github.com/spline-fu/mattermost-server@v4.10.10+incompatible/app/team_test.go (about) 1 // Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package app 5 6 import ( 7 "strings" 8 "testing" 9 10 "github.com/mattermost/mattermost-server/model" 11 ) 12 13 func TestCreateTeam(t *testing.T) { 14 th := Setup().InitBasic() 15 defer th.TearDown() 16 17 id := model.NewId() 18 team := &model.Team{ 19 DisplayName: "dn_" + id, 20 Name: "name" + id, 21 Email: "success+" + id + "@simulator.amazonses.com", 22 Type: model.TEAM_OPEN, 23 } 24 25 if _, err := th.App.CreateTeam(team); err != nil { 26 t.Log(err) 27 t.Fatal("Should create a new team") 28 } 29 30 if _, err := th.App.CreateTeam(th.BasicTeam); err == nil { 31 t.Fatal("Should not create a new team - team already exist") 32 } 33 } 34 35 func TestCreateTeamWithUser(t *testing.T) { 36 th := Setup().InitBasic() 37 defer th.TearDown() 38 39 id := model.NewId() 40 team := &model.Team{ 41 DisplayName: "dn_" + id, 42 Name: "name" + id, 43 Email: "success+" + id + "@simulator.amazonses.com", 44 Type: model.TEAM_OPEN, 45 } 46 47 if _, err := th.App.CreateTeamWithUser(team, th.BasicUser.Id); err != nil { 48 t.Fatal("Should create a new team with existing user", err) 49 } 50 51 if _, err := th.App.CreateTeamWithUser(team, model.NewId()); err == nil { 52 t.Fatal("Should not create a new team - user does not exist") 53 } 54 } 55 56 func TestUpdateTeam(t *testing.T) { 57 th := Setup().InitBasic() 58 defer th.TearDown() 59 60 th.BasicTeam.DisplayName = "Testing 123" 61 62 if updatedTeam, err := th.App.UpdateTeam(th.BasicTeam); err != nil { 63 t.Log(err) 64 t.Fatal("Should update the team") 65 } else { 66 if updatedTeam.DisplayName != "Testing 123" { 67 t.Fatal("Wrong Team DisplayName") 68 } 69 } 70 } 71 72 func TestAddUserToTeam(t *testing.T) { 73 th := Setup().InitBasic() 74 defer th.TearDown() 75 76 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 77 ruser, _ := th.App.CreateUser(&user) 78 79 if _, err := th.App.AddUserToTeam(th.BasicTeam.Id, ruser.Id, ""); err != nil { 80 t.Log(err) 81 t.Fatal("Should add user to the team") 82 } 83 } 84 85 func TestAddUserToTeamByToken(t *testing.T) { 86 th := Setup().InitBasic() 87 defer th.TearDown() 88 89 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 90 ruser, _ := th.App.CreateUser(&user) 91 92 t.Run("invalid token", func(t *testing.T) { 93 if _, err := th.App.AddUserToTeamByToken(ruser.Id, "123"); err == nil { 94 t.Fatal("Should fail on unexisting token") 95 } 96 }) 97 98 t.Run("invalid token type", func(t *testing.T) { 99 token := model.NewToken( 100 TOKEN_TYPE_VERIFY_EMAIL, 101 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id}), 102 ) 103 <-th.App.Srv.Store.Token().Save(token) 104 defer th.App.DeleteToken(token) 105 if _, err := th.App.AddUserToTeamByToken(ruser.Id, token.Token); err == nil { 106 t.Fatal("Should fail on bad token type") 107 } 108 }) 109 110 t.Run("expired token", func(t *testing.T) { 111 token := model.NewToken( 112 TOKEN_TYPE_TEAM_INVITATION, 113 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id}), 114 ) 115 token.CreateAt = model.GetMillis() - TEAM_INVITATION_EXPIRY_TIME - 1 116 <-th.App.Srv.Store.Token().Save(token) 117 defer th.App.DeleteToken(token) 118 if _, err := th.App.AddUserToTeamByToken(ruser.Id, token.Token); err == nil { 119 t.Fatal("Should fail on expired token") 120 } 121 }) 122 123 t.Run("invalid team id", func(t *testing.T) { 124 token := model.NewToken( 125 TOKEN_TYPE_TEAM_INVITATION, 126 model.MapToJson(map[string]string{"teamId": model.NewId()}), 127 ) 128 <-th.App.Srv.Store.Token().Save(token) 129 defer th.App.DeleteToken(token) 130 if _, err := th.App.AddUserToTeamByToken(ruser.Id, token.Token); err == nil { 131 t.Fatal("Should fail on bad team id") 132 } 133 }) 134 135 