github.com/lologarithm/mattermost-server@v5.3.2-0.20181002060438-c82a84ed765b+incompatible/app/app_test.go (about)

     1  // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
     2  // See License.txt for license information.
     3  
     4  package app
     5  
     6  import (
     7  	"flag"
     8  	"fmt"
     9  	"os"
    10  	"testing"
    11  
    12  	"github.com/stretchr/testify/assert"
    13  
    14  	"github.com/mattermost/mattermost-server/mlog"
    15  	"github.com/mattermost/mattermost-server/model"
    16  	"github.com/mattermost/mattermost-server/store/storetest"
    17  	"github.com/mattermost/mattermost-server/utils"
    18  )
    19  
    20  func TestMain(m *testing.M) {
    21  	flag.Parse()
    22  
    23  	// Setup a global logger to catch tests logging outside of app context
    24  	// The global logger will be stomped by apps initalizing but that's fine for testing. Ideally this won't happen.
    25  	mlog.InitGlobalLogger(mlog.NewLogger(&mlog.LoggerConfiguration{
    26  		EnableConsole: true,
    27  		ConsoleJson:   true,
    28  		ConsoleLevel:  "error",
    29  		EnableFile:    false,
    30  	}))
    31  
    32  	utils.TranslationsPreInit()
    33  
    34  	// In the case where a dev just wants to run a single test, it's faster to just use the default
    35  	// store.
    36  	if filter := flag.Lookup("test.run").Value.String(); filter != "" && filter != "." {
    37  		mlog.Info("-test.run used, not creating temporary containers")
    38  		os.Exit(m.Run())
    39  	}
    40  
    41  	status := 0
    42  
    43  	container, settings, err := storetest.NewMySQLContainer()
    44  	if err != nil {
    45  		panic(err)
    46  	}
    47  
    48  	UseTestStore(container, settings)
    49  
    50  	defer func() {
    51  		StopTestStore()
    52  		os.Exit(status)
    53  	}()
    54  
    55  	status = m.Run()
    56  }
    57  
    58  /* Temporarily comment out until MM-11108
    59  func TestAppRace(t *testing.T) {
    60  	for i := 0; i < 10; i++ {
    61  		a, err := New()
    62  		require.NoError(t, err)
    63  		a.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ListenAddress = ":0" })
    64  		serverErr := a.StartServer()
    65  		require.NoError(t, serverErr)
    66  		a.Shutdown()
    67  	}
    68  }
    69  */
    70  
    71  func TestUpdateConfig(t *testing.T) {
    72  	th := Setup()
    73  	defer th.TearDown()
    74  
    75  	prev := *th.App.Config().ServiceSettings.SiteURL
    76  
    77  	th.App.AddConfigListener(func(old, current *model.Config) {
    78  		assert.Equal(t, prev, *old.ServiceSettings.SiteURL)
    79  		assert.Equal(t, "foo", *current.ServiceSettings.SiteURL)
    80  	})
    81  
    82  	th.App.UpdateConfig(func(cfg *model.Config) {
    83  		*cfg.ServiceSettings.SiteURL = "foo"
    84  	})
    85  }
    86  
    87  func TestDoAdvancedPermissionsMigration(t *testing.T) {
    88  	th := Setup()
    89  	defer th.TearDown()
    90  
    91  	if testStoreSqlSupplier == nil {
    92  		t.Skip("This test requires a TestStore to be run.")
