diff options
| author | George Goldberg <george@gberg.me> | 2017-03-30 02:10:51 +0100 |
|---|---|---|
| committer | Joram Wilander <jwawilander@gmail.com> | 2017-03-29 21:10:51 -0400 |
| commit | a4764a5c10ec59820eec7338d97be48d41c1a4d6 (patch) | |
| tree | 665d61a0b0738b328b9d7514b8732a59787c20ce /api4 | |
| parent | 6d6b8134462d9e718f21e76f9c47f73604574c9b (diff) | |
| download | chat-a4764a5c10ec59820eec7338d97be48d41c1a4d6.tar.gz chat-a4764a5c10ec59820eec7338d97be48d41c1a4d6.tar.bz2 chat-a4764a5c10ec59820eec7338d97be48d41c1a4d6.zip | |
PLT-6083: API to get users not in a specific team. (#5888)
Diffstat (limited to 'api4')
| -rw-r--r-- | api4/user.go | 13 | ||||
| -rw-r--r-- | api4/user_test.go | 46 |
2 files changed, 59 insertions, 0 deletions
diff --git a/api4/user.go b/api4/user.go index 4eb4479c2..298c5cc8d 100644 --- a/api4/user.go +++ b/api4/user.go @@ -266,6 +266,7 @@ func setProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { func getUsers(c *Context, w http.ResponseWriter, r *http.Request) { inTeamId := r.URL.Query().Get("in_team") + notInTeamId := r.URL.Query().Get("not_in_team") inChannelId := r.URL.Query().Get("in_channel") notInChannelId := r.URL.Query().Get("not_in_channel") @@ -285,6 +286,18 @@ func getUsers(c *Context, w http.ResponseWriter, r *http.Request) { } profiles, err = app.GetUsersNotInChannelPage(inTeamId, notInChannelId, c.Params.Page, c.Params.PerPage, c.IsSystemAdmin()) + } else if len(notInTeamId) > 0 { + if !app.SessionHasPermissionToTeam(c.Session, notInTeamId, model.PERMISSION_VIEW_TEAM) { + c.SetPermissionError(model.PERMISSION_VIEW_TEAM) + return + } + + etag = app.GetUsersNotInTeamEtag(inTeamId) + if HandleEtag(etag, "Get Users Not in Team", w, r) { + return + } + + profiles, err = app.GetUsersNotInTeamPage(notInTeamId, c.Params.Page, c.Params.PerPage, c.IsSystemAdmin()) } else if len(inTeamId) > 0 { if !app.SessionHasPermissionToTeam(c.Session, inTeamId, model.PERMISSION_VIEW_TEAM) { c.SetPermissionError(model.PERMISSION_VIEW_TEAM) diff --git a/api4/user_test.go b/api4/user_test.go index fe53229a5..f6561310b 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -897,6 +897,52 @@ func TestGetUsersInTeam(t *testing.T) { CheckNoError(t, resp) } +func TestGetUsersNotInTeam(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + teamId := th.BasicTeam.Id + + rusers, resp := Client.GetUsersNotInTeam(teamId, 0, 60, "") + CheckNoError(t, resp) + for _, u := range rusers { + CheckUserSanitization(t, u) + } + + rusers, resp = Client.GetUsersNotInTeam(teamId, 0, 60, resp.Etag) + CheckEtag(t, rusers, resp) + + rusers, resp = Client.GetUsersNotInTeam(teamId, 0, 1, "") + CheckNoError(t, resp) + if len(rusers) != 1 { + t.Fatal("should be 1 per page") + } + + rusers, resp = Client.GetUsersNotInTeam(teamId, 1, 1, "") + CheckNoError(t, resp) + if len(rusers) != 1 { + t.Fatal("should be 1 per page") + } + + rusers, resp = Client.GetUsersNotInTeam(teamId, 10000, 100, "") + CheckNoError(t, resp) + if len(rusers) != 0 { + t.Fatal("should be no users") + } + + Client.Logout() + _, resp = Client.GetUsersNotInTeam(teamId, 0, 60, "") + CheckUnauthorizedStatus(t, resp) + + user := th.CreateUser() + Client.Login(user.Email, user.Password) + _, resp = Client.GetUsersNotInTeam(teamId, 0, 60, "") + CheckForbiddenStatus(t, resp) + + _, resp = th.SystemAdminClient.GetUsersNotInTeam(teamId, 0, 60, "") + CheckNoError(t, resp) +} + func TestGetUsersInChannel(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() |