github.com/spline-fu/mattermost-server@v4.10.10+incompatible/app/app_test.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package app 5 6 import ( 7 "flag" 8 "fmt" 9 "os" 10 "testing" 11 12 "github.com/stretchr/testify/assert" 13 "github.com/stretchr/testify/require" 14 15 "github.com/mattermost/mattermost-server/mlog" 16 "github.com/mattermost/mattermost-server/model" 17 "github.com/mattermost/mattermost-server/store/storetest" 18 "github.com/mattermost/mattermost-server/utils" 19 ) 20 21 func TestMain(m *testing.M) { 22 flag.Parse() 23 24 // Setup a global logger to catch tests logging outside of app context 25 // The global logger will be stomped by apps initalizing but that's fine for testing. Ideally this won't happen. 26 mlog.InitGlobalLogger(mlog.NewLogger(&mlog.LoggerConfiguration{ 27 EnableConsole: true, 28 ConsoleJson: true, 29 ConsoleLevel: "error", 30 EnableFile: false, 31 })) 32 33 utils.TranslationsPreInit() 34 35 // In the case where a dev just wants to run a single test, it's faster to just use the default 36 // store. 37 if filter := flag.Lookup("test.run").Value.String(); filter != "" && filter != "." { 38 mlog.Info("-test.run used, not creating temporary containers") 39 os.Exit(m.Run()) 40 } 41 42 status := 0 43 44 container, settings, err := storetest.NewMySQLContainer() 45 if err != nil { 46 panic(err) 47 } 48 49 UseTestStore(container, settings) 50 51 defer func() { 52 StopTestStore() 53 os.Exit(status) 54 }() 55 56 status = m.Run() 57 } 58 59 func TestAppRace(t *testing.T) { 60 for i := 0; i < 10; i++ { 61 a, err := New() 62 require.NoError(t, err) 63 a.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ListenAddress = ":0" }) 64 serverErr := a.StartServer() 65 require.NoError(t, serverErr) 66 a.Shutdown() 67 } 68 } 69 70 func TestUpdateConfig(t *testing.T) { 71 th := Setup() 72 defer th.TearDown() 73 74 prev := *th.App.Config().ServiceSettings.SiteURL 75 76 th.App.AddConfigListener(func(old, current *model.Config) { 77 assert.Equal(t, prev, *old.ServiceSettings.SiteURL) 78 assert.Equal(t, "foo", *current.ServiceSettings.SiteURL) 79 }) 80 81 th.App.UpdateConfig(func(cfg *model.Config) { 82 *cfg.ServiceSettings.SiteURL = "foo" 83 }) 84 } 85 86 func TestDoAdvancedPermissionsMigration(t *testing.T) { 87 th := Setup() 88 defer th.TearDown() 89 90 if testStoreSqlSupplier == nil { 91 t.Skip("This test requires a TestStore to be run.") 92 } 93 94 th.ResetRoleMigration() 95 96 th.App.DoAdvancedPermissionsMigration() 97 98 roleNames := []string{ 99 "system_user", 100 "system_admin", 101 "team_user", 102 "team_admin", 103 "channel_user", 104 "channel_admin", 105 "system_post_all", 106 "system_post_all_public", 107 "system_user_access_token", 108 "team_post_all", 109 "team_post_all_public", 110 } 111 112 roles1, err1 := th.App.GetRolesByNames(roleNames) 113 assert.Nil(t, err1) 114 assert.Equal(t, len(roles1), len(roleNames)) 115 116 expected1 := map[string][]string{ 117 "channel_user": []string{ 118 model.PERMISSION_READ_CHANNEL.Id, 119 model.PERMISSION_ADD_REACTION.Id, 120 model.PERMISSION_REMOVE_REACTION.Id, 121 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 122 model.PERMISSION_UPLOAD_FILE.Id, 123 model.PERMISSION_GET_PUBLIC_LINK.Id, 124 model.PERMISSION_CREATE_POST.Id, 125 model.PERMISSION_USE_SLASH_COMMANDS.Id, 126 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 127 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 128 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 129 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 130 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 131 model.PERMISSION_DELETE_POST.Id, 132 model.PERMISSION_EDIT_POST.Id, 133 }, 134 "channel_admin": []string{ 135 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 136 }, 137 "team_user": []string{ 138 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 139 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 140 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 141 model.PERMISSION_VIEW_TEAM.Id, 142 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 143 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 144 model.PERMISSION_INVITE_USER.Id, 