 s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) 733 if err != nil { 734 t.Fatal(err) 735 } 736 bucket := th.App.Config().FileSettings.AmazonS3Bucket 737 if err = s3Clnt.RemoveObject(bucket, "/users/"+user.Id+"/profile.png"); err != nil { 738 t.Fatal(err) 739 } 740 } else { 741 path := th.App.Config().FileSettings.Directory + "/users/" + user.Id + "/profile.png" 742 if err := os.Remove(path); err != nil { 743 t.Fatal("Couldn't remove file at " + path) 744 } 745 } 746 } 747 748 func TestUserUploadProfileImage(t *testing.T) { 749 th := Setup().InitBasic() 750 defer th.TearDown() 751 752 Client := th.BasicClient 753 754 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 755 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 756 757 Client.Logout() 758 759 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 760 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 761 th.LinkUserToTeam(user, team) 762 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 763 764 if *th.App.Config().FileSettings.DriverName != "" { 765 766 body := &bytes.Buffer{} 767 writer := multipart.NewWriter(body) 768 769 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr == nil { 770 t.Fatal("Should have errored") 771 } 772 773 Client.Login(user.Email, "passwd1") 774 Client.SetTeamId(team.Id) 775 776 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr == nil { 777 t.Fatal("Should have errored") 778 } 779 780 part, err := writer.CreateFormFile("blargh", "test.png") 781 if err != nil { 782 t.Fatal(err) 783 } 784 785 path, _ := utils.FindDir("tests") 786 file, err := os.Open(filepath.Join(path, "test.png")) 787 if err != nil { 788 t.Fatal(err) 789 } 790 defer file.Close() 791 792 _, err = io.Copy(part, file) 793 if err != nil { 794 t.Fatal(err) 795 } 796 797 if err := writer.Close(); err != nil { 798 t.Fatal(err) 799 } 800 801 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr == nil { 802 t.Fatal("Should have errored") 803 } 804 805 file2, err := os.Open(path + "/test.png") 806 if err != nil { 807 t.Fatal(err) 808 } 809 defer file2.Close() 810 811 body = &bytes.Buffer{} 812 writer = multipart.NewWriter(body) 813 814 part, err = writer.CreateFormFile("image", "test.png") 815 if err != nil { 816 t.Fatal(err) 817 } 818 819 if _, err := io.Copy(part, file2); err != nil { 820 t.Fatal(err) 821 } 822 823 if err := writer.Close(); err != nil { 824 t.Fatal(err) 825 } 826 827 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr != nil { 828 t.Fatal(upErr) 829 } 830 831 Client.DoApiGet("/users/"+user.Id+"/image", "", "") 832 833 if *th.App.Config().FileSettings.DriverName == model.IMAGE_DRIVER_S3 { 834 endpoint := th.App.Config().FileSettings.AmazonS3Endpoint 835 accessKey := th.App.Config().FileSettings.AmazonS3AccessKeyId 836 secretKey := th.App.Config().FileSettings.AmazonS3SecretAccessKey 837 secure := *th.App.Config().FileSettings.AmazonS3SSL 838 signV2 := *th.App.Config().FileSettings.AmazonS3SignV2 839 region := th.App.Config().FileSettings.AmazonS3Region 840 s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) 841 if err != nil { 842 t.Fatal(err) 843 } 844 bucket := th.App.Config().FileSettings.AmazonS3Bucket 845 if err = s3Clnt.RemoveObject(bucket, "/users/"+user.Id+"/profile.png"); err != nil { 846 t.Fatal(err) 847 } 848 } else { 849 path := th.App.Config().FileSettings.Directory + "users/" + user.Id + "/profile.png" 850 if err := os.Remove(path); err != nil { 851 t.Fatal("Couldn't remove file at " + path) 852 } 853 } 854 } else { 855 body := &bytes.Buffer{} 856 writer := multipart.NewWriter(body) 857 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr.StatusCode != http.StatusNotImplemented { 858 t.Fatal("Should have failed with 501 - Not Implemented") 859 } 860 } 861 } 862 863 func TestUserUpdate(t *testing.T) { 864 th := Setup().InitBasic() 865 defer th.TearDown() 866 867 Client := th.BasicClient 868 869 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 870 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 871 872 Client.Logout() 873 874 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", Roles: ""} 875 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 876 th.LinkUserToTeam(user, team) 877 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 878 879 if _, err := Client.UpdateUser(user); err == nil { 880 t.Fatal("Should have errored") 881 } 882 883 Client.Login(user.Email, "passwd1") 884 Client.SetTeamId(team.Id) 885 886 user.Nickname = "Jim Jimmy" 887 user.Roles = model.SYSTEM_ADMIN_ROLE_ID 888 user.LastPasswordUpdate = 123 889 890 if result, err := Client.UpdateUser(user); err != nil { 891 t.Fatal(err) 892 } else { 893 if result.Data.(*model.User).Nickname != "Jim Jimmy" { 894 t.Fatal("Nickname did not update properly") 895 } 896 if result.Data.(*model.User).Roles != model.SYSTEM_USER_ROLE_ID { 897 t.Fatal("Roles should not have updated") 898 } 899 if result.Data.(*model.User).LastPasswordUpdate == 123 { 900 t.Fatal("LastPasswordUpdate should not have updated") 901 } 902 } 903 904 user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 905 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 906 th.LinkUserToTeam(user2, team) 907 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 908 909 Client.Login(user2.Email, "passwd1") 910 Client.SetTeamId(team.Id) 911 912 user.Nickname = "Tim Timmy" 913 914 if _, err := Client.UpdateUser(user); err == nil { 915 t.Fatal("Should have errored") 916 } 917 } 918 919 func TestUserUpdatePassword(t *testing.T) { 920 th := Setup().InitBasic() 921 defer th.TearDown() 922 923 Client := th.BasicClient 924 925 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 926 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 927 928 Client.Logout() 929 Client.SetTeamId(team.Id) 930 931 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 932 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 933 th.LinkUserToTeam(user, team) 934 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 935 936 if _, err := Client.UpdateUserPassword(user.Id, "passwd1", "newpasswd1"); err == nil { 937 t.Fatal("Should have errored") 938 } 939 940 Client.Login(user.Email, "passwd1") 941 942 if _, err := Client.UpdateUserPassword("123", "passwd1", "newpwd"); err == nil { 943 t.Fatal("Should have errored") 944 } 945 946 if _, err := Client.UpdateUserPassword(user.Id, "", "newpwd"); err == nil { 947 t.Fatal("Should have errored") 948 } 949 950 if _, err := Client.UpdateUserPassword(user.Id, "passwd1", "npwd"); err == nil { 951 t.Fatal("Should have errored") 952 } 953 954 if _, err := Client.UpdateUserPassword("12345678901234567890123456", "passwd1", "newpwd1"); err == nil { 955 t.Fatal("Should have errored") 956 } 957 958 if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil { 959 t.Fatal("Should have errored") 960 } 961 962 if _, err := Client.UpdateUserPassword(user.Id, "passwd1", "newpwd1"); err != nil { 963 t.Fatal(err) 964 } 965 966 updatedUser := Client.Must(Client.GetUser(user.Id, "")).Data.