github.com/lologarithm/mattermost-server@v5.3.2-0.20181002060438-c82a84ed765b+incompatible/app/app_test.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package app 5 6 import ( 7 "flag" 8 "fmt" 9 "os" 10 "testing" 11 12 "github.com/stretchr/testify/assert" 13 14 "github.com/mattermost/mattermost-server/mlog" 15 "github.com/mattermost/mattermost-server/model" 16 "github.com/mattermost/mattermost-server/store/storetest" 17 "github.com/mattermost/mattermost-server/utils" 18 ) 19 20 func TestMain(m *testing.M) { 21 flag.Parse() 22 23 // Setup a global logger to catch tests logging outside of app context 24 // The global logger will be stomped by apps initalizing but that's fine for testing. Ideally this won't happen. 25 mlog.InitGlobalLogger(mlog.NewLogger(&mlog.LoggerConfiguration{ 26 EnableConsole: true, 27 ConsoleJson: true, 28 ConsoleLevel: "error", 29 EnableFile: false, 30 })) 31 32 utils.TranslationsPreInit() 33 34 // In the case where a dev just wants to run a single test, it's faster to just use the default 35 // store. 36 if filter := flag.Lookup("test.run").Value.String(); filter != "" && filter != "." { 37 mlog.Info("-test.run used, not creating temporary containers") 38 os.Exit(m.Run()) 39 } 40 41 status := 0 42 43 container, settings, err := storetest.NewMySQLContainer() 44 if err != nil { 45 panic(err) 46 } 47 48 UseTestStore(container, settings) 49 50 defer func() { 51 StopTestStore() 52 os.Exit(status) 53 }() 54 55 status = m.Run() 56 } 57 58 /* Temporarily comment out until MM-11108 59 func TestAppRace(t *testing.T) { 60 for i := 0; i < 10; i++ { 61 a, err := New() 62 require.NoError(t, err) 63 a.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ListenAddress = ":0" }) 64 serverErr := a.StartServer() 65 require.NoError(t, serverErr) 66 a.Shutdown() 67 } 68 } 69 */ 70 71 func TestUpdateConfig(t *testing.T) { 72 th := Setup() 73 defer th.TearDown() 74 75 prev := *th.App.Config().ServiceSettings.SiteURL 76 77 th.App.AddConfigListener(func(old, current *model.Config) { 78 assert.Equal(t, prev, *old.ServiceSettings.SiteURL) 79 assert.Equal(t, "foo", *current.ServiceSettings.SiteURL) 80 }) 81 82 th.App.UpdateConfig(func(cfg *model.Config) { 83 *cfg.ServiceSettings.SiteURL = "foo" 84 }) 85 } 86 87 func TestDoAdvancedPermissionsMigration(t *testing.T) { 88 th := Setup() 89 defer th.TearDown() 90 91 if testStoreSqlSupplier == nil { 92 t.Skip("This test requires a TestStore to be run.") 93 } 94 95 th.ResetRoleMigration() 96 97 th.App.DoAdvancedPermissionsMigration() 98 99 roleNames := []string{ 100 "system_user", 101 "system_admin", 102 "team_user", 103 "team_admin", 104 "channel_user", 105 "channel_admin", 106 "system_post_all", 107 "system_post_all_public", 108 "system_user_access_token", 109 "team_post_all", 110 "team_post_all_public", 111 } 112 113 roles1, err1 := th.App.GetRolesByNames(roleNames) 114 assert.Nil(t, err1) 115 assert.Equal(t, len(roles1), len(roleNames)) 116 117 expected1 := map[string][]string{ 118 "channel_user": []string{ 119 model.PERMISSION_READ_CHANNEL.Id, 120 model.PERMISSION_ADD_REACTION.Id, 121 model.PERMISSION_REMOVE_REACTION.Id, 122 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 123 model.PERMISSION_UPLOAD_FILE.Id, 124 model.PERMISSION_GET_PUBLIC_LINK.Id, 125 model.PERMISSION_CREATE_POST.Id, 126 model.PERMISSION_USE_SLASH_COMMANDS.Id, 127 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 128 model.PERMISSION_DELETE_POST.Id, 129 model.PERMISSION_EDIT_POST.Id, 130 }, 131 "channel_admin": []string{ 132 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 133 }, 134 "team_user": []string{ 135 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 136 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 137 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 138 model.PERMISSION_VIEW_TEAM.Id, 139 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 140 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 141 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 142 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 143 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 144 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 145 model.PERMISSION_INVITE_USER.Id, 146 model.PERMISSION_ADD_USER_TO_TEAM.Id, 147 }, 148 "team_post_all": []string{ 149 model.PERMISSION_CREATE_POST.Id, 150 }, 151 "team_post_all_public": []string{ 152 model.PERMISSION_CREATE_POST_PUBLIC.Id, 153 }, 154 "team_admin": []string{ 155 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 