summaryrefslogtreecommitdiffstats
path: root/api/user_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'api/user_test.go')
-rw-r--r--api/user_test.go72
1 files changed, 58 insertions, 14 deletions
diff --git a/api/user_test.go b/api/user_test.go
index 15397ff0f..a68d1199a 100644
--- a/api/user_test.go
+++ b/api/user_test.go
@@ -345,7 +345,7 @@ func TestGetUser(t *testing.T) {
LinkUserToTeam(ruser.Data.(*model.User), rteam.Data.(*model.Team))
store.Must(Srv.Store.User().VerifyEmail(ruser.Data.(*model.User).Id))
- user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1"}
+ user2 := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "passwd1", FirstName: "Corey", LastName: "Hulen"}
ruser2, _ := Client.CreateUser(&user2, "")
LinkUserToTeam(ruser2.Data.(*model.User), rteam.Data.(*model.Team))
store.Must(Srv.Store.User().VerifyEmail(ruser2.Data.(*model.User).Id))
@@ -387,8 +387,52 @@ func TestGetUser(t *testing.T) {
t.Fatal("shouldn't exist")
}
- if _, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err == nil {
- t.Fatal("shouldn't have accss")
+ emailPrivacy := utils.Cfg.PrivacySettings.ShowEmailAddress
+ namePrivacy := utils.Cfg.PrivacySettings.ShowFullName
+ defer func() {
+ utils.Cfg.PrivacySettings.ShowEmailAddress = emailPrivacy
+ utils.Cfg.PrivacySettings.ShowFullName = namePrivacy
+ }()
+ utils.Cfg.PrivacySettings.ShowEmailAddress = false
+ utils.Cfg.PrivacySettings.ShowFullName = false
+
+ if result, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err != nil {
+ t.Fatal(err)
+ } else {
+ u := result.Data.(*model.User)
+ if u.Password != "" {
+ t.Fatal("password must be empty")
+ }
+ if *u.AuthData != "" {
+ t.Fatal("auth data must be empty")
+ }
+ if u.Email != "" {
+ t.Fatal("email should be sanitized")
+ }
+ if u.FirstName != "" {
+ t.Fatal("full name should be sanitized")
+ }
+ if u.LastName != "" {
+ t.Fatal("full name should be sanitized")
+ }
+ }
+
+ utils.Cfg.PrivacySettings.ShowEmailAddress = true
+ utils.Cfg.PrivacySettings.ShowFullName = true
+
+ if result, err := Client.GetUser(ruser2.Data.(*model.User).Id, ""); err != nil {
+ t.Fatal(err)
+ } else {
+ u := result.Data.(*model.User)
+ if u.Email == "" {
+ t.Fatal("email should not be sanitized")
+ }
+ if u.FirstName == "" {
+ t.Fatal("full name should not be sanitized")
+ }
+ if u.LastName == "" {
+ t.Fatal("full name should not be sanitized")
+ }
}
if userMap, err := Client.GetProfiles(rteam.Data.(*model.Team).Id, ""); err != nil {
@@ -420,7 +464,7 @@ func TestGetUser(t *testing.T) {
c := &Context{}
c.RequestId = model.NewId()
c.IpAddress = "cmd_line"
- UpdateUserRoles(c, ruser.Data.(*model.User), model.ROLE_SYSTEM_ADMIN)
+ UpdateUserRoles(c, ruser.Data.(*model.User), model.ROLE_SYSTEM_ADMIN.Id)
Client.Login(user.Email, "passwd1")
@@ -748,7 +792,7 @@ func TestUserUpdate(t *testing.T) {
Client.SetTeamId(team.Id)
user.Nickname = "Jim Jimmy"
- user.Roles = model.ROLE_TEAM_ADMIN
+ user.Roles = model.ROLE_SYSTEM_ADMIN.Id
user.LastPasswordUpdate = 123
if result, err := Client.UpdateUser(user); err != nil {
@@ -757,7 +801,7 @@ func TestUserUpdate(t *testing.T) {
if result.Data.(*model.User).Nickname != "Jim Jimmy" {
t.Fatal("Nickname did not update properly")
}
- if result.Data.(*model.User).Roles != "" {
+ if result.Data.(*model.User).Roles != model.ROLE_SYSTEM_USER.Id {
t.Fatal("Roles should not have updated")
