summaryrefslogtreecommitdiffstats
path: root/api/user_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'api/user_test.go')
-rw-r--r--api/user_test.go960
1 files changed, 960 insertions, 0 deletions
diff --git a/api/user_test.go b/api/user_test.go
new file mode 100644
index 000000000..4d5d2b3f0
--- /dev/null
+++ b/api/user_test.go
@@ -0,0 +1,960 @@
+// Copyright (c) 2015 Spinpunch, Inc. All Rights Reserved.
+// See License.txt for license information.
+
+package api
+
+import (
+ "bytes"
+ "fmt"
+ "github.com/goamz/goamz/aws"
+ "github.com/goamz/goamz/s3"
+ "github.com/mattermost/platform/model"
+ "github.com/mattermost/platform/utils"
+ "image/color"
+ "io"
+ "mime/multipart"
+ "net/http"
+ "os"
+ "strings"
+ "testing"
+ "time"
+)
+
+func TestCreateUser(t *testing.T) {
+ Setup()
+
+ team := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ rteam, _ := Client.CreateTeam(&team)
+
+ user := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "hello"}
+
+ ruser, err := Client.CreateUser(&user, "")
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ if ruser.Data.(*model.User).FullName != user.FullName {
+ t.Fatal("full name didn't match")
+ }
+
+ if ruser.Data.(*model.User).Password != "" {
+ t.Fatal("password wasn't blank")
+ }
+
+ if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err == nil {
+ t.Fatal("Cannot create an existing")
+ }
+
+ ruser.Data.(*model.User).Id = ""
+ if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err != nil {
+ if err.Message != "An account with that email already exists." {
+ t.Fatal(err)
+ }
+ }
+
+ ruser.Data.(*model.User).Email = ""
+ if _, err := Client.CreateUser(ruser.Data.(*model.User), ""); err != nil {
+ if err.Message != "Invalid email" {
+ t.Fatal(err)
+ }
+ }
+
+ user2 := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "hello", Username: model.BOT_USERNAME}
+
+ if _, err := Client.CreateUser(&user2, ""); err == nil {
+ t.Fatal("Should have failed using reserved bot name")
+ }
+
+ if _, err := Client.DoPost("/users/create", "garbage"); err == nil {
+ t.Fatal("should have been an error")
+ }
+}
+
+func TestCreateUserAllowedDomains(t *testing.T) {
+ Setup()
+
+ team := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_INVITE, AllowedDomains: "spinpunch.com, @nowh.com,@hello.com"}
+ rteam, _ := Client.CreateTeam(&team)
+
+ user := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "hello"}
+
+ _, err := Client.CreateUser(&user, "")
+ if err == nil {
+ t.Fatal("should have failed")
+ }
+
+ user.Email = "test@nowh.com"
+ _, err = Client.CreateUser(&user, "")
+ if err != nil {
+ t.Fatal(err)
+ }
+}
+
+func TestLogin(t *testing.T) {
+ Setup()
+
+ team := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ rteam, _ := Client.CreateTeam(&team)
+
+ user := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ ruser, _ := Client.CreateUser(&user, "")
+ Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)
+
+ if result, err := Client.LoginById(ruser.Data.(*model.User).Id, user.Password); err != nil {
+ t.Fatal(err)
+ } else {
+ if result.Data.(*model.User).Email != user.Email {
+ t.Fatal("email's didn't match")
+ }
+ }
+
+ if result, err := Client.LoginByEmail(team.Domain, user.Email, user.Password); err != nil {
+ t.Fatal(err)
+ } else {
+ if result.Data.(*model.User).Email != user.Email {
+ t.Fatal("emails didn't match")
+ }
+ }
+
+ if _, err := Client.LoginByEmail(team.Domain, user.Email, user.Password+"invalid"); err == nil {
+ t.Fatal("Invalid Password")
+ }
+
+ if _, err := Client.LoginByEmail(team.Domain, "", user.Password); err == nil {
+ t.Fatal("should have failed")
+ }
+
+ authToken := Client.AuthToken
+ Client.AuthToken = "invalid"
+
