github.com/mattermosttest/mattermost-server/v5@v5.0.0-20200917143240-9dfa12e121f9/app/user_test.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package app 5 6 import ( 7 "bytes" 8 "encoding/json" 9 "image" 10 "image/color" 11 "strings" 12 "testing" 13 "time" 14 15 "github.com/stretchr/testify/assert" 16 "github.com/stretchr/testify/require" 17 18 "github.com/mattermost/mattermost-server/v5/einterfaces" 19 "github.com/mattermost/mattermost-server/v5/model" 20 oauthgitlab "github.com/mattermost/mattermost-server/v5/model/gitlab" 21 "github.com/mattermost/mattermost-server/v5/utils/testutils" 22 ) 23 24 func TestIsUsernameTaken(t *testing.T) { 25 th := Setup(t).InitBasic() 26 defer th.TearDown() 27 28 user := th.BasicUser 29 taken := th.App.IsUsernameTaken(user.Username) 30 31 if !taken { 32 t.Logf("the username '%v' should be taken", user.Username) 33 t.FailNow() 34 } 35 36 newUsername := "randomUsername" 37 taken = th.App.IsUsernameTaken(newUsername) 38 39 if taken { 40 t.Logf("the username '%v' should not be taken", newUsername) 41 t.FailNow() 42 } 43 } 44 45 func TestCheckUserDomain(t *testing.T) { 46 th := Setup(t).InitBasic() 47 defer th.TearDown() 48 49 user := th.BasicUser 50 51 cases := []struct { 52 domains string 53 matched bool 54 }{ 55 {"simulator.amazonses.com", true}, 56 {"gmail.com", false}, 57 {"", true}, 58 {"gmail.com simulator.amazonses.com", true}, 59 } 60 for _, c := range cases { 61 matched := CheckUserDomain(user, c.domains) 62 if matched != c.matched { 63 if c.matched { 64 t.Logf("'%v' should have matched '%v'", user.Email, c.domains) 65 } else { 66 t.Logf("'%v' should not have matched '%v'", user.Email, c.domains) 67 } 68 t.FailNow() 69 } 70 } 71 } 72 73 func TestCreateOAuthUser(t *testing.T) { 74 th := Setup(t).InitBasic() 75 defer th.TearDown() 76 77 glUser := oauthgitlab.GitLabUser{Id: 42, Username: "o" + model.NewId(), Email: model.NewId() + "@simulator.amazonses.com", Name: "Joram Wilander"} 78 79 json := glUser.ToJson() 80 user, err := th.App.CreateOAuthUser(model.USER_AUTH_SERVICE_GITLAB, strings.NewReader(json), th.BasicTeam.Id) 81 require.Nil(t, err) 82 83 require.Equal(t, glUser.Username, user.Username, "usernames didn't match") 84 85 th.App.PermanentDeleteUser(user) 86 87 *th.App.Config().TeamSettings.EnableUserCreation = false 88 89 _, err = th.App.CreateOAuthUser(model.USER_AUTH_SERVICE_GITLAB, strings.NewReader(json), th.BasicTeam.Id) 90 require.NotNil(t, err, "should have failed - user creation disabled") 91 } 92 93 func TestCreateProfileImage(t *testing.T) { 94 b, err := CreateProfileImage("Corey Hulen", "eo1zkdr96pdj98pjmq8zy35wba", "nunito-bold.ttf") 95 require.Nil(t, err) 96 97 rdr := bytes.NewReader(b) 98 img, _, err2 := image.Decode(rdr) 99 require.Nil(t, err2) 100 101 colorful := color.RGBA{116, 49, 196, 255} 102 103 require.Equal(t, colorful, img.At(1, 1), "Failed to create correct color") 104 } 105 106 func TestSetDefaultProfileImage(t *testing.T) { 107 th := Setup(t).InitBasic() 108 defer th.TearDown() 109 110 err := th.App.SetDefaultProfileImage(&model.User{ 111 Id: model.NewId(), 112 Username: "notvaliduser", 113 }) 114 require.Error(t, err) 115 116 user := th.BasicUser 117 118 err = th.App.SetDefaultProfileImage(user) 119 require.Nil(t, err) 120 121 user = getUserFromDB(th.App, user.Id, t) 122 assert.Equal(t, int64(0), user.LastPictureUpdate) 123 } 124 125 func TestAdjustProfileImage(t *testing.T) { 126 th := Setup(t).InitBasic() 127 defer th.TearDown() 128 129 _, err := th.App.AdjustImage(bytes.NewReader([]byte{})) 130 require.Error(t, err) 131 132 // test image isn't the correct dimensions 133 // it should be adjusted 134 testjpg, error := testutils.ReadTestFile("testjpg.jpg") 135 require.Nil(t, error) 136 adjusted, err := th.App.AdjustImage(bytes.NewReader(testjpg)) 137 require.Nil(t, err) 138 assert.True(t, adjusted.Len() > 0) 139 assert.NotEqual(t, testjpg, adjusted) 140 141 // default image should require adjustement 142 user := th.BasicUser 143 image, err := th.App.GetDefaultProfileImage(user) 144 require.Nil(t, err) 145 image2, err := th.App.AdjustImage(bytes.NewReader(image)) 146 require.Nil(t, err) 147 assert.Equal(t, image, image2.Bytes()) 148 } 149 150 func TestUpdateUserToRestrictedDomain(t *testing.T) { 151 th := Setup(t) 152 defer th.TearDown() 153 154 user := th.CreateUser() 155 defer th.App.PermanentDeleteUser(user) 156 157 th.App.UpdateConfig(func(cfg *model.Config) { 158 *cfg.TeamSettings.RestrictCreationToDomains = "foo.com" 159 }) 160 161 _, err := th.App.UpdateUser(user, false) 162 assert.Nil(t, err) 163 164 user.Email = "asdf@ghjk.l" 165 _, err = th.App.UpdateUser(user, false) 166 assert.NotNil(t, err) 167 168 t.Run("Restricted Domains must be ignored for guest users", func(t *testing.T) { 169 guest := th.CreateGuest() 170 defer th.App.PermanentDeleteUser(guest) 171 172 th.App.UpdateConfig(func(cfg *model.Config) { 173 *cfg.TeamSettings.RestrictCreationToDomains = "foo.com" 174 }) 175 176 guest.Email = "asdf@bar.com" 177 updatedGuest, err := th.App.UpdateUser(guest, false) 178 require.Nil(t, err) 179 require.Equal(t, guest.Email, updatedGuest.Email) 180 }) 181 182 t.Run("Guest users should be affected by guest restricted domains", func(t *testing.T) { 183 guest := th.CreateGuest() 184 defer th.App.PermanentDeleteUser(guest) 185 186 th.App.UpdateConfig(func(cfg *model.Config) { 187 *cfg.GuestAccountsSettings.RestrictCreationToDomains = "foo.com" 188 }) 189 190 guest.Email = "asdf@bar.com" 191 _, err := th.App.UpdateUser(guest, false) 192 require.NotNil(t, err) 193 194 guest.Email = "asdf@foo.com" 195 updatedGuest, err := th.App.UpdateUser(guest, false) 196 require.Nil(t, err) 197 require.Equal(t, guest.Email, updatedGuest.Email) 198 }) 199 } 200 