summaryrefslogtreecommitdiffstats
path: root/api/channel_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'api/channel_test.go')
-rw-r--r--api/channel_test.go547
1 files changed, 94 insertions, 453 deletions
diff --git a/api/channel_test.go b/api/channel_test.go
index 9268d9071..c68ace31e 100644
--- a/api/channel_test.go
+++ b/api/channel_test.go
@@ -19,7 +19,6 @@ func TestCreateChannel(t *testing.T) {
defer th.TearDown()
Client := th.BasicClient
- SystemAdminClient := th.SystemAdminClient
team := th.BasicTeam
th.LoginBasic2()
team2 := th.CreateTeam(th.BasicClient)
@@ -96,9 +95,14 @@ func TestCreateChannel(t *testing.T) {
t.Fatal("Should have errored out on direct channel type")
}
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_ALL })
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ // Check the appropriate permissions are enforced.
+ defaultRolePermissions := th.SaveDefaultRolePermissions()
+ defer func() {
+ th.RestoreDefaultRolePermissions(defaultRolePermissions)
+ }()
+
+ th.AddPermissionToRole(model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
channel2 := &model.Channel{DisplayName: "Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
channel3 := &model.Channel{DisplayName: "Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
@@ -109,12 +113,10 @@ func TestCreateChannel(t *testing.T) {
t.Fatal(err)
}
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelCreation = model.PERMISSIONS_TEAM_ADMIN
- })
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelCreation = model.PERMISSIONS_TEAM_ADMIN
- })
+ th.RemovePermissionFromRole(model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, model.TEAM_ADMIN_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, model.TEAM_ADMIN_ROLE_ID)
th.LoginBasic2()
channel2.Name = "zz" + model.NewId() + "a"
@@ -137,46 +139,6 @@ func TestCreateChannel(t *testing.T) {
if _, err := Client.CreateChannel(channel3); err != nil {
t.Fatal(err)
}
-
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelCreation = model.PERMISSIONS_SYSTEM_ADMIN
- })
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelCreation = model.PERMISSIONS_SYSTEM_ADMIN
- })
-
- channel2.Name = "zz" + model.NewId() + "a"
- channel3.Name = "zz" + model.NewId() + "a"
- if _, err := Client.CreateChannel(channel2); err == nil {
- t.Fatal("should have errored not system admin")
- }
- if _, err := Client.CreateChannel(channel3); err == nil {
- t.Fatal("should have errored not system admin")
- }
-
- th.LinkUserToTeam(th.SystemAdminUser, team)
-
- if _, err := SystemAdminClient.CreateChannel(channel2); err != nil {
- t.Fatal(err)
- }
- if _, err := SystemAdminClient.CreateChannel(channel3); err != nil {
- t.Fatal(err)
- }
-
- // Check that if unlicensed the policy restriction is not enforced.
- th.App.SetLicense(nil)
-
- channel4 := model.Channel{DisplayName: "Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
- channel5 := model.Channel{DisplayName: "Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
- if _, err := Client.CreateChannel(&channel4); err != nil {
- t.Fatal("should have succeeded")
- }
- if _, err := Client.CreateChannel(&channel5); err != nil {
- t.Fatal("should have succeeded")
- }
-
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelCreation = model.PERMISSIONS_ALL })
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelCreation = model.PERMISSIONS_ALL })
}
func TestCreateDirectChannel(t *testing.T) {
@@ -347,9 +309,17 @@ func TestUpdateChannel(t *testing.T) {
t.Fatal("should have failed - channel deleted")
}
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_ALL })
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ // Check the appropriate permissions are enforced.
