github.com/psyb0t/mattermost-server@v4.6.1-0.20180125161845-5503a1351abf+incompatible/api/user_test.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api 5 6 import ( 7 "bytes" 8 "fmt" 9 "image" 10 "image/color" 11 "io" 12 "mime/multipart" 13 "net/http" 14 "os" 15 "strings" 16 "testing" 17 "time" 18 19 "github.com/mattermost/mattermost-server/app" 20 "github.com/mattermost/mattermost-server/model" 21 "github.com/mattermost/mattermost-server/store" 22 "github.com/mattermost/mattermost-server/utils" 23 ) 24 25 func TestCreateUser(t *testing.T) { 26 th := Setup() 27 defer th.TearDown() 28 29 Client := th.CreateClient() 30 31 user := model.User{Email: strings.ToLower("success+"+model.NewId()) + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "hello1", Username: "n" + model.NewId()} 32 33 ruser, err := Client.CreateUser(&user, "") 34 if err != nil { 35 t.Fatal(err) 36 } 37 38 Client.Login(user.Email, user.Password) 39 40 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 41 rteam, _ := Client.CreateTeam(&team) 42 43 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 44 45 if ruser.Data.(*model.User).Nickname != user.Nickname { 46 t.Fatal("nickname didn't match") 47 } 48 49 if ruser.Data.(*model.User).Password != "" { 50 t.Fatal("password wasn't blank") 51 } 52 53 if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err == nil { 54 t.Fatal("Cannot create an existing") 55 } 56 57 ruser.Data.(*model.User).Id = "" 58 ruser.Data.(*model.User).Username = "n" + model.NewId() 59 ruser.Data.(*model.User).Password = "passwd1" 60 if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err != nil { 61 if err.Message != "An account with that email already exists." { 62 t.Fatal(err) 63 } 64 } 65 66 ruser.Data.(*model.User).Email = "success+" + model.NewId() + "@simulator.amazonses.com" 67 ruser.Data.(*model.User).Username = user.Username 68 if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err != nil { 69 if err.Message != "An account with that username already exists." { 70 t.Fatal(err) 71 } 72 } 73 74 ruser.Data.(*model.User).Email = "" 75 if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err != nil { 76 if err.Message != "Invalid email" { 77 t.Fatal(err) 78 } 79 } 80 81 if _, err := Client.DoApiPost("/users/create", "garbage"); err == nil { 82 t.Fatal("should have been an error") 83 } 84 } 85 86 func TestLogin(t *testing.T) { 87 th := Setup().InitBasic() 88 defer th.TearDown() 89 90 Client := th.BasicClient 91 92 th.App.UpdateConfig(func(cfg *model.Config) { 93 *cfg.EmailSettings.EnableSignInWithEmail = false 94 *cfg.EmailSettings.EnableSignInWithUsername = false 95 *cfg.LdapSettings.Enable = false 96 }) 97 98 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 99 rteam, _ := Client.CreateTeam(&team) 100 101 team2 := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_INVITE} 102 rteam2 := Client.Must(Client.CreateTeam(&team2)) 103 104 Client.Logout() 105 106 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Username: "corey" + model.NewId(), Password: "passwd1"} 107 ruser, _ := Client.CreateUser(&user, "") 108 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 109 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 110 111 if result, err := Client.LoginById(ruser.Data.(*model.User).Id, user.Password); err != nil { 112 t.Fatal(err) 113 } else { 114 if result.Data.(*model.User).Email != user.Email { 115 t.Fatal("emails didn't match") 116 } 117 } 118 119 if _, err := Client.Login(user.Email, user.Password); err == nil { 120 t.Fatal("shouldn't be able to log in by email when disabled") 121 } 122 123 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.EmailSettings.EnableSignInWithEmail = true }) 124 if result, err := Client.Login(user.Email, user.Password); err != nil { 125 t.Fatal(err) 126 } else { 127 if result.Data.(*model.User).Email != user.Email { 128 t.Fatal("emails didn't match") 129 } 130 } 131 132 if _, err := Client.Login(user.Username, user.Password); err == nil { 133 t.Fatal("shouldn't be able to log in by username when disabled") 134 } 135 136 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.EmailSettings.EnableSignInWithUsername = true }) 137 if result, err := Client.Login(user.Username, user.Password); err != nil { 138 t.Fatal(err) 139 } else { 140 if result.Data.(*model.User).Email != user.Email { 141 t.Fatal("emails didn't match") 142 } 143 } 144 145 if _, err := Client.Login(user.Email, user.Password+"invalid"); err == nil { 146 t.Fatal("Invalid Password") 147 } 148 149 if _, err := Client.Login(user.Username, user.Password+"invalid"); err == nil { 150 t.Fatal("Invalid Password") 151 } 152 153 if _, err := Client.Login("", user.Password); err == nil { 154 t.Fatal("should have failed") 155 } 156 157 if _, err := Client.Login("", user.Password); err == nil { 158 t.Fatal("should have failed") 159 } 160 161 authToken := Client.AuthToken 162 Client.AuthToken = "invalid" 163 164 if _, err := Client.GetUser(ruser.Data.(*model.User).Id, ""); err == nil { 165 t.Fatal("should have failed") 166 } 167 168 Client.AuthToken = "" 169 170 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 171 172 if _, err := Client.CreateUserFromSignup(&user2, "junk", "1231312"); err == nil { 173 t.Fatal("Should have errored, signed up without hashed email") 174 } 175 176 props := make(map[string]string) 177 props["email"] = user2.Email 178 props["id"] = rteam2.Data.(*model.Team).Id 179 props["display_name"] = rteam2.Data.(*model.Team).DisplayName 180 props["time"] = fmt.Sprintf("%v", model.GetMillis()) 181 data := model.MapToJson(props) 182 hash := utils.HashSha256(fmt.Sprintf("%v:%v", data, th.App.Config().EmailSettings.InviteSalt)) 183 184 ruser2, err := Client.CreateUserFromSignup(&user2, data, hash) 185 if err != nil { 186 t.Fatal(err) 187 } 188 189 if _, err := Client.Login(ruser2.Data.(*model.User).Email, user2.Password); err != nil { 190 t.Fatal("From verfied hash") 191 } 192 193 Client.AuthToken = authToken 194 195 user3 := &model.User{ 196 Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", 197 Nickname: "Corey Hulen", 198 Username: "corey" + model.NewId(), 199 Password: "passwd1", 200 AuthService: model.USER_AUTH_SERVICE_LDAP, 201 } 202 user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User) 203 store.Must(th.App.Srv.Store.User().VerifyEmail(user3.Id)) 204 205 if _, err := Client.Login(user3.Id, user3.Password); err == nil { 206 t.Fatal("AD/LDAP user should not be able to log in with AD/LDAP disabled") 207 } 208 } 209 210 func TestLoginByLdap(t *testing.T) { 211 th := Setup().InitBasic() 212 defer th.TearDown() 213 214 Client := th.BasicClient 215 216 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 217 rteam, _ := Client.CreateTeam(&team) 218 219 Client.Logout() 220 221 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Username: "corey" + model.NewId(), Password: "passwd1"} 222 ruser, _ := Client.CreateUser(&user, "") 223 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 224 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 225 226 if _, err := Client.LoginByLdap(ruser.Data.(*model.User).Id, user.Password); err == nil { 227 t.Fatal("should have failed to log in with non AD/LDAP user") 228 } 229 } 230 231 func TestLoginWithDeviceId(t *testing.T) { 232 th := Setup().InitBasic() 233 defer th.TearDown() 234 235 Client := th.BasicClient 236 user := th.BasicUser 237 Client.Must(Client.Logout()) 238 239 deviceId := model.NewId() 240 if result, err := Client.LoginWithDevice(user.Email, user.Password, deviceId); err != nil { 241 t.Fatal(err) 242 } else { 243 ruser := result.Data.(*model.User) 244 245 if ssresult, err := Client.GetSessions(ruser.Id); err != nil { 246 t.Fatal(err) 247 } else { 248 sessions := ssresult.Data.([]*model.Session) 249 if _, err := Client.LoginWithDevice(user.Email, user.Password, deviceId); err != nil { 250 t.Fatal(err) 251 } 252 253 if sresult := <-th.App.Srv.Store.Session().Get(sessions[0].Id); sresult.Err == nil { 254 t.Fatal("session should have been removed") 255 } 256 } 257 } 258 } 259 260 func TestPasswordGuessLockout(t *testing.T) { 261 th := Setup().InitBasic() 262 defer th.TearDown() 263 264 Client := th.BasicClient 265 user := th.BasicUser 266 Client.Must(Client.Logout()) 267 268 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.EmailSettings.EnableSignInWithEmail = true }) 269 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.MaximumLoginAttempts = 2 }) 270 271 // OK to log in 272 if _, err := Client.Login(user.Username, user.Password); err != nil { 273 t.Fatal(err) 274 } 275 276 Client.Must(Client.Logout()) 277 278 // Fail twice 279 if _, err := Client.Login(user.Email, "notthepassword"); err == nil { 280 t.Fatal("Shouldn't be able to login with bad password.") 281 } 282 if _, err := Client.Login(user.Email, "notthepassword"); err == nil { 283 t.Fatal("Shouldn't be able to login with bad password.") 284 } 285 286 // Locked out 287 if _, err := Client.Login(user.Email, user.Password); err == nil { 288 t.Fatal("Shouldn't be able to login with password when account is locked out.") 289 } 290 } 291 292 func TestSessions(t *testing.T) { 293 th := Setup().InitBasic() 294 defer th.TearDown() 295 296 Client := th.BasicClient 297 user := th.BasicUser 298 Client.Must(Client.Logout()) 299 300 deviceId := model.NewId() 301 Client.LoginWithDevice(user.Email, user.Password, deviceId) 302 Client.Login(user.Email, user.Password) 303 304 r1, err := Client.GetSessions(user.Id) 305 if err != nil { 306 t.Fatal(err) 307 } 308 309 sessions := r1.Data.([]*model.Session) 310 otherSession := "" 311 312 if len(sessions) != 2 { 313 t.Fatal("invalid number of sessions") 314 } 315 316 for _, session := range sessions { 317 if session.DeviceId == deviceId { 318 otherSession = session.Id 319 } 320 321 if len(session.Token) != 0 { 322 t.Fatal("shouldn't return session tokens") 323 } 324 } 325 326 if _, err := Client.RevokeSession(otherSession); err != nil { 327 t.Fatal(err) 328 } 329 330 r2, err := Client.GetSessions(user.Id) 331 if err != nil { 332 t.Fatal(err) 333 } 334 335 sessions2 := r2.Data.