MM-10264: Adds CLI command to import and export permissions. (#8787)

* MM-10264: Adds CLI command to import and export permissions. * MM-10264: Changes Scheme Name to DisplayName and adds Name slug field. * MM-10264: Changes display name max size. * MM-10264: Another merge fix. * MM-10264: Changes for more Schemes methods checking for migration. * MM-10264: More updates for Schemes migration checking.
author: Martin Kraft <mkraft@users.noreply.github.com> 2018-05-17 11:37:00 -0400
committer: GitHub <noreply@github.com> 2018-05-17 11:37:00 -0400
commit: e0390632b3c941670671d968b8828bcefbf71581 (patch)
tree: d4eb82a217aa45c5be8a3afb2fc1d2d7ed5d6b37
parent: 463065c8ba4b4aece7fd9b7764ba917df3e73292 (diff)
download: chat-e0390632b3c941670671d968b8828bcefbf71581.tar.gz
chat-e0390632b3c941670671d968b8828bcefbf71581.tar.bz2
chat-e0390632b3c941670671d968b8828bcefbf71581.zip
14 files changed, 670 insertions, 14 deletions
diff --git a/api4/channel_test.go b/api4/channel_test.go
index 551a1a484..f871e66ea 100644
--- a/api4/channel_test.go
+++ b/api4/channel_test.go
@@ -1924,13 +1924,15 @@ func TestUpdateChannelScheme(t *testing.T) {
 	channel, _ = th.SystemAdminClient.CreateChannel(channel)
 
 	channelScheme := &model.Scheme{
-		Name:        "Name",
+		DisplayName: "DisplayName",
+		Name:        model.NewId(),
 		Description: "Some description",
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
 	}
 	channelScheme, _ = th.SystemAdminClient.CreateScheme(channelScheme)
 	teamScheme := &model.Scheme{
-		Name:        "Name",
+		DisplayName: "DisplayName",
+		Name:        model.NewId(),
 		Description: "Some description",
 		Scope:       model.SCHEME_SCOPE_TEAM,
 	}
diff --git a/api4/scheme_test.go b/api4/scheme_test.go
index 9e5ed1aca..461b03421 100644
--- a/api4/scheme_test.go
+++ b/api4/scheme_test.go
@@ -25,6 +25,7 @@ func TestCreateScheme(t *testing.T) {
 
 	// Basic test of creating a team scheme.
 	scheme1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -33,6 +34,7 @@ func TestCreateScheme(t *testing.T) {
 	s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
 	CheckNoError(t, r1)
 
+	assert.Equal(t, s1.DisplayName, scheme1.DisplayName)
 	assert.Equal(t, s1.Name, scheme1.Name)
 	assert.Equal(t, s1.Description, scheme1.Description)
 	assert.NotZero(t, s1.CreateAt)
@@ -56,6 +58,7 @@ func TestCreateScheme(t *testing.T) {
 
 	// Basic Test of a Channel scheme.
 	scheme2 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
@@ -64,6 +67,7 @@ func TestCreateScheme(t *testing.T) {
 	s2, r2 := th.SystemAdminClient.CreateScheme(scheme2)
 	CheckNoError(t, r2)
 
+	assert.Equal(t, s2.DisplayName, scheme2.DisplayName)
 	assert.Equal(t, s2.Name, scheme2.Name)
 	assert.Equal(t, s2.Description, scheme2.Description)
 	assert.NotZero(t, s2.CreateAt)
@@ -83,6 +87,7 @@ func TestCreateScheme(t *testing.T) {
 
 	// Try and create a scheme with an invalid scope.
 	scheme3 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.NewId(),
@@ -91,17 +96,29 @@ func TestCreateScheme(t *testing.T) {
 	_, r3 := th.SystemAdminClient.CreateScheme(scheme3)
 	CheckBadRequestStatus(t, r3)
 
-	// Try and create a scheme with an invalid name.
+	// Try and create a scheme with an invalid display name.
 	scheme4 := &model.Scheme{
-		Name:        strings.Repeat(model.NewId(), 100),
+		DisplayName: strings.Repeat(model.NewId(), 100),
+		Name:        "Name",
 		Description: model.NewId(),
 		Scope:       model.NewId(),
 	}
 	_, r4 := th.SystemAdminClient.CreateScheme(scheme4)
 	CheckBadRequestStatus(t, r4)
 
+	// Try and create a scheme with an invalid name.
+	scheme8 := &model.Scheme{
+		DisplayName: "DisplayName",
+		Name:        strings.Repeat(model.NewId(), 100),
+		Description: model.NewId(),
+		Scope:       model.NewId(),
+	}
+	_, r8 := th.SystemAdminClient.CreateScheme(scheme8)
+	CheckBadRequestStatus(t, r8)
+
 	// Try and create a scheme without the appropriate permissions.
 	scheme5 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -112,6 +129,7 @@ func TestCreateScheme(t *testing.T) {
 	// Try and create a scheme without a license.
 	th.App.SetLicense(nil)
 	scheme6 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -127,6 +145,7 @@ func TestCreateScheme(t *testing.T) {
 	th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
 
 	scheme7 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -143,6 +162,7 @@ func TestGetScheme(t *testing.T) {
 
 	// Basic test of creating a team scheme.
 	scheme1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -155,6 +175,7 @@ func TestGetScheme(t *testing.T) {
 	s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
 	CheckNoError(t, r1)
 
