1 files changed, 436 insertions, 0 deletions

diff --git a/api4/webhook_test.go b/api4/webhook_test.go
index a6705f6e1..b488f432c 100644
--- a/api4/webhook_test.go
+++ b/api4/webhook_test.go
@@ -148,3 +148,439 @@ func TestGetIncomingWebhooks(t *testing.T) {
 	_, resp = Client.GetIncomingWebhooks(0, 1000, "")
 	CheckUnauthorizedStatus(t, resp)
 }
+
+func TestGetIncomingWebhook(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.SystemAdminClient
+
+	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
+	defer func() {
+		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
+		utils.SetDefaultRolesBasedOnConfig()
+	}()
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
+	utils.SetDefaultRolesBasedOnConfig()
+
+	var resp *model.Response
+	var rhook *model.IncomingWebhook
+	var hook *model.IncomingWebhook
+
+	t.Run("WhenHookExists", func(t *testing.T) {
+		hook = &model.IncomingWebhook{ChannelId: th.BasicChannel.Id}
+		rhook, resp = Client.CreateIncomingWebhook(hook)
+		CheckNoError(t, resp)
+
+		hook, resp = Client.GetIncomingWebhook(rhook.Id, "")
+		CheckOKStatus(t, resp)
+	})
+
+	t.Run("WhenHookDoesNotExist", func(t *testing.T) {
+		hook, resp = Client.GetIncomingWebhook(model.NewId(), "")
+		CheckNotFoundStatus(t, resp)
+	})
+
+	t.Run("WhenInvalidHookID", func(t *testing.T) {
+		hook, resp = Client.GetIncomingWebhook("abc", "")
+		CheckBadRequestStatus(t, resp)
+	})
+
+	t.Run("WhenUserDoesNotHavePemissions", func(t *testing.T) {
+		th.LoginBasic()
+		Client = th.Client
+
+		_, resp = Client.GetIncomingWebhook(rhook.Id, "")
+		CheckForbiddenStatus(t, resp)
+	})
+}
+
+func TestDeleteIncomingWebhook(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.SystemAdminClient
+
+	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
+	defer func() {
+		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
+		utils.SetDefaultRolesBasedOnConfig()
+	}()
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
+	utils.SetDefaultRolesBasedOnConfig()
+
+	var resp *model.Response
+	var rhook *model.IncomingWebhook
+	var hook *model.IncomingWebhook
+	var status bool
+
+	t.Run("WhenInvalidHookID", func(t *testing.T) {
+		status, resp = Client.DeleteIncomingWebhook("abc")
+		CheckBadRequestStatus(t, resp)
+	})
+
+	t.Run("WhenHookDoesNotExist", func(t *testing.T) {
+		status, resp = Client.DeleteIncomingWebhook(model.NewId())
+		CheckNotFoundStatus(t, resp)
+	})
+
+	t.Run("WhenHookExists", func(t *testing.T) {
+		hook = &model.IncomingWebhook{ChannelId: th.BasicChannel.Id}
+		rhook, resp = Client.CreateIncomingWebhook(hook)
+		CheckNoError(t, resp)
+
+		if status, resp = Client.DeleteIncomingWebhook(rhook.Id); !status {
+			t.Fatal("Delete should have succeeded")
+		} else {
+			CheckOKStatus(t, resp)
+		}
+
+		// Get now should not return this deleted hook
+		_, resp = Client.GetIncomingWebhook(rhook.Id, "")
+		CheckNotFoundStatus(t, resp)
+	})
+
+	t.Run("WhenUserDoesNotHavePemissions", func(t *testing.T) {
+		hook = &model.IncomingWebhook{ChannelId: th.BasicChannel.Id}
+		rhook, resp = Client.CreateIncomingWebhook(hook)
+		CheckNoError(t, resp)
+
+		th.LoginBasic()
+		Client = th.Client
+
+		_, resp = Client.DeleteIncomingWebhook(rhook.Id)
+		CheckForbiddenStatus(t, resp)
