github.com/kongr45gpen/mattermost-server@v5.11.1+incompatible/api4/bot_test.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "io/ioutil" 8 "strings" 9 "testing" 10 11 "github.com/mattermost/mattermost-server/model" 12 "github.com/stretchr/testify/require" 13 ) 14 15 func TestCreateBot(t *testing.T) { 16 t.Run("create bot without permissions", func(t *testing.T) { 17 th := Setup().InitBasic() 18 defer th.TearDown() 19 20 _, resp := th.Client.CreateBot(&model.Bot{ 21 Username: GenerateTestUsername(), 22 DisplayName: "a bot", 23 Description: "bot", 24 }) 25 26 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 27 }) 28 29 t.Run("create bot with permissions", func(t *testing.T) { 30 th := Setup().InitBasic() 31 defer th.TearDown() 32 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 33 34 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 35 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 36 37 bot := &model.Bot{ 38 Username: GenerateTestUsername(), 39 DisplayName: "a bot", 40 Description: "bot", 41 } 42 43 createdBot, resp := th.Client.CreateBot(bot) 44 CheckCreatedStatus(t, resp) 45 defer th.App.PermanentDeleteBot(createdBot.UserId) 46 require.Equal(t, bot.Username, createdBot.Username) 47 require.Equal(t, bot.DisplayName, createdBot.DisplayName) 48 require.Equal(t, bot.Description, createdBot.Description) 49 require.Equal(t, th.BasicUser.Id, createdBot.OwnerId) 50 }) 51 52 t.Run("create invalid bot", func(t *testing.T) { 53 th := Setup().InitBasic() 54 defer th.TearDown() 55 56 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 57 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 58 59 _, resp := th.Client.CreateBot(&model.Bot{ 60 Username: "username", 61 DisplayName: "a bot", 62 Description: strings.Repeat("x", 1025), 63 }) 64 65 CheckErrorMessage(t, resp, "model.bot.is_valid.description.app_error") 66 }) 67 } 68 69 func TestPatchBot(t *testing.T) { 70 t.Run("patch non-existent bot", func(t *testing.T) { 71 th := Setup().InitBasic() 72 defer th.TearDown() 73 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 74 75 _, resp := th.SystemAdminClient.PatchBot(model.NewId(), &model.BotPatch{}) 76 CheckNotFoundStatus(t, resp) 77 }) 78 79 t.Run("patch someone else's bot without permission", func(t *testing.T) { 80 th := Setup().InitBasic() 81 defer th.TearDown() 82 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 83 84 createdBot, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 85 Username: GenerateTestUsername(), 86 DisplayName: "a bot", 87 Description: "bot", 88 }) 89 CheckCreatedStatus(t, resp) 90 defer th.App.PermanentDeleteBot(createdBot.UserId) 91 92 _, resp = th.Client.PatchBot(createdBot.UserId, &model.BotPatch{}) 93 CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error") 94 }) 95 96 t.Run("patch someone else's bot without permission, but with read others permission", func(t *testing.T) { 97 th := Setup().InitBasic() 98 defer th.TearDown() 99 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 100 101 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 102 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 103 104 createdBot, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 105 Username: GenerateTestUsername(), 106 DisplayName: "a bot", 107 Description: "bot", 108 }) 109 CheckCreatedStatus(t, resp) 110 defer th.App.PermanentDeleteBot(createdBot.UserId) 111 112 _, resp = th.Client.PatchBot(createdBot.UserId, &model.BotPatch{}) 113 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 114 }) 115 116 t.Run("patch someone else's bot with permission", func(t *testing.T) { 117 th := Setup().InitBasic() 118 defer th.TearDown() 119 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 120 121 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 122 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 123 124 createdBot, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 125 Username: GenerateTestUsername(), 126 DisplayName: "a bot", 127 Description: "bot", 128 }) 129 CheckCreatedStatus(t, resp) 130 defer