+	assert.Equal(t, s1.DisplayName, scheme1.DisplayName)
 	assert.Equal(t, s1.Name, scheme1.Name)
 	assert.Equal(t, s1.Description, scheme1.Description)
 	assert.NotZero(t, s1.CreateAt)
@@ -204,12 +225,14 @@ func TestGetSchemes(t *testing.T) {
 	th.App.SetLicense(model.NewTestLicense("custom_permissions_schemes"))
 
 	scheme1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
 	}
 
 	scheme2 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
@@ -273,6 +296,7 @@ func TestGetTeamsForScheme(t *testing.T) {
 	assert.Nil(t, res.Err)
 
 	scheme1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -341,6 +365,7 @@ func TestGetTeamsForScheme(t *testing.T) {
 	CheckForbiddenStatus(t, ri4)
 
 	scheme2 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
@@ -370,6 +395,7 @@ func TestGetChannelsForScheme(t *testing.T) {
 	assert.Nil(t, res.Err)
 
 	scheme1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
@@ -440,6 +466,7 @@ func TestGetChannelsForScheme(t *testing.T) {
 	CheckForbiddenStatus(t, ri4)
 
 	scheme2 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -471,6 +498,7 @@ func TestPatchScheme(t *testing.T) {
 
 	// Basic test of creating a team scheme.
 	scheme1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -479,6 +507,7 @@ func TestPatchScheme(t *testing.T) {
 	s1, r1 := th.SystemAdminClient.CreateScheme(scheme1)
 	CheckNoError(t, r1)
 
+	assert.Equal(t, s1.DisplayName, scheme1.DisplayName)
 	assert.Equal(t, s1.Name, scheme1.Name)
 	assert.Equal(t, s1.Description, scheme1.Description)
 	assert.NotZero(t, s1.CreateAt)
@@ -497,15 +526,18 @@ func TestPatchScheme(t *testing.T) {
 
 	// Test with a valid patch.
 	schemePatch := &model.SchemePatch{
+		DisplayName: new(string),
 		Name:        new(string),
 		Description: new(string),
 	}
+	*schemePatch.DisplayName = model.NewId()
 	*schemePatch.Name = model.NewId()
 	*schemePatch.Description = model.NewId()
 
 	s3, r3 := th.SystemAdminClient.PatchScheme(s2.Id, schemePatch)
 	CheckNoError(t, r3)
 	assert.Equal(t, s3.Id, s2.Id)
+	assert.Equal(t, s3.DisplayName, *schemePatch.DisplayName)
 	assert.Equal(t, s3.Name, *schemePatch.Name)
 	assert.Equal(t, s3.Description, *schemePatch.Description)
 
@@ -515,11 +547,13 @@ func TestPatchScheme(t *testing.T) {
 
 	// Test with a partial patch.
 	*schemePatch.Name = model.NewId()
+	*schemePatch.DisplayName = model.NewId()
 	schemePatch.Description = nil
 
 	s5, r5 := th.SystemAdminClient.PatchScheme(s4.Id, schemePatch)
 	CheckNoError(t, r5)
 	assert.Equal(t, s5.Id, s4.Id)
+	assert.Equal(t, s5.DisplayName, *schemePatch.DisplayName)
 	assert.Equal(t, s5.Name, *schemePatch.Name)
 	assert.Equal(t, s5.Description, s4.Description)
 
@@ -581,6 +615,7 @@ func TestDeleteScheme(t *testing.T) {
 
 		// Create a team scheme.
 		scheme1 := &model.Scheme{
+			DisplayName: model.NewId(),
 			Name:        model.NewId(),
 			Description: model.NewId(),
 			Scope:       model.SCHEME_SCOPE_TEAM,
@@ -656,6 +691,7 @@ func TestDeleteScheme(t *testing.T) {
 
 		// Create a channel scheme.
 		scheme1 := &model.Scheme{
+			DisplayName: model.NewId(),
 			Name:        model.NewId(),
 			Description: model.NewId(),
 			Scope:       model.SCHEME_SCOPE_CHANNEL,
@@ -712,6 +748,7 @@ func TestDeleteScheme(t *testing.T) {
 		assert.Nil(t, res.Err)
 
 		scheme1 := &model.Scheme{
+			DisplayName: model.NewId(),
 			Name:        model.NewId(),
 			Description: model.NewId(),
 			Scope:       model.SCHEME_SCOPE_CHANNEL,
diff --git a/api4/team_test.go b/api4/team_test.go
index 45d8e8f08..a3f4af0cf 100644
--- a/api4/team_test.go
+++ b/api4/team_test.go
@@ -2083,13 +2083,15 @@ func TestUpdateTeamScheme(t *testing.T) {
 	team, _ = th.SystemAdminClient.CreateTeam(team)
 
 	teamScheme := &model.Scheme{
-		Name:        "Name",
+		DisplayName: "DisplayName",
+		Name:        model.NewId(),
 		Description: "Some description",
 		Scope:       model.SCHEME_SCOPE_TEAM,
 	}
 	teamScheme, _ = th.SystemAdminClient.CreateScheme(teamScheme)
 	channelScheme := &model.Scheme{
-		Name:        "Name",
+		DisplayName: "DisplayName",
+		Name:        model.NewId(),
 		Description: "Some description",
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
 	}
diff --git a/app/apptestlib.go b/app/apptestlib.go
index b245ddabf..ffd1da055 100644
--- a/app/apptestlib.go
+++ b/app/apptestlib.go
@@ -316,6 +316,40 @@ func (me *TestHelper) AddUserToChannel(user *model.User, channel *model.Channel)
 	return member
 }
 
+func (me *TestHelper) CreateScheme() (*model.Scheme, []*model.Role) {
+	utils.DisableDebugLogForTest()
+
+	scheme, err := me.App.CreateScheme(&model.Scheme{
+		DisplayName: "Test Scheme Display Name",
+		Name:        model.NewId(),
+		Description: "Test scheme description",
+		Scope:       model.SCHEME_SCOPE_TEAM,
+	})
+	if err != nil {
+		panic(err)
+	}
+
+	roleIDs := []string{
+		scheme.DefaultTeamAdminRole,
+		scheme.DefaultTeamUserRole,
+		scheme.DefaultChannelAdminRole,
+		scheme.DefaultChannelUserRole,
+	}
+
+	var roles []*model.Role
+	for _, roleID := range roleIDs {
+		role, err := me.App.GetRole(roleID)
+		if err != nil {
+			panic(err)
+		}
+		roles = append(roles, role)
+	}
+
+	utils.EnableDebugLogForTest()
+
+	return scheme, roles
+}
+
 func (me *TestHelper) TearDown() {
 	me.App.Shutdown()
 	os.Remove(me.tempConfigPath)
diff --git a/app/permissions.go b/app/permissions.go
index 75aa2ecf9..70b8cc689 100644
--- a/app/permissions.go
+++ b/app/permissions.go
@@ -4,9 +4,17 @@
 package app
 
 import (
+	"bufio"
+	"encoding/json"
+	"fmt"
+	"io"
+
 	"github.com/mattermost/mattermost-server/model"
+	"github.com/pkg/errors"
 )
 
