github.com/xzl8028/xenia-server@v0.0.0-20190809101854-18450a97da63/api4/scheme_test.go (about) 1 // Copyright (c) 2018-present Xenia, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "strings" 8 "testing" 9 10 "github.com/stretchr/testify/assert" 11 "github.com/stretchr/testify/require" 12 13 "github.com/xzl8028/xenia-server/model" 14 ) 15 16 func TestCreateScheme(t *testing.T) { 17 th := Setup().InitBasic() 18 defer th.TearDown() 19 20 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 21 22 th.App.SetPhase2PermissionsMigrationStatus(true) 23 24 // Basic test of creating a team scheme. 25 scheme1 := &model.Scheme{ 26 DisplayName: model.NewId(), 27 Name: model.NewId(), 28 Description: model.NewId(), 29 Scope: model.SCHEME_SCOPE_TEAM, 30 } 31 32 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 33 CheckNoError(t, r1) 34 35 assert.Equal(t, s1.DisplayName, scheme1.DisplayName) 36 assert.Equal(t, s1.Name, scheme1.Name) 37 assert.Equal(t, s1.Description, scheme1.Description) 38 assert.NotZero(t, s1.CreateAt) 39 assert.Equal(t, s1.CreateAt, s1.UpdateAt) 40 assert.Zero(t, s1.DeleteAt) 41 assert.Equal(t, s1.Scope, scheme1.Scope) 42 assert.NotZero(t, len(s1.DefaultTeamAdminRole)) 43 assert.NotZero(t, len(s1.DefaultTeamUserRole)) 44 assert.NotZero(t, len(s1.DefaultTeamGuestRole)) 45 assert.NotZero(t, len(s1.DefaultChannelAdminRole)) 46 assert.NotZero(t, len(s1.DefaultChannelUserRole)) 47 assert.NotZero(t, len(s1.DefaultChannelGuestRole)) 48 49 // Check the default roles have been created. 50 _, roleRes1 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole) 51 CheckNoError(t, roleRes1) 52 _, roleRes2 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole) 53 CheckNoError(t, roleRes2) 54 _, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 55 CheckNoError(t, roleRes3) 56 _, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 57 CheckNoError(t, roleRes4) 58 _, roleRes5 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamGuestRole) 59 CheckNoError(t, roleRes5) 60 _, roleRes6 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelGuestRole) 61 CheckNoError(t, roleRes6) 62 63 // Basic Test of a Channel scheme. 64 scheme2 := &model.Scheme{ 65 DisplayName: model.NewId(), 66 Name: model.NewId(), 67 Description: model.NewId(), 68 Scope: model.SCHEME_SCOPE_CHANNEL, 69 } 70 71 s2, r2 := th.SystemAdminClient.CreateScheme(scheme2) 72 CheckNoError(t, r2) 73 74 assert.Equal(t, s2.DisplayName, scheme2.DisplayName) 75 assert.Equal(t, s2.Name, scheme2.Name) 76 assert.Equal(t, s2.Description, scheme2.Description) 77 assert.NotZero(t, s2.CreateAt) 78 assert.Equal(t, s2.CreateAt, s2.UpdateAt) 79 assert.Zero(t, s2.DeleteAt) 80 assert.Equal(t, s2.Scope, scheme2.Scope) 81 assert.Zero(t, len(s2.DefaultTeamAdminRole)) 82 assert.Zero(t, len(s2.DefaultTeamUserRole)) 83 assert.Zero(t, len(s2.DefaultTeamGuestRole)) 84 assert.NotZero(t, len(s2.DefaultChannelAdminRole)) 85 assert.NotZero(t, len(s2.DefaultChannelUserRole)) 86 assert.NotZero(t, len(s2.DefaultChannelGuestRole)) 87 88 // Check the default roles have been created. 