201 func TestUpdateUserActive(t *testing.T) { 202 th := Setup(t) 203 defer th.TearDown() 204 205 user := th.CreateUser() 206 207 EnableUserDeactivation := th.App.Config().TeamSettings.EnableUserDeactivation 208 defer func() { 209 th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableUserDeactivation = EnableUserDeactivation }) 210 }() 211 212 th.App.UpdateConfig(func(cfg *model.Config) { 213 *cfg.TeamSettings.EnableUserDeactivation = true 214 }) 215 err := th.App.UpdateUserActive(user.Id, false) 216 assert.Nil(t, err) 217 } 218 219 func TestUpdateActiveBotsSideEffect(t *testing.T) { 220 th := Setup(t).InitBasic() 221 defer th.TearDown() 222 223 bot, err := th.App.CreateBot(&model.Bot{ 224 Username: "username", 225 Description: "a bot", 226 OwnerId: th.BasicUser.Id, 227 }) 228 require.Nil(t, err) 229 defer th.App.PermanentDeleteBot(bot.UserId) 230 231 // Automatic deactivation disabled 232 th.App.UpdateConfig(func(cfg *model.Config) { 233 *cfg.ServiceSettings.DisableBotsWhenOwnerIsDeactivated = false 234 }) 235 236 th.App.UpdateActive(th.BasicUser, false) 237 238 retbot1, err := th.App.GetBot(bot.UserId, true) 239 require.Nil(t, err) 240 require.Zero(t, retbot1.DeleteAt) 241 user1, err := th.App.GetUser(bot.UserId) 242 require.Nil(t, err) 243 require.Zero(t, user1.DeleteAt) 244 245 th.App.UpdateActive(th.BasicUser, true) 246 247 // Automatic deactivation enabled 248 th.App.UpdateConfig(func(cfg *model.Config) { 249 *cfg.ServiceSettings.DisableBotsWhenOwnerIsDeactivated = true 250 }) 251 252 th.App.UpdateActive(th.BasicUser, false) 253 254 retbot2, err := th.App.GetBot(bot.UserId, true) 255 require.Nil(t, err) 256 require.NotZero(t, retbot2.DeleteAt) 257 user2, err := th.App.GetUser(bot.UserId) 258 require.Nil(t, err) 259 require.NotZero(t, user2.DeleteAt) 260 261 th.App.UpdateActive(th.BasicUser, true) 262 } 263 264 func TestUpdateOAuthUserAttrs(t *testing.T) { 265 th := Setup(t) 266 defer th.TearDown() 267 268 id := model.NewId() 269 id2 := model.NewId() 270 gitlabProvider := einterfaces.GetOauthProvider("gitlab") 271 272 username := "user" + id 273 username2 := "user" + id2 274 275 email := "user" + id + "@nowhere.com" 276 email2 := "user" + id2 + "@nowhere.com" 277 278 var user, user2 *model.User 279 var gitlabUserObj oauthgitlab.GitLabUser 280 user, gitlabUserObj = createGitlabUser(t, th.App, 1, username, email) 281 user2, _ = createGitlabUser(t, th.App, 2, username2, email2) 282 283 t.Run("UpdateUsername", func(t *testing.T) { 284 t.Run("NoExistingUserWithSameUsername", func(t *testing.T) { 285 gitlabUserObj.Username = "updateduser" + model.NewId() 286 gitlabUser := getGitlabUserPayload(gitlabUserObj, t) 287 data := bytes.NewReader(gitlabUser) 288 289 user = getUserFromDB(th.App, user.Id, t) 290 th.App.UpdateOAuthUserAttrs(data, user, gitlabProvider, "gitlab") 291 user = getUserFromDB(th.App, user.Id, t) 292 293 require.Equal(t, gitlabUserObj.Username, user.Username, "user's username is not updated") 294 }) 295 296 t.Run("ExistinguserWithSameUsername", func(t *testing.T) { 297 gitlabUserObj.Username = user2.Username 298 299 gitlabUser := getGitlabUserPayload(gitlabUserObj, t) 300 data := bytes.NewReader(gitlabUser) 301 302 user = getUserFromDB(th.App, user.Id, t) 303 th.App.UpdateOAuthUserAttrs(data, user, gitlabProvider, "gitlab") 304 user = getUserFromDB(th.App, user.Id, t) 305 306 require.NotEqual(t, gitlabUserObj.Username, user.Username, "user's username is updated though there already exists another user with the same username") 307 }) 308 }) 309 310 t.Run("UpdateEmail", func(t *testing.T) { 311 t.Run("NoExistingUserWithSameEmail", func(t *testing.T) { 312 gitlabUserObj.Email = "newuser" + model.NewId() + "@nowhere.com" 313 gitlabUser := getGitlabUserPayload(gitlabUserObj, t) 314 data := bytes.NewReader(gitlabUser) 315 316 user = getUserFromDB(th.App, user.Id, t) 317 th.App.UpdateOAuthUserAttrs(data, user, gitlabProvider, "gitlab") 318 user = getUserFromDB(th.App, user.Id, t) 319 320 require.Equal(t, gitlabUserObj.Email, user.Email, "user's email is not updated") 321 322 require.True(t, user.EmailVerified, "user's email should have been verified") 323 }) 324 325 t.Run("ExistingUserWithSameEmail", func(t *testing.T) { 326 gitlabUserObj.Email = user2.Email 327 328 gitlabUser := getGitlabUserPayload(gitlabUserObj, t) 329 data := bytes.NewReader(gitlabUser) 330 331 user = getUserFromDB(th.App, user.Id, t) 332 th.App.UpdateOAuthUserAttrs(data, user, gitlabProvider, "gitlab") 333 user = getUserFromDB(th.App, user.Id, t) 334 335 require.NotEqual(t, gitlabUserObj.Email, user.Email, "user's email is updated though there already exists another user with the same email") 336 }) 337 }) 338 339 t.Run("UpdateFirstName", func(t *testing.T) { 340 gitlabUserObj.Name = "Updated User" 341 gitlabUser := getGitlabUserPayload(gitlabUserObj, t) 342 data := bytes.NewReader(gitlabUser) 343 344 user = getUserFromDB(th.App, user.Id, t) 345 th.App.UpdateOAuthUserAttrs(data, user, gitlabProvider, "gitlab") 346 user = getUserFromDB(th.App, user.Id, t) 347 348 require.Equal(t, "Updated", user.FirstName, "user's first name is not updated") 349 }) 350 351 t.Run("UpdateLastName", func(t *testing.T) { 352 gitlabUserObj.Name = "Updated Lastname" 353 gitlabUser := getGitlabUserPayload(gitlabUserObj, t) 354 data := bytes.NewReader(gitlabUser) 355 356 user = getUserFromDB(th.App, user.Id, t) 357 th.App.UpdateOAuthUserAttrs(data, user, gitlabProvider, "gitlab") 358 user = getUserFromDB(th.App, user.Id, t) 359 360 require.Equal(t, "Lastname", user.LastName, "user's last name is not updated") 361 }) 362 } 363 364 func TestUpdateUserEmail(t *testing.T) { 365 th := Setup(t) 366 defer th.TearDown() 367 368 user := th.CreateUser() 369 370 t.Run("RequireVerification", func(t *testing.T) { 371 th.App.UpdateConfig(func(cfg *model.Config) { 372 *cfg.EmailSettings.RequireEmailVerification = true 373 }) 374 375 currentEmail := user.Email 376 newEmail := th.MakeEmail() 377 378 user.Email = newEmail 379 user2, err := th.App.UpdateUser(user, false) 380 assert.Nil(t, err) 381 assert.Equal(t, currentEmail, user2.Email) 382 assert.True(t, user2.EmailVerified) 383 384 token, err := th.App.Srv().EmailService.CreateVerifyEmailToken(user2.Id, newEmail) 385 assert.Nil(t, err) 386 387 err = th.App.VerifyEmailFromToken(token.Token) 388 assert.Nil(t, err) 389 390 user2, err = th.App.GetUser(user2.Id) 391 assert.Nil(t, err) 392 assert.Equal(t, newEmail, user2.Email) 393 assert.True(t, user2.EmailVerified) 394 395 // Create bot user 396 botuser := model.User{ 397 Email: "botuser@localhost", 398 Username: model.NewId(), 399 IsBot: true, 400 } 401 _, err = th.App.Srv().Store.User().Save(&botuser) 402 assert.Nil(t, err) 403 404 newBotEmail := th.MakeEmail() 405 botuser.Email = newBotEmail 406 botuser2, err := th.App.UpdateUser(&botuser, false) 407 assert.Nil(t, err) 408 assert.Equal(t, botuser2.Email, newBotEmail) 409 410 }) 411 412 t.Run("RequireVerificationAlreadyUsedEmail", func(t *testing.T) { 413 th.App.UpdateConfig(func(cfg *model.Config) { 414 *cfg.EmailSettings.RequireEmailVerification = true 415 }) 416 417 user2 := th.CreateUser() 418 newEmail := user2.Email 419 420 user.Email = newEmail 421 user3, err := th.App.UpdateUser(user, false) 422 assert.NotNil(t, err) 423 assert.Nil(t, user3) 424 }) 425 426 t.Run("NoVerification", func(t *testing.T) { 427 th.App.UpdateConfig(func(cfg *model.Config) { 428 *cfg.EmailSettings.RequireEmailVerification = false 429 }) 430 431 newEmail := th.MakeEmail() 432 433 user.Email = newEmail 434 user2, err := th.App.UpdateUser(user, false) 435 assert.Nil(t, err) 436 assert.Equal(t, newEmail, user2.Email) 437 438 // Create bot user 439 botuser := model.User{ 440 Email: "botuser@localhost", 441 Username: model.NewId(), 442 IsBot: true, 443 } 444 _, err = th.App.Srv().Store.User().Save(&botuser) 445 assert.Nil(t, err) 446 447 newBotEmail := th.MakeEmail() 448 botuser.Email = newBotEmail 449 botuser2, err := th.App.UpdateUser(&botuser, false) 450 assert.Nil(t, err) 451 assert.Equal(t, botuser2.Email, newBotEmail) 452 }) 453 } 454 455 func getUserFromDB(a *App, id string, t *testing.T) *model.User { 456 user, err := a.GetUser(id) 457 require.Nil(t, err, "user is not found", err) 458 return user 459 } 460 461 func getGitlabUserPayload(gitlabUser oauthgitlab.GitLabUser, t *testing.T) []byte { 462 var payload []byte 463 var err error 464 payload, err = json.Marshal(gitlabUser) 465 require.Nil(t, err, "Serialization of gitlab user to json failed", err) 466 467 return payload 468 } 469 470 func createGitlabUser(t *testing.T, a *App, id int64, username string, email string) (*model.User, oauthgitlab.GitLabUser) { 471 gitlabUserObj := oauthgitlab.GitLabUser{Id: id, Username: username, Login: "user1", Email: email, Name: "Test User"} 472 gitlabUser := getGitlabUserPayload(gitlabUserObj, t) 473 474 var user *model.User 475 var err *model.AppError 476 477 user, err = a.CreateOAuthUser("gitlab", bytes.NewReader(gitlabUser), "") 478 require.Nil(t, err, "unable to create the user", err) 479 480 return user, gitlabUserObj 481 } 482 483 func TestGetUsersByStatus(t *testing.T) { 484 th := Setup(t) 485 defer th.TearDown() 486 487 team := th.CreateTeam() 488 channel, err := th.App.CreateChannel(&model.Channel{ 489 DisplayName: "dn_" + model.NewId(), 490 Name: "name_" + model.NewId(), 491 Type: model.CHANNEL_OPEN, 492 TeamId: team.Id, 493 CreatorId: model.NewId(), 494 }, false) 495 require.Nil(t, err, "failed to create channel: %v", err) 496 497 createUserWithStatus := func(username string, status string) *model.User { 498 id := model.NewId() 499 500 user, err := th.App.CreateUser(&model.User{ 501 Email: "success+" + id + "@simulator.amazonses.com", 502 Username: "un_" + username + "_" + id, 503 Nickname: "nn_" + id, 504 Password: "Password1", 505 }) 506 require.Nil(t, err, "failed to create user: %v", err) 507 508 th.LinkUserToTeam(user, team) 509 th.AddUserToChannel(user, channel) 510 511 th.App.SaveAndBroadcastStatus(&model.Status{ 512 UserId: user.Id, 513 Status: status, 514 Manual: true, 515 }) 516 517 return user 518 } 519 520 // Creating these out of order in case that affects results 521 awayUser1 := createUserWithStatus("away1", model.STATUS_AWAY) 522 awayUser2 := createUserWithStatus("away2", model.STATUS_AWAY) 523 dndUser1 := createUserWithStatus("dnd1", model.STATUS_DND) 524 dndUser2 := createUserWithStatus("dnd2", model.STATUS_DND) 525 offlineUser1 := createUserWithStatus("offline1", model.STATUS_OFFLINE) 526 offlineUser2 := createUserWithStatus("offline2", model.STATUS_OFFLINE) 527 onlineUser1 := createUserWithStatus("online1", model.STATUS_ONLINE) 528 onlineUser2 := createUserWithStatus("online2", model.STATUS_ONLINE) 529 530 t.Run("sorting by status then alphabetical", func(t *testing.T) { 531 usersByStatus, err := th.App.GetUsersInChannelPageByStatus(channel.Id, 0, 8, true) 532 require.Nil(t, err) 533 534 expectedUsersByStatus := []*model.User{ 535 onlineUser1, 536 onlineUser2, 537 awayUser1, 538 awayUser2, 539 dndUser1, 540 dndUser2, 541 offlineUser1, 542 offlineUser2, 543 } 544 545 require.Equalf(t, len(expectedUsersByStatus), len(usersByStatus), "received only %v users, expected %v", len(usersByStatus), len(expectedUsersByStatus)) 546 547 for i := range usersByStatus { 548 require.Equalf(t, expectedUsersByStatus[i].Id, usersByStatus[i].Id, "received user %v at index %v, expected %v", usersByStatus[i].Username, i, expectedUsersByStatus[i].Username) 549 } 550 }) 551 552 