+ defaultRolePermissions := th.SaveDefaultRolePermissions()
+ defer func() {
+ th.RestoreDefaultRolePermissions(defaultRolePermissions)
+ }()
+
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.TEAM_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.TEAM_USER_ROLE_ID)
+
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
channel2 := th.CreateChannel(Client, team)
channel3 := th.CreatePrivateChannel(Client, team)
@@ -368,10 +338,11 @@ func TestUpdateChannel(t *testing.T) {
t.Fatal(err)
}
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_CHANNEL_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_CHANNEL_ADMIN
- })
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_ADMIN_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_ADMIN_ROLE_ID)
+
th.MakeUserChannelUser(th.BasicUser, channel2)
th.MakeUserChannelUser(th.BasicUser, channel3)
sqlstore.ClearChannelCaches()
@@ -383,17 +354,6 @@ func TestUpdateChannel(t *testing.T) {
t.Fatal("should have errored not channel admin")
}
- th.UpdateUserToTeamAdmin(th.BasicUser, team)
- th.App.InvalidateAllCaches()
- if _, err := Client.UpdateChannel(channel2); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.UpdateChannel(channel3); err != nil {
- t.Fatal(err)
- }
- th.UpdateUserToNonTeamAdmin(th.BasicUser, team)
- th.App.InvalidateAllCaches()
-
th.MakeUserChannelAdmin(th.BasicUser, channel2)
th.MakeUserChannelAdmin(th.BasicUser, channel3)
sqlstore.ClearChannelCaches()
@@ -404,62 +364,6 @@ func TestUpdateChannel(t *testing.T) {
if _, err := Client.UpdateChannel(channel3); err != nil {
t.Fatal(err)
}
-
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_TEAM_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_TEAM_ADMIN
- })
- th.App.SetLicense(model.NewTestLicense())
-
- if _, err := Client.UpdateChannel(channel2); err == nil {
- t.Fatal("should have errored not team admin")
- }
- if _, err := Client.UpdateChannel(channel3); err == nil {
- t.Fatal("should have errored not team admin")
- }
-
- th.UpdateUserToTeamAdmin(th.BasicUser, team)
- Client.Logout()
- Client.Login(th.BasicUser.Email, th.BasicUser.Password)
- Client.SetTeamId(team.Id)
-
- if _, err := Client.UpdateChannel(channel2); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.UpdateChannel(channel3); err != nil {
- t.Fatal(err)
- }
-
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_SYSTEM_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_SYSTEM_ADMIN
- })
-
- if _, err := Client.UpdateChannel(channel2); err == nil {
- t.Fatal("should have errored not system admin")
- }
- if _, err := Client.UpdateChannel(channel3); err == nil {
- t.Fatal("should have errored not system admin")
- }
-
- th.LoginSystemAdmin()
-
- if _, err := Client.UpdateChannel(channel2); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.UpdateChannel(channel3); err != nil {
- t.Fatal(err)
- }
-
- // Check that if unlicensed the policy restriction is not enforced.
- th.App.SetLicense(nil)
-
- if _, err := Client.UpdateChannel(channel2); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.UpdateChannel(channel3); err != nil {
- t.Fatal(err)
- }
}
func TestUpdateChannelDisplayName(t *testing.T) {
@@ -495,7 +399,6 @@ func TestUpdateChannelHeader(t *testing.T) {
defer th.TearDown()
Client := th.BasicClient
- SystemAdminClient := th.SystemAdminClient
team := th.BasicTeam
channel1 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
@@ -565,9 +468,17 @@ func TestUpdateChannelHeader(t *testing.T) {
t.Fatal("should have errored non-channel member trying to update header")
}
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_ALL })
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ // Check the appropriate permissions are enforced.
