PLT-2057 User as a first class object (#2648)

* Adding TeamMember to system * Fixing all unit tests on the backend * Fixing merge conflicts * Fixing merge conflict * Adding javascript unit tests * Adding TeamMember to system * Fixing all unit tests on the backend * Fixing merge conflicts * Fixing merge conflict * Adding javascript unit tests * Adding client side unit test * Cleaning up the clint side tests * Fixing msg * Adding more client side unit tests * Adding more using tests * Adding last bit of client side unit tests and adding make cmd * Fixing bad merge * Fixing libraries * Updating to new client side API * Fixing borken unit test * Fixing unit tests * ugg...trying to beat gofmt * ugg...trying to beat gofmt * Cleaning up remainder of the server side routes * Adding inital load api * Increased coverage of webhook unit tests (#2660) * Adding loading ... to root html * Fixing bad merge * Removing explicit content type so superagent will guess corectly (#2685) * Fixing merge and unit tests * Adding create team UI * Fixing signup flows * Adding LDAP unit tests and enterprise unit test helper (#2702) * Add the ability to reset MFA from the commandline (#2706) * Fixing compliance unit tests * Fixing client side tests * Adding open server to system console * Moving websocket connection * Fixing unit test * Fixing unit tests * Fixing unit tests * Adding nickname and more LDAP unit tests (#2717) * Adding join open teams * Cleaning up all TODOs in the code * Fixing web sockets * Removing unused webockets file * PLT-2533 Add the ability to reset a user's MFA from the system console (#2715) * Add the ability to reset a user's MFA from the system console * Add client side unit test for adminResetMfa * Reorganizing authentication to fix LDAP error message (#2723) * Fixing failing unit test * Initial upgrade db code * Adding upgrade script * Fixing upgrade script after running on core * Update OAuth and Claim routes to work with user model changes (#2739) * Fixing perminant deletion. Adding ability to delete all user and the entire database (#2740) * Fixing team invite ldap login call (#2741) * Fixing bluebar and some img stuff * Fix all the different file upload web utils (#2743) * Fixing invalid session redirect (#2744) * Redirect on bad channel name (#2746) * Fixing a bunch of issue and removing dead code * Patch to fix error message on leave channel (#2747) * Setting EnableOpenServer to false by default * Fixing config * Fixing upgrade * Fixing reported bugs * Bug fixes for PLT-2057 * PLT-2563 Redo password recovery to use a database table (#2745) * Redo password recovery to use a database table * Update reset password audits * Split out admin and user reset password APIs to be separate * Delete password recovery when user is permanently deleted * Consolidate password resetting into a single function * Removed private channels as an option for outgoing webhooks (#2752) * PLT-2577/PLT-2552 Fixes for backstage (#2753) * Added URL to incoming webhook list * Fixed client functions for adding/removing integrations * Disallowed slash commands without trigger words * Fixed clientside handling of errors on AddCommand page * Minor auth cleanup (#2758) * Changed EditPostModal to just close if you save without making any changes (#2759) * Renamed client -> Client in async_client.jsx and fixed eslint warnings (#2756) * Fixed url in channel info modal (#2755) * Fixing reported issues * Moving to version 3 of the apis * Fixing command unit tests (#2760) * Adding team admins * Fixing DM issue * Fixing eslint error * Properly set EditPostModal's originalText state in all cases (#2762) * Update client config check to assume features is defined if server is licensed (#2772) * Fixing url link * Fixing issue with websocket crashing when sending messages to different teams
author: Corey Hulen <corey@hulen.com> 2016-04-21 22:37:01 -0700
committer: Corey Hulen <corey@hulen.com> 2016-04-21 22:37:01 -0700
commit: 2e5617c29be69637acd384e85f795a0b343bec8d (patch)
tree: 6b8bdae1e664013b97c2dda94985375abda91aa5 /api/webhook_test.go
parent: 5c755463ed3a4c74a383fb4460b5be02d8868481 (diff)
download: chat-2e5617c29be69637acd384e85f795a0b343bec8d.tar.gz
chat-2e5617c29be69637acd384e85f795a0b343bec8d.tar.bz2
chat-2e5617c29be69637acd384e85f795a0b343bec8d.zip
1 files changed, 458 insertions, 275 deletions
diff --git a/api/webhook_test.go b/api/webhook_test.go
index 4f85d178d..5198056cc 100644
--- a/api/webhook_test.go
+++ b/api/webhook_test.go
@@ -4,416 +4,599 @@
 package api
 