t.Run("paging", func(t *testing.T) { 553 usersByStatus, err := th.App.GetUsersInChannelPageByStatus(channel.Id, 0, 3, true) 554 require.Nil(t, err) 555 556 require.Equal(t, 3, len(usersByStatus), "received too many users") 557 558 require.False( 559 t, 560 usersByStatus[0].Id != onlineUser1.Id && usersByStatus[1].Id != onlineUser2.Id, 561 "expected to receive online users first", 562 ) 563 564 require.Equal(t, awayUser1.Id, usersByStatus[2].Id, "expected to receive away users second") 565 566 usersByStatus, err = th.App.GetUsersInChannelPageByStatus(channel.Id, 1, 3, true) 567 require.Nil(t, err) 568 569 require.Equal(t, awayUser2.Id, usersByStatus[0].Id, "expected to receive away users second") 570 571 require.False( 572 t, 573 usersByStatus[1].Id != dndUser1.Id && usersByStatus[2].Id != dndUser2.Id, 574 "expected to receive dnd users third", 575 ) 576 577 usersByStatus, err = th.App.GetUsersInChannelPageByStatus(channel.Id, 1, 4, true) 578 require.Nil(t, err) 579 580 require.Equal(t, 4, len(usersByStatus), "received too many users") 581 582 require.False( 583 t, 584 usersByStatus[0].Id != dndUser1.Id && usersByStatus[1].Id != dndUser2.Id, 585 "expected to receive dnd users third", 586 ) 587 588 require.False( 589 t, 590 usersByStatus[2].Id != offlineUser1.Id && usersByStatus[3].Id != offlineUser2.Id, 591 "expected to receive offline users last", 592 ) 593 }) 594 } 595 596 func TestCreateUserWithInviteId(t *testing.T) { 597 th := Setup(t).InitBasic() 598 defer th.TearDown() 599 600 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 601 602 t.Run("should create a user", func(t *testing.T) { 603 u, err := th.App.CreateUserWithInviteId(&user, th.BasicTeam.InviteId, "") 604 require.Nil(t, err) 605 require.Equal(t, u.Id, user.Id) 606 }) 607 608 t.Run("invalid invite id", func(t *testing.T) { 609 _, err := th.App.CreateUserWithInviteId(&user, "", "") 610 require.NotNil(t, err) 611 require.Contains(t, err.Id, "store.sql_team.get_by_invite_id") 612 }) 613 614 t.Run("invalid domain", func(t *testing.T) { 615 th.BasicTeam.AllowedDomains = "mattermost.com" 616 _, err := th.App.Srv().Store.Team().Update(th.BasicTeam) 617 require.Nil(t, err) 618 _, err = th.App.CreateUserWithInviteId(&user, th.BasicTeam.InviteId, "") 619 require.NotNil(t, err) 620 require.Equal(t, "api.team.invite_members.invalid_email.app_error", err.Id) 621 }) 622 } 623 624 func TestCreateUserWithToken(t *testing.T) { 625 th := Setup(t).InitBasic() 626 defer th.TearDown() 627 628 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 629 630 t.Run("invalid token", func(t *testing.T) { 631 _, err := th.App.CreateUserWithToken(&user, &model.Token{Token: "123"}) 632 require.NotNil(t, err, "Should fail on unexisting token") 633 }) 634 635 t.Run("invalid token type", func(t *testing.T) { 636 token := model.NewToken( 637 TOKEN_TYPE_VERIFY_EMAIL, 638 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": user.Email}), 639 ) 640 require.Nil(t, th.App.Srv().Store.Token().Save(token)) 641 defer th.App.DeleteToken(token) 642 _, err := th.App.CreateUserWithToken(&user, token) 643 require.NotNil(t, err, "Should fail on bad token type") 644 }) 645 646 t.Run("expired token", func(t *testing.T) { 647 token := model.NewToken( 648 TOKEN_TYPE_TEAM_INVITATION, 649 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": user.Email}), 650 ) 651 token.CreateAt = model.GetMillis() - INVITATION_EXPIRY_TIME - 1 652 require.Nil(t, th.App.Srv().Store.Token().Save(token)) 653 defer th.App.DeleteToken(token) 654 _, err := th.App.CreateUserWithToken(&user, token) 655 require.NotNil(t, err, "Should fail on expired token") 656 }) 657 658 t.Run("invalid team id", func(t *testing.T) { 659 token := model.NewToken( 660 TOKEN_TYPE_TEAM_INVITATION, 661 model.MapToJson(map[string]string{"teamId": model.NewId(), "email": user.Email}), 662 ) 663 require.Nil(t, th.App.Srv().Store.Token().Save(token)) 664 defer th.App.DeleteToken(token) 665 _, err := th.App.CreateUserWithToken(&user, token) 666 require.NotNil(t, err, "Should fail on bad team id") 667 }) 668 669 t.Run("valid regular user request", func(t *testing.T) { 670 invitationEmail := model.NewId() + "other-email@test.com" 671 token := model.NewToken( 672 TOKEN_TYPE_TEAM_INVITATION, 673 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": invitationEmail}), 674 ) 675 require.Nil(t, th.App.Srv().Store.Token().Save(token)) 676 newUser, err := th.App.CreateUserWithToken(&user, token) 677 require.Nil(t, err, "Should add user to the team. err=%v", err) 678 assert.False(t, newUser.IsGuest()) 679 require.Equal(t, invitationEmail, newUser.Email, "The user email must be the invitation one") 680 681 _, nErr := th.App.Srv().Store.Token().GetByToken(token.Token) 682 require.NotNil(t, nErr, "The token must be deleted after be used") 683 684 members, err := th.App.GetChannelMembersForUser(th.BasicTeam.Id, newUser.Id) 685 require.Nil(t, err) 686 assert.Len(t, *members, 2) 687 }) 688 689 t.Run("valid guest request", func(t *testing.T) { 690 invitationEmail := model.NewId() + "other-email@test.com" 691 token := model.NewToken( 692 TOKEN_TYPE_GUEST_INVITATION, 693 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": invitationEmail, "channels": th.BasicChannel.Id}), 694 ) 695 require.Nil(t, th.App.Srv().Store.Token().Save(token)) 696 guest := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 697 newGuest, err := th.App.CreateUserWithToken(&guest, token) 698 require.Nil(t, err, "Should add user to the team. err=%v", err) 699 700 assert.True(t, newGuest.IsGuest()) 701 require.Equal(t, invitationEmail, newGuest.Email, "The user email must be the invitation one") 702 _, nErr := th.App.Srv().Store.Token().GetByToken(token.Token) 703 require.NotNil(t, nErr, "The token must