diff options
| author | Christopher Brown <ccbrown112@gmail.com> | 2017-10-16 23:10:45 -0500 |
|---|---|---|
| committer | Christopher Brown <ccbrown112@gmail.com> | 2017-10-16 23:10:45 -0500 |
| commit | 39cc2372695836fdc96059d8b94992b1416f98e1 (patch) | |
| tree | 56d2beb5420cd0054194f71e53c6a95578beff9a /app/team_test.go | |
| parent | 89dc3cb126ba46b486997c433adfdf34982fcc81 (diff) | |
| parent | 8bf47c1211d09079fd9407555026b7b29383ac37 (diff) | |
| download | chat-39cc2372695836fdc96059d8b94992b1416f98e1.tar.gz chat-39cc2372695836fdc96059d8b94992b1416f98e1.tar.bz2 chat-39cc2372695836fdc96059d8b94992b1416f98e1.zip | |
Merge branch 'release-4.3'
Diffstat (limited to 'app/team_test.go')
| -rw-r--r-- | app/team_test.go | 214 |
1 files changed, 214 insertions, 0 deletions
diff --git a/app/team_test.go b/app/team_test.go index 7992dd0c3..61ae03f74 100644 --- a/app/team_test.go +++ b/app/team_test.go @@ -179,3 +179,217 @@ func TestPermanentDeleteTeam(t *testing.T) { t.Fatal(err) } } + +func TestSanitizeTeam(t *testing.T) { + th := Setup() + defer th.TearDown() + + team := &model.Team{ + Id: model.NewId(), + Email: th.MakeEmail(), + AllowedDomains: "example.com", + } + copyTeam := func() *model.Team { + copy := &model.Team{} + *copy = *team + return copy + } + + t.Run("not a user of the team", func(t *testing.T) { + userId := model.NewId() + session := model.Session{ + Roles: model.ROLE_SYSTEM_USER.Id, + TeamMembers: []*model.TeamMember{ + { + UserId: userId, + TeamId: model.NewId(), + Roles: model.ROLE_TEAM_USER.Id, + }, + }, + } + + sanitized := SanitizeTeam(session, copyTeam()) + if sanitized.Email != "" && sanitized.AllowedDomains != "" { + t.Fatal("should've sanitized team") + } + }) + + t.Run("user of the team", func(t *testing.T) { + userId := model.NewId() + session := model.Session{ + Roles: model.ROLE_SYSTEM_USER.Id, + TeamMembers: []*model.TeamMember{ + { + UserId: userId, + TeamId: team.Id, + Roles: model.ROLE_TEAM_USER.Id, + }, + }, + } + + sanitized := SanitizeTeam(session, copyTeam()) + if sanitized.Email != "" && sanitized.AllowedDomains != "" { + t.Fatal("should've sanitized team") + } + }) + + t.Run("team admin", func(t *testing.T) { + userId := model.NewId() + session := model.Session{ + Roles: model.ROLE_SYSTEM_USER.Id, + TeamMembers: []*model.TeamMember{ + { + UserId: userId, + TeamId: team.Id, + Roles: model.ROLE_TEAM_USER.Id + " " + model.ROLE_TEAM_ADMIN.Id, + }, + }, + } + + sanitized := SanitizeTeam(session, copyTeam()) + if sanitized.Email == "" && sanitized.AllowedDomains == "" { + t.Fatal("shouldn't have sanitized team") + } + }) + + t.Run("team admin of another team", func(t *testing.T) { + userId := model.NewId() + session := model.Session{ + Roles: model.ROLE_SYSTEM_USER.Id, + TeamMembers: []*model.TeamMember{ + { + UserId: userId, + TeamId: model.NewId(), + Roles: model.ROLE_TEAM_USER.Id + " " + model.ROLE_TEAM_ADMIN.Id, + }, + }, + } + + sanitized := SanitizeTeam(session, copyTeam()) + if sanitized.Email != "" && sanitized.AllowedDomains != "" { + t.Fatal("should've sanitized team") + } + }) + + t.Run("system admin, not a user of team", func(t *testing.T) { + userId := model.NewId() + session := model.Session{ + Roles: model.ROLE_SYSTEM_USER.Id + " " + model.ROLE_SYSTEM_ADMIN.Id, + TeamMembers: []*model.TeamMember{ + { + UserId: userId, + TeamId: model.NewId(), + Roles: model.ROLE_TEAM_USER.Id, + }, + }, + } + + sanitized := SanitizeTeam(session, copyTeam()) + if sanitized.Email == "" && sanitized.AllowedDomains == "" { + t.Fatal("shouldn't have sanitized team") + } + }) + + t.Run("system admin, user of team", func(t *testing.T) { + userId := model.NewId() + session := model.Session{ + Roles: model.ROLE_SYSTEM_USER.Id + " " + model.ROLE_SYSTEM_ADMIN.Id, + TeamMembers: []*model.TeamMember{ + { + UserId: userId, + TeamId: team.Id, + Roles: model.ROLE_TEAM_USER.Id, + }, + }, + } + + sanitized := SanitizeTeam(session, copyTeam()) + if sanitized.Email == "" && sanitized.AllowedDomains == "" { + t.Fatal("shouldn't have sanitized team") + } + }) +} + +func TestSanitizeTeams(t *testing.T) { + th := Setup() + defer th.TearDown() + + t.Run("not a system admin", func(t *testing.T) { + teams := []*model.Team{ + { + Id: model.NewId(), + Email: th.MakeEmail(), + AllowedDomains: "example.com", + }, + { + Id: model.NewId(), + Email: th.MakeEmail(), + AllowedDomains: "example.com", + }, + } + + userId := model.NewId() + session := model.Session{ + Roles: model.ROLE_SYSTEM_USER.Id, + TeamMembers: []*model.TeamMember{ + { + UserId: userId, + TeamId: teams[0].Id, + Roles: model.ROLE_TEAM_USER.Id, + }, + { + UserId: userId, + TeamId: teams[1].Id, + Roles: model.ROLE_TEAM_USER.Id + " " + model.ROLE_TEAM_ADMIN.Id, + }, + }, + } + + sanitized := SanitizeTeams(session, teams) + + if sanitized[0].Email != "" && sanitized[0].AllowedDomains != "" { + t.Fatal("should've sanitized first team") + } + + if sanitized[1].Email == "" && sanitized[1].AllowedDomains == "" { + t.Fatal("shouldn't have sanitized second team") + } + }) + + t.Run("system admin", func(t *testing.T) { + teams := []*model.Team{ + { + Id: model.NewId(), + Email: th.MakeEmail(), + AllowedDomains: "example.com", + }, + { + Id: model.NewId(), + Email: th.MakeEmail(), + AllowedDomains: "example.com", + }, + } + + userId := model.NewId() + session := model.Session{ + Roles: model.ROLE_SYSTEM_USER.Id + " " + model.ROLE_SYSTEM_ADMIN.Id, + TeamMembers: []*model.TeamMember{ + { + UserId: userId, + TeamId: teams[0].Id, + Roles: model.ROLE_TEAM_USER.Id, + }, + }, + } + + sanitized := SanitizeTeams(session, teams) + + if sanitized[0].Email == "" && sanitized[0].AllowedDomains == "" { + t.Fatal("shouldn't have sanitized first team") + } + + if sanitized[1].Email == "" && sanitized[1].AllowedDomains == "" { + t.Fatal("shouldn't have sanitized second team") + } + }) +} |