th.App.PermanentDeleteBot(createdBot.UserId) 131 132 botPatch := &model.BotPatch{ 133 Username: sToP(GenerateTestUsername()), 134 DisplayName: sToP("an updated bot"), 135 Description: sToP("updated bot"), 136 } 137 138 patchedBot, resp := th.Client.PatchBot(createdBot.UserId, botPatch) 139 CheckOKStatus(t, resp) 140 require.Equal(t, *botPatch.Username, patchedBot.Username) 141 require.Equal(t, *botPatch.DisplayName, patchedBot.DisplayName) 142 require.Equal(t, *botPatch.Description, patchedBot.Description) 143 require.Equal(t, th.SystemAdminUser.Id, patchedBot.OwnerId) 144 }) 145 146 t.Run("patch my bot without permission", func(t *testing.T) { 147 th := Setup().InitBasic() 148 defer th.TearDown() 149 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 150 151 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 152 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 153 154 createdBot, resp := th.Client.CreateBot(&model.Bot{ 155 Username: GenerateTestUsername(), 156 DisplayName: "a bot", 157 Description: "bot", 158 }) 159 CheckCreatedStatus(t, resp) 160 defer th.App.PermanentDeleteBot(createdBot.UserId) 161 162 botPatch := &model.BotPatch{ 163 Username: sToP(GenerateTestUsername()), 164 DisplayName: sToP("an updated bot"), 165 Description: sToP("updated bot"), 166 } 167 168 _, resp = th.Client.PatchBot(createdBot.UserId, botPatch) 169 CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error") 170 }) 171 172 t.Run("patch my bot without permission, but with read permission", func(t *testing.T) { 173 th := Setup().InitBasic() 174 defer th.TearDown() 175 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 176 177 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 178 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 179 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 180 181 createdBot, resp := th.Client.CreateBot(&model.Bot{ 182 Username: GenerateTestUsername(), 183 DisplayName: "a bot", 184 Description: "bot", 185 }) 186 CheckCreatedStatus(t, resp) 187 defer th.App.PermanentDeleteBot(createdBot.UserId) 188 189 botPatch := &model.BotPatch{ 190 Username: sToP(GenerateTestUsername()), 191 DisplayName: sToP("an updated bot"), 192 Description: sToP("updated bot"), 193 } 194 195 _, resp = th.Client.PatchBot(createdBot.UserId, botPatch) 196 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 197 }) 198 199 t.Run("patch my bot with permission", func(t *testing.T) { 200 th := Setup().InitBasic() 201 defer th.TearDown() 202 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 203 204 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 205 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID) 206 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 207 208 createdBot, resp := th.Client.CreateBot(&model.Bot{ 209 Username: GenerateTestUsername(), 210 DisplayName: "a bot", 211 Description: "bot", 212 }) 213 CheckCreatedStatus(t, resp) 214 defer th.App.PermanentDeleteBot(createdBot.UserId) 215 216 botPatch := &model.BotPatch{ 217 Username: sToP(GenerateTestUsername()), 218 DisplayName: sToP("an updated bot"), 219 Description: sToP("updated bot"), 220 } 221 222 patchedBot, resp := th.Client.PatchBot(createdBot.UserId, botPatch) 223 CheckOKStatus(t, resp) 224 require.Equal(t, *botPatch.Username, patchedBot.Username) 225 require.Equal(t, *botPatch.DisplayName, patchedBot.DisplayName) 226 require.Equal(t, *botPatch.Description, patchedBot.Description) 227 require.Equal(t, th.BasicUser.Id, patchedBot.OwnerId) 228 }) 229 230 t.Run("partial patch my bot with permission", func(t *testing.T) { 231 th := Setup().InitBasic() 232 defer th.TearDown() 233 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 234 235 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 236 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID) 237 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 238 239 bot := &model.Bot{ 240 Username: GenerateTestUsername(), 241 DisplayName: "a bot", 242 Description: "bot", 243 } 244 245 createdBot, resp := th.Client.CreateBot(bot) 246 CheckCreatedStatus(t, resp) 