+ if _, err := Client.GetUser(ruser.Data.(*model.User).Id, ""); err == nil {
+ t.Fatal("should have failed")
+ }
+
+ Client.AuthToken = ""
+
+ team2 := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_INVITE}
+ rteam2 := Client.Must(Client.CreateTeam(&team2))
+
+ user2 := model.User{TeamId: rteam2.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+
+ if _, err := Client.CreateUserFromSignup(&user2, "junk", "1231312"); err == nil {
+ t.Fatal("Should have errored, signed up without hashed email")
+ }
+
+ props := make(map[string]string)
+ props["email"] = user2.Email
+ props["id"] = rteam2.Data.(*model.Team).Id
+ props["name"] = rteam2.Data.(*model.Team).Name
+ props["time"] = fmt.Sprintf("%v", model.GetMillis())
+ data := model.MapToJson(props)
+ hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.ServiceSettings.InviteSalt))
+
+ ruser2, _ := Client.CreateUserFromSignup(&user2, data, hash)
+
+ if _, err := Client.LoginByEmail(team2.Domain, ruser2.Data.(*model.User).Email, user2.Password); err != nil {
+ t.Fatal("From verfied hash")
+ }
+
+ Client.AuthToken = authToken
+}
+
+func TestSessions(t *testing.T) {
+ Setup()
+
+ team := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ rteam, _ := Client.CreateTeam(&team)
+
+ user := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(ruser.Id)
+
+ deviceId := model.NewId()
+ Client.LoginByEmailWithDevice(team.Domain, user.Email, user.Password, deviceId)
+ Client.LoginByEmail(team.Domain, user.Email, user.Password)
+
+ r1, err := Client.GetSessions(ruser.Id)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ sessions := r1.Data.([]*model.Session)
+ otherSession := ""
+
+ if len(sessions) != 2 {
+ t.Fatal("invalid number of sessions")
+ }
+
+ for _, session := range sessions {
+ if session.DeviceId == deviceId {
+ otherSession = session.AltId
+ }
+
+ if len(session.Id) != 0 {
+ t.Fatal("shouldn't return sessions")
+ }
+ }
+
+ if _, err := Client.RevokeSession(otherSession); err != nil {
+ t.Fatal(err)
+ }
+
+ r2, err := Client.GetSessions(ruser.Id)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ sessions2 := r2.Data.([]*model.Session)
+
+ if len(sessions2) != 1 {
+ t.Fatal("invalid number of sessions")
+ }
+
+ if _, err := Client.RevokeSession(otherSession); err != nil {
+ t.Fatal(err)
+ }
+
+}
+
+func TestGetUser(t *testing.T) {
+ Setup()
+
+ team := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ rteam, _ := Client.CreateTeam(&team)
+
+ user := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ ruser, _ := Client.CreateUser(&user, "")
+ Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)
+
+ user2 := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ ruser2, _ := Client.CreateUser(&user2, "")
+ Srv.Store.User().VerifyEmail(ruser2.Data.(*model.User).Id)
+
+ Client.LoginByEmail(team.Domain, user.Email, user.Password)
+
+ rId := ruser.Data.(*model.User).Id
+ if result, err := Client.GetUser(rId, ""); err != nil {
+ t.Fatal("Failed to get user")
+ } else {
+ if result.Data.(*model.User).Password != "" {
+ t.Fatal("User shouldn't have any password data once set")
+ }
+
+ if cache_result, err := Client.GetUser(rId, result.Etag); err != nil {
+ t.Fatal(err)
+ } else if cache_result.Data.(*model.User) != nil {
+ t.Fatal("cache should be empty")
+ }
+ }
+
+ if result, err := Client.GetMe(""); err != nil {
+ t.Fatal("Failed to get user")
+ } else {
+ if result.Data.(*model.User).Password != "" {
+ t.Fatal("User shouldn't have any password data once set")
+ }
+ }
+
+ if _, err := Client.GetUser("FORBIDDENERROR", ""); err == nil {
+ t.Fatal("shouldn't exist")
+ }
+
+ if _, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err == nil {
+ t.Fatal("shouldn't have accss")
