github.com/xzl8028/xenia-server@v0.0.0-20190809101854-18450a97da63/api4/task_test.go.bak (about) 1 // Copyright (c) 2017-present Xenia, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "io/ioutil" 8 "strings" 9 "testing" 10 11 "github.com/xzl8028/xenia-server/model" 12 "github.com/stretchr/testify/require" 13 ) 14 15 // func TestCreateTask(t *testing.T) { 16 // t.Run("create task without permissions", func(t *testing.T) { 17 // th := Setup().InitBasic() 18 // defer th.TearDown() 19 20 // th.App.UpdateConfig(func(cfg *model.Config) { 21 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 22 // }) 23 24 // _, resp := th.Client.CreateTask(&model.Task{ 25 // Username: GenerateTestUsername(), 26 // DisplayName: "a task", 27 // Description: "task", 28 // }) 29 30 // CheckErrorMessage(t, resp, "api.context.permissions.app_error") 31 // }) 32 33 // t.Run("create task without config permissions", func(t *testing.T) { 34 // th := Setup().InitBasic() 35 // defer th.TearDown() 36 37 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 38 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 39 // th.App.Config().ServiceSettings.EnableTaskAccountCreation = model.NewBool(false) 40 41 // _, resp := th.Client.CreateTask(&model.Task{ 42 // Username: GenerateTestUsername(), 43 // DisplayName: "a task", 44 // Description: "task", 45 // }) 46 47 // CheckErrorMessage(t, resp, "api.task.create_disabled") 48 // }) 49 50 // t.Run("create task with permissions", func(t *testing.T) { 51 // th := Setup().InitBasic() 52 // defer th.TearDown() 53 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 54 55 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 56 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 57 // th.App.UpdateConfig(func(cfg *model.Config) { 58 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 59 // }) 60 61 // task := &model.Task{ 62 // Username: GenerateTestUsername(), 63 // DisplayName: "a task", 64 // Description: "task", 65 // } 66 67 // createdTask, resp := th.Client.CreateTask(task) 68 // CheckCreatedStatus(t, resp) 69 // defer th.App.PermanentDeleteTask(createdTask.UserId) 70 // require.Equal(t, task.Username, createdTask.Username) 71 // require.Equal(t, task.DisplayName, createdTask.DisplayName) 72 // require.Equal(t, task.Description, createdTask.Description) 73 // require.Equal(t, th.BasicUser.Id, createdTask.OwnerId) 74 // }) 75 76 // t.Run("create invalid task", func(t *testing.T) { 77 // th := Setup().InitBasic() 78 // defer th.TearDown() 79 80 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 81 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 82 // th.App.UpdateConfig(func(cfg *model.Config) { 83 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 84 // }) 85 86 // _, resp := th.Client.CreateTask(&model.Task{ 87 // Username: "username", 88 // DisplayName: "a task", 89 // Description: strings.Repeat("x", 1025), 90 // }) 91 92 // CheckErrorMessage(t, resp, "model.task.is_valid.description.app_error") 93 // }) 94 95 // t.Run("task attempt to create task fails", func(t *testing.T) { 96 // th := Setup().InitBasic() 97 // defer th.TearDown() 98 99 // th.App.UpdateConfig(func(cfg *model.Config) { 100 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 101 // }) 102 103 // th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableUserAccessTokens = true }) 104 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 105 // th.AddPermissionToRole(model.PERMISSION_EDIT_OTHER_USERS.Id, model.TEAM_USER_ROLE_ID) 106 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID+" "+model.SYSTEM_USER_ACCESS_TOKEN_ROLE_ID, false) 107 108 // task, resp := th.Client.CreateTask(&model.Task{ 109 // Username: GenerateTestUsername(), 110 // DisplayName: "a task", 111 // Description: "task", 112 // }) 113 // CheckCreatedStatus(t, resp) 114 // defer th.App.PermanentDeleteTask(task.UserId) 115 // th.App.UpdateUserRoles(task.UserId, model.TEAM_USER_ROLE_ID+" "+model.SYSTEM_USER_ACCESS_TOKEN_ROLE_ID, false) 116 117 // rtoken, resp := th.Client.CreateUserAccessToken(task.UserId, "test token") 118 // CheckNoError(t, resp) 119 // th.Client.AuthToken = rtoken.Token 120 121 // _, resp = th.Client.CreateTask(&model.Task{ 122 // Username: GenerateTestUsername(), 123 // OwnerId: task.UserId, 124 // DisplayName: "a task2", 125 // Description: "task2", 126 // }) 127 // CheckErrorMessage(t, resp, "api.context.permissions.app_error") 128 // }) 129 130 // } 131 132 // func TestPatchTask(t *testing.T) { 133 // t.Run("patch non-existent task", func(t *testing.T) { 134 // th := Setup().InitBasic() 135 // defer th.TearDown() 136 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 137 138 // _, resp := th.SystemAdminClient.PatchTask(model.NewId(), &model.TaskPatch{}) 139 // CheckNotFoundStatus(t, resp) 140 // }) 141 142 // t.Run("patch someone else's task without permission", func(t *testing.T) { 143 // th := Setup().InitBasic() 144 // defer th.TearDown() 145 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 