+ defaultRolePermissions := th.SaveDefaultRolePermissions()
+ defer func() {
+ th.RestoreDefaultRolePermissions(defaultRolePermissions)
+ }()
+
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.TEAM_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.TEAM_USER_ROLE_ID)
+
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
th.LoginBasic()
channel2 := th.CreateChannel(Client, team)
@@ -590,10 +501,11 @@ func TestUpdateChannelHeader(t *testing.T) {
t.Fatal(err)
}
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_CHANNEL_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_CHANNEL_ADMIN
- })
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_ADMIN_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_ADMIN_ROLE_ID)
+
th.MakeUserChannelUser(th.BasicUser, channel2)
th.MakeUserChannelUser(th.BasicUser, channel3)
sqlstore.ClearChannelCaches()
@@ -615,64 +527,6 @@ func TestUpdateChannelHeader(t *testing.T) {
if _, err := Client.UpdateChannelHeader(data3); err != nil {
t.Fatal(err)
}
-
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_TEAM_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_TEAM_ADMIN
- })
-
- if _, err := Client.UpdateChannelHeader(data2); err == nil {
- t.Fatal("should have errored not team admin")
- }
- if _, err := Client.UpdateChannelHeader(data3); err == nil {
- t.Fatal("should have errored not team admin")
- }
-
- th.UpdateUserToTeamAdmin(th.BasicUser, team)
- Client.Logout()
- th.LoginBasic()
- Client.SetTeamId(team.Id)
-
- if _, err := Client.UpdateChannelHeader(data2); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.UpdateChannelHeader(data3); err != nil {
- t.Fatal(err)
- }
-
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_SYSTEM_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_SYSTEM_ADMIN
- })
-
- if _, err := Client.UpdateChannelHeader(data2); err == nil {
- t.Fatal("should have errored not system admin")
- }
- if _, err := Client.UpdateChannelHeader(data3); err == nil {
- t.Fatal("should have errored not system admin")
- }
-
- th.LinkUserToTeam(th.SystemAdminUser, team)
- Client.Must(Client.AddChannelMember(channel2.Id, th.SystemAdminUser.Id))
- Client.Must(Client.AddChannelMember(channel3.Id, th.SystemAdminUser.Id))
- th.LoginSystemAdmin()
-
- if _, err := SystemAdminClient.UpdateChannelHeader(data2); err != nil {
- t.Fatal(err)
- }
- if _, err := SystemAdminClient.UpdateChannelHeader(data3); err != nil {
- t.Fatal(err)
- }
-
- // Check that if unlicensed the policy restriction is not enforced.
- th.App.SetLicense(nil)
-
- if _, err := SystemAdminClient.UpdateChannelHeader(data2); err != nil {
- t.Fatal(err)
- }
- if _, err := SystemAdminClient.UpdateChannelHeader(data3); err != nil {
- t.Fatal(err)
- }
}
func TestUpdateChannelPurpose(t *testing.T) {
@@ -680,7 +534,6 @@ func TestUpdateChannelPurpose(t *testing.T) {
defer th.TearDown()
Client := th.BasicClient
- SystemAdminClient := th.SystemAdminClient
team := th.BasicTeam
channel1 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
@@ -736,9 +589,17 @@ func TestUpdateChannelPurpose(t *testing.T) {
t.Fatal("should have errored non-channel member trying to update purpose")
}
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_ALL })
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ // Check the appropriate permissions are enforced.
+ defaultRolePermissions := th.SaveDefaultRolePermissions()
+ defer func() {
+ th.RestoreDefaultRolePermissions(defaultRolePermissions)
+ }()
+
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.TEAM_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.TEAM_USER_ROLE_ID)
+
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
th.LoginBasic()
channel2 := th.CreateChannel(Client, team)
@@ -761,10 +622,11 @@ func TestUpdateChannelPurpose(t *testing.T) {
t.Fatal(err)
}
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_CHANNEL_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_CHANNEL_ADMIN
- })
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.CHANNEL_ADMIN_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.CHANNEL_ADMIN_ROLE_ID)
+
th.MakeUserChannelUser(th.BasicUser, channel2)
th.MakeUserChannelUser(th.BasicUser, channel3)
sqlstore.ClearChannelCaches()
@@ -786,63 +648,6 @@ func TestUpdateChannelPurpose(t *testing.T) {
if _, err := Client.UpdateChannelPurpose(data3); err != nil {
t.Fatal(err)
}
-
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_TEAM_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_TEAM_ADMIN
- })
-
- if _, err := Client.UpdateChannelPurpose(data2); err == nil {
- t.Fatal("should have errored not team admin")
- }
- if _, err := Client.UpdateChannelPurpose(data3); err == nil {
- t.Fatal("should have errored not team admin")
- }
-
- th.UpdateUserToTeamAdmin(th.BasicUser, team)
- Client.Logout()
- th.LoginBasic()
- Client.SetTeamId(team.Id)
-
- if _, err := Client.UpdateChannelPurpose(data2); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.UpdateChannelPurpose(data3); err != nil {
- t.Fatal(err)
- }
-
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_SYSTEM_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_SYSTEM_ADMIN
- })
-
- if _, err := Client.UpdateChannelPurpose(data2); err == nil {
- t.Fatal("should have errored not system admin")
- }
- if _, err := Client.UpdateChannelPurpose(data3); err == nil {
- t.Fatal("should have errored not system admin")
- }
-
- th.LinkUserToTeam(th.SystemAdminUser, team)
- Client.Must(Client.AddChannelMember(channel2.Id, th.SystemAdminUser.Id))
- Client.Must(Client.AddChannelMember(channel3.Id, th.SystemAdminUser.Id))
- th.LoginSystemAdmin()
-
- if _, err := SystemAdminClient.UpdateChannelPurpose(data2); err != nil {
- t.Fatal(err)
- }
- if _, err := SystemAdminClient.UpdateChannelPurpose(data3); err != nil {
- t.Fatal(err)
- }
-
- // Check that if unlicensed the policy restriction is not enforced.