(*model.User) 967 if updatedUser.LastPasswordUpdate == user.LastPasswordUpdate { 968 t.Fatal("LastPasswordUpdate should have changed") 969 } 970 971 if _, err := Client.Login(user.Email, "newpwd1"); err != nil { 972 t.Fatal(err) 973 } 974 975 // Test lockout 976 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.MaximumLoginAttempts = 2 }) 977 978 // Fail twice 979 if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil { 980 t.Fatal("Should have errored") 981 } 982 if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil { 983 t.Fatal("Should have errored") 984 } 985 986 // Should fail because account is locked out 987 if _, err := Client.UpdateUserPassword(user.Id, "newpwd1", "newpwd2"); err == nil { 988 t.Fatal("Should have errored") 989 } 990 991 user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 992 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 993 th.LinkUserToTeam(user2, team) 994 995 Client.Login(user2.Email, "passwd1") 996 997 if _, err := Client.UpdateUserPassword(user.Id, "passwd1", "newpwd"); err == nil { 998 t.Fatal("Should have errored") 999 } 1000 } 1001 1002 func TestUserUpdateRoles(t *testing.T) { 1003 th := Setup().InitBasic() 1004 defer th.TearDown() 1005 1006 Client := th.BasicClient 1007 1008 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1009 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1010 1011 Client.Logout() 1012 1013 user := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1014 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1015 th.LinkUserToTeam(user, team) 1016 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1017 1018 user2 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1019 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 1020 th.LinkUserToTeam(user2, team) 1021 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 1022 1023 if _, err := Client.UpdateUserRoles(user.Id, ""); err == nil { 1024 t.Fatal("Should have errored, not logged in") 1025 } 1026 1027 Client.Login(user2.Email, "passwd1") 1028 Client.SetTeamId(team.Id) 1029 1030 if _, err := Client.UpdateUserRoles(user.Id, ""); err == nil { 1031 t.Fatal("Should have errored, not admin") 1032 } 1033 1034 team2 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1035 team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team) 1036 1037 user3 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1038 user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User) 1039 th.LinkUserToTeam(user3, team2) 1040 store.Must(th.App.Srv.Store.User().VerifyEmail(user3.Id)) 1041 1042 Client.Login(user3.Email, "passwd1") 1043 Client.SetTeamId(team2.Id) 1044 1045 if _, err := Client.UpdateUserRoles(user2.Id, ""); err == nil { 1046 t.Fatal("Should have errored, wrong team") 1047 } 1048 1049 Client.Login(user.Email, "passwd1") 1050 1051 if _, err := Client.UpdateUserRoles("junk", ""); err == nil { 1052 t.Fatal("Should have errored, bad id") 1053 } 1054 1055 if _, err := Client.UpdateUserRoles("system_admin", ""); err == nil { 1056 t.Fatal("Should have errored, we want to avoid this mistake") 1057 } 1058 1059 if _, err := Client.UpdateUserRoles("12345678901234567890123456", ""); err == nil { 1060 t.Fatal("Should have errored, bad id") 1061 } 1062 1063 if _, err := Client.UpdateUserRoles(user2.Id, "junk"); err == nil { 1064 t.Fatal("Should have errored, bad role") 1065 } 1066 } 1067 1068 func TestUserUpdateRolesMoreCases(t *testing.T) { 1069 th := Setup().InitSystemAdmin().InitBasic() 1070 defer th.TearDown() 1071 1072 th.SystemAdminClient.SetTeamId(th.BasicTeam.Id) 1073 th.LinkUserToTeam(th.SystemAdminUser, th.BasicTeam) 1074 1075 const BASIC_USER = "system_user" 1076 const SYSTEM_ADMIN = "system_user system_admin" 1077 1078 // user 1 is trying to promote user 2 1079 if _, err := th.BasicClient.UpdateUserRoles(th.BasicUser2.Id, SYSTEM_ADMIN); err == nil { 1080 t.Fatal("Should have errored, basic user is not a system admin") 1081 } 1082 1083 // user 1 is trying to demote system admin 1084 if _, err := th.BasicClient.UpdateUserRoles(th.SystemAdminUser.Id, BASIC_USER); err == nil { 1085 t.Fatal("Should have errored, can only be system admin") 1086 } 1087 1088 // user 1 is trying to promote himself 1089 if _, err := th.BasicClient.UpdateUserRoles(th.BasicUser.Id, SYSTEM_ADMIN); err == nil { 1090 t.Fatal("Should have errored, can only be system admin") 1091 } 1092 1093 // System admin promoting user 2 1094 if _, err := th.SystemAdminClient.UpdateUserRoles(th.BasicUser2.Id, SYSTEM_ADMIN); err != nil { 1095 t.Fatal("Should have succeeded since they are system admin") 1096 } 1097 1098 // System admin demoting user 2 1099 if _, err := th.SystemAdminClient.UpdateUserRoles(th.BasicUser2.Id, BASIC_USER); err != nil { 1100 t.Fatal("Should have succeeded since they are system admin") 1101 } 1102 1103 // Setting user to team admin should have no effect on results 1104 th.BasicClient.Must(th.SystemAdminClient.UpdateTeamRoles(th.BasicUser.Id, "team_user team_admin")) 1105 1106 // user 1 is trying to promote user 2 1107 if _, err := th.BasicClient.UpdateUserRoles(th.BasicUser2.Id, SYSTEM_ADMIN); err == nil { 1108 t.Fatal("Should have errored, basic user is not a system admin") 1109 } 1110 1111 // user 1 is trying to demote system admin 1112 if _, err := th.BasicClient.UpdateUserRoles(th.SystemAdminUser.Id, BASIC_USER); err == nil { 1113 t.Fatal("Should have errored, can only be system admin") 1114 } 1115 1116 // user 1 is trying to promote himself 1117 if _, err := th.BasicClient.UpdateUserRoles(th.BasicUser.Id, SYSTEM_ADMIN); err == nil { 1118 t.Fatal("Should have errored, can only be system admin") 1119 } 1120 1121 // system admin demoting himself 1122 if _, err := th.SystemAdminClient.UpdateUserRoles(th.SystemAdminUser.Id, BASIC_USER); err != nil { 1123 t.Fatal("Should have succeeded since they are system admin") 1124 } 1125 } 1126 1127 func TestUserUpdateDeviceId(t *testing.T) { 1128 th := Setup().InitBasic() 1129 defer th.TearDown() 1130 1131 Client := th.BasicClient 1132 1133 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1134 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1135 1136 user := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1137 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1138 th.LinkUserToTeam(user, team) 1139 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1140 1141 Client.Login(user.Email, "passwd1") 1142 Client.SetTeamId(team.Id) 1143 deviceId := model.PUSH_NOTIFY_APPLE + ":1234567890" 1144 1145 if _, err := Client.AttachDeviceId(deviceId); err != nil { 1146 t.Fatal(err) 1147 } 1148 1149 if result := <-th.App.Srv.Store.Session().GetSessions(user.Id); result.Err != nil { 1150 t.Fatal(result.Err) 1151 } else { 1152 sessions := result.Data.([]*model.Session) 1153 1154 if sessions[0].DeviceId != deviceId { 1155 t.Fatal("Missing device Id") 1156 } 1157 } 1158 } 1159 1160 func TestUserUpdateDeviceId2(t *testing.T) { 1161 th := Setup().InitBasic() 1162 defer th.TearDown() 1163 1164 Client := th.BasicClient 1165 1166 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1167 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1168 1169 user := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1170 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1171 th.LinkUserToTeam(user, team) 1172 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1173 1174 Client.Login(user.Email, "passwd1") 1175 Client.SetTeamId(team.Id) 1176 deviceId := model.PUSH_NOTIFY_APPLE_REACT_NATIVE + ":1234567890" 1177 1178 if _, err := Client.AttachDeviceId(deviceId); err != nil { 1179 t.Fatal(err) 1180 } 1181 1182 if result := <-th.App.Srv.Store.Session().GetSessions(user.Id); result.Err != nil { 1183 t.Fatal(result.Err) 1184 } else { 1185 sessions := result.Data.