github.com/turgay/mattermost-server@v5.3.2-0.20181002173352-2945e8a2b0ce+incompatible/api4/scheme_test.go (about) 1 // Copyright (c) 2018-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "strings" 8 "testing" 9 10 "github.com/stretchr/testify/assert" 11 12 "github.com/mattermost/mattermost-server/model" 13 ) 14 15 func TestCreateScheme(t *testing.T) { 16 th := Setup().InitBasic().InitSystemAdmin() 17 defer th.TearDown() 18 19 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 20 21 th.App.SetPhase2PermissionsMigrationStatus(true) 22 23 // Basic test of creating a team scheme. 24 scheme1 := &model.Scheme{ 25 DisplayName: model.NewId(), 26 Name: model.NewId(), 27 Description: model.NewId(), 28 Scope: model.SCHEME_SCOPE_TEAM, 29 } 30 31 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 32 CheckNoError(t, r1) 33 34 assert.Equal(t, s1.DisplayName, scheme1.DisplayName) 35 assert.Equal(t, s1.Name, scheme1.Name) 36 assert.Equal(t, s1.Description, scheme1.Description) 37 assert.NotZero(t, s1.CreateAt) 38 assert.Equal(t, s1.CreateAt, s1.UpdateAt) 39 assert.Zero(t, s1.DeleteAt) 40 assert.Equal(t, s1.Scope, scheme1.Scope) 41 assert.NotZero(t, len(s1.DefaultTeamAdminRole)) 42 assert.NotZero(t, len(s1.DefaultTeamUserRole)) 43 assert.NotZero(t, len(s1.DefaultChannelAdminRole)) 44 assert.NotZero(t, len(s1.DefaultChannelUserRole)) 45 46 // Check the default roles have been created. 47 _, roleRes1 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole) 48 CheckNoError(t, roleRes1) 49 _, roleRes2 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole) 50 CheckNoError(t, roleRes2) 51 _, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 52 CheckNoError(t, roleRes3) 53 _, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 54 CheckNoError(t, roleRes4) 55 56 // Basic Test of a Channel scheme. 57 scheme2 := &model.Scheme{ 58 DisplayName: model.NewId(), 59 Name: model.NewId(), 60 Description: model.NewId(), 61 Scope: model.SCHEME_SCOPE_CHANNEL, 62 } 63 64 s2, r2 := th.SystemAdminClient.CreateScheme(scheme2) 65 CheckNoError(t, r2) 66 67 assert.Equal(t, s2.DisplayName, scheme2.DisplayName) 68 assert.Equal(t, s2.Name, scheme2.Name) 69 assert.Equal(t, s2.Description, scheme2.Description) 70 assert.NotZero(t, s2.CreateAt) 71 assert.Equal(t, s2.CreateAt, s2.UpdateAt) 72 assert.Zero(t, s2.DeleteAt) 73 assert.Equal(t, s2.Scope, scheme2.Scope) 74 assert.Zero(t, len(s2.DefaultTeamAdminRole)) 75 assert.Zero(t, len(s2.DefaultTeamUserRole)) 76 assert.NotZero(t, len(s2.DefaultChannelAdminRole)) 77 assert.NotZero(t, len(s2.DefaultChannelUserRole)) 78 79 // Check the default roles have been created. 80 _, roleRes5 := th.SystemAdminClient.GetRoleByName(s2.DefaultChannelAdminRole) 81 CheckNoError(t, roleRes5) 82 _, roleRes6 := th.SystemAdminClient.GetRoleByName(s2.DefaultChannelUserRole) 83 CheckNoError(t, roleRes6) 84 85 // Try and create a scheme with an invalid scope. 