146 147 // th.App.UpdateConfig(func(cfg *model.Config) { 148 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 149 // }) 150 151 // createdTask, resp := th.SystemAdminClient.CreateTask(&model.Task{ 152 // Username: GenerateTestUsername(), 153 // DisplayName: "a task", 154 // Description: "task", 155 // }) 156 // CheckCreatedStatus(t, resp) 157 // defer th.App.PermanentDeleteTask(createdTask.UserId) 158 159 // _, resp = th.Client.PatchTask(createdTask.UserId, &model.TaskPatch{}) 160 // CheckErrorMessage(t, resp, "store.sql_task.get.missing.app_error") 161 // }) 162 163 // t.Run("patch someone else's task without permission, but with read others permission", func(t *testing.T) { 164 // th := Setup().InitBasic() 165 // defer th.TearDown() 166 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 167 168 // th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 169 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 170 // th.App.UpdateConfig(func(cfg *model.Config) { 171 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 172 // }) 173 174 // createdTask, resp := th.SystemAdminClient.CreateTask(&model.Task{ 175 // Username: GenerateTestUsername(), 176 // DisplayName: "a task", 177 // Description: "task", 178 // }) 179 // CheckCreatedStatus(t, resp) 180 // defer th.App.PermanentDeleteTask(createdTask.UserId) 181 182 // _, resp = th.Client.PatchTask(createdTask.UserId, &model.TaskPatch{}) 183 // CheckErrorMessage(t, resp, "api.context.permissions.app_error") 184 // }) 185 186 // t.Run("patch someone else's task with permission", func(t *testing.T) { 187 // th := Setup().InitBasic() 188 // defer th.TearDown() 189 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 190 191 // th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 192 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 193 // th.App.UpdateConfig(func(cfg *model.Config) { 194 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 195 // }) 196 197 // createdTask, resp := th.SystemAdminClient.CreateTask(&model.Task{ 198 // Username: GenerateTestUsername(), 199 // DisplayName: "a task", 200 // Description: "task", 201 // }) 202 // CheckCreatedStatus(t, resp) 203 // defer th.App.PermanentDeleteTask(createdTask.UserId) 204 205 // taskPatch := &model.TaskPatch{ 206 // Username: sToP(GenerateTestUsername()), 207 // DisplayName: sToP("an updated task"), 208 // Description: sToP("updated task"), 209 // } 210 211 // patchedTask, resp := th.Client.PatchTask(createdTask.UserId, taskPatch) 212 // CheckOKStatus(t, resp) 213 // require.Equal(t, *taskPatch.Username, patchedTask.Username) 214 // require.Equal(t, *taskPatch.DisplayName, patchedTask.DisplayName) 215 // require.Equal(t, *taskPatch.Description, patchedTask.Description) 216 // require.Equal(t, th.SystemAdminUser.Id, patchedTask.OwnerId) 217 // }) 218 219 // t.Run("patch my task without permission", func(t *testing.T) { 220 // th := Setup().InitBasic() 221 // defer th.TearDown() 222 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 223 224 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 225 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 226 // th.App.UpdateConfig(func(cfg *model.Config) { 227 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 228 // }) 229 230 // createdTask, resp := th.Client.CreateTask(&model.Task{ 231 // Username: GenerateTestUsername(), 232 // DisplayName: "a task", 233 // Description: "task", 234 // }) 235 // CheckCreatedStatus(t, resp) 236 // defer th.App.PermanentDeleteTask(createdTask.UserId) 237 238 // taskPatch := &model.TaskPatch{ 239 // Username: sToP(GenerateTestUsername()), 240 // DisplayName: sToP("an updated task"), 241 // Description: sToP("updated task"), 242 // } 243 244 // _, resp = th.Client.PatchTask(createdTask.UserId, taskPatch) 245 // CheckErrorMessage(t, resp, "store.sql_task.get.missing.app_error") 246 // }) 247 248 // t.Run("patch my task without permission, but with read permission", func(t *testing.T) { 249 // th := Setup().InitBasic() 250 // defer th.TearDown() 251 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 252 253 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 254 // th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 255 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 256 // th.App.UpdateConfig(func(cfg *model.Config) { 257 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 258 // }) 259 260 // createdTask, resp := th.Client.CreateTask(&model.Task{ 261 // Username: GenerateTestUsername(), 262 // DisplayName: "a task", 263 // Description: "task", 264 // }) 265 // CheckCreatedStatus(t, resp) 266 // defer th.App.PermanentDeleteTask(createdTask.UserId) 267 268 // taskPatch := &model.TaskPatch{ 269 // Username: sToP(GenerateTestUsername()), 270 // DisplayName: sToP("an updated task"), 271 // Description: sToP("updated task"), 272 // } 273 274 // _, resp = th.Client.PatchTask(createdTask.UserId, taskPatch) 275 // CheckErrorMessage(t, resp, "api.context.permissions.app_error") 276 // }) 