([]*model.Session) 1186 1187 if sessions[0].DeviceId != deviceId { 1188 t.Fatal("Missing device Id") 1189 } 1190 } 1191 } 1192 1193 func TestUserUpdateActive(t *testing.T) { 1194 th := Setup().InitBasic().InitSystemAdmin() 1195 defer th.TearDown() 1196 1197 Client := th.BasicClient 1198 SystemAdminClient := th.SystemAdminClient 1199 1200 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1201 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1202 1203 team2 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1204 team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team) 1205 1206 Client.Logout() 1207 1208 user := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1209 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1210 th.LinkUserToTeam(user, team) 1211 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1212 1213 user2 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1214 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 1215 th.LinkUserToTeam(user2, team) 1216 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 1217 1218 if _, err := Client.UpdateActive(user.Id, false); err == nil { 1219 t.Fatal("Should have errored, not logged in") 1220 } 1221 1222 Client.Login(user2.Email, "passwd1") 1223 Client.SetTeamId(team.Id) 1224 1225 if _, err := Client.UpdateActive(user.Id, false); err == nil { 1226 t.Fatal("Should have errored, not admin") 1227 } 1228 1229 Client.Must(Client.Logout()) 1230 1231 user3 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1232 user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User) 1233 th.LinkUserToTeam(user2, team2) 1234 store.Must(th.App.Srv.Store.User().VerifyEmail(user3.Id)) 1235 1236 Client.Login(user3.Email, "passwd1") 1237 Client.SetTeamId(team2.Id) 1238 1239 if _, err := Client.UpdateActive(user.Id, false); err == nil { 1240 t.Fatal("Should have errored, not yourself") 1241 } 1242 1243 Client.Login(user.Email, "passwd1") 1244 Client.SetTeamId(team.Id) 1245 1246 if _, err := Client.UpdateActive("junk", false); err == nil { 1247 t.Fatal("Should have errored, bad id") 1248 } 1249 1250 if _, err := Client.UpdateActive("12345678901234567890123456", false); err == nil { 1251 t.Fatal("Should have errored, bad id") 1252 } 1253 1254 th.App.SetStatusOnline(user3.Id, "", false) 1255 1256 if _, err := SystemAdminClient.UpdateActive(user3.Id, false); err != nil { 1257 t.Fatal(err) 1258 } 1259 1260 if status, err := th.App.GetStatus(user3.Id); err != nil { 1261 t.Fatal(err) 1262 } else if status.Status != model.STATUS_OFFLINE { 1263 t.Fatal("status should have been set to offline") 1264 } 1265 } 1266 1267 func TestUserPermDelete(t *testing.T) { 1268 th := Setup().InitBasic() 1269 defer th.TearDown() 1270 1271 Client := th.BasicClient 1272 1273 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1274 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1275 1276 user1 := &model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1277 user1 = Client.Must(Client.CreateUser(user1, "")).Data.(*model.User) 1278 th.LinkUserToTeam(user1, team) 1279 store.Must(th.App.Srv.Store.User().VerifyEmail(user1.Id)) 1280 1281 Client.Login(user1.Email, "passwd1") 1282 Client.SetTeamId(team.Id) 1283 1284 channel1 := &model.Channel{DisplayName: "TestGetPosts", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} 1285 channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) 1286 1287 post1 := &model.Post{ChannelId: channel1.Id, Message: "search for post1"} 1288 post1 = Client.Must(Client.CreatePost(post1)).Data.(*model.Post) 1289 1290 post2 := &model.Post{ChannelId: channel1.Id, Message: "search for post2"} 1291 post2 = Client.Must(Client.CreatePost(post2)).Data.(*model.Post) 1292 1293 post3 := &model.Post{ChannelId: channel1.Id, Message: "#hashtag search for post3"} 1294 post3 = Client.Must(Client.CreatePost(post3)).Data.(*model.Post) 1295 1296 post4 := &model.Post{ChannelId: channel1.Id, Message: "hashtag for post4"} 1297 post4 = Client.Must(Client.CreatePost(post4)).Data.(*model.Post) 1298 1299 c := &Context{} 1300 c.RequestId = model.NewId() 1301 c.IpAddress = "test" 1302 1303 err := th.App.PermanentDeleteUser(user1) 1304 if err != nil { 1305 t.Fatal(err) 1306 } 1307 1308 Client.ClearOAuthToken() 1309 } 1310 1311 func TestSendPasswordReset(t *testing.T) { 1312 th := Setup().InitBasic() 1313 defer th.TearDown() 1314 1315 Client := th.BasicClient 1316 1317 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1318 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1319 1320 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1321 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1322 th.LinkUserToTeam(user, team) 1323 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1324 1325 Client.Logout() 1326 1327 if result, err := Client.SendPasswordReset(user.Email); err != nil { 1328 t.Fatal(err) 1329 } else { 1330 resp := result.Data.(map[string]string) 1331 if resp["email"] != user.Email { 1332 t.Fatal("wrong email") 1333 } 1334 } 1335 1336 if _, err := Client.SendPasswordReset("junk@junk.com"); err != nil { 1337 t.Fatal("Should have errored - bad email") 1338 } 1339 1340 if _, err := Client.SendPasswordReset(""); err == nil { 1341 t.Fatal("Should have errored - no email") 1342 } 1343 1344 authData := model.NewId() 1345 user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", AuthData: &authData, AuthService: "random"} 1346 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 1347 th.LinkUserToTeam(user2, team) 1348 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 1349 1350 if _, err := Client.SendPasswordReset(user2.Email); err == nil { 1351 t.Fatal("should have errored - SSO user can't send reset password link") 1352 } 1353 } 1354 1355 /*func TestResetPassword(t *testing.T) { 1356 th := Setup().InitSystemAdmin() 1357 Client := th.SystemAdminClient 1358 team := th.SystemAdminTeam 1359 1360 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1361 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1362 th.LinkUserToTeam(user, team) 1363 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1364 1365 //Delete all the messages before check the reset password 1366 utils.DeleteMailBox(user.Email) 1367 1368 Client.Must(Client.SendPasswordReset(user.Email)) 1369 1370 //Check if the email was send to the rigth email address and the recovery key match 1371 var resultsMailbox utils.JSONMessageHeaderInbucket 1372 err := utils.RetryInbucket(5, func() error { 1373 var err error 1374 resultsMailbox, err = utils.GetMailBox(user.Email) 1375 return err 1376 }) 1377 if err != nil { 1378 t.Log(err) 1379 t.Log("No email was received, maybe due load on the server. Disabling this verification") 1380 } 1381 1382 var recoveryTokenString string 1383 if err == nil && len(resultsMailbox) > 0 { 1384 if !strings.ContainsAny(resultsMailbox[0].To[0], user.Email) { 1385 t.Fatal("Wrong To recipient") 1386 } else { 1387 if resultsEmail, err := utils.GetMessageFromMailbox(user.Email, resultsMailbox[0].ID); err == nil { 1388 loc := strings.Index(resultsEmail.Body.Text, "token=") 1389 if loc == -1 { 1390 t.Log(recoveryTokenString) 1391 t.Log(resultsEmail.Body.Text) 1392 t.Fatal("Code not found in email") 1393 } 1394 loc += 6 1395 recoveryTokenString = resultsEmail.Body.Text[loc : loc+model.TOKEN_SIZE] 1396 t.Log(resultsEmail.Body.Text) 1397 } 1398 } 1399 } 1400 1401 var recoveryToken *model.Token 1402 if result := <-th.App.Srv.Store.Token().GetByToken(recoveryTokenString); result.Err != nil { 1403 t.Log(recoveryTokenString) 1404 t.Fatal(result.Err) 1405 } else { 1406 recoveryToken = result.Data.