+ }
+
+ if userMap, err := Client.GetProfiles(rteam.Data.(*model.Team).Id, ""); err != nil {
+ t.Fatal(err)
+ } else if len(userMap.Data.(map[string]*model.User)) != 2 {
+ t.Fatal("should have been 2")
+ } else if userMap.Data.(map[string]*model.User)[rId].Id != rId {
+ t.Fatal("should have been valid")
+ } else {
+
+ // test etag caching
+ if cache_result, err := Client.GetProfiles(rteam.Data.(*model.Team).Id, userMap.Etag); err != nil {
+ t.Fatal(err)
+ } else if cache_result.Data.(map[string]*model.User) != nil {
+ t.Log(cache_result.Data)
+ t.Fatal("cache should be empty")
+ }
+
+ }
+
+ Client.AuthToken = ""
+ if _, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err == nil {
+ t.Fatal("shouldn't have accss")
+ }
+}
+
+func TestGetAudits(t *testing.T) {
+ Setup()
+
+ team := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ rteam, _ := Client.CreateTeam(&team)
+
+ user := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ ruser, _ := Client.CreateUser(&user, "")
+ Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id)
+
+ Client.LoginByEmail(team.Domain, user.Email, user.Password)
+
+ time.Sleep(500 * time.Millisecond)
+
+ if result, err := Client.GetAudits(ruser.Data.(*model.User).Id, ""); err != nil {
+ t.Fatal(err)
+ } else {
+
+ if len(result.Data.(model.Audits)) != 2 {
+ t.Fatal(result.Data.(model.Audits))
+ }
+
+ if cache_result, err := Client.GetAudits(ruser.Data.(*model.User).Id, result.Etag); err != nil {
+ t.Fatal(err)
+ } else if cache_result.Data.(model.Audits) != nil {
+ t.Fatal("cache should be empty")
+ }
+ }
+
+ if _, err := Client.GetAudits("FORBIDDENERROR", ""); err == nil {
+ t.Fatal("audit log shouldn't exist")
+ }
+}
+
+func TestUserCreateImage(t *testing.T) {
+ Setup()
+
+ i := createProfileImage("Corey Hulen", "eo1zkdr96pdj98pjmq8zy35wba")
+ if i == nil {
+ t.Fatal("Failed to gen image")
+ }
+
+ colorful := color.RGBA{116, 49, 196, 255}
+
+ if i.RGBAAt(1, 1) != colorful {
+ t.Fatal("Failed to create correct color")
+ }
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ user := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ Client.LoginByEmail(team.Domain, user.Email, "pwd")
+
+ Client.DoGet("/users/"+user.Id+"/image", "", "")
+
+}
+
+func TestUserUploadProfileImage(t *testing.T) {
+ Setup()
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ user := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ if utils.IsS3Configured() {
+
+ body := &bytes.Buffer{}
+ writer := multipart.NewWriter(body)
+
+ if _, upErr := Client.UploadFile("/users/newimage", body.Bytes(), writer.FormDataContentType()); upErr == nil {
+ t.Fatal("Should have errored")
+ }
+
+ Client.LoginByEmail(team.Domain, user.Email, "pwd")
+
+ if _, upErr := Client.UploadFile("/users/newimage", body.Bytes(), writer.FormDataContentType()); upErr == nil {
+ t.Fatal("Should have errored")
+ }
+
+ part, err := writer.CreateFormFile("blargh", "test.png")
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ path := utils.FindDir("web/static/images")
+ file, err := os.Open(path + "/test.png")
+ if err != nil {
+ t.Fatal(err)
+ }
+ defer file.Close()
+
+ _, err = io.Copy(part, file)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ if err := writer.Close(); err != nil {
+ t.Fatal(err)
+ }
+
+ if _, upErr := Client.UploadFile("/users/newimage", body.Bytes(), writer.FormDataContentType()); upErr == nil {
+ t.Fatal("Should have errored")
+ }
+
+ file2, err := os.Open(path + "/test.png")
+ if err != nil {
+ t.Fatal(err)
+ }
+ defer file2.Close()
+
+ body = &bytes.Buffer{}
+ writer = multipart.NewWriter(body)
+
+ part, err = writer.CreateFormFile("image", "test.png")