([]*model.Session) 336 337 if len(sessions2) != 1 { 338 t.Fatal("invalid number of sessions") 339 } 340 } 341 342 func TestGetUser(t *testing.T) { 343 th := Setup().InitBasic() 344 defer th.TearDown() 345 346 Client := th.BasicClient 347 348 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 349 rteam, _ := Client.CreateTeam(&team) 350 351 team2 := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 352 rteam2, _ := Client.CreateTeam(&team2) 353 354 Client.Logout() 355 356 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 357 ruser, _ := Client.CreateUser(&user, "") 358 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 359 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 360 361 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", FirstName: "Corey", LastName: "Hulen"} 362 ruser2, _ := Client.CreateUser(&user2, "") 363 th.LinkUserToTeam(ruser2.Data.(*model.User), rteam.Data.(*model.Team)) 364 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser2.Data.(*model.User).Id)) 365 366 user3 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 367 ruser3, _ := Client.CreateUser(&user3, "") 368 th.LinkUserToTeam(ruser3.Data.(*model.User), rteam2.Data.(*model.Team)) 369 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser3.Data.(*model.User).Id)) 370 371 Client.Login(user.Email, user.Password) 372 373 rId := ruser.Data.(*model.User).Id 374 if result, err := Client.GetUser(rId, ""); err != nil { 375 t.Fatal("Failed to get user") 376 } else { 377 if result.Data.(*model.User).Password != "" { 378 t.Fatal("User shouldn't have any password data once set") 379 } 380 381 if cache_result, err := Client.GetUser(rId, result.Etag); err != nil { 382 t.Fatal(err) 383 } else if cache_result.Data.(*model.User) != nil { 384 t.Fatal("cache should be empty") 385 } 386 } 387 388 if result, err := Client.GetMe(""); err != nil { 389 t.Fatal("Failed to get user") 390 } else { 391 if result.Data.(*model.User).Password != "" { 392 t.Fatal("User shouldn't have any password data once set") 393 } 394 } 395 396 if _, err := Client.GetUser("FORBIDDENERROR", ""); err == nil { 397 t.Fatal("shouldn't exist") 398 } 399 400 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 401 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 402 403 if result, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err != nil { 404 t.Fatal(err) 405 } else { 406 u := result.Data.(*model.User) 407 if u.Password != "" { 408 t.Fatal("password must be empty") 409 } 410 if *u.AuthData != "" { 411 t.Fatal("auth data must be empty") 412 } 413 if u.Email != "" { 414 t.Fatal("email should be sanitized") 415 } 416 if u.FirstName != "" { 417 t.Fatal("full name should be sanitized") 418 } 419 if u.LastName != "" { 420 t.Fatal("full name should be sanitized") 421 } 422 } 423 424 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 425 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = true }) 426 427 if result, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err != nil { 428 t.Fatal(err) 429 } else { 430 u := result.Data.(*model.User) 431 if u.Email == "" { 432 t.Fatal("email should not be sanitized") 433 } 434 if u.FirstName == "" { 435 t.Fatal("full name should not be sanitized") 436 } 437 if u.LastName == "" { 438 t.Fatal("full name should not be sanitized") 439 } 440 } 441 442 if userMap, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 0, 100, ""); err != nil { 443 t.Fatal(err) 444 } else if len(userMap.Data.(map[string]*model.User)) != 3 { 445 t.Fatal("should have been 3") 446 } else if userMap.Data.(map[string]*model.User)[rId].Id != rId { 447 t.Fatal("should have been valid") 448 } else { 449 450 // test etag caching 451 if cache_result, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 0, 100, userMap.Etag); err != nil { 452 t.Fatal(err) 453 } else if cache_result.Data.(map[string]*model.User) != nil { 454 t.Log(cache_result.Data) 455 t.Fatal("cache should be empty") 456 } 457 } 458 459 if userMap, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 0, 1, ""); err != nil { 460 t.Fatal(err) 461 } else if len(userMap.Data.(map[string]*model.User)) != 1 { 462 t.Fatal("should have been 1") 463 } 464 465 if userMap, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 1, 1, ""); err != nil { 466 t.Fatal(err) 467 } else if len(userMap.Data.(map[string]*model.User)) != 1 { 468 t.Fatal("should have been 1") 469 } 470 471 if userMap, err := Client.GetProfilesInTeam(rteam.Data.(*model.Team).Id, 10, 10, ""); err != nil { 472 t.Fatal(err) 473 } else if len(userMap.Data.(map[string]*model.User)) != 0 { 474 t.Fatal("should have been 0") 475 } 476 477 if _, err := Client.GetProfilesInTeam(rteam2.Data.(*model.Team).Id, 0, 100, ""); err == nil { 478 t.Fatal("shouldn't have access") 479 } 480 481 Client.AuthToken = "" 482 if _, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err == nil { 483 t.Fatal("shouldn't have accss") 484 } 485 486 th.App.UpdateUserRoles(ruser.Data.(*model.User).Id, model.SYSTEM_ADMIN_ROLE_ID, false) 487 488 Client.Login(user.Email, "passwd1") 489 490 if _, err := Client.GetProfilesInTeam(rteam2.Data.(*model.Team).Id, 0, 100, ""); err != nil { 491 t.Fatal(err) 492 } 493 } 494 495 func TestGetProfiles(t *testing.T) { 496 th := Setup().InitBasic() 497 defer th.TearDown() 498 499 th.BasicClient.Must(th.BasicClient.CreateDirectChannel(th.BasicUser2.Id)) 500 501 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 502 503 if result, err := th.BasicClient.GetProfiles(0, 100, ""); err != nil { 504 t.Fatal(err) 505 } else { 506 users := result.Data.(map[string]*model.User) 507 508 if len(users) < 1 { 509 t.Fatal("map was wrong length") 510 } 511 512 for _, user := range users { 513 if user.Email == "" { 514 t.Fatal("problem with show email") 515 } 516 } 517 518 // test etag caching 519 if cache_result, err := th.BasicClient.GetProfiles(0, 100, result.Etag); err != nil { 520 t.Fatal(err) 521 } else if cache_result.Data.(map[string]*model.User) != nil { 522 t.Log(cache_result.Etag) 523 t.Log(result.Etag) 524 t.Fatal("cache should be empty") 525 } 526 } 527 528 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 529 530 if result, err := th.BasicClient.GetProfiles(0, 100, ""); err != nil { 531 t.Fatal(err) 532 } else { 533 users := result.Data.(map[string]*model.User) 534 535 if len(users) < 1 { 536 t.Fatal("map was wrong length") 537 } 538 539 for _, user := range users { 540 if user.Email != "" { 541 t.Fatal("problem with show email") 542 } 543 } 544 } 545 } 546 547 func TestGetProfilesByIds(t *testing.T) { 548 th := Setup().InitBasic() 549 defer th.TearDown() 550 551 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 552 553 if result, err := th.BasicClient.GetProfilesByIds([]string{th.BasicUser.Id}); err != nil { 554 t.Fatal(err) 555 } else { 556 users := result.Data.(map[string]*model.User) 557 558 if len(users) != 1 { 559 t.Fatal("map was wrong length") 560 } 561 562 for _, user := range users { 563 if user.Email == "" { 564 t.Fatal("problem with show email") 565 } 566 } 567 } 568 569 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 570 571 if result, err := th.BasicClient.GetProfilesByIds([]string{th.BasicUser.Id}); err != nil { 572 t.Fatal(err) 573 } else { 574 users := result.Data.(map[string]*model.User) 575 576 if len(users) != 1 { 577 t.Fatal("map was wrong length") 578 } 579 580 for _, user := range users { 581 if user.Email != "" { 582 t.Fatal("problem with show email") 583 } 584 } 585 } 586 587 if result, err := th.BasicClient.GetProfilesByIds([]string{th.BasicUser.Id, th.BasicUser2.Id}); err != nil { 588 t.Fatal(err) 589 } else { 590 users := result.Data.(map[string]*model.User) 591 592 if len(users) != 2 { 593 t.Fatal("map was wrong length") 594 } 595 } 596 } 597 598 func TestGetAudits(t *testing.T) { 599 th := Setup().InitBasic() 600 defer th.TearDown() 601 602 Client := th.BasicClient 603 604 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 605 rteam, _ := Client.CreateTeam(&team) 606 607 Client.Logout() 608 609 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 610 ruser, _ := Client.CreateUser(&user, "") 611 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 612 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 613 614 time.Sleep(100 * time.Millisecond) 615 616 Client.Login(user.Email, user.Password) 617 618 time.Sleep(100 * time.Millisecond) 619 620 if result, err := Client.GetAudits(ruser.Data.(*model.User).Id, ""); err != nil { 621 t.Fatal(err) 622 } else { 623 624 if len(result.Data.(model.Audits)) != 1 { 625 t.Fatal(result.Data.(model.Audits)) 626 } 627 628 if cache_result, err := Client.GetAudits(ruser.Data.(*model.User).Id, result.Etag); err != nil { 629 t.Fatal(err) 630 } else if cache_result.Data.