summaryrefslogtreecommitdiffstats
path: root/api4
diff options
context:
space:
mode:
authorDerrick Anderson <derrick@andersonwebstudio.com>2018-02-12 16:01:02 -0500
committerDerrick Anderson <derrick@andersonwebstudio.com>2018-02-12 16:01:02 -0500
commitc209e4457457edc042f063390c9a222a694f3a6d (patch)
tree5e1653318a6a14bcad80025793adab0f700deed9 /api4
parent62efb1df754bfe6b10a3c17ca6f89fd33b991f56 (diff)
downloadchat-c209e4457457edc042f063390c9a222a694f3a6d.tar.gz
chat-c209e4457457edc042f063390c9a222a694f3a6d.tar.bz2
chat-c209e4457457edc042f063390c9a222a694f3a6d.zip
revert master changes
Diffstat (limited to 'api4')
-rw-r--r--api4/apitestlib.go14
-rw-r--r--api4/channel_test.go148
-rw-r--r--api4/file.go4
-rw-r--r--api4/oauth.go24
-rw-r--r--api4/oauth_test.go62
-rw-r--r--api4/post_test.go43
-rw-r--r--api4/system.go6
-rw-r--r--api4/team_test.go71
-rw-r--r--api4/user_test.go53
9 files changed, 371 insertions, 54 deletions
diff --git a/api4/apitestlib.go b/api4/apitestlib.go
index db43a6512..a7e64ae84 100644
--- a/api4/apitestlib.go
+++ b/api4/apitestlib.go
@@ -113,11 +113,7 @@ func setupTestHelper(enterprise bool) *TestHelper {
if testStore != nil {
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ListenAddress = ":0" })
}
- serverErr := th.App.StartServer()
- if serverErr != nil {
- panic(serverErr)
- }
-
+ th.App.StartServer()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ListenAddress = prevListenAddress })
Init(th.App, th.App.Srv.Router, true)
wsapi.Init(th.App, th.App.Srv.WebSocketRouter)
@@ -125,10 +121,9 @@ func setupTestHelper(enterprise bool) *TestHelper {
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.EnableOpenServer = true })
+ utils.SetIsLicensed(enterprise)
if enterprise {
- th.App.SetLicense(model.NewTestLicense())
- } else {
- th.App.SetLicense(nil)
+ utils.License().Features.SetDefaults()
}
th.Client = th.CreateClient()
@@ -303,7 +298,8 @@ func (me *TestHelper) CreateUserWithClient(client *model.Client4) *model.User {
}
utils.DisableDebugLogForTest()
- ruser, _ := client.CreateUser(user)
+ ruser, r := client.CreateUser(user)
+ fmt.Println(r)
ruser.Password = "Password1"
store.Must(me.App.Srv.Store.User().VerifyEmail(ruser.Id))
utils.EnableDebugLogForTest()
diff --git a/api4/channel_test.go b/api4/channel_test.go
index e65918707..724b0d84b 100644
--- a/api4/channel_test.go
+++ b/api4/channel_test.go
@@ -14,6 +14,7 @@ import (
"github.com/mattermost/mattermost-server/model"
"github.com/mattermost/mattermost-server/store/sqlstore"
+ "github.com/mattermost/mattermost-server/utils"
)
func TestCreateChannel(t *testing.T) {
@@ -81,9 +82,23 @@ func TestCreateChannel(t *testing.T) {
th.LoginBasic()
// Check permissions with policy config changes
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ restrictPublicChannel := *th.App.Config().TeamSettings.RestrictPublicChannelCreation
+ restrictPrivateChannel := *th.App.Config().TeamSettings.RestrictPrivateChannelCreation
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelCreation = restrictPublicChannel })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelCreation = restrictPrivateChannel })
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelCreation = model.PERMISSIONS_ALL })
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelCreation = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
channel.Name = GenerateTestChannelName()
_, resp = Client.CreateChannel(channel)
@@ -95,8 +110,11 @@ func TestCreateChannel(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPublicChannelCreation = model.PERMISSIONS_TEAM_ADMIN
+ })
+ th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelCreation = model.PERMISSIONS_TEAM_ADMIN
})
+ th.App.SetDefaultRolesBasedOnConfig()
_, resp = Client.CreateChannel(channel)
CheckForbiddenStatus(t, resp)
@@ -124,8 +142,11 @@ func TestCreateChannel(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPublicChannelCreation = model.PERMISSIONS_SYSTEM_ADMIN
+ })
+ th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelCreation = model.PERMISSIONS_SYSTEM_ADMIN
})
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
@@ -152,7 +173,9 @@ func TestCreateChannel(t *testing.T) {
CheckNoError(t, resp)
// Check that if unlicensed the policy restriction is not enforced.