156 model.PERMISSION_MANAGE_TEAM.Id, 157 model.PERMISSION_IMPORT_TEAM.Id, 158 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 159 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 160 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 161 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 162 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 163 model.PERMISSION_MANAGE_WEBHOOKS.Id, 164 model.PERMISSION_DELETE_POST.Id, 165 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 166 }, 167 "system_user": []string{ 168 model.PERMISSION_CREATE_DIRECT_CHANNEL.Id, 169 model.PERMISSION_CREATE_GROUP_CHANNEL.Id, 170 model.PERMISSION_PERMANENT_DELETE_USER.Id, 171 model.PERMISSION_CREATE_TEAM.Id, 172 }, 173 "system_post_all": []string{ 174 model.PERMISSION_CREATE_POST.Id, 175 }, 176 "system_post_all_public": []string{ 177 model.PERMISSION_CREATE_POST_PUBLIC.Id, 178 }, 179 "system_user_access_token": []string{ 180 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 181 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 182 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 183 }, 184 "system_admin": []string{ 185 model.PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id, 186 model.PERMISSION_MANAGE_SYSTEM.Id, 187 model.PERMISSION_MANAGE_ROLES.Id, 188 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 189 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 190 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 191 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 192 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 193 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 194 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 195 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 196 model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id, 197 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 198 model.PERMISSION_EDIT_OTHER_USERS.Id, 199 model.PERMISSION_EDIT_OTHERS_POSTS.Id, 200 model.PERMISSION_MANAGE_OAUTH.Id, 201 model.PERMISSION_INVITE_USER.Id, 202 model.PERMISSION_DELETE_POST.Id, 203 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 204 model.PERMISSION_CREATE_TEAM.Id, 205 model.PERMISSION_ADD_USER_TO_TEAM.Id, 206 model.PERMISSION_LIST_USERS_WITHOUT_TEAM.Id, 207 model.PERMISSION_MANAGE_JOBS.Id, 208 model.PERMISSION_CREATE_POST_PUBLIC.Id, 209 model.PERMISSION_CREATE_POST_EPHEMERAL.Id, 210 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 211 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 212 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 213 model.PERMISSION_REMOVE_OTHERS_REACTIONS.Id, 214 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 215 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 216 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 217 model.PERMISSION_VIEW_TEAM.Id, 218 model.PERMISSION_READ_CHANNEL.Id, 219 model.PERMISSION_ADD_REACTION.Id, 220 model.PERMISSION_REMOVE_REACTION.Id, 221 model.PERMISSION_UPLOAD_FILE.Id, 222 model.PERMISSION_GET_PUBLIC_LINK.Id, 223 model.PERMISSION_CREATE_POST.Id, 224 model.PERMISSION_USE_SLASH_COMMANDS.Id, 225 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 226 model.PERMISSION_MANAGE_TEAM.Id, 227 model.PERMISSION_IMPORT_TEAM.Id, 228 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 229 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 230 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 231 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 232 model.PERMISSION_MANAGE_WEBHOOKS.Id, 233 model.PERMISSION_EDIT_POST.Id, 234 }, 235 } 236 237 // Check the migration matches what's expected. 238 for name, permissions := range expected1 { 239 role, err := th.App.GetRoleByName(name) 240 assert.Nil(t, err) 241 assert.Equal(t, role.Permissions, permissions) 242 } 243 244 // Add a license and change the policy config. 245 restrictPublicChannel := *th.App.Config().TeamSettings.RestrictPublicChannelManagement 246 restrictPrivateChannel := *th.App.Config().TeamSettings.RestrictPrivateChannelManagement 247 248 defer func() { 249 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = restrictPublicChannel }) 250 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = restrictPrivateChannel }) 251 }() 252 253 th.App.UpdateConfig(func(cfg *model.Config) { 254 *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_TEAM_ADMIN 255 }) 256 th.App.UpdateConfig(func(cfg *model.Config) { 257 *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_TEAM_ADMIN 258 }) 259 th.App.SetLicense(model.NewTestLicense()) 260 261 // Check the migration doesn't change anything if run again. 