(model.Audits) != nil { 631 t.Fatal("cache should be empty") 632 } 633 } 634 635 if _, err := Client.GetAudits("FORBIDDENERROR", ""); err == nil { 636 t.Fatal("audit log shouldn't exist") 637 } 638 } 639 640 func TestUserCreateImage(t *testing.T) { 641 th := Setup().InitBasic() 642 defer th.TearDown() 643 644 Client := th.BasicClient 645 646 b, err := app.CreateProfileImage("Corey Hulen", "eo1zkdr96pdj98pjmq8zy35wba", th.App.Config().FileSettings.InitialFont) 647 if err != nil { 648 t.Fatal(err) 649 } 650 651 rdr := bytes.NewReader(b) 652 img, _, err2 := image.Decode(rdr) 653 if err2 != nil { 654 t.Fatal(err) 655 } 656 657 colorful := color.RGBA{116, 49, 196, 255} 658 659 if img.At(1, 1) != colorful { 660 t.Fatal("Failed to create correct color") 661 } 662 663 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 664 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 665 666 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 667 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 668 th.LinkUserToTeam(user, team) 669 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 670 671 Client.Login(user.Email, "passwd1") 672 673 if resp, err := Client.DoApiGet("/users/"+user.Id+"/image", "", ""); err != nil { 674 t.Fatal(err) 675 } else { 676 etag := resp.Header.Get(model.HEADER_ETAG_SERVER) 677 resp2, _ := Client.DoApiGet("/users/"+user.Id+"/image", "", etag) 678 if resp2.StatusCode == 304 { 679 t.Fatal("Shouldn't have hit etag") 680 } 681 } 682 683 if *th.App.Config().FileSettings.DriverName == model.IMAGE_DRIVER_S3 { 684 endpoint := th.App.Config().FileSettings.AmazonS3Endpoint 685 accessKey := th.App.Config().FileSettings.AmazonS3AccessKeyId 686 secretKey := th.App.Config().FileSettings.AmazonS3SecretAccessKey 687 secure := *th.App.Config().FileSettings.AmazonS3SSL 688 signV2 := *th.App.Config().FileSettings.AmazonS3SignV2 689 region := th.App.Config().FileSettings.AmazonS3Region 690 s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) 691 if err != nil { 692 t.Fatal(err) 693 } 694 bucket := th.App.Config().FileSettings.AmazonS3Bucket 695 if err = s3Clnt.RemoveObject(bucket, "/users/"+user.Id+"/profile.png"); err != nil { 696 t.Fatal(err) 697 } 698 } else { 699 path := th.App.Config().FileSettings.Directory + "/users/" + user.Id + "/profile.png" 700 if err := os.Remove(path); err != nil { 701 t.Fatal("Couldn't remove file at " + path) 702 } 703 } 704 } 705 706 func TestUserUploadProfileImage(t *testing.T) { 707 th := Setup().InitBasic() 708 defer th.TearDown() 709 710 Client := th.BasicClient 711 712 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 713 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 714 715 Client.Logout() 716 717 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 718 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 719 th.LinkUserToTeam(user, team) 720 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 721 722 if *th.App.Config().FileSettings.DriverName != "" { 723 724 body := &bytes.Buffer{} 725 writer := multipart.NewWriter(body) 726 727 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr == nil { 728 t.Fatal("Should have errored") 729 } 730 731 Client.Login(user.Email, "passwd1") 732 Client.SetTeamId(team.Id) 733 734 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr == nil { 735 t.Fatal("Should have errored") 736 } 737 738 part, err := writer.CreateFormFile("blargh", "test.png") 739 if err != nil { 740 t.Fatal(err) 741 } 742 743 path, _ := utils.FindDir("tests") 744 file, err := os.Open(path + "/test.png") 745 if err != nil { 746 t.Fatal(err) 747 } 748 defer file.Close() 749 750 _, err = io.Copy(part, file) 751 if err != nil { 752 t.Fatal(err) 753 } 754 755 if err := writer.Close(); err != nil { 756 t.Fatal(err) 757 } 758 759 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr == nil { 760 t.Fatal("Should have errored") 761 } 762 763 file2, err := os.Open(path + "/test.png") 764 if err != nil { 765 t.Fatal(err) 766 } 767 defer file2.Close() 768 769 body = &bytes.Buffer{} 770 writer = multipart.NewWriter(body) 771 772 part, err = writer.CreateFormFile("image", "test.png") 773 if err != nil { 774 t.Fatal(err) 775 } 776 777 if _, err := io.Copy(part, file2); err != nil { 778 t.Fatal(err) 779 } 780 781 if err := writer.Close(); err != nil { 782 t.Fatal(err) 783 } 784 785 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr != nil { 786 t.Fatal(upErr) 787 } 788 789 Client.DoApiGet("/users/"+user.Id+"/image", "", "") 790 791 if *th.App.Config().FileSettings.DriverName == model.IMAGE_DRIVER_S3 { 792 endpoint := th.App.Config().FileSettings.AmazonS3Endpoint 793 accessKey := th.App.Config().FileSettings.AmazonS3AccessKeyId 794 secretKey := th.App.Config().FileSettings.AmazonS3SecretAccessKey 795 secure := *th.App.Config().FileSettings.AmazonS3SSL 796 signV2 := *th.App.Config().FileSettings.AmazonS3SignV2 797 region := th.App.Config().FileSettings.AmazonS3Region 798 s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) 799 if err != nil { 800 t.Fatal(err) 801 } 802 bucket := th.App.Config().FileSettings.AmazonS3Bucket 803 if err = s3Clnt.RemoveObject(bucket, "/users/"+user.Id+"/profile.png"); err != nil { 804 t.Fatal(err) 805 } 806 } else { 807 path := th.App.Config().FileSettings.Directory + "users/" + user.Id + "/profile.png" 808 if err := os.Remove(path); err != nil { 809 t.Fatal("Couldn't remove file at " + path) 810 } 811 } 812 } else { 813 body := &bytes.Buffer{} 814 writer := multipart.NewWriter(body) 815 if _, upErr := Client.UploadProfileFile(body.Bytes(), writer.FormDataContentType()); upErr.StatusCode != http.StatusNotImplemented { 816 t.Fatal("Should have failed with 501 - Not Implemented") 817 } 818 } 819 } 820 821 func TestUserUpdate(t *testing.T) { 822 th := Setup().InitBasic() 823 defer th.TearDown() 824 825 Client := th.BasicClient 826 827 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 828 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 829 830 Client.Logout() 831 832 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", Roles: ""} 833 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 834 th.LinkUserToTeam(user, team) 835 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 836 837 if _, err := Client.UpdateUser(user); err == nil { 838 t.Fatal("Should have errored") 839 } 840 841 Client.Login(user.Email, "passwd1") 842 Client.SetTeamId(team.Id) 843 844 user.Nickname = "Jim Jimmy" 845 user.Roles = model.SYSTEM_ADMIN_ROLE_ID 846 user.LastPasswordUpdate = 123 847 848 if result, err := Client.UpdateUser(user); err != nil { 849 t.Fatal(err) 850 } else { 851 if result.Data.(*model.User).Nickname != "Jim Jimmy" { 852 t.Fatal("Nickname did not update properly") 853 } 854 if result.Data.(*model.User).Roles != model.SYSTEM_USER_ROLE_ID { 855 t.Fatal("Roles should not have updated") 856 } 857 if result.Data.(*model.User).LastPasswordUpdate == 123 { 858 t.Fatal("LastPasswordUpdate should not have updated") 859 } 860 } 861 862 user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 863 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 864 th.LinkUserToTeam(user2, team) 865 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 866 867 Client.Login(user2.Email, "passwd1") 868 Client.SetTeamId(team.Id) 869 870 user.Nickname = "Tim Timmy" 871 872 if _, err := Client.UpdateUser(user); err == nil { 873 t.Fatal("Should have errored") 874 } 875 } 876 877 func TestUserUpdatePassword(t *testing.T) { 878 th := Setup().InitBasic() 879 defer th.TearDown() 880 881 Client := th.BasicClient 882 883 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 884 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 885 886 Client.Logout() 887 Client.SetTeamId(team.Id) 888 889 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 890 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 891 th.LinkUserToTeam(user, team) 892 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 893 894 if _, err := Client.UpdateUserPassword(user.Id, "passwd1", "newpasswd1"); err == nil { 895 t.Fatal("Should have errored") 896 } 897 898 Client.Login(user.Email, "passwd1") 899 900 if _, err := Client.UpdateUserPassword("123", "passwd1", "newpwd"); err == nil { 901 t.Fatal("Should have errored") 902 } 903 904 if _, err := Client.UpdateUserPassword(user.Id, "", "newpwd"); err == nil { 905 t.Fatal("Should have errored") 906 } 907 908 if _, err := Client.UpdateUserPassword(user.Id, "passwd1", "npwd"); err == nil { 909 t.Fatal("Should have errored") 910 } 911 912 if _, err := Client.UpdateUserPassword("12345678901234567890123456", "passwd1", "newpwd1"); err == nil { 913 t.Fatal("Should have errored") 914 } 915 916 if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil { 917 t.Fatal("Should have errored") 918 } 919 920 if _, err := Client.UpdateUserPassword(user.Id, "passwd1", "newpwd1"); err != nil { 921 t.Fatal(err) 922 } 923 924 updatedUser := Client.Must(Client.GetUser(user.Id, "")).Data.(*model.User) 925 if updatedUser.LastPasswordUpdate == user.LastPasswordUpdate { 926 t.Fatal("LastPasswordUpdate should have changed") 927 } 928 929 if _, err := Client.Login(user.Email, "newpwd1"); err != nil { 930 t.Fatal(err) 931 } 932 933 // Test lockout 934 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.MaximumLoginAttempts = 2 }) 935 936 // Fail twice 937 if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil { 938 t.Fatal("Should have errored") 939 } 940 if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil { 941 t.Fatal("Should have errored") 942 } 943 944 // Should fail because account is locked out 945 if _, err := Client.UpdateUserPassword(user.Id, "newpwd1", "newpwd2"); err == nil { 946 t.Fatal("Should have errored") 947 } 948 949 user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 950 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 951 th.LinkUserToTeam(user2, team) 952 953 Client.Login(user2.Email, "passwd1") 954 955 if _, err := Client.UpdateUserPassword(user.Id, "passwd1", "newpwd"); err == nil { 956 t.Fatal("Should have errored") 957 } 958 } 959 960 func TestUserUpdateRoles(t *testing.T) { 961 th := Setup().InitBasic() 962 defer th.TearDown() 963 964 Client := th.BasicClient 965 966 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 967 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 968 969 Client.Logout() 970 971 user := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 972 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 973 th.LinkUserToTeam(user, team) 974 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 975 976 user2 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 977 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 978 th.LinkUserToTeam(user2, team) 979 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 980 981 if _, err := Client.UpdateUserRoles(user.Id, ""); err == nil { 982 t.Fatal("Should have errored, not logged in") 983 } 984 985 Client.Login(user2.Email, "passwd1") 986 Client.SetTeamId(team.Id) 987 988 if _, err := Client.UpdateUserRoles(user.Id, ""); err == nil { 989 t.Fatal("Should have errored, not admin") 990 } 991 992 team2 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 993 team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team) 994 995 user3 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 996 user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User) 997 th.LinkUserToTeam(user3, team2) 998 store.Must(th.App.Srv.Store.User().VerifyEmail(user3.Id)) 999 1000 Client.Login(user3.Email, "passwd1") 1001 Client.SetTeamId(team2.Id) 1002 1003 if _, err := Client.UpdateUserRoles(user2.Id, ""); err == nil { 1004 t.Fatal("Should have