247 defer th.App.PermanentDeleteBot(createdBot.UserId) 248 249 botPatch := &model.BotPatch{ 250 Username: sToP(GenerateTestUsername()), 251 } 252 253 patchedBot, resp := th.Client.PatchBot(createdBot.UserId, botPatch) 254 CheckOKStatus(t, resp) 255 require.Equal(t, *botPatch.Username, patchedBot.Username) 256 require.Equal(t, bot.DisplayName, patchedBot.DisplayName) 257 require.Equal(t, bot.Description, patchedBot.Description) 258 require.Equal(t, th.BasicUser.Id, patchedBot.OwnerId) 259 }) 260 261 t.Run("update bot, internally managed fields ignored", func(t *testing.T) { 262 th := Setup().InitBasic() 263 defer th.TearDown() 264 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 265 266 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 267 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID) 268 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 269 270 createdBot, resp := th.Client.CreateBot(&model.Bot{ 271 Username: GenerateTestUsername(), 272 DisplayName: "a bot", 273 Description: "bot", 274 }) 275 CheckCreatedStatus(t, resp) 276 defer th.App.PermanentDeleteBot(createdBot.UserId) 277 278 r, err := th.Client.DoApiPut(th.Client.GetBotRoute(createdBot.UserId), `{"creator_id":"`+th.BasicUser2.Id+`"}`) 279 require.Nil(t, err) 280 defer func() { 281 _, _ = ioutil.ReadAll(r.Body) 282 _ = r.Body.Close() 283 }() 284 patchedBot := model.BotFromJson(r.Body) 285 resp = model.BuildResponse(r) 286 CheckOKStatus(t, resp) 287 288 require.Equal(t, th.BasicUser.Id, patchedBot.OwnerId) 289 }) 290 } 291 292 func TestGetBot(t *testing.T) { 293 th := Setup().InitBasic() 294 defer th.TearDown() 295 296 bot1, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 297 Username: GenerateTestUsername(), 298 DisplayName: "a bot", 299 Description: "the first bot", 300 }) 301 CheckCreatedStatus(t, resp) 302 defer th.App.PermanentDeleteBot(bot1.UserId) 303 304 bot2, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 305 Username: GenerateTestUsername(), 306 DisplayName: "another bot", 307 Description: "the second bot", 308 }) 309 CheckCreatedStatus(t, resp) 310 defer th.App.PermanentDeleteBot(bot2.UserId) 311 312 deletedBot, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 313 Username: GenerateTestUsername(), 314 Description: "a deleted bot", 315 }) 316 CheckCreatedStatus(t, resp) 317 defer th.App.PermanentDeleteBot(deletedBot.UserId) 318 deletedBot, resp = th.SystemAdminClient.DisableBot(deletedBot.UserId) 319 CheckOKStatus(t, resp) 320 321 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 322 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 323 myBot, resp := th.Client.CreateBot(&model.Bot{ 324 Username: GenerateTestUsername(), 325 DisplayName: "my bot", 326 Description: "a bot created by non-admin", 327 }) 328 CheckCreatedStatus(t, resp) 329 defer th.App.PermanentDeleteBot(myBot.UserId) 330 th.RemovePermissionFromRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 331 332 t.Run("get unknown bot", func(t *testing.T) { 333 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 334 335 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 336 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 337 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 338 339 _, resp := th.Client.GetBot(model.NewId(), "") 340 CheckNotFoundStatus(t, resp) 341 }) 342 343 t.Run("get bot1", func(t *testing.T) { 344 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 345 346 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 347 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 348 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 349 350 bot, resp := th.Client.GetBot(bot1.UserId, "") 351 CheckOKStatus(t, resp) 352 require.Equal(t, bot1, bot) 353 354 bot, resp = th.Client.GetBot(bot1.UserId, bot.Etag()) 355 CheckEtag(t, bot, resp) 356 }) 357 358 t.Run("get bot2", func(t *testing.T) { 359 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 360 361 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 362 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 363 