github.com/qichengzx/mattermost-server@v4.5.1-0.20180604164826-2c75247c97d0+incompatible/api4/webhook_test.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "testing" 8 9 "github.com/stretchr/testify/assert" 10 11 "github.com/mattermost/mattermost-server/model" 12 ) 13 14 func TestCreateIncomingWebhook(t *testing.T) { 15 th := Setup().InitBasic().InitSystemAdmin() 16 defer th.TearDown() 17 Client := th.Client 18 19 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = true }) 20 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnablePostUsernameOverride = true }) 21 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnablePostIconOverride = true }) 22 23 defaultRolePermissions := th.SaveDefaultRolePermissions() 24 defer func() { 25 th.RestoreDefaultRolePermissions(defaultRolePermissions) 26 }() 27 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 28 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 29 30 hook := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} 31 32 rhook, resp := th.SystemAdminClient.CreateIncomingWebhook(hook) 33 CheckNoError(t, resp) 34 35 if rhook.ChannelId != hook.ChannelId { 36 t.Fatal("channel ids didn't match") 37 } 38 39 if rhook.UserId != th.SystemAdminUser.Id { 40 t.Fatal("user ids didn't match") 41 } 42 43 if rhook.TeamId != th.BasicTeam.Id { 44 t.Fatal("team ids didn't match") 45 } 46 47 hook.ChannelId = "junk" 48 _, resp = th.SystemAdminClient.CreateIncomingWebhook(hook) 49 CheckNotFoundStatus(t, resp) 50 51 hook.ChannelId = th.BasicChannel.Id 52 th.LoginTeamAdmin() 53 _, resp = Client.CreateIncomingWebhook(hook) 54 CheckNoError(t, resp) 55 56 th.LoginBasic() 57 _, resp = Client.CreateIncomingWebhook(hook) 58 CheckForbiddenStatus(t, resp) 59 60 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 61 62 _, resp = Client.CreateIncomingWebhook(hook) 63 CheckNoError(t, resp) 64 65 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnablePostUsernameOverride = false }) 66 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnablePostIconOverride = false }) 67 68 _, resp = Client.CreateIncomingWebhook(hook) 69 CheckNoError(t, resp) 70 71 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = false }) 72 _, resp = Client.CreateIncomingWebhook(hook) 73 CheckNotImplementedStatus(t, resp) 74 } 75 76 func TestGetIncomingWebhooks(t *testing.T) { 77 th := Setup().InitBasic().InitSystemAdmin() 78 defer th.TearDown() 79 Client := th.Client 80 81 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = true }) 82 83 defaultRolePermissions := th.SaveDefaultRolePermissions() 84 defer func() { 85 th.RestoreDefaultRolePermissions(defaultRolePermissions) 86 }() 87 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 88 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 89 90 hook := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} 91 rhook, resp := th.SystemAdminClient.CreateIncomingWebhook(hook) 92 CheckNoError(t, resp) 93 94 hooks, resp := th.SystemAdminClient.GetIncomingWebhooks(0, 1000, "") 95 CheckNoError(t, resp) 96 97 found := false 98 for _, h := range hooks { 99 if rhook.Id == h.Id { 100 found = true 101 } 102 } 103 104 if !found { 105 t.Fatal("missing hook") 106 } 107 108 hooks, resp = th.SystemAdminClient.GetIncomingWebhooks(0, 1, "") 109 CheckNoError(t, resp) 110 111 if len(hooks) != 1 { 112 t.Fatal("should only be 1") 113 } 114 115 hooks, resp = th.SystemAdminClient.GetIncomingWebhooksForTeam(th.BasicTeam.Id, 0, 1000, "") 116 CheckNoError(t, resp) 117 118 found = false 119 for _, h := range hooks { 120 if rhook.Id == h.Id { 121 found = true 122 } 123 } 124 