- th.App.SetLicense(nil)
+ utils.SetIsLicensed(false)
+ utils.SetLicense(nil)
+ th.App.SetDefaultRolesBasedOnConfig()
channel.Name = GenerateTestChannelName()
_, resp = Client.CreateChannel(channel)
@@ -864,9 +887,23 @@ func TestDeleteChannel(t *testing.T) {
th.InitBasic().InitSystemAdmin()
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ restrictPublicChannel := *th.App.Config().TeamSettings.RestrictPublicChannelManagement
+ restrictPrivateChannel := *th.App.Config().TeamSettings.RestrictPrivateChannelManagement
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = restrictPublicChannel })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = restrictPrivateChannel })
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_ALL })
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
Client = th.Client
team = th.BasicTeam
@@ -889,8 +926,11 @@ func TestDeleteChannel(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_CHANNEL_ADMIN
+ })
+ th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_CHANNEL_ADMIN
})
+ th.App.SetDefaultRolesBasedOnConfig()
// channels created by SystemAdmin
publicChannel6 = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_OPEN)
@@ -927,7 +967,9 @@ func TestDeleteChannel(t *testing.T) {
// successful delete by team admin
th.UpdateUserToTeamAdmin(user, team)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
_, resp = Client.DeleteChannel(publicChannel6.Id)
CheckNoError(t, resp)
@@ -937,11 +979,16 @@ func TestDeleteChannel(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_TEAM_ADMIN
+ })
+ th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_TEAM_ADMIN
})
+ th.App.SetDefaultRolesBasedOnConfig()
th.UpdateUserToNonTeamAdmin(user, team)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
// channels created by SystemAdmin
publicChannel6 = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_OPEN)
@@ -971,7 +1018,9 @@ func TestDeleteChannel(t *testing.T) {
// successful delete by team admin
th.UpdateUserToTeamAdmin(th.BasicUser, team)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
_, resp = Client.DeleteChannel(publicChannel6.Id)
CheckNoError(t, resp)
@@ -981,8 +1030,11 @@ func TestDeleteChannel(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_SYSTEM_ADMIN
+ })
+ th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_SYSTEM_ADMIN
})
+ th.App.SetDefaultRolesBasedOnConfig()
// channels created by SystemAdmin
publicChannel6 = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_OPEN)
@@ -1012,7 +1064,9 @@ func TestDeleteChannel(t *testing.T) {
// cannot delete by team admin
th.UpdateUserToTeamAdmin(th.BasicUser, team)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
_, resp = Client.DeleteChannel(publicChannel6.Id)
CheckForbiddenStatus(t, resp)
@@ -1769,9 +1823,16 @@ func TestAddChannelMember(t *testing.T) {
CheckNoError(t, resp)
// Test policy does not apply to TE.
+ restrictPrivateChannel := *th.App.Config().TeamSettings.RestrictPrivateChannelManageMembers
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) {
+ *cfg.TeamSettings.RestrictPrivateChannelManageMembers = restrictPrivateChannel
+ })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_CHANNEL_ADMIN
})
+ th.App.SetDefaultRolesBasedOnConfig()
Client.Login(user2.Username, user2.Password)
privateChannel = th.CreatePrivateChannel()
@@ -1785,8 +1846,18 @@ func TestAddChannelMember(t *testing.T) {
Client.Logout()
// Add a license
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ defer func() {
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
// Check that a regular channel user can add other users.