89 _, roleRes7 := th.SystemAdminClient.GetRoleByName(s2.DefaultChannelAdminRole) 90 CheckNoError(t, roleRes7) 91 _, roleRes8 := th.SystemAdminClient.GetRoleByName(s2.DefaultChannelUserRole) 92 CheckNoError(t, roleRes8) 93 _, roleRes9 := th.SystemAdminClient.GetRoleByName(s2.DefaultChannelGuestRole) 94 CheckNoError(t, roleRes9) 95 96 // Try and create a scheme with an invalid scope. 97 scheme3 := &model.Scheme{ 98 DisplayName: model.NewId(), 99 Name: model.NewId(), 100 Description: model.NewId(), 101 Scope: model.NewId(), 102 } 103 104 _, r3 := th.SystemAdminClient.CreateScheme(scheme3) 105 CheckBadRequestStatus(t, r3) 106 107 // Try and create a scheme with an invalid display name. 108 scheme4 := &model.Scheme{ 109 DisplayName: strings.Repeat(model.NewId(), 100), 110 Name: "Name", 111 Description: model.NewId(), 112 Scope: model.NewId(), 113 } 114 _, r4 := th.SystemAdminClient.CreateScheme(scheme4) 115 CheckBadRequestStatus(t, r4) 116 117 // Try and create a scheme with an invalid name. 118 scheme8 := &model.Scheme{ 119 DisplayName: "DisplayName", 120 Name: strings.Repeat(model.NewId(), 100), 121 Description: model.NewId(), 122 Scope: model.NewId(), 123 } 124 _, r8 := th.SystemAdminClient.CreateScheme(scheme8) 125 CheckBadRequestStatus(t, r8) 126 127 // Try and create a scheme without the appropriate permissions. 128 scheme5 := &model.Scheme{ 129 DisplayName: model.NewId(), 130 Name: model.NewId(), 131 Description: model.NewId(), 132 Scope: model.SCHEME_SCOPE_TEAM, 133 } 134 _, r5 := th.Client.CreateScheme(scheme5) 135 CheckForbiddenStatus(t, r5) 136 137 // Try and create a scheme without a license. 138 th.App.SetLicense(nil) 139 scheme6 := &model.Scheme{ 140 DisplayName: model.NewId(), 141 Name: model.NewId(), 142 Description: model.NewId(), 143 Scope: model.SCHEME_SCOPE_TEAM, 144 } 145 _, r6 := th.SystemAdminClient.CreateScheme(scheme6) 146 CheckNotImplementedStatus(t, r6) 147 148 th.App.SetPhase2PermissionsMigrationStatus(false) 149 150 th.LoginSystemAdmin() 151 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 152 153 scheme7 := &model.Scheme{ 154 DisplayName: model.NewId(), 155 Name: model.NewId(), 156 Description: model.NewId(), 157 Scope: model.SCHEME_SCOPE_TEAM, 158 } 159 _, r7 := th.SystemAdminClient.CreateScheme(scheme7) 160 CheckNotImplementedStatus(t, r7) 161 } 162 163 func TestGetScheme(t *testing.T) { 164 th := Setup().InitBasic() 165 defer th.TearDown() 166 167 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 168 169 // Basic test of creating a team scheme. 170 scheme1 := &model.Scheme{ 171 DisplayName: model.NewId(), 172 Name: model.NewId(), 173 Description: model.NewId(), 174 Scope: model.SCHEME_SCOPE_TEAM, 175 } 176 177 th.App.SetPhase2PermissionsMigrationStatus(true) 178 179 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 180 CheckNoError(t, r1) 181 182 assert.Equal(t, s1.DisplayName, scheme1.DisplayName) 183 assert.Equal(t, s1.Name, scheme1.Name) 184 assert.Equal(t, s1.Description, scheme1.Description) 185 assert.NotZero(t, s1.CreateAt) 186 assert.Equal(t, s1.CreateAt, s1.UpdateAt) 187 