(*model.Token) 1407 } 1408 1409 if recoveryToken.Token != recoveryTokenString { 1410 t.Fatal("Did not send the correct token. DB: "+recoveryToken.Token, " Sent: "+recoveryTokenString) 1411 } 1412 1413 if _, err := Client.ResetPassword(recoveryToken.Token, ""); err == nil { 1414 t.Fatal("Should have errored - no password") 1415 } 1416 1417 if _, err := Client.ResetPassword(recoveryToken.Token, "newp"); err == nil { 1418 t.Fatal("Should have errored - password too short") 1419 } 1420 1421 if _, err := Client.ResetPassword("", "newpwd"); err == nil { 1422 t.Fatal("Should have errored - no code") 1423 } 1424 1425 if _, err := Client.ResetPassword("junk", "newpwd"); err == nil { 1426 t.Fatal("Should have errored - bad code") 1427 } 1428 1429 code := "" 1430 for i := 0; i < model.TOKEN_SIZE; i++ { 1431 code += "a" 1432 } 1433 if _, err := Client.ResetPassword(code, "newpwd1"); err == nil { 1434 t.Fatal("Should have errored - bad code") 1435 } 1436 1437 if _, err := Client.ResetPassword(recoveryToken.Token, "newpwd1"); err != nil { 1438 t.Log(recoveryToken.Token) 1439 t.Fatal(err) 1440 } 1441 1442 }*/ 1443 1444 func TestUserUpdateNotify(t *testing.T) { 1445 th := Setup().InitBasic() 1446 defer th.TearDown() 1447 1448 Client := th.BasicClient 1449 1450 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1451 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1452 1453 Client.Logout() 1454 1455 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", Roles: ""} 1456 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1457 th.LinkUserToTeam(user, team) 1458 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1459 1460 data := make(map[string]string) 1461 data["user_id"] = user.Id 1462 data["email"] = "true" 1463 data["desktop"] = "all" 1464 data["desktop_sound"] = "false" 1465 data["comments"] = "any" 1466 1467 if _, err := Client.UpdateUserNotify(data); err == nil { 1468 t.Fatal("Should have errored - not logged in") 1469 } 1470 1471 Client.Login(user.Email, "passwd1") 1472 Client.SetTeamId(team.Id) 1473 1474 if result, err := Client.UpdateUserNotify(data); err != nil { 1475 t.Fatal(err) 1476 } else { 1477 if result.Data.(*model.User).NotifyProps["desktop"] != data["desktop"] { 1478 t.Fatal("NotifyProps did not update properly - desktop") 1479 } 1480 if result.Data.(*model.User).NotifyProps["desktop_sound"] != data["desktop_sound"] { 1481 t.Fatal("NotifyProps did not update properly - desktop_sound") 1482 } 1483 if result.Data.(*model.User).NotifyProps["email"] != data["email"] { 1484 t.Fatal("NotifyProps did not update properly - email") 1485 } 1486 if result.Data.(*model.User).NotifyProps["comments"] != data["comments"] { 1487 t.Fatal("NotifyProps did not update properly - comments") 1488 } 1489 } 1490 1491 if _, err := Client.UpdateUserNotify(nil); err == nil { 1492 t.Fatal("Should have errored") 1493 } 1494 1495 data["user_id"] = "junk" 1496 if _, err := Client.UpdateUserNotify(data); err == nil { 1497 t.Fatal("Should have errored - junk user id") 1498 } 1499 1500 data["user_id"] = "12345678901234567890123456" 1501 if _, err := Client.UpdateUserNotify(data); err == nil { 1502 t.Fatal("Should have errored - bad user id") 1503 } 1504 1505 data["user_id"] = user.Id 1506 data["desktop"] = "" 1507 if _, err := Client.UpdateUserNotify(data); err == nil { 1508 t.Fatal("Should have errored - empty desktop notify") 1509 } 1510 1511 data["desktop"] = "all" 1512 data["desktop_sound"] = "" 1513 if _, err := Client.UpdateUserNotify(data); err == nil { 1514 t.Fatal("Should have errored - empty desktop sound") 1515 } 1516 1517 data["desktop_sound"] = "false" 1518 data["email"] = "" 1519 if _, err := Client.UpdateUserNotify(data); err == nil { 1520 t.Fatal("Should have errored - empty email") 1521 } 1522 1523 data["email"] = "true" 1524 data["comments"] = "" 1525 if _, err := Client.UpdateUserNotify(data); err == nil { 1526 t.Fatal("Should have errored - empty comments") 1527 } 1528 } 1529 1530 func TestFuzzyUserCreate(t *testing.T) { 1531 th := Setup().InitBasic() 1532 defer th.TearDown() 1533 1534 Client := th.BasicClient 1535 1536 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1537 rteam, _ := Client.CreateTeam(&team) 1538 1539 Client.Logout() 1540 1541 for i := 0; i < len(utils.FUZZY_STRINGS_NAMES) || i < len(utils.FUZZY_STRINGS_EMAILS); i++ { 1542 testName := "Name" 1543 testEmail := "test@nowhere.com" 1544 1545 if i < len(utils.FUZZY_STRINGS_NAMES) { 1546 testName = utils.FUZZY_STRINGS_NAMES[i] 1547 } 1548 if i < len(utils.FUZZY_STRINGS_EMAILS) { 1549 testEmail = utils.FUZZY_STRINGS_EMAILS[i] 1550 } 1551 1552 user := model.User{Email: strings.ToLower(model.NewId()) + testEmail, Nickname: testName, Password: "hello1"} 1553 1554 ruser, err := Client.CreateUser(&user, "") 1555 if err != nil { 1556 t.Fatal(err) 1557 } 1558 1559 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 1560 } 1561 } 1562 1563 func TestEmailToOAuth(t *testing.T) { 1564 th := Setup().InitBasic() 1565 defer th.TearDown() 1566 1567 Client := th.BasicClient 1568 1569 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1570 rteam, _ := Client.CreateTeam(&team) 1571 1572 Client.Logout() 1573 1574 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1575 ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User) 1576 th.LinkUserToTeam(ruser, rteam.Data.(*model.Team)) 1577 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Id)) 1578 1579 m := map[string]string{} 1580 if _, err := Client.EmailToOAuth(m); err == nil { 1581 t.Fatal("should have failed - empty data") 1582 } 1583 1584 m["password"] = "passwd1" 1585 _, err := Client.EmailToOAuth(m) 1586 if err == nil { 1587 t.Fatal("should have failed - missing team_name, service, email") 1588 } 1589 1590 m["team_name"] = team.Name 1591 if _, err := Client.EmailToOAuth(m); err == nil { 1592 t.Fatal("should have failed - missing service, email") 1593 } 1594 1595 m["service"] = "someservice" 1596 if _, err := Client.EmailToOAuth(m); err == nil { 1597 t.Fatal("should have failed - missing email") 1598 } 1599 1600 m["team_name"] = "junk" 1601 if _, err := Client.EmailToOAuth(m); err == nil { 1602 t.Fatal("should have failed - bad team name") 1603 } 1604 1605 m["team_name"] = team.Name 1606 m["email"] = "junk" 1607 if _, err := Client.EmailToOAuth(m); err == nil { 1608 t.Fatal("should have failed - bad email") 1609 } 1610 1611 m["email"] = ruser.Email 1612 m["password"] = "junk" 1613 if _, err := Client.EmailToOAuth(m); err == nil { 1614 t.Fatal("should have failed - bad password") 1615 } 1616 } 1617 1618 func TestOAuthToEmail(t *testing.T) { 1619 th := Setup().InitBasic() 1620 defer th.TearDown() 1621 1622 Client := th.BasicClient 1623 1624 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1625 rteam, _ := Client.CreateTeam(&team) 1626 1627 Client.Logout() 1628 1629 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1630 ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User) 1631 th.LinkUserToTeam(ruser, rteam.Data.(*model.Team)) 1632 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Id)) 1633 1634 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1635 ruser2 := Client.Must(Client.CreateUser(&user2, "")).Data.(*model.User) 1636 th.LinkUserToTeam(ruser2, rteam.Data.