    93  	}
    94  
    95  	th.ResetRoleMigration()
    96  
    97  	th.App.DoAdvancedPermissionsMigration()
    98  
    99  	roleNames := []string{
   100  		"system_user",
   101  		"system_admin",
   102  		"team_user",
   103  		"team_admin",
   104  		"channel_user",
   105  		"channel_admin",
   106  		"system_post_all",
   107  		"system_post_all_public",
   108  		"system_user_access_token",
   109  		"team_post_all",
   110  		"team_post_all_public",
   111  	}
   112  
   113  	roles1, err1 := th.App.GetRolesByNames(roleNames)
   114  	assert.Nil(t, err1)
   115  	assert.Equal(t, len(roles1), len(roleNames))
   116  
   117  	expected1 := map[string][]string{
   118  		"channel_user": []string{
   119  			model.PERMISSION_READ_CHANNEL.Id,
   120  			model.PERMISSION_ADD_REACTION.Id,
   121  			model.PERMISSION_REMOVE_REACTION.Id,
   122  			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id,
   123  			model.PERMISSION_UPLOAD_FILE.Id,
   124  			model.PERMISSION_GET_PUBLIC_LINK.Id,
   125  			model.PERMISSION_CREATE_POST.Id,
   126  			model.PERMISSION_USE_SLASH_COMMANDS.Id,
   127  			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
   128  			model.PERMISSION_DELETE_POST.Id,
   129  			model.PERMISSION_EDIT_POST.Id,
   130  		},
   131  		"channel_admin": []string{
   132  			model.PERMISSION_MANAGE_CHANNEL_ROLES.Id,
   133  		},
   134  		"team_user": []string{
   135  			model.PERMISSION_LIST_TEAM_CHANNELS.Id,
   136  			model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id,
   137  			model.PERMISSION_READ_PUBLIC_CHANNEL.Id,
   138  			model.PERMISSION_VIEW_TEAM.Id,
   139  			model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
   140  			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
   141  			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
   142  			model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
   143  			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
   144  			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
   145  			model.PERMISSION_INVITE_USER.Id,
   146  			model.PERMISSION_ADD_USER_TO_TEAM.Id,
   147  		},
   148  		"team_post_all": []string{
   149  			model.PERMISSION_CREATE_POST.Id,
   150  		},
   151  		"team_post_all_public": []string{
   152  			model.PERMISSION_CREATE_POST_PUBLIC.Id,
   153  		},
   154  		"team_admin": []string{
   155  			model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
   156  			model.PERMISSION_MANAGE_TEAM.Id,
   157  			model.PERMISSION_IMPORT_TEAM.Id,
   158  			model.PERMISSION_MANAGE_TEAM_ROLES.Id,
   159  			model.PERMISSION_MANAGE_CHANNEL_ROLES.Id,
   160  			model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
   161  			model.PERMISSION_MANAGE_SLASH_COMMANDS.Id,
   162  			model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id,
   163  			model.PERMISSION_MANAGE_WEBHOOKS.Id,
   164  			model.PERMISSION_DELETE_POST.Id,
   165  			model.PERMISSION_DELETE_OTHERS_POSTS.Id,
   166  		},
   167  		"system_user": []string{
   168  			model.PERMISSION_CREATE_DIRECT_CHANNEL.Id,
   169  			model.PERMISSION_CREATE_GROUP_CHANNEL.Id,
   170  			model.PERMISSION_PERMANENT_DELETE_USER.Id,
   171  			model.PERMISSION_CREATE_TEAM.Id,
   172  		},
   173  		"system_post_all": []string{
   174  			model.PERMISSION_CREATE_POST.Id,
   175  		},
   176  		"system_post_all_public": []string{
   177  			model.PERMISSION_CREATE_POST_PUBLIC.Id,
   178  		},
   179  		"system_user_access_token": []string{
   180  			model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id,
   181  			model.PERMISSION_READ_USER_ACCESS_TOKEN.Id,
   182  			model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id,
   183  		},
   184  		"system_admin": []string{
   185  			model.PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id,
   186  			model.PERMISSION_MANAGE_SYSTEM.Id,
   187  			model.PERMISSION_MANAGE_ROLES.Id,
   188  			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
   189  			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id,
   190  			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
   191  			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