125 if !found { 126 t.Fatal("missing hook") 127 } 128 129 hooks, resp = th.SystemAdminClient.GetIncomingWebhooksForTeam(model.NewId(), 0, 1000, "") 130 CheckNoError(t, resp) 131 132 if len(hooks) != 0 { 133 t.Fatal("no hooks should be returned") 134 } 135 136 _, resp = Client.GetIncomingWebhooks(0, 1000, "") 137 CheckForbiddenStatus(t, resp) 138 139 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 140 141 _, resp = Client.GetIncomingWebhooksForTeam(th.BasicTeam.Id, 0, 1000, "") 142 CheckNoError(t, resp) 143 144 _, resp = Client.GetIncomingWebhooksForTeam(model.NewId(), 0, 1000, "") 145 CheckForbiddenStatus(t, resp) 146 147 _, resp = Client.GetIncomingWebhooks(0, 1000, "") 148 CheckForbiddenStatus(t, resp) 149 150 Client.Logout() 151 _, resp = Client.GetIncomingWebhooks(0, 1000, "") 152 CheckUnauthorizedStatus(t, resp) 153 } 154 155 func TestGetIncomingWebhook(t *testing.T) { 156 th := Setup().InitBasic().InitSystemAdmin() 157 defer th.TearDown() 158 Client := th.SystemAdminClient 159 160 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = true }) 161 162 var resp *model.Response 163 var rhook *model.IncomingWebhook 164 var hook *model.IncomingWebhook 165 166 t.Run("WhenHookExists", func(t *testing.T) { 167 hook = &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} 168 rhook, resp = Client.CreateIncomingWebhook(hook) 169 CheckNoError(t, resp) 170 171 hook, resp = Client.GetIncomingWebhook(rhook.Id, "") 172 CheckOKStatus(t, resp) 173 }) 174 175 t.Run("WhenHookDoesNotExist", func(t *testing.T) { 176 hook, resp = Client.GetIncomingWebhook(model.NewId(), "") 177 CheckNotFoundStatus(t, resp) 178 }) 179 180 t.Run("WhenInvalidHookID", func(t *testing.T) { 181 hook, resp = Client.GetIncomingWebhook("abc", "") 182 CheckBadRequestStatus(t, resp) 183 }) 184 185 t.Run("WhenUserDoesNotHavePemissions", func(t *testing.T) { 186 th.LoginBasic() 187 Client = th.Client 188 189 _, resp = Client.GetIncomingWebhook(rhook.Id, "") 190 CheckForbiddenStatus(t, resp) 191 }) 192 } 193 194 func TestDeleteIncomingWebhook(t *testing.T) { 195 th := Setup().InitBasic().InitSystemAdmin() 196 defer th.TearDown() 197 Client := th.SystemAdminClient 198 199 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = true }) 200 201 var resp *model.Response 202 var rhook *model.IncomingWebhook 203 var hook *model.IncomingWebhook 204 var status bool 205 206 t.Run("WhenInvalidHookID", func(t *testing.T) { 207 status, resp = Client.DeleteIncomingWebhook("abc") 208 CheckBadRequestStatus(t, resp) 209 }) 210 211 t.Run("WhenHookDoesNotExist", func(t *testing.T) { 212 status, resp = Client.DeleteIncomingWebhook(model.NewId()) 213 CheckNotFoundStatus(t, resp) 214 }) 215 216 t.Run("WhenHookExists", func(t *testing.T) { 217 hook = &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} 218 rhook, resp = Client.CreateIncomingWebhook(hook) 219 CheckNoError(t, resp) 220 221 if status, resp = Client.DeleteIncomingWebhook(rhook.Id); !status { 222 t.Fatal("Delete should have succeeded") 223 } else { 224 CheckOKStatus(t, resp) 225 } 226 227 // Get now should not return this deleted hook 228 _, resp = Client.GetIncomingWebhook(rhook.Id, "") 229 CheckNotFoundStatus(t, resp) 230 }) 231 232 t.Run("WhenUserDoesNotHavePemissions", func(t *testing.T) { 233 hook = &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} 234 rhook, resp = Client.CreateIncomingWebhook(hook) 235 CheckNoError(t, resp) 236 237 th.LoginBasic() 238 Client = th.Client 239 240 _, resp = Client.DeleteIncomingWebhook(rhook.Id) 241 CheckForbiddenStatus(t, resp) 242 }) 243 } 244 245 func