277 278 // t.Run("patch my task with permission", func(t *testing.T) { 279 // th := Setup().InitBasic() 280 // defer th.TearDown() 281 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 282 283 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 284 // th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.TEAM_USER_ROLE_ID) 285 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 286 // th.App.UpdateConfig(func(cfg *model.Config) { 287 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 288 // }) 289 290 // createdTask, resp := th.Client.CreateTask(&model.Task{ 291 // Username: GenerateTestUsername(), 292 // DisplayName: "a task", 293 // Description: "task", 294 // }) 295 // CheckCreatedStatus(t, resp) 296 // defer th.App.PermanentDeleteTask(createdTask.UserId) 297 298 // taskPatch := &model.TaskPatch{ 299 // Username: sToP(GenerateTestUsername()), 300 // DisplayName: sToP("an updated task"), 301 // Description: sToP("updated task"), 302 // } 303 304 // patchedTask, resp := th.Client.PatchTask(createdTask.UserId, taskPatch) 305 // CheckOKStatus(t, resp) 306 // require.Equal(t, *taskPatch.Username, patchedTask.Username) 307 // require.Equal(t, *taskPatch.DisplayName, patchedTask.DisplayName) 308 // require.Equal(t, *taskPatch.Description, patchedTask.Description) 309 // require.Equal(t, th.BasicUser.Id, patchedTask.OwnerId) 310 // }) 311 312 // t.Run("partial patch my task with permission", func(t *testing.T) { 313 // th := Setup().InitBasic() 314 // defer th.TearDown() 315 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 316 317 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 318 // th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.TEAM_USER_ROLE_ID) 319 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 320 // th.App.UpdateConfig(func(cfg *model.Config) { 321 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 322 // }) 323 324 // task := &model.Task{ 325 // Username: GenerateTestUsername(), 326 // DisplayName: "a task", 327 // Description: "task", 328 // } 329 330 // createdTask, resp := th.Client.CreateTask(task) 331 // CheckCreatedStatus(t, resp) 332 // defer th.App.PermanentDeleteTask(createdTask.UserId) 333 334 // taskPatch := &model.TaskPatch{ 335 // Username: sToP(GenerateTestUsername()), 336 // } 337 338 // patchedTask, resp := th.Client.PatchTask(createdTask.UserId, taskPatch) 339 // CheckOKStatus(t, resp) 340 // require.Equal(t, *taskPatch.Username, patchedTask.Username) 341 // require.Equal(t, task.DisplayName, patchedTask.DisplayName) 342 // require.Equal(t, task.Description, patchedTask.Description) 343 // require.Equal(t, th.BasicUser.Id, patchedTask.OwnerId) 344 // }) 345 346 // t.Run("update task, internally managed fields ignored", func(t *testing.T) { 347 // th := Setup().InitBasic() 348 // defer th.TearDown() 349 // defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 350 351 // th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 352 // th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.TEAM_USER_ROLE_ID) 353 // th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 354 // th.App.UpdateConfig(func(cfg *model.Config) { 355 // *cfg.ServiceSettings.EnableTaskAccountCreation = true 356 // }) 357 358 // createdTask, resp := th.Client.CreateTask(&model.Task{ 359 // Username: GenerateTestUsername(), 360 // DisplayName: "a task", 361 // Description: "task", 362 // }) 363 // CheckCreatedStatus(t, resp) 364 // defer th.App.PermanentDeleteTask(createdTask.UserId) 365 366 // r, err := th.Client.DoApiPut(th.Client.GetTaskRoute(createdTask.UserId), `{"creator_id":"`+th.BasicUser2.Id+`"}`) 367 // require.Nil(t, err) 368 // defer func() { 369 // _, _ = ioutil.ReadAll(r.Body) 370 // _ = r.Body.Close() 371 // }() 372 // patchedTask := model.TaskFromJson(r.Body) 373 // resp = model.BuildResponse(r) 374 // CheckOKStatus(t, resp) 375 376 // require.Equal(t, th.BasicUser.Id, patchedTask.OwnerId) 377 // }) 378 // } 379 380 func TestGetTask(t *testing.T) { 381 th := Setup().InitBasic() 382 defer th.TearDown() 383 384 th.App.UpdateConfig(func(cfg *model.Config) { 385 *cfg.ServiceSettings.EnableTaskAccountCreation = true 386 }) 387 388 task1, resp := th.SystemAdminClient.CreateTask(&model.Task{ 389 Username: GenerateTestUsername(), 390 DisplayName: "a task", 391 Description: "the first task", 392 }) 393 CheckCreatedStatus(t, resp) 394 defer th.App.PermanentDeleteTask(task1.UserId) 395 396 task2, resp := th.SystemAdminClient.CreateTask(&model.Task{ 397 Username: GenerateTestUsername(), 398 DisplayName: "another task", 399 Description: "the second task", 400 }) 401 CheckCreatedStatus(t, resp) 402 defer th.App.PermanentDeleteTask(task2.UserId) 403 404 deletedTask, resp := th.SystemAdminClient.CreateTask(&model.Task{ 405 Username: GenerateTestUsername(), 406 Description: "a deleted task", 407 }) 408 CheckCreatedStatus(t, resp) 409 defer th.App.PermanentDeleteTask(deletedTask.UserId) 410 deletedTask, resp = th.SystemAdminClient.DisableTask(deletedTask.UserId) 411 