Client.Login(user2.Username, user2.Password)
@@ -1804,6 +1875,10 @@ func TestAddChannelMember(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_CHANNEL_ADMIN
})
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
Client.Login(user2.Username, user2.Password)
privateChannel = th.CreatePrivateChannel()
@@ -1818,7 +1893,10 @@ func TestAddChannelMember(t *testing.T) {
th.MakeUserChannelAdmin(user, privateChannel)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
Client.Login(user.Username, user.Password)
_, resp = Client.AddChannelMember(privateChannel.Id, user3.Id)
@@ -1829,6 +1907,10 @@ func TestAddChannelMember(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_TEAM_ADMIN
})
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
Client.Login(user2.Username, user2.Password)
privateChannel = th.CreatePrivateChannel()
@@ -1843,7 +1925,10 @@ func TestAddChannelMember(t *testing.T) {
th.UpdateUserToTeamAdmin(user, team)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
Client.Login(user.Username, user.Password)
_, resp = Client.AddChannelMember(privateChannel.Id, user3.Id)
@@ -1854,6 +1939,10 @@ func TestAddChannelMember(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_SYSTEM_ADMIN
})
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
Client.Login(user2.Username, user2.Password)
privateChannel = th.CreatePrivateChannel()
@@ -1930,9 +2019,16 @@ func TestRemoveChannelMember(t *testing.T) {
th.App.InvalidateAllCaches()
// Test policy does not apply to TE.
+ restrictPrivateChannel := *th.App.Config().TeamSettings.RestrictPrivateChannelManageMembers
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) {
+ *cfg.TeamSettings.RestrictPrivateChannelManageMembers = restrictPrivateChannel
+ })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_CHANNEL_ADMIN
})
+ th.App.SetDefaultRolesBasedOnConfig()
privateChannel := th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE)
_, resp = th.SystemAdminClient.AddChannelMember(privateChannel.Id, user1.Id)
@@ -1944,8 +2040,18 @@ func TestRemoveChannelMember(t *testing.T) {
CheckNoError(t, resp)
// Add a license
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ defer func() {
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
// Check that a regular channel user can remove other users.
privateChannel = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE)
@@ -1961,6 +2067,10 @@ func TestRemoveChannelMember(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_CHANNEL_ADMIN
})
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
privateChannel = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE)
_, resp = th.SystemAdminClient.AddChannelMember(privateChannel.Id, user1.Id)
@@ -1973,7 +2083,9 @@ func TestRemoveChannelMember(t *testing.T) {
th.MakeUserChannelAdmin(user1, privateChannel)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
_, resp = Client.RemoveUserFromChannel(privateChannel.Id, user2.Id)
CheckNoError(t, resp)
@@ -1982,6 +2094,10 @@ func TestRemoveChannelMember(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_TEAM_ADMIN
})
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
privateChannel = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE)
_, resp = th.SystemAdminClient.AddChannelMember(privateChannel.Id, user1.Id)
@@ -1994,7 +2110,9 @@ func TestRemoveChannelMember(t *testing.T) {
th.UpdateUserToTeamAdmin(user1, team)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
_, resp = Client.RemoveUserFromChannel(privateChannel.Id, user2.Id)
CheckNoError(t, resp)
@@ -2003,6 +2121,10 @@ func TestRemoveChannelMember(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_SYSTEM_ADMIN
})
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
privateChannel = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE)
_, resp = th.SystemAdminClient.AddChannelMember(privateChannel.Id, user1.Id)
diff --git a/api4/file.go b/api4/file.go
index acc4c78e5..48ee281fe 100644
--- a/api4/file.go
+++ b/api4/file.go
@@ -281,13 +281,13 @@ func getPublicFile(c *Context, w http.ResponseWriter, r *http.Request) {