errored, wrong team") 1005 } 1006 1007 Client.Login(user.Email, "passwd1") 1008 1009 if _, err := Client.UpdateUserRoles("junk", ""); err == nil { 1010 t.Fatal("Should have errored, bad id") 1011 } 1012 1013 if _, err := Client.UpdateUserRoles("system_admin", ""); err == nil { 1014 t.Fatal("Should have errored, we want to avoid this mistake") 1015 } 1016 1017 if _, err := Client.UpdateUserRoles("12345678901234567890123456", ""); err == nil { 1018 t.Fatal("Should have errored, bad id") 1019 } 1020 1021 if _, err := Client.UpdateUserRoles(user2.Id, "junk"); err == nil { 1022 t.Fatal("Should have errored, bad role") 1023 } 1024 } 1025 1026 func TestUserUpdateRolesMoreCases(t *testing.T) { 1027 th := Setup().InitSystemAdmin().InitBasic() 1028 defer th.TearDown() 1029 1030 th.SystemAdminClient.SetTeamId(th.BasicTeam.Id) 1031 th.LinkUserToTeam(th.SystemAdminUser, th.BasicTeam) 1032 1033 const BASIC_USER = "system_user" 1034 const SYSTEM_ADMIN = "system_user system_admin" 1035 1036 // user 1 is trying to promote user 2 1037 if _, err := th.BasicClient.UpdateUserRoles(th.BasicUser2.Id, SYSTEM_ADMIN); err == nil { 1038 t.Fatal("Should have errored, basic user is not a system admin") 1039 } 1040 1041 // user 1 is trying to demote system admin 1042 if _, err := th.BasicClient.UpdateUserRoles(th.SystemAdminUser.Id, BASIC_USER); err == nil { 1043 t.Fatal("Should have errored, can only be system admin") 1044 } 1045 1046 // user 1 is trying to promote himself 1047 if _, err := th.BasicClient.UpdateUserRoles(th.BasicUser.Id, SYSTEM_ADMIN); err == nil { 1048 t.Fatal("Should have errored, can only be system admin") 1049 } 1050 1051 // System admin promoting user 2 1052 if _, err := th.SystemAdminClient.UpdateUserRoles(th.BasicUser2.Id, SYSTEM_ADMIN); err != nil { 1053 t.Fatal("Should have succeeded since they are system admin") 1054 } 1055 1056 // System admin demoting user 2 1057 if _, err := th.SystemAdminClient.UpdateUserRoles(th.BasicUser2.Id, BASIC_USER); err != nil { 1058 t.Fatal("Should have succeeded since they are system admin") 1059 } 1060 1061 // Setting user to team admin should have no effect on results 1062 th.BasicClient.Must(th.SystemAdminClient.UpdateTeamRoles(th.BasicUser.Id, "team_user team_admin")) 1063 1064 // user 1 is trying to promote user 2 1065 if _, err := th.BasicClient.UpdateUserRoles(th.BasicUser2.Id, SYSTEM_ADMIN); err == nil { 1066 t.Fatal("Should have errored, basic user is not a system admin") 1067 } 1068 1069 // user 1 is trying to demote system admin 1070 if _, err := th.BasicClient.UpdateUserRoles(th.SystemAdminUser.Id, BASIC_USER); err == nil { 1071 t.Fatal("Should have errored, can only be system admin") 1072 } 1073 1074 // user 1 is trying to promote himself 1075 if _, err := th.BasicClient.UpdateUserRoles(th.BasicUser.Id, SYSTEM_ADMIN); err == nil { 1076 t.Fatal("Should have errored, can only be system admin") 1077 } 1078 1079 // system admin demoting himself 1080 if _, err := th.SystemAdminClient.UpdateUserRoles(th.SystemAdminUser.Id, BASIC_USER); err != nil { 1081 t.Fatal("Should have succeeded since they are system admin") 1082 } 1083 } 1084 1085 func TestUserUpdateDeviceId(t *testing.T) { 1086 th := Setup().InitBasic() 1087 defer th.TearDown() 1088 1089 Client := th.BasicClient 1090 1091 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1092 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1093 1094 user := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1095 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1096 th.LinkUserToTeam(user, team) 1097 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1098 1099 Client.Login(user.Email, "passwd1") 1100 Client.SetTeamId(team.Id) 1101 deviceId := model.PUSH_NOTIFY_APPLE + ":1234567890" 1102 1103 if _, err := Client.AttachDeviceId(deviceId); err != nil { 1104 t.Fatal(err) 1105 } 1106 1107 if result := <-th.App.Srv.Store.Session().GetSessions(user.Id); result.Err != nil { 1108 t.Fatal(result.Err) 1109 } else { 1110 sessions := result.Data.([]*model.Session) 1111 1112 if sessions[0].DeviceId != deviceId { 1113 t.Fatal("Missing device Id") 1114 } 1115 } 1116 } 1117 1118 func TestUserUpdateDeviceId2(t *testing.T) { 1119 th := Setup().InitBasic() 1120 defer th.TearDown() 1121 1122 Client := th.BasicClient 1123 1124 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1125 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1126 1127 user := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1128 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1129 th.LinkUserToTeam(user, team) 1130 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1131 1132 Client.Login(user.Email, "passwd1") 1133 Client.SetTeamId(team.Id) 1134 deviceId := model.PUSH_NOTIFY_APPLE_REACT_NATIVE + ":1234567890" 1135 1136 if _, err := Client.AttachDeviceId(deviceId); err != nil { 1137 t.Fatal(err) 1138 } 1139 1140 if result := <-th.App.Srv.Store.Session().GetSessions(user.Id); result.Err != nil { 1141 t.Fatal(result.Err) 1142 } else { 1143 sessions := result.Data.([]*model.Session) 1144 1145 if sessions[0].DeviceId != deviceId { 1146 t.Fatal("Missing device Id") 1147 } 1148 } 1149 } 1150 1151 func TestUserUpdateActive(t *testing.T) { 1152 th := Setup().InitBasic().InitSystemAdmin() 1153 defer th.TearDown() 1154 1155 Client := th.BasicClient 1156 SystemAdminClient := th.SystemAdminClient 1157 1158 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1159 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1160 1161 team2 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1162 team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team) 1163 1164 Client.Logout() 1165 1166 user := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1167 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1168 th.LinkUserToTeam(user, team) 1169 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1170 1171 user2 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1172 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 1173 th.LinkUserToTeam(user2, team) 1174 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 1175 1176 if _, err := Client.UpdateActive(user.Id, false); err == nil { 1177 t.Fatal("Should have errored, not logged in") 1178 } 1179 1180 Client.Login(user2.Email, "passwd1") 1181 Client.SetTeamId(team.Id) 1182 1183 if _, err := Client.UpdateActive(user.Id, false); err == nil { 1184 t.Fatal("Should have errored, not admin") 1185 } 1186 1187 Client.Must(Client.Logout()) 1188 1189 user3 := &model.User{Email: "success+" + model.NewId() + "@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1190 user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User) 1191 th.LinkUserToTeam(user2, team2) 1192 store.Must(th.App.Srv.Store.User().VerifyEmail(user3.Id)) 1193 1194 Client.Login(user3.Email, "passwd1") 1195 Client.SetTeamId(team2.Id) 1196 1197 if _, err := Client.UpdateActive(user.Id, false); err == nil { 1198 t.Fatal("Should have errored, not yourself") 1199 } 1200 1201 Client.Login(user.Email, "passwd1") 1202 Client.SetTeamId(team.Id) 1203 1204 if _, err := Client.UpdateActive("junk", false); err == nil { 1205 t.Fatal("Should have errored, bad id") 1206 } 1207 1208 if _, err := Client.UpdateActive("12345678901234567890123456", false); err == nil { 1209 t.Fatal("Should have errored, bad id") 1210 } 1211 1212 th.App.SetStatusOnline(user3.Id, "", false) 1213 1214 if _, err := SystemAdminClient.UpdateActive(user3.Id, false); err != nil { 1215 t.Fatal(err) 1216 } 1217 1218 if status, err := th.App.GetStatus(user3.Id); err != nil { 1219 t.Fatal(err) 1220 } else if status.Status != model.STATUS_OFFLINE { 1221 t.Fatal("status should have been set to offline") 1222 } 1223 } 1224 1225 func TestUserPermDelete(t *testing.T) { 1226 th := Setup().InitBasic() 1227 defer th.TearDown() 1228 1229 Client := th.BasicClient 1230 1231 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1232 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1233 1234 user1 := &model.User{Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1235 user1 = Client.Must(Client.CreateUser(user1, "")).Data.(*model.User) 1236 th.LinkUserToTeam(user1, team) 1237 store.Must(th.App.Srv.Store.User().VerifyEmail(user1.Id)) 1238 1239 Client.Login(user1.Email, "passwd1") 1240 Client.SetTeamId(team.Id) 1241 1242 channel1 := &model.Channel{DisplayName: "TestGetPosts", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} 1243 channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) 1244 1245 post1 := &model.Post{ChannelId: channel1.Id, Message: "search for post1"} 1246 post1 = Client.Must(Client.CreatePost(post1)).Data.(*model.Post) 1247 1248 post2 := &model.Post{ChannelId: channel1.Id, Message: "search for post2"} 1249 post2 = Client.Must(Client.CreatePost(post2)).Data.(*model.Post) 1250 1251 post3 := &model.Post{ChannelId: channel1.Id, Message: "#hashtag search for post3"} 1252 post3 = Client.Must(Client.CreatePost(post3)).Data.(*model.Post) 1253 1254 post4 := &model.Post{ChannelId: channel1.Id, Message: "hashtag for post4"} 1255 post4 = Client.Must(Client.CreatePost(post4)).Data.(*model.Post) 1256 1257 c := &Context{} 1258 c.RequestId = model.NewId() 1259 c.IpAddress = "test" 1260 1261 err := th.App.PermanentDeleteUser(user1) 1262 if err != nil { 1263 t.Fatal(err) 1264 } 1265 1266 Client.ClearOAuthToken() 1267 } 1268 1269 func TestSendPasswordReset(t *testing.T) { 1270 th := Setup().InitBasic() 1271 defer th.TearDown() 1272 1273 Client := th.BasicClient 1274 1275 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1276 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1277 1278 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1279 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1280 th.LinkUserToTeam(user, team) 1281 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1282 1283 Client.Logout() 1284 1285 if result, err := Client.SendPasswordReset(user.Email); err != nil { 1286 t.Fatal(err) 1287 } else { 1288 resp := result.Data.