diff options
author | Jesse Hallam <jesse.hallam@gmail.com> | 2018-06-07 14:19:19 -0400 |
---|---|---|
committer | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2018-06-07 20:19:19 +0200 |
commit | 927b11f6e247746f0f5ceeae592b9c525e3c2f76 (patch) | |
tree | bd2bc4a0911f109b2c7743a1488bab13941da76b /api4/user_test.go | |
parent | 1d961b1632d7cac5574f48f447755fbeddbdfa4b (diff) | |
download | chat-927b11f6e247746f0f5ceeae592b9c525e3c2f76.tar.gz chat-927b11f6e247746f0f5ceeae592b9c525e3c2f76.tar.bz2 chat-927b11f6e247746f0f5ceeae592b9c525e3c2f76.zip |
MM-10803: remove premature user sanitization on deactivation (#8926)
* remove unused UpdateNonSSOUserActive
* MM-10803: stop prematurely sanitizing users on deactivate
This change was preceded by the removal of UpdateNonSSOUserActive to
ensure there are no APIs relying on the sanitized return value.
* MM-10803: test websocket events after UpdateUserActive
Diffstat (limited to 'api4/user_test.go')
-rw-r--r-- | api4/user_test.go | 184 |
1 files changed, 136 insertions, 48 deletions
diff --git a/api4/user_test.go b/api4/user_test.go index 593208c92..1044e6162 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -513,7 +513,7 @@ func TestSearchUsers(t *testing.T) { t.Fatal("should have found user") } - _, err := th.App.UpdateNonSSOUserActive(th.BasicUser2.Id, false) + _, err := th.App.UpdateActive(th.BasicUser2, false) if err != nil { t.Fatal(err) } @@ -630,7 +630,7 @@ func TestSearchUsers(t *testing.T) { th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowFullName = false }) - _, err = th.App.UpdateNonSSOUserActive(th.BasicUser2.Id, true) + _, err = th.App.UpdateActive(th.BasicUser2, true) if err != nil { t.Fatal(err) } @@ -1190,71 +1190,159 @@ func TestUpdateUserRoles(t *testing.T) { CheckBadRequestStatus(t, resp) } +func assertExpectedWebsocketEvent(t *testing.T, client *model.WebSocketClient, event string, test func(*model.WebSocketEvent)) { + for { + select { + case resp, ok := <-client.EventChannel: + if !ok { + t.Fatalf("channel closed before receiving expected event %s", model.WEBSOCKET_EVENT_USER_UPDATED) + } else if resp.Event == model.WEBSOCKET_EVENT_USER_UPDATED { + test(resp) + return + } + case <-time.After(5 * time.Second): + t.Fatalf("failed to receive expected event %s", model.WEBSOCKET_EVENT_USER_UPDATED) + } + } +} + +func assertWebsocketEventUserUpdatedWithEmail(t *testing.T, client *model.WebSocketClient, email string) { + assertExpectedWebsocketEvent(t, client, model.WEBSOCKET_EVENT_USER_UPDATED, func(event *model.WebSocketEvent) { + if eventUser, ok := event.Data["user"].(map[string]interface{}); !ok { + t.Fatalf("expected user") + } else if userEmail, ok := eventUser["email"].(string); !ok { + t.Fatalf("expected email %s, but got nil", email) + } else { + assert.Equal(t, email, userEmail) + } + }) +} + func TestUpdateUserActive(t *testing.T) { - th := Setup().InitBasic().InitSystemAdmin() - defer th.TearDown() + t.Run("basic tests", func(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer th.TearDown() - Client := th.Client - SystemAdminClient := th.SystemAdminClient - user := th.BasicUser + Client := th.Client + SystemAdminClient := th.SystemAdminClient + user := th.BasicUser - EnableUserDeactivation := th.App.Config().TeamSettings.EnableUserDeactivation - defer func() { - th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableUserDeactivation = EnableUserDeactivation }) - }() + EnableUserDeactivation := th.App.Config().TeamSettings.EnableUserDeactivation + defer func() { + th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableUserDeactivation = EnableUserDeactivation }) + }() - th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) - pass, resp := Client.UpdateUserActive(user.Id, false) - CheckNoError(t, resp) + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) + pass, resp := Client.UpdateUserActive(user.Id, false) + CheckNoError(t, resp) - if !pass { - t.Fatal("should have returned true") - } + if !pass { + t.Fatal("should have returned true") + } - th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = false }) - pass, resp = Client.UpdateUserActive(user.Id, false) - CheckUnauthorizedStatus(t, resp) + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = false }) + pass, resp = Client.UpdateUserActive(user.Id, false) + CheckUnauthorizedStatus(t, resp) - if