assert.Zero(t, s1.DeleteAt) 188 assert.Equal(t, s1.Scope, scheme1.Scope) 189 assert.NotZero(t, len(s1.DefaultTeamAdminRole)) 190 assert.NotZero(t, len(s1.DefaultTeamUserRole)) 191 assert.NotZero(t, len(s1.DefaultTeamGuestRole)) 192 assert.NotZero(t, len(s1.DefaultChannelAdminRole)) 193 assert.NotZero(t, len(s1.DefaultChannelUserRole)) 194 assert.NotZero(t, len(s1.DefaultChannelGuestRole)) 195 196 s2, r2 := th.SystemAdminClient.GetScheme(s1.Id) 197 CheckNoError(t, r2) 198 199 assert.Equal(t, s1, s2) 200 201 _, r3 := th.SystemAdminClient.GetScheme(model.NewId()) 202 CheckNotFoundStatus(t, r3) 203 204 _, r4 := th.SystemAdminClient.GetScheme("12345") 205 CheckBadRequestStatus(t, r4) 206 207 th.SystemAdminClient.Logout() 208 _, r5 := th.SystemAdminClient.GetScheme(s1.Id) 209 CheckUnauthorizedStatus(t, r5) 210 211 th.SystemAdminClient.Login(th.SystemAdminUser.Username, th.SystemAdminUser.Password) 212 th.App.SetLicense(nil) 213 _, r6 := th.SystemAdminClient.GetScheme(s1.Id) 214 CheckNoError(t, r6) 215 216 _, r7 := th.Client.GetScheme(s1.Id) 217 CheckForbiddenStatus(t, r7) 218 219 th.App.SetPhase2PermissionsMigrationStatus(false) 220 221 _, r8 := th.SystemAdminClient.GetScheme(s1.Id) 222 CheckNotImplementedStatus(t, r8) 223 } 224 225 func TestGetSchemes(t *testing.T) { 226 th := Setup().InitBasic() 227 defer th.TearDown() 228 229 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 230 231 scheme1 := &model.Scheme{ 232 DisplayName: model.NewId(), 233 Name: model.NewId(), 234 Description: model.NewId(), 235 Scope: model.SCHEME_SCOPE_TEAM, 236 } 237 238 scheme2 := &model.Scheme{ 239 DisplayName: model.NewId(), 240 Name: model.NewId(), 241 Description: model.NewId(), 242 Scope: model.SCHEME_SCOPE_CHANNEL, 243 } 244 245 th.App.SetPhase2PermissionsMigrationStatus(true) 246 247 _, r1 := th.SystemAdminClient.CreateScheme(scheme1) 248 CheckNoError(t, r1) 249 _, r2 := th.SystemAdminClient.CreateScheme(scheme2) 250 CheckNoError(t, r2) 251 252 l3, r3 := th.SystemAdminClient.GetSchemes("", 0, 100) 253 CheckNoError(t, r3) 254 255 assert.NotZero(t, len(l3)) 256 257 l4, r4 := th.SystemAdminClient.GetSchemes("team", 0, 100) 258 CheckNoError(t, r4) 259 260 for _, s := range l4 { 261 assert.Equal(t, "team", s.Scope) 262 } 263 264 l5, r5 := th.SystemAdminClient.GetSchemes("channel", 0, 100) 265 CheckNoError(t, r5) 266 267 for _, s := range l5 { 268 assert.Equal(t, "channel", s.Scope) 269 } 270 271 _, r6 := th.SystemAdminClient.GetSchemes("asdf", 0, 100) 272 CheckBadRequestStatus(t, r6) 273 274 th.Client.Logout() 275 _, r7 := th.Client.GetSchemes("", 0, 100) 276 CheckUnauthorizedStatus(t, r7) 277 278 th.Client.Login(th.BasicUser.Username, th.BasicUser.Password) 279 _, r8 := th.Client.GetSchemes("", 0, 100) 280 CheckForbiddenStatus(t, r8) 281 282 th.App.SetPhase2PermissionsMigrationStatus(false) 283 284 _, r9 := th.SystemAdminClient.GetSchemes("", 0, 100) 285 CheckNotImplementedStatus(t, r9) 286 } 287 288 func TestGetTeamsForScheme(t *testing.T) { 289 th := Setup().InitBasic() 290 defer th.TearDown() 291 292 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 