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 364 365 bot, resp := th.Client.GetBot(bot2.UserId, "") 366 CheckOKStatus(t, resp) 367 require.Equal(t, bot2, bot) 368 369 bot, resp = th.Client.GetBot(bot2.UserId, bot.Etag()) 370 CheckEtag(t, bot, resp) 371 }) 372 373 t.Run("get bot1 without READ_OTHERS_BOTS permission", func(t *testing.T) { 374 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 375 376 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 377 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 378 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID) 379 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 380 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 381 382 _, resp := th.Client.GetBot(bot1.UserId, "") 383 CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error") 384 }) 385 386 t.Run("get myBot without READ_BOTS OR READ_OTHERS_BOTS permissions", func(t *testing.T) { 387 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 388 389 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 390 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID) 391 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 392 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 393 394 _, resp := th.Client.GetBot(myBot.UserId, "") 395 CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error") 396 }) 397 398 t.Run("get deleted bot", func(t *testing.T) { 399 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 400 401 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 402 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 403 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 404 405 _, resp := th.Client.GetBot(deletedBot.UserId, "") 406 CheckNotFoundStatus(t, resp) 407 }) 408 409 t.Run("get deleted bot, include deleted", func(t *testing.T) { 410 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 411 412 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 413 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 414 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 415 416 bot, resp := th.Client.GetBotIncludeDeleted(deletedBot.UserId, "") 417 CheckOKStatus(t, resp) 418 require.NotEqual(t, 0, bot.DeleteAt) 419 deletedBot.UpdateAt = bot.UpdateAt 420 deletedBot.DeleteAt = bot.DeleteAt 421 require.Equal(t, deletedBot, bot) 422 423 bot, resp = th.Client.GetBotIncludeDeleted(deletedBot.UserId, bot.Etag()) 424 CheckEtag(t, bot, resp) 425 }) 426 } 427 428 func TestGetBots(t *testing.T) { 429 th := Setup().InitBasic() 430 defer th.TearDown() 431 432 bot1, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 433 Username: GenerateTestUsername(), 434 DisplayName: "a bot", 435 Description: "the first bot", 436 }) 437 CheckCreatedStatus(t, resp) 438 defer th.App.PermanentDeleteBot(bot1.UserId) 439 440 deletedBot1, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 441 Username: GenerateTestUsername(), 442 Description: "a deleted bot", 443 }) 444 CheckCreatedStatus(t, resp) 445 defer th.App.PermanentDeleteBot(deletedBot1.UserId) 446 deletedBot1, resp = th.SystemAdminClient.DisableBot(deletedBot1.UserId) 447 CheckOKStatus(t, resp) 448 449 bot2, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 450 Username: GenerateTestUsername(), 451 DisplayName: "another bot", 452 Description: "the second bot", 453 }) 454 CheckCreatedStatus(t, resp) 455 defer th.App.PermanentDeleteBot(bot2.UserId) 456 457 bot3, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 458 Username: GenerateTestUsername(), 459 DisplayName: "another bot", 460 Description: "the third bot", 461 }) 462 CheckCreatedStatus(t, resp) 463 defer th.App.PermanentDeleteBot(bot3.UserId) 464 465 deletedBot2, resp := th.SystemAdminClient.CreateBot(&model.Bot{ 466 Username: GenerateTestUsername(), 467 Description: "a deleted bot", 468 }) 469 CheckCreatedStatus(t, resp) 470 defer th.App.PermanentDeleteBot(deletedBot2.UserId) 471 deletedBot2, resp = th.SystemAdminClient.DisableBot(deletedBot2.UserId) 472 CheckOKStatus(t, resp) 473 474 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 475 