diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-03-14 09:35:48 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-03-14 09:35:48 -0400 |
commit | ad0ed008fe54534fcc089f479df606ab921901a9 (patch) | |
tree | a5fda084fb7ea61941449b393a6084f0c049195c /api4 | |
parent | d03367c56005470396d883d273323ecbd8d4f243 (diff) | |
download | chat-ad0ed008fe54534fcc089f479df606ab921901a9.tar.gz chat-ad0ed008fe54534fcc089f479df606ab921901a9.tar.bz2 chat-ad0ed008fe54534fcc089f479df606ab921901a9.zip |
Implement brand image endpoints for APIv4 (#5733)
* Implement brand image endpoints for APIv4
* Fix unit test
Diffstat (limited to 'api4')
-rw-r--r-- | api4/api.go | 4 | ||||
-rw-r--r-- | api4/brand.go | 70 | ||||
-rw-r--r-- | api4/brand_test.go | 69 |
3 files changed, 143 insertions, 0 deletions
diff --git a/api4/api.go b/api4/api.go index 53d7394c7..422af7b7b 100644 --- a/api4/api.go +++ b/api4/api.go @@ -69,6 +69,8 @@ type Routes struct { LDAP *mux.Router // 'api/v4/ldap' + Brand *mux.Router // 'api/v4/brand' + System *mux.Router // 'api/v4/system' Preferences *mux.Router // 'api/v4/preferences' @@ -142,6 +144,7 @@ func InitApi(full bool) { BaseRoutes.Compliance = BaseRoutes.ApiRoot.PathPrefix("/compliance").Subrouter() BaseRoutes.Cluster = BaseRoutes.ApiRoot.PathPrefix("/cluster").Subrouter() BaseRoutes.LDAP = BaseRoutes.ApiRoot.PathPrefix("/ldap").Subrouter() + BaseRoutes.Brand = BaseRoutes.ApiRoot.PathPrefix("/brand").Subrouter() BaseRoutes.System = BaseRoutes.ApiRoot.PathPrefix("/system").Subrouter() BaseRoutes.Preferences = BaseRoutes.User.PathPrefix("/preferences").Subrouter() BaseRoutes.License = BaseRoutes.ApiRoot.PathPrefix("/license").Subrouter() @@ -164,6 +167,7 @@ func InitApi(full bool) { InitCompliance() InitCluster() InitLdap() + InitBrand() app.Srv.Router.Handle("/api/v4/{anything:.*}", http.HandlerFunc(Handle404)) diff --git a/api4/brand.go b/api4/brand.go new file mode 100644 index 000000000..00e6bbbff --- /dev/null +++ b/api4/brand.go @@ -0,0 +1,70 @@ +// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package api4 + +import ( + "net/http" + + l4g "github.com/alecthomas/log4go" + "github.com/mattermost/platform/app" + "github.com/mattermost/platform/model" + "github.com/mattermost/platform/utils" +) + +func InitBrand() { + l4g.Debug(utils.T("api.brand.init.debug")) + + BaseRoutes.Brand.Handle("/image", ApiHandlerTrustRequester(getBrandImage)).Methods("GET") + BaseRoutes.Brand.Handle("/image", ApiSessionRequired(uploadBrandImage)).Methods("POST") +} + +func getBrandImage(c *Context, w http.ResponseWriter, r *http.Request) { + // No permission check required + + if img, err := app.GetBrandImage(); err != nil { + w.Write(nil) + } else { + w.Header().Set("Content-Type", "image/png") + w.Write(img) + } +} + +func uploadBrandImage(c *Context, w http.ResponseWriter, r *http.Request) { + if r.ContentLength > *utils.Cfg.FileSettings.MaxFileSize { + c.Err = model.NewAppError("uploadBrandImage", "api.admin.upload_brand_image.too_large.app_error", nil, "", http.StatusRequestEntityTooLarge) + return + } + + if err := r.ParseMultipartForm(*utils.Cfg.FileSettings.MaxFileSize); err != nil { + c.Err = model.NewAppError("uploadBrandImage", "api.admin.upload_brand_image.parse.app_error", nil, "", http.StatusBadRequest) + return + } + + m := r.MultipartForm + + imageArray, ok := m.File["image"] + if !ok { + c.Err = model.NewAppError("uploadBrandImage", "api.admin.upload_brand_image.no_file.app_error", nil, "", http.StatusBadRequest) + return + } + + if len(imageArray) <= 0 { + c.Err = model.NewAppError("uploadBrandImage", "api.admin.upload_brand_image.array.app_error", nil, "", http.StatusBadRequest) + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + if err := app.SaveBrandImage(imageArray[0]); err != nil { + c.Err = err + return + } + + c.LogAudit("") + + ReturnStatusOK(w) +} diff --git a/api4/brand_test.go b/api4/brand_test.go new file mode 100644 index 000000000..fd5e472a8 --- /dev/null +++ b/api4/brand_test.go @@ -0,0 +1,69 @@ +// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package api4 + +import ( + "net/http" + "testing" +) + +func TestGetBrandImage(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + data, resp := Client.GetBrandImage() + CheckNoError(t, resp) + + if len(data) != 0 { + t.Fatal("no image uploaded - should be empty") + } + + Client.Logout() + data, resp = Client.GetBrandImage() + CheckNoError(t, resp) + + if len(data) != 0 { + t.Fatal("no image uploaded - should be empty") + } + + data, resp = th.SystemAdminClient.GetBrandImage() + CheckNoError(t, resp) + + if len(data) != 0 { + t.Fatal("no image uploaded - should be empty") + } +} + +func TestUploadBrandImage(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + data, err := readTestFile("test.png") + if err != nil { + t.Fatal(err) + } + + ok, resp := Client.UploadBrandImage(data) + CheckForbiddenStatus(t, resp) + if ok { + t.Fatal("Should return false, set brand image not allowed") + } + + // status code returns either forbidden or unauthorized + // note: forbidden is set as default at Client4.SetProfileImage when request is terminated early by server + Client.Logout() + _, resp = Client.UploadBrandImage(data) + if resp.StatusCode == http.StatusForbidden { + CheckForbiddenStatus(t, resp) + } else if resp.StatusCode == http.StatusUnauthorized { + CheckUnauthorizedStatus(t, resp) + } else { + t.Fatal("Should have failed either forbidden or unauthorized") + } + + _, resp = th.SystemAdminClient.UploadBrandImage(data) + CheckNotImplementedStatus(t, resp) +} |