(map[string]string) 1289 if resp["email"] != user.Email { 1290 t.Fatal("wrong email") 1291 } 1292 } 1293 1294 if _, err := Client.SendPasswordReset("junk@junk.com"); err != nil { 1295 t.Fatal("Should have errored - bad email") 1296 } 1297 1298 if _, err := Client.SendPasswordReset(""); err == nil { 1299 t.Fatal("Should have errored - no email") 1300 } 1301 1302 authData := model.NewId() 1303 user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", AuthData: &authData, AuthService: "random"} 1304 user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) 1305 th.LinkUserToTeam(user2, team) 1306 store.Must(th.App.Srv.Store.User().VerifyEmail(user2.Id)) 1307 1308 if _, err := Client.SendPasswordReset(user2.Email); err == nil { 1309 t.Fatal("should have errored - SSO user can't send reset password link") 1310 } 1311 } 1312 1313 /*func TestResetPassword(t *testing.T) { 1314 th := Setup().InitSystemAdmin() 1315 Client := th.SystemAdminClient 1316 team := th.SystemAdminTeam 1317 1318 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1319 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1320 th.LinkUserToTeam(user, team) 1321 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1322 1323 //Delete all the messages before check the reset password 1324 utils.DeleteMailBox(user.Email) 1325 1326 Client.Must(Client.SendPasswordReset(user.Email)) 1327 1328 //Check if the email was send to the rigth email address and the recovery key match 1329 var resultsMailbox utils.JSONMessageHeaderInbucket 1330 err := utils.RetryInbucket(5, func() error { 1331 var err error 1332 resultsMailbox, err = utils.GetMailBox(user.Email) 1333 return err 1334 }) 1335 if err != nil { 1336 t.Log(err) 1337 t.Log("No email was received, maybe due load on the server. Disabling this verification") 1338 } 1339 1340 var recoveryTokenString string 1341 if err == nil && len(resultsMailbox) > 0 { 1342 if !strings.ContainsAny(resultsMailbox[0].To[0], user.Email) { 1343 t.Fatal("Wrong To recipient") 1344 } else { 1345 if resultsEmail, err := utils.GetMessageFromMailbox(user.Email, resultsMailbox[0].ID); err == nil { 1346 loc := strings.Index(resultsEmail.Body.Text, "token=") 1347 if loc == -1 { 1348 t.Log(recoveryTokenString) 1349 t.Log(resultsEmail.Body.Text) 1350 t.Fatal("Code not found in email") 1351 } 1352 loc += 6 1353 recoveryTokenString = resultsEmail.Body.Text[loc : loc+model.TOKEN_SIZE] 1354 t.Log(resultsEmail.Body.Text) 1355 } 1356 } 1357 } 1358 1359 var recoveryToken *model.Token 1360 if result := <-th.App.Srv.Store.Token().GetByToken(recoveryTokenString); result.Err != nil { 1361 t.Log(recoveryTokenString) 1362 t.Fatal(result.Err) 1363 } else { 1364 recoveryToken = result.Data.(*model.Token) 1365 } 1366 1367 if recoveryToken.Token != recoveryTokenString { 1368 t.Fatal("Did not send the correct token. DB: "+recoveryToken.Token, " Sent: "+recoveryTokenString) 1369 } 1370 1371 if _, err := Client.ResetPassword(recoveryToken.Token, ""); err == nil { 1372 t.Fatal("Should have errored - no password") 1373 } 1374 1375 if _, err := Client.ResetPassword(recoveryToken.Token, "newp"); err == nil { 1376 t.Fatal("Should have errored - password too short") 1377 } 1378 1379 if _, err := Client.ResetPassword("", "newpwd"); err == nil { 1380 t.Fatal("Should have errored - no code") 1381 } 1382 1383 if _, err := Client.ResetPassword("junk", "newpwd"); err == nil { 1384 t.Fatal("Should have errored - bad code") 1385 } 1386 1387 code := "" 1388 for i := 0; i < model.TOKEN_SIZE; i++ { 1389 code += "a" 1390 } 1391 if _, err := Client.ResetPassword(code, "newpwd1"); err == nil { 1392 t.Fatal("Should have errored - bad code") 1393 } 1394 1395 if _, err := Client.ResetPassword(recoveryToken.Token, "newpwd1"); err != nil { 1396 t.Log(recoveryToken.Token) 1397 t.Fatal(err) 1398 } 1399 1400 }*/ 1401 1402 func TestUserUpdateNotify(t *testing.T) { 1403 th := Setup().InitBasic() 1404 defer th.TearDown() 1405 1406 Client := th.BasicClient 1407 1408 team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1409 team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) 1410 1411 Client.Logout() 1412 1413 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", Roles: ""} 1414 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 1415 th.LinkUserToTeam(user, team) 1416 store.Must(th.App.Srv.Store.User().VerifyEmail(user.Id)) 1417 1418 data := make(map[string]string) 1419 data["user_id"] = user.Id 1420 data["email"] = "true" 1421 data["desktop"] = "all" 1422 data["desktop_sound"] = "false" 1423 data["comments"] = "any" 1424 1425 if _, err := Client.UpdateUserNotify(data); err == nil { 1426 t.Fatal("Should have errored - not logged in") 1427 } 1428 1429 Client.Login(user.Email, "passwd1") 1430 Client.SetTeamId(team.Id) 1431 1432 if result, err := Client.UpdateUserNotify(data); err != nil { 1433 t.Fatal(err) 1434 } else { 1435 if result.Data.(*model.User).NotifyProps["desktop"] != data["desktop"] { 1436 t.Fatal("NotifyProps did not update properly - desktop") 1437 } 1438 if result.Data.(*model.User).NotifyProps["desktop_sound"] != data["desktop_sound"] { 1439 t.Fatal("NotifyProps did not update properly - desktop_sound") 1440 } 1441 if result.Data.(*model.User).NotifyProps["email"] != data["email"] { 1442 t.Fatal("NotifyProps did not update properly - email") 1443 } 1444 if result.Data.(*model.User).NotifyProps["comments"] != data["comments"] { 1445 t.Fatal("NotifyProps did not update properly - comments") 1446 } 1447 } 1448 1449 if _, err := Client.UpdateUserNotify(nil); err == nil { 1450 t.Fatal("Should have errored") 1451 } 1452 1453 data["user_id"] = "junk" 1454 if _, err := Client.UpdateUserNotify(data); err == nil { 1455 t.Fatal("Should have errored - junk user id") 1456 } 1457 1458 data["user_id"] = "12345678901234567890123456" 1459 if _, err := Client.UpdateUserNotify(data); err == nil { 1460 t.Fatal("Should have errored - bad user id") 1461 } 1462 1463 data["user_id"] = user.Id 1464 data["desktop"] = "" 1465 if _, err := Client.UpdateUserNotify(data); err == nil { 1466 t.Fatal("Should have errored - empty desktop notify") 1467 } 1468 1469 data["desktop"] = "all" 1470 data["desktop_sound"] = "" 1471 if _, err := Client.UpdateUserNotify(data); err == nil { 1472 t.Fatal("Should have errored - empty desktop sound") 1473 } 1474 1475 data["desktop_sound"] = "false" 1476 data["email"] = "" 1477 if _, err := Client.UpdateUserNotify(data); err == nil { 1478 t.Fatal("Should have errored - empty email") 1479 } 1480 1481 data["email"] = "true" 1482 data["comments"] = "" 1483 if _, err := Client.UpdateUserNotify(data); err == nil { 1484 t.Fatal("Should have errored - empty comments") 1485 } 1486 } 1487 1488 func TestFuzzyUserCreate(t *testing.T) { 1489 th := Setup().InitBasic() 1490 defer th.TearDown() 1491 1492 Client := th.BasicClient 1493 1494 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1495 rteam, _ := Client.CreateTeam(&team) 1496 1497 Client.Logout() 1498 1499 for i := 0; i < len(utils.FUZZY_STRINGS_NAMES) || i < len(utils.FUZZY_STRINGS_EMAILS); i++ { 1500 testName := "Name" 1501 testEmail := "test@nowhere.com" 1502 1503 if i < len(utils.FUZZY_STRINGS_NAMES) { 1504 testName = utils.FUZZY_STRINGS_NAMES[i] 1505 } 1506 if i < len(utils.FUZZY_STRINGS_EMAILS) { 1507 testEmail = utils.FUZZY_STRINGS_EMAILS[i] 1508 } 1509 1510 user := model.User{Email: strings.ToLower(model.NewId()) + testEmail, Nickname: testName, Password: "hello1"} 1511 1512 ruser, err := Client.CreateUser(&user, "") 1513 if err != nil { 1514 t.Fatal(err) 1515 } 1516 1517 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 1518 } 1519 } 1520 1521 func TestEmailToOAuth(t *testing.T) { 1522 th := Setup().InitBasic() 1523 defer th.TearDown() 1524 1525 Client := th.BasicClient 1526 1527 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1528 rteam, _ := Client.CreateTeam(&team) 1529 1530 Client.Logout() 1531 1532 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1533 ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User) 1534 th.LinkUserToTeam(ruser, rteam.Data.(*model.Team)) 1535 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Id)) 1536 1537 m := map[string]string{} 1538 if _, err := Client.EmailToOAuth(m); err == nil { 1539 t.Fatal("should have failed - empty data") 1540 } 1541 1542 m["password"] = "passwd1" 1543 _, err := Client.EmailToOAuth(m) 1544 if err == nil { 1545 t.Fatal("should have failed - missing team_name, service, email") 1546 } 1547 1548 m["team_name"] = team.Name 1549 if _, err := Client.EmailToOAuth(m); err == nil { 1550 t.Fatal("should have failed - missing service, email") 1551 } 1552 1553 m["service"] = "someservice" 1554 if _, err := Client.EmailToOAuth(m); err == nil { 1555 t.Fatal("should have failed - missing email") 1556 } 1557 1558 m["team_name"] = "junk" 1559 if _, err := Client.EmailToOAuth(m); err == nil { 1560 t.Fatal("should have failed - bad team name") 1561 } 1562 1563 m["team_name"] = team.Name 1564 m["email"] = "junk" 1565 if _, err := Client.EmailToOAuth(m); err == nil { 1566 t.Fatal("should have failed - bad email") 1567 } 1568 1569 m["email"] = ruser.Email 1570 m["password"] = "junk" 1571 if _, err := Client.EmailToOAuth(m); err == nil { 1572 t.Fatal("should have failed - bad password") 1573 } 1574 } 1575 1576 func TestOAuthToEmail(t *testing.T) { 1577 th := Setup().InitBasic() 1578 defer th.TearDown() 1579 1580 Client := th.BasicClient 1581 1582 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1583 rteam, _ := Client.CreateTeam(&team) 1584 1585 Client.Logout() 1586 1587 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1588 ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User) 1589 th.LinkUserToTeam(ruser, rteam.Data.(*model.Team)) 1590 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Id)) 1591 1592 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1593 ruser2 := Client.Must(Client.CreateUser(&user2, "")).Data.(*model.User) 1594 th.LinkUserToTeam(ruser2, rteam.Data.