(*model.Team)) 1637 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser2.Id)) 1638 1639 m := map[string]string{} 1640 if _, err := Client.OAuthToEmail(m); err == nil { 1641 t.Fatal("should have failed - not logged in") 1642 } 1643 1644 Client.Login(user.Email, user.Password) 1645 1646 if _, err := Client.OAuthToEmail(m); err == nil { 1647 t.Fatal("should have failed - empty data") 1648 } 1649 1650 m["password"] = "passwd1" 1651 _, err := Client.OAuthToEmail(m) 1652 if err == nil { 1653 t.Fatal("should have failed - missing team_name, service, email") 1654 } 1655 1656 m["team_name"] = team.Name 1657 if _, err := Client.OAuthToEmail(m); err == nil { 1658 t.Fatal("should have failed - missing email") 1659 } 1660 1661 m["team_name"] = team.Name 1662 m["email"] = "junk" 1663 if _, err := Client.OAuthToEmail(m); err == nil { 1664 t.Fatal("should have failed - bad email") 1665 } 1666 1667 m["email"] = ruser2.Email 1668 if _, err := Client.OAuthToEmail(m); err == nil { 1669 t.Fatal("should have failed - wrong user") 1670 } 1671 } 1672 1673 func TestLDAPToEmail(t *testing.T) { 1674 th := Setup().InitBasic() 1675 defer th.TearDown() 1676 1677 Client := th.BasicClient 1678 1679 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1680 rteam, _ := Client.CreateTeam(&team) 1681 1682 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1683 ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User) 1684 th.LinkUserToTeam(ruser, rteam.Data.(*model.Team)) 1685 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Id)) 1686 1687 Client.Login(user.Email, user.Password) 1688 1689 m := map[string]string{} 1690 if _, err := Client.LDAPToEmail(m); err == nil { 1691 t.Fatal("should have failed - empty data") 1692 } 1693 1694 m["email_password"] = "passwd1" 1695 _, err := Client.LDAPToEmail(m) 1696 if err == nil { 1697 t.Fatal("should have failed - missing team_name, ldap_password, email") 1698 } 1699 1700 m["team_name"] = team.Name 1701 if _, err := Client.LDAPToEmail(m); err == nil { 1702 t.Fatal("should have failed - missing email, ldap_password") 1703 } 1704 1705 m["ldap_password"] = "passwd1" 1706 if _, err := Client.LDAPToEmail(m); err == nil { 1707 t.Fatal("should have failed - missing email") 1708 } 1709 1710 m["email"] = ruser.Email 1711 m["team_name"] = "junk" 1712 if _, err := Client.LDAPToEmail(m); err == nil { 1713 t.Fatal("should have failed - bad team name") 1714 } 1715 1716 m["team_name"] = team.Name 1717 m["email"] = "junk" 1718 if _, err := Client.LDAPToEmail(m); err == nil { 1719 t.Fatal("should have failed - bad email") 1720 } 1721 1722 m["email"] = user.Email 1723 if _, err := Client.LDAPToEmail(m); err == nil { 1724 t.Fatal("should have failed - user is not an AD/LDAP user") 1725 } 1726 } 1727 1728 func TestEmailToLDAP(t *testing.T) { 1729 th := Setup().InitBasic() 1730 defer th.TearDown() 1731 1732 Client := th.BasicClient 1733 1734 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1735 rteam, _ := Client.CreateTeam(&team) 1736 1737 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1738 ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User) 1739 th.LinkUserToTeam(ruser, rteam.Data.(*model.Team)) 1740 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Id)) 1741 1742 Client.Login(user.Email, user.Password) 1743 1744 m := map[string]string{} 1745 if _, err := Client.EmailToLDAP(m); err == nil { 1746 t.Fatal("should have failed - empty data") 1747 } 1748 1749 m["email_password"] = "passwd1" 1750 _, err := Client.EmailToLDAP(m) 1751 if err == nil { 1752 t.Fatal("should have failed - missing team_name, ldap_id, ldap_password, email") 1753 } 1754 1755 m["team_name"] = team.Name 1756 if _, err := Client.EmailToLDAP(m); err == nil { 1757 t.Fatal("should have failed - missing email, ldap_password, ldap_id") 1758 } 1759 1760 m["ldap_id"] = "someid" 1761 if _, err := Client.EmailToLDAP(m); err == nil { 1762 t.Fatal("should have failed - missing email, ldap_password") 1763 } 1764 1765 m["ldap_password"] = "passwd1" 1766 if _, err := Client.EmailToLDAP(m); err == nil { 1767 t.Fatal("should have failed - missing email") 1768 } 1769 1770 m["email"] = ruser.Email 1771 m["team_name"] = "junk" 1772 if _, err := Client.EmailToLDAP(m); err == nil { 1773 t.Fatal("should have failed - bad team name") 1774 } 1775 1776 m["team_name"] = team.Name 1777 m["email"] = "junk" 1778 if _, err := Client.EmailToLDAP(m); err == nil { 1779 t.Fatal("should have failed - bad email") 1780 } 1781 1782 m["email"] = user.Email 1783 m["email_password"] = "junk" 1784 if _, err := Client.EmailToLDAP(m); err == nil { 1785 t.Fatal("should have failed - bad password") 1786 } 1787 1788 m["email_password"] = "passwd1" 1789 if _, err := Client.EmailToLDAP(m); err == nil { 1790 t.Fatal("should have failed - missing ldap bits or user") 1791 } 1792 } 1793 1794 func TestMeInitialLoad(t *testing.T) { 1795 th := Setup().InitBasic() 1796 defer th.TearDown() 1797 1798 if result, err := th.BasicClient.GetInitialLoad(); err != nil { 1799 t.Fatal(err) 1800 } else { 1801 il := result.Data.(*model.InitialLoad) 1802 1803 if il.User == nil { 1804 t.Fatal("should be valid") 1805 } 1806 1807 if il.Preferences == nil { 1808 t.Fatal("should be valid") 1809 } 1810 1811 if len(il.Teams) != 1 { 1812 t.Fatal("should be valid") 1813 } 1814 1815 if len(il.TeamMembers) != 1 { 1816 t.Fatal("should be valid") 1817 } 1818 1819 if len(il.ClientCfg) == 0 { 1820 t.Fatal("should be valid") 1821 } 1822 1823 if len(il.LicenseCfg) == 0 { 1824 t.Fatal("should be valid") 1825 } 1826 } 1827 1828 th.BasicClient.Logout() 1829 1830 if result, err := th.BasicClient.GetInitialLoad(); err != nil { 1831 t.Fatal(err) 1832 } else { 1833 il := result.Data.(*model.InitialLoad) 1834 1835 if il.User != nil { 1836 t.Fatal("should be valid") 1837 } 1838 1839 if il.Preferences != nil { 1840 t.Fatal("should be valid") 1841 } 1842 1843 if len(il.Teams) != 0 { 1844 t.Fatal("should be valid") 1845 } 1846 1847 if len(il.TeamMembers) != 0 { 1848 t.Fatal("should be valid") 1849 } 1850 1851 if len(il.ClientCfg) == 0 { 1852 t.Fatal("should be valid") 1853 } 1854 1855 if len(il.LicenseCfg) == 0 { 1856 t.Fatal("should be valid") 1857 } 1858 } 1859 1860 } 1861 1862 func TestGenerateMfaSecret(t *testing.T) { 1863 th := Setup().InitBasic() 1864 defer th.TearDown() 1865 1866 Client := th.BasicClient 1867 1868 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1869 rteam, _ := Client.CreateTeam(&team) 1870 1871 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1872 ruser, _ := Client.CreateUser(&user, "") 1873 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 1874 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 1875 1876 Client.Logout() 1877 1878 if _, err := Client.GenerateMfaSecret(); err == nil { 1879 t.Fatal("should have failed - not logged in") 1880 } 1881 1882 Client.Login(user.Email, user.Password) 1883 1884 if _, err := Client.GenerateMfaSecret(); err == nil { 1885 t.Fatal("should have failed - not licensed") 1886 } 1887 1888 // need to add more test cases when license and config can be configured for tests 1889 } 1890 1891 func TestUpdateMfa(t *testing.T) { 1892 th := Setup().InitBasic() 1893 defer th.TearDown() 1894 1895 Client := th.BasicClient 1896 1897 th.App.SetLicense(nil) 1898 1899 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1900 rteam, _ := Client.CreateTeam(&team) 1901 1902 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1903 ruser, _ := Client.CreateUser(&user, "") 1904 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 1905 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 1906 1907 Client.Logout() 1908 1909 if _, err := Client.UpdateMfa(true, "123456"); err == nil { 1910 t.Fatal("should have failed - not logged in") 1911 } 1912 1913 Client.Login(user.Email, user.Password) 1914 1915 if _, err := Client.UpdateMfa(true, ""); err == nil { 1916 t.Fatal("should