if len(hash) == 0 {
c.Err = model.NewAppError("getPublicFile", "api.file.get_file.public_invalid.app_error", nil, "", http.StatusBadRequest)
- utils.RenderWebAppError(w, r, c.Err, c.App.AsymmetricSigningKey())
+ http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+utils.T(c.Err.Message), http.StatusTemporaryRedirect)
return
}
if hash != app.GeneratePublicLinkHash(info.Id, *c.App.Config().FileSettings.PublicLinkSalt) {
c.Err = model.NewAppError("getPublicFile", "api.file.get_file.public_invalid.app_error", nil, "", http.StatusBadRequest)
- utils.RenderWebAppError(w, r, c.Err, c.App.AsymmetricSigningKey())
+ http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+utils.T(c.Err.Message), http.StatusTemporaryRedirect)
return
}
diff --git a/api4/oauth.go b/api4/oauth.go
index d0f43256a..655adaaee 100644
--- a/api4/oauth.go
+++ b/api4/oauth.go
@@ -313,7 +313,7 @@ func deauthorizeOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) {
func authorizeOAuthPage(c *Context, w http.ResponseWriter, r *http.Request) {
if !c.App.Config().ServiceSettings.EnableOAuthServiceProvider {
err := model.NewAppError("authorizeOAuth", "api.oauth.authorize_oauth.disabled.app_error", nil, "", http.StatusNotImplemented)
- utils.RenderWebAppError(w, r, err, c.App.AsymmetricSigningKey())
+ utils.RenderWebError(err, w, r)
return
}
@@ -326,13 +326,13 @@ func authorizeOAuthPage(c *Context, w http.ResponseWriter, r *http.Request) {
}
if err := authRequest.IsValid(); err != nil {
- utils.RenderWebAppError(w, r, err, c.App.AsymmetricSigningKey())
+ utils.RenderWebError(err, w, r)
return
}
oauthApp, err := c.App.GetOAuthApp(authRequest.ClientId)
if err != nil {
- utils.RenderWebAppError(w, r, err, c.App.AsymmetricSigningKey())
+ utils.RenderWebError(err, w, r)
return
}
@@ -343,8 +343,7 @@ func authorizeOAuthPage(c *Context, w http.ResponseWriter, r *http.Request) {
}
if !oauthApp.IsValidRedirectURL(authRequest.RedirectUri) {
- err := model.NewAppError("authorizeOAuthPage", "api.oauth.allow_oauth.redirect_callback.app_error", nil, "", http.StatusBadRequest)
- utils.RenderWebAppError(w, r, err, c.App.AsymmetricSigningKey())
+ utils.RenderWebError(model.NewAppError("authorizeOAuthPage", "api.oauth.allow_oauth.redirect_callback.app_error", nil, "", http.StatusBadRequest), w, r)
return
}
@@ -361,7 +360,7 @@ func authorizeOAuthPage(c *Context, w http.ResponseWriter, r *http.Request) {
redirectUrl, err := c.App.AllowOAuthAppAccessToUser(c.Session.UserId, authRequest)
if err != nil {
- utils.RenderWebAppError(w, r, err, c.App.AsymmetricSigningKey())
+ utils.RenderWebError(err, w, r)
return
}
@@ -442,10 +441,7 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
code := r.URL.Query().Get("code")
if len(code) == 0 {
- utils.RenderWebError(w, r, http.StatusTemporaryRedirect, url.Values{
- "type": []string{"oauth_missing_code"},
- "service": []string{strings.Title(service)},
- }, c.App.AsymmetricSigningKey())
+ http.Redirect(w, r, c.GetSiteURLHeader()+"/error?type=oauth_missing_code&service="+strings.Title(service), http.StatusTemporaryRedirect)
return
}
@@ -466,7 +462,7 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
if action == model.OAUTH_ACTION_MOBILE {
w.Write([]byte(err.ToJson()))
} else {
- utils.RenderWebAppError(w, r, err, c.App.AsymmetricSigningKey())
+ http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+url.QueryEscape(err.Message), http.StatusTemporaryRedirect)
}
return
}
@@ -478,7 +474,7 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
if action == model.OAUTH_ACTION_MOBILE {
w.Write([]byte(err.ToJson()))
} else {
- utils.RenderWebAppError(w, r, err, c.App.AsymmetricSigningKey())
+ http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+url.QueryEscape(err.Message), http.StatusTemporaryRedirect)
}
return
}
@@ -563,9 +559,7 @@ func signupWithOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
}
if !c.App.Config().TeamSettings.EnableUserCreation {
- utils.RenderWebError(w, r, http.StatusBadRequest, url.Values{
- "message": []string{utils.T("api.oauth.singup_with_oauth.disabled.app_error")},