- th.App.SetLicense(nil)
- if _, err := SystemAdminClient.UpdateChannelHeader(data2); err != nil {
- t.Fatal(err)
- }
- if _, err := SystemAdminClient.UpdateChannelHeader(data3); err != nil {
- t.Fatal(err)
- }
}
func TestGetChannel(t *testing.T) {
@@ -1297,9 +1102,14 @@ func TestDeleteChannel(t *testing.T) {
t.Fatal("should have failed - channel already deleted")
}
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_ALL })
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ // Check the appropriate permissions are enforced.
+ defaultRolePermissions := th.SaveDefaultRolePermissions()
+ defer func() {
+ th.RestoreDefaultRolePermissions(defaultRolePermissions)
+ }()
+
+ th.AddPermissionToRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
th.LoginSystemAdmin()
th.LinkUserToTeam(th.BasicUser, team)
@@ -1321,10 +1131,10 @@ func TestDeleteChannel(t *testing.T) {
t.Fatal(err)
}
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_CHANNEL_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_CHANNEL_ADMIN
- })
+ th.RemovePermissionFromRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_ADMIN_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_ADMIN_ROLE_ID)
th.LoginSystemAdmin()
@@ -1357,67 +1167,6 @@ func TestDeleteChannel(t *testing.T) {
channel2 = th.CreateChannel(Client, team)
channel3 = th.CreatePrivateChannel(Client, team)
-
- Client.Must(Client.AddChannelMember(channel2.Id, th.BasicUser.Id))
- Client.Must(Client.AddChannelMember(channel3.Id, th.BasicUser.Id))
- th.UpdateUserToTeamAdmin(th.BasicUser, team)
-
- Client.Login(th.BasicUser.Email, th.BasicUser.Password)
- th.App.InvalidateAllCaches()
-
- if _, err := Client.DeleteChannel(channel2.Id); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.DeleteChannel(channel3.Id); err != nil {
- t.Fatal(err)
- }
-
- th.UpdateUserToNonTeamAdmin(th.BasicUser, team)
- th.App.InvalidateAllCaches()
-
- th.App.SetLicense(model.NewTestLicense())
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_TEAM_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_TEAM_ADMIN
- })
-
- th.LoginSystemAdmin()
-
- channel2 = th.CreateChannel(Client, team)
- channel3 = th.CreatePrivateChannel(Client, team)
- Client.Must(Client.AddChannelMember(channel2.Id, th.BasicUser.Id))
- Client.Must(Client.AddChannelMember(channel3.Id, th.BasicUser.Id))
-
- Client.Login(th.BasicUser.Email, th.BasicUser.Password)
-
- if _, err := Client.DeleteChannel(channel2.Id); err == nil {
- t.Fatal("should have errored not team admin")
- }
- if _, err := Client.DeleteChannel(channel3.Id); err == nil {
- t.Fatal("should have errored not team admin")
- }
-
- th.UpdateUserToTeamAdmin(th.BasicUser, team)
- Client.Logout()
- Client.Login(th.BasicUser.Email, th.BasicUser.Password)
- Client.SetTeamId(team.Id)
-
- if _, err := Client.DeleteChannel(channel2.Id); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.DeleteChannel(channel3.Id); err != nil {
- t.Fatal(err)
- }
-
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_SYSTEM_ADMIN
- *cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_SYSTEM_ADMIN
- })
-
- th.LoginSystemAdmin()
-
- channel2 = th.CreateChannel(Client, team)
- channel3 = th.CreatePrivateChannel(Client, team)
Client.Must(Client.AddChannelMember(channel2.Id, th.BasicUser.Id))
Client.Must(Client.AddChannelMember(channel3.Id, th.BasicUser.Id))
@@ -1442,23 +1191,6 @@ func TestDeleteChannel(t *testing.T) {
if _, err := Client.DeleteChannel(channel3.Id); err != nil {
t.Fatal(err)
}
-
- // Check that if unlicensed the policy restriction is not enforced.