   192  			model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
   193  			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
   194  			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
   195  			model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
   196  			model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
   197  			model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
   198  			model.PERMISSION_EDIT_OTHER_USERS.Id,
   199  			model.PERMISSION_EDIT_OTHERS_POSTS.Id,
   200  			model.PERMISSION_MANAGE_OAUTH.Id,
   201  			model.PERMISSION_INVITE_USER.Id,
   202  			model.PERMISSION_DELETE_POST.Id,
   203  			model.PERMISSION_DELETE_OTHERS_POSTS.Id,
   204  			model.PERMISSION_CREATE_TEAM.Id,
   205  			model.PERMISSION_ADD_USER_TO_TEAM.Id,
   206  			model.PERMISSION_LIST_USERS_WITHOUT_TEAM.Id,
   207  			model.PERMISSION_MANAGE_JOBS.Id,
   208  			model.PERMISSION_CREATE_POST_PUBLIC.Id,
   209  			model.PERMISSION_CREATE_POST_EPHEMERAL.Id,
   210  			model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id,
   211  			model.PERMISSION_READ_USER_ACCESS_TOKEN.Id,
   212  			model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id,
   213  			model.PERMISSION_REMOVE_OTHERS_REACTIONS.Id,
   214  			model.PERMISSION_LIST_TEAM_CHANNELS.Id,
   215  			model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id,
   216  			model.PERMISSION_READ_PUBLIC_CHANNEL.Id,
   217  			model.PERMISSION_VIEW_TEAM.Id,
   218  			model.PERMISSION_READ_CHANNEL.Id,
   219  			model.PERMISSION_ADD_REACTION.Id,
   220  			model.PERMISSION_REMOVE_REACTION.Id,
   221  			model.PERMISSION_UPLOAD_FILE.Id,
   222  			model.PERMISSION_GET_PUBLIC_LINK.Id,
   223  			model.PERMISSION_CREATE_POST.Id,
   224  			model.PERMISSION_USE_SLASH_COMMANDS.Id,
   225  			model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
   226  			model.PERMISSION_MANAGE_TEAM.Id,
   227  			model.PERMISSION_IMPORT_TEAM.Id,
   228  			model.PERMISSION_MANAGE_TEAM_ROLES.Id,
   229  			model.PERMISSION_MANAGE_CHANNEL_ROLES.Id,
   230  			model.PERMISSION_MANAGE_SLASH_COMMANDS.Id,
   231  			model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id,
   232  			model.PERMISSION_MANAGE_WEBHOOKS.Id,
   233  			model.PERMISSION_EDIT_POST.Id,
   234  		},
   235  	}
   236  
   237  	// Check the migration matches what's expected.
   238  	for name, permissions := range expected1 {
   239  		role, err := th.App.GetRoleByName(name)
   240  		assert.Nil(t, err)
   241  		assert.Equal(t, role.Permissions, permissions)
   242  	}
   243  
   244  	// Add a license and change the policy config.
   245  	restrictPublicChannel := *th.App.Config().TeamSettings.RestrictPublicChannelManagement
   246  	restrictPrivateChannel := *th.App.Config().TeamSettings.RestrictPrivateChannelManagement
   247  
   248  	defer func() {
   249  		th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = restrictPublicChannel })
   250  		th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = restrictPrivateChannel })
   251  	}()
   252  
   253  	th.App.UpdateConfig(func(cfg *model.Config) {
   254  		*cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_TEAM_ADMIN
   255  	})
   256  	th.App.UpdateConfig(func(cfg *model.Config) {
   257  		*cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_TEAM_ADMIN
   258  	})
   259  	th.App.SetLicense(model.NewTestLicense())
   260  
   261  	// Check the migration doesn't change anything if run again.
   262  	th.App.DoAdvancedPermissionsMigration()
   263  
   264  	roles2, err2 := th.App.GetRolesByNames(roleNames)
   265  	assert.Nil(t, err2)
   266  	assert.Equal(t, len(roles2), len(roleNames))
   267  
   268  	for name, permissions := range expected1 {
   269  		role, err := th.App.GetRoleByName(name)
   270  		assert.Nil(t, err)
   271  		assert.Equal(t, permissions, role.Permissions)
   272  	}
   273  
   274  	// Reset the database
   275  	th.ResetRoleMigration()
   276  
   277  	// Do the migration again with different policy config settings and a license.
   278  	th.App.DoAdvancedPermissionsMigration()
   279  
   280  	// Check the role permissions.