(*model.Team)) 1595 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser2.Id)) 1596 1597 m := map[string]string{} 1598 if _, err := Client.OAuthToEmail(m); err == nil { 1599 t.Fatal("should have failed - not logged in") 1600 } 1601 1602 Client.Login(user.Email, user.Password) 1603 1604 if _, err := Client.OAuthToEmail(m); err == nil { 1605 t.Fatal("should have failed - empty data") 1606 } 1607 1608 m["password"] = "passwd1" 1609 _, err := Client.OAuthToEmail(m) 1610 if err == nil { 1611 t.Fatal("should have failed - missing team_name, service, email") 1612 } 1613 1614 m["team_name"] = team.Name 1615 if _, err := Client.OAuthToEmail(m); err == nil { 1616 t.Fatal("should have failed - missing email") 1617 } 1618 1619 m["team_name"] = team.Name 1620 m["email"] = "junk" 1621 if _, err := Client.OAuthToEmail(m); err == nil { 1622 t.Fatal("should have failed - bad email") 1623 } 1624 1625 m["email"] = ruser2.Email 1626 if _, err := Client.OAuthToEmail(m); err == nil { 1627 t.Fatal("should have failed - wrong user") 1628 } 1629 } 1630 1631 func TestLDAPToEmail(t *testing.T) { 1632 th := Setup().InitBasic() 1633 defer th.TearDown() 1634 1635 Client := th.BasicClient 1636 1637 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1638 rteam, _ := Client.CreateTeam(&team) 1639 1640 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1641 ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User) 1642 th.LinkUserToTeam(ruser, rteam.Data.(*model.Team)) 1643 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Id)) 1644 1645 Client.Login(user.Email, user.Password) 1646 1647 m := map[string]string{} 1648 if _, err := Client.LDAPToEmail(m); err == nil { 1649 t.Fatal("should have failed - empty data") 1650 } 1651 1652 m["email_password"] = "passwd1" 1653 _, err := Client.LDAPToEmail(m) 1654 if err == nil { 1655 t.Fatal("should have failed - missing team_name, ldap_password, email") 1656 } 1657 1658 m["team_name"] = team.Name 1659 if _, err := Client.LDAPToEmail(m); err == nil { 1660 t.Fatal("should have failed - missing email, ldap_password") 1661 } 1662 1663 m["ldap_password"] = "passwd1" 1664 if _, err := Client.LDAPToEmail(m); err == nil { 1665 t.Fatal("should have failed - missing email") 1666 } 1667 1668 m["email"] = ruser.Email 1669 m["team_name"] = "junk" 1670 if _, err := Client.LDAPToEmail(m); err == nil { 1671 t.Fatal("should have failed - bad team name") 1672 } 1673 1674 m["team_name"] = team.Name 1675 m["email"] = "junk" 1676 if _, err := Client.LDAPToEmail(m); err == nil { 1677 t.Fatal("should have failed - bad email") 1678 } 1679 1680 m["email"] = user.Email 1681 if _, err := Client.LDAPToEmail(m); err == nil { 1682 t.Fatal("should have failed - user is not an AD/LDAP user") 1683 } 1684 } 1685 1686 func TestEmailToLDAP(t *testing.T) { 1687 th := Setup().InitBasic() 1688 defer th.TearDown() 1689 1690 Client := th.BasicClient 1691 1692 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1693 rteam, _ := Client.CreateTeam(&team) 1694 1695 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1696 ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User) 1697 th.LinkUserToTeam(ruser, rteam.Data.(*model.Team)) 1698 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Id)) 1699 1700 Client.Login(user.Email, user.Password) 1701 1702 m := map[string]string{} 1703 if _, err := Client.EmailToLDAP(m); err == nil { 1704 t.Fatal("should have failed - empty data") 1705 } 1706 1707 m["email_password"] = "passwd1" 1708 _, err := Client.EmailToLDAP(m) 1709 if err == nil { 1710 t.Fatal("should have failed - missing team_name, ldap_id, ldap_password, email") 1711 } 1712 1713 m["team_name"] = team.Name 1714 if _, err := Client.EmailToLDAP(m); err == nil { 1715 t.Fatal("should have failed - missing email, ldap_password, ldap_id") 1716 } 1717 1718 m["ldap_id"] = "someid" 1719 if _, err := Client.EmailToLDAP(m); err == nil { 1720 t.Fatal("should have failed - missing email, ldap_password") 1721 } 1722 1723 m["ldap_password"] = "passwd1" 1724 if _, err := Client.EmailToLDAP(m); err == nil { 1725 t.Fatal("should have failed - missing email") 1726 } 1727 1728 m["email"] = ruser.Email 1729 m["team_name"] = "junk" 1730 if _, err := Client.EmailToLDAP(m); err == nil { 1731 t.Fatal("should have failed - bad team name") 1732 } 1733 1734 m["team_name"] = team.Name 1735 m["email"] = "junk" 1736 if _, err := Client.EmailToLDAP(m); err == nil { 1737 t.Fatal("should have failed - bad email") 1738 } 1739 1740 m["email"] = user.Email 1741 m["email_password"] = "junk" 1742 if _, err := Client.EmailToLDAP(m); err == nil { 1743 t.Fatal("should have failed - bad password") 1744 } 1745 1746 m["email_password"] = "passwd1" 1747 if _, err := Client.EmailToLDAP(m); err == nil { 1748 t.Fatal("should have failed - missing ldap bits or user") 1749 } 1750 } 1751 1752 func TestMeInitialLoad(t *testing.T) { 1753 th := Setup().InitBasic() 1754 defer th.TearDown() 1755 1756 if result, err := th.BasicClient.GetInitialLoad(); err != nil { 1757 t.Fatal(err) 1758 } else { 1759 il := result.Data.(*model.InitialLoad) 1760 1761 if il.User == nil { 1762 t.Fatal("should be valid") 1763 } 1764 1765 if il.Preferences == nil { 1766 t.Fatal("should be valid") 1767 } 1768 1769 if len(il.Teams) != 1 { 1770 t.Fatal("should be valid") 1771 } 1772 1773 if len(il.TeamMembers) != 1 { 1774 t.Fatal("should be valid") 1775 } 1776 1777 if len(il.ClientCfg) == 0 { 1778 t.Fatal("should be valid") 1779 } 1780 1781 if len(il.LicenseCfg) == 0 { 1782 t.Fatal("should be valid") 1783 } 1784 } 1785 1786 th.BasicClient.Logout() 1787 1788 if result, err := th.BasicClient.GetInitialLoad(); err != nil { 1789 t.Fatal(err) 1790 } else { 1791 il := result.Data.(*model.InitialLoad) 1792 1793 if il.User != nil { 1794 t.Fatal("should be valid") 1795 } 1796 1797 if il.Preferences != nil { 1798 t.Fatal("should be valid") 1799 } 1800 1801 if len(il.Teams) != 0 { 1802 t.Fatal("should be valid") 1803 } 1804 1805 if len(il.TeamMembers) != 0 { 1806 t.Fatal("should be valid") 1807 } 1808 1809 if len(il.ClientCfg) == 0 { 1810 t.Fatal("should be valid") 1811 } 1812 1813 if len(il.LicenseCfg) == 0 { 1814 t.Fatal("should be valid") 1815 } 1816 } 1817 1818 } 1819 1820 func TestGenerateMfaSecret(t *testing.T) { 1821 th := Setup().InitBasic() 1822 defer th.TearDown() 1823 1824 Client := th.BasicClient 1825 1826 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1827 rteam, _ := Client.CreateTeam(&team) 1828 1829 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1830 ruser, _ := Client.CreateUser(&user, "") 1831 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 1832 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 1833 1834 Client.Logout() 1835 1836 if _, err := Client.GenerateMfaSecret(); err == nil { 1837 t.Fatal("should have failed - not logged in") 1838 } 1839 1840 Client.Login(user.Email, user.Password) 1841 1842 if _, err := Client.GenerateMfaSecret(); err == nil { 1843 t.Fatal("should have failed - not licensed") 1844 } 1845 1846 // need to add more test cases when license and config can be configured for tests 1847 } 1848 1849 func TestUpdateMfa(t *testing.T) { 1850 th := Setup().InitBasic() 1851 defer th.TearDown() 1852 1853 Client := th.BasicClient 1854 1855 isLicensed := utils.IsLicensed() 1856 license := utils.License() 1857 defer func() { 1858 utils.SetIsLicensed(isLicensed) 1859 utils.SetLicense(license) 1860 }() 1861 utils.SetIsLicensed(false) 1862 utils.SetLicense(&model.License{Features: &model.Features{}}) 1863 if utils.License().Features.MFA == nil { 1864 utils.License().Features.MFA = new(bool) 1865 } 1866 1867 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1868 rteam, _ := Client.CreateTeam(&team) 1869 1870 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1871 ruser, _ := Client.CreateUser(&user, "") 1872 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 1873 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 1874 1875 Client.Logout() 1876 1877 if _, err := Client.UpdateMfa(true, "123456"); err == nil { 1878 t.Fatal("should have failed - not logged in") 1879 } 1880 1881 Client.Login(user.Email, user.Password) 1882 1883 if _, err := Client.UpdateMfa(true, ""); err == nil { 1884 t.Fatal("should have failed - no token") 1885 } 1886 1887 if _, err := Client.UpdateMfa(true, "123456"); err == nil { 1888 t.Fatal("should have failed - not licensed") 1889 } 1890 1891 utils.SetIsLicensed(true) 1892 *utils.License().Features.MFA = true 1893 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableMultifactorAuthentication = true }) 1894 1895 if _, err := Client.UpdateMfa(true, "123456"); err == nil { 1896 t.Fatal("should have failed - bad token") 1897 } 1898 1899 // need to add more test cases when enterprise bits can be loaded into tests 1900 } 1901 1902 func TestCheckMfa(t *testing.T) { 1903 th := Setup().InitBasic() 1904 defer th.TearDown() 1905 1906 Client := th.BasicClient 1907 1908 team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} 1909 rteam, _ := Client.CreateTeam(&team) 1910 1911 Client.Logout() 1912 1913 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 1914 ruser, _ := Client.CreateUser(&user, "") 1915 th.LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team)) 1916 store.Must(th.App.Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)) 1917 1918 if result, err := Client.CheckMfa(user.Email); err != nil { 1919 t.Fatal(err) 1920 } else { 1921 resp := result.Data.(map[string]string) 1922 if resp["mfa_required"] != "false" { 1923 t.Fatal("mfa should not be required") 1924 } 1925 } 1926 1927 // need to add more test cases when enterprise bits can be loaded into tests 1928 } 1929 1930 func TestUserTyping(t *testing.T) { 1931 th := Setup().InitBasic() 1932 defer th.TearDown() 1933 1934 Client := th.BasicClient 1935 WebSocketClient, err := th.CreateWebSocketClient() 1936 if err != nil { 1937 t.Fatal(err) 1938 } 1939 defer WebSocketClient.Close() 1940 WebSocketClient.Listen() 1941 1942 time.Sleep(300 * time.Millisecond) 1943 if resp := <-WebSocketClient.ResponseChannel; resp.Status != model.STATUS_OK { 1944 t.Fatal("should have responded OK to authentication challenge") 1945 } 1946 1947 WebSocketClient.UserTyping("", "") 1948 time.Sleep(300 * time.Millisecond) 1949 if resp := <-WebSocketClient.ResponseChannel; resp.Error.Id != "api.websocket_handler.invalid_param.app_error" { 1950 t.Fatal("should have been invalid param response") 1951 } 1952 1953 th.LoginBasic2() 1954 Client.Must(Client.JoinChannel(th.BasicChannel.Id)) 1955 1956 WebSocketClient2, err2 := th.CreateWebSocketClient() 1957 if err2 != nil { 1958 t.Fatal(err2) 1959 } 1960 defer WebSocketClient2.Close() 1961 WebSocketClient2.Listen() 1962 1963 time.Sleep(300 * time.Millisecond) 1964 1965 WebSocketClient.UserTyping(th.BasicChannel.Id, "") 1966 1967 time.Sleep(300 * time.Millisecond) 1968 1969 stop := make(chan bool) 1970 eventHit := false 1971 1972 go func() { 1973 for { 1974 select { 1975 case resp := <-WebSocketClient2.EventChannel: 1976 if resp.Event == model.WEBSOCKET_EVENT_TYPING && resp.Data["user_id"].