 import (
+	"fmt"
 	"github.com/mattermost/platform/model"
-	"github.com/mattermost/platform/store"
 	"github.com/mattermost/platform/utils"
 	"testing"
 	"time"
 )
 
 func TestCreateIncomingHook(t *testing.T) {
-	Setup()
+	th := Setup().InitSystemAdmin()
+	Client := th.SystemAdminClient
+	user := th.SystemAdminUser
+	team := th.SystemAdminTeam
+	channel1 := th.CreateChannel(Client, team)
+	channel2 := th.CreatePrivateChannel(Client, team)
+	user2 := th.CreateUser(Client)
+	LinkUserToTeam(user2, team)
+
 	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
-	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
 	defer func() {
 		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
-		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
 	}()
 	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
-	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
 
-	team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
-	team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+	hook := &model.IncomingWebhook{ChannelId: channel1.Id}
 
-	user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"}
-	user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
-	store.Must(Srv.Store.User().VerifyEmail(user.Id))
+	var rhook *model.IncomingWebhook
+	if result, err := Client.CreateIncomingWebhook(hook); err != nil {
+		t.Fatal(err)
+	} else {
+		rhook = result.Data.(*model.IncomingWebhook)
+	}
 
-	c := &Context{}
-	c.RequestId = model.NewId()
-	c.IpAddress = "cmd_line"
-	UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN)
-	Client.LoginByEmail(team.Name, user.Email, "pwd")
+	if hook.ChannelId != rhook.ChannelId {
+		t.Fatal("channel ids didn't match")
+	}
 
-	channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
+	if rhook.UserId != user.Id {
+		t.Fatal("user ids didn't match")
+	}
 
-	channel2 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel2 = Client.Must(Client.CreateChannel(channel2)).Data.(*model.Channel)
+	if rhook.TeamId != team.Id {
+		t.Fatal("team ids didn't match")
+	}
 
-	hook := &model.IncomingWebhook{ChannelId: channel1.Id}
+	hook = &model.IncomingWebhook{ChannelId: "junk"}
+	if _, err := Client.CreateIncomingWebhook(hook); err == nil {
+		t.Fatal("should have failed - bad channel id")
+	}
 
-	if utils.Cfg.ServiceSettings.EnableIncomingWebhooks {
-		var rhook *model.IncomingWebhook
-		if result, err := Client.CreateIncomingWebhook(hook); err != nil {
-			t.Fatal(err)
-		} else {
-			rhook = result.Data.(*model.IncomingWebhook)
+	hook = &model.IncomingWebhook{ChannelId: channel2.Id, UserId: "123", TeamId: "456"}
+	if result, err := Client.CreateIncomingWebhook(hook); err != nil {
+		t.Fatal(err)
+	} else {
+		if result.Data.(*model.IncomingWebhook).UserId != user.Id {
+			t.Fatal("bad user id wasn't overwritten")
 		}
-
-		if hook.ChannelId != rhook.ChannelId {
-			t.Fatal("channel ids didn't match")
+		if result.Data.(*model.IncomingWebhook).TeamId != team.Id {
+			t.Fatal("bad team id wasn't overwritten")
 		}
+	}
 
-		if rhook.UserId != user.Id {
-			t.Fatal("user ids didn't match")
-		}
+	Client.Logout()
+	Client.Must(Client.LoginById(user2.Id, user2.Password))
+	Client.SetTeamId(team.Id)
 
-		if rhook.TeamId != team.Id {
-			t.Fatal("team ids didn't match")
-		}
+	hook = &model.IncomingWebhook{ChannelId: channel1.Id}
 
-		hook = &model.IncomingWebhook{ChannelId: "junk"}
-		if _, err := Client.CreateIncomingWebhook(hook); err == nil {
-			t.Fatal("should have failed - bad channel id")
-		}
+	if _, err := Client.CreateIncomingWebhook(hook); err == nil {
+		t.Fatal("should have failed - not system/team admin")
+	}
 