be deleted after be used") 704 705 members, err := th.App.GetChannelMembersForUser(th.BasicTeam.Id, newGuest.Id) 706 require.Nil(t, err) 707 require.Len(t, *members, 1) 708 assert.Equal(t, (*members)[0].ChannelId, th.BasicChannel.Id) 709 }) 710 711 t.Run("create guest having email domain restrictions", func(t *testing.T) { 712 enableGuestDomainRestricions := *th.App.Config().GuestAccountsSettings.RestrictCreationToDomains 713 defer func() { 714 th.App.UpdateConfig(func(cfg *model.Config) { 715 cfg.GuestAccountsSettings.RestrictCreationToDomains = &enableGuestDomainRestricions 716 }) 717 }() 718 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.GuestAccountsSettings.RestrictCreationToDomains = "restricted.com" }) 719 forbiddenInvitationEmail := model.NewId() + "other-email@test.com" 720 grantedInvitationEmail := model.NewId() + "other-email@restricted.com" 721 forbiddenDomainToken := model.NewToken( 722 TOKEN_TYPE_GUEST_INVITATION, 723 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": forbiddenInvitationEmail, "channels": th.BasicChannel.Id}), 724 ) 725 grantedDomainToken := model.NewToken( 726 TOKEN_TYPE_GUEST_INVITATION, 727 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": grantedInvitationEmail, "channels": th.BasicChannel.Id}), 728 ) 729 require.Nil(t, th.App.Srv().Store.Token().Save(forbiddenDomainToken)) 730 require.Nil(t, th.App.Srv().Store.Token().Save(grantedDomainToken)) 731 guest := model.User{ 732 Email: strings.ToLower(model.NewId()) + "+test@example.com", 733 Nickname: "Darth Vader", 734 Username: "vader" + model.NewId(), 735 Password: "passwd1", 736 AuthService: "", 737 } 738 newGuest, err := th.App.CreateUserWithToken(&guest, forbiddenDomainToken) 739 require.NotNil(t, err) 740 require.Nil(t, newGuest) 741 assert.Equal(t, "api.user.create_user.accepted_domain.app_error", err.Id) 742 743 newGuest, err = th.App.CreateUserWithToken(&guest, grantedDomainToken) 744 require.Nil(t, err) 745 assert.True(t, newGuest.IsGuest()) 746 require.Equal(t, grantedInvitationEmail, newGuest.Email) 747 _, nErr := th.App.Srv().Store.Token().GetByToken(grantedDomainToken.Token) 748 require.NotNil(t, nErr) 749 750 members, err := th.App.GetChannelMembersForUser(th.BasicTeam.Id, newGuest.Id) 751 require.Nil(t, err) 752 require.Len(t, *members, 1) 753 assert.Equal(t, (*members)[0].ChannelId, th.BasicChannel.Id) 754 }) 755 756 t.Run("create guest having team and system email domain restrictions", func(t *testing.T) { 757 th.BasicTeam.AllowedDomains = "restricted-team.com" 758 _, err := th.App.UpdateTeam(th.BasicTeam) 759 require.Nil(t, err, "Should update the team") 760 enableGuestDomainRestricions := *th.App.Config().TeamSettings.RestrictCreationToDomains 761 defer func() { 762 th.App.UpdateConfig(func(cfg *model.Config) { 763 cfg.TeamSettings.RestrictCreationToDomains = &enableGuestDomainRestricions 764 }) 765 }() 766 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictCreationToDomains = "restricted.com" }) 767 invitationEmail := model.NewId() + "other-email@test.com" 768 token := model.NewToken( 769 TOKEN_TYPE_GUEST_INVITATION, 770 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": invitationEmail, "channels": th.BasicChannel.Id}), 771 ) 772 require.Nil(t, th.App.Srv().Store.Token().Save(token)) 773 guest := model.User{ 774 Email: strings.ToLower(model.NewId()) + "+test@example.com", 775 Nickname: "Darth Vader", 776 Username: "vader" + model.NewId(), 777 Password: "passwd1", 778 AuthService: "", 779 } 780 newGuest, err := th.App.CreateUserWithToken(&guest, token) 781 require.Nil(t, err) 782 assert.True(t, newGuest.IsGuest()) 783 assert.Equal(t, invitationEmail, newGuest.Email, "The user email must be the invitation one") 784 _, nErr := th.App.Srv().Store.Token().GetByToken(token.Token) 785 require.NotNil(t, nErr) 786 787 members, err := th.App.GetChannelMembersForUser(th.BasicTeam.Id, newGuest.Id) 788 require.Nil(t, err) 789 require.Len(t, *members, 1) 790 assert.Equal(t, (*members)[0].ChannelId, th.BasicChannel.Id) 791 }) 792 } 793 794 func TestPermanentDeleteUser(t *testing.T) { 795 th := Setup(t).InitBasic() 796 defer th.TearDown() 797 798 b := []byte("testimage") 799 800 finfo, err := th.App.DoUploadFile(time.Now(), th.BasicTeam.Id, th.BasicChannel.Id, th.BasicUser.Id, "testfile.txt", b) 801 802 require.Nil(t, err, "Unable to upload file. err=%v", err) 803 804 bot, err := th.App.CreateBot(&model.Bot{ 805 Username: "botname", 806 Description: "a bot", 807 OwnerId: model.NewId(), 808 }) 809 assert.Nil(t, err) 810 811 var bots1 []*model.Bot 812 var bots2 []*model.Bot 813 814 sqlSupplier := mainHelper.GetSQLSupplier() 815 _, err1 := sqlSupplier.GetMaster().Select(&bots1, "SELECT * FROM Bots") 816 assert.Nil(t, err1) 817 assert.Equal(t, 1, len(bots1)) 818 819 // test that bot is deleted from bots table 820 retUser1, err := th.App.GetUser(bot.UserId) 821 assert.Nil(t, err) 822 823 err = th.App.PermanentDeleteUser(retUser1) 824 assert.Nil(t, err) 825 826 _, err1 = sqlSupplier.GetMaster().Select(&bots2, "SELECT * FROM Bots") 827 assert.Nil(t, err1) 828 assert.Equal(t, 0, len(bots2)) 829 830 err = th.App.PermanentDeleteUser(th.BasicUser) 831 require.Nil(t, err, "Unable to delete user. err=%v", err) 832 833 res, err := th.App.FileExists(finfo.Path) 834 835 require.Nil(t, err, "Unable to check whether file exists. err=%v", err) 836 837 require.False(t, res, "File was not deleted on FS. err=%v", err) 838 839 finfo, err = th.App.GetFileInfo(finfo.Id) 840 841 require.Nil(t, finfo, "Unable to find finfo. err=%v", err) 842 843 require.NotNil(t, err, "GetFileInfo after DeleteUser is nil. err=%v", err) 844 } 845 846 func TestPasswordRecovery(t *testing.T) { 847 th := Setup(t).InitBasic() 848 defer th.TearDown() 849 850 