   281  	expected2 := map[string][]string{
   282  		"channel_user": []string{
   283  			model.PERMISSION_READ_CHANNEL.Id,
   284  			model.PERMISSION_ADD_REACTION.Id,
   285  			model.PERMISSION_REMOVE_REACTION.Id,
   286  			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id,
   287  			model.PERMISSION_UPLOAD_FILE.Id,
   288  			model.PERMISSION_GET_PUBLIC_LINK.Id,
   289  			model.PERMISSION_CREATE_POST.Id,
   290  			model.PERMISSION_USE_SLASH_COMMANDS.Id,
   291  			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
   292  			model.PERMISSION_DELETE_POST.Id,
   293  			model.PERMISSION_EDIT_POST.Id,
   294  		},
   295  		"channel_admin": []string{
   296  			model.PERMISSION_MANAGE_CHANNEL_ROLES.Id,
   297  		},
   298  		"team_user": []string{
   299  			model.PERMISSION_LIST_TEAM_CHANNELS.Id,
   300  			model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id,
   301  			model.PERMISSION_READ_PUBLIC_CHANNEL.Id,
   302  			model.PERMISSION_VIEW_TEAM.Id,
   303  			model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
   304  			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
   305  			model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
   306  			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
   307  			model.PERMISSION_INVITE_USER.Id,
   308  			model.PERMISSION_ADD_USER_TO_TEAM.Id,
   309  		},
   310  		"team_post_all": []string{
   311  			model.PERMISSION_CREATE_POST.Id,
   312  		},
   313  		"team_post_all_public": []string{
   314  			model.PERMISSION_CREATE_POST_PUBLIC.Id,
   315  		},
   316  		"team_admin": []string{
   317  			model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
   318  			model.PERMISSION_MANAGE_TEAM.Id,
   319  			model.PERMISSION_IMPORT_TEAM.Id,
   320  			model.PERMISSION_MANAGE_TEAM_ROLES.Id,
   321  			model.PERMISSION_MANAGE_CHANNEL_ROLES.Id,
   322  			model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
   323  			model.PERMISSION_MANAGE_SLASH_COMMANDS.Id,
   324  			model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id,
   325  			model.PERMISSION_MANAGE_WEBHOOKS.Id,
   326  			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
   327  			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
   328  			model.PERMISSION_DELETE_POST.Id,
   329  			model.PERMISSION_DELETE_OTHERS_POSTS.Id,
   330  		},
   331  		"system_user": []string{
   332  			model.PERMISSION_CREATE_DIRECT_CHANNEL.Id,
   333  			model.PERMISSION_CREATE_GROUP_CHANNEL.Id,
   334  			model.PERMISSION_PERMANENT_DELETE_USER.Id,
   335  			model.PERMISSION_CREATE_TEAM.Id,
   336  		},
   337  		"system_post_all": []string{
   338  			model.PERMISSION_CREATE_POST.Id,
   339  		},
   340  		"system_post_all_public": []string{
   341  			model.PERMISSION_CREATE_POST_PUBLIC.Id,
   342  		},
   343  		"system_user_access_token": []string{
   344  			model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id,
   345  			model.PERMISSION_READ_USER_ACCESS_TOKEN.Id,
   346  			model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id,
   347  		},
   348  		"system_admin": []string{
   349  			model.PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id,
   350  			model.PERMISSION_MANAGE_SYSTEM.Id,
   351  			model.PERMISSION_MANAGE_ROLES.Id,
   352  			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
   353  			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id,
   354  			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
   355  			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
   356  			model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
   357  			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
   358  			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
   359  			model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
   360  			model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
   361  			model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
   362  			model.PERMISSION_EDIT_OTHER_USERS.Id,
   363  			model.PERMISSION_EDIT_OTHERS_POSTS.Id,
   364  			model.PERMISSION_MANAGE_OAUTH.Id,
   365  			model.PERMISSION_INVITE_USER.Id,