TestCreateOutgoingWebhook(t *testing.T) { 246 th := Setup().InitBasic().InitSystemAdmin() 247 defer th.TearDown() 248 Client := th.Client 249 250 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = true }) 251 252 defaultRolePermissions := th.SaveDefaultRolePermissions() 253 defer func() { 254 th.RestoreDefaultRolePermissions(defaultRolePermissions) 255 }() 256 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 257 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 258 259 hook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, CallbackURLs: []string{"http://nowhere.com"}} 260 261 rhook, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook) 262 CheckNoError(t, resp) 263 264 if rhook.ChannelId != hook.ChannelId { 265 t.Fatal("channel ids didn't match") 266 } else if rhook.CreatorId != th.SystemAdminUser.Id { 267 t.Fatal("user ids didn't match") 268 } else if rhook.TeamId != th.BasicChannel.TeamId { 269 t.Fatal("team ids didn't match") 270 } 271 272 hook.ChannelId = "junk" 273 _, resp = th.SystemAdminClient.CreateOutgoingWebhook(hook) 274 CheckNotFoundStatus(t, resp) 275 276 hook.ChannelId = th.BasicChannel.Id 277 th.LoginTeamAdmin() 278 _, resp = Client.CreateOutgoingWebhook(hook) 279 CheckNoError(t, resp) 280 281 th.LoginBasic() 282 _, resp = Client.CreateOutgoingWebhook(hook) 283 CheckForbiddenStatus(t, resp) 284 285 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 286 287 _, resp = Client.CreateOutgoingWebhook(hook) 288 CheckNoError(t, resp) 289 290 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = false }) 291 _, resp = Client.CreateOutgoingWebhook(hook) 292 CheckNotImplementedStatus(t, resp) 293 } 294 295 func TestGetOutgoingWebhooks(t *testing.T) { 296 th := Setup().InitBasic().InitSystemAdmin() 297 defer th.TearDown() 298 Client := th.Client 299 300 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = true }) 301 defaultRolePermissions := th.SaveDefaultRolePermissions() 302 defer func() { 303 th.RestoreDefaultRolePermissions(defaultRolePermissions) 304 }() 305 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 306 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 307 308 hook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, CallbackURLs: []string{"http://nowhere.com"}} 309 rhook, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook) 310 CheckNoError(t, resp) 311 312 hooks, resp := th.SystemAdminClient.GetOutgoingWebhooks(0, 1000, "") 313 CheckNoError(t, resp) 314 315 found := false 316 for _, h := range hooks { 317 if rhook.Id == h.Id { 318 found = true 319 } 320 } 321 322 if !found { 323 t.Fatal("missing hook") 324 } 325 326 hooks, resp = th.SystemAdminClient.GetOutgoingWebhooks(0, 1, "") 327 CheckNoError(t, resp) 328 329 if len(hooks) != 1 { 330 t.Fatal("should only be 1") 331 } 332 333 hooks, resp = th.SystemAdminClient.GetOutgoingWebhooksForTeam(th.BasicTeam.Id, 0, 1000, "") 334 CheckNoError(t, resp) 335 336 found = false 337 for _, h := range hooks { 338 if rhook.Id == h.Id { 339 found = true 340 } 341 } 342 343 if !found { 344 t.Fatal("missing hook") 345 } 346 347 hooks, resp = th.SystemAdminClient.GetOutgoingWebhooksForTeam(model.NewId(), 0, 1000, "") 348 CheckNoError(t, resp) 349 350 if len(hooks) != 0 { 351 t.Fatal("no hooks should be returned") 352 } 353 354 hooks, resp = th.SystemAdminClient.GetOutgoingWebhooksForChannel(th.BasicChannel.Id, 0, 1000, "") 355 CheckNoError(t, resp) 356 357 found = false 358 for _, h := range hooks { 359 if rhook.Id == h.Id { 360 found = true 361 } 362 } 363 364 if !found { 365 t.Fatal("missing hook") 366 } 367 368 hooks, resp = th.SystemAdminClient.GetOutgoingWebhooksForChannel(model.NewId(), 0, 1000, "") 369 CheckForbiddenStatus(t, resp) 370 371 _, resp = Client.GetOutgoingWebhooks(0, 1000, "") 372 CheckForbiddenStatus(t, resp) 373 374 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 375 376 _, resp = Client.GetOutgoingWebhooksForTeam(th.BasicTeam.Id, 0, 1000, "") 377 CheckNoError(t, resp) 378 379 _, resp = Client.GetOutgoingWebhooksForTeam(model.NewId(), 0, 1000, "") 380 CheckForbiddenStatus(t, resp) 381 382 _, resp = Client.GetOutgoingWebhooksForChannel(th.BasicChannel.Id, 0, 1000, "") 383 CheckNoError(t, resp) 384 385 _, resp = Client.GetOutgoingWebhooksForChannel(model.NewId(), 0, 1000, "") 386 CheckForbiddenStatus(t, resp) 387 388 _, resp = Client.GetOutgoingWebhooks(0, 1000, "") 389 CheckForbiddenStatus(t, resp) 390 391 Client.Logout() 392 _, resp = Client.GetOutgoingWebhooks(0, 1000, "") 393 CheckUnauthorizedStatus(t, resp) 394 } 395 396 func TestGetOutgoingWebhook(t *testing.T) { 397 th := Setup().InitBasic().InitSystemAdmin() 398 defer th.TearDown() 399 Client := th.Client 400 401 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = true }) 402 403 hook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, CallbackURLs: []string{"http://nowhere.com"}} 404 405 rhook, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook) 406 CheckNoError(t, resp) 407 408 getHook, resp := th.SystemAdminClient.GetOutgoingWebhook(rhook.Id) 409 CheckNoError(t, resp) 410 if getHook.Id != rhook.Id { 411 t.Fatal("failed to retrieve the correct outgoing hook") 412 } 413 414 _, resp = Client.GetOutgoingWebhook(rhook.Id) 415 CheckForbiddenStatus(t, resp) 416 417 nonExistentHook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id} 418 _, resp = th.SystemAdminClient.GetOutgoingWebhook(nonExistentHook.Id) 419 CheckNotFoundStatus(t, resp) 420 421 nonExistentHook.Id = model.NewId() 422 _, resp = th.SystemAdminClient.GetOutgoingWebhook(nonExistentHook.Id) 423 CheckInternalErrorStatus(t, resp) 424 } 425 426 func TestUpdateIncomingHook(t *testing.T) { 427 th := Setup().InitBasic().InitSystemAdmin() 428 defer th.TearDown() 429 Client := th.Client 430 431 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = true }) 432 433 defaultRolePermissions := th.SaveDefaultRolePermissions() 434 defer func() { 435 th.RestoreDefaultRolePermissions(defaultRolePermissions) 436 }() 437 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 438 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 439 440 hook1 := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} 441 442 createdHook, resp := th.SystemAdminClient.CreateIncomingWebhook(hook1) 443 CheckNoError(t, resp) 444 445 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnablePostUsernameOverride = false }) 446 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnablePostIconOverride = false }) 447 448 t.Run("UpdateIncomingHook, overrides disabled", func(t *testing.T) { 449 createdHook.DisplayName = "hook2" 450 createdHook.Description = "description" 451 createdHook.ChannelId = th.BasicChannel2.Id 452 createdHook.Username = "username" 453 createdHook.IconURL = "icon" 454 455 updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) 456 CheckNoError(t, resp) 457 if updatedHook != nil { 458 if updatedHook.DisplayName != "hook2" { 459 t.Fatal("Hook name is not updated") 460 } 461 462 if updatedHook.Description != "description" { 463 t.Fatal("Hook description is not updated") 464 } 465 466 if updatedHook.ChannelId != th.BasicChannel2.Id { 467 t.Fatal("Hook channel is not updated") 468 } 469 470 if