token, err := th.App.CreatePasswordRecoveryToken(th.BasicUser.Id, th.BasicUser.Email) 851 assert.Nil(t, err) 852 853 tokenData := struct { 854 UserId string 855 Email string 856 }{} 857 858 err2 := json.Unmarshal([]byte(token.Extra), &tokenData) 859 assert.Nil(t, err2) 860 assert.Equal(t, th.BasicUser.Id, tokenData.UserId) 861 assert.Equal(t, th.BasicUser.Email, tokenData.Email) 862 863 // Password token with same eMail as during creation 864 err = th.App.ResetPasswordFromToken(token.Token, "abcdefgh") 865 assert.Nil(t, err) 866 867 // Password token with modified eMail after creation 868 token, err = th.App.CreatePasswordRecoveryToken(th.BasicUser.Id, th.BasicUser.Email) 869 assert.Nil(t, err) 870 871 th.App.UpdateConfig(func(c *model.Config) { 872 *c.EmailSettings.RequireEmailVerification = false 873 }) 874 875 th.BasicUser.Email = th.MakeEmail() 876 _, err = th.App.UpdateUser(th.BasicUser, false) 877 assert.Nil(t, err) 878 879 err = th.App.ResetPasswordFromToken(token.Token, "abcdefgh") 880 assert.NotNil(t, err) 881 } 882 883 func TestGetViewUsersRestrictions(t *testing.T) { 884 th := Setup(t).InitBasic() 885 defer th.TearDown() 886 887 team1 := th.CreateTeam() 888 team2 := th.CreateTeam() 889 th.CreateTeam() // Another team 890 891 user1 := th.CreateUser() 892 893 th.LinkUserToTeam(user1, team1) 894 th.LinkUserToTeam(user1, team2) 895 896 th.App.UpdateTeamMemberRoles(team1.Id, user1.Id, "team_user team_admin") 897 898 team1channel1 := th.CreateChannel(team1) 899 team1channel2 := th.CreateChannel(team1) 900 th.CreateChannel(team1) // Another channel 901 team1offtopic, err := th.App.GetChannelByName("off-topic", team1.Id, false) 902 require.Nil(t, err) 903 team1townsquare, err := th.App.GetChannelByName("town-square", team1.Id, false) 904 require.Nil(t, err) 905 906 team2channel1 := th.CreateChannel(team2) 907 th.CreateChannel(team2) // Another channel 908 team2offtopic, err := th.App.GetChannelByName("off-topic", team2.Id, false) 909 require.Nil(t, err) 910 team2townsquare, err := th.App.GetChannelByName("town-square", team2.Id, false) 911 require.Nil(t, err) 912 913 th.App.AddUserToChannel(user1, team1channel1) 914 th.App.AddUserToChannel(user1, team1channel2) 915 th.App.AddUserToChannel(user1, team2channel1) 916 917 addPermission := func(role *model.Role, permission string) *model.AppError { 918 newPermissions := append(role.Permissions, permission) 919 _, err := th.App.PatchRole(role, &model.RolePatch{Permissions: &newPermissions}) 920 return err 921 } 922 923 removePermission := func(role *model.Role, permission string) *model.AppError { 924 newPermissions := []string{} 925 for _, oldPermission := range role.Permissions { 926 if permission != oldPermission { 927 newPermissions = append(newPermissions, oldPermission) 928 } 929 } 930 _, err := th.App.PatchRole(role, &model.RolePatch{Permissions: &newPermissions}) 931 return err 932 } 933 934 t.Run("VIEW_MEMBERS permission granted at system level", func(t *testing.T) { 935 restrictions, err := th.App.GetViewUsersRestrictions(user1.Id) 936 require.Nil(t, err) 937 938 assert.Nil(t, restrictions) 939 }) 940 941 t.Run("VIEW_MEMBERS permission granted at team level", func(t *testing.T) { 942 systemUserRole, err := th.App.GetRoleByName(model.SYSTEM_USER_ROLE_ID) 943 require.Nil(t, err) 944 teamUserRole, err := th.App.GetRoleByName(model.TEAM_USER_ROLE_ID) 945 require.Nil(t, err) 946 947 require.Nil(t, removePermission(systemUserRole, model.PERMISSION_VIEW_MEMBERS.Id)) 948 defer addPermission(systemUserRole, model.PERMISSION_VIEW_MEMBERS.Id) 949 require.Nil(t, addPermission(teamUserRole, model.PERMISSION_VIEW_MEMBERS.Id)) 950 defer removePermission(teamUserRole, model.PERMISSION_VIEW_MEMBERS.Id) 951 952 restrictions, err := th.App.GetViewUsersRestrictions(user1.Id) 953 require.Nil(t, err) 954 955 assert.NotNil(t, restrictions) 956 assert.NotNil(t, restrictions.Teams) 957 assert.NotNil(t, restrictions.Channels) 958 assert.ElementsMatch(t, []string{team1townsquare.Id, team1offtopic.Id, team1channel1.Id, team1channel2.Id, team2townsquare.Id, team2offtopic.Id, team2channel1.Id}, restrictions.Channels) 959 assert.ElementsMatch(t, []string{team1.Id, team2.Id}, restrictions.Teams) 960 }) 961 962 t.Run("VIEW_MEMBERS permission not granted at any level", func(t *testing.T) { 963 systemUserRole, err := th.App.GetRoleByName(model.SYSTEM_USER_ROLE_ID) 964 require.Nil(t, err) 965 require.Nil(t, removePermission(systemUserRole, model.PERMISSION_VIEW_MEMBERS.Id)) 966 defer addPermission(systemUserRole, model.PERMISSION_VIEW_MEMBERS.Id) 967 968 restrictions, err := th.App.GetViewUsersRestrictions(user1.Id) 969 require.Nil(t, err) 970 971 assert.NotNil(t, restrictions) 972 assert.Empty(t, restrictions.Teams) 973 assert.NotNil(t, restrictions.Channels) 974 assert.ElementsMatch(t, []string{team1townsquare.Id, team1offtopic.Id, team1channel1.Id, team1channel2.Id, team2townsquare.Id, team2offtopic.Id, team2channel1.Id}, restrictions.Channels) 975 }) 976 977 t.Run("VIEW_MEMBERS permission for some teams but not for others", func(t *testing.T) { 978 systemUserRole, err := th.App.GetRoleByName(model.SYSTEM_USER_ROLE_ID) 979 require.Nil(t, err) 980 teamAdminRole, err := th.App.GetRoleByName(model.TEAM_ADMIN_ROLE_ID) 981 require.Nil(t, err) 982 983 require.Nil(t, removePermission(systemUserRole, model.PERMISSION_VIEW_MEMBERS.Id)) 984 defer addPermission(systemUserRole, model.PERMISSION_VIEW_MEMBERS.Id) 985 require.Nil(t, addPermission(teamAdminRole, model.PERMISSION_VIEW_MEMBERS.Id)) 986 defer removePermission(teamAdminRole, model.PERMISSION_VIEW_MEMBERS.Id) 987 988 restrictions, err := th.App.GetViewUsersRestrictions(user1.Id) 989 require.Nil(t, err) 990 991 assert.NotNil(t, restrictions) 992 