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ if _, err := io.Copy(part, file2); err != nil {
+ t.Fatal(err)
+ }
+
+ if err := writer.Close(); err != nil {
+ t.Fatal(err)
+ }
+
+ if _, upErr := Client.UploadFile("/users/newimage", body.Bytes(), writer.FormDataContentType()); upErr != nil {
+ t.Fatal(upErr)
+ }
+
+ Client.DoGet("/users/"+user.Id+"/image", "", "")
+
+ var auth aws.Auth
+ auth.AccessKey = utils.Cfg.AWSSettings.S3AccessKeyId
+ auth.SecretKey = utils.Cfg.AWSSettings.S3SecretAccessKey
+
+ s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettings.S3Region])
+ bucket := s.Bucket(utils.Cfg.AWSSettings.S3Bucket)
+
+ if err := bucket.Del("teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"); err != nil {
+ t.Fatal(err)
+ }
+ } else {
+ body := &bytes.Buffer{}
+ writer := multipart.NewWriter(body)
+ if _, upErr := Client.UploadFile("/users/newimage", body.Bytes(), writer.FormDataContentType()); upErr.StatusCode != http.StatusNotImplemented {
+ t.Fatal("Should have failed with 501 - Not Implemented")
+ }
+ }
+}
+
+func TestUserUpdate(t *testing.T) {
+ Setup()
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ time1 := model.GetMillis()
+
+ user := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd", LastActivityAt: time1, LastPingAt: time1, Roles: ""}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ if _, err := Client.UpdateUser(user); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ Client.LoginByEmail(team.Domain, user.Email, "pwd")
+
+ time2 := model.GetMillis()
+
+ user.FullName = "Jim Jimmy"
+ user.TeamId = "12345678901234567890123456"
+ user.LastActivityAt = time2
+ user.LastPingAt = time2
+ user.Roles = model.ROLE_ADMIN
+ user.LastPasswordUpdate = 123
+
+ if result, err := Client.UpdateUser(user); err != nil {
+ t.Fatal(err)
+ } else {
+ if result.Data.(*model.User).FullName != "Jim Jimmy" {
+ t.Fatal("FullName did not update properly")
+ }
+ if result.Data.(*model.User).TeamId != team.Id {
+ t.Fatal("TeamId should not have updated")
+ }
+ if result.Data.(*model.User).LastActivityAt != time1 {
+ t.Fatal("LastActivityAt should not have updated")
+ }
+ if result.Data.(*model.User).LastPingAt != time1 {
+ t.Fatal("LastPingAt should not have updated")
+ }
+ if result.Data.(*model.User).Roles != "" {
+ t.Fatal("Roles should not have updated")
+ }
+ if result.Data.(*model.User).LastPasswordUpdate == 123 {
+ t.Fatal("LastPasswordUpdate should not have updated")
+ }
+ }
+
+ user.TeamId = "junk"
+ if _, err := Client.UpdateUser(user); err == nil {
+ t.Fatal("Should have errored - tried to change teamId to junk")
+ }
+
+ user.TeamId = team.Id
+ if _, err := Client.UpdateUser(nil); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ user2 := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user2.Id)
+
+ Client.LoginByEmail(team.Domain, user2.Email, "pwd")
+
+ user.FullName = "Tim Timmy"
+
+ if _, err := Client.UpdateUser(user); err == nil {
+ t.Fatal("Should have errored")
+ }
+}
+
+func TestUserUpdatePassword(t *testing.T) {
+ Setup()
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ user := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ if _, err := Client.UpdateUserPassword(user.Id, "pwd", "newpwd"); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ Client.LoginByEmail(team.Domain, user.Email, "pwd")
+
+ if _, err := Client.UpdateUserPassword("123", "pwd", "newpwd"); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ if _, err := Client.UpdateUserPassword(user.Id, "", "newpwd"); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ if _, err := Client.UpdateUserPassword(user.Id, "pwd", "npwd"); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ if _, err := Client.UpdateUserPassword("12345678901234567890123456", "pwd", "newpwd"); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ if _, err := Client.UpdateUserPassword(user.Id, "badpwd", "newpwd"); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ if _, err := Client.UpdateUserPassword(user.Id, "pwd", "newpwd"); err != nil {