updatedHook.Username != "" { 471 t.Fatal("Hook username was incorrectly updated") 472 } 473 474 if updatedHook.IconURL != "" { 475 t.Fatal("Hook icon was incorrectly updated") 476 } 477 } else { 478 t.Fatal("should not be nil") 479 } 480 481 //updatedHook, _ = th.App.GetIncomingWebhook(createdHook.Id) 482 assert.Equal(t, updatedHook.ChannelId, createdHook.ChannelId) 483 }) 484 485 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnablePostUsernameOverride = true }) 486 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnablePostIconOverride = true }) 487 488 t.Run("UpdateIncomingHook", func(t *testing.T) { 489 createdHook.DisplayName = "hook2" 490 createdHook.Description = "description" 491 createdHook.ChannelId = th.BasicChannel2.Id 492 createdHook.Username = "username" 493 createdHook.IconURL = "icon" 494 495 updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) 496 CheckNoError(t, resp) 497 if updatedHook != nil { 498 if updatedHook.DisplayName != "hook2" { 499 t.Fatal("Hook name is not updated") 500 } 501 502 if updatedHook.Description != "description" { 503 t.Fatal("Hook description is not updated") 504 } 505 506 if updatedHook.ChannelId != th.BasicChannel2.Id { 507 t.Fatal("Hook channel is not updated") 508 } 509 510 if updatedHook.Username != "username" { 511 t.Fatal("Hook username is not updated") 512 } 513 514 if updatedHook.IconURL != "icon" { 515 t.Fatal("Hook icon is not updated") 516 } 517 } else { 518 t.Fatal("should not be nil") 519 } 520 521 //updatedHook, _ = th.App.GetIncomingWebhook(createdHook.Id) 522 assert.Equal(t, updatedHook.ChannelId, createdHook.ChannelId) 523 }) 524 525 t.Run("RetainCreateAt", func(t *testing.T) { 526 hook2 := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id, CreateAt: 100} 527 528 createdHook, resp := th.SystemAdminClient.CreateIncomingWebhook(hook2) 529 CheckNoError(t, resp) 530 531 createdHook.DisplayName = "Name2" 532 533 updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) 534 CheckNoError(t, resp) 535 if updatedHook != nil { 536 if updatedHook.CreateAt != createdHook.CreateAt { 537 t.Fatal("failed - hook create at should not be changed") 538 } 539 } else { 540 t.Fatal("should not be nil") 541 } 542 }) 543 544 t.Run("ModifyUpdateAt", func(t *testing.T) { 545 createdHook.DisplayName = "Name3" 546 547 updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) 548 CheckNoError(t, resp) 549 if updatedHook != nil { 550 if updatedHook.UpdateAt == createdHook.UpdateAt { 551 t.Fatal("failed - hook updateAt is not updated") 552 } 553 } else { 554 t.Fatal("should not be nil") 555 } 556 }) 557 558 t.Run("UpdateNonExistentHook", func(t *testing.T) { 559 nonExistentHook := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id} 560 561 _, resp := th.SystemAdminClient.UpdateIncomingWebhook(nonExistentHook) 562 CheckNotFoundStatus(t, resp) 563 564 nonExistentHook.Id = model.NewId() 565 _, resp = th.SystemAdminClient.UpdateIncomingWebhook(nonExistentHook) 566 CheckNotFoundStatus(t, resp) 567 }) 568 569 t.Run("UserIsNotAdminOfTeam", func(t *testing.T) { 570 _, resp := Client.UpdateIncomingWebhook(createdHook) 571 CheckForbiddenStatus(t, resp) 572 }) 573 574 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 575 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 576 577 t.Run("OnlyAdminIntegrationsDisabled", func(t *testing.T) { 578 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 579 580 t.Run("UpdateHookOfSameUser", func(t *testing.T) { 581 sameUserHook := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id, UserId: th.BasicUser2.Id} 582 583 