summaryrefslogtreecommitdiffstats
path: root/api4
diff options
context:
space:
mode:
Diffstat (limited to 'api4')
-rw-r--r--api4/api.go7
-rw-r--r--api4/team.go64
-rw-r--r--api4/team_test.go118
3 files changed, 185 insertions, 4 deletions
diff --git a/api4/api.go b/api4/api.go
index 2293cdec5..5ad410cb3 100644
--- a/api4/api.go
+++ b/api4/api.go
@@ -94,7 +94,7 @@ func InitApi(full bool) {
BaseRoutes.UserByEmail = BaseRoutes.Users.PathPrefix("/email/{email}").Subrouter()
BaseRoutes.Teams = BaseRoutes.ApiRoot.PathPrefix("/teams").Subrouter()
- BaseRoutes.TeamsForUser = BaseRoutes.Users.PathPrefix("/teams").Subrouter()
+ BaseRoutes.TeamsForUser = BaseRoutes.User.PathPrefix("/teams").Subrouter()
BaseRoutes.Team = BaseRoutes.Teams.PathPrefix("/{team_id:[A-Za-z0-9]+}").Subrouter()
BaseRoutes.TeamByName = BaseRoutes.Teams.PathPrefix("/name/{team_name:[A-Za-z0-9_-]+}").Subrouter()
BaseRoutes.TeamMembers = BaseRoutes.Team.PathPrefix("/members").Subrouter()
@@ -141,11 +141,10 @@ func InitApi(full bool) {
InitTeam()
InitChannel()
+ app.Srv.Router.Handle("/api/v4/{anything:.*}", http.HandlerFunc(Handle404))
+
// REMOVE CONDITION WHEN APIv3 REMOVED
if full {
- // 404 on any api route before web.go has a chance to serve it
- app.Srv.Router.Handle("/api/{anything:.*}", http.HandlerFunc(Handle404))
-
utils.InitHTML()
app.InitEmailBatching()
diff --git a/api4/team.go b/api4/team.go
index 6365ff6de..8564029b0 100644
--- a/api4/team.go
+++ b/api4/team.go
@@ -16,6 +16,11 @@ func InitTeam() {
l4g.Debug(utils.T("api.team.init.debug"))
BaseRoutes.Teams.Handle("", ApiSessionRequired(createTeam)).Methods("POST")
+ BaseRoutes.TeamsForUser.Handle("", ApiSessionRequired(getTeamsForUser)).Methods("GET")
+
+ BaseRoutes.Team.Handle("", ApiSessionRequired(getTeam)).Methods("GET")
+
+ BaseRoutes.TeamMember.Handle("", ApiSessionRequired(getTeamMember)).Methods("GET")
}
@@ -40,3 +45,62 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusCreated)
w.Write([]byte(rteam.ToJson()))
}
+
+func getTeam(c *Context, w http.ResponseWriter, r *http.Request) {
+ c.RequireTeamId()
+ if c.Err != nil {
+ return
+ }
+
+ if team, err := app.GetTeam(c.Params.TeamId); err != nil {
+ c.Err = err
+ return
+ } else {
+ if team.Type != model.TEAM_OPEN && !app.SessionHasPermissionToTeam(c.Session, team.Id, model.PERMISSION_VIEW_TEAM) {
+ c.SetPermissionError(model.PERMISSION_VIEW_TEAM)
+ return
+ }
+
+ w.Write([]byte(team.ToJson()))
+ return
+ }
+}
+
+func getTeamsForUser(c *Context, w http.ResponseWriter, r *http.Request) {
+ c.RequireUserId()
+ if c.Err != nil {
+ return
+ }
+
+ if c.Session.UserId != c.Params.UserId && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
+ return
+ }
+
+ if teams, err := app.GetTeamsForUser(c.Params.UserId); err != nil {
+ c.Err = err
+ return
+ } else {
+ w.Write([]byte(model.TeamListToJson(teams)))
+ }
+}
+
+func getTeamMember(c *Context, w http.ResponseWriter, r *http.Request) {
+ c.RequireTeamId().RequireUserId()
+ if c.Err != nil {
+ return
+ }
+
+ if !app.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_VIEW_TEAM) {
+ c.SetPermissionError(model.PERMISSION_VIEW_TEAM)
+ return
+ }
+
+ if team, err := app.GetTeamMember(c.Params.TeamId, c.Params.UserId); err != nil {
+ c.Err = err
+ return
+ } else {
+ w.Write([]byte(team.ToJson()))