- th.App.SetLicense(nil)
-
- channel2 = th.CreateChannel(Client, team)
- channel3 = th.CreatePrivateChannel(Client, team)
- Client.Must(Client.AddChannelMember(channel2.Id, th.BasicUser.Id))
- Client.Must(Client.AddChannelMember(channel3.Id, th.BasicUser.Id))
-
- Client.Login(th.BasicUser.Email, th.BasicUser.Password)
-
- if _, err := Client.DeleteChannel(channel2.Id); err != nil {
- t.Fatal(err)
- }
- if _, err := Client.DeleteChannel(channel3.Id); err != nil {
- t.Fatal(err)
- }
}
func TestGetChannelStats(t *testing.T) {
@@ -1534,21 +1266,14 @@ func TestAddChannelMember(t *testing.T) {
t.Fatal("Should have errored, user not on team")
}
- // Test policy does not apply to TE.
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_CHANNEL_ADMIN
- })
+ // Check the appropriate permissions are enforced.
+ defaultRolePermissions := th.SaveDefaultRolePermissions()
+ defer func() {
+ th.RestoreDefaultRolePermissions(defaultRolePermissions)
+ }()
- channel3 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
- channel3 = Client.Must(th.SystemAdminClient.CreateChannel(channel3)).Data.(*model.Channel)
- Client.Must(th.SystemAdminClient.AddChannelMember(channel3.Id, user1.Id))
- if _, err := Client.AddChannelMember(channel3.Id, user2.Id); err != nil {
- t.Fatal(err)
- }
-
- // Add a license
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, model.CHANNEL_USER_ROLE_ID)
// Check that a regular channel user can add other users.
channel4 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
@@ -1558,10 +1283,10 @@ func TestAddChannelMember(t *testing.T) {
t.Fatal(err)
}
- // Test with CHANNEL_ADMIN level permission.
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_CHANNEL_ADMIN
- })
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, model.CHANNEL_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, model.CHANNEL_ADMIN_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, model.CHANNEL_ADMIN_ROLE_ID)
channel5 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
channel5 = Client.Must(th.SystemAdminClient.CreateChannel(channel5)).Data.(*model.Channel)
@@ -1572,47 +1297,10 @@ func TestAddChannelMember(t *testing.T) {
th.MakeUserChannelAdmin(user1, channel5)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
if _, err := Client.AddChannelMember(channel5.Id, user2.Id); err != nil {
t.Fatal(err)
}
-
- // Test with TEAM_ADMIN level permission.
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_TEAM_ADMIN
- })
-
- channel6 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
- channel6 = Client.Must(th.SystemAdminClient.CreateChannel(channel6)).Data.(*model.Channel)
- Client.Must(th.SystemAdminClient.AddChannelMember(channel6.Id, user1.Id))
- if _, err := Client.AddChannelMember(channel6.Id, user2.Id); err == nil {
- t.Fatal("Should have failed due to permissions")
- }
-
- th.UpdateUserToTeamAdmin(user1, team)
- th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
-
- if _, err := Client.AddChannelMember(channel6.Id, user2.Id); err != nil {
- t.Fatal(err)
- }
-
- // Test with SYSTEM_ADMIN level permission.
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_SYSTEM_ADMIN
- })
-
- channel7 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
- channel7 = Client.Must(th.SystemAdminClient.CreateChannel(channel7)).Data.(*model.Channel)
- Client.Must(th.SystemAdminClient.AddChannelMember(channel7.Id, user1.Id))
- if _, err := Client.AddChannelMember(channel7.Id, user2.Id); err == nil {
- t.Fatal("Should have failed due to permissions")
- }
-
- if _, err := th.SystemAdminClient.AddChannelMember(channel7.Id, user2.Id); err != nil {
- t.Fatal(err)
- }
}
func TestRemoveChannelMember(t *testing.T) {
@@ -1684,22 +1372,14 @@ func TestRemoveChannelMember(t *testing.T) {
th.LoginBasic()
- // Test policy does not apply to TE.