+ t.Fatal(err)
+ }
+
+ updatedUser := Client.Must(Client.GetUser(user.Id, "")).Data.(*model.User)
+ if updatedUser.LastPasswordUpdate == user.LastPasswordUpdate {
+ t.Fatal("LastPasswordUpdate should have changed")
+ }
+
+ if _, err := Client.LoginByEmail(team.Domain, user.Email, "newpwd"); err != nil {
+ t.Fatal(err)
+ }
+
+ user2 := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User)
+
+ Client.LoginByEmail(team.Domain, user2.Email, "pwd")
+
+ if _, err := Client.UpdateUserPassword(user.Id, "pwd", "newpwd"); err == nil {
+ t.Fatal("Should have errored")
+ }
+}
+
+func TestUserUpdateRoles(t *testing.T) {
+ Setup()
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ user := &model.User{TeamId: team.Id, Email: "test@nowhere.com", FullName: "Corey Hulen", Password: "pwd"}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ user2 := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user2.Id)
+
+ data := make(map[string]string)
+ data["user_id"] = user.Id
+ data["new_roles"] = ""
+
+ if _, err := Client.UpdateUserRoles(data); err == nil {
+ t.Fatal("Should have errored, not logged in")
+ }
+
+ Client.LoginByEmail(team.Domain, user2.Email, "pwd")
+
+ if _, err := Client.UpdateUserRoles(data); err == nil {
+ t.Fatal("Should have errored, not admin")
+ }
+
+ team2 := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team)
+
+ user3 := &model.User{TeamId: team2.Id, Email: "test@nowhere.com", FullName: "Corey Hulen", Password: "pwd"}
+ user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user3.Id)
+
+ Client.LoginByEmail(team2.Domain, user3.Email, "pwd")
+
+ data["user_id"] = user2.Id
+
+ if _, err := Client.UpdateUserRoles(data); err == nil {
+ t.Fatal("Should have errored, wrong team")
+ }
+
+ Client.LoginByEmail(team.Domain, user.Email, "pwd")
+
+ data["user_id"] = "junk"
+ data["new_roles"] = "admin"
+
+ if _, err := Client.UpdateUserRoles(data); err == nil {
+ t.Fatal("Should have errored, bad id")
+ }
+
+ data["user_id"] = "12345678901234567890123456"
+
+ if _, err := Client.UpdateUserRoles(data); err == nil {
+ t.Fatal("Should have errored, bad id")
+ }
+
+ data["user_id"] = user2.Id
+
+ if result, err := Client.UpdateUserRoles(data); err != nil {
+ t.Fatal(err)
+ } else {
+ if result.Data.(*model.User).Roles != "admin" {
+ t.Fatal("Roles did not update properly")
+ }
+ }
+}
+
+func TestUserUpdateActive(t *testing.T) {
+ Setup()
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ user := &model.User{TeamId: team.Id, Email: "test@nowhere.com", FullName: "Corey Hulen", Password: "pwd"}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ user2 := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user2.Id)
+
+ if _, err := Client.UpdateActive(user.Id, false); err == nil {
+ t.Fatal("Should have errored, not logged in")
+ }
+
+ Client.LoginByEmail(team.Domain, user2.Email, "pwd")
+
+ if _, err := Client.UpdateActive(user.Id, false); err == nil {
+ t.Fatal("Should have errored, not admin")
+ }
+
+ team2 := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team)
+
+ user3 := &model.User{TeamId: team2.Id, Email: "test@nowhere.com", FullName: "Corey Hulen", Password: "pwd"}
+ user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user3.Id)
+
+ Client.LoginByEmail(team2.Domain, user3.Email, "pwd")
+
+ if _, err := Client.UpdateActive(user.Id, false); err == nil {
+ t.Fatal("Should have errored, wrong team")
+ }
+