CheckOKStatus(t, resp) 412 413 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 414 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 415 th.App.UpdateConfig(func(cfg *model.Config) { 416 *cfg.ServiceSettings.EnableTaskAccountCreation = true 417 }) 418 419 myTask, resp := th.Client.CreateTask(&model.Task{ 420 Username: GenerateTestUsername(), 421 DisplayName: "my task", 422 Description: "a task created by non-admin", 423 }) 424 CheckCreatedStatus(t, resp) 425 defer th.App.PermanentDeleteTask(myTask.UserId) 426 th.RemovePermissionFromRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 427 428 t.Run("get unknown task", func(t *testing.T) { 429 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 430 431 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 432 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 433 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 434 435 _, resp := th.Client.GetTask(model.NewId(), "") 436 CheckNotFoundStatus(t, resp) 437 }) 438 439 t.Run("get task1", func(t *testing.T) { 440 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 441 442 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 443 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 444 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 445 446 task, resp := th.Client.GetTask(task1.UserId, "") 447 CheckOKStatus(t, resp) 448 require.Equal(t, task1, task) 449 450 task, resp = th.Client.GetTask(task1.UserId, task.Etag()) 451 CheckEtag(t, task, resp) 452 }) 453 454 t.Run("get task2", func(t *testing.T) { 455 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 456 457 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 458 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 459 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 460 461 task, resp := th.Client.GetTask(task2.UserId, "") 462 CheckOKStatus(t, resp) 463 require.Equal(t, task2, task) 464 465 task, resp = th.Client.GetTask(task2.UserId, task.Etag()) 466 CheckEtag(t, task, resp) 467 }) 468 469 t.Run("get task1 without READ_OTHERS_TASKS permission", func(t *testing.T) { 470 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 471 472 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 473 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 474 th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.TEAM_USER_ROLE_ID) 475 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 476 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 477 478 _, resp := th.Client.GetTask(task1.UserId, "") 479 CheckErrorMessage(t, resp, "store.sql_task.get.missing.app_error") 480 }) 481 482 t.Run("get myTask without READ_TASKS OR READ_OTHERS_TASKS permissions", func(t *testing.T) { 483 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 484 485 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 486 th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.TEAM_USER_ROLE_ID) 487 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 488 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 489 490 _, resp := th.Client.GetTask(myTask.UserId, "") 491 CheckErrorMessage(t, resp, "store.sql_task.get.missing.app_error") 492 }) 493 494 t.Run("get deleted task", func(t *testing.T) { 495 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 496 497 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 498 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 499 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 500 501 _, resp := th.Client.GetTask(deletedTask.UserId, "") 502 CheckNotFoundStatus(t, resp) 503 }) 504 505 t.Run("get deleted task, include deleted", func(t *testing.T) { 506 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 507 508 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 509 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 510 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 511 512 task, resp := th.Client.GetTaskIncludeDeleted(deletedTask.UserId, "") 513 CheckOKStatus(t, resp) 514 require.NotEqual(t, 0, task.DeleteAt) 515 deletedTask.UpdateAt = task.UpdateAt 516 deletedTask.DeleteAt = task.DeleteAt 517 require.Equal(t, deletedTask, task) 518 519 task, resp = th.Client.GetTaskIncludeDeleted(deletedTask.UserId, task.Etag()) 520 CheckEtag(t, task, resp) 521 }) 522 } 523 524 func TestGetTasks(t *testing.T) { 525 th := Setup().InitBasic() 526 defer th.TearDown() 527 528 th.App.UpdateConfig(func(cfg *model.Config) { 529 *cfg.ServiceSettings.EnableTaskAccountCreation = true 530 }) 531 532 task1, resp := th.SystemAdminClient.CreateTask(&model.Task{ 533 Username: GenerateTestUsername(), 534 DisplayName: "a task", 535 Description: "the first task", 536 }) 537 CheckCreatedStatus(t, resp) 538 defer th.App.PermanentDeleteTask(task1.UserId) 539 540 deletedTask1, resp := th.SystemAdminClient.CreateTask(&model.Task{ 541 Username: GenerateTestUsername(), 542 Description: "a deleted task", 543 }) 544 CheckCreatedStatus(t, resp) 545 defer th.App.PermanentDeleteTask(deletedTask1.UserId) 546 deletedTask1, resp = th.SystemAdminClient.DisableTask(deletedTask1.UserId) 547 CheckOKStatus(t, resp) 548 549 task2, resp := th.SystemAdminClient.CreateTask(&model.Task{ 550 Username: GenerateTestUsername(), 551 DisplayName: "another task", 552 Description: "the second task", 553 }) 554 CheckCreatedStatus(t, resp) 555 defer th.App.PermanentDeleteTask(task2.UserId) 556 557 task3, resp := th.SystemAdminClient.CreateTask(&model.Task{ 558 Username: GenerateTestUsername(), 559 DisplayName: "another task", 560 Description: "the third task", 561 }) 562 CheckCreatedStatus(t, resp) 563 defer th.App.PermanentDeleteTask(task3.UserId) 564 565 deletedTask2, resp := th.SystemAdminClient.CreateTask(&model.Task{ 566 Username: GenerateTestUsername(), 567 Description: "a deleted task", 568 }) 569 CheckCreatedStatus(t, resp) 570 defer th.App.PermanentDeleteTask(deletedTask2.UserId) 571 deletedTask2, resp = th.SystemAdminClient.DisableTask(deletedTask2.UserId) 572 CheckOKStatus(t, resp) 573 574 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 575 th.App.UpdateUserRoles(th.BasicUser2.Id, model.TEAM_USER_ROLE_ID, false) 576 th.LoginBasic2() 577 orphanedTask, resp := th.Client.CreateTask(&model.Task{ 578 Username: GenerateTestUsername(), 579 Description: "an oprphaned task", 580 }) 581 CheckCreatedStatus(t, resp) 582 th.LoginBasic() 583 defer th.App.PermanentDeleteTask(orphanedTask.UserId) 584 // Automatic deactivation disabled 585 th.App.UpdateConfig(func(cfg *model.Config) { 586 *cfg.ServiceSettings.DisableTasksWhenOwnerIsDeactivated = false 587 }) 588 _, resp = th.SystemAdminClient.DeleteUser(th.BasicUser2.Id) 589 CheckOKStatus(t, resp) 590 591 t.Run("get tasks, page=0, perPage=10", func(t *testing.T) { 592 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 593 594 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 595 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 596 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 597 598 tasks, resp := th.Client.GetTasks(0, 10, "") 599 CheckOKStatus(t, resp) 600 require.Equal(t, []*model.Task{task1, task2, task3, orphanedTask}, tasks) 601 602 taskList := model.TaskList(tasks) 603 tasks, resp = th.Client.GetTasks(0, 10, taskList.Etag()) 604 CheckEtag(t, tasks, resp) 605 }) 606 607 t.Run("get tasks, page=0, perPage=1", func(t *testing.T) { 608 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 609 610 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 611 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 612 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 613 614 tasks, resp := th.Client.GetTasks(0, 1, "") 615 CheckOKStatus(t, resp) 616 require.Equal(t, []*model.Task{task1}, tasks) 617 618 taskList := model.TaskList(tasks) 619 tasks, resp = th.Client.GetTasks(0, 1, taskList.Etag()) 620 CheckEtag(t, tasks, resp) 621 }) 622 623 t.Run("get tasks, page=1, perPage=2", func(t *testing.T) { 624 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 625 626 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 627 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 628 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 629 630 tasks, resp := th.Client.GetTasks(1, 2, "") 631 CheckOKStatus(t, resp) 632 require.Equal(t, []*model.Task{task3, orphanedTask}, tasks) 633 634 taskList := model.TaskList(tasks) 635 tasks, resp = th.Client.GetTasks(1, 2, taskList.Etag()) 636 CheckEtag(t, tasks, resp) 637 }) 638 639 t.Run("get tasks, page=2, perPage=2", func(t *testing.T) { 640 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 641 642 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 643 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 644 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 645 646 tasks, resp := th.Client.GetTasks(2, 2, "") 647 CheckOKStatus(t, resp) 648 require.Equal(t, []*model.Task{}, tasks) 649 650 taskList := model.TaskList(tasks) 651 tasks, resp = th.Client.GetTasks(2, 2, taskList.Etag()) 652 CheckEtag(t, tasks, resp) 653 }) 654 655 t.Run("get tasks, page=0, perPage=10, include deleted", func(t *testing.T) { 656 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 657 658 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 659 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 660 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 661 662 tasks, resp := th.Client.GetTasksIncludeDeleted(0, 10, "") 663 CheckOKStatus(t, resp) 664 require.Equal(t, []*model.Task{task1, deletedTask1, task2, task3, deletedTask2, orphanedTask}, tasks) 665 666 taskList := model.TaskList(tasks) 667 tasks, resp = th.Client.GetTasksIncludeDeleted(0, 10, taskList.Etag()) 668 CheckEtag(t, tasks, resp) 669 }) 670 671 t.Run("get tasks, page=0, perPage=1, include deleted", func(t *testing.T) { 672 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 673 674 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 675 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 676 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 677 678 tasks, resp := th.Client.GetTasksIncludeDeleted(0, 