293 294 th.App.SetPhase2PermissionsMigrationStatus(true) 295 296 scheme1 := &model.Scheme{ 297 DisplayName: model.NewId(), 298 Name: model.NewId(), 299 Description: model.NewId(), 300 Scope: model.SCHEME_SCOPE_TEAM, 301 } 302 scheme1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 303 CheckNoError(t, r1) 304 305 team1 := &model.Team{ 306 Name: GenerateTestUsername(), 307 DisplayName: "A Test Team", 308 Type: model.TEAM_OPEN, 309 } 310 311 team1, err := th.App.Srv.Store.Team().Save(team1) 312 require.Nil(t, err) 313 314 l2, r2 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100) 315 CheckNoError(t, r2) 316 assert.Zero(t, len(l2)) 317 318 team1.SchemeId = &scheme1.Id 319 team1, err = th.App.Srv.Store.Team().Update(team1) 320 assert.Nil(t, err) 321 322 l3, r3 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100) 323 CheckNoError(t, r3) 324 assert.Len(t, l3, 1) 325 assert.Equal(t, team1.Id, l3[0].Id) 326 327 team2 := &model.Team{ 328 Name: GenerateTestUsername(), 329 DisplayName: "B Test Team", 330 Type: model.TEAM_OPEN, 331 SchemeId: &scheme1.Id, 332 } 333 team2, err = th.App.Srv.Store.Team().Save(team2) 334 require.Nil(t, err) 335 336 l4, r4 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100) 337 CheckNoError(t, r4) 338 assert.Len(t, l4, 2) 339 assert.Equal(t, team1.Id, l4[0].Id) 340 assert.Equal(t, team2.Id, l4[1].Id) 341 342 l5, r5 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 1, 1) 343 CheckNoError(t, r5) 344 assert.Len(t, l5, 1) 345 assert.Equal(t, team2.Id, l5[0].Id) 346 347 // Check various error cases. 348 _, ri1 := th.SystemAdminClient.GetTeamsForScheme(model.NewId(), 0, 100) 349 CheckNotFoundStatus(t, ri1) 350 351 _, ri2 := th.SystemAdminClient.GetTeamsForScheme("", 0, 100) 352 CheckBadRequestStatus(t, ri2) 353 354 th.Client.Logout() 355 _, ri3 := th.Client.GetTeamsForScheme(model.NewId(), 0, 100) 356 CheckUnauthorizedStatus(t, ri3) 357 358 th.Client.Login(th.BasicUser.Username, th.BasicUser.Password) 359 _, ri4 := th.Client.GetTeamsForScheme(model.NewId(), 0, 100) 360 CheckForbiddenStatus(t, ri4) 361 362 scheme2 := &model.Scheme{ 363 DisplayName: model.NewId(), 364 Name: model.NewId(), 365 Description: model.NewId(), 366 Scope: model.SCHEME_SCOPE_CHANNEL, 367 } 368 scheme2, rs2 := th.SystemAdminClient.CreateScheme(scheme2) 369 CheckNoError(t, rs2) 370 371 _, ri5 := th.SystemAdminClient.GetTeamsForScheme(scheme2.Id, 0, 100) 372 CheckBadRequestStatus(t, ri5) 373 374 th.App.SetPhase2PermissionsMigrationStatus(false) 375 376 _, ri6 := th.SystemAdminClient.GetTeamsForScheme(scheme1.Id, 0, 100) 377 CheckNotImplementedStatus(t, ri6) 378 } 379 380 func TestGetChannelsForScheme(t *testing.T) { 381 th := Setup().InitBasic() 382 defer th.TearDown() 383 384 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 385 386 th.App.SetPhase2PermissionsMigrationStatus(true) 387 388 scheme1 := &model.Scheme{ 389 DisplayName: model.NewId(), 390 Name: model.NewId(), 391 Description: model.NewId(), 392 Scope: model.SCHEME_SCOPE_CHANNEL, 393 } 394 scheme1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 