have failed - no token") 1917 } 1918 1919 if _, err := Client.UpdateMfa(true, "123456"); err == nil { 1920 t.Fatal("should have failed - not licensed") 1921 } 1922 1923 th.App.SetLicense(model.NewTestLicense("mfa")) 1924 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableMultifactorAuthentication = true }) 1925 1926 if _, err := Client.UpdateMfa(true, "123456"); err == nil { 1927 t.Fatal("should have failed - bad token") 1928 } 1929 1930 // need to add more test cases when enterprise bits can be loaded into tests 1931 } 1932 1933 func TestCheckMfa(t *testing.T) { 1934 th := Setup().InitBasic() 1935 defer th.TearDown() 1936 1937 Client := th.BasicClient 1938 1939 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1940 rteam, _ := Client.CreateTeam(&team) 1941 1942 Client.Logout() 1943 1944 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1945 ruser, _ := Client.CreateUser(&user, "") 1946 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 1947 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 1948 1949 if result, err := Client.CheckMfa(user.Email); err != nil { 1950 t.Fatal(err) 1951 } else { 1952 resp := result.Data.(map[string]string) 1953 if resp["mfa_required"] != "false" { 1954 t.Fatal("mfa should not be required") 1955 } 1956 } 1957 1958 // need to add more test cases when enterprise bits can be loaded into tests 1959 } 1960 1961 func TestUserTyping(t *testing.T) { 1962 th := Setup().InitBasic() 1963 defer th.TearDown() 1964 1965 Client := th.BasicClient 1966 WebSocketClient, err := th.CreateWebSocketClient() 1967 if err != nil { 1968 t.Fatal(err) 1969 } 1970 defer WebSocketClient.Close() 1971 WebSocketClient.Listen() 1972 1973 time.Sleep(300 * time.Millisecond) 1974 if resp := <-WebSocketClient.ResponseChannel; resp.Status != model.STATUS_OK { 1975 t.Fatal("should have responded OK to authentication challenge") 1976 } 1977 1978 WebSocketClient.UserTyping("", "") 1979 time.Sleep(300 * time.Millisecond) 1980 if resp := <-WebSocketClient.ResponseChannel; resp.Error.Id != "api.websocket_handler.invalid_param.app_error" { 1981 t.Fatal("should have been invalid param response") 1982 } 1983 1984 th.LoginBasic2() 1985 Client.Must(Client.JoinChannel(th.BasicChannel.Id)) 1986 1987 WebSocketClient2, err2 := th.CreateWebSocketClient() 1988 if err2 != nil { 1989 t.Fatal(err2) 1990 } 1991 defer WebSocketClient2.Close() 1992 WebSocketClient2.Listen() 1993 1994 time.Sleep(300 * time.Millisecond) 1995 1996 WebSocketClient.UserTyping(th.BasicChannel.Id, "") 1997 1998 time.Sleep(300 * time.Millisecond) 1999 2000 stop := make(chan bool) 2001 eventHit := false 2002 2003 go func() { 2004 for { 2005 select { 2006 case resp := <-WebSocketClient2.EventChannel: 2007 if resp.Event == model.WEBSOCKET_EVENT_TYPING && resp.Data["user_id"].(string) == th.BasicUser.Id { 2008 eventHit = true 2009 } 2010 case <-stop: 2011 return 2012 } 2013 } 2014 }() 2015 2016 time.Sleep(1000 * time.Millisecond) 2017 2018 stop <- true 2019 2020 if !eventHit { 2021 t.Fatal("did not receive typing event") 2022 } 2023 2024 WebSocketClient.UserTyping(th.BasicChannel.Id, "someparentid") 2025 2026 time.Sleep(300 * time.Millisecond) 2027 2028 eventHit = false 2029 2030 go func() { 2031 for { 2032 select { 2033 case resp := <-WebSocketClient2.EventChannel: 2034 if resp.Event == model.WEBSOCKET_EVENT_TYPING && resp.Data["parent_id"] == "someparentid" { 2035 eventHit = true 2036 } 2037 case <-stop: 2038 return 2039 } 2040 } 2041 }() 2042 2043 time.Sleep(300 * time.Millisecond) 2044 2045 stop <- true 2046 2047 if !eventHit { 2048 t.Fatal("did not receive typing event") 2049 } 2050 } 2051 2052 func TestGetProfilesInChannel(t *testing.T) { 2053 th := Setup().InitBasic() 2054 defer th.TearDown() 2055 2056 Client := th.BasicClient 2057 2058 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 2059 2060 if result, err := Client.GetProfilesInChannel(th.BasicChannel.Id, 0, 100, ""); err != nil { 2061 t.Fatal(err) 2062 } else { 2063 users := result.Data.(map[string]*model.User) 2064 2065 if len(users) < 1 { 2066 t.Fatal("map was wrong length") 2067 } 2068 2069 for _, user := range users { 2070 if user.Email == "" { 2071 t.Fatal("problem with show email") 2072 } 2073 } 2074 } 2075 2076 th.LoginBasic2() 2077 2078 if _, err := Client.GetProfilesInChannel(th.BasicChannel.Id, 0, 100, ""); err == nil { 2079 t.Fatal("should not have access") 2080 } 2081 2082 Client.Must(Client.JoinChannel(th.BasicChannel.Id)) 2083 2084 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2085 2086 if result, err := Client.GetProfilesInChannel(th.BasicChannel.Id, 0, 100, ""); err != nil { 2087 t.Fatal(err) 2088 } else { 2089 users := result.Data.(map[string]*model.User) 2090 2091 if len(users) < 1 { 2092 t.Fatal("map was wrong length") 2093 } 2094 2095 found := false 2096 for _, user := range users { 2097 if user.Email != "" { 2098 t.Fatal("problem with show email") 2099 } 2100 if user.Id == th.BasicUser2.Id { 2101 found = true 2102 } 2103 } 2104 2105 if !found { 2106 t.Fatal("should have found profile") 2107 } 2108 } 2109 2110 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 2111 Client.Must(Client.CreateUser(&user, "")) 2112 2113 Client.Login(user.Email, "passwd1") 2114 Client.SetTeamId("junk") 2115 2116 if _, err := Client.GetProfilesInChannel(th.BasicChannel.Id, 0, 100, ""); err == nil { 2117 t.Fatal("should not have access") 2118 } 2119 } 2120 2121 func TestGetProfilesNotInChannel(t *testing.T) { 2122 th := Setup().InitBasic() 2123 defer th.TearDown() 2124 2125 Client := th.BasicClient 2126 2127 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 2128 2129 if result, err := Client.GetProfilesNotInChannel(th.BasicChannel.Id, 0, 100, ""); err != nil { 2130 t.Fatal(err) 2131 } else { 2132 users := result.Data.(map[string]*model.User) 2133 2134 if len(users) < 1 { 2135 t.Fatal("map was wrong length") 2136 } 2137 2138 found := false 2139 for _, user := range users { 2140 if user.Email == "" { 2141 t.Fatal("problem with show email") 2142 } 2143 if user.Id == th.BasicUser2.Id { 2144 found = true 2145 } 2146 } 2147 2148 if !found { 2149 t.Fatal("should have found profile") 2150 } 2151 } 2152 2153 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 2154 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 2155 th.LinkUserToTeam(user, th.BasicTeam) 2156 2157 th.LoginBasic2() 2158 2159 if _, err := Client.GetProfilesNotInChannel(th.BasicChannel.Id, 0, 100, ""); err == nil { 2160 t.Fatal("should not have access") 2161 } 2162 2163 Client.Must(Client.JoinChannel(th.BasicChannel.Id)) 2164 2165 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2166 2167 if result, err := Client.GetProfilesNotInChannel(th.BasicChannel.Id, 0, 100, ""); err != nil { 2168 t.Fatal(err) 2169 } else { 2170 users := result.Data.(map[string]*model.User) 2171 2172 if len(users) < 1 { 2173 t.Fatal("map was wrong length") 2174 } 2175 2176 found := false 2177 for _, user := range users { 2178 if user.Email != "" { 2179 t.Fatal("problem with show email") 2180 } 2181 if user.Id == th.BasicUser2.Id { 2182 found = true 2183 } 2184 } 2185 2186 if found { 2187 t.Fatal("should not have found profile") 2188 } 2189 } 2190 2191 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 2192 Client.Must(Client.CreateUser(&user2, "")) 2193 2194 Client.Login(user2.Email, "passwd1") 2195 Client.SetTeamId(th.BasicTeam.Id) 2196 2197 if _, err := Client.GetProfilesNotInChannel(th.BasicChannel.Id, 0, 100, ""); err == nil { 2198 t.Fatal("should not have access") 2199 } 2200 } 2201 2202 func TestSearchUsers(t *testing.T) { 2203 th := Setup().InitBasic().InitSystemAdmin() 2204 defer th.TearDown() 2205 2206 Client := th.BasicClient 2207 2208 inactiveUser := th.CreateUser(Client) 2209 th.LinkUserToTeam(inactiveUser, th.BasicTeam) 2210 th.SystemAdminClient.Must(th.SystemAdminClient.UpdateActive(inactiveUser.Id, false)) 2211 2212 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username}); err != nil { 2213 t.Fatal(err) 2214 } else { 2215 users := result.Data.