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_CHANNEL_ADMIN
- })
-
- channel3 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
- channel3 = Client.Must(th.SystemAdminClient.CreateChannel(channel3)).Data.(*model.Channel)
- Client.Must(th.SystemAdminClient.AddChannelMember(channel3.Id, user1.Id))
- Client.Must(th.SystemAdminClient.AddChannelMember(channel3.Id, user2.Id))
- if _, err := Client.RemoveChannelMember(channel3.Id, user2.Id); err != nil {
- t.Fatal(err)
- }
+ // Check the appropriate permissions are enforced.
+ defaultRolePermissions := th.SaveDefaultRolePermissions()
+ defer func() {
+ th.RestoreDefaultRolePermissions(defaultRolePermissions)
+ }()
- // Add a license
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_ALL })
- th.App.SetLicense(model.NewTestLicense())
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, model.CHANNEL_USER_ROLE_ID)
// Check that a regular channel user can remove other users.
channel4 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
@@ -1710,10 +1390,10 @@ func TestRemoveChannelMember(t *testing.T) {
t.Fatal(err)
}
- // Test with CHANNEL_ADMIN level permission.
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_CHANNEL_ADMIN
- })
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, model.CHANNEL_USER_ROLE_ID)
+ th.RemovePermissionFromRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, model.CHANNEL_USER_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id, model.CHANNEL_ADMIN_ROLE_ID)
+ th.AddPermissionToRole(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id, model.CHANNEL_ADMIN_ROLE_ID)
channel5 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
channel5 = Client.Must(th.SystemAdminClient.CreateChannel(channel5)).Data.(*model.Channel)
@@ -1725,49 +1405,10 @@ func TestRemoveChannelMember(t *testing.T) {
th.MakeUserChannelAdmin(user1, channel5)
th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
if _, err := Client.RemoveChannelMember(channel5.Id, user2.Id); err != nil {
t.Fatal(err)
}
-
- // Test with TEAM_ADMIN level permission.
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_TEAM_ADMIN
- })
-
- channel6 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
- channel6 = Client.Must(th.SystemAdminClient.CreateChannel(channel6)).Data.(*model.Channel)
- Client.Must(th.SystemAdminClient.AddChannelMember(channel6.Id, user1.Id))
- Client.Must(th.SystemAdminClient.AddChannelMember(channel6.Id, user2.Id))
- if _, err := Client.RemoveChannelMember(channel6.Id, user2.Id); err == nil {
- t.Fatal("Should have failed due to permissions")
- }
-
- th.UpdateUserToTeamAdmin(user1, team)
- th.App.InvalidateAllCaches()
- th.App.SetLicense(model.NewTestLicense())
-
- if _, err := Client.RemoveChannelMember(channel6.Id, user2.Id); err != nil {
- t.Fatal(err)
- }
-
- // Test with SYSTEM_ADMIN level permission.
- th.App.UpdateConfig(func(cfg *model.Config) {
- *cfg.TeamSettings.RestrictPrivateChannelManageMembers = model.PERMISSIONS_SYSTEM_ADMIN
- })
-
- channel7 := &model.Channel{DisplayName: "A Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id}
- channel7 = Client.Must(th.SystemAdminClient.CreateChannel(channel7)).Data.(*model.Channel)
- Client.Must(th.SystemAdminClient.AddChannelMember(channel7.Id, user1.Id))
- Client.Must(th.SystemAdminClient.AddChannelMember(channel7.Id, user2.Id))
- if _, err := Client.RemoveChannelMember(channel7.Id, user2.Id); err == nil {
- t.Fatal("Should have failed due to permissions")
- }
-
- if _, err := th.SystemAdminClient.RemoveChannelMember(channel7.Id, user2.Id); err != nil {
- t.Fatal(err)
- }
}
func TestUpdateNotifyProps(t *testing.T) {
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-02 20:31:12 +0000