github.com/spline-fu/mattermost-server@v4.10.10+incompatible/app/team_test.go (about)

     1  // Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved.
     2  // See License.txt for license information.
     3  
     4  package app
     5  
     6  import (
     7  	"strings"
     8  	"testing"
     9  
    10  	"github.com/mattermost/mattermost-server/model"
    11  )
    12  
    13  func TestCreateTeam(t *testing.T) {
    14  	th := Setup().InitBasic()
    15  	defer th.TearDown()
    16  
    17  	id := model.NewId()
    18  	team := &model.Team{
    19  		DisplayName: "dn_" + id,
    20  		Name:        "name" + id,
    21  		Email:       "success+" + id + "@simulator.amazonses.com",
    22  		Type:        model.TEAM_OPEN,
    23  	}
    24  
    25  	if _, err := th.App.CreateTeam(team); err != nil {
    26  		t.Log(err)
    27  		t.Fatal("Should create a new team")
    28  	}
    29  
    30  	if _, err := th.App.CreateTeam(th.BasicTeam); err == nil {
    31  		t.Fatal("Should not create a new team - team already exist")
    32  	}
    33  }
    34  
    35  func TestCreateTeamWithUser(t *testing.T) {
    36  	th := Setup().InitBasic()
    37  	defer th.TearDown()
    38  
    39  	id := model.NewId()
    40  	team := &model.Team{
    41  		DisplayName: "dn_" + id,
    42  		Name:        "name" + id,
    43  		Email:       "success+" + id + "@simulator.amazonses.com",
    44  		Type:        model.TEAM_OPEN,
    45  	}
    46  
    47  	if _, err := th.App.CreateTeamWithUser(team, th.BasicUser.Id); err != nil {
    48  		t.Fatal("Should create a new team with existing user", err)
    49  	}
    50  
    51  	if _, err := th.App.CreateTeamWithUser(team, model.NewId()); err == nil {
    52  		t.Fatal("Should not create a new team - user does not exist")
    53  	}
    54  }
    55  
    56  func TestUpdateTeam(t *testing.T) {
    57  	th := Setup().InitBasic()
    58  	defer th.TearDown()
    59  
    60  	th.BasicTeam.DisplayName = "Testing 123"
    61  
    62  	if updatedTeam, err := th.App.UpdateTeam(th.BasicTeam); err != nil {
    63  		t.Log(err)
    64  		t.Fatal("Should update the team")
    65  	} else {
    66  		if updatedTeam.DisplayName != "Testing 123" {
    67  			t.Fatal("Wrong Team DisplayName")
    68  		}
    69  	}
    70  }
    71  
    72  func TestAddUserToTeam(t *testing.T) {
    73  	th := Setup().InitBasic()
    74  	defer th.TearDown()
    75  
    76  	user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
    77  	ruser, _ := th.App.CreateUser(&user)
    78  
    79  	if _, err := th.App.AddUserToTeam(th.BasicTeam.Id, ruser.Id, ""); err != nil {
    80  		t.Log(err)
    81  		t.Fatal("Should add user to the team")
    82  	}
    83  }
    84  
    85  func TestAddUserToTeamByToken(t *testing.T) {
    86  	th := Setup().InitBasic()
    87  	defer th.TearDown()
    88  
    89  	user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
    90  	ruser, _ := th.App.CreateUser(&user)
    91  
    92  	t.Run("invalid token", func(t *testing.T) {
    93  		if _, err := th.App.AddUserToTeamByToken(ruser.Id, "123"); err == nil {
    94  			t.Fatal("Should fail on unexisting token")
    95  		}
    96  	})
    97  
    98  	t.Run("invalid token type", func(t *testing.T) {
    99  		token := model.NewToken(
   100  			TOKEN_TYPE_VERIFY_EMAIL,
   101  			model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id}),
   102  		)
   103  		<-th.App.Srv.Store.Token().Save(token)
   104  		defer th.App.DeleteToken(token)
   105  		if _, err := th.App.AddUserToTeamByToken(ruser.Id, token.Token); err == nil {
   106  			t.Fatal("Should fail on bad token type")
   107  		}
   108  	})
   109  
   110  	t.Run("expired token", func(t *testing.T) {
   111  		token := model.NewToken(
   112  			TOKEN_TYPE_TEAM_INVITATION,