- }, c.App.AsymmetricSigningKey())
+ http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+url.QueryEscape(utils.T("api.oauth.singup_with_oauth.disabled.app_error")), http.StatusTemporaryRedirect)
return
}
diff --git a/api4/oauth_test.go b/api4/oauth_test.go
index c871dafff..8dd602456 100644
--- a/api4/oauth_test.go
+++ b/api4/oauth_test.go
@@ -18,7 +18,14 @@ func TestCreateOAuthApp(t *testing.T) {
Client := th.Client
AdminClient := th.SystemAdminClient
+ enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider
+ adminOnly := *th.App.Config().ServiceSettings.EnableOnlyAdminIntegrations
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true })
+ th.App.SetDefaultRolesBasedOnConfig()
oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}, IsTrusted: true}
@@ -35,10 +42,12 @@ func TestCreateOAuthApp(t *testing.T) {
}
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true })
+ th.App.SetDefaultRolesBasedOnConfig()
_, resp = Client.CreateOAuthApp(oapp)
CheckForbiddenStatus(t, resp)
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
rapp, resp = Client.CreateOAuthApp(oapp)
CheckNoError(t, resp)
CheckCreatedStatus(t, resp)
@@ -77,7 +86,14 @@ func TestUpdateOAuthApp(t *testing.T) {
Client := th.Client
AdminClient := th.SystemAdminClient
+ enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider
+ adminOnly := *th.App.Config().ServiceSettings.EnableOnlyAdminIntegrations
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true })
+ th.App.SetDefaultRolesBasedOnConfig()
oapp := &model.OAuthApp{
Name: "oapp",
@@ -156,6 +172,7 @@ func TestUpdateOAuthApp(t *testing.T) {
th.LoginBasic()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
_, resp = Client.UpdateOAuthApp(oapp)
CheckForbiddenStatus(t, resp)
@@ -182,8 +199,15 @@ func TestGetOAuthApps(t *testing.T) {
Client := th.Client
AdminClient := th.SystemAdminClient
+ enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider
+ adminOnly := *th.App.Config().ServiceSettings.EnableOnlyAdminIntegrations
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true })
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
@@ -227,6 +251,7 @@ func TestGetOAuthApps(t *testing.T) {
}
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true })
+ th.App.SetDefaultRolesBasedOnConfig()
_, resp = Client.GetOAuthApps(0, 1000)
CheckForbiddenStatus(t, resp)
@@ -247,8 +272,15 @@ func TestGetOAuthApp(t *testing.T) {
Client := th.Client
AdminClient := th.SystemAdminClient
+ enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider
+ adminOnly := *th.App.Config().ServiceSettings.EnableOnlyAdminIntegrations
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true })
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
@@ -288,6 +320,7 @@ func TestGetOAuthApp(t *testing.T) {
CheckForbiddenStatus(t, resp)
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true })
+ th.App.SetDefaultRolesBasedOnConfig()
_, resp = Client.GetOAuthApp(rapp2.Id)
CheckForbiddenStatus(t, resp)
@@ -314,8 +347,15 @@ func TestGetOAuthAppInfo(t *testing.T) {
Client := th.Client
AdminClient := th.SystemAdminClient
+ enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider
+ adminOnly := *th.App.Config().ServiceSettings.EnableOnlyAdminIntegrations
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true })
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
@@ -355,6 +395,7 @@ func TestGetOAuthAppInfo(t *testing.T) {
CheckNoError(t, resp)
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true })
+ th.App.SetDefaultRolesBasedOnConfig()
_, resp = Client.GetOAuthAppInfo(rapp2.Id)
CheckNoError(t, resp)
@@ -381,8 +422,15 @@ func TestDeleteOAuthApp(t *testing.T) {
Client := th.Client
AdminClient := th.SystemAdminClient
+ enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider
+ adminOnly := *th.App.Config().ServiceSettings.EnableOnlyAdminIntegrations
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true })
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
@@ -417,6 +465,7 @@ func TestDeleteOAuthApp(t *testing.T) {