   366  			model.PERMISSION_DELETE_POST.Id,
   367  			model.PERMISSION_DELETE_OTHERS_POSTS.Id,
   368  			model.PERMISSION_CREATE_TEAM.Id,
   369  			model.PERMISSION_ADD_USER_TO_TEAM.Id,
   370  			model.PERMISSION_LIST_USERS_WITHOUT_TEAM.Id,
   371  			model.PERMISSION_MANAGE_JOBS.Id,
   372  			model.PERMISSION_CREATE_POST_PUBLIC.Id,
   373  			model.PERMISSION_CREATE_POST_EPHEMERAL.Id,
   374  			model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id,
   375  			model.PERMISSION_READ_USER_ACCESS_TOKEN.Id,
   376  			model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id,
   377  			model.PERMISSION_REMOVE_OTHERS_REACTIONS.Id,
   378  			model.PERMISSION_LIST_TEAM_CHANNELS.Id,
   379  			model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id,
   380  			model.PERMISSION_READ_PUBLIC_CHANNEL.Id,
   381  			model.PERMISSION_VIEW_TEAM.Id,
   382  			model.PERMISSION_READ_CHANNEL.Id,
   383  			model.PERMISSION_ADD_REACTION.Id,
   384  			model.PERMISSION_REMOVE_REACTION.Id,
   385  			model.PERMISSION_UPLOAD_FILE.Id,
   386  			model.PERMISSION_GET_PUBLIC_LINK.Id,
   387  			model.PERMISSION_CREATE_POST.Id,
   388  			model.PERMISSION_USE_SLASH_COMMANDS.Id,
   389  			model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
   390  			model.PERMISSION_MANAGE_TEAM.Id,
   391  			model.PERMISSION_IMPORT_TEAM.Id,
   392  			model.PERMISSION_MANAGE_TEAM_ROLES.Id,
   393  			model.PERMISSION_MANAGE_CHANNEL_ROLES.Id,
   394  			model.PERMISSION_MANAGE_SLASH_COMMANDS.Id,
   395  			model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id,
   396  			model.PERMISSION_MANAGE_WEBHOOKS.Id,
   397  			model.PERMISSION_EDIT_POST.Id,
   398  		},
   399  	}
   400  
   401  	roles3, err3 := th.App.GetRolesByNames(roleNames)
   402  	assert.Nil(t, err3)
   403  	assert.Equal(t, len(roles3), len(roleNames))
   404  
   405  	for name, permissions := range expected2 {
   406  		role, err := th.App.GetRoleByName(name)
   407  		assert.Nil(t, err)
   408  		assert.Equal(t, permissions, role.Permissions, fmt.Sprintf("'%v' did not have expected permissions", name))
   409  	}
   410  
   411  	// Remove the license.
   412  	th.App.SetLicense(nil)
   413  
   414  	// Do the migration again.
   415  	th.ResetRoleMigration()
   416  	th.App.DoAdvancedPermissionsMigration()
   417  
   418  	// Check the role permissions.
   419  	roles4, err4 := th.App.GetRolesByNames(roleNames)
   420  	assert.Nil(t, err4)
   421  	assert.Equal(t, len(roles4), len(roleNames))
   422  
   423  	for name, permissions := range expected1 {
   424  		role, err := th.App.GetRoleByName(name)
   425  		assert.Nil(t, err)
   426  		assert.Equal(t, permissions, role.Permissions)
   427  	}
   428  
   429  	// Check that the config setting for "always" and "time_limit" edit posts is updated correctly.
   430  	th.ResetRoleMigration()
   431  
   432  	config := th.App.GetConfig()
   433  	*config.ServiceSettings.AllowEditPost = "always"
   434  	*config.ServiceSettings.PostEditTimeLimit = 300
   435  	th.App.SaveConfig(config, false)
   436  
   437  	th.App.DoAdvancedPermissionsMigration()
   438  	config = th.App.GetConfig()
   439  	assert.Equal(t, -1, *config.ServiceSettings.PostEditTimeLimit)
   440  
   441  	th.ResetRoleMigration()
   442  
   443  	config = th.App.GetConfig()
   444  	*config.ServiceSettings.AllowEditPost = "time_limit"
   445  	*config.ServiceSettings.PostEditTimeLimit = 300
   446  	th.App.SaveConfig(config, false)
   447  
   448  	th.App.DoAdvancedPermissionsMigration()
   449  	config = th.App.GetConfig()
   450  	assert.Equal(t, 300, *config.ServiceSettings.PostEditTimeLimit)
   451  
   452  	config = th.App.GetConfig()
   453  	*config.ServiceSettings.AllowEditPost = "always"
   454  	*config.ServiceSettings.PostEditTimeLimit = 300
   455  	th.App.SaveConfig(config, false)
   456  }
   457  
   458  func TestDoEmojisPermissionsMigration(t *testing.T) {
   459  	th := Setup()
   460  	defer th.TearDown()
   461  
   462  	if testStoreSqlSupplier == nil {
   463  		t.Skip("This test requires a TestStore to be run.")