   113  			model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id}),
   114  		)
   115  		token.CreateAt = model.GetMillis() - TEAM_INVITATION_EXPIRY_TIME - 1
   116  		<-th.App.Srv.Store.Token().Save(token)
   117  		defer th.App.DeleteToken(token)
   118  		if _, err := th.App.AddUserToTeamByToken(ruser.Id, token.Token); err == nil {
   119  			t.Fatal("Should fail on expired token")
   120  		}
   121  	})
   122  
   123  	t.Run("invalid team id", func(t *testing.T) {
   124  		token := model.NewToken(
   125  			TOKEN_TYPE_TEAM_INVITATION,
   126  			model.MapToJson(map[string]string{"teamId": model.NewId()}),
   127  		)
   128  		<-th.App.Srv.Store.Token().Save(token)
   129  		defer th.App.DeleteToken(token)
   130  		if _, err := th.App.AddUserToTeamByToken(ruser.Id, token.Token); err == nil {
   131  			t.Fatal("Should fail on bad team id")
   132  		}
   133  	})
   134  
   135  	t.Run("invalid user id", func(t *testing.T) {
   136  		token := model.NewToken(
   137  			TOKEN_TYPE_TEAM_INVITATION,
   138  			model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id}),
   139  		)
   140  		<-th.App.Srv.Store.Token().Save(token)
   141  		defer th.App.DeleteToken(token)
   142  		if _, err := th.App.AddUserToTeamByToken(model.NewId(), token.Token); err == nil {
   143  			t.Fatal("Should fail on bad user id")
   144  		}
   145  	})
   146  
   147  	t.Run("valid request", func(t *testing.T) {
   148  		token := model.NewToken(
   149  			TOKEN_TYPE_TEAM_INVITATION,
   150  			model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id}),
   151  		)
   152  		<-th.App.Srv.Store.Token().Save(token)
   153  		if _, err := th.App.AddUserToTeamByToken(ruser.Id, token.Token); err != nil {
   154  			t.Log(err)
   155  			t.Fatal("Should add user to the team")
   156  		}
   157  		if result := <-th.App.Srv.Store.Token().GetByToken(token.Token); result.Err == nil {
   158  			t.Fatal("The token must be deleted after be used")
   159  		}
   160  	})
   161  }
   162  
   163  func TestAddUserToTeamByTeamId(t *testing.T) {
   164  	th := Setup().InitBasic()
   165  	defer th.TearDown()
   166  
   167  	user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
   168  	ruser, _ := th.App.CreateUser(&user)
   169  
   170  	if err := th.App.AddUserToTeamByTeamId(th.BasicTeam.Id, ruser); err != nil {
   171  		t.Log(err)
   172  		t.Fatal("Should add user to the team")
   173  	}
   174  }
   175  
   176  func TestPermanentDeleteTeam(t *testing.T) {
   177  	th := Setup().InitBasic()
   178  	defer th.TearDown()
   179  
   180  	team, err := th.App.CreateTeam(&model.Team{
   181  		DisplayName: "deletion-test",
   182  		Name:        "deletion-test",
   183  		Email:       "foo@foo.com",
   184  		Type:        model.TEAM_OPEN,
   185  	})
   186  	if err != nil {
   187  		t.Fatal(err.Error())
   188  	}
   189  	defer func() {
   190  		th.App.PermanentDeleteTeam(team)
   191  	}()
   192  
   193  	command, err := th.App.CreateCommand(&model.Command{
   194  		CreatorId: th.BasicUser.Id,
   195  		TeamId:    team.Id,
   196  		Trigger:   "foo",
   197  		URL:       "http://foo",
   198  		Method:    model.COMMAND_METHOD_POST,
   199  	})
   200  	if err != nil {
   201  		t.Fatal(err.Error())
   202  	}
   203  	defer th.App.DeleteCommand(command.Id)
   204  
   205  	if command, err = th.App.GetCommand(command.Id); command == nil || err != nil {
   206  		t.Fatal("unable to get new command")
   207  	}
   208  
   209  	if err := th.App.PermanentDeleteTeam(team); err != nil {
   210  		t.Fatal(err.Error())
   211  	}
   212  
   213  	if command, err = th.App.GetCommand(command.Id); command != nil || err == nil {
   214  		t.Fatal("command wasn't deleted")
   215  	}
   216  
   217  	// Test deleting a team with no channels.