assert.NotNil(t, restrictions.Teams) 993 assert.NotNil(t, restrictions.Channels) 994 assert.ElementsMatch(t, restrictions.Teams, []string{team1.Id}) 995 assert.ElementsMatch(t, []string{team1townsquare.Id, team1offtopic.Id, team1channel1.Id, team1channel2.Id, team2townsquare.Id, team2offtopic.Id, team2channel1.Id}, restrictions.Channels) 996 }) 997 } 998 999 func TestPromoteGuestToUser(t *testing.T) { 1000 th := Setup(t).InitBasic() 1001 defer th.TearDown() 1002 1003 t.Run("Must fail with regular user", func(t *testing.T) { 1004 require.Equal(t, "system_user", th.BasicUser.Roles) 1005 err := th.App.PromoteGuestToUser(th.BasicUser, th.BasicUser.Id) 1006 require.Nil(t, err) 1007 1008 user, err := th.App.GetUser(th.BasicUser.Id) 1009 assert.Nil(t, err) 1010 assert.Equal(t, "system_user", user.Roles) 1011 }) 1012 1013 t.Run("Must work with guest user without teams or channels", func(t *testing.T) { 1014 guest := th.CreateGuest() 1015 require.Equal(t, "system_guest", guest.Roles) 1016 1017 err := th.App.PromoteGuestToUser(guest, th.BasicUser.Id) 1018 require.Nil(t, err) 1019 guest, err = th.App.GetUser(guest.Id) 1020 assert.Nil(t, err) 1021 assert.Equal(t, "system_user", guest.Roles) 1022 }) 1023 1024 t.Run("Must work with guest user with teams but no channels", func(t *testing.T) { 1025 guest := th.CreateGuest() 1026 require.Equal(t, "system_guest", guest.Roles) 1027 th.LinkUserToTeam(guest, th.BasicTeam) 1028 teamMember, err := th.App.GetTeamMember(th.BasicTeam.Id, guest.Id) 1029 require.Nil(t, err) 1030 require.True(t, teamMember.SchemeGuest) 1031 require.False(t, teamMember.SchemeUser) 1032 1033 err = th.App.PromoteGuestToUser(guest, th.BasicUser.Id) 1034 require.Nil(t, err) 1035 guest, err = th.App.GetUser(guest.Id) 1036 assert.Nil(t, err) 1037 assert.Equal(t, "system_user", guest.Roles) 1038 teamMember, err = th.App.GetTeamMember(th.BasicTeam.Id, guest.Id) 1039 assert.Nil(t, err) 1040 assert.False(t, teamMember.SchemeGuest) 1041 assert.True(t, teamMember.SchemeUser) 1042 }) 1043 1044 t.Run("Must work with guest user with teams and channels", func(t *testing.T) { 1045 guest := th.CreateGuest() 1046 require.Equal(t, "system_guest", guest.Roles) 1047 th.LinkUserToTeam(guest, th.BasicTeam) 1048 teamMember, err := th.App.GetTeamMember(th.BasicTeam.Id, guest.Id) 1049 require.Nil(t, err) 1050 require.True(t, teamMember.SchemeGuest) 1051 require.False(t, teamMember.SchemeUser) 1052 1053 channelMember := th.AddUserToChannel(guest, th.BasicChannel) 1054 require.True(t, channelMember.SchemeGuest) 1055 require.False(t, channelMember.SchemeUser) 1056 1057 err = th.App.PromoteGuestToUser(guest, th.BasicUser.Id) 1058 require.Nil(t, err) 1059 guest, err = th.App.GetUser(guest.Id) 1060 assert.Nil(t, err) 1061 assert.Equal(t, "system_user", guest.Roles) 1062 teamMember, err = th.App.GetTeamMember(th.BasicTeam.Id, guest.Id) 1063 assert.Nil(t, err) 1064 assert.False(t, teamMember.SchemeGuest) 1065 assert.True(t, teamMember.SchemeUser) 1066 channelMember, err = th.App.GetChannelMember(th.BasicChannel.Id, guest.Id) 1067 assert.Nil(t, err) 1068 assert.False(t, teamMember.SchemeGuest) 1069 assert.True(t, teamMember.SchemeUser) 1070 }) 1071 1072 t.Run("Must add the default channels", func(t *testing.T) { 1073 guest := th.CreateGuest() 1074 require.Equal(t, "system_guest", guest.Roles) 1075 th.LinkUserToTeam(guest, th.BasicTeam) 1076 teamMember, err := th.App.GetTeamMember(th.BasicTeam.Id, guest.Id) 1077 require.Nil(t, err) 1078 require.True(t, teamMember.SchemeGuest) 1079 require.False(t, teamMember.SchemeUser) 1080 1081 channelMember := th.AddUserToChannel(guest, th.BasicChannel) 1082 require.True(t, channelMember.SchemeGuest) 1083 require.False(t, channelMember.SchemeUser) 1084 1085 channelMembers, err := th.App.GetChannelMembersForUser(th.BasicTeam.Id, guest.Id) 1086 require.Nil(t, err) 1087 require.Len(t, *channelMembers, 1) 1088 1089 err = th.App.PromoteGuestToUser(guest, th.BasicUser.Id) 1090 require.Nil(t, err) 1091 guest, err = th.App.GetUser(guest.Id) 1092 assert.Nil(t, err) 1093 assert.Equal(t, "system_user", guest.Roles) 1094 teamMember, err = th.App.GetTeamMember(th.BasicTeam.Id, guest.Id) 1095 assert.Nil(t, err) 1096 assert.False(t, teamMember.SchemeGuest) 1097 assert.True(t, teamMember.SchemeUser) 1098 channelMember, err = th.App.GetChannelMember(th.BasicChannel.Id, guest.Id) 1099 assert.Nil(t, err) 1100 assert.False(t, teamMember.SchemeGuest) 1101 assert.True(t, teamMember.SchemeUser) 1102 1103 channelMembers, err = th.App.GetChannelMembersForUser(th.BasicTeam.Id, guest.Id) 1104 require.Nil(t, err) 1105 assert.Len(t, *channelMembers, 3) 1106 }) 1107 1108 t.Run("Must invalidate channel stats cache when promoting a guest", func(t *testing.T) { 1109 guest := th.CreateGuest() 1110 require.Equal(t, "system_guest", guest.Roles) 1111 th.LinkUserToTeam(guest, th.BasicTeam) 1112 teamMember, err := th.App.GetTeamMember(th.BasicTeam.Id, guest.Id) 1113 require.Nil(t, err) 1114 require.True(t, teamMember.SchemeGuest) 1115 require.False(t, teamMember.SchemeUser) 1116 1117 guestCount, _ := th.App.GetChannelGuestCount(th.BasicChannel.Id) 1118 require.Equal(t, int64(0), guestCount) 1119 1120 channelMember := th.AddUserToChannel(guest, th.BasicChannel) 1121 require.True(t, channelMember.SchemeGuest) 1122 require.False(t, channelMember.SchemeUser) 1123 1124 guestCount, _ = th.App.GetChannelGuestCount(th.BasicChannel.Id) 1125 require.Equal(t, int64(1), guestCount) 1126 1127 err = th.App.PromoteGuestToUser(guest, th.BasicUser.Id) 1128 require.Nil(t, err) 1129 1130 guestCount, _ = th.App.GetChannelGuestCount(th.BasicChannel.Id) 1131 require.Equal(t, int64(0), guestCount) 1132 }) 1133 } 1134 1135 func TestDemoteUserToGuest(t *testing.T) { 1136 th := Setup(t).InitBasic() 