CheckNoError(t, resp)
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
_, resp = Client.DeleteOAuthApp(rapp.Id)
CheckForbiddenStatus(t, resp)
@@ -441,8 +490,15 @@ func TestRegenerateOAuthAppSecret(t *testing.T) {
Client := th.Client
AdminClient := th.SystemAdminClient
+ enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider
+ adminOnly := *th.App.Config().ServiceSettings.EnableOnlyAdminIntegrations
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth })
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true })
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
@@ -481,6 +537,7 @@ func TestRegenerateOAuthAppSecret(t *testing.T) {
CheckNoError(t, resp)
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false })
+ th.App.SetDefaultRolesBasedOnConfig()
_, resp = Client.RegenerateOAuthAppSecret(rapp.Id)
CheckForbiddenStatus(t, resp)
@@ -565,7 +622,12 @@ func TestAuthorizeOAuthApp(t *testing.T) {
Client := th.Client
AdminClient := th.SystemAdminClient
+ enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true })
+ th.App.SetDefaultRolesBasedOnConfig()
oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
diff --git a/api4/post_test.go b/api4/post_test.go
index 257918525..6f770b70a 100644
--- a/api4/post_test.go
+++ b/api4/post_test.go
@@ -17,6 +17,7 @@ import (
"github.com/mattermost/mattermost-server/app"
"github.com/mattermost/mattermost-server/model"
+ "github.com/mattermost/mattermost-server/utils"
)
func TestCreatePost(t *testing.T) {
@@ -129,8 +130,20 @@ func testCreatePostWithOutgoingHook(
team := th.BasicTeam
channel := th.BasicChannel
+ enableOutgoingHooks := th.App.Config().ServiceSettings.EnableOutgoingWebhooks
+ enableAdminOnlyHooks := th.App.Config().ServiceSettings.EnableOnlyAdminIntegrations
+ allowedInternalConnections := *th.App.Config().ServiceSettings.AllowedUntrustedInternalConnections
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks })
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks })
+ th.App.SetDefaultRolesBasedOnConfig()
+ th.App.UpdateConfig(func(cfg *model.Config) {
+ cfg.ServiceSettings.AllowedUntrustedInternalConnections = &allowedInternalConnections
+ })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOutgoingWebhooks = true })
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true })
+ th.App.SetDefaultRolesBasedOnConfig()
th.App.UpdateConfig(func(cfg *model.Config) {
*cfg.ServiceSettings.AllowedUntrustedInternalConnections = "localhost 127.0.0.1"
})
@@ -476,8 +489,21 @@ func TestUpdatePost(t *testing.T) {
Client := th.Client
channel := th.BasicChannel
- th.App.SetLicense(model.NewTestLicense())
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ allowEditPost := *th.App.Config().ServiceSettings.AllowEditPost
+ defer func() {
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowEditPost = allowEditPost })
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowEditPost = model.ALLOW_EDIT_POST_ALWAYS })
+ th.App.SetDefaultRolesBasedOnConfig()
post := &model.Post{ChannelId: channel.Id, Message: "zz" + model.NewId() + "a"}
rpost, resp := Client.CreatePost(post)
@@ -548,8 +574,21 @@ func TestPatchPost(t *testing.T) {
Client := th.Client
channel := th.BasicChannel
- th.App.SetLicense(model.NewTestLicense())
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ allowEditPost := *th.App.Config().ServiceSettings.AllowEditPost
+ defer func() {
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowEditPost = allowEditPost })
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowEditPost = model.ALLOW_EDIT_POST_ALWAYS })
+ th.App.SetDefaultRolesBasedOnConfig()
post := &model.Post{
ChannelId: channel.Id,
diff --git a/api4/system.go b/api4/system.go
index 061ffe094..43b941247 100644
--- a/api4/system.go
+++ b/api4/system.go
@@ -266,7 +266,7 @@ func getClientLicense(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- etag := c.App.GetClientLicenseEtag(true)
+ etag := utils.GetClientLicenseEtag(true)
if c.HandleEtag(etag, "Get Client License", w, r) {
return
}
@@ -274,9 +274,9 @@ func getClientLicense(c *Context, w http.ResponseWriter, r *http.Request) {