+	})
+}
+
+func TestCreateOutgoingWebhook(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+
+	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
+	defer func() {
+		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
+		utils.SetDefaultRolesBasedOnConfig()
+	}()
+	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
+	utils.SetDefaultRolesBasedOnConfig()
+
+	hook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, CallbackURLs: []string{"http://nowhere.com"}}
+
+	rhook, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook)
+	CheckNoError(t, resp)
+
+	if rhook.ChannelId != hook.ChannelId {
+		t.Fatal("channel ids didn't match")
+	} else if rhook.CreatorId != th.SystemAdminUser.Id {
+		t.Fatal("user ids didn't match")
+	} else if rhook.TeamId != th.BasicChannel.TeamId {
+		t.Fatal("team ids didn't match")
+	}
+
+	hook.ChannelId = "junk"
+	_, resp = th.SystemAdminClient.CreateOutgoingWebhook(hook)
+	CheckNotFoundStatus(t, resp)
+
+	hook.ChannelId = th.BasicChannel.Id
+	th.LoginTeamAdmin()
+	_, resp = Client.CreateOutgoingWebhook(hook)
+	CheckNoError(t, resp)
+
+	th.LoginBasic()
+	_, resp = Client.CreateOutgoingWebhook(hook)
+	CheckForbiddenStatus(t, resp)
+
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
+	utils.SetDefaultRolesBasedOnConfig()
+
+	_, resp = Client.CreateOutgoingWebhook(hook)
+	CheckNoError(t, resp)
+
+	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = false
+	_, resp = Client.CreateOutgoingWebhook(hook)
+	CheckNotImplementedStatus(t, resp)
+}
+
+func TestGetOutgoingWebhooks(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+
+	enableOutgoingHooks := utils.Cfg.ServiceSettings.EnableOutgoingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
+	defer func() {
+		utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = enableOutgoingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
+		utils.SetDefaultRolesBasedOnConfig()
+	}()
+	utils.Cfg.ServiceSettings.EnableOutgoingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
+	utils.SetDefaultRolesBasedOnConfig()
+
+	hook := &model.OutgoingWebhook{ChannelId: th.BasicChannel.Id, TeamId: th.BasicChannel.TeamId, CallbackURLs: []string{"http://nowhere.com"}}
+	rhook, resp := th.SystemAdminClient.CreateOutgoingWebhook(hook)
+	CheckNoError(t, resp)
+
+	hooks, resp := th.SystemAdminClient.GetOutgoingWebhooks(0, 1000, "")
+	CheckNoError(t, resp)
+
+	found := false
+	for _, h := range hooks {
+		if rhook.Id == h.Id {
+			found = true
+		}
+	}
+
+	if !found {
+		t.Fatal("missing hook")
+	}
+
+	hooks, resp = th.SystemAdminClient.GetOutgoingWebhooks(0, 1, "")
+	CheckNoError(t, resp)
+
+	if len(hooks) != 1 {
+		t.Fatal("should only be 1")
+	}
+
+	hooks, resp = th.SystemAdminClient.GetOutgoingWebhooksForTeam(th.BasicTeam.Id, 0, 1000, "")
+	CheckNoError(t, resp)
+
+	found = false
+	for _, h := range hooks {
+		if rhook.Id == h.Id {
+			found = true
+		}
+	}
+
+	if !found {
+		t.Fatal("missing hook")
+	}
+
+	hooks, resp = th.SystemAdminClient.GetOutgoingWebhooksForTeam(model.NewId(), 0, 1000, "")
+	CheckNoError(t, resp)
+
+	if len(hooks) != 0 {
+		t.Fatal("no hooks should be returned")
+	}
+
+	hooks, resp = th.SystemAdminClient.GetOutgoingWebhooksForChannel(th.BasicChannel.Id, 0, 1000, "")