395 CheckNoError(t, r1) 396 397 channel1 := &model.Channel{ 398 TeamId: model.NewId(), 399 DisplayName: "A Name", 400 Name: model.NewId(), 401 Type: model.CHANNEL_OPEN, 402 } 403 404 channel1, errCh := th.App.Srv.Store.Channel().Save(channel1, 1000000) 405 assert.Nil(t, errCh) 406 407 l2, r2 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100) 408 CheckNoError(t, r2) 409 assert.Zero(t, len(l2)) 410 411 channel1.SchemeId = &scheme1.Id 412 channel1, err := th.App.Srv.Store.Channel().Update(channel1) 413 assert.Nil(t, err) 414 415 l3, r3 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100) 416 CheckNoError(t, r3) 417 assert.Len(t, l3, 1) 418 assert.Equal(t, channel1.Id, l3[0].Id) 419 420 channel2 := &model.Channel{ 421 TeamId: model.NewId(), 422 DisplayName: "B Name", 423 Name: model.NewId(), 424 Type: model.CHANNEL_OPEN, 425 SchemeId: &scheme1.Id, 426 } 427 channel2, err = th.App.Srv.Store.Channel().Save(channel2, 1000000) 428 assert.Nil(t, err) 429 430 l4, r4 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100) 431 CheckNoError(t, r4) 432 assert.Len(t, l4, 2) 433 assert.Equal(t, channel1.Id, l4[0].Id) 434 assert.Equal(t, channel2.Id, l4[1].Id) 435 436 l5, r5 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 1, 1) 437 CheckNoError(t, r5) 438 assert.Len(t, l5, 1) 439 assert.Equal(t, channel2.Id, l5[0].Id) 440 441 // Check various error cases. 442 _, ri1 := th.SystemAdminClient.GetChannelsForScheme(model.NewId(), 0, 100) 443 CheckNotFoundStatus(t, ri1) 444 445 _, ri2 := th.SystemAdminClient.GetChannelsForScheme("", 0, 100) 446 CheckBadRequestStatus(t, ri2) 447 448 th.Client.Logout() 449 _, ri3 := th.Client.GetChannelsForScheme(model.NewId(), 0, 100) 450 CheckUnauthorizedStatus(t, ri3) 451 452 th.Client.Login(th.BasicUser.Username, th.BasicUser.Password) 453 _, ri4 := th.Client.GetChannelsForScheme(model.NewId(), 0, 100) 454 CheckForbiddenStatus(t, ri4) 455 456 scheme2 := &model.Scheme{ 457 DisplayName: model.NewId(), 458 Name: model.NewId(), 459 Description: model.NewId(), 460 Scope: model.SCHEME_SCOPE_TEAM, 461 } 462 scheme2, rs2 := th.SystemAdminClient.CreateScheme(scheme2) 463 CheckNoError(t, rs2) 464 465 _, ri5 := th.SystemAdminClient.GetChannelsForScheme(scheme2.Id, 0, 100) 466 CheckBadRequestStatus(t, ri5) 467 468 th.App.SetPhase2PermissionsMigrationStatus(false) 469 470 _, ri6 := th.SystemAdminClient.GetChannelsForScheme(scheme1.Id, 0, 100) 471 CheckNotImplementedStatus(t, ri6) 472 } 473 474 func TestPatchScheme(t *testing.T) { 475 th := Setup().InitBasic() 476 defer th.TearDown() 477 478 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 479 480 th.App.SetPhase2PermissionsMigrationStatus(true) 481 482 // Basic test of creating a team scheme. 