1, "") 679 CheckOKStatus(t, resp) 680 require.Equal(t, []*model.Task{task1}, tasks) 681 682 taskList := model.TaskList(tasks) 683 tasks, resp = th.Client.GetTasksIncludeDeleted(0, 1, taskList.Etag()) 684 CheckEtag(t, tasks, resp) 685 }) 686 687 t.Run("get tasks, page=1, perPage=2, include deleted", func(t *testing.T) { 688 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 689 690 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 691 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 692 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 693 694 tasks, resp := th.Client.GetTasksIncludeDeleted(1, 2, "") 695 CheckOKStatus(t, resp) 696 require.Equal(t, []*model.Task{task2, task3}, tasks) 697 698 taskList := model.TaskList(tasks) 699 tasks, resp = th.Client.GetTasksIncludeDeleted(1, 2, taskList.Etag()) 700 CheckEtag(t, tasks, resp) 701 }) 702 703 t.Run("get tasks, page=2, perPage=2, include deleted", func(t *testing.T) { 704 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 705 706 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 707 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 708 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 709 710 tasks, resp := th.Client.GetTasksIncludeDeleted(2, 2, "") 711 CheckOKStatus(t, resp) 712 require.Equal(t, []*model.Task{deletedTask2, orphanedTask}, tasks) 713 714 taskList := model.TaskList(tasks) 715 tasks, resp = th.Client.GetTasksIncludeDeleted(2, 2, taskList.Etag()) 716 CheckEtag(t, tasks, resp) 717 }) 718 719 t.Run("get tasks, page=0, perPage=10, only orphaned", func(t *testing.T) { 720 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 721 722 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 723 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 724 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 725 726 tasks, resp := th.Client.GetTasksOrphaned(0, 10, "") 727 CheckOKStatus(t, resp) 728 require.Equal(t, []*model.Task{orphanedTask}, tasks) 729 730 taskList := model.TaskList(tasks) 731 tasks, resp = th.Client.GetTasksOrphaned(0, 10, taskList.Etag()) 732 CheckEtag(t, tasks, resp) 733 }) 734 735 t.Run("get tasks without permission", func(t *testing.T) { 736 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 737 738 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 739 th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.TEAM_USER_ROLE_ID) 740 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_TASKS.Id, model.TEAM_USER_ROLE_ID) 741 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 742 743 _, resp := th.Client.GetTasks(0, 10, "") 744 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 745 }) 746 } 747 748 func TestDisableTask(t *testing.T) { 749 t.Run("disable non-existent task", func(t *testing.T) { 750 th := Setup().InitBasic() 751 defer th.TearDown() 752 753 _, resp := th.Client.DisableTask(model.NewId()) 754 CheckNotFoundStatus(t, resp) 755 }) 756 757 t.Run("disable task without permission", func(t *testing.T) { 758 th := Setup().InitBasic() 759 defer th.TearDown() 760 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 761 762 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 763 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 764 th.App.UpdateConfig(func(cfg *model.Config) { 765 *cfg.ServiceSettings.EnableTaskAccountCreation = true 766 }) 767 768 task := &model.Task{ 769 Username: GenerateTestUsername(), 770 Description: "task", 771 } 772 773 createdTask, resp := th.Client.CreateTask(task) 774 CheckCreatedStatus(t, resp) 775 defer th.App.PermanentDeleteTask(createdTask.UserId) 776 777 _, resp = th.Client.DisableTask(createdTask.UserId) 778 CheckErrorMessage(t, resp, "store.sql_task.get.missing.app_error") 779 }) 780 781 t.Run("disable task without permission, but with read permission", func(t *testing.T) { 782 th := Setup().InitBasic() 783 defer th.TearDown() 784 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 785 786 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 787 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 788 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 789 th.App.UpdateConfig(func(cfg *model.Config) { 790 *cfg.ServiceSettings.EnableTaskAccountCreation = true 791 }) 792 793 task := &model.Task{ 794 Username: GenerateTestUsername(), 795 Description: "task", 796 } 797 798 createdTask, resp := th.Client.CreateTask(task) 799 CheckCreatedStatus(t, resp) 800 defer th.App.PermanentDeleteTask(createdTask.UserId) 801 802 _, resp = th.Client.DisableTask(createdTask.UserId) 803 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 804 }) 805 806 t.Run("disable task with permission", func(t *testing.T) { 807 th := Setup().InitBasic() 808 defer th.TearDown() 809 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 810 811 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 812 th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.TEAM_USER_ROLE_ID) 813 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 814 th.App.UpdateConfig(func(cfg *model.Config) { 815 *cfg.ServiceSettings.EnableTaskAccountCreation = true 816 }) 817 818 task, resp := th.Client.CreateTask(&model.Task{ 819 Username: GenerateTestUsername(), 820 Description: "task", 821 }) 822 CheckCreatedStatus(t, resp) 823 defer th.App.PermanentDeleteTask(task.UserId) 824 825 enabledTask1, resp := th.Client.DisableTask(task.UserId) 826 CheckOKStatus(t, resp) 827 task.UpdateAt = enabledTask1.UpdateAt 828 task.DeleteAt = enabledTask1.DeleteAt 829 require.Equal(t, task, enabledTask1) 830 831 // Check task disabled 832 disab, resp := th.SystemAdminClient.GetTaskIncludeDeleted(task.UserId, "") 833 CheckOKStatus(t, resp) 834 require.NotZero(t, disab.DeleteAt) 835 836 // Disabling should be idempotent. 