(string) == th.BasicUser.Id { 1977 eventHit = true 1978 } 1979 case <-stop: 1980 return 1981 } 1982 } 1983 }() 1984 1985 time.Sleep(1000 * time.Millisecond) 1986 1987 stop <- true 1988 1989 if !eventHit { 1990 t.Fatal("did not receive typing event") 1991 } 1992 1993 WebSocketClient.UserTyping(th.BasicChannel.Id, "someparentid") 1994 1995 time.Sleep(300 * time.Millisecond) 1996 1997 eventHit = false 1998 1999 go func() { 2000 for { 2001 select { 2002 case resp := <-WebSocketClient2.EventChannel: 2003 if resp.Event == model.WEBSOCKET_EVENT_TYPING && resp.Data["parent_id"] == "someparentid" { 2004 eventHit = true 2005 } 2006 case <-stop: 2007 return 2008 } 2009 } 2010 }() 2011 2012 time.Sleep(300 * time.Millisecond) 2013 2014 stop <- true 2015 2016 if !eventHit { 2017 t.Fatal("did not receive typing event") 2018 } 2019 } 2020 2021 func TestGetProfilesInChannel(t *testing.T) { 2022 th := Setup().InitBasic() 2023 defer th.TearDown() 2024 2025 Client := th.BasicClient 2026 2027 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 2028 2029 if result, err := Client.GetProfilesInChannel(th.BasicChannel.Id, 0, 100, ""); err != nil { 2030 t.Fatal(err) 2031 } else { 2032 users := result.Data.(map[string]*model.User) 2033 2034 if len(users) < 1 { 2035 t.Fatal("map was wrong length") 2036 } 2037 2038 for _, user := range users { 2039 if user.Email == "" { 2040 t.Fatal("problem with show email") 2041 } 2042 } 2043 } 2044 2045 th.LoginBasic2() 2046 2047 if _, err := Client.GetProfilesInChannel(th.BasicChannel.Id, 0, 100, ""); err == nil { 2048 t.Fatal("should not have access") 2049 } 2050 2051 Client.Must(Client.JoinChannel(th.BasicChannel.Id)) 2052 2053 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2054 2055 if result, err := Client.GetProfilesInChannel(th.BasicChannel.Id, 0, 100, ""); err != nil { 2056 t.Fatal(err) 2057 } else { 2058 users := result.Data.(map[string]*model.User) 2059 2060 if len(users) < 1 { 2061 t.Fatal("map was wrong length") 2062 } 2063 2064 found := false 2065 for _, user := range users { 2066 if user.Email != "" { 2067 t.Fatal("problem with show email") 2068 } 2069 if user.Id == th.BasicUser2.Id { 2070 found = true 2071 } 2072 } 2073 2074 if !found { 2075 t.Fatal("should have found profile") 2076 } 2077 } 2078 2079 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 2080 Client.Must(Client.CreateUser(&user, "")) 2081 2082 Client.Login(user.Email, "passwd1") 2083 Client.SetTeamId("junk") 2084 2085 if _, err := Client.GetProfilesInChannel(th.BasicChannel.Id, 0, 100, ""); err == nil { 2086 t.Fatal("should not have access") 2087 } 2088 } 2089 2090 func TestGetProfilesNotInChannel(t *testing.T) { 2091 th := Setup().InitBasic() 2092 defer th.TearDown() 2093 2094 Client := th.BasicClient 2095 2096 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 2097 2098 if result, err := Client.GetProfilesNotInChannel(th.BasicChannel.Id, 0, 100, ""); err != nil { 2099 t.Fatal(err) 2100 } else { 2101 users := result.Data.(map[string]*model.User) 2102 2103 if len(users) < 1 { 2104 t.Fatal("map was wrong length") 2105 } 2106 2107 found := false 2108 for _, user := range users { 2109 if user.Email == "" { 2110 t.Fatal("problem with show email") 2111 } 2112 if user.Id == th.BasicUser2.Id { 2113 found = true 2114 } 2115 } 2116 2117 if !found { 2118 t.Fatal("should have found profile") 2119 } 2120 } 2121 2122 user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 2123 user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) 2124 th.LinkUserToTeam(user, th.BasicTeam) 2125 2126 th.LoginBasic2() 2127 2128 if _, err := Client.GetProfilesNotInChannel(th.BasicChannel.Id, 0, 100, ""); err == nil { 2129 t.Fatal("should not have access") 2130 } 2131 2132 Client.Must(Client.JoinChannel(th.BasicChannel.Id)) 2133 2134 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2135 2136 if result, err := Client.GetProfilesNotInChannel(th.BasicChannel.Id, 0, 100, ""); err != nil { 2137 t.Fatal(err) 2138 } else { 2139 users := result.Data.(map[string]*model.User) 2140 2141 if len(users) < 1 { 2142 t.Fatal("map was wrong length") 2143 } 2144 2145 found := false 2146 for _, user := range users { 2147 if user.Email != "" { 2148 t.Fatal("problem with show email") 2149 } 2150 if user.Id == th.BasicUser2.Id { 2151 found = true 2152 } 2153 } 2154 2155 if found { 2156 t.Fatal("should not have found profile") 2157 } 2158 } 2159 2160 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"} 2161 Client.Must(Client.CreateUser(&user2, "")) 2162 2163 Client.Login(user2.Email, "passwd1") 2164 Client.SetTeamId(th.BasicTeam.Id) 2165 2166 if _, err := Client.GetProfilesNotInChannel(th.BasicChannel.Id, 0, 100, ""); err == nil { 2167 t.Fatal("should not have access") 2168 } 2169 } 2170 2171 func TestSearchUsers(t *testing.T) { 2172 th := Setup().InitBasic().InitSystemAdmin() 2173 defer th.TearDown() 2174 2175 Client := th.BasicClient 2176 2177 inactiveUser := th.CreateUser(Client) 2178 th.LinkUserToTeam(inactiveUser, th.BasicTeam) 2179 th.SystemAdminClient.Must(th.SystemAdminClient.UpdateActive(inactiveUser.Id, false)) 2180 2181 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username}); err != nil { 2182 t.Fatal(err) 2183 } else { 2184 users := result.Data.([]*model.User) 2185 2186 found := false 2187 for _, user := range users { 2188 if user.Id == th.BasicUser.Id { 2189 found = true 2190 } 2191 } 2192 2193 if !found { 2194 t.Fatal("should have found profile") 2195 } 2196 } 2197 2198 if result, err := Client.SearchUsers(model.UserSearch{Term: inactiveUser.Username, TeamId: th.BasicTeam.Id}); err != nil { 2199 t.Fatal(err) 2200 } else { 2201 users := result.Data.([]*model.User) 2202 2203 found := false 2204 for _, user := range users { 2205 if user.Id == inactiveUser.Id { 2206 found = true 2207 } 2208 } 2209 2210 if found { 2211 t.Fatal("should not have found inactive user") 2212 } 2213 } 2214 2215 if result, err := Client.SearchUsers(model.UserSearch{Term: inactiveUser.Username, TeamId: th.BasicTeam.Id, AllowInactive: true}); err != nil { 2216 t.Fatal(err) 2217 } else { 2218 users := result.Data.([]*model.User) 2219 2220 found := false 2221 for _, user := range users { 2222 if user.Id == inactiveUser.Id { 2223 found = true 2224 } 2225 } 2226 2227 if !found { 2228 t.Fatal("should have found inactive user") 2229 } 2230 } 2231 2232 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, InChannelId: th.BasicChannel.Id}); err != nil { 2233 t.Fatal(err) 2234 } else { 2235 users := result.Data.([]*model.User) 2236 2237 if len(users) != 1 { 2238 t.Fatal("map was wrong length") 2239 } 2240 2241 found := false 2242 for _, user := range users { 2243 if user.Id == th.BasicUser.Id { 2244 found = true 2245 } 2246 } 2247 2248 if !found { 2249 t.Fatal("should have found profile") 2250 } 2251 } 2252 2253 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser2.Username, NotInChannelId: th.BasicChannel.Id}); err != nil { 2254 t.Fatal(err) 2255 } else { 2256 users := result.Data.([]*model.User) 2257 2258 if len(users) != 1 { 2259 t.Fatal("map was wrong length") 2260 } 2261 2262 found1 := false 2263 found2 := false 2264 for _, user := range users { 2265 if user.Id == th.BasicUser.Id { 2266 found1 = true 2267 } else if user.Id == th.BasicUser2.Id { 2268 found2 = true 2269 } 2270 } 2271 2272 if found1 { 2273 t.Fatal("should not have found profile") 2274 } 2275 if !found2 { 2276 t.Fatal("should have found profile") 2277 } 2278 } 2279 2280 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser2.Username, TeamId: th.BasicTeam.Id, NotInChannelId: th.BasicChannel.Id}); err != nil { 2281 t.Fatal(err) 2282 } else { 2283 users := result.Data.([]*model.User) 2284 2285 if len(users) != 1 { 2286 t.Fatal("map was wrong length") 2287 } 2288 2289 found1 := false 2290 found2 := false 2291 for _, user := range users { 2292 if user.Id == th.BasicUser.Id { 2293 found1 = true 2294 } else if user.Id == th.BasicUser2.Id { 2295 found2 = true 2296 } 2297 } 2298 2299 if found1 { 2300 t.Fatal("should not have found profile") 2301 } 2302 if !found2 { 2303 t.Fatal("should have found profile") 2304 } 2305 } 2306 2307 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, TeamId: "junk", NotInChannelId: th.BasicChannel.Id}); err != nil { 2308 t.Fatal(err) 2309 } else { 2310 users := result.Data.([]*model.User) 2311 2312 if len(users) != 0 { 2313 t.Fatal("map was wrong length") 2314 } 2315 } 2316 2317 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2318 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 2319 2320 privacyEmailPrefix := strings.ToLower(model.NewId()) 2321 privacyUser := &model.User{Email: privacyEmailPrefix + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", FirstName: model.NewId(), LastName: "Jimmers"} 2322 privacyUser = Client.Must(Client.CreateUser(privacyUser, "")).Data.(*model.User) 2323 th.LinkUserToTeam(privacyUser, th.BasicTeam) 2324 2325 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyUser.FirstName}); err != nil { 2326 t.Fatal(err) 2327 } else { 2328 users := result.Data.([]*model.User) 2329 2330 found := false 2331 for _, user := range users { 2332 if user.Id == privacyUser.Id { 2333 found = true 2334 } 2335 } 2336 2337 if found { 2338 t.Fatal("should not have found profile") 2339 } 2340 } 2341 2342 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 2343 2344 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyUser.FirstName}); err != nil { 2345 t.Fatal(err) 2346 } else { 2347 users := result.Data.