483 scheme1 := &model.Scheme{ 484 DisplayName: model.NewId(), 485 Name: model.NewId(), 486 Description: model.NewId(), 487 Scope: model.SCHEME_SCOPE_TEAM, 488 } 489 490 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 491 CheckNoError(t, r1) 492 493 assert.Equal(t, s1.DisplayName, scheme1.DisplayName) 494 assert.Equal(t, s1.Name, scheme1.Name) 495 assert.Equal(t, s1.Description, scheme1.Description) 496 assert.NotZero(t, s1.CreateAt) 497 assert.Equal(t, s1.CreateAt, s1.UpdateAt) 498 assert.Zero(t, s1.DeleteAt) 499 assert.Equal(t, s1.Scope, scheme1.Scope) 500 assert.NotZero(t, len(s1.DefaultTeamAdminRole)) 501 assert.NotZero(t, len(s1.DefaultTeamUserRole)) 502 assert.NotZero(t, len(s1.DefaultTeamGuestRole)) 503 assert.NotZero(t, len(s1.DefaultChannelAdminRole)) 504 assert.NotZero(t, len(s1.DefaultChannelUserRole)) 505 assert.NotZero(t, len(s1.DefaultChannelGuestRole)) 506 507 s2, r2 := th.SystemAdminClient.GetScheme(s1.Id) 508 CheckNoError(t, r2) 509 510 assert.Equal(t, s1, s2) 511 512 // Test with a valid patch. 513 schemePatch := &model.SchemePatch{ 514 DisplayName: new(string), 515 Name: new(string), 516 Description: new(string), 517 } 518 *schemePatch.DisplayName = model.NewId() 519 *schemePatch.Name = model.NewId() 520 *schemePatch.Description = model.NewId() 521 522 s3, r3 := th.SystemAdminClient.PatchScheme(s2.Id, schemePatch) 523 CheckNoError(t, r3) 524 assert.Equal(t, s3.Id, s2.Id) 525 assert.Equal(t, s3.DisplayName, *schemePatch.DisplayName) 526 assert.Equal(t, s3.Name, *schemePatch.Name) 527 assert.Equal(t, s3.Description, *schemePatch.Description) 528 529 s4, r4 := th.SystemAdminClient.GetScheme(s3.Id) 530 CheckNoError(t, r4) 531 assert.Equal(t, s3, s4) 532 533 // Test with a partial patch. 534 *schemePatch.Name = model.NewId() 535 *schemePatch.DisplayName = model.NewId() 536 schemePatch.Description = nil 537 538 s5, r5 := th.SystemAdminClient.PatchScheme(s4.Id, schemePatch) 539 CheckNoError(t, r5) 540 assert.Equal(t, s5.Id, s4.Id) 541 assert.Equal(t, s5.DisplayName, *schemePatch.DisplayName) 542 assert.Equal(t, s5.Name, *schemePatch.Name) 543 assert.Equal(t, s5.Description, s4.Description) 544 545 s6, r6 := th.SystemAdminClient.GetScheme(s5.Id) 546 CheckNoError(t, r6) 547 assert.Equal(t, s5, s6) 548 549 // Test with invalid patch. 550 *schemePatch.Name = strings.Repeat(model.NewId(), 20) 551 _, r7 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch) 552 CheckBadRequestStatus(t, r7) 553 554 // Test with unknown ID. 555 *schemePatch.Name = model.NewId() 556 _, r8 := th.SystemAdminClient.PatchScheme(model.NewId(), schemePatch) 557 CheckNotFoundStatus(t, r8) 558 559 // Test with invalid ID. 560 _, r9 := th.SystemAdminClient.PatchScheme("12345", schemePatch) 561 CheckBadRequestStatus(t, r9) 562 563 // Test without required permissions. 564 _, r10 := th.Client.PatchScheme(s6.Id, schemePatch) 565 CheckForbiddenStatus(t, r10) 566 567 // Test without license. 568 th.App.SetLicense(nil) 569 _, r11 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch) 570 CheckNotImplementedStatus(t, r11) 571 572 th.App.SetPhase2PermissionsMigrationStatus(false) 573 574 th.LoginSystemAdmin() 575 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 576 577 _, r12 := th.SystemAdminClient.PatchScheme(s6.Id, schemePatch) 578 CheckNotImplementedStatus(t, r12) 579 } 580 581 func TestDeleteScheme(t *testing.T) { 582 th := Setup().InitBasic() 583 defer th.TearDown() 584 585 t.Run("ValidTeamScheme", func(t *testing.T) { 586 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 587 588 th.App.SetPhase2PermissionsMigrationStatus(true) 589 590 // Create a team scheme. 