var clientLicense map[string]string
if c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
- clientLicense = c.App.ClientLicense()
+ clientLicense = utils.ClientLicense()
} else {
- clientLicense = c.App.GetSanitizedClientLicense()
+ clientLicense = utils.GetSanitizedClientLicense()
}
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
diff --git a/api4/team_test.go b/api4/team_test.go
index faa90e511..d365fd686 100644
--- a/api4/team_test.go
+++ b/api4/team_test.go
@@ -68,7 +68,13 @@ func TestCreateTeam(t *testing.T) {
CheckUnauthorizedStatus(t, resp)
// Update permission
+ enableTeamCreation := th.App.Config().TeamSettings.EnableTeamCreation
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableTeamCreation = enableTeamCreation })
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.EnableTeamCreation = false })
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
_, resp = Client.CreateTeam(team)
@@ -1286,8 +1292,20 @@ func TestAddTeamMember(t *testing.T) {
Client.Logout()
+ // Check effects of config and license changes.
+ restrictTeamInvite := *th.App.Config().TeamSettings.RestrictTeamInvite
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = restrictTeamInvite })
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
+
// Set the config so that only team admins can add a user to a team.
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_TEAM_ADMIN })
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// Test without the EE license to see that the permission restriction is ignored.
@@ -1295,7 +1313,10 @@ func TestAddTeamMember(t *testing.T) {
CheckNoError(t, resp)
// Add an EE license.
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// Check that a regular user can't add someone to the team.
@@ -1306,7 +1327,10 @@ func TestAddTeamMember(t *testing.T) {
th.UpdateUserToTeamAdmin(th.BasicUser, th.BasicTeam)
th.App.InvalidateAllCaches()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_TEAM_ADMIN })
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// Should work as a team admin.
@@ -1315,6 +1339,7 @@ func TestAddTeamMember(t *testing.T) {
// Change permission level to System Admin
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_SYSTEM_ADMIN })
+ th.App.SetDefaultRolesBasedOnConfig()
// Should not work as team admin.
_, resp = Client.AddTeamMember(team.Id, otherUser.Id)
@@ -1328,13 +1353,21 @@ func TestAddTeamMember(t *testing.T) {
th.UpdateUserToNonTeamAdmin(th.BasicUser, th.BasicTeam)
th.App.InvalidateAllCaches()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// Should work as a regular user.
_, resp = Client.AddTeamMember(team.Id, otherUser.Id)
CheckNoError(t, resp)
+ // Reset config and license.
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = restrictTeamInvite })
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// by hash and data
@@ -1474,8 +1507,20 @@ func TestAddTeamMembers(t *testing.T) {
Client.Logout()
+ // Check effects of config and license changes.
+ restrictTeamInvite := *th.App.Config().TeamSettings.RestrictTeamInvite
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = restrictTeamInvite })
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.SetDefaultRolesBasedOnConfig()
+ }()
+
// Set the config so that only team admins can add a user to a team.
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_TEAM_ADMIN })
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// Test without the EE license to see that the permission restriction is ignored.
@@ -1483,7 +1528,10 @@ func TestAddTeamMembers(t *testing.T) {
CheckNoError(t, resp)
// Add an EE license.
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// Check that a regular user can't add someone to the team.
@@ -1494,7 +1542,10 @@ func TestAddTeamMembers(t *testing.T) {
th.UpdateUserToTeamAdmin(th.BasicUser, th.BasicTeam)
th.App.InvalidateAllCaches()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_TEAM_ADMIN })
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// Should work as a team admin.