+	CheckNoError(t, resp)
+
+	found = false
+	for _, h := range hooks {
+		if rhook.Id == h.Id {
+			found = true
+		}
+	}
+
+	if !found {
+		t.Fatal("missing hook")
+	}
+
+	hooks, resp = th.SystemAdminClient.GetOutgoingWebhooksForChannel(model.NewId(), 0, 1000, "")
+	CheckNoError(t, resp)
+
+	if len(hooks) != 0 {
+		t.Fatal("no hooks should be returned")
+	}
+
+	_, resp = Client.GetOutgoingWebhooks(0, 1000, "")
+	CheckForbiddenStatus(t, resp)
+
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
+	utils.SetDefaultRolesBasedOnConfig()
+
+	_, resp = Client.GetOutgoingWebhooksForTeam(th.BasicTeam.Id, 0, 1000, "")
+	CheckNoError(t, resp)
+
+	_, resp = Client.GetOutgoingWebhooksForTeam(model.NewId(), 0, 1000, "")
+	CheckForbiddenStatus(t, resp)
+
+	_, resp = Client.GetOutgoingWebhooksForChannel(th.BasicChannel.Id, 0, 1000, "")
+	CheckNoError(t, resp)
+
+	_, resp = Client.GetOutgoingWebhooksForChannel(model.NewId(), 0, 1000, "")
+	CheckForbiddenStatus(t, resp)
+
+	_, resp = Client.GetOutgoingWebhooks(0, 1000, "")
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	_, resp = Client.GetOutgoingWebhooks(0, 1000, "")
+	CheckUnauthorizedStatus(t, resp)
+}
+
+func TestUpdateIncomingHook(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+
+	enableIncomingHooks := utils.Cfg.ServiceSettings.EnableIncomingWebhooks
+	enableAdminOnlyHooks := utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations
+	defer func() {
+		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = enableIncomingHooks
+		utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = enableAdminOnlyHooks
+		utils.SetDefaultRolesBasedOnConfig()
+	}()
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
+	utils.SetDefaultRolesBasedOnConfig()
+
+	hook1 := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id}
+
+	createdHook, resp := th.SystemAdminClient.CreateIncomingWebhook(hook1)
+	CheckNoError(t, resp)
+
+	t.Run("UpdateIncomingHook", func(t *testing.T) {
+		createdHook.DisplayName = "hook2"
+		createdHook.Description = "description"
+		createdHook.ChannelId = th.BasicChannel2.Id
+
+		updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook)
+		CheckNoError(t, resp)
+		if updatedHook != nil {
+			if updatedHook.DisplayName != "hook2" {
+				t.Fatal("Hook name is not updated")
+			}
+
+			if updatedHook.Description != "description" {
+				t.Fatal("Hook description is not updated")
+			}
+
+			if updatedHook.ChannelId != th.BasicChannel2.Id {
+				t.Fatal("Hook channel is not updated")
+			}
+		} else {
+			t.Fatal("should not be nil")
+		}
+	})
+
+	t.Run("RetainCreateAt", func(t *testing.T) {
+		hook2 := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id, CreateAt: 100}
+
+		createdHook, resp := th.SystemAdminClient.CreateIncomingWebhook(hook2)
+		CheckNoError(t, resp)
+
+		createdHook.DisplayName = "Name2"
+
+		updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook)
+		CheckNoError(t, resp)
+		if updatedHook != nil {
+			if updatedHook.CreateAt != createdHook.CreateAt {
+				t.Fatal("failed - hook create at should not be changed")
+			}
+		} else {
+			t.Fatal("should not be nil")
+		}
+	})
+
+	t.Run("ModifyUpdateAt", func(t *testing.T) {