-		hook = &model.IncomingWebhook{ChannelId: channel2.Id, UserId: "123", TeamId: "456"}
-		if result, err := Client.CreateIncomingWebhook(hook); err != nil {
-			t.Fatal(err)
-		} else {
-			if result.Data.(*model.IncomingWebhook).UserId != user.Id {
-				t.Fatal("bad user id wasn't overwritten")
-			}
-			if result.Data.(*model.IncomingWebhook).TeamId != team.Id {
-				t.Fatal("bad team id wasn't overwritten")
-			}
-		}
-	} else {
-		if _, err := Client.CreateIncomingWebhook(hook); err == nil {
-			t.Fatal("should have errored - webhooks turned off")
-		}
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
+
+	if _, err := Client.CreateIncomingWebhook(hook); err != nil {
+		t.Fatal(err)
+	}
+
+	hook = &model.IncomingWebhook{ChannelId: channel2.Id}
+
+	if _, err := Client.CreateIncomingWebhook(hook); err == nil {
+		t.Fatal("should have failed - channel is private and not a member")
+	}
+
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
+
+	if _, err := Client.CreateIncomingWebhook(hook); err == nil {
+		t.Fatal("should have errored - webhooks turned off")
 	}
 }
 
 func TestListIncomingHooks(t *testing.T) {
-	Setup()
+	th := Setup().InitSystemAdmin()
+	Client := th.SystemAdminClient
+	team := th.SystemAdminTeam
+	channel1 := th.CreateChannel(Client, team)
+	user2 := th.CreateUser(Client)
+	LinkUserToTeam(user2, team)
+
 	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
-	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
 	defer func() {
 		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
-		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
 	}()
 	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
-	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
 
-	team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
-	team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+	hook1 := &model.IncomingWebhook{ChannelId: channel1.Id}
+	hook1 = Client.Must(Client.CreateIncomingWebhook(hook1)).Data.(*model.IncomingWebhook)
 
-	user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"}
-	user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
-	store.Must(Srv.Store.User().VerifyEmail(user.Id))
+	hook2 := &model.IncomingWebhook{ChannelId: channel1.Id}
+	hook2 = Client.Must(Client.CreateIncomingWebhook(hook2)).Data.(*model.IncomingWebhook)
 
-	c := &Context{}
-	c.RequestId = model.NewId()
-	c.IpAddress = "cmd_line"
-	UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN)
-	Client.LoginByEmail(team.Name, user.Email, "pwd")
+	if result, err := Client.ListIncomingWebhooks(); err != nil {
+		t.Fatal(err)
+	} else {
+		hooks := result.Data.([]*model.IncomingWebhook)
 
-	channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
+		if len(hooks) != 2 {
+			t.Fatal("incorrect number of hooks")
+		}
+	}
 
-	if utils.Cfg.ServiceSettings.EnableIncomingWebhooks {
-		hook1 := &model.IncomingWebhook{ChannelId: channel1.Id}
-		hook1 = Client.Must(Client.CreateIncomingWebhook(hook1)).Data.(*model.IncomingWebhook)
+	Client.Logout()
+	Client.Must(Client.LoginById(user2.Id, user2.Password))
+	Client.SetTeamId(team.Id)
 
-		hook2 := &model.IncomingWebhook{ChannelId: channel1.Id}
-		hook2 = Client.Must(Client.CreateIncomingWebhook(hook2)).Data.(*model.IncomingWebhook)
+	if _, err := Client.ListIncomingWebhooks(); err == nil {
+		t.Fatal("should have errored - not system/team admin")
+	}
 
-		if result, err := Client.ListIncomingWebhooks(); err != nil {
-			t.Fatal(err)
-		} else {
-			hooks := result.Data.([]*model.IncomingWebhook)
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
 
-			if len(hooks) != 2 {
-				t.Fatal("incorrect number of hooks")
-			}
-		}
-	} else {
-		if _, err := Client.ListIncomingWebhooks(); err == nil {
-			t.Fatal("should have errored - webhooks turned off")
-		}
+	if _, err := Client.ListIncomingWebhooks(); err != nil {
+		t.Fatal(err)
+	}
+
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
+
+	if _, err := Client.ListIncomingWebhooks(); err == nil {
+		t.Fatal("should have errored - webhooks turned off")
 	}
 }
 
 func TestDeleteIncomingHook(t *testing.T) {
-	Setup()
+	th := Setup().InitSystemAdmin()
+	Client := th.SystemAdminClient
+	team := th.SystemAdminTeam
+	channel1 := th.CreateChannel(Client, team)
+	user2 := th.CreateUser(Client)
+	LinkUserToTeam(user2, team)
+
 	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
-	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
 	defer func() {
 		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
-		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
 	}()
 	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
-	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
 