145 model.PERMISSION_ADD_USER_TO_TEAM.Id, 146 }, 147 "team_post_all": []string{ 148 model.PERMISSION_CREATE_POST.Id, 149 }, 150 "team_post_all_public": []string{ 151 model.PERMISSION_CREATE_POST_PUBLIC.Id, 152 }, 153 "team_admin": []string{ 154 model.PERMISSION_EDIT_OTHERS_POSTS.Id, 155 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 156 model.PERMISSION_MANAGE_TEAM.Id, 157 model.PERMISSION_IMPORT_TEAM.Id, 158 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 159 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 160 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 161 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 162 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 163 model.PERMISSION_MANAGE_WEBHOOKS.Id, 164 model.PERMISSION_DELETE_POST.Id, 165 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 166 }, 167 "system_user": []string{ 168 model.PERMISSION_CREATE_DIRECT_CHANNEL.Id, 169 model.PERMISSION_CREATE_GROUP_CHANNEL.Id, 170 model.PERMISSION_PERMANENT_DELETE_USER.Id, 171 model.PERMISSION_CREATE_TEAM.Id, 172 }, 173 "system_post_all": []string{ 174 model.PERMISSION_CREATE_POST.Id, 175 }, 176 "system_post_all_public": []string{ 177 model.PERMISSION_CREATE_POST_PUBLIC.Id, 178 }, 179 "system_user_access_token": []string{ 180 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 181 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 182 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 183 }, 184 "system_admin": []string{ 185 model.PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id, 186 model.PERMISSION_MANAGE_SYSTEM.Id, 187 model.PERMISSION_MANAGE_ROLES.Id, 188 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 189 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 190 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 191 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 192 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 193 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 194 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 195 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 196 model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id, 197 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 198 model.PERMISSION_EDIT_OTHER_USERS.Id, 199 model.PERMISSION_MANAGE_OAUTH.Id, 200 model.PERMISSION_INVITE_USER.Id, 201 model.PERMISSION_DELETE_POST.Id, 202 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 203 model.PERMISSION_CREATE_TEAM.Id, 204 model.PERMISSION_ADD_USER_TO_TEAM.Id, 205 model.PERMISSION_LIST_USERS_WITHOUT_TEAM.Id, 206 model.PERMISSION_MANAGE_JOBS.Id, 207 model.PERMISSION_CREATE_POST_PUBLIC.Id, 208 model.PERMISSION_CREATE_POST_EPHEMERAL.Id, 209 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 210 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 211 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 212 model.PERMISSION_REMOVE_OTHERS_REACTIONS.Id, 213 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 214 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 215 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 216 model.PERMISSION_VIEW_TEAM.Id, 217 model.PERMISSION_READ_CHANNEL.Id, 218 model.PERMISSION_ADD_REACTION.Id, 219 model.PERMISSION_REMOVE_REACTION.Id, 220 model.PERMISSION_UPLOAD_FILE.Id, 221 model.PERMISSION_GET_PUBLIC_LINK.Id, 222 model.PERMISSION_CREATE_POST.Id, 223 model.PERMISSION_USE_SLASH_COMMANDS.Id, 224 model.PERMISSION_EDIT_OTHERS_POSTS.Id, 225 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 226 model.PERMISSION_MANAGE_TEAM.Id, 227 model.PERMISSION_IMPORT_TEAM.Id, 228 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 229 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 230 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 231 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 232 model.PERMISSION_MANAGE_WEBHOOKS.Id, 233 model.PERMISSION_EDIT_POST.Id, 234 }, 235 } 236 237 // Check the migration matches what's expected. 238 for name, permissions := range expected1 { 239 role, err := th.App.GetRoleByName(name) 240 assert.Nil(t, err) 241 assert.Equal(t, role.Permissions, permissions) 242 } 243 244 // Add a license and change the policy config. 