86 scheme3 := &model.Scheme{ 87 DisplayName: model.NewId(), 88 Name: model.NewId(), 89 Description: model.NewId(), 90 Scope: model.NewId(), 91 } 92 93 _, r3 := th.SystemAdminClient.CreateScheme(scheme3) 94 CheckBadRequestStatus(t, r3) 95 96 // Try and create a scheme with an invalid display name. 97 scheme4 := &model.Scheme{ 98 DisplayName: strings.Repeat(model.NewId(), 100), 99 Name: "Name", 100 Description: model.NewId(), 101 Scope: model.NewId(), 102 } 103 _, r4 := th.SystemAdminClient.CreateScheme(scheme4) 104 CheckBadRequestStatus(t, r4) 105 106 // Try and create a scheme with an invalid name. 107 scheme8 := &model.Scheme{ 108 DisplayName: "DisplayName", 109 Name: strings.Repeat(model.NewId(), 100), 110 Description: model.NewId(), 111 Scope: model.NewId(), 112 } 113 _, r8 := th.SystemAdminClient.CreateScheme(scheme8) 114 CheckBadRequestStatus(t, r8) 115 116 // Try and create a scheme without the appropriate permissions. 117 scheme5 := &model.Scheme{ 118 DisplayName: model.NewId(), 119 Name: model.NewId(), 120 Description: model.NewId(), 121 Scope: model.SCHEME_SCOPE_TEAM, 122 } 123 _, r5 := th.Client.CreateScheme(scheme5) 124 CheckForbiddenStatus(t, r5) 125 126 // Try and create a scheme without a license. 127 th.App.SetLicense(nil) 128 scheme6 := &model.Scheme{ 129 DisplayName: model.NewId(), 130 Name: model.NewId(), 131 Description: model.NewId(), 132 Scope: model.SCHEME_SCOPE_TEAM, 133 } 134 _, r6 := th.SystemAdminClient.CreateScheme(scheme6) 135 CheckNotImplementedStatus(t, r6) 136 137 th.App.SetPhase2PermissionsMigrationStatus(false) 138 139 th.LoginSystemAdmin() 140 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 141 142 scheme7 := &model.Scheme{ 143 DisplayName: model.NewId(), 144 Name: model.NewId(), 145 Description: model.NewId(), 146 Scope: model.SCHEME_SCOPE_TEAM, 147 } 148 _, r7 := th.SystemAdminClient.CreateScheme(scheme7) 149 CheckNotImplementedStatus(t, r7) 150 } 151 152 func TestGetScheme(t *testing.T) { 153 th := Setup().InitBasic().InitSystemAdmin() 154 defer th.TearDown() 155 156 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 157 158 // Basic test of creating a team scheme. 159 scheme1 := &model.Scheme{ 160 DisplayName: model.NewId(), 161 Name: model.NewId(), 162 Description: model.NewId(), 163 Scope: model.SCHEME_SCOPE_TEAM, 164 } 165 166 th.App.SetPhase2PermissionsMigrationStatus(true) 167 168 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 169 CheckNoError(t, r1) 170 171 assert.Equal(t, s1.DisplayName, scheme1.DisplayName) 172 assert.Equal(t, s1.Name, scheme1.Name) 173 assert.Equal(t, s1.Description, scheme1.Description) 174 assert.NotZero(t, s1.CreateAt) 175 assert.Equal(t, s1.CreateAt, s1.UpdateAt) 176 assert.Zero(t, s1.DeleteAt) 177 assert.Equal(t, s1.Scope, scheme1.Scope) 178 assert.NotZero(t, len(s1.DefaultTeamAdminRole)) 179 assert.NotZero(t, len(s1.DefaultTeamUserRole)) 180 assert.NotZero(t, len(s1.DefaultChannelAdminRole)) 181 assert.NotZero(t, len(s1.DefaultChannelUserRole)) 182 183 s2, r2 := th.SystemAdminClient.GetScheme(s1.Id) 184 CheckNoError(t, r2) 185 186 assert.Equal(t, s1, s2) 187 188 _, r3 := th.SystemAdminClient.GetScheme(model.NewId()) 189 CheckNotFoundStatus(t, r3) 190 191 _, r4 := th.SystemAdminClient.GetScheme("12345") 192 CheckBadRequestStatus(t, r4) 193 194 th.SystemAdminClient.Logout() 195 _, r5 := th.SystemAdminClient.GetScheme(s1.Id) 196 CheckUnauthorizedStatus(t, r5) 197 198 th.SystemAdminClient.Login(th.SystemAdminUser.Username, th.SystemAdminUser.Password) 199 th.App.SetLicense(nil) 200 _, r6 := th.SystemAdminClient.GetScheme(s1.Id) 201 CheckNoError(t, r6) 202 203 _, r7 := th.Client.GetScheme(s1.Id) 204 CheckForbiddenStatus(t, r7) 205 206 th.App.SetPhase2PermissionsMigrationStatus(false) 207 208 _, r8 := th.SystemAdminClient.GetScheme(s1.Id) 209 CheckNotImplementedStatus(t, r8) 210 } 211 212 func TestGetSchemes(t *testing.T) { 213 th := Setup().InitBasic().InitSystemAdmin() 214 defer th.TearDown() 215 216 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 217 218 scheme1 := &model.Scheme{ 219 DisplayName: model.NewId(), 220 Name: model.NewId(), 221 Description: model.NewId(), 222 Scope: model.SCHEME_SCOPE_TEAM, 223 } 224 225 scheme2 := &model.Scheme{ 226 DisplayName: model.NewId(), 227 Name: model.NewId(), 228 Description: model.NewId(), 229 Scope: model.SCHEME_SCOPE_CHANNEL, 230 } 231 232 th.App.SetPhase2PermissionsMigrationStatus(true) 233 234 _, r1 := th.SystemAdminClient.CreateScheme(scheme1) 235 CheckNoError(t, r1) 236 _, r2 := th.SystemAdminClient.CreateScheme(scheme2) 237 CheckNoError(t, r2) 238 239 l3, r3 := th.SystemAdminClient.GetSchemes("", 0, 100) 240 CheckNoError(t, r3) 241 242 assert.NotZero(t, len(l3)) 243 244 l4, r4 := th.SystemAdminClient.GetSchemes("team", 0, 100) 245 CheckNoError(t, r4) 246 247 for _, s := range l4 { 248 assert.Equal(t, "team", s.Scope) 249 } 250 251 l5, r5 := th.SystemAdminClient.GetSchemes("channel", 0, 100) 252 CheckNoError(t, r5) 253 254 for _, s := range l5 { 255 assert.Equal(t, "channel", s.Scope) 256 } 257 258 _, r6 := th.SystemAdminClient.GetSchemes("asdf", 0, 100) 259 CheckBadRequestStatus(t, r6) 260 261 th.Client.Logout() 262 _, r7 := th.Client.GetSchemes("", 0, 100) 263 CheckUnauthorizedStatus(t, r7) 264 265 th.Client.Login(th.BasicUser.Username, th.BasicUser.Password) 266 _, r8 := th.Client.GetSchemes("", 0, 100) 267 CheckForbiddenStatus(t, r8) 268 269 th.App.SetPhase2PermissionsMigrationStatus(false) 270 271 _, r9 := th.SystemAdminClient.GetSchemes("", 0, 100) 272 CheckNotImplementedStatus(t, r9) 273 } 274 275 func TestGetTeamsForScheme(t *testing.T) { 276 th := Setup().InitBasic().InitSystemAdmin() 277 defer th.TearDown() 278 279 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 280 281 th.App.SetPhase2PermissionsMigrationStatus(true) 282 283 scheme1 := &model.Scheme{ 284 DisplayName: model.NewId(), 285 Name: model.NewId(), 286 Description: model.NewId(), 287 Scope: model.SCHEME_SCOPE_TEAM, 288 } 289 scheme1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 290 CheckNoError(t, r1) 291 292 team1 := &model.Team{ 293 Name: GenerateTestUsername(), 294 DisplayName: "A Test Team", 295 Type: model.TEAM_OPEN, 296 } 297 298 result1 := <-th.App.Srv.Store.Team().Save(team1) 299 assert.Nil(t, result1.Err) 300 team1 = result1.Data.(*model.Team) 301 302 l2, r2 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100) 303 CheckNoError(t, r2) 304 assert.Zero(t, len(l2)) 305 306 team1.SchemeId = &scheme1.Id 307 result2 := <-th.App.Srv.Store.Team().Update(team1) 308 assert.Nil(t, result2.Err) 309 team1 = result2.Data.(*model.Team) 310 311 l3, r3 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100) 312 CheckNoError(t, r3) 313 assert.Len(t, l3, 1) 314 assert.Equal(t, team1.Id, l3[0].Id) 315 316 team2 := &model.Team{ 317 Name: GenerateTestUsername(), 318 DisplayName: "B Test Team", 319 Type: model.TEAM_OPEN, 320 SchemeId: &scheme1.Id, 321 } 322 result3 := <-th.App.Srv.Store.Team().Save(team2) 323 assert.Nil(t, result3.Err) 324 team2 = result3.Data.