([]*model.User) 2216 2217 found := false 2218 for _, user := range users { 2219 if user.Id == th.BasicUser.Id { 2220 found = true 2221 } 2222 } 2223 2224 if !found { 2225 t.Fatal("should have found profile") 2226 } 2227 } 2228 2229 if result, err := Client.SearchUsers(model.UserSearch{Term: inactiveUser.Username, TeamId: th.BasicTeam.Id}); err != nil { 2230 t.Fatal(err) 2231 } else { 2232 users := result.Data.([]*model.User) 2233 2234 found := false 2235 for _, user := range users { 2236 if user.Id == inactiveUser.Id { 2237 found = true 2238 } 2239 } 2240 2241 if found { 2242 t.Fatal("should not have found inactive user") 2243 } 2244 } 2245 2246 if result, err := Client.SearchUsers(model.UserSearch{Term: inactiveUser.Username, TeamId: th.BasicTeam.Id, AllowInactive: true}); err != nil { 2247 t.Fatal(err) 2248 } else { 2249 users := result.Data.([]*model.User) 2250 2251 found := false 2252 for _, user := range users { 2253 if user.Id == inactiveUser.Id { 2254 found = true 2255 } 2256 } 2257 2258 if !found { 2259 t.Fatal("should have found inactive user") 2260 } 2261 } 2262 2263 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, InChannelId: th.BasicChannel.Id}); err != nil { 2264 t.Fatal(err) 2265 } else { 2266 users := result.Data.([]*model.User) 2267 2268 if len(users) != 1 { 2269 t.Fatal("map was wrong length") 2270 } 2271 2272 found := false 2273 for _, user := range users { 2274 if user.Id == th.BasicUser.Id { 2275 found = true 2276 } 2277 } 2278 2279 if !found { 2280 t.Fatal("should have found profile") 2281 } 2282 } 2283 2284 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser2.Username, NotInChannelId: th.BasicChannel.Id}); err != nil { 2285 t.Fatal(err) 2286 } else { 2287 users := result.Data.([]*model.User) 2288 2289 if len(users) != 1 { 2290 t.Fatal("map was wrong length") 2291 } 2292 2293 found1 := false 2294 found2 := false 2295 for _, user := range users { 2296 if user.Id == th.BasicUser.Id { 2297 found1 = true 2298 } else if user.Id == th.BasicUser2.Id { 2299 found2 = true 2300 } 2301 } 2302 2303 if found1 { 2304 t.Fatal("should not have found profile") 2305 } 2306 if !found2 { 2307 t.Fatal("should have found profile") 2308 } 2309 } 2310 2311 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser2.Username, TeamId: th.BasicTeam.Id, NotInChannelId: th.BasicChannel.Id}); err != nil { 2312 t.Fatal(err) 2313 } else { 2314 users := result.Data.([]*model.User) 2315 2316 if len(users) != 1 { 2317 t.Fatal("map was wrong length") 2318 } 2319 2320 found1 := false 2321 found2 := false 2322 for _, user := range users { 2323 if user.Id == th.BasicUser.Id { 2324 found1 = true 2325 } else if user.Id == th.BasicUser2.Id { 2326 found2 = true 2327 } 2328 } 2329 2330 if found1 { 2331 t.Fatal("should not have found profile") 2332 } 2333 if !found2 { 2334 t.Fatal("should have found profile") 2335 } 2336 } 2337 2338 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, TeamId: "junk", NotInChannelId: th.BasicChannel.Id}); err != nil { 2339 t.Fatal(err) 2340 } else { 2341 users := result.Data.([]*model.User) 2342 2343 if len(users) != 0 { 2344 t.Fatal("map was wrong length") 2345 } 2346 } 2347 2348 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2349 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 2350 2351 privacyEmailPrefix := strings.ToLower(model.NewId()) 2352 privacyUser := &model.User{Email: privacyEmailPrefix + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", FirstName: model.NewId(), LastName: "Jimmers"} 2353 privacyUser = Client.Must(Client.CreateUser(privacyUser, "")).Data.(*model.User) 2354 th.LinkUserToTeam(privacyUser, th.BasicTeam) 2355 2356 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyUser.FirstName}); err != nil { 2357 t.Fatal(err) 2358 } else { 2359 users := result.Data.([]*model.User) 2360 2361 found := false 2362 for _, user := range users { 2363 if user.Id == privacyUser.Id { 2364 found = true 2365 } 2366 } 2367 2368 if found { 2369 t.Fatal("should not have found profile") 2370 } 2371 } 2372 2373 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 2374 2375 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyUser.FirstName}); err != nil { 2376 t.Fatal(err) 2377 } else { 2378 users := result.Data.([]*model.User) 2379 2380 found := false 2381 for _, user := range users { 2382 if user.Id == privacyUser.Id { 2383 found = true 2384 } 2385 } 2386 2387 if found { 2388 t.Fatal("should not have found profile") 2389 } 2390 } 2391 2392 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2393 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = true }) 2394 2395 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyUser.FirstName}); err != nil { 2396 t.Fatal(err) 2397 } else { 2398 users := result.Data.([]*model.User) 2399 2400 found := false 2401 for _, user := range users { 2402 if user.Id == privacyUser.Id { 2403 found = true 2404 } 2405 } 2406 2407 if !found { 2408 t.Fatal("should have found profile") 2409 } 2410 } 2411 2412 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyEmailPrefix}); err != nil { 2413 t.Fatal(err) 2414 } else { 2415 users := result.Data.([]*model.User) 2416 2417 found := false 2418 for _, user := range users { 2419 if user.Id == privacyUser.Id { 2420 found = true 2421 } 2422 } 2423 2424 if found { 2425 t.Fatal("should not have found profile") 2426 } 2427 } 2428 2429 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 2430 2431 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyEmailPrefix}); err != nil { 2432 t.Fatal(err) 2433 } else { 2434 users := result.Data.([]*model.User) 2435 2436 found := false 2437 for _, user := range users { 2438 if user.Id == privacyUser.Id { 2439 found = true 2440 } 2441 } 2442 2443 if !found { 2444 t.Fatal("should have found profile") 2445 } 2446 } 2447 2448 th.LoginBasic2() 2449 2450 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username}); err != nil { 2451 t.Fatal(err) 2452 } else { 2453 users := result.Data.([]*model.User) 2454 2455 found := false 2456 for _, user := range users { 2457 if user.Id == th.BasicUser.Id { 2458 found = true 2459 } 2460 } 2461 2462 if !found { 2463 t.Fatal("should have found profile") 2464 } 2465 } 2466 2467 if _, err := Client.SearchUsers(model.UserSearch{}); err == nil { 2468 t.Fatal("should have errored - blank term") 2469 } 2470 2471 if _, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, InChannelId: th.BasicChannel.Id}); err == nil { 2472 t.Fatal("should not have access") 2473 } 2474 2475 if _, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, NotInChannelId: th.BasicChannel.Id}); err == nil { 2476 t.Fatal("should not have access") 2477 } 2478 2479 userWithoutTeam := th.CreateUser(Client) 2480 if result, err := Client.SearchUsers(model.UserSearch{Term: userWithoutTeam.Username}); err != nil { 2481 t.Fatal(err) 2482 } else { 2483 users := result.Data.