th.App.UpdateUserRoles(th.BasicUser2.Id, model.TEAM_USER_ROLE_ID, false) 476 th.LoginBasic2() 477 orphanedBot, resp := th.Client.CreateBot(&model.Bot{ 478 Username: GenerateTestUsername(), 479 Description: "an oprphaned bot", 480 }) 481 CheckCreatedStatus(t, resp) 482 th.LoginBasic() 483 defer th.App.PermanentDeleteBot(orphanedBot.UserId) 484 // Automatic deactivation disabled 485 th.App.UpdateConfig(func(cfg *model.Config) { 486 *cfg.ServiceSettings.DisableBotsWhenOwnerIsDeactivated = false 487 }) 488 _, resp = th.SystemAdminClient.DeleteUser(th.BasicUser2.Id) 489 CheckOKStatus(t, resp) 490 491 t.Run("get bots, page=0, perPage=10", func(t *testing.T) { 492 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 493 494 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 495 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 496 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 497 498 bots, resp := th.Client.GetBots(0, 10, "") 499 CheckOKStatus(t, resp) 500 require.Equal(t, []*model.Bot{bot1, bot2, bot3, orphanedBot}, bots) 501 502 botList := model.BotList(bots) 503 bots, resp = th.Client.GetBots(0, 10, botList.Etag()) 504 CheckEtag(t, bots, resp) 505 }) 506 507 t.Run("get bots, page=0, perPage=1", func(t *testing.T) { 508 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 509 510 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 511 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 512 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 513 514 bots, resp := th.Client.GetBots(0, 1, "") 515 CheckOKStatus(t, resp) 516 require.Equal(t, []*model.Bot{bot1}, bots) 517 518 botList := model.BotList(bots) 519 bots, resp = th.Client.GetBots(0, 1, botList.Etag()) 520 CheckEtag(t, bots, resp) 521 }) 522 523 t.Run("get bots, page=1, perPage=2", func(t *testing.T) { 524 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 525 526 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 527 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 528 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 529 530 bots, resp := th.Client.GetBots(1, 2, "") 531 CheckOKStatus(t, resp) 532 require.Equal(t, []*model.Bot{bot3, orphanedBot}, bots) 533 534 botList := model.BotList(bots) 535 bots, resp = th.Client.GetBots(1, 2, botList.Etag()) 536 CheckEtag(t, bots, resp) 537 }) 538 539 t.Run("get bots, page=2, perPage=2", func(t *testing.T) { 540 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 541 542 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 543 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 544 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 545 546 bots, resp := th.Client.GetBots(2, 2, "") 547 CheckOKStatus(t, resp) 548 require.Equal(t, []*model.Bot{}, bots) 549 550 botList := model.BotList(bots) 551 bots, resp = th.Client.GetBots(2, 2, botList.Etag()) 552 CheckEtag(t, bots, resp) 553 }) 554 555 t.Run("get bots, page=0, perPage=10, include deleted", func(t *testing.T) { 556 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 557 558 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 559 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 560 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 561 562 bots, resp := th.Client.GetBotsIncludeDeleted(0, 10, "") 563 CheckOKStatus(t, resp) 564 require.Equal(t, []*model.Bot{bot1, deletedBot1, bot2, bot3, deletedBot2, orphanedBot}, bots) 565 566 botList := model.BotList(bots) 567 bots, resp = th.Client.GetBotsIncludeDeleted(0, 10, botList.Etag()) 568 CheckEtag(t, bots, resp) 569 }) 570 571 t.Run("get bots, page=0, perPage=1, include deleted", func(t *testing.T) { 572 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 573 574 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 575 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 576 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 577 578 bots, resp := th.Client.GetBotsIncludeDeleted(0, 1, "") 579 CheckOKStatus(t, resp) 580 require.Equal(t, []*model.Bot{bot1}, bots) 581 582 botList := model.BotList(bots) 583 bots, resp = th.Client.GetBotsIncludeDeleted(0, 