diff options
Diffstat (limited to 'api4')
-rw-r--r-- | api4/api.go | 1 | ||||
-rw-r--r-- | api4/apitestlib.go | 27 | ||||
-rw-r--r-- | api4/channel_test.go | 4 | ||||
-rw-r--r-- | api4/context.go | 11 | ||||
-rw-r--r-- | api4/post.go | 119 | ||||
-rw-r--r-- | api4/post_test.go | 249 |
6 files changed, 409 insertions, 2 deletions
diff --git a/api4/api.go b/api4/api.go index 6c2faa96b..6348714b2 100644 --- a/api4/api.go +++ b/api4/api.go @@ -140,6 +140,7 @@ func InitApi(full bool) { InitUser() InitTeam() InitChannel() + InitPost() app.Srv.Router.Handle("/api/v4/{anything:.*}", http.HandlerFunc(Handle404)) diff --git a/api4/apitestlib.go b/api4/apitestlib.go index 25bfe6f75..0761a8b15 100644 --- a/api4/apitestlib.go +++ b/api4/apitestlib.go @@ -26,6 +26,8 @@ type TestHelper struct { TeamAdminUser *model.User BasicTeam *model.Team BasicChannel *model.Channel + BasicChannel2 *model.Channel + BasicPost *model.Post SystemAdminClient *model.Client4 SystemAdminUser *model.User @@ -97,12 +99,16 @@ func (me *TestHelper) InitBasic() *TestHelper { me.LoginTeamAdmin() me.BasicTeam = me.CreateTeam() me.BasicChannel = me.CreatePublicChannel() + me.BasicChannel2 = me.CreatePublicChannel() + me.BasicPost = me.CreatePost() me.BasicUser = me.CreateUser() LinkUserToTeam(me.BasicUser, me.BasicTeam) me.BasicUser2 = me.CreateUser() LinkUserToTeam(me.BasicUser2, me.BasicTeam) app.AddUserToChannel(me.BasicUser, me.BasicChannel) app.AddUserToChannel(me.BasicUser2, me.BasicChannel) + app.AddUserToChannel(me.BasicUser, me.BasicChannel2) + app.AddUserToChannel(me.BasicUser2, me.BasicChannel2) app.UpdateUserRoles(me.BasicUser.Id, model.ROLE_SYSTEM_USER.Id) me.LoginBasic() @@ -188,6 +194,27 @@ func (me *TestHelper) CreateChannelWithClient(client *model.Client4, channelType return rchannel } +func (me *TestHelper) CreatePost() *model.Post { + return me.CreatePostWithClient(me.Client, me.BasicChannel) +} + +func (me *TestHelper) CreatePostWithClient(client *model.Client4, channel *model.Channel) *model.Post { + id := model.NewId() + + post := &model.Post{ + ChannelId: channel.Id, + Message: "message_" + id, + } + + utils.DisableDebugLogForTest() + rpost, resp := client.CreatePost(post) + if resp.Error != nil { + panic(resp.Error) + } + utils.EnableDebugLogForTest() + return rpost +} + func (me *TestHelper) LoginBasic() { me.LoginBasicWithClient(me.Client) } diff --git a/api4/channel_test.go b/api4/channel_test.go index d5bc1d971..91d055bff 100644 --- a/api4/channel_test.go +++ b/api4/channel_test.go @@ -331,8 +331,8 @@ func TestGetChannelMembersForUser(t *testing.T) { members, resp := Client.GetChannelMembersForUser(th.BasicUser.Id, th.BasicTeam.Id, "") CheckNoError(t, resp) - if len(*members) != 3 { - t.Fatal("should have 3 members on team") + if len(*members) != 4 { + t.Fatal("should have 4 members on team") } _, resp = Client.GetChannelMembersForUser("", th.BasicTeam.Id, "") diff --git a/api4/context.go b/api4/context.go index 6a22b4103..06523152f 100644 --- a/api4/context.go +++ b/api4/context.go @@ -375,6 +375,17 @@ func (c *Context) RequireUsername() *Context { return c } +func (c *Context) RequirePostId() *Context { + if c.Err != nil { + return c + } + + if len(c.Params.PostId) != 26 { + c.SetInvalidUrlParam("post_id") + } + return c +} + func (c *Context) RequireEmail() *Context { if c.Err != nil { return c diff --git a/api4/post.go b/api4/post.go new file mode 100644 index 000000000..9510fe0c6 --- /dev/null +++ b/api4/post.go @@ -0,0 +1,119 @@ +// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package api4 + +import ( + "net/http" + + l4g "github.com/alecthomas/log4go" + "github.com/mattermost/platform/app" + "github.com/mattermost/platform/model" + "github.com/mattermost/platform/utils" +) + +func InitPost() { + l4g.Debug(utils.T("api.post.init.debug")) + + BaseRoutes.Posts.Handle("", ApiSessionRequired(createPost)).Methods("POST") + BaseRoutes.Post.Handle("", ApiSessionRequired(getPost)).Methods("GET") + BaseRoutes.Post.Handle("/thread", ApiSessionRequired(getPostThread)).Methods("GET") + BaseRoutes.PostsForChannel.Handle("", ApiSessionRequired(getPostsForChannel)).Methods("GET") +} + +func