sameUserHook, resp := Client.CreateIncomingWebhook(sameUserHook) 584 CheckNoError(t, resp) 585 586 _, resp = Client.UpdateIncomingWebhook(sameUserHook) 587 CheckNoError(t, resp) 588 }) 589 590 t.Run("UpdateHookOfDifferentUser", func(t *testing.T) { 591 _, resp := Client.UpdateIncomingWebhook(createdHook) 592 CheckForbiddenStatus(t, resp) 593 }) 594 }) 595 596 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 597 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 598 599 Client.Logout() 600 th.UpdateUserToTeamAdmin(th.BasicUser2, th.BasicTeam) 601 th.LoginBasic2() 602 t.Run("UpdateByDifferentUser", func(t *testing.T) { 603 updatedHook, resp := Client.UpdateIncomingWebhook(createdHook) 604 CheckNoError(t, resp) 605 if updatedHook.UserId == th.BasicUser2.Id { 606 t.Fatal("Hook's creator userId is not retained") 607 } 608 }) 609 610 t.Run("IncomingHooksDisabled", func(t *testing.T) { 611 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = false }) 612 _, resp := Client.UpdateIncomingWebhook(createdHook) 613 CheckNotImplementedStatus(t, resp) 614 CheckErrorMessage(t, resp, "api.incoming_webhook.disabled.app_error") 615 }) 616 617 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = true }) 618 619 t.Run("PrivateChannel", func(t *testing.T) { 620 privateChannel := th.CreatePrivateChannel() 621 Client.Logout() 622 th.LoginBasic() 623 createdHook.ChannelId = privateChannel.Id 624 625 _, resp := Client.UpdateIncomingWebhook(createdHook) 626 CheckForbiddenStatus(t, resp) 627 }) 628 629 t.Run("UpdateToNonExistentChannel", func(t *testing.T) { 630 createdHook.ChannelId = "junk" 631 _, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook) 632 CheckNotFoundStatus(t, resp) 633 }) 634 635 team := th.CreateTeamWithClient(Client) 636 user := th.CreateUserWithClient(Client) 637 th.LinkUserToTeam(user, team) 638 Client.Logout() 639 Client.Login(user.Id, user.Password) 640 t.Run("UpdateToADifferentTeam", func(t *testing.T) { 641 _, resp := Client.UpdateIncomingWebhook(createdHook) 642 CheckUnauthorizedStatus(t, resp) 643 }) 644 } 645 646 func TestRegenOutgoingHookToken(t *testing.T) { 647 th := Setup().InitBasic().InitSystemAdmin() 648 defer th.TearDown() 649 Client := th.Client 650 651 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = true }) 652 653 hook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, CallbackURLs: []string{"http://nowhere.com"}} 654 rhook, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook) 655 CheckNoError(t, resp) 656 657 _, resp = th.SystemAdminClient.RegenOutgoingHookToken("junk") 658 CheckBadRequestStatus(t, resp) 659 660 //investigate why is act weird on jenkins 661 // _, resp = th.SystemAdminClient.RegenOutgoingHookToken("") 662 // CheckNotFoundStatus(t, resp) 663 664 regenHookToken, resp := th.SystemAdminClient.RegenOutgoingHookToken(rhook.Id) 665 CheckNoError(t, resp) 666 if regenHookToken.Token == rhook.Token { 667 t.Fatal("regen didn't work properly") 668 } 669 670 _, resp = Client.RegenOutgoingHookToken(rhook.Id) 671 CheckForbiddenStatus(t, resp) 672 673 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = false }) 674 _, resp = th.SystemAdminClient.RegenOutgoingHookToken(rhook.Id) 675 CheckNotImplementedStatus(t, resp) 676 } 677 678 func TestUpdateOutgoingHook(t *testing.T) { 679 th := Setup().InitBasic().InitSystemAdmin() 680 defer th.TearDown() 681 Client := th.Client 682 683 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = true }) 684 defaultRolePermissions := th.SaveDefaultRolePermissions() 685 defer func() { 686 th.RestoreDefaultRolePermissions(defaultRolePermissions) 