   218  	team = th.CreateTeam()
   219  	defer func() {
   220  		th.App.PermanentDeleteTeam(team)
   221  	}()
   222  
   223  	if channels, err := th.App.GetPublicChannelsForTeam(team.Id, 0, 1000); err != nil {
   224  		t.Fatal(err)
   225  	} else {
   226  		for _, channel := range *channels {
   227  			if err2 := th.App.PermanentDeleteChannel(channel); err2 != nil {
   228  				t.Fatal(err)
   229  			}
   230  		}
   231  	}
   232  
   233  	if err := th.App.PermanentDeleteTeam(team); err != nil {
   234  		t.Fatal(err)
   235  	}
   236  }
   237  
   238  func TestSanitizeTeam(t *testing.T) {
   239  	th := Setup()
   240  	defer th.TearDown()
   241  
   242  	team := &model.Team{
   243  		Id:             model.NewId(),
   244  		Email:          th.MakeEmail(),
   245  		AllowedDomains: "example.com",
   246  	}
   247  	copyTeam := func() *model.Team {
   248  		copy := &model.Team{}
   249  		*copy = *team
   250  		return copy
   251  	}
   252  
   253  	t.Run("not a user of the team", func(t *testing.T) {
   254  		userId := model.NewId()
   255  		session := model.Session{
   256  			Roles: model.SYSTEM_USER_ROLE_ID,
   257  			TeamMembers: []*model.TeamMember{
   258  				{
   259  					UserId: userId,
   260  					TeamId: model.NewId(),
   261  					Roles:  model.TEAM_USER_ROLE_ID,
   262  				},
   263  			},
   264  		}
   265  
   266  		sanitized := th.App.SanitizeTeam(session, copyTeam())
   267  		if sanitized.Email != "" && sanitized.AllowedDomains != "" {
   268  			t.Fatal("should've sanitized team")
   269  		}
   270  	})
   271  
   272  	t.Run("user of the team", func(t *testing.T) {
   273  		userId := model.NewId()
   274  		session := model.Session{
   275  			Roles: model.SYSTEM_USER_ROLE_ID,
   276  			TeamMembers: []*model.TeamMember{
   277  				{
   278  					UserId: userId,
   279  					TeamId: team.Id,
   280  					Roles:  model.TEAM_USER_ROLE_ID,
   281  				},
   282  			},
   283  		}
   284  
   285  		sanitized := th.App.SanitizeTeam(session, copyTeam())
   286  		if sanitized.Email != "" && sanitized.AllowedDomains != "" {
   287  			t.Fatal("should've sanitized team")
   288  		}
   289  	})
   290  
   291  	t.Run("team admin", func(t *testing.T) {
   292  		userId := model.NewId()
   293  		session := model.Session{
   294  			Roles: model.SYSTEM_USER_ROLE_ID,
   295  			TeamMembers: []*model.TeamMember{
   296  				{
   297  					UserId: userId,
   298  					TeamId: team.Id,
   299  					Roles:  model.TEAM_USER_ROLE_ID + " " + model.TEAM_ADMIN_ROLE_ID,
   300  				},
   301  			},
   302  		}
   303  
   304  		sanitized := th.App.SanitizeTeam(session, copyTeam())
   305  		if sanitized.Email == "" && sanitized.AllowedDomains == "" {
   306  			t.Fatal("shouldn't have sanitized team")
   307  		}
   308  	})
   309  
   310  	t.Run("team admin of another team", func(t *testing.T) {
   311  		userId := model.NewId()
   312  		session := model.Session{
   313  			Roles: model.SYSTEM_USER_ROLE_ID,
   314  			TeamMembers: []*model.TeamMember{
   315  				{
   316  					UserId: userId,
   317  					TeamId: model.NewId(),
   318  					Roles:  model.TEAM_USER_ROLE_ID + " " + model.TEAM_ADMIN_ROLE_ID,
   319  				},
   320  			},
   321  		}
   322  
   323  		sanitized := th.App.SanitizeTeam(session, copyTeam())
   324  		if sanitized.Email != "" && sanitized.AllowedDomains != "" {
   325  			t.Fatal("should've sanitized team")
   326  		}
   327  	})
   328  
   329  	t.Run("system admin, not a user of team", func(t *testing.T) {
   330  		userId := model.NewId()
   331  		session := model.Session{
   332  			Roles: model.SYSTEM_USER_ROLE_ID + " " + model.SYSTEM_ADMIN_ROLE_ID,