(*model.Team) 325 326 l4, r4 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100) 327 CheckNoError(t, r4) 328 assert.Len(t, l4, 2) 329 assert.Equal(t, team1.Id, l4[0].Id) 330 assert.Equal(t, team2.Id, l4[1].Id) 331 332 l5, r5 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 1, 1) 333 CheckNoError(t, r5) 334 assert.Len(t, l5, 1) 335 assert.Equal(t, team2.Id, l5[0].Id) 336 337 // Check various error cases. 338 _, ri1 := th.SystemAdminClient.GetTeamsForScheme(model.NewId(), 0, 100) 339 CheckNotFoundStatus(t, ri1) 340 341 _, ri2 := th.SystemAdminClient.GetTeamsForScheme("", 0, 100) 342 CheckBadRequestStatus(t, ri2) 343 344 th.Client.Logout() 345 _, ri3 := th.Client.GetTeamsForScheme(model.NewId(), 0, 100) 346 CheckUnauthorizedStatus(t, ri3) 347 348 th.Client.Login(th.BasicUser.Username, th.BasicUser.Password) 349 _, ri4 := th.Client.GetTeamsForScheme(model.NewId(), 0, 100) 350 CheckForbiddenStatus(t, ri4) 351 352 scheme2 := &model.Scheme{ 353 DisplayName: model.NewId(), 354 Name: model.NewId(), 355 Description: model.NewId(), 356 Scope: model.SCHEME_SCOPE_CHANNEL, 357 } 358 scheme2, rs2 := th.SystemAdminClient.CreateScheme(scheme2) 359 CheckNoError(t, rs2) 360 361 _, ri5 := th.SystemAdminClient.GetTeamsForScheme(scheme2.Id, 0, 100) 362 CheckBadRequestStatus(t, ri5) 363 364 th.App.SetPhase2PermissionsMigrationStatus(false) 365 366 _, ri6 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100) 367 CheckNotImplementedStatus(t, ri6) 368 } 369 370 func TestGetChannelsForScheme(t *testing.T) { 371 th := Setup().InitBasic().InitSystemAdmin() 372 defer th.TearDown() 373 374 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 375 376 th.App.SetPhase2PermissionsMigrationStatus(true) 377 378 scheme1 := &model.Scheme{ 379 DisplayName: model.NewId(), 380 Name: model.NewId(), 381 Description: model.NewId(), 382 Scope: model.SCHEME_SCOPE_CHANNEL, 383 } 384 scheme1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 385 CheckNoError(t, r1) 386 387 channel1 := &model.Channel{ 388 TeamId: model.NewId(), 389 DisplayName: "A Name", 390 Name: model.NewId(), 391 Type: model.CHANNEL_OPEN, 392 } 393 394 result1 := <-th.App.Srv.Store.Channel().Save(channel1, 1000000) 395 assert.Nil(t, result1.Err) 396 channel1 = result1.Data.(*model.Channel) 397 398 l2, r2 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100) 399 CheckNoError(t, r2) 400 assert.Zero(t, len(l2)) 401 402 channel1.SchemeId = &scheme1.Id 403 result2 := <-th.App.Srv.Store.Channel().Update(channel1) 404 assert.Nil(t, result2.Err) 405 channel1 = result2.Data.(*model.Channel) 406 407 l3, r3 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100) 408 CheckNoError(t, r3) 409 assert.Len(t, l3, 1) 410 assert.Equal(t, channel1.Id, l3[0].Id) 411 412 channel2 := &model.Channel{ 413 TeamId: model.NewId(), 414 DisplayName: "B Name", 415 Name: model.NewId(), 416 Type: model.CHANNEL_OPEN, 417 SchemeId: &scheme1.Id, 418 } 419 result3 := <-th.App.Srv.Store.Channel().Save(channel2, 1000000) 420 assert.Nil(t, result3.Err) 421 channel2 = result3.Data.(*model.Channel) 422 423 l4, r4 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100) 424 CheckNoError(t, r4) 425 assert.Len(t, l4, 2) 426 assert.Equal(t, channel1.Id, l4[0].Id) 427 assert.Equal(t, channel2.Id, l4[1].Id) 428 429 l5, r5 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 1, 1) 430 CheckNoError(t, r5) 431 assert.Len(t, l5, 1) 432 assert.Equal(t, channel2.Id, l5[0].Id) 433 434 // Check various error cases. 