687 }() 688 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 689 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 690 691 createdHook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, 692 CallbackURLs: []string{"http://nowhere.com"}, TriggerWords: []string{"cats"}} 693 694 createdHook, resp := th.SystemAdminClient.CreateOutgoingWebhook(createdHook) 695 CheckNoError(t, resp) 696 697 t.Run("UpdateOutgoingWebhook", func(t *testing.T) { 698 createdHook.DisplayName = "Cats" 699 createdHook.Description = "Get me some cats" 700 701 updatedHook, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook) 702 CheckNoError(t, resp) 703 if updatedHook.DisplayName != "Cats" { 704 t.Fatal("did not update") 705 } 706 if updatedHook.Description != "Get me some cats" { 707 t.Fatal("did not update") 708 } 709 }) 710 711 t.Run("OutgoingHooksDisabled", func(t *testing.T) { 712 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = false }) 713 _, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook) 714 CheckNotImplementedStatus(t, resp) 715 }) 716 717 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = true }) 718 t.Run("RetainCreateAt", func(t *testing.T) { 719 hook2 := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, 720 CallbackURLs: []string{"http://nowhere.com"}, TriggerWords: []string{"rats"}} 721 722 createdHook2, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook2) 723 CheckNoError(t, resp) 724 createdHook2.DisplayName = "Name2" 725 726 updatedHook2, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook2) 727 CheckNoError(t, resp) 728 729 if updatedHook2.CreateAt != createdHook2.CreateAt { 730 t.Fatal("failed - hook create at should not be changed") 731 } 732 }) 733 734 t.Run("ModifyUpdateAt", func(t *testing.T) { 735 createdHook.DisplayName = "Name3" 736 737 updatedHook2, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook) 738 CheckNoError(t, resp) 739 740 if updatedHook2.UpdateAt == createdHook.UpdateAt { 741 t.Fatal("failed - hook updateAt is not updated") 742 } 743 }) 744 745 t.Run("UpdateNonExistentHook", func(t *testing.T) { 746 nonExistentHook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, 747 CallbackURLs: []string{"http://nowhere.com"}, TriggerWords: []string{"rats"}} 748 749 _, resp := th.SystemAdminClient.UpdateOutgoingWebhook(nonExistentHook) 750 CheckNotFoundStatus(t, resp) 751 752 nonExistentHook.Id = model.NewId() 753 _, resp = th.SystemAdminClient.UpdateOutgoingWebhook(nonExistentHook) 754 CheckInternalErrorStatus(t, resp) 755 }) 756 757 t.Run("UserIsNotAdminOfTeam", func(t *testing.T) { 758 _, resp := Client.UpdateOutgoingWebhook(createdHook) 759 CheckForbiddenStatus(t, resp) 760 }) 761 762 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 763 hook2 := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, 764 CallbackURLs: []string{"http://nowhere.com"}, TriggerWords: []string{"rats2"}} 765 766 createdHook2, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook2) 767 CheckNoError(t, resp) 768 769 _, resp = Client.UpdateOutgoingWebhook(createdHook2) 770 CheckForbiddenStatus(t, resp) 771 772 th.RemovePermissionFromRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_USER_ROLE_ID) 773 th.AddPermissionToRole(model.PERMISSION_MANAGE_WEBHOOKS.Id, model.TEAM_ADMIN_ROLE_ID) 774 775 Client.Logout() 776 th.UpdateUserToTeamAdmin(th.BasicUser2, th.BasicTeam) 777 th.LoginBasic2() 778 t.Run("RetainHookCreator", func(t *testing.T) { 779 createdHook.DisplayName = "Basic user 2" 780 updatedHook, resp := Client.UpdateOutgoingWebhook(createdHook) 781 