APIv4: GET /teams/{team_id}/members (#5460)

* APIv4: GET /teams/{team_id}/members

* removed unecessary comment

* changed route to session required, and logout test to unauthorized

Signed-off-by: Saturnino Abril <saturnino.abril@gmail.com>

3 files changed, 90 insertions, 0 deletions

diff --git a/api4/team.go b/api4/team.go
index ed096e058..db42dc6b6 100644
--- a/api4/team.go
+++ b/api4/team.go
@@ -20,6 +20,7 @@ func InitTeam() {
 
 	BaseRoutes.Team.Handle("", ApiSessionRequired(getTeam)).Methods("GET")
 	BaseRoutes.Team.Handle("/stats", ApiSessionRequired(getTeamStats)).Methods("GET")
+	BaseRoutes.Team.Handle("/members", ApiSessionRequired(getTeamMembers)).Methods("GET")
 
 	BaseRoutes.TeamByName.Handle("", ApiSessionRequired(getTeamByName)).Methods("GET")
 	BaseRoutes.TeamMember.Handle("", ApiSessionRequired(getTeamMember)).Methods("GET")
@@ -122,6 +123,26 @@ func getTeamMember(c *Context, w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func getTeamMembers(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireTeamId()
+	if c.Err != nil {
+		return
+	}
+
+	if !app.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_VIEW_TEAM) {
+		c.SetPermissionError(model.PERMISSION_VIEW_TEAM)
+		return
+	}
+
+	if members, err := app.GetTeamMembers(c.Params.TeamId, c.Params.Page, c.Params.PerPage); err != nil {
+		c.Err = err
+		return
+	} else {
+		w.Write([]byte(model.TeamMembersToJson(members)))
+		return
+	}
+}
+
 func getTeamStats(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequireTeamId()
 	if c.Err != nil {
diff --git a/api4/team_test.go b/api4/team_test.go
index 8f0becaa7..327a8e16f 100644
--- a/api4/team_test.go
+++ b/api4/team_test.go
@@ -229,6 +229,60 @@ func TestGetTeamMember(t *testing.T) {
 	CheckNoError(t, resp)
 }
 
+func TestGetTeamMembers(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+	team := th.BasicTeam
+	userNotMember := th.CreateUser()
+
+	rmembers, resp := Client.GetTeamMembers(team.Id, 0, 100, "")
+	CheckNoError(t, resp)
+
+	t.Logf("rmembers count %v\n", len(rmembers))
+
+	if len(rmembers) == 0 {
+		t.Fatal("should have results")
+	}
+
+	for _, rmember := range rmembers {
+		if rmember.TeamId != team.Id || rmember.UserId == userNotMember.Id {
+			t.Fatal("user should be a member of team")
+		}
+	}
+
+	rmembers, resp = Client.GetTeamMembers(team.Id, 0, 1, "")
+	CheckNoError(t, resp)
+	if len(rmembers) != 1 {
+		t.Fatal("should be 1 per page")
+	}
+
+	rmembers, resp = Client.GetTeamMembers(team.Id, 1, 1, "")
+	CheckNoError(t, resp)
+	if len(rmembers) != 1 {
+		t.Fatal("should be 1 per page")
+	}
+
+	rmembers, resp = Client.GetTeamMembers(team.Id, 10000, 100, "")
+	CheckNoError(t, resp)
+	if len(rmembers) != 0 {
+		t.Fatal("should be no member")
+	}
+
+	_, resp = Client.GetTeamMembers("junk", 0, 100, "")
+	CheckBadRequestStatus(t, resp)
+
+	_, resp = Client.GetTeamMembers(model.NewId(), 0, 100, "")
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	rmembers, resp = Client.GetTeamMembers(team.Id, 0, 1, "")
+	CheckUnauthorizedStatus(t, resp)
+
+	rmembers, resp = th.SystemAdminClient.GetTeamMembers(team.Id, 0, 100, "")
+	CheckNoError(t, resp)
+}
+
 func TestGetTeamStats(t *testing.T) {
 	th := Setup().InitBasic().InitSystemAdmin()
 	defer TearDown()
diff --git a/model/client4.go b/model/client4.go
index fb0601a38..1e4ba86ac 100644
--- a/model/client4.go
+++ b/model/client4.go
@@ -85,6 +85,10 @@ func (c *Client4) GetTeamMemberRoute(teamId, userId string) string {
 	return fmt.Sprintf(c.GetTeamRoute(teamId)+"/members/%v", userId)
 }
 
+func (c *Client4) GetTeamMembersRoute(teamId string) string {
+	return fmt.Sprintf(c.GetTeamRoute(teamId) + "/members")
+}
+
 func (c *Client4) GetTeamStatsRoute(teamId string) string {
 	return fmt.Sprintf(c.GetTeamRoute(teamId) + "/stats")
 }
@@ -539,6 +543,17 @@ func (c *Client4) UpdateTeamMemberRoles(teamId, userId, newRoles string) (bool,
 	}
 }
 
+// GetTeamMembers returns team members based on the provided team id string.
+func (c *Client4) GetTeamMembers(teamId string, page int, perPage int, etag string) ([]*TeamMember, *Response) {
+	query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage)
+	if r, err := c.DoApiGet(c.GetTeamMembersRoute(teamId)+query, etag); err != nil {
+		return nil, &Response{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return TeamMembersFromJson(r.Body), BuildResponse(r)
+	}
+}
+
 // GetTeamStats returns a team stats based on the team id string.
 // Must be authenticated.
 func (c *Client4) GetTeamStats(teamId, etag string) (*TeamStats, *Response) {