   464  	}
   465  
   466  	// Add a license and change the policy config.
   467  	restrictCustomEmojiCreation := *th.App.Config().ServiceSettings.RestrictCustomEmojiCreation
   468  
   469  	defer func() {
   470  		th.App.UpdateConfig(func(cfg *model.Config) {
   471  			*cfg.ServiceSettings.RestrictCustomEmojiCreation = restrictCustomEmojiCreation
   472  		})
   473  	}()
   474  
   475  	th.App.UpdateConfig(func(cfg *model.Config) {
   476  		*cfg.ServiceSettings.RestrictCustomEmojiCreation = model.RESTRICT_EMOJI_CREATION_SYSTEM_ADMIN
   477  	})
   478  
   479  	th.ResetEmojisMigration()
   480  	th.App.DoEmojisPermissionsMigration()
   481  
   482  	expectedSystemAdmin := []string{
   483  		model.PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id,
   484  		model.PERMISSION_MANAGE_SYSTEM.Id,
   485  		model.PERMISSION_MANAGE_ROLES.Id,
   486  		model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
   487  		model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id,
   488  		model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
   489  		model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
   490  		model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
   491  		model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
   492  		model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
   493  		model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
   494  		model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
   495  		model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
   496  		model.PERMISSION_EDIT_OTHER_USERS.Id,
   497  		model.PERMISSION_EDIT_OTHERS_POSTS.Id,
   498  		model.PERMISSION_MANAGE_OAUTH.Id,
   499  		model.PERMISSION_INVITE_USER.Id,
   500  		model.PERMISSION_DELETE_POST.Id,
   501  		model.PERMISSION_DELETE_OTHERS_POSTS.Id,
   502  		model.PERMISSION_CREATE_TEAM.Id,
   503  		model.PERMISSION_ADD_USER_TO_TEAM.Id,
   504  		model.PERMISSION_LIST_USERS_WITHOUT_TEAM.Id,
   505  		model.PERMISSION_MANAGE_JOBS.Id,
   506  		model.PERMISSION_CREATE_POST_PUBLIC.Id,
   507  		model.PERMISSION_CREATE_POST_EPHEMERAL.Id,
   508  		model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id,
   509  		model.PERMISSION_READ_USER_ACCESS_TOKEN.Id,
   510  		model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id,
   511  		model.PERMISSION_REMOVE_OTHERS_REACTIONS.Id,
   512  		model.PERMISSION_LIST_TEAM_CHANNELS.Id,
   513  		model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id,
   514  		model.PERMISSION_READ_PUBLIC_CHANNEL.Id,
   515  		model.PERMISSION_VIEW_TEAM.Id,
   516  		model.PERMISSION_READ_CHANNEL.Id,
   517  		model.PERMISSION_ADD_REACTION.Id,
   518  		model.PERMISSION_REMOVE_REACTION.Id,
   519  		model.PERMISSION_UPLOAD_FILE.Id,
   520  		model.PERMISSION_GET_PUBLIC_LINK.Id,
   521  		model.PERMISSION_CREATE_POST.Id,
   522  		model.PERMISSION_USE_SLASH_COMMANDS.Id,
   523  		model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
   524  		model.PERMISSION_MANAGE_TEAM.Id,
   525  		model.PERMISSION_IMPORT_TEAM.Id,
   526  		model.PERMISSION_MANAGE_TEAM_ROLES.Id,