435 _, ri1 := th.SystemAdminClient.GetChannelsForScheme(model.NewId(), 0, 100) 436 CheckNotFoundStatus(t, ri1) 437 438 _, ri2 := th.SystemAdminClient.GetChannelsForScheme("", 0, 100) 439 CheckBadRequestStatus(t, ri2) 440 441 th.Client.Logout() 442 _, ri3 := th.Client.GetChannelsForScheme(model.NewId(), 0, 100) 443 CheckUnauthorizedStatus(t, ri3) 444 445 th.Client.Login(th.BasicUser.Username, th.BasicUser.Password) 446 _, ri4 := th.Client.GetChannelsForScheme(model.NewId(), 0, 100) 447 CheckForbiddenStatus(t, ri4) 448 449 scheme2 := &model.Scheme{ 450 DisplayName: model.NewId(), 451 Name: model.NewId(), 452 Description: model.NewId(), 453 Scope: model.SCHEME_SCOPE_TEAM, 454 } 455 scheme2, rs2 := th.SystemAdminClient.CreateScheme(scheme2) 456 CheckNoError(t, rs2) 457 458 _, ri5 := th.SystemAdminClient.GetChannelsForScheme(scheme2.Id, 0, 100) 459 CheckBadRequestStatus(t, ri5) 460 461 th.App.SetPhase2PermissionsMigrationStatus(false) 462 463 _, ri6 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100) 464 CheckNotImplementedStatus(t, ri6) 465 } 466 467 func TestPatchScheme(t *testing.T) { 468 th := Setup().InitBasic().InitSystemAdmin() 469 defer th.TearDown() 470 471 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 472 473 th.App.SetPhase2PermissionsMigrationStatus(true) 474 475 // Basic test of creating a team scheme. 476 scheme1 := &model.Scheme{ 477 DisplayName: model.NewId(), 478 Name: model.NewId(), 479 Description: model.NewId(), 480 Scope: model.SCHEME_SCOPE_TEAM, 481 } 482 483 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 484 CheckNoError(t, r1) 485 486 assert.Equal(t, s1.DisplayName, scheme1.DisplayName) 487 assert.Equal(t, s1.Name, scheme1.Name) 488 assert.Equal(t, s1.Description, scheme1.Description) 489 assert.NotZero(t, s1.CreateAt) 490 assert.Equal(t, s1.CreateAt, s1.UpdateAt) 491 assert.Zero(t, s1.DeleteAt) 492 assert.Equal(t, s1.Scope, scheme1.Scope) 493 assert.NotZero(t, len(s1.DefaultTeamAdminRole)) 494 assert.NotZero(t, len(s1.DefaultTeamUserRole)) 495 assert.NotZero(t, len(s1.DefaultChannelAdminRole)) 496 assert.NotZero(t, len(s1.DefaultChannelUserRole)) 497 498 s2, r2 := th.SystemAdminClient.GetScheme(s1.Id) 499 CheckNoError(t, r2) 500 501 assert.Equal(t, s1, s2) 502 503 // Test with a valid patch. 504 schemePatch := &model.SchemePatch{ 505 DisplayName: new(string), 506 Name: new(string), 507 Description: new(string), 508 } 509 *schemePatch.DisplayName = model.NewId() 510 *schemePatch.Name = model.NewId() 511 *schemePatch.Description = model.NewId() 512 513 s3, r3 := th.SystemAdminClient.PatchScheme(s2.Id, schemePatch) 514 CheckNoError(t, r3) 515 assert.Equal(t, s3.Id, s2.Id) 516 assert.Equal(t, s3.DisplayName, *schemePatch.DisplayName) 517 assert.Equal(t, s3.Name, *schemePatch.Name) 518 assert.Equal(t, s3.Description, *schemePatch.Description) 519 520 s4, r4 := th.SystemAdminClient.GetScheme(s3.Id) 521 CheckNoError(t, r4) 522 assert.Equal(t, s3, s4) 523 524 // Test with a partial patch. 525 *schemePatch.Name = model.NewId() 526 *schemePatch.DisplayName = model.NewId() 527 schemePatch.Description = nil 528 529 s5, r5 := th.SystemAdminClient.PatchScheme(s4.Id, schemePatch) 530 CheckNoError(t, r5) 531 assert.Equal(t, s5.Id, s4.Id) 532 assert.Equal(t, s5.DisplayName, *schemePatch.DisplayName) 533 assert.Equal(t, s5.Name, *schemePatch.Name) 534 assert.Equal(t, s5.Description, s4.Description) 535 536 s6, r6 := th.SystemAdminClient.GetScheme(s5.Id) 537 CheckNoError(t, r6) 538 assert.Equal(t, s5, s6) 539 540 // Test with invalid patch. 