262 th.App.DoAdvancedPermissionsMigration() 263 264 roles2, err2 := th.App.GetRolesByNames(roleNames) 265 assert.Nil(t, err2) 266 assert.Equal(t, len(roles2), len(roleNames)) 267 268 for name, permissions := range expected1 { 269 role, err := th.App.GetRoleByName(name) 270 assert.Nil(t, err) 271 assert.Equal(t, permissions, role.Permissions) 272 } 273 274 // Reset the database 275 th.ResetRoleMigration() 276 277 // Do the migration again with different policy config settings and a license. 278 th.App.DoAdvancedPermissionsMigration() 279 280 // Check the role permissions. 281 expected2 := map[string][]string{ 282 "channel_user": []string{ 283 model.PERMISSION_READ_CHANNEL.Id, 284 model.PERMISSION_ADD_REACTION.Id, 285 model.PERMISSION_REMOVE_REACTION.Id, 286 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 287 model.PERMISSION_UPLOAD_FILE.Id, 288 model.PERMISSION_GET_PUBLIC_LINK.Id, 289 model.PERMISSION_CREATE_POST.Id, 290 model.PERMISSION_USE_SLASH_COMMANDS.Id, 291 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 292 model.PERMISSION_DELETE_POST.Id, 293 model.PERMISSION_EDIT_POST.Id, 294 }, 295 "channel_admin": []string{ 296 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 297 }, 298 "team_user": []string{ 299 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 300 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 301 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 302 model.PERMISSION_VIEW_TEAM.Id, 303 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 304 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 305 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 306 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 307 model.PERMISSION_INVITE_USER.Id, 308 model.PERMISSION_ADD_USER_TO_TEAM.Id, 309 }, 310 "team_post_all": []string{ 311 model.PERMISSION_CREATE_POST.Id, 312 }, 313 "team_post_all_public": []string{ 314 model.PERMISSION_CREATE_POST_PUBLIC.Id, 315 }, 316 "team_admin": []string{ 317 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 318 model.PERMISSION_MANAGE_TEAM.Id, 319 model.PERMISSION_IMPORT_TEAM.Id, 320 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 321 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 322 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 323 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 324 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 325 model.PERMISSION_MANAGE_WEBHOOKS.Id, 326 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 327 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 328 model.PERMISSION_DELETE_POST.Id, 329 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 330 }, 331 "system_user": []string{ 332 model.PERMISSION_CREATE_DIRECT_CHANNEL.Id, 333 model.PERMISSION_CREATE_GROUP_CHANNEL.Id, 334 model.PERMISSION_PERMANENT_DELETE_USER.Id, 335 model.PERMISSION_CREATE_TEAM.Id, 336 }, 337 "system_post_all": []string{ 338 model.PERMISSION_CREATE_POST.Id, 339 }, 340 "system_post_all_public": []string{ 341 model.PERMISSION_CREATE_POST_PUBLIC.Id, 342 }, 343 "system_user_access_token": []string{ 344 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 345 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 346 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 347 }, 348 "system_admin": []string{ 349 model.PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id, 350 model.PERMISSION_MANAGE_SYSTEM.Id, 351 model.PERMISSION_MANAGE_ROLES.Id, 352 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 353 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 354 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 355 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 356 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 357 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 358 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 359 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 360 model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id, 361 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 362 model.PERMISSION_EDIT_OTHER_USERS.Id, 363 model.PERMISSION_EDIT_OTHERS_POSTS.Id, 364 model.PERMISSION_MANAGE_OAUTH.Id, 365 model.PERMISSION_INVITE_USER.Id, 366 model.PERMISSION_DELETE_POST.Id, 367 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 368 model.PERMISSION_CREATE_TEAM.Id, 369 model.PERMISSION_ADD_USER_TO_TEAM.Id, 370 model.PERMISSION_LIST_USERS_WITHOUT_TEAM.Id, 