1, botList.Etag()) 584 CheckEtag(t, bots, resp) 585 }) 586 587 t.Run("get bots, page=1, perPage=2, include deleted", func(t *testing.T) { 588 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 589 590 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 591 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 592 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 593 594 bots, resp := th.Client.GetBotsIncludeDeleted(1, 2, "") 595 CheckOKStatus(t, resp) 596 require.Equal(t, []*model.Bot{bot2, bot3}, bots) 597 598 botList := model.BotList(bots) 599 bots, resp = th.Client.GetBotsIncludeDeleted(1, 2, botList.Etag()) 600 CheckEtag(t, bots, resp) 601 }) 602 603 t.Run("get bots, page=2, perPage=2, include deleted", func(t *testing.T) { 604 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 605 606 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 607 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 608 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 609 610 bots, resp := th.Client.GetBotsIncludeDeleted(2, 2, "") 611 CheckOKStatus(t, resp) 612 require.Equal(t, []*model.Bot{deletedBot2, orphanedBot}, bots) 613 614 botList := model.BotList(bots) 615 bots, resp = th.Client.GetBotsIncludeDeleted(2, 2, botList.Etag()) 616 CheckEtag(t, bots, resp) 617 }) 618 619 t.Run("get bots, page=0, perPage=10, only orphaned", func(t *testing.T) { 620 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 621 622 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 623 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 624 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 625 626 bots, resp := th.Client.GetBotsOrphaned(0, 10, "") 627 CheckOKStatus(t, resp) 628 require.Equal(t, []*model.Bot{orphanedBot}, bots) 629 630 botList := model.BotList(bots) 631 bots, resp = th.Client.GetBotsOrphaned(0, 10, botList.Etag()) 632 CheckEtag(t, bots, resp) 633 }) 634 635 t.Run("get bots without permission", func(t *testing.T) { 636 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 637 638 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 639 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID) 640 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID) 641 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 642 643 _, resp := th.Client.GetBots(0, 10, "") 644 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 645 }) 646 } 647 648 func TestDisableBot(t *testing.T) { 649 t.Run("disable non-existent bot", func(t *testing.T) { 650 th := Setup().InitBasic() 651 defer th.TearDown() 652 653 _, resp := th.Client.DisableBot(model.NewId()) 654 CheckNotFoundStatus(t, resp) 655 }) 656 657 t.Run("disable bot without permission", func(t *testing.T) { 658 th := Setup().InitBasic() 659 defer th.TearDown() 660 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 661 662 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 663 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 664 665 bot := &model.Bot{ 666 Username: GenerateTestUsername(), 667 Description: "bot", 668 } 669 670 createdBot, resp := th.Client.CreateBot(bot) 671 CheckCreatedStatus(t, resp) 672 defer th.App.PermanentDeleteBot(createdBot.UserId) 673 674 _, resp = th.Client.DisableBot(createdBot.UserId) 675 CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error") 676 }) 677 678 t.Run("disable bot without permission, but with read permission", func(t *testing.T) { 679 th := Setup().InitBasic() 680 defer th.TearDown() 681 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 682 683 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 684 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 685 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 686 687 bot := &model.Bot{ 688 Username: GenerateTestUsername(), 689 Description: "bot", 690 } 691 692 createdBot, resp := th.Client.CreateBot(bot) 693 CheckCreatedStatus(t, resp) 694 defer th.App.PermanentDeleteBot(createdBot.UserId) 695 696 _, resp = th.Client.DisableBot(createdBot.UserId) 697 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 698 }) 699 700 