-	team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
-	team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+	hook := &model.IncomingWebhook{ChannelId: channel1.Id}
+	hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
 
-	user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"}
-	user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
-	store.Must(Srv.Store.User().VerifyEmail(user.Id))
+	if _, err := Client.DeleteIncomingWebhook(hook.Id); err != nil {
+		t.Fatal(err)
+	}
 
-	c := &Context{}
-	c.RequestId = model.NewId()
-	c.IpAddress = "cmd_line"
-	UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN)
-	Client.LoginByEmail(team.Name, user.Email, "pwd")
+	if _, err := Client.DeleteIncomingWebhook("junk"); err == nil {
+		t.Fatal("should have failed - bad id")
+	}
 
-	channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
+	if _, err := Client.DeleteIncomingWebhook(""); err == nil {
+		t.Fatal("should have failed - empty id")
+	}
 
-	if utils.Cfg.ServiceSettings.EnableIncomingWebhooks {
-		hook := &model.IncomingWebhook{ChannelId: channel1.Id}
-		hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
+	hooks := Client.Must(Client.ListIncomingWebhooks()).Data.([]*model.IncomingWebhook)
+	if len(hooks) != 0 {
+		t.Fatal("delete didn't work properly")
+	}
 
-		data := make(map[string]string)
-		data["id"] = hook.Id
+	hook = &model.IncomingWebhook{ChannelId: channel1.Id}
+	hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
 
-		if _, err := Client.DeleteIncomingWebhook(data); err != nil {
-			t.Fatal(err)
-		}
+	Client.Logout()
+	Client.Must(Client.LoginById(user2.Id, user2.Password))
+	Client.SetTeamId(team.Id)
 
-		hooks := Client.Must(Client.ListIncomingWebhooks()).Data.([]*model.IncomingWebhook)
-		if len(hooks) != 0 {
-			t.Fatal("delete didn't work properly")
-		}
-	} else {
-		data := make(map[string]string)
-		data["id"] = "123"
+	if _, err := Client.DeleteIncomingWebhook(hook.Id); err == nil {
+		t.Fatal("should have failed - not system/team admin")
+	}
 
-		if _, err := Client.DeleteIncomingWebhook(data); err == nil {
-			t.Fatal("should have errored - webhooks turned off")
-		}
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
+
+	if _, err := Client.DeleteIncomingWebhook(hook.Id); err == nil {
+		t.Fatal("should have failed - not creator or team admin")
+	}
+
+	hook = &model.IncomingWebhook{ChannelId: channel1.Id}
+	hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
+
+	if _, err := Client.DeleteIncomingWebhook(hook.Id); err != nil {
+		t.Fatal(err)
+	}
+
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
+
+	if _, err := Client.DeleteIncomingWebhook(hook.Id); err == nil {
+		t.Fatal("should have errored - webhooks turned off")
 	}
 }
 
 func TestCreateOutgoingHook(t *testing.T) {
-	Setup()
-	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
+	th := Setup().InitSystemAdmin()
+	Client := th.SystemAdminClient
+	user := th.SystemAdminUser
+	team := th.SystemAdminTeam
+	team2 := th.CreateTeam(Client)
+	channel1 := th.CreateChannel(Client, team)
+	channel2 := th.CreatePrivateChannel(Client, team)
+	user2 := th.CreateUser(Client)
+	LinkUserToTeam(user2, team)
+	user3 := th.CreateUser(Client)
+	LinkUserToTeam(user3, team2)
+
 	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
 	defer func() {
-		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
 		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
 	}()
-	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
 	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
 
-	team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
-	team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+	hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
 
-	user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"}
-	user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
-	store.Must(Srv.Store.User().VerifyEmail(user.Id))
+	var rhook *model.OutgoingWebhook
+	if result, err := Client.CreateOutgoingWebhook(hook); err != nil {
+		t.Fatal(err)
+	} else {
+		rhook = result.Data.(*model.OutgoingWebhook)
+	}
 