245 restrictPublicChannel := *th.App.Config().TeamSettings.RestrictPublicChannelManagement 246 restrictPrivateChannel := *th.App.Config().TeamSettings.RestrictPrivateChannelManagement 247 248 defer func() { 249 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = restrictPublicChannel }) 250 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = restrictPrivateChannel }) 251 }() 252 253 th.App.UpdateConfig(func(cfg *model.Config) { 254 *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_TEAM_ADMIN 255 }) 256 th.App.UpdateConfig(func(cfg *model.Config) { 257 *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_TEAM_ADMIN 258 }) 259 th.App.SetLicense(model.NewTestLicense()) 260 261 // Check the migration doesn't change anything if run again. 262 th.App.DoAdvancedPermissionsMigration() 263 264 roles2, err2 := th.App.GetRolesByNames(roleNames) 265 assert.Nil(t, err2) 266 assert.Equal(t, len(roles2), len(roleNames)) 267 268 for name, permissions := range expected1 { 269 role, err := th.App.GetRoleByName(name) 270 assert.Nil(t, err) 271 assert.Equal(t, permissions, role.Permissions) 272 } 273 274 // Reset the database 275 th.ResetRoleMigration() 276 277 // Do the migration again with different policy config settings and a license. 278 th.App.DoAdvancedPermissionsMigration() 279 280 // Check the role permissions. 281 expected2 := map[string][]string{ 282 "channel_user": []string{ 283 model.PERMISSION_READ_CHANNEL.Id, 284 model.PERMISSION_ADD_REACTION.Id, 285 model.PERMISSION_REMOVE_REACTION.Id, 286 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 287 model.PERMISSION_UPLOAD_FILE.Id, 288 model.PERMISSION_GET_PUBLIC_LINK.Id, 289 model.PERMISSION_CREATE_POST.Id, 290 model.PERMISSION_USE_SLASH_COMMANDS.Id, 291 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 292 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 293 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 294 model.PERMISSION_DELETE_POST.Id, 295 model.PERMISSION_EDIT_POST.Id, 296 }, 297 "channel_admin": []string{ 298 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 299 }, 300 "team_user": []string{ 301 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 302 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 303 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 304 model.PERMISSION_VIEW_TEAM.Id, 305 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 306 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 307 model.PERMISSION_INVITE_USER.Id, 308 model.PERMISSION_ADD_USER_TO_TEAM.Id, 309 }, 310 "team_post_all": []string{ 311 model.PERMISSION_CREATE_POST.Id, 312 }, 313 "team_post_all_public": []string{ 314 model.PERMISSION_CREATE_POST_PUBLIC.Id, 315 }, 316 "team_admin": []string{ 317 model.PERMISSION_EDIT_OTHERS_POSTS.Id, 318 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 319 model.PERMISSION_MANAGE_TEAM.Id, 320 model.PERMISSION_IMPORT_TEAM.Id, 321 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 322 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 323 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 324 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 325 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 326 model.PERMISSION_MANAGE_WEBHOOKS.Id, 327 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 328 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 329 model.PERMISSION_DELETE_POST.Id, 330 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 331 }, 332 "system_user": []string{ 333 model.PERMISSION_CREATE_DIRECT_CHANNEL.Id, 334 model.PERMISSION_CREATE_GROUP_CHANNEL.Id, 335 model.PERMISSION_PERMANENT_DELETE_USER.Id, 336 model.PERMISSION_CREATE_TEAM.Id, 337 }, 338 "system_post_all": []string{ 339 model.PERMISSION_CREATE_POST.Id, 340 }, 341 "system_post_all_public": []string{ 342 model.PERMISSION_CREATE_POST_PUBLIC.Id, 343 }, 344 "system_user_access_token": []string{ 345 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 346 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 347 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 348 }, 349 "system_admin": []string{ 350 model.PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id, 