837 enabledTask2, resp := th.Client.DisableTask(task.UserId) 838 CheckOKStatus(t, resp) 839 require.Equal(t, task, enabledTask2) 840 }) 841 } 842 func TestEnableTask(t *testing.T) { 843 t.Run("enable non-existent task", func(t *testing.T) { 844 th := Setup().InitBasic() 845 defer th.TearDown() 846 847 _, resp := th.Client.EnableTask(model.NewId()) 848 CheckNotFoundStatus(t, resp) 849 }) 850 851 t.Run("enable task without permission", func(t *testing.T) { 852 th := Setup().InitBasic() 853 defer th.TearDown() 854 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 855 856 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 857 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 858 th.App.UpdateConfig(func(cfg *model.Config) { 859 *cfg.ServiceSettings.EnableTaskAccountCreation = true 860 }) 861 862 task := &model.Task{ 863 Username: GenerateTestUsername(), 864 Description: "task", 865 } 866 867 createdTask, resp := th.Client.CreateTask(task) 868 CheckCreatedStatus(t, resp) 869 defer th.App.PermanentDeleteTask(createdTask.UserId) 870 871 _, resp = th.SystemAdminClient.DisableTask(createdTask.UserId) 872 CheckOKStatus(t, resp) 873 874 _, resp = th.Client.EnableTask(createdTask.UserId) 875 CheckErrorMessage(t, resp, "store.sql_task.get.missing.app_error") 876 }) 877 878 t.Run("enable task without permission, but with read permission", func(t *testing.T) { 879 th := Setup().InitBasic() 880 defer th.TearDown() 881 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 882 883 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 884 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.TEAM_USER_ROLE_ID) 885 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 886 th.App.UpdateConfig(func(cfg *model.Config) { 887 *cfg.ServiceSettings.EnableTaskAccountCreation = true 888 }) 889 890 task := &model.Task{ 891 Username: GenerateTestUsername(), 892 Description: "task", 893 } 894 895 createdTask, resp := th.Client.CreateTask(task) 896 CheckCreatedStatus(t, resp) 897 defer th.App.PermanentDeleteTask(createdTask.UserId) 898 899 _, resp = th.SystemAdminClient.DisableTask(createdTask.UserId) 900 CheckOKStatus(t, resp) 901 902 _, resp = th.Client.EnableTask(createdTask.UserId) 903 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 904 }) 905 906 t.Run("enable task with permission", func(t *testing.T) { 907 th := Setup().InitBasic() 908 defer th.TearDown() 909 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 910 911 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.TEAM_USER_ROLE_ID) 912 th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.TEAM_USER_ROLE_ID) 913 th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false) 914 th.App.UpdateConfig(func(cfg *model.Config) { 915 *cfg.ServiceSettings.EnableTaskAccountCreation = true 916 }) 917 918 task, resp := th.Client.CreateTask(&model.Task{ 919 Username: GenerateTestUsername(), 920 Description: "task", 921 }) 922 CheckCreatedStatus(t, resp) 923 defer th.App.PermanentDeleteTask(task.UserId) 924 925 _, resp = th.SystemAdminClient.DisableTask(task.UserId) 926 CheckOKStatus(t, resp) 927 928 enabledTask1, resp := th.Client.EnableTask(task.UserId) 929 CheckOKStatus(t, resp) 930 task.UpdateAt = enabledTask1.UpdateAt 931 task.DeleteAt = enabledTask1.DeleteAt 932 require.Equal(t, task, enabledTask1) 933 934 // Check task enabled 935 enab, resp := th.SystemAdminClient.GetTaskIncludeDeleted(task.UserId, "") 936 CheckOKStatus(t, resp) 937 require.Zero(t, enab.DeleteAt) 938 939 // Disabling should be idempotent. 940 enabledTask2, resp := th.Client.EnableTask(task.UserId) 941 CheckOKStatus(t, resp) 942 require.Equal(t, task, enabledTask2) 943 }) 944 } 945 946 func TestAssignTask(t *testing.T) { 947 th := Setup().InitBasic() 948 defer th.TearDown() 949 950 t.Run("claim non-existent task", func(t *testing.T) { 951 _, resp := th.SystemAdminClient.AssignTask(model.NewId(), model.NewId()) 952 CheckNotFoundStatus(t, resp) 953 }) 954 955 t.Run("system admin assign task", func(t *testing.T) { 956 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 957 958 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.SYSTEM_USER_ROLE_ID) 959 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 960 th.App.UpdateConfig(func(cfg *model.Config) { 961 *cfg.ServiceSettings.EnableTaskAccountCreation = true 962 }) 963 964 task := &model.Task{ 965 Username: GenerateTestUsername(), 966 Description: "task", 967 } 968 task, resp := th.Client.CreateTask(task) 969 CheckCreatedStatus(t, resp) 970 defer th.App.PermanentDeleteTask(task.UserId) 971 972 before, resp := th.Client.GetTask(task.UserId, "") 973 CheckOKStatus(t, resp) 974 require.Equal(t, th.BasicUser.Id, before.OwnerId) 975 976 _, resp = th.SystemAdminClient.AssignTask(task.UserId, th.SystemAdminUser.Id) 977 CheckOKStatus(t, resp) 978 979 // Original owner doesn't have read others tasks permission, therefore can't see task anymore 980 _, resp = th.Client.GetTask(task.UserId, "") 981 CheckNotFoundStatus(t, resp) 982 983 // System admin can see creator ID has changed 984 after, resp := th.SystemAdminClient.GetTask(task.UserId, "") 985 CheckOKStatus(t, resp) 986 require.Equal(t, th.SystemAdminUser.Id, after.OwnerId) 987 988 // Assign back to user without permissions to manage 989 _, resp = th.SystemAdminClient.AssignTask(task.UserId, th.BasicUser.Id) 990 CheckOKStatus(t, resp) 991 992 after, resp = th.SystemAdminClient.GetTask(task.UserId, "") 993 CheckOKStatus(t, resp) 994 require.Equal(t, th.BasicUser.Id, after.OwnerId) 995 }) 996 997 t.Run("random user assign task", func(t *testing.T) { 998 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 999 1000 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.SYSTEM_USER_ROLE_ID) 1001 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1002 th.App.UpdateConfig(func(cfg *model.Config) { 1003 *cfg.ServiceSettings.EnableTaskAccountCreation = true 1004 }) 1005 1006 task := &model.Task{ 1007 Username: GenerateTestUsername(), 1008 Description: "task", 1009 } 1010 createdTask, resp := th.Client.CreateTask(task) 1011 CheckCreatedStatus(t, resp) 1012 defer th.App.PermanentDeleteTask(createdTask.UserId) 1013 1014 th.LoginBasic2() 1015 1016 // Without permission to read others tasks it doesn't exist 1017 _, resp = th.Client.AssignTask(createdTask.UserId, th.BasicUser2.Id) 1018 CheckErrorMessage(t, resp, "store.sql_task.get.missing.app_error") 1019 1020 // With permissions to read we don't have permissions to modify 1021 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1022 _, resp = th.Client.AssignTask(createdTask.UserId, th.BasicUser2.Id) 1023 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 1024 1025 th.LoginBasic() 1026 }) 1027 1028 t.Run("delegated user assign task", func(t *testing.T) { 1029 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 1030 1031 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.SYSTEM_USER_ROLE_ID) 1032 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1033 th.App.UpdateConfig(func(cfg *model.Config) { 1034 *cfg.ServiceSettings.EnableTaskAccountCreation = true 1035 }) 1036 1037 task := &model.Task{ 1038 Username: GenerateTestUsername(), 1039 Description: "task", 1040 } 1041 task, resp := th.Client.CreateTask(task) 1042 CheckCreatedStatus(t, resp) 1043 defer th.App.PermanentDeleteTask(task.UserId) 1044 1045 // Simulate custom role by just changing the system user role 1046 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.SYSTEM_USER_ROLE_ID) 1047 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1048 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1049 th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1050 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1051 th.LoginBasic2() 1052 1053 _, resp = th.Client.AssignTask(task.UserId, th.BasicUser2.Id) 1054 CheckOKStatus(t, resp) 1055 1056 after, resp := th.SystemAdminClient.GetTask(task.UserId, "") 1057 CheckOKStatus(t, resp) 1058 require.Equal(t, th.BasicUser2.Id, after.OwnerId) 1059 }) 1060 1061 t.Run("task assigned to task fails", func(t *testing.T) { 1062 defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions()) 1063 1064 th.AddPermissionToRole(model.PERMISSION_CREATE_TASK.Id, model.SYSTEM_USER_ROLE_ID) 1065 th.AddPermissionToRole(model.PERMISSION_READ_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1066 th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1067 th.AddPermissionToRole(model.PERMISSION_MANAGE_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1068 th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_TASKS.Id, model.SYSTEM_USER_ROLE_ID) 1069 1070 task := &model.Task{ 1071 Username: GenerateTestUsername(), 1072 Description: "task", 1073 } 1074 task, resp := th.Client.CreateTask(task) 1075 CheckCreatedStatus(t, resp) 1076 defer th.App.PermanentDeleteTask(task.UserId) 1077 1078 task2, resp := th.Client.CreateTask(&model.Task{ 1079 Username: GenerateTestUsername(), 1080 DisplayName: "a task", 1081 Description: "task", 1082 }) 1083 1084 CheckCreatedStatus(t, resp) 1085 defer th.App.PermanentDeleteTask(task2.UserId) 1086 1087 _, resp = th.Client.AssignTask(task.UserId, task2.UserId) 1088 CheckErrorMessage(t, resp, "api.context.permissions.app_error") 1089 1090 }) 1091 } 1092 1093 func sToP(s string) *string { 1094 return &s 1095 }