+const permissionsExportBatchSize = 100
+
 func (a *App) ResetPermissionsSystem() *model.AppError {
 	// Reset all Teams to not have a scheme.
 	if result := <-a.Srv.Store.Team().ResetAllTeamSchemes(); result.Err != nil {
@@ -38,3 +46,138 @@ func (a *App) ResetPermissionsSystem() *model.AppError {
 
 	return nil
 }
+
+func (a *App) ExportPermissions(w io.Writer) error {
+
+	next := a.SchemesIterator(permissionsExportBatchSize)
+	var schemeBatch []*model.Scheme
+
+	for schemeBatch = next(); len(schemeBatch) > 0; schemeBatch = next() {
+
+		for _, scheme := range schemeBatch {
+
+			roleIDs := []string{
+				scheme.DefaultTeamAdminRole,
+				scheme.DefaultTeamUserRole,
+				scheme.DefaultChannelAdminRole,
+				scheme.DefaultChannelUserRole,
+			}
+
+			roles := []*model.Role{}
+			for _, roleID := range roleIDs {
+				if len(roleID) == 0 {
+					continue
+				}
+				role, err := a.GetRole(roleID)
+				if err != nil {
+					return err
+				}
+				roles = append(roles, role)
+			}
+
+			schemeExport, err := json.Marshal(&model.SchemeConveyor{
+				Name:         scheme.Name,
+				DisplayName:  scheme.DisplayName,
+				Description:  scheme.Description,
+				Scope:        scheme.Scope,
+				TeamAdmin:    scheme.DefaultTeamAdminRole,
+				TeamUser:     scheme.DefaultTeamUserRole,
+				ChannelAdmin: scheme.DefaultChannelAdminRole,
+				ChannelUser:  scheme.DefaultChannelUserRole,
+				Roles:        roles,
+			})
+			if err != nil {
+				return err
+			}
+
+			schemeExport = append(schemeExport, []byte("\n")...)
+
+			_, err = w.Write(schemeExport)
+			if err != nil {
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+func (a *App) ImportPermissions(jsonl io.Reader) error {
+	createdSchemeIDs := []string{}
+
+	scanner := bufio.NewScanner(jsonl)
+
+	for scanner.Scan() {
+		var schemeConveyor *model.SchemeConveyor
+		err := json.Unmarshal(scanner.Bytes(), &schemeConveyor)
+		if err != nil {
+			return err
+		}
+
+		// Create the new Scheme. The new Roles are created automatically.
+		var appErr *model.AppError
+		schemeCreated, appErr := a.CreateScheme(schemeConveyor.Scheme())
+		if appErr != nil {
+			return errors.New(appErr.Message)
+		}
+		createdSchemeIDs = append(createdSchemeIDs, schemeCreated.Id)
+
+		schemeIn := schemeConveyor.Scheme()
+		roleIDTuples := [][]string{
+			{schemeCreated.DefaultTeamAdminRole, schemeIn.DefaultTeamAdminRole},
+			{schemeCreated.DefaultTeamUserRole, schemeIn.DefaultTeamUserRole},
+			{schemeCreated.DefaultChannelAdminRole, schemeIn.DefaultChannelAdminRole},
+			{schemeCreated.DefaultChannelUserRole, schemeIn.DefaultChannelUserRole},
+		}
+		for _, roleIDTuple := range roleIDTuples {
+			if len(roleIDTuple[0]) == 0 || len(roleIDTuple[1]) == 0 {
+				continue
+			}
+
+			err = updateRole(a, schemeConveyor, roleIDTuple[0], roleIDTuple[1])
+			if err != nil {
+				// Delete the new Schemes. The new Roles are deleted automatically.
+				for _, schemeID := range createdSchemeIDs {
+					a.DeleteScheme(schemeID)
+				}
+				return err
+			}
+		}
+	}
+
+	if err := scanner.Err(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func updateRole(a *App, sc *model.SchemeConveyor, roleCreatedID, defaultRoleID string) error {
+	var err *model.AppError
+
+	roleCreated, err := a.GetRole(roleCreatedID)
+	if err != nil {
+		return errors.New(err.Message)
+	}
+
+	var roleIn *model.Role
+	for _, role := range sc.Roles {
+		if role.Id == defaultRoleID {
+			roleIn = role
+			break
+		}
+	}
+
+	roleCreated.Name = roleIn.Name
+	roleCreated.DisplayName = roleIn.DisplayName
+	roleCreated.Description = roleIn.Description
+	roleCreated.Permissions = roleIn.Permissions
+
+	_, err = a.UpdateRole(roleCreated)
+	if err != nil {
+		return errors.New(fmt.Sprintf("%v: %v\n", err.Message, err.DetailedError))
+	}
+
+	return nil
+}
diff --git a/app/permissions_test.go b/app/permissions_test.go
new file mode 100644
index 000000000..575e21429
--- /dev/null
+++ b/app/permissions_test.go
@@ -0,0 +1,253 @@
+package app
+
+import (
+	"encoding/json"
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/mattermost/mattermost-server/model"
+)
+
+type testWriter struct {
+	write func(p []byte) (int, error)
+}
+
+func (tw testWriter) Write(p []byte) (int, error) {
+	return tw.write(p)
+}
+
+func TestExportPermissions(t *testing.T) {
+	th := Setup().InitBasic()
+	defer th.TearDown()
+
+	var scheme *model.Scheme
+	var roles []*model.Role
+	withMigrationMarkedComplete(th, func() {
+		scheme, roles = th.CreateScheme()
+	})
+
+	results := [][]byte{}
+
+	tw := testWriter{
