diff options
author | Adrian Carolli <adrian.caarolli@gmail.com> | 2018-01-11 16:30:55 -0500 |
---|---|---|
committer | Joram Wilander <jwawilander@gmail.com> | 2018-01-11 16:30:55 -0500 |
commit | b1d13a2d897147de8290a03e624efe4000dc9aa7 (patch) | |
tree | a75464c6eb48b753c96d7210254ff6985c7e4a4c /api4 | |
parent | 1d9efd0e39a9663bb2fbf52b3353fe21ac3b6954 (diff) | |
download | chat-b1d13a2d897147de8290a03e624efe4000dc9aa7.tar.gz chat-b1d13a2d897147de8290a03e624efe4000dc9aa7.tar.bz2 chat-b1d13a2d897147de8290a03e624efe4000dc9aa7.zip |
[PLT-7793] Add /users/tokens/search endpoint (#8088)
* Add /users/tokens/search endpoint + tests
* Fix check-style
* Unnecessary deletion
Diffstat (limited to 'api4')
-rw-r--r-- | api4/user.go | 25 | ||||
-rw-r--r-- | api4/user_test.go | 46 |
2 files changed, 71 insertions, 0 deletions
diff --git a/api4/user.go b/api4/user.go index cd26b00e3..a664acfac 100644 --- a/api4/user.go +++ b/api4/user.go @@ -60,6 +60,7 @@ func (api *API) InitUser() { api.BaseRoutes.User.Handle("/tokens", api.ApiSessionRequired(createUserAccessToken)).Methods("POST") api.BaseRoutes.User.Handle("/tokens", api.ApiSessionRequired(getUserAccessTokensForUser)).Methods("GET") api.BaseRoutes.Users.Handle("/tokens", api.ApiSessionRequired(getUserAccessTokens)).Methods("GET") + api.BaseRoutes.Users.Handle("/tokens/search", api.ApiSessionRequired(searchUserAccessTokens)).Methods("POST") api.BaseRoutes.Users.Handle("/tokens/{token_id:[A-Za-z0-9]+}", api.ApiSessionRequired(getUserAccessToken)).Methods("GET") api.BaseRoutes.Users.Handle("/tokens/revoke", api.ApiSessionRequired(revokeUserAccessToken)).Methods("POST") api.BaseRoutes.Users.Handle("/tokens/disable", api.ApiSessionRequired(disableUserAccessToken)).Methods("POST") @@ -1241,6 +1242,30 @@ func createUserAccessToken(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(accessToken.ToJson())) } +func searchUserAccessTokens(c *Context, w http.ResponseWriter, r *http.Request) { + if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + props := model.UserAccessTokenSearchFromJson(r.Body) + if props == nil { + c.SetInvalidParam("user_access_token_search") + return + } + + if len(props.Term) == 0 { + c.SetInvalidParam("term") + return + } + accessTokens, err := c.App.SearchUserAccessTokens(props.Term) + if err != nil { + c.Err = err + return + } + + w.Write([]byte(model.UserAccessTokenListToJson(accessTokens))) +} + func getUserAccessTokens(c *Context, w http.ResponseWriter, r *http.Request) { if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) diff --git a/api4/user_test.go b/api4/user_test.go index 7b103d23b..d50bdf6a9 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -2469,6 +2469,52 @@ func TestGetUserAccessToken(t *testing.T) { } } +func TestSearchUserAccessToken(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer th.TearDown() + Client := th.Client + AdminClient := th.SystemAdminClient + + testDescription := "test token" + + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableUserAccessTokens = true }) + + th.App.UpdateUserRoles(th.BasicUser.Id, model.SYSTEM_USER_ROLE_ID+" "+model.SYSTEM_USER_ACCESS_TOKEN_ROLE_ID, false) + token, resp := Client.CreateUserAccessToken(th.BasicUser.Id, testDescription) + CheckNoError(t, resp) + + _, resp = Client.SearchUserAccessTokens(&model.UserAccessTokenSearch{Term: token.Id}) + CheckForbiddenStatus(t, resp) + + rtokens, resp := AdminClient.SearchUserAccessTokens(&model.UserAccessTokenSearch{Term: th.BasicUser.Id}) + CheckNoError(t, resp) + + if len(rtokens) != 1 { + t.Fatal("should have 1 tokens") + } + + rtokens, resp = AdminClient.SearchUserAccessTokens(&model.UserAccessTokenSearch{Term: token.Id}) + CheckNoError(t, resp) + + if len(rtokens) != 1 { + t.Fatal("should have 1 tokens") + } + + rtokens, resp = AdminClient.SearchUserAccessTokens(&model.UserAccessTokenSearch{Term: th.BasicUser.Username}) + CheckNoError(t, resp) + + if len(rtokens) != 1 { + t.Fatal("should have 1 tokens") + } + + rtokens, resp = AdminClient.SearchUserAccessTokens(&model.UserAccessTokenSearch{Term: "not found"}) + CheckNoError(t, resp) + + if len(rtokens) != 0 { + t.Fatal("should have 0 tokens") + } +} + func TestRevokeUserAccessToken(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer th.TearDown() |