t.Run("invalid user id", func(t *testing.T) { 136 token := model.NewToken( 137 TOKEN_TYPE_TEAM_INVITATION, 138 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id}), 139 ) 140 <-th.App.Srv.Store.Token().Save(token) 141 defer th.App.DeleteToken(token) 142 if _, err := th.App.AddUserToTeamByToken(model.NewId(), token.Token); err == nil { 143 t.Fatal("Should fail on bad user id") 144 } 145 }) 146 147 t.Run("valid request", func(t *testing.T) { 148 token := model.NewToken( 149 TOKEN_TYPE_TEAM_INVITATION, 150 model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id}), 151 ) 152 <-th.App.Srv.Store.Token().Save(token) 153 if _, err := th.App.AddUserToTeamByToken(ruser.Id, token.Token); err != nil { 154 t.Log(err) 155 t.Fatal("Should add user to the team") 156 } 157 if result := <-th.App.Srv.Store.Token().GetByToken(token.Token); result.Err == nil { 158 t.Fatal("The token must be deleted after be used") 159 } 160 }) 161 } 162 163 func TestAddUserToTeamByTeamId(t *testing.T) { 164 th := Setup().InitBasic() 165 defer th.TearDown() 166 167 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 168 ruser, _ := th.App.CreateUser(&user) 169 170 if err := th.App.AddUserToTeamByTeamId(th.BasicTeam.Id, ruser); err != nil { 171 t.Log(err) 172 t.Fatal("Should add user to the team") 173 } 174 } 175 176 func TestPermanentDeleteTeam(t *testing.T) { 177 th := Setup().InitBasic() 178 defer th.TearDown() 179 180 team, err := th.App.CreateTeam(&model.Team{ 181 DisplayName: "deletion-test", 182 Name: "deletion-test", 183 Email: "foo@foo.com", 184 Type: model.TEAM_OPEN, 185 }) 186 if err != nil { 187 t.Fatal(err.Error()) 188 } 189 defer func() { 190 th.App.PermanentDeleteTeam(team) 191 }() 192 193 command, err := th.App.CreateCommand(&model.Command{ 194 CreatorId: th.BasicUser.Id, 195 TeamId: team.Id, 196 Trigger: "foo", 197 URL: "http://foo", 198 Method: model.COMMAND_METHOD_POST, 199 }) 200 if err != nil { 201 t.Fatal(err.Error()) 202 } 203 defer th.App.DeleteCommand(command.Id) 204 205 if command, err = th.App.GetCommand(command.Id); command == nil || err != nil { 206 t.Fatal("unable to get new command") 207 } 208 209 if err := th.App.PermanentDeleteTeam(team); err != nil { 210 t.Fatal(err.Error()) 211 } 212 213 if command, err = th.App.GetCommand(command.Id); command != nil || err == nil { 214 t.Fatal("command wasn't deleted") 215 } 216 217 // Test deleting a team with no channels. 218 team = th.CreateTeam() 219 defer func() { 220 th.App.PermanentDeleteTeam(team) 221 }() 222 223 if channels, err := th.App.GetPublicChannelsForTeam(team.Id, 0, 1000); err != nil { 224 t.Fatal(err) 225 } else { 226 for _, channel := range *channels { 227 if err2 := th.App.PermanentDeleteChannel(channel); err2 != nil { 228 t.Fatal(err) 229 } 230 } 231 } 232 233 if err := th.App.PermanentDeleteTeam(team); err != nil { 234 t.Fatal(err) 235 } 236 } 237 238 func TestSanitizeTeam(t *testing.T) { 239 th := Setup() 240 defer th.TearDown() 241 242 team := &model.Team{ 243 Id: model.NewId(), 244 Email: th.MakeEmail(), 245 AllowedDomains: "example.com", 246 } 247 copyTeam := func() *model.Team { 248 copy := &model.Team{} 249 *copy = *team 250 return copy 251 } 252 253 t.Run("not a user of the team", func(t *testing.T) { 254 userId := model.NewId() 255 session := model.Session{ 256 Roles: model.SYSTEM_USER_ROLE_ID, 257 TeamMembers: []*model.TeamMember{ 258 { 259 UserId: userId, 260 TeamId: model.NewId(), 261 Roles: model.TEAM_USER_ROLE_ID, 262 }, 263 }, 264 } 265 266 sanitized := th.App.SanitizeTeam(session, copyTeam()) 267 if sanitized.Email != "" && sanitized.AllowedDomains != "" { 268 t.Fatal("should've sanitized team") 269 } 270 }) 271 272 t.Run("user of the team", func(t *testing.T) { 273 userId := model.NewId() 274 session := model.Session{ 275 Roles: model.SYSTEM_USER_ROLE_ID, 276 TeamMembers: []*model.TeamMember{ 277 { 278 UserId: userId, 279 TeamId: team.Id, 280 Roles: model.TEAM_USER_ROLE_ID, 281 }, 282 }, 283 } 284 285 sanitized := th.App.SanitizeTeam(session, copyTeam()) 286 if sanitized.Email != "" && sanitized.AllowedDomains != "" { 287 t.Fatal("should've sanitized team") 288 } 289 }) 290 291 t.Run("team admin", func(t *testing.T) { 292 userId := model.NewId() 293 session := model.Session{ 294 Roles: model.SYSTEM_USER_ROLE_ID, 295 TeamMembers: []*model.TeamMember{ 296 { 297 UserId: userId, 298 TeamId: team.Id, 299 Roles: model.TEAM_USER_ROLE_ID + " " + model.TEAM_ADMIN_ROLE_ID, 300 }, 301 }, 302 } 303 304 sanitized := th.App.SanitizeTeam(session, copyTeam()) 305 if sanitized.Email == "" && sanitized.AllowedDomains == "" { 306 t.Fatal("shouldn't have sanitized team") 307 } 308 }) 309 310 t.Run("team admin of another team", func(t *testing.T) { 311 userId := model.NewId() 312 session := model.Session{ 313 Roles: model.SYSTEM_USER_ROLE_ID, 314 TeamMembers: []*model.TeamMember{ 315 { 316 UserId: userId, 317 TeamId: model.NewId(), 318 Roles: model.TEAM_USER_ROLE_ID + " " + model.TEAM_ADMIN_ROLE_ID, 319 }, 320 }, 321 } 322 323 sanitized := th.App.SanitizeTeam(session, copyTeam()) 324 if sanitized.Email != "" && sanitized.AllowedDomains != "" { 325 t.Fatal("should've sanitized team") 326 } 327 }) 328 329 t.Run("system admin, not a user of team", func(t *testing.T) { 330 userId := model.NewId() 331 session := model.Session{ 332 Roles: model.SYSTEM_USER_ROLE_ID + " " + model.SYSTEM_ADMIN_ROLE_ID, 333 TeamMembers: []*model.TeamMember{ 334 { 335 UserId: userId, 336 TeamId: model.NewId(), 337 Roles: model.TEAM_USER_ROLE_ID, 338 }, 339 }, 340 } 341 342 sanitized := th.App.SanitizeTeam(session, copyTeam()) 343 if sanitized.Email == "" && sanitized.AllowedDomains == "" { 344 t.Fatal("shouldn't have sanitized team") 345 } 346 }) 347 348 t.Run("system admin, user of team", func(t *testing.T) { 349 userId := model.NewId() 350 session := model.Session{ 351 Roles: model.SYSTEM_USER_ROLE_ID + " " + model.SYSTEM_ADMIN_ROLE_ID, 352 TeamMembers: []*model.TeamMember{ 353 { 354 UserId: userId, 355 TeamId: team.Id, 356 Roles: model.TEAM_USER_ROLE_ID, 357 }, 358 }, 359 } 360 361 sanitized := th.App.SanitizeTeam(session, copyTeam()) 362 if sanitized.Email == "" && sanitized.AllowedDomains == "" { 363 t.Fatal("shouldn't have sanitized team") 364 } 365 }) 366 } 367 368 func TestSanitizeTeams(t *testing.T) { 369 th := Setup() 370 defer th.TearDown() 371 372 t.Run("not a system admin", func(t *testing.T) { 373 teams := []*model.Team{ 374 { 375 Id: model.NewId(), 376 Email: th.MakeEmail(), 377 AllowedDomains: "example.com", 378 }, 379 { 380 Id: model.NewId(), 381 Email: th.MakeEmail(), 382 AllowedDomains: "example.com", 383 }, 384 } 385 386 userId := model.NewId() 387 session := model.Session{ 388 Roles: model.SYSTEM_USER_ROLE_ID, 389 TeamMembers: []*model.TeamMember{ 390 { 391 UserId: userId, 392 TeamId: teams[0].Id, 393 Roles: model.TEAM_USER_ROLE_ID, 394 }, 395 { 396 UserId: userId, 397 TeamId: teams[1].Id, 398 Roles: model.TEAM_USER_ROLE_ID + " " + model.TEAM_ADMIN_ROLE_ID, 399 }, 400 }, 401 } 402 403 sanitized := th.App.SanitizeTeams(session, teams) 404 405 if sanitized[0].Email != "" && sanitized[0].AllowedDomains != "" { 406 t.Fatal("should've sanitized first team") 407 } 408 409 if sanitized[1].Email == "" && sanitized[1].AllowedDomains == "" { 410 t.Fatal("shouldn't have sanitized second team") 411 } 412 }) 413 414 t.Run("system admin", func(t *testing.T) { 415 teams := []*model.Team{ 416 { 417 Id: model.NewId(), 418 Email: th.MakeEmail(), 419 AllowedDomains: "example.com", 420 }, 421 { 422 Id: model.NewId(), 423 Email: th.MakeEmail(), 424 AllowedDomains: "example.com", 425 }, 