541 *schemePatch.Name = strings.Repeat(model.NewId(), 20) 542 _, r7 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch) 543 CheckBadRequestStatus(t, r7) 544 545 // Test with unknown ID. 546 *schemePatch.Name = model.NewId() 547 _, r8 := th.SystemAdminClient.PatchScheme(model.NewId(), schemePatch) 548 CheckNotFoundStatus(t, r8) 549 550 // Test with invalid ID. 551 _, r9 := th.SystemAdminClient.PatchScheme("12345", schemePatch) 552 CheckBadRequestStatus(t, r9) 553 554 // Test without required permissions. 555 _, r10 := th.Client.PatchScheme(s6.Id, schemePatch) 556 CheckForbiddenStatus(t, r10) 557 558 // Test without license. 559 th.App.SetLicense(nil) 560 _, r11 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch) 561 CheckNotImplementedStatus(t, r11) 562 563 th.App.SetPhase2PermissionsMigrationStatus(false) 564 565 th.LoginSystemAdmin() 566 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 567 568 _, r12 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch) 569 CheckNotImplementedStatus(t, r12) 570 } 571 572 func TestDeleteScheme(t *testing.T) { 573 th := Setup().InitBasic().InitSystemAdmin() 574 defer th.TearDown() 575 576 t.Run("ValidTeamScheme", func(t *testing.T) { 577 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 578 579 th.App.SetPhase2PermissionsMigrationStatus(true) 580 581 // Create a team scheme. 582 scheme1 := &model.Scheme{ 583 DisplayName: model.NewId(), 584 Name: model.NewId(), 585 Description: model.NewId(), 586 Scope: model.SCHEME_SCOPE_TEAM, 587 } 588 589 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 590 CheckNoError(t, r1) 591 592 // Retrieve the roles and check they are not deleted. 593 role1, roleRes1 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole) 594 CheckNoError(t, roleRes1) 595 role2, roleRes2 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole) 596 CheckNoError(t, roleRes2) 597 role3, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 598 CheckNoError(t, roleRes3) 599 role4, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 600 CheckNoError(t, roleRes4) 601 602 assert.Zero(t, role1.DeleteAt) 603 assert.Zero(t, role2.DeleteAt) 604 assert.Zero(t, role3.DeleteAt) 605 assert.Zero(t, role4.DeleteAt) 606 607 // Make sure this scheme is in use by a team. 608 res := <-th.App.Srv.Store.Team().Save(&model.Team{ 609 Name: model.NewId(), 610 DisplayName: model.NewId(), 611 Email: model.NewId() + "@nowhere.com", 612 Type: model.TEAM_OPEN, 613 SchemeId: &s1.Id, 614 }) 615 assert.Nil(t, res.Err) 616 team := res.Data.(*model.Team) 617 618 // Delete the Scheme. 619 _, r3 := th.SystemAdminClient.DeleteScheme(s1.Id) 620 CheckNoError(t, r3) 621 622 // Check the roles were deleted. 