+		write: func(p []byte) (int, error) {
+			results = append(results, p)
+			return len(p), nil
+		},
+	}
+
+	err := th.App.ExportPermissions(tw)
+	if err != nil {
+		t.Error(err)
+	}
+
+	if len(results) == 0 {
+		t.Error("Expected export to have returned something.")
+	}
+
+	firstResult := results[0]
+
+	var row map[string]interface{}
+	err = json.Unmarshal(firstResult, &row)
+	if err != nil {
+		t.Error(err)
+	}
+
+	getRoleByID := func(id string) string {
+		for _, role := range roles {
+			if role.Id == id {
+				return role.Id
+			}
+		}
+		return ""
+	}
+
+	expectations := map[string]func(str string) string{
+		scheme.DisplayName:             func(str string) string { return row["display_name"].(string) },
+		scheme.Name:                    func(str string) string { return row["name"].(string) },
+		scheme.Description:             func(str string) string { return row["description"].(string) },
+		scheme.Scope:                   func(str string) string { return row["scope"].(string) },
+		scheme.DefaultTeamAdminRole:    func(str string) string { return getRoleByID(str) },
+		scheme.DefaultTeamUserRole:     func(str string) string { return getRoleByID(str) },
+		scheme.DefaultChannelAdminRole: func(str string) string { return getRoleByID(str) },
+		scheme.DefaultChannelUserRole:  func(str string) string { return getRoleByID(str) },
+	}
+
+	for key, valF := range expectations {
+		expected := key
+		actual := valF(key)
+		if actual != expected {
+			t.Errorf("Expected %v but got %v.", expected, actual)
+		}
+	}
+
+}
+
+func TestImportPermissions(t *testing.T) {
+	th := Setup().InitBasic()
+	defer th.TearDown()
+
+	name := model.NewId()
+	displayName := model.NewId()
+	description := "my test description"
+	scope := model.SCHEME_SCOPE_CHANNEL
+	roleName1 := model.NewId()
+	roleName2 := model.NewId()
+
+	var results []*model.Scheme
+	var beforeCount int
+	withMigrationMarkedComplete(th, func() {
+
+		var appErr *model.AppError
+		results, appErr = th.App.GetSchemes(scope, 0, 100)
+		if appErr != nil {
+			panic(appErr)
+		}
+		beforeCount = len(results)
+
+		json := fmt.Sprintf(`{"display_name":"%v","name":"%v","description":"%v","scope":"%v","default_team_admin_role":"","default_team_user_role":"","default_channel_admin_role":"yzfx3g9xjjfw8cqo6bpn33xr7o","default_channel_user_role":"a7s3cp4n33dfxbsrmyh9djao3a","roles":[{"id":"yzfx3g9xjjfw8cqo6bpn33xr7o","name":"%v","display_name":"Channel Admin Role for Scheme my_scheme_1526475590","description":"","create_at":1526475589687,"update_at":1526475589687,"delete_at":0,"permissions":["manage_channel_roles"],"scheme_managed":true,"built_in":false},{"id":"a7s3cp4n33dfxbsrmyh9djao3a","name":"%v","display_name":"Channel User Role for Scheme my_scheme_1526475590","description":"","create_at":1526475589688,"update_at":1526475589688,"delete_at":0,"permissions":["read_channel","add_reaction","remove_reaction","manage_public_channel_members","upload_file","get_public_link","create_post","use_slash_commands","manage_private_channel_members","delete_post","edit_post"],"scheme_managed":true,"built_in":false}]}`, displayName, name, description, scope, roleName1, roleName2)
+		r := strings.NewReader(json)
+
+		err := th.App.ImportPermissions(r)
+		if err != nil {
+			t.Error(err)
+		}
+		results, appErr = th.App.GetSchemes(scope, 0, 100)
+		if appErr != nil {
+			panic(appErr)
+		}
+
+	})
+
+	actual := len(results)
+	expected := beforeCount + 1
+	if actual != expected {
+		t.Errorf("Expected %v roles but got %v.", expected, actual)
+	}
+
+	newScheme := results[0]
+
+	channelAdminRole, appErr := th.App.GetRole(newScheme.DefaultChannelAdminRole)
+	if appErr != nil {
+		t.Error(appErr)
+	}
+
+	channelUserRole, appErr := th.App.GetRole(newScheme.DefaultChannelUserRole)
+	if appErr != nil {
+		t.Error(appErr)
+	}
+
+	expectations := map[string]string{
+		newScheme.DisplayName:          displayName,
+		newScheme.Name:                 name,
+		newScheme.Description:          description,
+		newScheme.Scope:                scope,
+		newScheme.DefaultTeamAdminRole: "",
+		newScheme.DefaultTeamUserRole:  "",
+		channelAdminRole.Name:          roleName1,
+		channelUserRole.Name:           roleName2,
+	}
+
+	for actual, expected := range expectations {
+		if actual != expected {
+			t.Errorf("Expected %v but got %v.", expected, actual)
+		}
+	}
+
+}
+
+func TestImportPermissions_idempotentScheme(t *testing.T) {
+	th := Setup().InitBasic()
+	defer th.TearDown()
+
+	name := model.NewId()
+	displayName := model.NewId()
+	description := "my test description"