pass { - t.Fatal("should have returned false") - } + if pass { + t.Fatal("should have returned false") + } - th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) - pass, resp = Client.UpdateUserActive(user.Id, false) - CheckUnauthorizedStatus(t, resp) + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) + pass, resp = Client.UpdateUserActive(user.Id, false) + CheckUnauthorizedStatus(t, resp) - if pass { - t.Fatal("should have returned false") - } + if pass { + t.Fatal("should have returned false") + } - th.LoginBasic2() + th.LoginBasic2() - _, resp = Client.UpdateUserActive(user.Id, true) - CheckForbiddenStatus(t, resp) + _, resp = Client.UpdateUserActive(user.Id, true) + CheckForbiddenStatus(t, resp) - _, resp = Client.UpdateUserActive(GenerateTestId(), true) - CheckForbiddenStatus(t, resp) + _, resp = Client.UpdateUserActive(GenerateTestId(), true) + CheckForbiddenStatus(t, resp) - _, resp = Client.UpdateUserActive("junk", true) - CheckBadRequestStatus(t, resp) + _, resp = Client.UpdateUserActive("junk", true) + CheckBadRequestStatus(t, resp) - Client.Logout() + Client.Logout() - _, resp = Client.UpdateUserActive(user.Id, true) - CheckUnauthorizedStatus(t, resp) + _, resp = Client.UpdateUserActive(user.Id, true) + CheckUnauthorizedStatus(t, resp) - _, resp = SystemAdminClient.UpdateUserActive(user.Id, true) - CheckNoError(t, resp) + _, resp = SystemAdminClient.UpdateUserActive(user.Id, true) + CheckNoError(t, resp) - _, resp = SystemAdminClient.UpdateUserActive(user.Id, false) - CheckNoError(t, resp) + _, resp = SystemAdminClient.UpdateUserActive(user.Id, false) + CheckNoError(t, resp) - authData := model.NewId() - result := <-th.App.Srv.Store.User().UpdateAuthData(user.Id, "random", &authData, "", true) - require.Nil(t, result.Err) + authData := model.NewId() + result := <-th.App.Srv.Store.User().UpdateAuthData(user.Id, "random", &authData, "", true) + require.Nil(t, result.Err) - _, resp = SystemAdminClient.UpdateUserActive(user.Id, false) - CheckNoError(t, resp) + _, resp = SystemAdminClient.UpdateUserActive(user.Id, false) + CheckNoError(t, resp) + }) + + t.Run("websocket events", func(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer th.TearDown() + + SystemAdminClient := th.SystemAdminClient + user := th.BasicUser2 + + EnableUserDeactivation := th.App.Config().TeamSettings.EnableUserDeactivation + defer func() { + th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableUserDeactivation = EnableUserDeactivation }) + }() + + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableUserDeactivation = true }) + + webSocketClient, err := th.CreateWebSocketClient() + assert.Nil(t, err) + defer webSocketClient.Close() + + webSocketClient.Listen() + + time.Sleep(300 * time.Millisecond) + if resp := <-webSocketClient.ResponseChannel; resp.Status != model.STATUS_OK { + t.Fatal("should have responded OK to authentication challenge") + } + + adminWebSocketClient, err := th.CreateWebSocketSystemAdminClient() + assert.Nil(t, err) + defer adminWebSocketClient.Close() + + adminWebSocketClient.Listen() + + time.Sleep(300 * time.Millisecond) + if resp := <-adminWebSocketClient.ResponseChannel; resp.Status != model.STATUS_OK { + t.Fatal("should have responded OK to authentication challenge") + } + + ShowEmailAddress := th.App.Config().PrivacySettings.ShowEmailAddress + defer func() { + th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = ShowEmailAddress }) + }() + + // Verify that both admins and regular users see the email when privacy settings allow same. + th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = true }) + _, resp := SystemAdminClient.UpdateUserActive(user.Id, false) + CheckNoError(t, resp) + + assertWebsocketEventUserUpdatedWithEmail(t, webSocketClient, user.Email) + assertWebsocketEventUserUpdatedWithEmail(t, adminWebSocketClient, user.Email) + + // Verify that only admins see the email when privacy settings hide emails. + th.App.UpdateConfig(func(cfg *model.Config) { cfg.PrivacySettings.ShowEmailAddress = false }) + _, resp = SystemAdminClient.UpdateUserActive(user.Id, true) + CheckNoError(t, resp) + + assertWebsocketEventUserUpdatedWithEmail(t, webSocketClient, "") + assertWebsocketEventUserUpdatedWithEmail(t, adminWebSocketClient, user.Email) + }) } func TestGetUsers(t *testing.T) { |