371 model.PERMISSION_MANAGE_JOBS.Id, 372 model.PERMISSION_CREATE_POST_PUBLIC.Id, 373 model.PERMISSION_CREATE_POST_EPHEMERAL.Id, 374 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 375 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 376 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 377 model.PERMISSION_REMOVE_OTHERS_REACTIONS.Id, 378 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 379 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 380 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 381 model.PERMISSION_VIEW_TEAM.Id, 382 model.PERMISSION_READ_CHANNEL.Id, 383 model.PERMISSION_ADD_REACTION.Id, 384 model.PERMISSION_REMOVE_REACTION.Id, 385 model.PERMISSION_UPLOAD_FILE.Id, 386 model.PERMISSION_GET_PUBLIC_LINK.Id, 387 model.PERMISSION_CREATE_POST.Id, 388 model.PERMISSION_USE_SLASH_COMMANDS.Id, 389 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 390 model.PERMISSION_MANAGE_TEAM.Id, 391 model.PERMISSION_IMPORT_TEAM.Id, 392 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 393 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 394 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 395 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 396 model.PERMISSION_MANAGE_WEBHOOKS.Id, 397 model.PERMISSION_EDIT_POST.Id, 398 }, 399 } 400 401 roles3, err3 := th.App.GetRolesByNames(roleNames) 402 assert.Nil(t, err3) 403 assert.Equal(t, len(roles3), len(roleNames)) 404 405 for name, permissions := range expected2 { 406 role, err := th.App.GetRoleByName(name) 407 assert.Nil(t, err) 408 assert.Equal(t, permissions, role.Permissions, fmt.Sprintf("'%v' did not have expected permissions", name)) 409 } 410 411 // Remove the license. 412 th.App.SetLicense(nil) 413 414 // Do the migration again. 415 th.ResetRoleMigration() 416 th.App.DoAdvancedPermissionsMigration() 417 418 // Check the role permissions. 419 roles4, err4 := th.App.GetRolesByNames(roleNames) 420 assert.Nil(t, err4) 421 assert.Equal(t, len(roles4), len(roleNames)) 422 423 for name, permissions := range expected1 { 424 role, err := th.App.GetRoleByName(name) 425 assert.Nil(t, err) 426 assert.Equal(t, permissions, role.Permissions) 427 } 428 429 // Check that the config setting for "always" and "time_limit" edit posts is updated correctly. 430 th.ResetRoleMigration() 431 432 config := th.App.GetConfig() 433 *config.ServiceSettings.AllowEditPost = "always" 434 *config.ServiceSettings.PostEditTimeLimit = 300 435 th.App.SaveConfig(config, false) 436 437 th.App.DoAdvancedPermissionsMigration() 438 config = th.App.GetConfig() 439 assert.Equal(t, -1, *config.ServiceSettings.PostEditTimeLimit) 440 441 th.ResetRoleMigration() 442 443 config = th.App.GetConfig() 444 *config.ServiceSettings.AllowEditPost = "time_limit" 445 *config.ServiceSettings.PostEditTimeLimit = 300 446 th.App.SaveConfig(config, false) 447 448 th.App.DoAdvancedPermissionsMigration() 449 config = th.App.GetConfig() 450 assert.Equal(t, 300, *config.ServiceSettings.PostEditTimeLimit) 451 452 config = th.App.GetConfig() 453 *config.ServiceSettings.AllowEditPost = "always" 454 *config.ServiceSettings.PostEditTimeLimit = 300 455 th.App.SaveConfig(config, false) 456 } 457 458 func TestDoEmojisPermissionsMigration(t *testing.T) { 459 th := Setup() 460 defer th.TearDown() 461 462 if testStoreSqlSupplier == nil { 463 t.Skip("This test requires a TestStore to be run.") 464 } 465 466 // Add a license and change the policy config. 467 restrictCustomEmojiCreation := *th.App.Config().ServiceSettings.RestrictCustomEmojiCreation 468 469 defer func() { 470 th.App.UpdateConfig(func(cfg *model.Config) { 471 *cfg.ServiceSettings.RestrictCustomEmojiCreation = restrictCustomEmojiCreation 472 }) 473 }() 474 475 th.App.UpdateConfig(func(cfg *model.Config) { 476 *cfg.ServiceSettings.RestrictCustomEmojiCreation = model.RESTRICT_EMOJI_CREATION_SYSTEM_ADMIN 477 }) 478 479 th.ResetEmojisMigration() 480 th.App.DoEmojisPermissionsMigration() 481 482 expectedSystemAdmin := []string{ 483 model.PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id, 484 model.PERMISSION_MANAGE_SYSTEM.Id, 485 model.PERMISSION_MANAGE_ROLES.Id, 486 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 487 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 488 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 489 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 490 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 491 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 492 