   333  			TeamMembers: []*model.TeamMember{
   334  				{
   335  					UserId: userId,
   336  					TeamId: model.NewId(),
   337  					Roles:  model.TEAM_USER_ROLE_ID,
   338  				},
   339  			},
   340  		}
   341  
   342  		sanitized := th.App.SanitizeTeam(session, copyTeam())
   343  		if sanitized.Email == "" && sanitized.AllowedDomains == "" {
   344  			t.Fatal("shouldn't have sanitized team")
   345  		}
   346  	})
   347  
   348  	t.Run("system admin, user of team", func(t *testing.T) {
   349  		userId := model.NewId()
   350  		session := model.Session{
   351  			Roles: model.SYSTEM_USER_ROLE_ID + " " + model.SYSTEM_ADMIN_ROLE_ID,
   352  			TeamMembers: []*model.TeamMember{
   353  				{
   354  					UserId: userId,
   355  					TeamId: team.Id,
   356  					Roles:  model.TEAM_USER_ROLE_ID,
   357  				},
   358  			},
   359  		}
   360  
   361  		sanitized := th.App.SanitizeTeam(session, copyTeam())
   362  		if sanitized.Email == "" && sanitized.AllowedDomains == "" {
   363  			t.Fatal("shouldn't have sanitized team")
   364  		}
   365  	})
   366  }
   367  
   368  func TestSanitizeTeams(t *testing.T) {
   369  	th := Setup()
   370  	defer th.TearDown()
   371  
   372  	t.Run("not a system admin", func(t *testing.T) {
   373  		teams := []*model.Team{
   374  			{
   375  				Id:             model.NewId(),
   376  				Email:          th.MakeEmail(),
   377  				AllowedDomains: "example.com",
   378  			},
   379  			{
   380  				Id:             model.NewId(),
   381  				Email:          th.MakeEmail(),
   382  				AllowedDomains: "example.com",
   383  			},
   384  		}
   385  
   386  		userId := model.NewId()
   387  		session := model.Session{
   388  			Roles: model.SYSTEM_USER_ROLE_ID,
   389  			TeamMembers: []*model.TeamMember{
   390  				{
   391  					UserId: userId,
   392  					TeamId: teams[0].Id,
   393  					Roles:  model.TEAM_USER_ROLE_ID,
   394  				},
   395  				{
   396  					UserId: userId,
   397  					TeamId: teams[1].Id,
   398  					Roles:  model.TEAM_USER_ROLE_ID + " " + model.TEAM_ADMIN_ROLE_ID,
   399  				},
   400  			},
   401  		}
   402  
   403  		sanitized := th.App.SanitizeTeams(session, teams)
   404  
   405  		if sanitized[0].Email != "" && sanitized[0].AllowedDomains != "" {
   406  			t.Fatal("should've sanitized first team")
   407  		}
   408  
   409  		if sanitized[1].Email == "" && sanitized[1].AllowedDomains == "" {
   410  			t.Fatal("shouldn't have sanitized second team")
   411  		}
   412  	})
   413  
   414  	t.Run("system admin", func(t *testing.T) {
   415  		teams := []*model.Team{
   416  			{
   417  				Id:             model.NewId(),
   418  				Email:          th.MakeEmail(),
   419  				AllowedDomains: "example.com",
   420  			},
   421  			{
   422  				Id:             model.NewId(),
   423  				Email:          th.MakeEmail(),
   424  				AllowedDomains: "example.com",
   425  			},
   426  		}
   427  
   428  		userId := model.NewId()
   429  		session := model.Session{
   430  			Roles: model.SYSTEM_USER_ROLE_ID + " " + model.SYSTEM_ADMIN_ROLE_ID,
   431  			TeamMembers: []*model.TeamMember{
   432  				{
   433  					UserId: userId,
   434  					TeamId: teams[0].Id,
   435  					Roles:  model.TEAM_USER_ROLE_ID,
   436  				},
   437  			},
   438  		}
   439  
   440  		sanitized := th.App.SanitizeTeams(session, teams)
   441  
   442  		if sanitized[0].Email == "" && sanitized[0].AllowedDomains == "" {
   443  			t.Fatal("shouldn't have sanitized first team")
   444  		}
   445  
   446  		if sanitized[1].Email == "" && sanitized[1].AllowedDomains == "" {
   447  			t.Fatal("shouldn't have sanitized second team")
   448  		}
   449  	})