+ Client.LoginByEmail(team.Domain, user.Email, "pwd")
+
+ if _, err := Client.UpdateActive("junk", false); err == nil {
+ t.Fatal("Should have errored, bad id")
+ }
+
+ if _, err := Client.UpdateActive("12345678901234567890123456", false); err == nil {
+ t.Fatal("Should have errored, bad id")
+ }
+
+ if result, err := Client.UpdateActive(user2.Id, false); err != nil {
+ t.Fatal(err)
+ } else {
+ if result.Data.(*model.User).DeleteAt == 0 {
+ t.Fatal("active did not update properly")
+ }
+ }
+
+ if result, err := Client.UpdateActive(user2.Id, true); err != nil {
+ t.Fatal(err)
+ } else {
+ if result.Data.(*model.User).DeleteAt != 0 {
+ t.Fatal("active did not update properly true")
+ }
+ }
+}
+
+func TestSendPasswordReset(t *testing.T) {
+ Setup()
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ user := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ data := make(map[string]string)
+ data["email"] = user.Email
+ data["domain"] = team.Domain
+
+ if _, err := Client.SendPasswordReset(data); err != nil {
+ t.Fatal(err)
+ }
+
+ data["email"] = ""
+ if _, err := Client.SendPasswordReset(data); err == nil {
+ t.Fatal("Should have errored - no email")
+ }
+
+ data["email"] = "junk@junk.com"
+ if _, err := Client.SendPasswordReset(data); err == nil {
+ t.Fatal("Should have errored - bad email")
+ }
+
+ data["email"] = user.Email
+ data["domain"] = ""
+ if _, err := Client.SendPasswordReset(data); err == nil {
+ t.Fatal("Should have errored - no domain")
+ }
+
+ data["domain"] = "junk"
+ if _, err := Client.SendPasswordReset(data); err == nil {
+ t.Fatal("Should have errored - bad domain")
+ }
+}
+
+func TestResetPassword(t *testing.T) {
+ Setup()
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ user := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ data := make(map[string]string)
+ data["new_password"] = "newpwd"
+ props := make(map[string]string)
+ props["user_id"] = user.Id
+ props["time"] = fmt.Sprintf("%v", model.GetMillis())
+ data["data"] = model.MapToJson(props)
+ data["hash"] = model.HashPassword(fmt.Sprintf("%v:%v", data["data"], utils.Cfg.ServiceSettings.ResetSalt))
+ data["domain"] = team.Domain
+
+ if _, err := Client.ResetPassword(data); err != nil {
+ t.Fatal(err)
+ }
+
+ data["new_password"] = ""
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - no password")
+ }
+
+ data["new_password"] = "npwd"
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - password too short")
+ }
+
+ data["new_password"] = "newpwd"
+ data["hash"] = ""
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - no hash")
+ }
+
+ data["hash"] = "junk"
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - bad hash")
+ }
+
+ props["user_id"] = ""
+ data["data"] = model.MapToJson(props)
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - no user id")
+ }
+
+ data["user_id"] = "12345678901234567890123456"
+ data["data"] = model.MapToJson(props)
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - bad user id")
+ }
+
+ props["user_id"] = user.Id
+ props["time"] = ""
+ data["data"] = model.MapToJson(props)
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - no time")
+ }
+
+ props["time"] = fmt.Sprintf("%v", model.GetMillis())
+ data["data"] = model.MapToJson(props)
+ data["domain"] = ""
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - no domain")
+ }
+
+ data["domain"] = "junk"
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - bad domain")
+ }
+
+ team2 := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test2@nowhere.com", Type: model.TEAM_OPEN}
+ team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team)
+
+ data["domain"] = team2.Domain
+ if _, err := Client.ResetPassword(data); err == nil {