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 493 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 494 model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id, 495 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 496 model.PERMISSION_EDIT_OTHER_USERS.Id, 497 model.PERMISSION_EDIT_OTHERS_POSTS.Id, 498 model.PERMISSION_MANAGE_OAUTH.Id, 499 model.PERMISSION_INVITE_USER.Id, 500 model.PERMISSION_DELETE_POST.Id, 501 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 502 model.PERMISSION_CREATE_TEAM.Id, 503 model.PERMISSION_ADD_USER_TO_TEAM.Id, 504 model.PERMISSION_LIST_USERS_WITHOUT_TEAM.Id, 505 model.PERMISSION_MANAGE_JOBS.Id, 506 model.PERMISSION_CREATE_POST_PUBLIC.Id, 507 model.PERMISSION_CREATE_POST_EPHEMERAL.Id, 508 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 509 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 510 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 511 model.PERMISSION_REMOVE_OTHERS_REACTIONS.Id, 512 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 513 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 514 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 515 model.PERMISSION_VIEW_TEAM.Id, 516 model.PERMISSION_READ_CHANNEL.Id, 517 model.PERMISSION_ADD_REACTION.Id, 518 model.PERMISSION_REMOVE_REACTION.Id, 519 model.PERMISSION_UPLOAD_FILE.Id, 520 model.PERMISSION_GET_PUBLIC_LINK.Id, 521 model.PERMISSION_CREATE_POST.Id, 522 model.PERMISSION_USE_SLASH_COMMANDS.Id, 523 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 524 model.PERMISSION_MANAGE_TEAM.Id, 525 model.PERMISSION_IMPORT_TEAM.Id, 526 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 527 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 528 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 529 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 530 model.PERMISSION_MANAGE_WEBHOOKS.Id, 531 model.PERMISSION_EDIT_POST.Id, 532 model.PERMISSION_MANAGE_EMOJIS.Id, 533 model.PERMISSION_MANAGE_OTHERS_EMOJIS.Id, 534 } 535 536 role1, err1 := th.App.GetRoleByName(model.SYSTEM_ADMIN_ROLE_ID) 537 assert.Nil(t, err1) 538 assert.Equal(t, expectedSystemAdmin, role1.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.SYSTEM_ADMIN_ROLE_ID)) 539 540 th.App.UpdateConfig(func(cfg *model.Config) { 541 *cfg.ServiceSettings.RestrictCustomEmojiCreation = model.RESTRICT_EMOJI_CREATION_ADMIN 542 }) 543 544 th.ResetEmojisMigration() 545 th.App.DoEmojisPermissionsMigration() 546 547 role2, err2 := th.App.GetRoleByName(model.TEAM_ADMIN_ROLE_ID) 548 assert.Nil(t, err2) 549 expected2 := []string{ 550 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 551 model.PERMISSION_MANAGE_TEAM.Id, 552 model.PERMISSION_IMPORT_TEAM.Id, 553 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 554 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 555 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 556 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 557 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 558 model.PERMISSION_MANAGE_WEBHOOKS.Id, 559 model.PERMISSION_DELETE_POST.Id, 560 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 561 model.PERMISSION_MANAGE_EMOJIS.Id, 562 } 563 assert.Equal(t, expected2, role2.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.TEAM_ADMIN_ROLE_ID)) 564 565 systemAdmin1, systemAdminErr1 := th.App.GetRoleByName(model.SYSTEM_ADMIN_ROLE_ID) 566 assert.Nil(t, systemAdminErr1) 567 assert.Equal(t, expectedSystemAdmin, systemAdmin1.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.SYSTEM_ADMIN_ROLE_ID)) 568 569 th.App.UpdateConfig(func(cfg *model.Config) { 570 *cfg.ServiceSettings.RestrictCustomEmojiCreation = model.RESTRICT_EMOJI_CREATION_ALL 571 }) 572 573 th.ResetEmojisMigration() 574 th.App.DoEmojisPermissionsMigration() 575 576 role3, err3 := th.App.GetRoleByName(model.SYSTEM_USER_ROLE_ID) 577 assert.Nil(t, err3) 578 expected3 := []string{ 579 model.PERMISSION_CREATE_DIRECT_CHANNEL.Id, 580 model.PERMISSION_CREATE_GROUP_CHANNEL.Id, 581 model.PERMISSION_PERMANENT_DELETE_USER.Id, 582 model.PERMISSION_CREATE_TEAM.Id, 583 model.PERMISSION_MANAGE_EMOJIS.Id, 584 } 585 assert.Equal(t, expected3, role3.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.SYSTEM_USER_ROLE_ID)) 586 587 systemAdmin2, systemAdminErr2 := th.App.GetRoleByName(model.SYSTEM_ADMIN_ROLE_ID) 588 assert.Nil(t, systemAdminErr2) 589 assert.Equal(t, expectedSystemAdmin, systemAdmin2.Permissions, fmt.Sprintf("'%v' did not have expected permissions", model.SYSTEM_ADMIN_ROLE_ID)) 590 }