   527  		model.PERMISSION_MANAGE_CHANNEL_ROLES.Id,
   528  		model.PERMISSION_MANAGE_SLASH_COMMANDS.Id,
   529  		model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id,
   530  		model.PERMISSION_MANAGE_WEBHOOKS.Id,
   531  		model.PERMISSION_EDIT_POST.Id,
   532  		model.PERMISSION_MANAGE_EMOJIS.Id,
   533  		model.PERMISSION_MANAGE_OTHERS_EMOJIS.Id,
   534  	}
   535  
   536  	role1, err1 := th.App.GetRoleByName(model.SYSTEM_ADMIN_ROLE_ID)
   537  	assert.Nil(t, err1)
   538  	assert.Equal(t, expectedSystemAdmin, role1.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.SYSTEM_ADMIN_ROLE_ID))
   539  
   540  	th.App.UpdateConfig(func(cfg *model.Config) {
   541  		*cfg.ServiceSettings.RestrictCustomEmojiCreation = model.RESTRICT_EMOJI_CREATION_ADMIN
   542  	})
   543  
   544  	th.ResetEmojisMigration()
   545  	th.App.DoEmojisPermissionsMigration()
   546  
   547  	role2, err2 := th.App.GetRoleByName(model.TEAM_ADMIN_ROLE_ID)
   548  	assert.Nil(t, err2)
   549  	expected2 := []string{
   550  		model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
   551  		model.PERMISSION_MANAGE_TEAM.Id,
   552  		model.PERMISSION_IMPORT_TEAM.Id,
   553  		model.PERMISSION_MANAGE_TEAM_ROLES.Id,
   554  		model.PERMISSION_MANAGE_CHANNEL_ROLES.Id,
   555  		model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
   556  		model.PERMISSION_MANAGE_SLASH_COMMANDS.Id,
   557  		model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id,
   558  		model.PERMISSION_MANAGE_WEBHOOKS.Id,
   559  		model.PERMISSION_DELETE_POST.Id,
   560  		model.PERMISSION_DELETE_OTHERS_POSTS.Id,
   561  		model.PERMISSION_MANAGE_EMOJIS.Id,
   562  	}
   563  	assert.Equal(t, expected2, role2.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.TEAM_ADMIN_ROLE_ID))
   564  
   565  	systemAdmin1, systemAdminErr1 := th.App.GetRoleByName(model.SYSTEM_ADMIN_ROLE_ID)
   566  	assert.Nil(t, systemAdminErr1)
   567  	assert.Equal(t, expectedSystemAdmin, systemAdmin1.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.SYSTEM_ADMIN_ROLE_ID))
   568  
   569  	th.App.UpdateConfig(func(cfg *model.Config) {
   570  		*cfg.ServiceSettings.RestrictCustomEmojiCreation = model.RESTRICT_EMOJI_CREATION_ALL
   571  	})
   572  
   573  	th.ResetEmojisMigration()
   574  	th.App.DoEmojisPermissionsMigration()
   575  
   576  	role3, err3 := th.App.GetRoleByName(model.SYSTEM_USER_ROLE_ID)
   577  	assert.Nil(t, err3)
   578  	expected3 := []string{
   579  		model.PERMISSION_CREATE_DIRECT_CHANNEL.Id,
   580  		model.PERMISSION_CREATE_GROUP_CHANNEL.Id,
   581  		model.PERMISSION_PERMANENT_DELETE_USER.Id,
   582  		model.PERMISSION_CREATE_TEAM.Id,
   583  		model.PERMISSION_MANAGE_EMOJIS.Id,
   584  	}
   585  	assert.Equal(t, expected3, role3.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.SYSTEM_USER_ROLE_ID))
   586  
   587  	systemAdmin2, systemAdminErr2 := th.App.GetRoleByName(model.SYSTEM_ADMIN_ROLE_ID)
   588  	assert.Nil(t, systemAdminErr2)
   589  	assert.Equal(t, expectedSystemAdmin, systemAdmin2.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.SYSTEM_ADMIN_ROLE_ID))
   590  }