-	c := &Context{}
-	c.RequestId = model.NewId()
-	c.IpAddress = "cmd_line"
-	UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN)
-	Client.LoginByEmail(team.Name, user.Email, "pwd")
+	if hook.ChannelId != rhook.ChannelId {
+		t.Fatal("channel ids didn't match")
+	}
 
-	channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
+	if rhook.CreatorId != user.Id {
+		t.Fatal("user ids didn't match")
+	}
 
-	channel2 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel2 = Client.Must(Client.CreateChannel(channel2)).Data.(*model.Channel)
+	if rhook.TeamId != team.Id {
+		t.Fatal("team ids didn't match")
+	}
 
-	hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	hook = &model.OutgoingWebhook{ChannelId: "junk", CallbackURLs: []string{"http://nowhere.com"}}
+	if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
+		t.Fatal("should have failed - bad channel id")
+	}
 
-	if utils.Cfg.ServiceSettings.EnableOutgoingWebhooks {
-		var rhook *model.OutgoingWebhook
-		if result, err := Client.CreateOutgoingWebhook(hook); err != nil {
-			t.Fatal(err)
-		} else {
-			rhook = result.Data.(*model.OutgoingWebhook)
+	hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CreatorId: "123", TeamId: "456", CallbackURLs: []string{"http://nowhere.com"}}
+	if result, err := Client.CreateOutgoingWebhook(hook); err != nil {
+		t.Fatal(err)
+	} else {
+		if result.Data.(*model.OutgoingWebhook).CreatorId != user.Id {
+			t.Fatal("bad user id wasn't overwritten")
 		}
-
-		if hook.ChannelId != rhook.ChannelId {
-			t.Fatal("channel ids didn't match")
+		if result.Data.(*model.OutgoingWebhook).TeamId != team.Id {
+			t.Fatal("bad team id wasn't overwritten")
 		}
+	}
 
-		if rhook.CreatorId != user.Id {
-			t.Fatal("user ids didn't match")
-		}
+	hook = &model.OutgoingWebhook{ChannelId: channel2.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
+		t.Fatal("should have failed - private channel")
+	}
 
-		if rhook.TeamId != team.Id {
-			t.Fatal("team ids didn't match")
-		}
+	hook = &model.OutgoingWebhook{CallbackURLs: []string{"http://nowhere.com"}}
+	if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
+		t.Fatal("should have failed - blank channel and trigger words")
+	}
 
-		hook = &model.OutgoingWebhook{ChannelId: "junk", CallbackURLs: []string{"http://nowhere.com"}}
-		if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
-			t.Fatal("should have failed - bad channel id")
-		}
+	Client.Logout()
+	Client.Must(Client.LoginById(user2.Id, user2.Password))
+	Client.SetTeamId(team.Id)
 
-		hook = &model.OutgoingWebhook{ChannelId: channel2.Id, CreatorId: "123", TeamId: "456", CallbackURLs: []string{"http://nowhere.com"}}
-		if result, err := Client.CreateOutgoingWebhook(hook); err != nil {
-			t.Fatal(err)
-		} else {
-			if result.Data.(*model.OutgoingWebhook).CreatorId != user.Id {
-				t.Fatal("bad user id wasn't overwritten")
-			}
-			if result.Data.(*model.OutgoingWebhook).TeamId != team.Id {
-				t.Fatal("bad team id wasn't overwritten")
-			}
-		}
-	} else {
-		if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
-			t.Fatal("should have errored - webhooks turned off")
-		}
+	hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
+		t.Fatal("should have failed - not system/team admin")
+	}
+
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
+
+	if _, err := Client.CreateOutgoingWebhook(hook); err != nil {
+		t.Fatal(err)
+	}
+
+	Client.Logout()
+	Client.Must(Client.LoginById(user3.Id, user3.Password))
+	Client.SetTeamId(team2.Id)
+
+	if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
+		t.Fatal("should have failed - wrong team")
+	}
+
+	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
+
+	if _, err := Client.CreateOutgoingWebhook(hook); err == nil {
+		t.Fatal("should have errored - webhooks turned off")
 	}
 }
 
 func TestListOutgoingHooks(t *testing.T) {
-	Setup()
-	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
+	th := Setup().InitSystemAdmin()
+	Client := th.SystemAdminClient
+	team := th.SystemAdminTeam
+	channel1 := th.CreateChannel(Client, team)
+	user2 := th.CreateUser(Client)
+	LinkUserToTeam(user2, team)
+
 	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
 	defer func() {
-		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
 		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
 	}()
-	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
 	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
 