1137 defer th.TearDown() 1138 1139 t.Run("Must invalidate channel stats cache when demoting a user", func(t *testing.T) { 1140 user := th.CreateUser() 1141 require.Equal(t, "system_user", user.Roles) 1142 th.LinkUserToTeam(user, th.BasicTeam) 1143 teamMember, err := th.App.GetTeamMember(th.BasicTeam.Id, user.Id) 1144 require.Nil(t, err) 1145 require.True(t, teamMember.SchemeUser) 1146 require.False(t, teamMember.SchemeGuest) 1147 1148 guestCount, _ := th.App.GetChannelGuestCount(th.BasicChannel.Id) 1149 require.Equal(t, int64(0), guestCount) 1150 1151 channelMember := th.AddUserToChannel(user, th.BasicChannel) 1152 require.True(t, channelMember.SchemeUser) 1153 require.False(t, channelMember.SchemeGuest) 1154 1155 guestCount, _ = th.App.GetChannelGuestCount(th.BasicChannel.Id) 1156 require.Equal(t, int64(0), guestCount) 1157 1158 err = th.App.DemoteUserToGuest(user) 1159 require.Nil(t, err) 1160 1161 guestCount, _ = th.App.GetChannelGuestCount(th.BasicChannel.Id) 1162 require.Equal(t, int64(1), guestCount) 1163 }) 1164 1165 t.Run("Must fail with guest user", func(t *testing.T) { 1166 guest := th.CreateGuest() 1167 require.Equal(t, "system_guest", guest.Roles) 1168 err := th.App.DemoteUserToGuest(guest) 1169 require.Nil(t, err) 1170 1171 user, err := th.App.GetUser(guest.Id) 1172 assert.Nil(t, err) 1173 assert.Equal(t, "system_guest", user.Roles) 1174 }) 1175 1176 t.Run("Must work with user without teams or channels", func(t *testing.T) { 1177 user := th.CreateUser() 1178 require.Equal(t, "system_user", user.Roles) 1179 1180 err := th.App.DemoteUserToGuest(user) 1181 require.Nil(t, err) 1182 user, err = th.App.GetUser(user.Id) 1183 assert.Nil(t, err) 1184 assert.Equal(t, "system_guest", user.Roles) 1185 }) 1186 1187 t.Run("Must work with user with teams but no channels", func(t *testing.T) { 1188 user := th.CreateUser() 1189 require.Equal(t, "system_user", user.Roles) 1190 th.LinkUserToTeam(user, th.BasicTeam) 1191 teamMember, err := th.App.GetTeamMember(th.BasicTeam.Id, user.Id) 1192 require.Nil(t, err) 1193 require.True(t, teamMember.SchemeUser) 1194 require.False(t, teamMember.SchemeGuest) 1195 1196 err = th.App.DemoteUserToGuest(user) 1197 require.Nil(t, err) 1198 user, err = th.App.GetUser(user.Id) 1199 assert.Nil(t, err) 1200 assert.Equal(t, "system_guest", user.Roles) 1201 teamMember, err = th.App.GetTeamMember(th.BasicTeam.Id, user.Id) 1202 assert.Nil(t, err) 1203 assert.False(t, teamMember.SchemeUser) 1204 assert.True(t, teamMember.SchemeGuest) 1205 }) 1206 1207 t.Run("Must work with user with teams and channels", func(t *testing.T) { 1208 user := th.CreateUser() 1209 require.Equal(t, "system_user", user.Roles) 1210 th.LinkUserToTeam(user, th.BasicTeam) 1211 teamMember, err := th.App.GetTeamMember(th.BasicTeam.Id, user.Id) 1212 require.Nil(t, err) 1213 require.True(t, teamMember.SchemeUser) 1214 require.False(t, teamMember.SchemeGuest) 1215 1216 channelMember := th.AddUserToChannel(user, th.BasicChannel) 1217 require.True(t, channelMember.SchemeUser) 1218 require.False(t, channelMember.SchemeGuest) 1219 1220 err = th.App.DemoteUserToGuest(user) 1221 require.Nil(t, err) 1222 user, err = th.App.GetUser(user.Id) 1223 assert.Nil(t, err) 1224 assert.Equal(t, "system_guest", user.Roles) 1225 teamMember, err = th.App.GetTeamMember(th.BasicTeam.Id, user.Id) 1226 assert.Nil(t, err) 1227 assert.False(t, teamMember.SchemeUser) 1228 assert.True(t, teamMember.SchemeGuest) 1229 channelMember, err = th.App.GetChannelMember(th.BasicChannel.Id, user.Id) 1230 assert.Nil(t, err) 1231 assert.False(t, teamMember.SchemeUser) 1232 assert.True(t, teamMember.SchemeGuest) 1233 }) 1234 1235 t.Run("Must respect the current channels not removing defaults", func(t *testing.T) { 1236 user := th.CreateUser() 1237 require.Equal(t, "system_user", user.Roles) 1238 th.LinkUserToTeam(user, th.BasicTeam) 1239 teamMember, err := th.App.GetTeamMember(th.BasicTeam.Id, user.Id) 1240 require.Nil(t, err) 1241 require.True(t, teamMember.SchemeUser) 1242 require.False(t, teamMember.SchemeGuest) 1243 1244 channelMember := th.AddUserToChannel(user, th.BasicChannel) 1245 require.True(t, channelMember.SchemeUser) 1246 require.False(t, channelMember.SchemeGuest) 1247 1248 channelMembers, err := th.App.GetChannelMembersForUser(th.BasicTeam.Id, user.Id) 1249 require.Nil(t, err) 1250 require.Len(t, *channelMembers, 3) 1251 1252 err = th.App.DemoteUserToGuest(user) 1253 require.Nil(t, err) 1254 user, err = th.App.GetUser(user.Id) 1255 assert.Nil(t, err) 1256 assert.Equal(t, "system_guest", user.Roles) 1257 teamMember, err = th.App.GetTeamMember(th.BasicTeam.Id, user.Id) 1258 assert.Nil(t, err) 1259 assert.False(t, teamMember.SchemeUser) 1260 assert.True(t, teamMember.SchemeGuest) 1261 channelMember, err = th.App.GetChannelMember(th.BasicChannel.Id, user.Id) 1262 assert.Nil(t, err) 1263 assert.False(t, teamMember.SchemeUser) 1264 assert.True(t, teamMember.SchemeGuest) 1265 1266 channelMembers, err = th.App.GetChannelMembersForUser(th.BasicTeam.Id, user.Id) 1267 require.Nil(t, err) 1268 assert.Len(t, *channelMembers, 3) 1269 }) 1270 } 1271 1272 func TestDeactivateGuests(t *testing.T) { 1273 th := Setup(t).InitBasic() 1274 defer th.TearDown() 1275 1276 guest1 := th.CreateGuest() 1277 guest2 := th.CreateGuest() 1278 user := th.CreateUser() 1279 1280 err := th.App.DeactivateGuests() 1281 require.Nil(t, err) 1282 1283 guest1, err = th.App.GetUser(guest1.Id) 1284 assert.Nil(t, err) 1285 assert.NotEqual(t, int64(0), guest1.DeleteAt) 1286 1287 guest2, err = th.App.GetUser(guest2.Id) 1288 assert.Nil(t, err) 1289 assert.NotEqual(t, int64(0), guest2.DeleteAt) 1290 1291 user, err = th.App.GetUser(user.Id) 1292 assert.Nil(t, err) 1293 assert.Equal(t, int64(0), user.DeleteAt) 1294 }