+	scope := model.SCHEME_SCOPE_CHANNEL
+	roleName1 := model.NewId()
+	roleName2 := model.NewId()
+
+	json := fmt.Sprintf(`{"display_name":"%v","name":"%v","description":"%v","scope":"%v","default_team_admin_role":"","default_team_user_role":"","default_channel_admin_role":"yzfx3g9xjjfw8cqo6bpn33xr7o","default_channel_user_role":"a7s3cp4n33dfxbsrmyh9djao3a","roles":[{"id":"yzfx3g9xjjfw8cqo6bpn33xr7o","name":"%v","display_name":"Channel Admin Role for Scheme my_scheme_1526475590","description":"","create_at":1526475589687,"update_at":1526475589687,"delete_at":0,"permissions":["manage_channel_roles"],"scheme_managed":true,"built_in":false},{"id":"a7s3cp4n33dfxbsrmyh9djao3a","name":"%v","display_name":"Channel User Role for Scheme my_scheme_1526475590","description":"","create_at":1526475589688,"update_at":1526475589688,"delete_at":0,"permissions":["read_channel","add_reaction","remove_reaction","manage_public_channel_members","upload_file","get_public_link","create_post","use_slash_commands","manage_private_channel_members","delete_post","edit_post"],"scheme_managed":true,"built_in":false}]}`, displayName, name, description, scope, roleName1, roleName2)
+	jsonl := strings.Repeat(json+"\n", 4)
+	r := strings.NewReader(jsonl)
+
+	var results []*model.Scheme
+	var expected int
+	withMigrationMarkedComplete(th, func() {
+		var appErr *model.AppError
+		results, appErr = th.App.GetSchemes(model.SCHEME_SCOPE_CHANNEL, 0, 100)
+		if appErr != nil {
+			panic(appErr)
+		}
+		expected = len(results) + 1
+
+		err := th.App.ImportPermissions(r)
+		if err == nil {
+			t.Error(err)
+		}
+
+		results, appErr = th.App.GetSchemes(model.SCHEME_SCOPE_CHANNEL, 0, 100)
+		if appErr != nil {
+			panic(appErr)
+		}
+	})
+	actual := len(results)
+
+	if expected != actual {
+		t.Errorf("Expected count to be %v but got %v", expected, actual)
+	}
+
+}
+
+func TestImportPermissions_schemeDeletedOnRoleFailure(t *testing.T) {
+	th := Setup().InitBasic()
+	defer th.TearDown()
+
+	name := model.NewId()
+	displayName := model.NewId()
+	description := "my test description"
+	scope := model.SCHEME_SCOPE_CHANNEL
+	roleName1 := model.NewId()
+	roleName2 := "some invalid role name"
+
+	jsonl := fmt.Sprintf(`{"display_name":"%v","name":"%v","description":"%v","scope":"%v","default_team_admin_role":"","default_team_user_role":"","default_channel_admin_role":"yzfx3g9xjjfw8cqo6bpn33xr7o","default_channel_user_role":"a7s3cp4n33dfxbsrmyh9djao3a","roles":[{"id":"yzfx3g9xjjfw8cqo6bpn33xr7o","name":"%v","display_name":"Channel Admin Role for Scheme my_scheme_1526475590","description":"","create_at":1526475589687,"update_at":1526475589687,"delete_at":0,"permissions":["manage_channel_roles"],"scheme_managed":true,"built_in":false},{"id":"a7s3cp4n33dfxbsrmyh9djao3a","name":"%v","display_name":"Channel User Role for Scheme my_scheme_1526475590","description":"","create_at":1526475589688,"update_at":1526475589688,"delete_at":0,"permissions":["read_channel","add_reaction","remove_reaction","manage_public_channel_members","upload_file","get_public_link","create_post","use_slash_commands","manage_private_channel_members","delete_post","edit_post"],"scheme_managed":true,"built_in":false}]}`, displayName, name, description, scope, roleName1, roleName2)
+	r := strings.NewReader(jsonl)
+
+	var results []*model.Scheme
+	var expected int
+	withMigrationMarkedComplete(th, func() {
+		var appErr *model.AppError
+		results, appErr = th.App.GetSchemes(model.SCHEME_SCOPE_CHANNEL, 0, 100)
+		if appErr != nil {
+			panic(appErr)
+		}
+		expected = len(results)
+
+		err := th.App.ImportPermissions(r)
+		if err == nil {
+			t.Error(err)
+		}
+
+		results, appErr = th.App.GetSchemes(model.SCHEME_SCOPE_CHANNEL, 0, 100)
+		if appErr != nil {
+			panic(appErr)
+		}
+	})
+	actual := len(results)
+
+	if expected != actual {
+		t.Errorf("Expected count to be %v but got %v", expected, actual)
+	}
+
+}
+
+func withMigrationMarkedComplete(th *TestHelper, f func()) {
+	// Mark the migration as done.
+	<-th.App.Srv.Store.System().PermanentDeleteByName(model.MIGRATION_KEY_ADVANCED_PERMISSIONS_PHASE_2)
+	<-th.App.Srv.Store.System().Save(&model.System{Name: model.MIGRATION_KEY_ADVANCED_PERMISSIONS_PHASE_2, Value: "true"})
+	// Un-mark the migration at the end of the test.
+	defer func() {
+		<-th.App.Srv.Store.System().PermanentDeleteByName(model.MIGRATION_KEY_ADVANCED_PERMISSIONS_PHASE_2)
+	}()
+	f()
+}
diff --git a/app/scheme.go b/app/scheme.go
index f1dc256b2..c44690954 100644
--- a/app/scheme.go
+++ b/app/scheme.go
@@ -4,8 +4,10 @@
 package app
 