591 scheme1 := &model.Scheme{ 592 DisplayName: model.NewId(), 593 Name: model.NewId(), 594 Description: model.NewId(), 595 Scope: model.SCHEME_SCOPE_TEAM, 596 } 597 598 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 599 CheckNoError(t, r1) 600 601 // Retrieve the roles and check they are not deleted. 602 role1, roleRes1 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole) 603 CheckNoError(t, roleRes1) 604 role2, roleRes2 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole) 605 CheckNoError(t, roleRes2) 606 role3, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 607 CheckNoError(t, roleRes3) 608 role4, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 609 CheckNoError(t, roleRes4) 610 role5, roleRes5 := th.SystemAdminClient.GetRoleByName(s1.DefaultTeamGuestRole) 611 CheckNoError(t, roleRes5) 612 role6, roleRes6 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelGuestRole) 613 CheckNoError(t, roleRes6) 614 615 assert.Zero(t, role1.DeleteAt) 616 assert.Zero(t, role2.DeleteAt) 617 assert.Zero(t, role3.DeleteAt) 618 assert.Zero(t, role4.DeleteAt) 619 assert.Zero(t, role5.DeleteAt) 620 assert.Zero(t, role6.DeleteAt) 621 622 // Make sure this scheme is in use by a team. 623 team, err := th.App.Srv.Store.Team().Save(&model.Team{ 624 Name: model.NewId(), 625 DisplayName: model.NewId(), 626 Email: model.NewId() + "@nowhere.com", 627 Type: model.TEAM_OPEN, 628 SchemeId: &s1.Id, 629 }) 630 require.Nil(t, err) 631 632 // Delete the Scheme. 633 _, r3 := th.SystemAdminClient.DeleteScheme(s1.Id) 634 CheckNoError(t, r3) 635 636 // Check the roles were deleted. 637 role1, roleRes1 = th.SystemAdminClient.GetRoleByName(s1.DefaultTeamAdminRole) 638 CheckNoError(t, roleRes1) 639 role2, roleRes2 = th.SystemAdminClient.GetRoleByName(s1.DefaultTeamUserRole) 640 CheckNoError(t, roleRes2) 641 role3, roleRes3 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 642 CheckNoError(t, roleRes3) 643 role4, roleRes4 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 644 CheckNoError(t, roleRes4) 645 role5, roleRes5 = th.SystemAdminClient.GetRoleByName(s1.DefaultTeamGuestRole) 646 CheckNoError(t, roleRes5) 647 role6, roleRes6 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelGuestRole) 648 CheckNoError(t, roleRes6) 649 650 assert.NotZero(t, role1.DeleteAt) 651 assert.NotZero(t, role2.DeleteAt) 652 assert.NotZero(t, role3.DeleteAt) 653 assert.NotZero(t, role4.DeleteAt) 654 assert.NotZero(t, role5.DeleteAt) 655 assert.NotZero(t, role6.DeleteAt) 656 657 // Check the team now uses the default scheme 658 c2, resp := th.SystemAdminClient.GetTeam(team.Id, "") 659 CheckNoError(t, resp) 660 assert.Equal(t, "", *c2.SchemeId) 661 }) 662 663 t.Run("ValidChannelScheme", func(t *testing.T) { 664 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 665 666 th.App.SetPhase2PermissionsMigrationStatus(true) 667 668 // Create a channel scheme. 