t.Run("disable bot with permission", func(t *testing.T) { 701 th := Setup().InitBasic() 702 defer th.TearDown() 703 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 704 705 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 706 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID) 707 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 708 709 bot, resp := th.Client.CreateBot(&model.Bot{ 710 Username: GenerateTestUsername(), 711 Description: "bot", 712 }) 713 CheckCreatedStatus(t, resp) 714 defer th.App.PermanentDeleteBot(bot.UserId) 715 716 enabledBot1, resp := th.Client.DisableBot(bot.UserId) 717 CheckOKStatus(t, resp) 718 bot.UpdateAt = enabledBot1.UpdateAt 719 bot.DeleteAt = enabledBot1.DeleteAt 720 require.Equal(t, bot, enabledBot1) 721 722 // Check bot disabled 723 disab, resp := th.SystemAdminClient.GetBotIncludeDeleted(bot.UserId, "") 724 CheckOKStatus(t, resp) 725 require.NotZero(t, disab.DeleteAt) 726 727 // Disabling should be idempotent. 728 enabledBot2, resp := th.Client.DisableBot(bot.UserId) 729 CheckOKStatus(t, resp) 730 require.Equal(t, bot, enabledBot2) 731 }) 732 } 733 734 func TestEnableBot(t *testing.T) { 735 t.Run("enable non-existent bot", func(t *testing.T) { 736 th := Setup().InitBasic() 737 defer th.TearDown() 738 739 _, resp := th.Client.EnableBot(model.NewId()) 740 CheckNotFoundStatus(t, resp) 741 }) 742 743 t.Run("enable bot without permission", func(t *testing.T) { 744 th := Setup().InitBasic() 745 defer th.TearDown() 746 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 747 748 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 749 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 750 751 bot := &model.Bot{ 752 Username: GenerateTestUsername(), 753 Description: "bot", 754 } 755 756 createdBot, resp := th.Client.CreateBot(bot) 757 CheckCreatedStatus(t, resp) 758 defer th.App.PermanentDeleteBot(createdBot.UserId) 759 760 _, resp = th.SystemAdminClient.DisableBot(createdBot.UserId) 761 CheckOKStatus(t, resp) 762 763 _, resp = th.Client.EnableBot(createdBot.UserId) 764 CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error") 765 }) 766 767 t.Run("enable bot without permission, but with read permission", func(t *testing.T) { 768 th := Setup().InitBasic() 769 defer th.TearDown() 770 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 771 772 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 773 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID) 774 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 775 776 bot := &model.Bot{ 777 Username: GenerateTestUsername(), 778 Description: "bot", 779 } 780 781 createdBot, resp := th.Client.CreateBot(bot) 782 CheckCreatedStatus(t, resp) 783 defer th.App.PermanentDeleteBot(createdBot.UserId) 784 785 _, resp = th.SystemAdminClient.DisableBot(createdBot.UserId) 786 CheckOKStatus(t, resp) 787 788 _, resp = th.Client.EnableBot(createdBot.UserId) 789 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 790 }) 791 792 t.Run("enable bot with permission", func(t *testing.T) { 793 th := Setup().InitBasic() 794 defer th.TearDown() 795 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 796 797 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID) 798 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID) 799 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 800 801 bot, resp := th.Client.CreateBot(&model.Bot{ 802 Username: GenerateTestUsername(), 803 Description: "bot", 804 }) 805 CheckCreatedStatus(t, resp) 806 defer th.App.PermanentDeleteBot(bot.UserId) 807 808 _, resp = th.SystemAdminClient.DisableBot(bot.UserId) 809 CheckOKStatus(t, resp) 810 811 enabledBot1, resp := th.Client.EnableBot(bot.UserId) 812 CheckOKStatus(t, resp) 813 bot.UpdateAt = enabledBot1.UpdateAt 814 bot.DeleteAt = enabledBot1.DeleteAt 815 require.Equal(t, bot, enabledBot1) 816 817 // Check bot enabled 818 enab, resp := th.SystemAdminClient.GetBotIncludeDeleted(bot.UserId, "") 819 CheckOKStatus(t, resp) 820 require.Zero(t, enab.DeleteAt) 821 822 // Disabling should be idempotent. 