CheckNoError(t, resp) 782 if updatedHook.DisplayName != "Basic user 2" { 783 t.Fatal("should apply the change") 784 } 785 if updatedHook.CreatorId != th.SystemAdminUser.Id { 786 t.Fatal("hook creator should not be changed") 787 } 788 }) 789 790 t.Run("UpdateToExistingTriggerWordAndCallback", func(t *testing.T) { 791 t.Run("OnSameChannel", func(t *testing.T) { 792 createdHook.TriggerWords = []string{"rats"} 793 794 _, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook) 795 CheckBadRequestStatus(t, resp) 796 }) 797 798 t.Run("OnDifferentChannel", func(t *testing.T) { 799 createdHook.TriggerWords = []string{"cats"} 800 createdHook.ChannelId = th.BasicChannel2.Id 801 802 _, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook) 803 CheckNoError(t, resp) 804 }) 805 }) 806 807 t.Run("UpdateToNonExistentChannel", func(t *testing.T) { 808 createdHook.ChannelId = "junk" 809 810 _, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook) 811 CheckNotFoundStatus(t, resp) 812 }) 813 814 t.Run("UpdateToPrivateChannel", func(t *testing.T) { 815 privateChannel := th.CreatePrivateChannel() 816 createdHook.ChannelId = privateChannel.Id 817 818 _, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook) 819 CheckForbiddenStatus(t, resp) 820 }) 821 822 t.Run("UpdateToBlankTriggerWordAndChannel", func(t *testing.T) { 823 createdHook.ChannelId = "" 824 createdHook.TriggerWords = nil 825 826 _, resp := th.SystemAdminClient.UpdateOutgoingWebhook(createdHook) 827 CheckInternalErrorStatus(t, resp) 828 }) 829 830 team := th.CreateTeamWithClient(Client) 831 user := th.CreateUserWithClient(Client) 832 th.LinkUserToTeam(user, team) 833 Client.Logout() 834 Client.Login(user.Id, user.Password) 835 t.Run("UpdateToADifferentTeam", func(t *testing.T) { 836 _, resp := Client.UpdateOutgoingWebhook(createdHook) 837 CheckUnauthorizedStatus(t, resp) 838 }) 839 } 840 841 func TestDeleteOutgoingHook(t *testing.T) { 842 th := Setup().InitBasic().InitSystemAdmin() 843 defer th.TearDown() 844 Client := th.SystemAdminClient 845 846 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = true }) 847 848 var resp *model.Response 849 var rhook *model.OutgoingWebhook 850 var hook *model.OutgoingWebhook 851 var status bool 852 853 t.Run("WhenInvalidHookID", func(t *testing.T) { 854 status, resp = Client.DeleteOutgoingWebhook("abc") 855 CheckBadRequestStatus(t, resp) 856 }) 857 858 t.Run("WhenHookDoesNotExist", func(t *testing.T) { 859 status, resp = Client.DeleteOutgoingWebhook(model.NewId()) 860 CheckInternalErrorStatus(t, resp) 861 }) 862 863 t.Run("WhenHookExists", func(t *testing.T) { 864 hook = &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, 865 CallbackURLs: []string{"http://nowhere.com"}, TriggerWords: []string{"cats"}} 866 rhook, resp = Client.CreateOutgoingWebhook(hook) 867 CheckNoError(t, resp) 868 869 if status, resp = Client.DeleteOutgoingWebhook(rhook.Id); !status { 870 t.Fatal("Delete should have succeeded") 871 } else { 872 CheckOKStatus(t, resp) 873 } 874 875 // Get now should not return this deleted hook 876 _, resp = Client.GetIncomingWebhook(rhook.Id, "") 877 CheckNotFoundStatus(t, resp) 878 }) 879 880 t.Run("WhenUserDoesNotHavePemissions", func(t *testing.T) { 881 hook = &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, 882 CallbackURLs: []string{"http://nowhere.com"}, TriggerWords: []string{"dogs"}} 883 rhook, resp = Client.CreateOutgoingWebhook(hook) 884 CheckNoError(t, resp) 885 886 th.LoginBasic() 887 Client = th.Client 888 889 _, resp = Client.DeleteOutgoingWebhook(rhook.Id) 890 CheckForbiddenStatus(t, resp) 891 }) 892 }