351 model.PERMISSION_MANAGE_SYSTEM.Id, 352 model.PERMISSION_MANAGE_ROLES.Id, 353 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, 354 model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, 355 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, 356 model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, 357 model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, 358 model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, 359 model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, 360 model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, 361 model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id, 362 model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, 363 model.PERMISSION_EDIT_OTHER_USERS.Id, 364 model.PERMISSION_MANAGE_OAUTH.Id, 365 model.PERMISSION_INVITE_USER.Id, 366 model.PERMISSION_DELETE_POST.Id, 367 model.PERMISSION_DELETE_OTHERS_POSTS.Id, 368 model.PERMISSION_CREATE_TEAM.Id, 369 model.PERMISSION_ADD_USER_TO_TEAM.Id, 370 model.PERMISSION_LIST_USERS_WITHOUT_TEAM.Id, 371 model.PERMISSION_MANAGE_JOBS.Id, 372 model.PERMISSION_CREATE_POST_PUBLIC.Id, 373 model.PERMISSION_CREATE_POST_EPHEMERAL.Id, 374 model.PERMISSION_CREATE_USER_ACCESS_TOKEN.Id, 375 model.PERMISSION_READ_USER_ACCESS_TOKEN.Id, 376 model.PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id, 377 model.PERMISSION_REMOVE_OTHERS_REACTIONS.Id, 378 model.PERMISSION_LIST_TEAM_CHANNELS.Id, 379 model.PERMISSION_JOIN_PUBLIC_CHANNELS.Id, 380 model.PERMISSION_READ_PUBLIC_CHANNEL.Id, 381 model.PERMISSION_VIEW_TEAM.Id, 382 model.PERMISSION_READ_CHANNEL.Id, 383 model.PERMISSION_ADD_REACTION.Id, 384 model.PERMISSION_REMOVE_REACTION.Id, 385 model.PERMISSION_UPLOAD_FILE.Id, 386 model.PERMISSION_GET_PUBLIC_LINK.Id, 387 model.PERMISSION_CREATE_POST.Id, 388 model.PERMISSION_USE_SLASH_COMMANDS.Id, 389 model.PERMISSION_EDIT_OTHERS_POSTS.Id, 390 model.PERMISSION_REMOVE_USER_FROM_TEAM.Id, 391 model.PERMISSION_MANAGE_TEAM.Id, 392 model.PERMISSION_IMPORT_TEAM.Id, 393 model.PERMISSION_MANAGE_TEAM_ROLES.Id, 394 model.PERMISSION_MANAGE_CHANNEL_ROLES.Id, 395 model.PERMISSION_MANAGE_SLASH_COMMANDS.Id, 396 model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, 397 model.PERMISSION_MANAGE_WEBHOOKS.Id, 398 model.PERMISSION_EDIT_POST.Id, 399 }, 400 } 401 402 roles3, err3 := th.App.GetRolesByNames(roleNames) 403 assert.Nil(t, err3) 404 assert.Equal(t, len(roles3), len(roleNames)) 405 406 for name, permissions := range expected2 { 407 role, err := th.App.GetRoleByName(name) 408 assert.Nil(t, err) 409 assert.Equal(t, permissions, role.Permissions, fmt.Sprintf("'%v' did not have expected permissions", name)) 410 } 411 412 // Remove the license. 413 th.App.SetLicense(nil) 414 415 // Do the migration again. 416 th.ResetRoleMigration() 417 th.App.DoAdvancedPermissionsMigration() 418 419 // Check the role permissions. 420 roles4, err4 := th.App.GetRolesByNames(roleNames) 421 assert.Nil(t, err4) 422 assert.Equal(t, len(roles4), len(roleNames)) 423 424 for name, permissions := range expected1 { 425 role, err := th.App.GetRoleByName(name) 426 assert.Nil(t, err) 427 assert.Equal(t, permissions, role.Permissions) 428 } 429 430 // Check that the config setting for "always" and "time_limit" edit posts is updated correctly. 431 th.ResetRoleMigration() 432 433 config := th.App.GetConfig() 434 *config.ServiceSettings.AllowEditPost = "always" 435 *config.ServiceSettings.PostEditTimeLimit = 300 436 th.App.SaveConfig(config, false) 437 438 th.App.DoAdvancedPermissionsMigration() 439 config = th.App.GetConfig() 440 assert.Equal(t, -1, *config.ServiceSettings.PostEditTimeLimit) 441 442 th.ResetRoleMigration() 443 444 config = th.App.GetConfig() 445 *config.ServiceSettings.AllowEditPost = "time_limit" 446 *config.ServiceSettings.PostEditTimeLimit = 300 447 th.App.SaveConfig(config, false) 448 449 th.App.DoAdvancedPermissionsMigration() 450 config = th.App.GetConfig() 451 assert.Equal(t, 300, *config.ServiceSettings.PostEditTimeLimit) 452 453 config = th.App.GetConfig() 454 *config.ServiceSettings.AllowEditPost = "always" 455 *config.ServiceSettings.PostEditTimeLimit = 300 456 th.App.SaveConfig(config, false) 457 }