-	team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
-	team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+	hook1 := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	hook1 = Client.Must(Client.CreateOutgoingWebhook(hook1)).Data.(*model.OutgoingWebhook)
 
-	user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"}
-	user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
-	store.Must(Srv.Store.User().VerifyEmail(user.Id))
+	hook2 := &model.OutgoingWebhook{TriggerWords: []string{"trigger"}, CallbackURLs: []string{"http://nowhere.com"}}
+	hook2 = Client.Must(Client.CreateOutgoingWebhook(hook2)).Data.(*model.OutgoingWebhook)
 
-	c := &Context{}
-	c.RequestId = model.NewId()
-	c.IpAddress = "cmd_line"
-	UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN)
-	Client.LoginByEmail(team.Name, user.Email, "pwd")
+	if result, err := Client.ListOutgoingWebhooks(); err != nil {
+		t.Fatal(err)
+	} else {
+		hooks := result.Data.([]*model.OutgoingWebhook)
 
-	channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
+		if len(hooks) != 2 {
+			t.Fatal("incorrect number of hooks")
+		}
+	}
 
-	if utils.Cfg.ServiceSettings.EnableOutgoingWebhooks {
-		hook1 := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
-		hook1 = Client.Must(Client.CreateOutgoingWebhook(hook1)).Data.(*model.OutgoingWebhook)
+	Client.Logout()
+	Client.Must(Client.LoginById(user2.Id, user2.Password))
+	Client.SetTeamId(team.Id)
 
-		hook2 := &model.OutgoingWebhook{TriggerWords: []string{"trigger"}, CallbackURLs: []string{"http://nowhere.com"}}
-		hook2 = Client.Must(Client.CreateOutgoingWebhook(hook2)).Data.(*model.OutgoingWebhook)
+	if _, err := Client.ListOutgoingWebhooks(); err == nil {
+		t.Fatal("should have failed - not system/team admin")
+	}
 
-		if result, err := Client.ListOutgoingWebhooks(); err != nil {
-			t.Fatal(err)
-		} else {
-			hooks := result.Data.([]*model.OutgoingWebhook)
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
 
-			if len(hooks) != 2 {
-				t.Fatal("incorrect number of hooks")
-			}
-		}
-	} else {
-		if _, err := Client.ListOutgoingWebhooks(); err == nil {
-			t.Fatal("should have errored - webhooks turned off")
-		}
+	if _, err := Client.ListOutgoingWebhooks(); err != nil {
+		t.Fatal(err)
+	}
+
+	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
+
+	if _, err := Client.ListOutgoingWebhooks(); err == nil {
+		t.Fatal("should have errored - webhooks turned off")
 	}
 }
 
 func TestDeleteOutgoingHook(t *testing.T) {
-	Setup()
-	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
+	th := Setup().InitSystemAdmin()
+	Client := th.SystemAdminClient
+	team := th.SystemAdminTeam
+	channel1 := th.CreateChannel(Client, team)
+	user2 := th.CreateUser(Client)
+	LinkUserToTeam(user2, team)
+
 	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
 	defer func() {
-		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
 		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
 	}()
-	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
 	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
 
-	team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
-	team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+	hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
 
-	user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"}
-	user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
-	store.Must(Srv.Store.User().VerifyEmail(user.Id))
+	if _, err := Client.DeleteOutgoingWebhook("junk"); err == nil {
+		t.Fatal("should have failed - bad hook id")
+	}
 
-	c := &Context{}
-	c.RequestId = model.NewId()
-	c.IpAddress = "cmd_line"
-	UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN)
-	Client.LoginByEmail(team.Name, user.Email, "pwd")
+	if _, err := Client.DeleteOutgoingWebhook(""); err == nil {
+		t.Fatal("should have failed - empty hook id")
+	}
 
-	channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
+	if _, err := Client.DeleteOutgoingWebhook(hook.Id); err != nil {
+		t.Fatal(err)
+	}
 
-	if utils.Cfg.ServiceSettings.EnableOutgoingWebhooks {
-		hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
-		hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
+	hooks := Client.Must(Client.ListOutgoingWebhooks()).Data.([]*model.OutgoingWebhook)
+	if len(hooks) != 0 {
+		t.Fatal("delete didn't work properly")
+	}
 