623 role1, roleRes1 = th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole) 624 CheckNoError(t, roleRes1) 625 role2, roleRes2 = th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole) 626 CheckNoError(t, roleRes2) 627 role3, roleRes3 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 628 CheckNoError(t, roleRes3) 629 role4, roleRes4 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 630 CheckNoError(t, roleRes4) 631 632 assert.NotZero(t, role1.DeleteAt) 633 assert.NotZero(t, role2.DeleteAt) 634 assert.NotZero(t, role3.DeleteAt) 635 assert.NotZero(t, role4.DeleteAt) 636 637 // Check the team now uses the default scheme 638 c2, resp := th.SystemAdminClient.GetTeam(team.Id, "") 639 CheckNoError(t, resp) 640 assert.Equal(t, "", *c2.SchemeId) 641 }) 642 643 t.Run("ValidChannelScheme", func(t *testing.T) { 644 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 645 646 th.App.SetPhase2PermissionsMigrationStatus(true) 647 648 // Create a channel scheme. 649 scheme1 := &model.Scheme{ 650 DisplayName: model.NewId(), 651 Name: model.NewId(), 652 Description: model.NewId(), 653 Scope: model.SCHEME_SCOPE_CHANNEL, 654 } 655 656 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 657 CheckNoError(t, r1) 658 659 // Retrieve the roles and check they are not deleted. 660 role3, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 661 CheckNoError(t, roleRes3) 662 role4, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 663 CheckNoError(t, roleRes4) 664 665 assert.Zero(t, role3.DeleteAt) 666 assert.Zero(t, role4.DeleteAt) 667 668 // Make sure this scheme is in use by a team. 669 res := <-th.App.Srv.Store.Channel().Save(&model.Channel{ 670 TeamId: model.NewId(), 671 DisplayName: model.NewId(), 672 Name: model.NewId(), 673 Type: model.CHANNEL_OPEN, 674 SchemeId: &s1.Id, 675 }, -1) 676 assert.Nil(t, res.Err) 677 channel := res.Data.(*model.Channel) 678 679 // Delete the Scheme. 680 _, r3 := th.SystemAdminClient.DeleteScheme(s1.Id) 681 CheckNoError(t, r3) 682 683 // Check the roles were deleted. 684 role3, roleRes3 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 685 CheckNoError(t, roleRes3) 686 role4, roleRes4 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 687 CheckNoError(t, roleRes4) 688 689 assert.NotZero(t, role3.DeleteAt) 690 assert.NotZero(t, role4.DeleteAt) 691 692 // Check the channel now uses the default scheme 693 c2, resp := th.SystemAdminClient.GetChannelByName(channel.Name, channel.TeamId, "") 694 CheckNoError(t, resp) 695 assert.Equal(t, "", *c2.SchemeId) 696 }) 697 698 t.Run("FailureCases", func(t *testing.T) { 699 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 700 701 th.App.SetPhase2PermissionsMigrationStatus(true) 702 703 scheme1 := &model.Scheme{ 704 DisplayName: model.NewId(), 705 Name: model.NewId(), 706 Description: model.NewId(), 707 Scope: model.SCHEME_SCOPE_CHANNEL, 708 } 709 710 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 711 CheckNoError(t, r1) 712 713 // Test with unknown ID. 714 _, r2 := th.SystemAdminClient.DeleteScheme(model.NewId()) 715 CheckNotFoundStatus(t, r2) 716 717 // Test with invalid ID. 718 _, r3 := th.SystemAdminClient.DeleteScheme("12345") 719 CheckBadRequestStatus(t, r3) 720 721 // Test without required permissions. 722 _, r4 := th.Client.DeleteScheme(s1.Id) 723 CheckForbiddenStatus(t, r4) 724 725 // Test without license. 726 th.App.SetLicense(nil) 727 _, r5 := th.SystemAdminClient.DeleteScheme(s1.Id) 728 CheckNotImplementedStatus(t, r5) 729 730 th.App.SetPhase2PermissionsMigrationStatus(false) 731 732 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 733 734 _, r6 := th.SystemAdminClient.DeleteScheme(s1.Id) 735 CheckNotImplementedStatus(t, r6) 736 }) 737 }