([]*model.User) 2484 2485 found := false 2486 for _, user := range users { 2487 if user.Id == userWithoutTeam.Id { 2488 found = true 2489 } 2490 } 2491 2492 if !found { 2493 t.Fatal("should have found user without team") 2494 } 2495 } 2496 2497 if result, err := Client.SearchUsers(model.UserSearch{Term: userWithoutTeam.Username, WithoutTeam: true}); err != nil { 2498 t.Fatal(err) 2499 } else { 2500 users := result.Data.([]*model.User) 2501 2502 found := false 2503 for _, user := range users { 2504 if user.Id == userWithoutTeam.Id { 2505 found = true 2506 } 2507 } 2508 2509 if !found { 2510 t.Fatal("should have found user without team") 2511 } 2512 } 2513 2514 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, WithoutTeam: true}); err != nil { 2515 t.Fatal(err) 2516 } else { 2517 users := result.Data.([]*model.User) 2518 2519 found := false 2520 for _, user := range users { 2521 if user.Id == th.BasicUser.Id { 2522 found = true 2523 } 2524 } 2525 2526 if found { 2527 t.Fatal("should not have found user with team") 2528 } 2529 } 2530 } 2531 2532 func TestAutocompleteUsers(t *testing.T) { 2533 th := Setup().InitBasic() 2534 defer th.TearDown() 2535 2536 Client := th.BasicClient 2537 2538 if result, err := Client.AutocompleteUsers(th.BasicUser.Username); err != nil { 2539 t.Fatal(err) 2540 } else { 2541 users := result.Data.([]*model.User) 2542 if len(users) != 1 { 2543 t.Fatal("should have returned 1 user in") 2544 } 2545 } 2546 2547 if result, err := Client.AutocompleteUsers("amazonses"); err != nil { 2548 t.Fatal(err) 2549 } else { 2550 users := result.Data.([]*model.User) 2551 if len(users) != 0 { 2552 t.Fatal("should have returned 0 users - email should not autocomplete") 2553 } 2554 } 2555 2556 if result, err := Client.AutocompleteUsers(""); err != nil { 2557 t.Fatal(err) 2558 } else { 2559 users := result.Data.([]*model.User) 2560 if len(users) == 0 { 2561 t.Fatal("should have many users") 2562 } 2563 } 2564 2565 notInTeamUser := th.CreateUser(Client) 2566 2567 if result, err := Client.AutocompleteUsers(notInTeamUser.Username); err != nil { 2568 t.Fatal(err) 2569 } else { 2570 users := result.Data.([]*model.User) 2571 if len(users) != 1 { 2572 t.Fatal("should have returned 1 user in") 2573 } 2574 } 2575 2576 if result, err := Client.AutocompleteUsersInTeam(notInTeamUser.Username); err != nil { 2577 t.Fatal(err) 2578 } else { 2579 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2580 if len(autocomplete.InTeam) != 0 { 2581 t.Fatal("should have returned 0 users") 2582 } 2583 } 2584 2585 if result, err := Client.AutocompleteUsersInTeam(th.BasicUser.Username); err != nil { 2586 t.Fatal(err) 2587 } else { 2588 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2589 if len(autocomplete.InTeam) != 1 { 2590 t.Fatal("should have returned 1 user in") 2591 } 2592 } 2593 2594 if result, err := Client.AutocompleteUsersInTeam(th.BasicUser.Username[0:5]); err != nil { 2595 t.Fatal(err) 2596 } else { 2597 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2598 if len(autocomplete.InTeam) < 1 { 2599 t.Fatal("should have returned at least 1 user in") 2600 } 2601 } 2602 2603 if result, err := Client.AutocompleteUsersInChannel(th.BasicUser.Username, th.BasicChannel.Id); err != nil { 2604 t.Fatal(err) 2605 } else { 2606 autocomplete := result.Data.(*model.UserAutocompleteInChannel) 2607 if len(autocomplete.InChannel) != 1 { 2608 t.Fatal("should have returned 1 user in") 2609 } 2610 if len(autocomplete.OutOfChannel) != 0 { 2611 t.Fatal("should have returned no users out") 2612 } 2613 } 2614 2615 if result, err := Client.AutocompleteUsersInChannel("", th.BasicChannel.Id); err != nil { 2616 t.Fatal(err) 2617 } else { 2618 autocomplete := result.Data.(*model.UserAutocompleteInChannel) 2619 if len(autocomplete.InChannel) != 1 && autocomplete.InChannel[0].Id != th.BasicUser2.Id { 2620 t.Fatal("should have returned at 1 user in") 2621 } 2622 if len(autocomplete.OutOfChannel) != 1 && autocomplete.OutOfChannel[0].Id != th.BasicUser2.Id { 2623 t.Fatal("should have returned 1 user out") 2624 } 2625 } 2626 2627 if result, err := Client.AutocompleteUsersInTeam(""); err != nil { 2628 t.Fatal(err) 2629 } else { 2630 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2631 if len(autocomplete.InTeam) != 2 { 2632 t.Fatal("should have returned 2 users in") 2633 } 2634 } 2635 2636 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 2637 2638 privacyUser := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", FirstName: model.NewId(), LastName: "Jimmers"} 2639 privacyUser = Client.Must(Client.CreateUser(privacyUser, "")).Data.(*model.User) 2640 th.LinkUserToTeam(privacyUser, th.BasicTeam) 2641 2642 if result, err := Client.AutocompleteUsersInChannel(privacyUser.FirstName, th.BasicChannel.Id); err != nil { 2643 t.Fatal(err) 2644 } else { 2645 autocomplete := result.Data.(*model.UserAutocompleteInChannel) 2646 if len(autocomplete.InChannel) != 0 { 2647 t.Fatal("should have returned no users") 2648 } 2649 if len(autocomplete.OutOfChannel) != 0 { 2650 t.Fatal("should have returned no users") 2651 } 2652 } 2653 2654 if result, err := Client.AutocompleteUsersInTeam(privacyUser.FirstName); err != nil { 2655 t.Fatal(err) 2656 } else { 2657 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2658 if len(autocomplete.InTeam) != 0 { 2659 t.Fatal("should have returned no users") 2660 } 2661 } 2662 2663 if _, err := Client.AutocompleteUsersInChannel("", "junk"); err == nil { 2664 t.Fatal("should have errored - bad channel id") 2665 } 2666 2667 Client.SetTeamId("junk") 2668 if _, err := Client.AutocompleteUsersInChannel("", th.BasicChannel.Id); err == nil { 2669 t.Fatal("should have errored - bad team id") 2670 } 2671 2672 if _, err := Client.AutocompleteUsersInTeam(""); err == nil { 2673 t.Fatal("should have errored - bad team id") 2674 } 2675 } 2676 2677 func TestGetByUsername(t *testing.T) { 2678 th := Setup().InitBasic() 2679 defer th.TearDown() 2680 2681 Client := th.BasicClient 2682 2683 if result, err := Client.GetByUsername(th.BasicUser.Username, ""); err != nil { 2684 t.Fatal("Failed to get user") 2685 } else { 2686 if result.Data.(*model.User).Password != "" { 2687 t.Fatal("User shouldn't have any password data once set") 2688 } 2689 } 2690 2691 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2692 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 2693 2694 if result, err := Client.GetByUsername(th.BasicUser2.Username, ""); err != nil { 2695 t.Fatal(err) 2696 } else { 2697 u := result.Data.(*model.User) 2698 if u.Password != "" { 2699 t.Fatal("password must be empty") 2700 } 2701 if *u.AuthData != "" { 2702 t.Fatal("auth data must be empty") 2703 } 2704 if u.Email != "" { 2705 t.Fatal("email should be sanitized") 2706 } 2707 } 2708 2709 } 2710 2711 func TestGetByEmail(t *testing.T) { 2712 th := Setup().InitBasic() 2713 defer th.TearDown() 2714 2715 Client := th.BasicClient 2716 2717 if _, respMetdata := Client.GetByEmail(th.BasicUser.Email, ""); respMetdata.Error != nil { 2718 t.Fatal("Failed to get user by email") 2719 } 2720 2721 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2722 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 2723 2724 if user, respMetdata := Client.GetByEmail(th.BasicUser2.Email, ""); respMetdata.Error != nil { 2725 t.Fatal(respMetdata.Error) 2726 } else { 2727 if user.Password != "" { 2728 t.Fatal("password must be empty") 2729 } 2730 if *user.AuthData != "" { 2731 t.Fatal("auth data must be empty") 2732 } 2733 if user.Email != "" { 2734 t.Fatal("email should be sanitized") 2735 } 2736 } 2737 }