669 scheme1 := &model.Scheme{ 670 DisplayName: model.NewId(), 671 Name: model.NewId(), 672 Description: model.NewId(), 673 Scope: model.SCHEME_SCOPE_CHANNEL, 674 } 675 676 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 677 CheckNoError(t, r1) 678 679 // Retrieve the roles and check they are not deleted. 680 role3, roleRes3 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 681 CheckNoError(t, roleRes3) 682 role4, roleRes4 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 683 CheckNoError(t, roleRes4) 684 role6, roleRes6 := th.SystemAdminClient.GetRoleByName(s1.DefaultChannelGuestRole) 685 CheckNoError(t, roleRes6) 686 687 assert.Zero(t, role3.DeleteAt) 688 assert.Zero(t, role4.DeleteAt) 689 assert.Zero(t, role6.DeleteAt) 690 691 // Make sure this scheme is in use by a team. 692 channel, err := th.App.Srv.Store.Channel().Save(&model.Channel{ 693 TeamId: model.NewId(), 694 DisplayName: model.NewId(), 695 Name: model.NewId(), 696 Type: model.CHANNEL_OPEN, 697 SchemeId: &s1.Id, 698 }, -1) 699 assert.Nil(t, err) 700 701 // Delete the Scheme. 702 _, r3 := th.SystemAdminClient.DeleteScheme(s1.Id) 703 CheckNoError(t, r3) 704 705 // Check the roles were deleted. 706 role3, roleRes3 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelAdminRole) 707 CheckNoError(t, roleRes3) 708 role4, roleRes4 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelUserRole) 709 CheckNoError(t, roleRes4) 710 role6, roleRes6 = th.SystemAdminClient.GetRoleByName(s1.DefaultChannelGuestRole) 711 CheckNoError(t, roleRes6) 712 713 assert.NotZero(t, role3.DeleteAt) 714 assert.NotZero(t, role4.DeleteAt) 715 assert.NotZero(t, role6.DeleteAt) 716 717 // Check the channel now uses the default scheme 718 c2, resp := th.SystemAdminClient.GetChannelByName(channel.Name, channel.TeamId, "") 719 CheckNoError(t, resp) 720 assert.Equal(t, "", *c2.SchemeId) 721 }) 722 723 t.Run("FailureCases", func(t *testing.T) { 724 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 725 726 th.App.SetPhase2PermissionsMigrationStatus(true) 727 728 scheme1 := &model.Scheme{ 729 DisplayName: model.NewId(), 730 Name: model.NewId(), 731 Description: model.NewId(), 732 Scope: model.SCHEME_SCOPE_CHANNEL, 733 } 734 735 s1, r1 := th.SystemAdminClient.CreateScheme(scheme1) 736 CheckNoError(t, r1) 737 738 // Test with unknown ID. 739 _, r2 := th.SystemAdminClient.DeleteScheme(model.NewId()) 740 CheckNotFoundStatus(t, r2) 741 742 // Test with invalid ID. 743 _, r3 := th.SystemAdminClient.DeleteScheme("12345") 744 CheckBadRequestStatus(t, r3) 745 746 // Test without required permissions. 747 _, r4 := th.Client.DeleteScheme(s1.Id) 748 CheckForbiddenStatus(t, r4) 749 750 // Test without license. 751 th.App.SetLicense(nil) 752 _, r5 := th.SystemAdminClient.DeleteScheme(s1.Id) 753 CheckNotImplementedStatus(t, r5) 754 755 th.App.SetPhase2PermissionsMigrationStatus(false) 756 757 th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes")) 758 759 _, r6 := th.SystemAdminClient.DeleteScheme(s1.Id) 760 CheckNotImplementedStatus(t, r6) 761 }) 762 }