createPost(c *Context, w http.ResponseWriter, r *http.Request) { + post := model.PostFromJson(r.Body) + if post == nil { + c.SetInvalidParam("post") + return + } + + post.UserId = c.Session.UserId + + if !app.SessionHasPermissionToChannel(c.Session, post.ChannelId, model.PERMISSION_CREATE_POST) { + c.SetPermissionError(model.PERMISSION_CREATE_POST) + return + } + + if post.CreateAt != 0 && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + post.CreateAt = 0 + } + + rp, err := app.CreatePostAsUser(post) + if err != nil { + c.Err = err + return + } + + w.Write([]byte(rp.ToJson())) +} + +func getPostsForChannel(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireChannelId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToChannel(c.Session, c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + + etag := app.GetPostsEtag(c.Params.ChannelId) + + if HandleEtag(etag, "Get Posts", w, r) { + return + } + + if list, err := app.GetPostsPage(c.Params.ChannelId, c.Params.Page, c.Params.PerPage); err != nil { + c.Err = err + return + } else { + w.Header().Set(model.HEADER_ETAG_SERVER, etag) + w.Write([]byte(list.ToJson())) + } +} + +func getPost(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequirePostId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToChannelByPost(c.Session, c.Params.PostId, model.PERMISSION_READ_CHANNEL) { + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + + if post, err := app.GetSinglePost(c.Params.PostId); err != nil { + c.Err = err + return + } else if HandleEtag(post.Etag(), "Get Post", w, r) { + return + } else { + w.Header().Set(model.HEADER_ETAG_SERVER, post.Etag()) + w.Write([]byte(post.ToJson())) + } +} + +func getPostThread(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequirePostId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToChannelByPost(c.Session, c.Params.PostId, model.PERMISSION_READ_CHANNEL) { + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + + if list, err := app.GetPostThread(c.Params.PostId); err != nil { + c.Err = err + return + } else if HandleEtag(list.Etag(), "Get Post Thread", w, r) { + return + } else { + w.Header().Set(model.HEADER_ETAG_SERVER, list.Etag()) + w.Write([]byte(list.ToJson())) + } +} diff --git a/api4/post_test.go b/api4/post_test.go new file mode 100644 index 000000000..32f259d3d --- /dev/null +++ b/api4/post_test.go @@ -0,0 +1,249 @@ +// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package api4 + +import ( + "net/http" + "strconv" + "testing" + + "github.com/mattermost/platform/model" +) + +func TestCreatePost(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + post := &model.Post{ChannelId: th.BasicChannel.Id, Message: "#hashtag a" + model.NewId() + "a"} + rpost, resp := Client.CreatePost(post) + CheckNoError(t, resp) + + if rpost.Message != post.Message { + t.Fatal("message didn't match") + } + + if rpost.Hashtags != "#hashtag" { + t.Fatal("hashtag didn't match") + } + + if len(rpost.FileIds) != 0 { + t.Fatal("shouldn't have files") + } + + if rpost.EditAt != 0 { + t.Fatal("newly created post shouldn't have EditAt set") + } + + post.RootId = rpost.Id + post.ParentId = rpost.Id + _, resp = Client.CreatePost(post) + CheckNoError(t, resp) + + post.RootId = "junk" + _, resp = Client.CreatePost(post) + CheckBadRequestStatus(t, resp) + + post.RootId = rpost.Id + post.ParentId = "junk" + _, resp = Client.CreatePost(post) + CheckBadRequestStatus(t, resp) + + post2 := &model.Post{ChannelId: th.BasicChannel2.Id, Message: "a" + model.NewId() + "a", CreateAt: 123} + rpost2, resp := Client.CreatePost(post2) + + if rpost2.CreateAt == post2.CreateAt { + t.Fatal("create at should not match") + } + + post.RootId = rpost2.Id + post.ParentId = rpost2.Id + _, resp = Client.CreatePost(post) + CheckBadRequestStatus(t, resp) + + post.RootId = "" + post.ParentId = "" + post.ChannelId = "junk" + _, resp = Client.CreatePost(post) + CheckForbiddenStatus(t, resp) + + post.ChannelId = model.NewId() + _, resp = Client.CreatePost(post) + CheckForbiddenStatus(t, resp) + + if r, err := Client.DoApiPost("/posts", "garbage"); err == nil { + t.Fatal("should have errored") + } else { + if r.StatusCode != http.StatusBadRequest { + t.Log("actual: " + strconv.Itoa(r.StatusCode)) + t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) + t.Fatal("wrong status code") + } + } + + Client.Logout() + _, resp = Client.CreatePost(post) + CheckUnauthorizedStatus(t, resp) + + post.ChannelId = th.BasicChannel.Id + post.CreateAt = 123 + rpost, resp = th.SystemAdminClient.CreatePost(post) + CheckNoError(t, resp) + + if rpost.CreateAt != post.CreateAt { + t.Fatal("create at should match") + } +} + +func TestGetPostsForChannel(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + post1 := th.CreatePost() + post2 := th.CreatePost() + post3 := th.CreatePost() + post4 := &model.Post{ChannelId: th.BasicChannel.Id, Message: "a" + model.NewId() + "a", RootId: post1.Id} + post4, _ = Client.CreatePost(post4) + + posts, resp := Client.GetPostsForChannel(th.BasicChannel.Id, 0, 60, "") + CheckNoError(t, resp) + + if posts.Order[0] != post4.Id { + t.Fatal("wrong order") + } + + if posts.Order[1] != post3.Id { + t.Fatal("wrong order") + } + + if posts.Order[2] != post2.Id { + t.Fatal("wrong order") + } + + if posts.Order[3] != post1.Id { + t.Fatal("wrong order") + } + + posts, resp = Client.GetPostsForChannel(th.BasicChannel.Id, 0, 3, resp.Etag) + CheckEtag(t, posts, resp) + + posts, resp = Client.GetPostsForChannel(th.BasicChannel.Id, 0, 3, "") + CheckNoError(t, resp) + + if len(posts.Order) != 3 { + t.Fatal("wrong number returned") + } + + if _, ok := posts.Posts[post4.Id]; !ok { + t.Fatal("missing comment") + } + + if _, ok := posts.Posts[post1.Id]; !ok { + t.Fatal("missing root post") + } + + posts, resp = Client.GetPostsForChannel(th.BasicChannel.Id, 1, 1, "") + CheckNoError(t, resp) + + if posts.Order[0] != post3.Id { + t.Fatal("wrong order") + } + + posts, resp = Client.GetPostsForChannel(th.BasicChannel.Id, 10000, 10000, "") + CheckNoError(t, resp) + + if len(posts.Order) != 0 { + t.Fatal("should be no posts") + } + + _, resp = Client.GetPostsForChannel("", 0, 60, "") + CheckNotFoundStatus(t, resp) + + _, resp = Client.GetPostsForChannel("junk", 0, 60, "") + CheckBadRequestStatus(t, resp) + + _, resp = Client.GetPostsForChannel(model.NewId(), 0, 60, "") + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.GetPostsForChannel(model.NewId(), 0, 60, "") + CheckUnauthorizedStatus(t, resp) + + _, resp = th.SystemAdminClient.GetPostsForChannel(th.BasicChannel.Id, 0, 60, "") + CheckNoError(t, resp) +} + +func TestGetPost(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + post, resp := Client.GetPost(th.BasicPost.Id, "") + CheckNoError(t, resp) + + if post.Id != th.BasicPost.Id { + t.Fatal("post ids don't match") + } + + post, resp = Client.GetPost(th.BasicPost.Id, resp.Etag) + CheckEtag(t, post, resp) + + _, resp = Client.GetPost("", "") + CheckNotFoundStatus(t, resp) + + _, resp = Client.GetPost("junk", "") + CheckBadRequestStatus(t, resp) + + _, resp = Client.GetPost(model.NewId(), "") + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.GetPost(model.NewId(), "") + CheckUnauthorizedStatus(t, resp) + + post, resp = th.SystemAdminClient.GetPost(th.BasicPost.Id, "") + CheckNoError(t, resp) +} + +func TestGetPostThread(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + post := &model.Post{ChannelId: th.BasicChannel.Id, Message: "a" + model.NewId() + "a", RootId: th.BasicPost.Id} + post, _ = Client.CreatePost(post) + + list, resp := Client.GetPostThread(th.BasicPost.Id, "") + CheckNoError(t, resp) + + var list2 *model.PostList + list2, resp = Client.GetPostThread(th.BasicPost.Id, resp.Etag) + CheckEtag(t, list2, resp) + + if list.Order[0] != th.BasicPost.Id { + t.Fatal("wrong order") + } + + if _, ok := list.Posts[th.BasicPost.Id]; !ok { + t.Fatal("should have had post") + } + + if _, ok := list.Posts[post.Id]; !ok { + t.Fatal("should have had post") + } + + _, resp = Client.GetPostThread("junk", "") + CheckBadRequestStatus(t, resp) + + _, resp = Client.GetPostThread(model.NewId(), "") + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.GetPostThread(model.NewId(), "") + CheckUnauthorizedStatus(t, resp) + + list, resp = th.SystemAdminClient.GetPostThread(th.BasicPost.Id, "") + CheckNoError(t, resp) +} |