823 enabledBot2, resp := th.Client.EnableBot(bot.UserId) 824 CheckOKStatus(t, resp) 825 require.Equal(t, bot, enabledBot2) 826 }) 827 } 828 829 func TestAssignBot(t *testing.T) { 830 th := Setup().InitBasic() 831 defer th.TearDown() 832 833 t.Run("claim non-existent bot", func(t *testing.T) { 834 _, resp := th.SystemAdminClient.AssignBot(model.NewId(), model.NewId()) 835 CheckNotFoundStatus(t, resp) 836 }) 837 838 t.Run("system admin assign bot", func(t *testing.T) { 839 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 840 841 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID) 842 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID) 843 844 bot := &model.Bot{ 845 Username: GenerateTestUsername(), 846 Description: "bot", 847 } 848 bot, resp := th.Client.CreateBot(bot) 849 CheckCreatedStatus(t, resp) 850 defer th.App.PermanentDeleteBot(bot.UserId) 851 852 before, resp := th.Client.GetBot(bot.UserId, "") 853 CheckOKStatus(t, resp) 854 require.Equal(t, th.BasicUser.Id, before.OwnerId) 855 856 _, resp = th.SystemAdminClient.AssignBot(bot.UserId, th.SystemAdminUser.Id) 857 CheckOKStatus(t, resp) 858 859 // Original owner doesn't have read others bots permission, therefore can't see bot anymore 860 _, resp = th.Client.GetBot(bot.UserId, "") 861 CheckNotFoundStatus(t, resp) 862 863 // System admin can see creator ID has changed 864 after, resp := th.SystemAdminClient.GetBot(bot.UserId, "") 865 CheckOKStatus(t, resp) 866 require.Equal(t, th.SystemAdminUser.Id, after.OwnerId) 867 868 // Assign back to user without permissions to manage 869 _, resp = th.SystemAdminClient.AssignBot(bot.UserId, th.BasicUser.Id) 870 CheckOKStatus(t, resp) 871 872 after, resp = th.SystemAdminClient.GetBot(bot.UserId, "") 873 CheckOKStatus(t, resp) 874 require.Equal(t, th.BasicUser.Id, after.OwnerId) 875 }) 876 877 t.Run("random user assign bot", func(t *testing.T) { 878 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 879 880 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID) 881 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID) 882 883 bot := &model.Bot{ 884 Username: GenerateTestUsername(), 885 Description: "bot", 886 } 887 createdBot, resp := th.Client.CreateBot(bot) 888 CheckCreatedStatus(t, resp) 889 defer th.App.PermanentDeleteBot(createdBot.UserId) 890 891 th.LoginBasic2() 892 893 // Without permission to read others bots it doesn't exist 894 _, resp = th.Client.AssignBot(createdBot.UserId, th.BasicUser2.Id) 895 CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error") 896 897 // With permissions to read we don't have permissions to modify 898 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.SYSTEM_USER_ROLE_ID) 899 _, resp = th.Client.AssignBot(createdBot.UserId, th.BasicUser2.Id) 900 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 901 902 th.LoginBasic() 903 }) 904 905 t.Run("delegated user assign bot", func(t *testing.T) { 906 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 907 908 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID) 909 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID) 910 911 bot := &model.Bot{ 912 Username: GenerateTestUsername(), 913 Description: "bot", 914 } 915 bot, resp := th.Client.CreateBot(bot) 916 CheckCreatedStatus(t, resp) 917 defer th.App.PermanentDeleteBot(bot.UserId) 918 919 // Simulate custom role by just changing the system user role 920 th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID) 921 th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID) 922 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.SYSTEM_USER_ROLE_ID) 923 th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.SYSTEM_USER_ROLE_ID) 924 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.SYSTEM_USER_ROLE_ID) 925 th.LoginBasic2() 926 927 _, resp = th.Client.AssignBot(bot.UserId, th.BasicUser2.Id) 928 CheckOKStatus(t, resp) 929 930 after, resp := th.SystemAdminClient.GetBot(bot.UserId, "") 931 CheckOKStatus(t, resp) 932 require.Equal(t, th.BasicUser2.Id, after.OwnerId) 933 }) 934 } 935 936 func sToP(s string) *string { 937 return &s 938 }