-		data := make(map[string]string)
-		data["id"] = hook.Id
+	hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
 
-		if _, err := Client.DeleteOutgoingWebhook(data); err != nil {
-			t.Fatal(err)
-		}
+	Client.Logout()
+	Client.Must(Client.LoginById(user2.Id, user2.Password))
+	Client.SetTeamId(team.Id)
 
-		hooks := Client.Must(Client.ListOutgoingWebhooks()).Data.([]*model.OutgoingWebhook)
-		if len(hooks) != 0 {
-			t.Fatal("delete didn't work properly")
-		}
-	} else {
-		data := make(map[string]string)
-		data["id"] = "123"
+	if _, err := Client.DeleteOutgoingWebhook(hook.Id); err == nil {
+		t.Fatal("should have failed - not system/team admin")
+	}
 
-		if _, err := Client.DeleteOutgoingWebhook(data); err == nil {
-			t.Fatal("should have errored - webhooks turned off")
-		}
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
+
+	if _, err := Client.DeleteOutgoingWebhook(hook.Id); err == nil {
+		t.Fatal("should have failed - not creator or team admin")
+	}
+
+	hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
+
+	if _, err := Client.DeleteOutgoingWebhook(hook.Id); err != nil {
+		t.Fatal(err)
+	}
+
+	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
+
+	if _, err := Client.DeleteOutgoingWebhook(hook.Id); err == nil {
+		t.Fatal("should have errored - webhooks turned off")
 	}
 }
 
 func TestRegenOutgoingHookToken(t *testing.T) {
-	Setup()
-	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
+	th := Setup().InitSystemAdmin()
+	Client := th.SystemAdminClient
+	team := th.SystemAdminTeam
+	team2 := th.CreateTeam(Client)
+	channel1 := th.CreateChannel(Client, team)
+	user2 := th.CreateUser(Client)
+	LinkUserToTeam(user2, team)
+	user3 := th.CreateUser(Client)
+	LinkUserToTeam(user3, team2)
+
 	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
 	defer func() {
-		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
 		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
 	}()
-	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
 	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
 
-	team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
-	team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+	hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
 
-	user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"}
-	user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
-	store.Must(Srv.Store.User().VerifyEmail(user.Id))
+	if _, err := Client.RegenOutgoingWebhookToken("junk"); err == nil {
+		t.Fatal("should have failed - bad id")
+	}
 
-	c := &Context{}
-	c.RequestId = model.NewId()
-	c.IpAddress = "cmd_line"
-	UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN)
-	Client.LoginByEmail(team.Name, user.Email, "pwd")
+	if _, err := Client.RegenOutgoingWebhookToken(""); err == nil {
+		t.Fatal("should have failed - empty id")
+	}
 
-	channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
-	channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
+	if result, err := Client.RegenOutgoingWebhookToken(hook.Id); err != nil {
+		t.Fatal(err)
+	} else {
+		if result.Data.(*model.OutgoingWebhook).Token == hook.Token {
+			t.Fatal("regen didn't work properly")
+		}
+	}
 
-	if utils.Cfg.ServiceSettings.EnableOutgoingWebhooks {
-		hook := &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
-		hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
+	Client.Logout()
+	Client.Must(Client.LoginById(user2.Id, user2.Password))
+	Client.SetTeamId(team.Id)
 
-		data := make(map[string]string)
-		data["id"] = hook.Id
+	if _, err := Client.RegenOutgoingWebhookToken(hook.Id); err == nil {
+		t.Fatal("should have failed - not system/team admin")
+	}
 
-		if result, err := Client.RegenOutgoingWebhookToken(data); err != nil {
-			t.Fatal(err)
-		} else {
-			if result.Data.(*model.OutgoingWebhook).Token == hook.Token {
-				t.Fatal("regen didn't work properly")
-			}
-		}
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
 
-	} else {
-		data := make(map[string]string)
-		data["id"] = "123"
+	hook = &model.OutgoingWebhook{ChannelId: channel1.Id, CallbackURLs: []string{"http://nowhere.com"}}
+	hook = Client.Must(Client.CreateOutgoingWebhook(hook)).Data.(*model.OutgoingWebhook)
 