   450  }
   451  
   452  func TestJoinUserToTeam(t *testing.T) {
   453  	th := Setup().InitBasic()
   454  	defer th.TearDown()
   455  
   456  	id := model.NewId()
   457  	team := &model.Team{
   458  		DisplayName: "dn_" + id,
   459  		Name:        "name" + id,
   460  		Email:       "success+" + id + "@simulator.amazonses.com",
   461  		Type:        model.TEAM_OPEN,
   462  	}
   463  
   464  	if _, err := th.App.CreateTeam(team); err != nil {
   465  		t.Log(err)
   466  		t.Fatal("Should create a new team")
   467  	}
   468  
   469  	maxUsersPerTeam := th.App.Config().TeamSettings.MaxUsersPerTeam
   470  	defer func() {
   471  		th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.MaxUsersPerTeam = maxUsersPerTeam })
   472  		th.App.PermanentDeleteTeam(team)
   473  	}()
   474  	one := 1
   475  	th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.MaxUsersPerTeam = &one })
   476  
   477  	t.Run("new join", func(t *testing.T) {
   478  		user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
   479  		ruser, _ := th.App.CreateUser(&user)
   480  		defer th.App.PermanentDeleteUser(&user)
   481  
   482  		if _, alreadyAdded, err := th.App.joinUserToTeam(team, ruser); alreadyAdded || err != nil {
   483  			t.Fatal("Should return already added equal to false and no error")
   484  		}
   485  	})
   486  
   487  	t.Run("join when you are a member", func(t *testing.T) {
   488  		user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
   489  		ruser, _ := th.App.CreateUser(&user)
   490  		defer th.App.PermanentDeleteUser(&user)
   491  
   492  		th.App.joinUserToTeam(team, ruser)
   493  		if _, alreadyAdded, err := th.App.joinUserToTeam(team, ruser); !alreadyAdded || err != nil {
   494  			t.Fatal("Should return already added and no error")
   495  		}
   496  	})
   497  
   498  	t.Run("re-join after leaving", func(t *testing.T) {
   499  		user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
   500  		ruser, _ := th.App.CreateUser(&user)
   501  		defer th.App.PermanentDeleteUser(&user)
   502  
   503  		th.App.joinUserToTeam(team, ruser)
   504  		th.App.LeaveTeam(team, ruser, ruser.Id)
   505  		if _, alreadyAdded, err := th.App.joinUserToTeam(team, ruser); alreadyAdded || err != nil {
   506  			t.Fatal("Should return already added equal to false and no error")
   507  		}
   508  	})
   509  
   510  	t.Run("new join with limit problem", func(t *testing.T) {
   511  		user1 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
   512  		ruser1, _ := th.App.CreateUser(&user1)
   513  		user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
   514  		ruser2, _ := th.App.CreateUser(&user2)
   515  		defer th.App.PermanentDeleteUser(&user1)
   516  		defer th.App.PermanentDeleteUser(&user2)
   517  		th.App.joinUserToTeam(team, ruser1)
   518  		if _, _, err := th.App.joinUserToTeam(team, ruser2); err == nil {
   519  			t.Fatal("Should fail")
   520  		}
   521  	})
   522  
   523  	t.Run("re-join alfter leaving with limit problem", func(t *testing.T) {
   524  		user1 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
   525  		ruser1, _ := th.App.CreateUser(&user1)
   526  		user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
   527  		ruser2, _ := th.App.CreateUser(&user2)
   528  		defer th.App.PermanentDeleteUser(&user1)
   529  		defer th.App.PermanentDeleteUser(&user2)
   530  
   531  		th.App.joinUserToTeam(team, ruser1)
   532  		th.App.LeaveTeam(team, ruser1, ruser1.Id)
   533  		th.App.joinUserToTeam(team, ruser2)
   534  		if _, _, err := th.App.joinUserToTeam(team, ruser1); err == nil {
   535  			t.Fatal("Should fail")
   536  		}
   537  	})
   538  }