 import (
-	"github.com/mattermost/mattermost-server/model"
 	"net/http"
+
+	"github.com/mattermost/mattermost-server/model"
+	"github.com/mattermost/mattermost-server/store"
 )
 
 func (a *App) GetScheme(id string) (*model.Scheme, *model.AppError) {
@@ -146,3 +148,15 @@ func (a *App) IsPhase2MigrationCompleted() *model.AppError {
 
 	return nil
 }
+
+func (a *App) SchemesIterator(batchSize int) func() []*model.Scheme {
+	offset := 0
+	return func() []*model.Scheme {
+		var result store.StoreResult
+		if result = <-a.Srv.Store.Scheme().GetAllPage("", offset, batchSize); result.Err != nil {
+			return []*model.Scheme{}
+		}
+		offset += batchSize
+		return result.Data.([]*model.Scheme)
+	}
+}
diff --git a/cmd/commands/permissions.go b/cmd/commands/permissions.go
index 33c255a31..e8f862547 100644
--- a/cmd/commands/permissions.go
+++ b/cmd/commands/permissions.go
@@ -6,10 +6,12 @@ package commands
 import (
 	"errors"
 	"fmt"
+	"os"
 
 	"github.com/spf13/cobra"
 
 	"github.com/mattermost/mattermost-server/cmd"
+	"github.com/mattermost/mattermost-server/utils"
 )
 
 var PermissionsCmd = &cobra.Command{
@@ -25,11 +27,32 @@ var ResetPermissionsCmd = &cobra.Command{
 	RunE:    resetPermissionsCmdF,
 }
 
+var ExportPermissionsCmd = &cobra.Command{
+	Use:     "export",
+	Short:   "Export permissions data",
+	Long:    "Export Roles and Schemes to JSONL for use by Mattermost permissions import.",
+	Example: " permissions export > export.jsonl",
+	RunE:    exportPermissionsCmdF,
+	PreRun: func(cmd *cobra.Command, args []string) {
+		os.Setenv("MM_LOGSETTINGS_CONSOLELEVEL", "error")
+	},
+}
+
+var ImportPermissionsCmd = &cobra.Command{
+	Use:     "import [file]",
+	Short:   "Import permissions data",
+	Long:    "Import Roles and Schemes JSONL data as created by the Mattermost permissions export.",
+	Example: " permissions import export.jsonl",
+	RunE:    importPermissionsCmdF,
+}
+
 func init() {
 	ResetPermissionsCmd.Flags().Bool("confirm", false, "Confirm you really want to reset the permissions system and a database backup has been performed.")
 
 	PermissionsCmd.AddCommand(
 		ResetPermissionsCmd,
+		ExportPermissionsCmd,
+		ImportPermissionsCmd,
 	)
 	cmd.RootCmd.AddCommand(PermissionsCmd)
 }
@@ -64,3 +87,45 @@ func resetPermissionsCmdF(command *cobra.Command, args []string) error {
 
 	return nil
 }
+
+func exportPermissionsCmdF(command *cobra.Command, args []string) error {
+	a, err := cmd.InitDBCommandContextCobra(command)
+	if err != nil {
+		return err
+	}
+	defer a.Shutdown()
+
+	if license := a.License(); license == nil {
+		return errors.New(utils.T("cli.license.critical"))
+	}
+
+	if err = a.ExportPermissions(os.Stdout); err != nil {
+		return errors.New(err.Error())
+	}
+
+	return nil
+}
+
+func importPermissionsCmdF(command *cobra.Command, args []string) error {
+	a, err := cmd.InitDBCommandContextCobra(command)
+	if err != nil {
+		return err
+	}
+	defer a.Shutdown()
+
+	if license := a.License(); license == nil {
+		return errors.New(utils.T("cli.license.critical"))
+	}
+
+	file, err := os.Open(args[0])
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	if err := a.ImportPermissions(file); err != nil {
+		return err
+	}
+
+	return nil
+}
diff --git a/cmd/commands/permissions_test.go b/cmd/commands/permissions_test.go
new file mode 100644
index 000000000..eeaa17109
--- /dev/null
+++ b/cmd/commands/permissions_test.go
@@ -0,0 +1,40 @@
+// Copyright (c) 2018-present Mattermost, Inc. All Rights Reserved.
+// See License.txt for license information.
+
+package commands
+
+import (
+	"os"
+	"os/exec"
+	"strings"
+	"testing"
+
+	"github.com/mattermost/mattermost-server/api4"
+	"github.com/mattermost/mattermost-server/utils"
+)
+
+func TestPermissionsExport_rejectsUnlicensed(t *testing.T) {
+	permissionsLicenseRequiredTest(t, "export")
+}
+
+func TestPermissionsImport_rejectsUnlicensed(t *testing.T) {
+	permissionsLicenseRequiredTest(t, "import")
+}
+
+func permissionsLicenseRequiredTest(t *testing.T, subcommand string) {
+	th := api4.Setup().InitBasic()
+	defer th.TearDown()
+
+	path, err := os.Executable()
+	if err != nil {
+		t.Fail()
+	}
+	args := []string{"-test.run", "ExecCommand", "--", "--disableconfigwatch", "permissions", subcommand}
+	output, err := exec.Command(path, args...).CombinedOutput()
+
+	actual := string(output)
+	expected := utils.T("cli.license.critical")
+	if !strings.Contains(actual, expected) {
+		t.Errorf("Expected '%v' but got '%v'.", expected, actual)
+	}
+}
diff --git a/model/scheme.go b/model/scheme.go
index f949d9122..959b80c24 100644
--- a/model/scheme.go
+++ b/model/scheme.go
@@ -5,19 +5,23 @@ package model
 
 import (
 	"encoding/json"
+	"fmt"
 	"io"
+	"regexp"
 )
 
 const (
-	SCHEME_NAME_MAX_LENGTH        = 64
-	SCHEME_DESCRIPTION_MAX_LENGTH = 1024
-	SCHEME_SCOPE_TEAM             = "team"
-	SCHEME_SCOPE_CHANNEL          = "channel"
+	SCHEME_DISPLAY_NAME_MAX_LENGTH = 128
+	SCHEME_NAME_MAX_LENGTH         = 64
+	SCHEME_DESCRIPTION_MAX_LENGTH  = 1024
+	SCHEME_SCOPE_TEAM              = "team"
+	SCHEME_SCOPE_CHANNEL           = "channel"
 )
 
 type Scheme struct {
 	Id                      string `json:"id"`
 	Name                    string `json:"name"`
+	DisplayName             string `json:"display_name"`
 	Description             string `json:"description"`
 	CreateAt                int64  `json:"create_at"`
 	UpdateAt                int64  `json:"update_at"`
@@ -31,6 +35,7 @@ type Scheme struct {
 
 type SchemePatch struct {
 	Name        *string `json:"name"`
+	DisplayName *string `json:"display_name"`
 	Description *string `json:"description"`
 }
 