-		if _, err := Client.RegenOutgoingWebhookToken(data); err == nil {
-			t.Fatal("should have errored - webhooks turned off")
-		}
+	if _, err := Client.RegenOutgoingWebhookToken(hook.Id); err != nil {
+		t.Fatal(err)
+	}
+
+	Client.Logout()
+	Client.Must(Client.LoginById(user3.Id, user3.Password))
+	Client.SetTeamId(team2.Id)
+
+	if _, err := Client.RegenOutgoingWebhookToken(hook.Id); err == nil {
+		t.Fatal("should have failed - wrong team")
+	}
+
+	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
+
+	if _, err := Client.RegenOutgoingWebhookToken(hook.Id); err == nil {
+		t.Fatal("should have errored - webhooks turned off")
+	}
+}
+func TestIncomingWebhooks(t *testing.T) {
+	th := Setup().InitSystemAdmin()
+	Client := th.SystemAdminClient
+	team := th.SystemAdminTeam
+	channel1 := th.CreateChannel(Client, team)
+	user2 := th.CreateUser(Client)
+	LinkUserToTeam(user2, team)
+
+	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
+	defer func() {
+		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
+	}()
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
+
+	hook := &model.IncomingWebhook{ChannelId: channel1.Id}
+	hook = Client.Must(Client.CreateIncomingWebhook(hook)).Data.(*model.IncomingWebhook)
+
+	url := "/hooks/" + hook.Id
+
+	if _, err := Client.DoPost(url, "{\"text\":\"this is a test\"}", "application/json"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := Client.DoPost(url, fmt.Sprintf("{\"text\":\"this is a test\", \"channel\":\"%s\"}", channel1.Name), "application/json"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := Client.DoPost(url, fmt.Sprintf("{\"text\":\"this is a test\", \"channel\":\"#%s\"}", channel1.Name), "application/json"); err != nil {
+		t.Fatal(err)
+	}
+
+	Client.Must(Client.CreateDirectChannel(user2.Id))
+
+	if _, err := Client.DoPost(url, fmt.Sprintf("{\"text\":\"this is a test\", \"channel\":\"@%s\"}", user2.Username), "application/json"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := Client.DoPost(url, "payload={\"text\":\"this is a test\"}", "application/x-www-form-urlencoded"); err != nil {
+		t.Fatal(err)
+	}
+
+	attachmentPayload := `{
+        "text": "this is a test",
+        "attachments": [
+            {
+                "fallback": "Required plain-text summary of the attachment.",
+
+                "color": "#36a64f",
+
+                "pretext": "Optional text that appears above the attachment block",
+
+                "author_name": "Bobby Tables",
+                "author_link": "http://flickr.com/bobby/",
+                "author_icon": "http://flickr.com/icons/bobby.jpg",
+
+                "title": "Slack API Documentation",
+                "title_link": "https://api.slack.com/",
+
+                "text": "Optional text that appears within the attachment",
+
+                "fields": [
+                    {
+                        "title": "Priority",
+                        "value": "High",
+                        "short": false
+                    }
+                ],
+
+                "image_url": "http://my-website.com/path/to/image.jpg",
+                "thumb_url": "http://example.com/path/to/thumb.png"
+            }
+        ]
+    }`
+
+	if _, err := Client.DoPost(url, attachmentPayload, "application/json"); err != nil {
+		t.Fatal(err)
+	}
+
+	if _, err := Client.DoPost(url, "{\"text\":\"\"}", "application/json"); err == nil {
+		t.Fatal("should have failed - no text")
+	}
+
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
+
+	if _, err := Client.DoPost(url, "{\"text\":\"this is a test\"}", "application/json"); err == nil {
+		t.Fatal("should have failed - webhooks turned off")
 	}
 }
author	Corey Hulen <corey@hulen.com>	2016-04-21 22:37:01 -0700
committer	Corey Hulen <corey@hulen.com>	2016-04-21 22:37:01 -0700
commit	2e5617c29be69637acd384e85f795a0b343bec8d (patch)
tree	6b8bdae1e664013b97c2dda94985375abda91aa5 /api/webhook_test.go
parent	5c755463ed3a4c74a383fb4460b5be02d8868481 (diff)
download	chat-2e5617c29be69637acd384e85f795a0b343bec8d.tar.gz chat-2e5617c29be69637acd384e85f795a0b343bec8d.tar.bz2 chat-2e5617c29be69637acd384e85f795a0b343bec8d.zip