+ return
+ }
+}
diff --git a/api4/team_test.go b/api4/team_test.go
index 90f237151..5c6d64ace 100644
--- a/api4/team_test.go
+++ b/api4/team_test.go
@@ -74,3 +74,121 @@ func TestCreateTeam(t *testing.T) {
_, resp = Client.CreateTeam(team)
CheckForbiddenStatus(t, resp)
}
+
+func TestGetTeam(t *testing.T) {
+ th := Setup().InitBasic().InitSystemAdmin()
+ defer TearDown()
+ Client := th.Client
+ team := th.BasicTeam
+
+ rteam, resp := Client.GetTeam(team.Id, "")
+ CheckNoError(t, resp)
+
+ if rteam.Id != team.Id {
+ t.Fatal("wrong team")
+ }
+
+ _, resp = Client.GetTeam("junk", "")
+ CheckBadRequestStatus(t, resp)
+
+ _, resp = Client.GetTeam("", "")
+ CheckNotFoundStatus(t, resp)
+
+ _, resp = Client.GetTeam(model.NewId(), "")
+ CheckNotFoundStatus(t, resp)
+
+ th.LoginTeamAdmin()
+
+ team2 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: GenerateTestEmail(), Type: model.TEAM_INVITE}
+ rteam2, _ := Client.CreateTeam(team2)
+
+ th.LoginBasic()
+ _, resp = Client.GetTeam(rteam2.Id, "")
+ CheckForbiddenStatus(t, resp)
+
+ Client.Logout()
+ _, resp = Client.GetTeam(team.Id, "")
+ CheckUnauthorizedStatus(t, resp)
+
+ _, resp = th.SystemAdminClient.GetTeam(rteam2.Id, "")
+ CheckNoError(t, resp)
+}
+
+func TestGetTeamsForUser(t *testing.T) {
+ th := Setup().InitBasic().InitSystemAdmin()
+ defer TearDown()
+ Client := th.Client
+
+ team2 := &model.Team{DisplayName: "Name", Name: GenerateTestTeamName(), Email: GenerateTestEmail(), Type: model.TEAM_INVITE}
+ rteam2, _ := Client.CreateTeam(team2)
+
+ teams, resp := Client.GetTeamsForUser(th.BasicUser.Id, "")
+ CheckNoError(t, resp)
+
+ if len(teams) != 2 {
+ t.Fatal("wrong number of teams")
+ }
+
+ found1 := false
+ found2 := false
+ for _, t := range teams {
+ if t.Id == th.BasicTeam.Id {
+ found1 = true
+ } else if t.Id == rteam2.Id {
+ found2 = true
+ }
+ }
+
+ if !found1 || !found2 {
+ t.Fatal("missing team")
+ }
+
+ _, resp = Client.GetTeamsForUser("junk", "")
+ CheckBadRequestStatus(t, resp)
+
+ _, resp = Client.GetTeamsForUser(model.NewId(), "")
+ CheckForbiddenStatus(t, resp)
+
+ _, resp = Client.GetTeamsForUser(th.BasicUser2.Id, "")
+ CheckForbiddenStatus(t, resp)
+
+ _, resp = th.SystemAdminClient.GetTeamsForUser(th.BasicUser2.Id, "")
+ CheckNoError(t, resp)
+}
+
+func TestGetTeamMember(t *testing.T) {
+ th := Setup().InitBasic().InitSystemAdmin()
+ defer TearDown()
+ Client := th.Client
+ team := th.BasicTeam
+ user := th.BasicUser
+
+ rmember, resp := Client.GetTeamMember(team.Id, user.Id, "")
+ CheckNoError(t, resp)
+
+ if rmember.TeamId != team.Id {
+ t.Fatal("wrong team id")
+ }
+
+ if rmember.UserId != user.Id {
+ t.Fatal("wrong team id")
+ }
+
+ _, resp = Client.GetTeamMember("junk", user.Id, "")
+ CheckBadRequestStatus(t, resp)
+
+ _, resp = Client.GetTeamMember(team.Id, "junk", "")
+ CheckBadRequestStatus(t, resp)
+
+ _, resp = Client.GetTeamMember("junk", "junk", "")
+ CheckBadRequestStatus(t, resp)
+
+ _, resp = Client.GetTeamMember(team.Id, model.NewId(), "")
+ CheckNotFoundStatus(t, resp)
+
+ _, resp = Client.GetTeamMember(model.NewId(), user.Id, "")
+ CheckForbiddenStatus(t, resp)
+
+ _, resp = th.SystemAdminClient.GetTeamMember(team.Id, user.Id, "")
+ CheckNoError(t, resp)
+}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-07-01 10:29:17 +0000