@@ -38,6 +43,32 @@ type SchemeIDPatch struct {
 	SchemeID *string `json:"scheme_id"`
 }
 
+// SchemeConveyor is used for importing and exporting a Scheme and its associated Roles.
+type SchemeConveyor struct {
+	Name         string  `json:"name"`
+	DisplayName  string  `json:"display_name"`
+	Description  string  `json:"description"`
+	Scope        string  `json:"scope"`
+	TeamAdmin    string  `json:"default_team_admin_role"`
+	TeamUser     string  `json:"default_team_user_role"`
+	ChannelAdmin string  `json:"default_channel_admin_role"`
+	ChannelUser  string  `json:"default_channel_user_role"`
+	Roles        []*Role `json:"roles"`
+}
+
+func (sc *SchemeConveyor) Scheme() *Scheme {
+	return &Scheme{
+		DisplayName:             sc.DisplayName,
+		Name:                    sc.Name,
+		Description:             sc.Description,
+		Scope:                   sc.Scope,
+		DefaultTeamAdminRole:    sc.TeamAdmin,
+		DefaultTeamUserRole:     sc.TeamUser,
+		DefaultChannelAdminRole: sc.ChannelAdmin,
+		DefaultChannelUserRole:  sc.ChannelUser,
+	}
+}
+
 func (scheme *Scheme) ToJson() string {
 	b, _ := json.Marshal(scheme)
 	return string(b)
@@ -72,7 +103,11 @@ func (scheme *Scheme) IsValid() bool {
 }
 
 func (scheme *Scheme) IsValidForCreate() bool {
-	if len(scheme.Name) == 0 || len(scheme.Name) > SCHEME_NAME_MAX_LENGTH {
+	if len(scheme.DisplayName) == 0 || len(scheme.DisplayName) > SCHEME_DISPLAY_NAME_MAX_LENGTH {
+		return false
+	}
+
+	if !IsValidSchemeName(scheme.Name) {
 		return false
 	}
 
@@ -118,6 +153,9 @@ func (scheme *Scheme) IsValidForCreate() bool {
 }
 
 func (scheme *Scheme) Patch(patch *SchemePatch) {
+	if patch.DisplayName != nil {
+		scheme.DisplayName = *patch.DisplayName
+	}
 	if patch.Name != nil {
 		scheme.Name = *patch.Name
 	}
@@ -147,3 +185,8 @@ func (p *SchemeIDPatch) ToJson() string {
 	b, _ := json.Marshal(p)
 	return string(b)
 }
+
+func IsValidSchemeName(name string) bool {
+	re := regexp.MustCompile(fmt.Sprintf("^[a-z0-9_]{0,%d}$", SCHEME_NAME_MAX_LENGTH))
+	return re.MatchString(name)
+}
diff --git a/store/sqlstore/scheme_supplier.go b/store/sqlstore/scheme_supplier.go
index e15bb3629..776ca9130 100644
--- a/store/sqlstore/scheme_supplier.go
+++ b/store/sqlstore/scheme_supplier.go
@@ -20,8 +20,9 @@ func initSqlSupplierSchemes(sqlStore SqlStore) {
 	for _, db := range sqlStore.GetAllConns() {
 		table := db.AddTableWithName(model.Scheme{}, "Schemes").SetKeys(false, "Id")
 		table.ColMap("Id").SetMaxSize(26)
-		table.ColMap("Name").SetMaxSize(64)
-		table.ColMap("Description").SetMaxSize(1024)
+		table.ColMap("Name").SetMaxSize(model.SCHEME_NAME_MAX_LENGTH).SetUnique(true)
+		table.ColMap("DisplayName").SetMaxSize(model.SCHEME_DISPLAY_NAME_MAX_LENGTH)
+		table.ColMap("Description").SetMaxSize(model.SCHEME_DESCRIPTION_MAX_LENGTH)
 		table.ColMap("Scope").SetMaxSize(32)
 		table.ColMap("DefaultTeamAdminRole").SetMaxSize(64)
 		table.ColMap("DefaultTeamUserRole").SetMaxSize(64)
diff --git a/store/storetest/channel_store.go b/store/storetest/channel_store.go
index 21db7eb91..d70046d19 100644
--- a/store/storetest/channel_store.go
+++ b/store/storetest/channel_store.go
@@ -2164,12 +2164,14 @@ func testChannelStoreMaxChannelsPerTeam(t *testing.T, ss store.Store) {
 func testChannelStoreGetChannelsByScheme(t *testing.T, ss store.Store) {
 	// Create some schemes.
 	s1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
 	}
 