@@ -1503,6 +1554,7 @@ func TestAddTeamMembers(t *testing.T) {
// Change permission level to System Admin
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_SYSTEM_ADMIN })
+ th.App.SetDefaultRolesBasedOnConfig()
// Should not work as team admin.
_, resp = Client.AddTeamMembers(team.Id, userList)
@@ -1516,7 +1568,10 @@ func TestAddTeamMembers(t *testing.T) {
th.UpdateUserToNonTeamAdmin(th.BasicUser, th.BasicTeam)
th.App.InvalidateAllCaches()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictTeamInvite = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ th.App.SetDefaultRolesBasedOnConfig()
th.LoginBasic()
// Should work as a regular user.
@@ -1875,6 +1930,10 @@ func TestInviteUsersToTeam(t *testing.T) {
}
}
+ restrictCreationToDomains := th.App.Config().TeamSettings.RestrictCreationToDomains
+ defer func() {
+ th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.RestrictCreationToDomains = restrictCreationToDomains })
+ }()
th.App.UpdateConfig(func(cfg *model.Config) { cfg.TeamSettings.RestrictCreationToDomains = "@example.com" })
err := th.App.InviteNewUsersToTeam(emailList, th.BasicTeam.Id, th.BasicUser.Id)
diff --git a/api4/user_test.go b/api4/user_test.go
index 4613a8ea9..a7b7d297d 100644
--- a/api4/user_test.go
+++ b/api4/user_test.go
@@ -1566,7 +1566,18 @@ func TestUpdateUserMfa(t *testing.T) {
defer th.TearDown()
Client := th.Client
- th.App.SetLicense(model.NewTestLicense("mfa"))
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ enableMfa := *th.App.Config().ServiceSettings.EnableMultifactorAuthentication
+ defer func() {
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableMultifactorAuthentication = enableMfa })
+ }()
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ *utils.License().Features.MFA = true
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableMultifactorAuthentication = true })
session, _ := th.App.GetSession(Client.AuthToken)
@@ -1601,7 +1612,18 @@ func TestCheckUserMfa(t *testing.T) {
t.Fatal("should be false - mfa not active")
}
- th.App.SetLicense(model.NewTestLicense("mfa"))
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ enableMfa := *th.App.Config().ServiceSettings.EnableMultifactorAuthentication
+ defer func() {
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableMultifactorAuthentication = enableMfa })
+ }()
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ *utils.License().Features.MFA = true
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableMultifactorAuthentication = true })
th.LoginBasic()
@@ -1637,7 +1659,18 @@ func TestGenerateMfaSecret(t *testing.T) {
_, resp = Client.GenerateMfaSecret("junk")
CheckBadRequestStatus(t, resp)
- th.App.SetLicense(model.NewTestLicense("mfa"))
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ enableMfa := *th.App.Config().ServiceSettings.EnableMultifactorAuthentication
+ defer func() {
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableMultifactorAuthentication = enableMfa })
+ }()
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
+ *utils.License().Features.MFA = true
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableMultifactorAuthentication = true })
_, resp = Client.GenerateMfaSecret(model.NewId())
@@ -2154,7 +2187,19 @@ func TestSwitchAccount(t *testing.T) {
t.Fatal("bad link")
}
- th.App.SetLicense(model.NewTestLicense())
+ isLicensed := utils.IsLicensed()
+ license := utils.License()
+ enableAuthenticationTransfer := *th.App.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer
+ defer func() {
+ utils.SetIsLicensed(isLicensed)
+ utils.SetLicense(license)
+ th.App.UpdateConfig(func(cfg *model.Config) {
+ *cfg.ServiceSettings.ExperimentalEnableAuthenticationTransfer = enableAuthenticationTransfer
+ })
+ }()
+ utils.SetIsLicensed(true)
+ utils.SetLicense(&model.License{Features: &model.Features{}})
+ utils.License().Features.SetDefaults()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ExperimentalEnableAuthenticationTransfer = false })
sr = &model.SwitchRequest{