+ t.Fatal("Should have errored - domain team doesn't match user team")
+ }
+}
+
+func TestUserUpdateNotify(t *testing.T) {
+ Setup()
+
+ team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
+
+ user := &model.User{TeamId: team.Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd", Roles: ""}
+ user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(user.Id)
+
+ data := make(map[string]string)
+ data["user_id"] = user.Id
+ data["email"] = "true"
+ data["desktop"] = "all"
+ data["desktop_sound"] = "false"
+
+ if _, err := Client.UpdateUserNotify(data); err == nil {
+ t.Fatal("Should have errored - not logged in")
+ }
+
+ Client.LoginByEmail(team.Domain, user.Email, "pwd")
+
+ if result, err := Client.UpdateUserNotify(data); err != nil {
+ t.Fatal(err)
+ } else {
+ if result.Data.(*model.User).NotifyProps["desktop"] != data["desktop"] {
+ t.Fatal("NotifyProps did not update properly - desktop")
+ }
+ if result.Data.(*model.User).NotifyProps["desktop_sound"] != data["desktop_sound"] {
+ t.Fatal("NotifyProps did not update properly - desktop_sound")
+ }
+ if result.Data.(*model.User).NotifyProps["email"] != data["email"] {
+ t.Fatal("NotifyProps did not update properly - email")
+ }
+ }
+
+ if _, err := Client.UpdateUserNotify(nil); err == nil {
+ t.Fatal("Should have errored")
+ }
+
+ data["user_id"] = "junk"
+ if _, err := Client.UpdateUserNotify(data); err == nil {
+ t.Fatal("Should have errored - junk user id")
+ }
+
+ data["user_id"] = "12345678901234567890123456"
+ if _, err := Client.UpdateUserNotify(data); err == nil {
+ t.Fatal("Should have errored - bad user id")
+ }
+
+ data["user_id"] = user.Id
+ data["desktop"] = ""
+ if _, err := Client.UpdateUserNotify(data); err == nil {
+ t.Fatal("Should have errored - empty desktop notify")
+ }
+
+ data["desktop"] = "all"
+ data["desktop_sound"] = ""
+ if _, err := Client.UpdateUserNotify(data); err == nil {
+ t.Fatal("Should have errored - empty desktop sound")
+ }
+
+ data["desktop_sound"] = "false"
+ data["email"] = ""
+ if _, err := Client.UpdateUserNotify(data); err == nil {
+ t.Fatal("Should have errored - empty email")
+ }
+}
+
+func TestFuzzyUserCreate(t *testing.T) {
+
+ team := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ rteam, _ := Client.CreateTeam(&team)
+
+ for i := 0; i < len(utils.FUZZY_STRINGS_NAMES) || i < len(utils.FUZZY_STRINGS_EMAILS); i++ {
+ testName := "Name"
+ testEmail := "test@nowhere.com"
+
+ if i < len(utils.FUZZY_STRINGS_NAMES) {
+ testName = utils.FUZZY_STRINGS_NAMES[i]
+ }
+ if i < len(utils.FUZZY_STRINGS_EMAILS) {
+ testEmail = utils.FUZZY_STRINGS_EMAILS[i]
+ }
+
+ user := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + testEmail, FullName: testName, Password: "hello"}
+
+ _, err := Client.CreateUser(&user, "")
+ if err != nil {
+ t.Fatal(err)
+ }
+ }
+}
+
+func TestStatuses(t *testing.T) {
+ Setup()
+
+ team := model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
+ rteam, _ := Client.CreateTeam(&team)
+
+ user := model.User{TeamId: rteam.Data.(*model.Team).Id, Email: strings.ToLower(model.NewId()) + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
+ ruser := Client.Must(Client.CreateUser(&user, "")).Data.(*model.User)
+ Srv.Store.User().VerifyEmail(ruser.Id)
+
+ Client.LoginByEmail(team.Domain, user.Email, user.Password)
+
+ r1, err := Client.GetStatuses()
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ statuses := r1.Data.(map[string]string)
+
+ if len(statuses) != 1 {
+ t.Fatal("invalid number of statuses")
+ }
+
+ for _, status := range statuses {
+ if status != model.USER_OFFLINE && status != model.USER_AWAY && status != model.USER_ONLINE {
+ t.Fatal("one of the statuses had an invalid value")
+ }
+ }
+
+}