([]*model.User) 2348 2349 found := false 2350 for _, user := range users { 2351 if user.Id == privacyUser.Id { 2352 found = true 2353 } 2354 } 2355 2356 if found { 2357 t.Fatal("should not have found profile") 2358 } 2359 } 2360 2361 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2362 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = true }) 2363 2364 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyUser.FirstName}); err != nil { 2365 t.Fatal(err) 2366 } else { 2367 users := result.Data.([]*model.User) 2368 2369 found := false 2370 for _, user := range users { 2371 if user.Id == privacyUser.Id { 2372 found = true 2373 } 2374 } 2375 2376 if !found { 2377 t.Fatal("should have found profile") 2378 } 2379 } 2380 2381 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyEmailPrefix}); err != nil { 2382 t.Fatal(err) 2383 } else { 2384 users := result.Data.([]*model.User) 2385 2386 found := false 2387 for _, user := range users { 2388 if user.Id == privacyUser.Id { 2389 found = true 2390 } 2391 } 2392 2393 if found { 2394 t.Fatal("should not have found profile") 2395 } 2396 } 2397 2398 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) 2399 2400 if result, err := Client.SearchUsers(model.UserSearch{Term: privacyEmailPrefix}); err != nil { 2401 t.Fatal(err) 2402 } else { 2403 users := result.Data.([]*model.User) 2404 2405 found := false 2406 for _, user := range users { 2407 if user.Id == privacyUser.Id { 2408 found = true 2409 } 2410 } 2411 2412 if !found { 2413 t.Fatal("should have found profile") 2414 } 2415 } 2416 2417 th.LoginBasic2() 2418 2419 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username}); err != nil { 2420 t.Fatal(err) 2421 } else { 2422 users := result.Data.([]*model.User) 2423 2424 found := false 2425 for _, user := range users { 2426 if user.Id == th.BasicUser.Id { 2427 found = true 2428 } 2429 } 2430 2431 if !found { 2432 t.Fatal("should have found profile") 2433 } 2434 } 2435 2436 if _, err := Client.SearchUsers(model.UserSearch{}); err == nil { 2437 t.Fatal("should have errored - blank term") 2438 } 2439 2440 if _, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, InChannelId: th.BasicChannel.Id}); err == nil { 2441 t.Fatal("should not have access") 2442 } 2443 2444 if _, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, NotInChannelId: th.BasicChannel.Id}); err == nil { 2445 t.Fatal("should not have access") 2446 } 2447 2448 userWithoutTeam := th.CreateUser(Client) 2449 if result, err := Client.SearchUsers(model.UserSearch{Term: userWithoutTeam.Username}); err != nil { 2450 t.Fatal(err) 2451 } else { 2452 users := result.Data.([]*model.User) 2453 2454 found := false 2455 for _, user := range users { 2456 if user.Id == userWithoutTeam.Id { 2457 found = true 2458 } 2459 } 2460 2461 if !found { 2462 t.Fatal("should have found user without team") 2463 } 2464 } 2465 2466 if result, err := Client.SearchUsers(model.UserSearch{Term: userWithoutTeam.Username, WithoutTeam: true}); err != nil { 2467 t.Fatal(err) 2468 } else { 2469 users := result.Data.([]*model.User) 2470 2471 found := false 2472 for _, user := range users { 2473 if user.Id == userWithoutTeam.Id { 2474 found = true 2475 } 2476 } 2477 2478 if !found { 2479 t.Fatal("should have found user without team") 2480 } 2481 } 2482 2483 if result, err := Client.SearchUsers(model.UserSearch{Term: th.BasicUser.Username, WithoutTeam: true}); err != nil { 2484 t.Fatal(err) 2485 } else { 2486 users := result.Data.([]*model.User) 2487 2488 found := false 2489 for _, user := range users { 2490 if user.Id == th.BasicUser.Id { 2491 found = true 2492 } 2493 } 2494 2495 if found { 2496 t.Fatal("should not have found user with team") 2497 } 2498 } 2499 } 2500 2501 func TestAutocompleteUsers(t *testing.T) { 2502 th := Setup().InitBasic() 2503 defer th.TearDown() 2504 2505 Client := th.BasicClient 2506 2507 if result, err := Client.AutocompleteUsers(th.BasicUser.Username); err != nil { 2508 t.Fatal(err) 2509 } else { 2510 users := result.Data.([]*model.User) 2511 if len(users) != 1 { 2512 t.Fatal("should have returned 1 user in") 2513 } 2514 } 2515 2516 if result, err := Client.AutocompleteUsers("amazonses"); err != nil { 2517 t.Fatal(err) 2518 } else { 2519 users := result.Data.([]*model.User) 2520 if len(users) != 0 { 2521 t.Fatal("should have returned 0 users - email should not autocomplete") 2522 } 2523 } 2524 2525 if result, err := Client.AutocompleteUsers(""); err != nil { 2526 t.Fatal(err) 2527 } else { 2528 users := result.Data.([]*model.User) 2529 if len(users) == 0 { 2530 t.Fatal("should have many users") 2531 } 2532 } 2533 2534 notInTeamUser := th.CreateUser(Client) 2535 2536 if result, err := Client.AutocompleteUsers(notInTeamUser.Username); err != nil { 2537 t.Fatal(err) 2538 } else { 2539 users := result.Data.([]*model.User) 2540 if len(users) != 1 { 2541 t.Fatal("should have returned 1 user in") 2542 } 2543 } 2544 2545 if result, err := Client.AutocompleteUsersInTeam(notInTeamUser.Username); err != nil { 2546 t.Fatal(err) 2547 } else { 2548 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2549 if len(autocomplete.InTeam) != 0 { 2550 t.Fatal("should have returned 0 users") 2551 } 2552 } 2553 2554 if result, err := Client.AutocompleteUsersInTeam(th.BasicUser.Username); err != nil { 2555 t.Fatal(err) 2556 } else { 2557 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2558 if len(autocomplete.InTeam) != 1 { 2559 t.Fatal("should have returned 1 user in") 2560 } 2561 } 2562 2563 if result, err := Client.AutocompleteUsersInTeam(th.BasicUser.Username[0:5]); err != nil { 2564 t.Fatal(err) 2565 } else { 2566 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2567 if len(autocomplete.InTeam) < 1 { 2568 t.Fatal("should have returned at least 1 user in") 2569 } 2570 } 2571 2572 if result, err := Client.AutocompleteUsersInChannel(th.BasicUser.Username, th.BasicChannel.Id); err != nil { 2573 t.Fatal(err) 2574 } else { 2575 autocomplete := result.Data.(*model.UserAutocompleteInChannel) 2576 if len(autocomplete.InChannel) != 1 { 2577 t.Fatal("should have returned 1 user in") 2578 } 2579 if len(autocomplete.OutOfChannel) != 0 { 2580 t.Fatal("should have returned no users out") 2581 } 2582 } 2583 2584 if result, err := Client.AutocompleteUsersInChannel("", th.BasicChannel.Id); err != nil { 2585 t.Fatal(err) 2586 } else { 2587 autocomplete := result.Data.(*model.UserAutocompleteInChannel) 2588 if len(autocomplete.InChannel) != 1 && autocomplete.InChannel[0].Id != th.BasicUser2.Id { 2589 t.Fatal("should have returned at 1 user in") 2590 } 2591 if len(autocomplete.OutOfChannel) != 1 && autocomplete.OutOfChannel[0].Id != th.BasicUser2.Id { 2592 t.Fatal("should have returned 1 user out") 2593 } 2594 } 2595 2596 if result, err := Client.AutocompleteUsersInTeam(""); err != nil { 2597 t.Fatal(err) 2598 } else { 2599 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2600 if len(autocomplete.InTeam) != 2 { 2601 t.Fatal("should have returned 2 users in") 2602 } 2603 } 2604 2605 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 2606 2607 privacyUser := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", FirstName: model.NewId(), LastName: "Jimmers"} 2608 privacyUser = Client.Must(Client.CreateUser(privacyUser, "")).Data.(*model.User) 2609 th.LinkUserToTeam(privacyUser, th.BasicTeam) 2610 2611 if result, err := Client.AutocompleteUsersInChannel(privacyUser.FirstName, th.BasicChannel.Id); err != nil { 2612 t.Fatal(err) 2613 } else { 2614 autocomplete := result.Data.(*model.UserAutocompleteInChannel) 2615 if len(autocomplete.InChannel) != 0 { 2616 t.Fatal("should have returned no users") 2617 } 2618 if len(autocomplete.OutOfChannel) != 0 { 2619 t.Fatal("should have returned no users") 2620 } 2621 } 2622 2623 if result, err := Client.AutocompleteUsersInTeam(privacyUser.FirstName); err != nil { 2624 t.Fatal(err) 2625 } else { 2626 autocomplete := result.Data.(*model.UserAutocompleteInTeam) 2627 if len(autocomplete.InTeam) != 0 { 2628 t.Fatal("should have returned no users") 2629 } 2630 } 2631 2632 if _, err := Client.AutocompleteUsersInChannel("", "junk"); err == nil { 2633 t.Fatal("should have errored - bad channel id") 2634 } 2635 2636 Client.SetTeamId("junk") 2637 if _, err := Client.AutocompleteUsersInChannel("", th.BasicChannel.Id); err == nil { 2638 t.Fatal("should have errored - bad team id") 2639 } 2640 2641 if _, err := Client.AutocompleteUsersInTeam(""); err == nil { 2642 t.Fatal("should have errored - bad team id") 2643 } 2644 } 2645 2646 func TestGetByUsername(t *testing.T) { 2647 th := Setup().InitBasic() 2648 defer th.TearDown() 2649 2650 Client := th.BasicClient 2651 2652 if result, err := Client.GetByUsername(th.BasicUser.Username, ""); err != nil { 2653 t.Fatal("Failed to get user") 2654 } else { 2655 if result.Data.(*model.User).Password != "" { 2656 t.Fatal("User shouldn't have any password data once set") 2657 } 2658 } 2659 2660 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2661 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 2662 2663 if result, err := Client.GetByUsername(th.BasicUser2.Username, ""); err != nil { 2664 t.Fatal(err) 2665 } else { 2666 u := result.Data.(*model.User) 2667 if u.Password != "" { 2668 t.Fatal("password must be empty") 2669 } 2670 if *u.AuthData != "" { 2671 t.Fatal("auth data must be empty") 2672 } 2673 if u.Email != "" { 2674 t.Fatal("email should be sanitized") 2675 } 2676 } 2677 2678 } 2679 2680 func TestGetByEmail(t *testing.T) { 2681 th := Setup().InitBasic() 2682 defer th.TearDown() 2683 2684 Client := th.BasicClient 2685 2686 if _, respMetdata := Client.GetByEmail(th.BasicUser.Email, ""); respMetdata.Error != nil { 2687 t.Fatal("Failed to get user by email") 2688 } 2689 2690 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) 2691 th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) 2692 2693 if user, respMetdata := Client.GetByEmail(th.BasicUser2.Email, ""); respMetdata.Error != nil { 2694 t.Fatal(respMetdata.Error) 2695 } else { 2696 if user.Password != "" { 2697 t.Fatal("password must be empty") 2698 } 2699 if *user.AuthData != "" { 2700 t.Fatal("auth data must be empty") 2701 } 2702 if user.Email != "" { 2703 t.Fatal("email should be sanitized") 2704 } 2705 } 2706 }