+		createdHook.DisplayName = "Name3"
+
+		updatedHook, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook)
+		CheckNoError(t, resp)
+		if updatedHook != nil {
+			if updatedHook.UpdateAt == createdHook.UpdateAt {
+				t.Fatal("failed - hook updateAt is not updated")
+			}
+		} else {
+			t.Fatal("should not be nil")
+		}
+	})
+
+	t.Run("UpdateNonExistentHook", func(t *testing.T) {
+		nonExistentHook := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id}
+
+		_, resp := th.SystemAdminClient.UpdateIncomingWebhook(nonExistentHook)
+		CheckNotFoundStatus(t, resp)
+
+		nonExistentHook.Id = model.NewId()
+		_, resp = th.SystemAdminClient.UpdateIncomingWebhook(nonExistentHook)
+		CheckNotFoundStatus(t, resp)
+	})
+
+	t.Run("UserIsNotAdminOfTeam", func(t *testing.T) {
+		_, resp := Client.UpdateIncomingWebhook(createdHook)
+		CheckForbiddenStatus(t, resp)
+	})
+
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
+
+	t.Run("OnlyAdminIntegrationsDisabled", func(t *testing.T) {
+		*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
+		utils.SetDefaultRolesBasedOnConfig()
+
+		t.Run("UpdateHookOfSameUser", func(t *testing.T) {
+			sameUserHook := &model.IncomingWebhook{ChannelId: th.BasicChannel.Id, UserId: th.BasicUser2.Id}
+
+			sameUserHook, resp := Client.CreateIncomingWebhook(sameUserHook)
+			CheckNoError(t, resp)
+
+			_, resp = Client.UpdateIncomingWebhook(sameUserHook)
+			CheckNoError(t, resp)
+		})
+
+		t.Run("UpdateHookOfDifferentUser", func(t *testing.T) {
+			_, resp := Client.UpdateIncomingWebhook(createdHook)
+			CheckForbiddenStatus(t, resp)
+		})
+	})
+
+	*utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
+	utils.SetDefaultRolesBasedOnConfig()
+
+	Client.Logout()
+	UpdateUserToTeamAdmin(th.BasicUser2, th.BasicTeam)
+	th.LoginBasic2()
+	t.Run("UpdateByDifferentUser", func(t *testing.T) {
+		updatedHook, resp := Client.UpdateIncomingWebhook(createdHook)
+		CheckNoError(t, resp)
+		if updatedHook.UserId == th.BasicUser2.Id {
+			t.Fatal("Hook's creator userId is not retained")
+		}
+	})
+
+	t.Run("IncomingHooksDisabled", func(t *testing.T) {
+		utils.Cfg.ServiceSettings.EnableIncomingWebhooks = false
+		_, resp := Client.UpdateIncomingWebhook(createdHook)
+		CheckNotImplementedStatus(t, resp)
+		CheckErrorMessage(t, resp, "api.incoming_webhook.disabled.app_error")
+	})
+
+	utils.Cfg.ServiceSettings.EnableIncomingWebhooks = true
+
+	t.Run("PrivateChannel", func(t *testing.T) {
+		privateChannel := th.CreatePrivateChannel()
+		Client.Logout()
+		th.LoginBasic()
+		createdHook.ChannelId = privateChannel.Id
+
+		_, resp := Client.UpdateIncomingWebhook(createdHook)
+		CheckForbiddenStatus(t, resp)
+	})
+
+	t.Run("UpdateToNonExistentChannel", func(t *testing.T) {
+		createdHook.ChannelId = "junk"
+		_, resp := th.SystemAdminClient.UpdateIncomingWebhook(createdHook)
+		CheckNotFoundStatus(t, resp)
+	})
+
+	team := th.CreateTeamWithClient(Client)
+	user := th.CreateUserWithClient(Client)
+	LinkUserToTeam(user, team)
+	Client.Logout()
+	Client.Login(user.Id, user.Password)
+	t.Run("UpdateToADifferentTeam", func(t *testing.T) {
+		_, resp := Client.UpdateIncomingWebhook(createdHook)
+		CheckUnauthorizedStatus(t, resp)
+	})
+}