426 } 427 428 userId := model.NewId() 429 session := model.Session{ 430 Roles: model.SYSTEM_USER_ROLE_ID + " " + model.SYSTEM_ADMIN_ROLE_ID, 431 TeamMembers: []*model.TeamMember{ 432 { 433 UserId: userId, 434 TeamId: teams[0].Id, 435 Roles: model.TEAM_USER_ROLE_ID, 436 }, 437 }, 438 } 439 440 sanitized := th.App.SanitizeTeams(session, teams) 441 442 if sanitized[0].Email == "" && sanitized[0].AllowedDomains == "" { 443 t.Fatal("shouldn't have sanitized first team") 444 } 445 446 if sanitized[1].Email == "" && sanitized[1].AllowedDomains == "" { 447 t.Fatal("shouldn't have sanitized second team") 448 } 449 }) 450 } 451 452 func TestJoinUserToTeam(t *testing.T) { 453 th := Setup().InitBasic() 454 defer th.TearDown() 455 456 id := model.NewId() 457 team := &model.Team{ 458 DisplayName: "dn_" + id, 459 Name: "name" + id, 460 Email: "success+" + id + "@simulator.amazonses.com", 461 Type: model.TEAM_OPEN, 462 } 463 464 if _, err := th.App.CreateTeam(team); err != nil { 465 t.Log(err) 466 t.Fatal("Should create a new team") 467 } 468 469 maxUsersPerTeam := th.App.Config().TeamSettings.MaxUsersPerTeam 470 defer func() { 471 th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.MaxUsersPerTeam = maxUsersPerTeam }) 472 th.App.PermanentDeleteTeam(team) 473 }() 474 one := 1 475 th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.MaxUsersPerTeam = &one }) 476 477 t.Run("new join", func(t *testing.T) { 478 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 479 ruser, _ := th.App.CreateUser(&user) 480 defer th.App.PermanentDeleteUser(&user) 481 482 if _, alreadyAdded, err := th.App.joinUserToTeam(team, ruser); alreadyAdded || err != nil { 483 t.Fatal("Should return already added equal to false and no error") 484 } 485 }) 486 487 t.Run("join when you are a member", func(t *testing.T) { 488 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 489 ruser, _ := th.App.CreateUser(&user) 490 defer th.App.PermanentDeleteUser(&user) 491 492 th.App.joinUserToTeam(team, ruser) 493 if _, alreadyAdded, err := th.App.joinUserToTeam(team, ruser); !alreadyAdded || err != nil { 494 t.Fatal("Should return already added and no error") 495 } 496 }) 497 498 t.Run("re-join after leaving", func(t *testing.T) { 499 user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 500 ruser, _ := th.App.CreateUser(&user) 501 defer th.App.PermanentDeleteUser(&user) 502 503 th.App.joinUserToTeam(team, ruser) 504 th.App.LeaveTeam(team, ruser, ruser.Id) 505 if _, alreadyAdded, err := th.App.joinUserToTeam(team, ruser); alreadyAdded || err != nil { 506 t.Fatal("Should return already added equal to false and no error") 507 } 508 }) 509 510 t.Run("new join with limit problem", func(t *testing.T) { 511 user1 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 512 ruser1, _ := th.App.CreateUser(&user1) 513 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 514 ruser2, _ := th.App.CreateUser(&user2) 515 defer th.App.PermanentDeleteUser(&user1) 516 defer th.App.PermanentDeleteUser(&user2) 517 th.App.joinUserToTeam(team, ruser1) 518 if _, _, err := th.App.joinUserToTeam(team, ruser2); err == nil { 519 t.Fatal("Should fail") 520 } 521 }) 522 523 t.Run("re-join alfter leaving with limit problem", func(t *testing.T) { 524 user1 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 525 ruser1, _ := th.App.CreateUser(&user1) 526 user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""} 527 ruser2, _ := th.App.CreateUser(&user2) 528 defer th.App.PermanentDeleteUser(&user1) 529 defer th.App.PermanentDeleteUser(&user2) 530 531 th.App.joinUserToTeam(team, ruser1) 532 th.App.LeaveTeam(team, ruser1, ruser1.Id) 533 th.App.joinUserToTeam(team, ruser2) 534 if _, _, err := th.App.joinUserToTeam(team, ruser1); err == nil { 535 t.Fatal("Should fail") 536 } 537 }) 538 }