 	s2 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
diff --git a/store/storetest/scheme_store.go b/store/storetest/scheme_store.go
index 636000953..30a63d4c1 100644
--- a/store/storetest/scheme_store.go
+++ b/store/storetest/scheme_store.go
@@ -63,6 +63,7 @@ func createDefaultRoles(t *testing.T, ss store.Store) {
 func testSchemeStoreSave(t *testing.T, ss store.Store) {
 	// Save a new scheme.
 	s1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -73,6 +74,7 @@ func testSchemeStoreSave(t *testing.T, ss store.Store) {
 	assert.Nil(t, res1.Err)
 	d1 := res1.Data.(*model.Scheme)
 	assert.Len(t, d1.Id, 26)
+	assert.Equal(t, s1.DisplayName, d1.DisplayName)
 	assert.Equal(t, s1.Name, d1.Name)
 	assert.Equal(t, s1.Description, d1.Description)
 	assert.NotZero(t, d1.CreateAt)
@@ -116,6 +118,7 @@ func testSchemeStoreSave(t *testing.T, ss store.Store) {
 	assert.Nil(t, res2.Err)
 	d2 := res2.Data.(*model.Scheme)
 	assert.Equal(t, d1.Id, d2.Id)
+	assert.Equal(t, s1.DisplayName, d2.DisplayName)
 	assert.Equal(t, s1.Name, d2.Name)
 	assert.Equal(t, d1.Description, d2.Description)
 	assert.NotZero(t, d2.CreateAt)
@@ -130,6 +133,7 @@ func testSchemeStoreSave(t *testing.T, ss store.Store) {
 	// Try saving one with an invalid ID set.
 	s3 := &model.Scheme{
 		Id:          model.NewId(),
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -142,6 +146,7 @@ func testSchemeStoreSave(t *testing.T, ss store.Store) {
 func testSchemeStoreGet(t *testing.T, ss store.Store) {
 	// Save a scheme to test with.
 	s1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -157,6 +162,7 @@ func testSchemeStoreGet(t *testing.T, ss store.Store) {
 	assert.Nil(t, res2.Err)
 	d2 := res1.Data.(*model.Scheme)
 	assert.Equal(t, d1.Id, d2.Id)
+	assert.Equal(t, s1.DisplayName, d2.DisplayName)
 	assert.Equal(t, s1.Name, d2.Name)
 	assert.Equal(t, d1.Description, d2.Description)
 	assert.NotZero(t, d2.CreateAt)
@@ -177,21 +183,25 @@ func testSchemeStoreGetAllPage(t *testing.T, ss store.Store) {
 	// Save a scheme to test with.
 	schemes := []*model.Scheme{
 		{
+			DisplayName: model.NewId(),
 			Name:        model.NewId(),
 			Description: model.NewId(),
 			Scope:       model.SCHEME_SCOPE_TEAM,
 		},
 		{
+			DisplayName: model.NewId(),
 			Name:        model.NewId(),
 			Description: model.NewId(),
 			Scope:       model.SCHEME_SCOPE_CHANNEL,
 		},
 		{
+			DisplayName: model.NewId(),
 			Name:        model.NewId(),
 			Description: model.NewId(),
 			Scope:       model.SCHEME_SCOPE_TEAM,
 		},
 		{
+			DisplayName: model.NewId(),
 			Name:        model.NewId(),
 			Description: model.NewId(),
 			Scope:       model.SCHEME_SCOPE_CHANNEL,
@@ -211,6 +221,10 @@ func testSchemeStoreGetAllPage(t *testing.T, ss store.Store) {
 	assert.Nil(t, r2.Err)
 	s2 := r2.Data.([]*model.Scheme)
 	assert.Len(t, s2, 2)
+	assert.NotEqual(t, s1[0].DisplayName, s2[0].DisplayName)
+	assert.NotEqual(t, s1[0].DisplayName, s2[1].DisplayName)
+	assert.NotEqual(t, s1[1].DisplayName, s2[0].DisplayName)
+	assert.NotEqual(t, s1[1].DisplayName, s2[1].DisplayName)
 	assert.NotEqual(t, s1[0].Name, s2[0].Name)
 	assert.NotEqual(t, s1[0].Name, s2[1].Name)
 	assert.NotEqual(t, s1[1].Name, s2[0].Name)
@@ -236,6 +250,7 @@ func testSchemeStoreGetAllPage(t *testing.T, ss store.Store) {
 func testSchemeStoreDelete(t *testing.T, ss store.Store) {
 	// Save a new scheme.
 	s1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -246,6 +261,7 @@ func testSchemeStoreDelete(t *testing.T, ss store.Store) {
 	assert.Nil(t, res1.Err)
 	d1 := res1.Data.(*model.Scheme)
 	assert.Len(t, d1.Id, 26)
+	assert.Equal(t, s1.DisplayName, d1.DisplayName)
 	assert.Equal(t, s1.Name, d1.Name)
 	assert.Equal(t, s1.Description, d1.Description)
 	assert.NotZero(t, d1.CreateAt)
@@ -317,6 +333,7 @@ func testSchemeStoreDelete(t *testing.T, ss store.Store) {
 
 	// Try deleting a team scheme that's in use.
 	s4 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
@@ -346,6 +363,7 @@ func testSchemeStoreDelete(t *testing.T, ss store.Store) {
 
 	// Try deleting a channel scheme that's in use.
 	s5 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_CHANNEL,
diff --git a/store/storetest/team_store.go b/store/storetest/team_store.go
index 996f8fd8f..72c6f89f1 100644
--- a/store/storetest/team_store.go
+++ b/store/storetest/team_store.go
@@ -1041,12 +1041,14 @@ func testUpdateLastTeamIconUpdate(t *testing.T, ss store.Store) {
 func testGetTeamsByScheme(t *testing.T, ss store.Store) {
 	// Create some schemes.
 	s1 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
 	}
 
 	s2 := &model.Scheme{
+		DisplayName: model.NewId(),
 		Name:        model.NewId(),
 		Description: model.NewId(),
 		Scope:       model.SCHEME_SCOPE_TEAM,
author	Martin Kraft <mkraft@users.noreply.github.com>	2018-05-17 11:37:00 -0400
committer	GitHub <noreply@github.com>	2018-05-17 11:37:00 -0400
commit	e0390632b3c941670671d968b8828bcefbf71581 (patch)
tree	d4eb82a217aa45c5be8a3afb2fc1d2d7ed5d6b37
parent	463065c8ba4b4aece7fd9b7764ba917df3e73292 (diff)
download	chat-e0390632b3c941670671d968b8828bcefbf71581.tar.gz chat-e0390632b3c941670671d968b8828bcefbf71581.tar.bz2 chat-e0390632b3c941670671d968b8828bcefbf71581.zip