}
if result.Data.(*model.User).LastPasswordUpdate == 123 {
@@ -957,7 +1001,7 @@ func TestUserUpdateRolesMoreCases(t *testing.T) {
// user 1 is trying to promote user 2
data["user_id"] = th.BasicUser2.Id
- data["new_roles"] = model.ROLE_TEAM_ADMIN
+ data["new_roles"] = model.ROLE_TEAM_ADMIN.Id
data["team_id"] = th.BasicTeam.Id
if _, err := th.BasicClient.UpdateUserRoles(data); err == nil {
t.Fatal("Should have errored, you can only demote yourself")
@@ -965,7 +1009,7 @@ func TestUserUpdateRolesMoreCases(t *testing.T) {
// user 1 is trying to promote user 2
data["user_id"] = th.BasicUser2.Id
- data["new_roles"] = model.ROLE_SYSTEM_ADMIN
+ data["new_roles"] = model.ROLE_SYSTEM_ADMIN.Id
data["team_id"] = th.BasicTeam.Id
if _, err := th.BasicClient.UpdateUserRoles(data); err == nil {
t.Fatal("Should have errored, you can only demote yourself")
@@ -973,7 +1017,7 @@ func TestUserUpdateRolesMoreCases(t *testing.T) {
// user 1 is trying to promote himself
data["user_id"] = th.BasicUser.Id
- data["new_roles"] = model.ROLE_TEAM_ADMIN
+ data["new_roles"] = model.ROLE_TEAM_ADMIN.Id
data["team_id"] = th.BasicTeam.Id
if _, err := th.BasicClient.UpdateUserRoles(data); err == nil {
t.Fatal("Should have errored, you cannot elevate your permissions")
@@ -981,7 +1025,7 @@ func TestUserUpdateRolesMoreCases(t *testing.T) {
// user 1 is trying to promote himself
data["user_id"] = th.BasicUser.Id
- data["new_roles"] = model.ROLE_SYSTEM_ADMIN
+ data["new_roles"] = model.ROLE_SYSTEM_ADMIN.Id
data["team_id"] = th.BasicTeam.Id
if _, err := th.BasicClient.UpdateUserRoles(data); err == nil {
t.Fatal("Should have errored, you cannot elevate your permissions")
@@ -991,7 +1035,7 @@ func TestUserUpdateRolesMoreCases(t *testing.T) {
// promote user to team admin
data["user_id"] = th.BasicUser.Id
- data["new_roles"] = model.ROLE_TEAM_ADMIN
+ data["new_roles"] = model.ROLE_TEAM_ADMIN.Id
data["team_id"] = th.BasicTeam.Id
if _, err := th.SystemAdminClient.UpdateUserRoles(data); err != nil {
t.Fatal("Should have succeeded since they are system admin")
@@ -1007,7 +1051,7 @@ func TestUserUpdateRolesMoreCases(t *testing.T) {
// re-promote user to team admin
data["user_id"] = th.BasicUser.Id
- data["new_roles"] = model.ROLE_TEAM_ADMIN
+ data["new_roles"] = model.ROLE_TEAM_ADMIN.Id
data["team_id"] = th.BasicTeam.Id
if _, err := th.SystemAdminClient.UpdateUserRoles(data); err != nil {
t.Fatal("Should have succeeded since they are system admin")
@@ -1015,7 +1059,7 @@ func TestUserUpdateRolesMoreCases(t *testing.T) {
// user 1 is promoting user 2 to team admin
data["user_id"] = th.BasicUser2.Id
- data["new_roles"] = model.ROLE_TEAM_ADMIN
+ data["new_roles"] = model.ROLE_TEAM_ADMIN.Id
data["team_id"] = th.BasicTeam.Id
if _, err := th.BasicClient.UpdateUserRoles(data); err != nil {
t.Fatal("Should have succeeded since they are team admin")
@@ -1023,7 +1067,7 @@ func TestUserUpdateRolesMoreCases(t *testing.T) {
// user 1 is trying to promote user 2 from team admin to system admin
data["user_id"] = th.BasicUser2.Id
- data["new_roles"] = model.ROLE_SYSTEM_ADMIN
+ data["new_roles"] = model.ROLE_SYSTEM_ADMIN.Id
data["team_id"] = th.BasicTeam.Id
if _, err := th.BasicClient.UpdateUserRoles(data); err == nil {
t.Fatal("Should have errored, can only be system admin")
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-10-23 01:56:22 +0000