2 files changed, 75 insertions, 0 deletions

diff --git a/api4/team.go b/api4/team.go
index ed096e058..db42dc6b6 100644
--- a/api4/team.go
+++ b/api4/team.go
@@ -20,6 +20,7 @@ func InitTeam() {
 
 	BaseRoutes.Team.Handle("", ApiSessionRequired(getTeam)).Methods("GET")
 	BaseRoutes.Team.Handle("/stats", ApiSessionRequired(getTeamStats)).Methods("GET")
+	BaseRoutes.Team.Handle("/members", ApiSessionRequired(getTeamMembers)).Methods("GET")
 
 	BaseRoutes.TeamByName.Handle("", ApiSessionRequired(getTeamByName)).Methods("GET")
 	BaseRoutes.TeamMember.Handle("", ApiSessionRequired(getTeamMember)).Methods("GET")
@@ -122,6 +123,26 @@ func getTeamMember(c *Context, w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func getTeamMembers(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireTeamId()
+	if c.Err != nil {
+		return
+	}
+
+	if !app.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_VIEW_TEAM) {
+		c.SetPermissionError(model.PERMISSION_VIEW_TEAM)
+		return
+	}
+
+	if members, err := app.GetTeamMembers(c.Params.TeamId, c.Params.Page, c.Params.PerPage); err != nil {
+		c.Err = err
+		return
+	} else {
+		w.Write([]byte(model.TeamMembersToJson(members)))
+		return
+	}
+}
+
 func getTeamStats(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequireTeamId()
 	if c.Err != nil {
diff --git a/api4/team_test.go b/api4/team_test.go
index 8f0becaa7..327a8e16f 100644
--- a/api4/team_test.go
+++ b/api4/team_test.go
@@ -229,6 +229,60 @@ func TestGetTeamMember(t *testing.T) {
 	CheckNoError(t, resp)
 }
 
+func TestGetTeamMembers(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+	team := th.BasicTeam
+	userNotMember := th.CreateUser()
+
+	rmembers, resp := Client.GetTeamMembers(team.Id, 0, 100, "")
+	CheckNoError(t, resp)
+
+	t.Logf("rmembers count %v\n", len(rmembers))
+
+	if len(rmembers) == 0 {
+		t.Fatal("should have results")
+	}
+
+	for _, rmember := range rmembers {
+		if rmember.TeamId != team.Id || rmember.UserId == userNotMember.Id {
+			t.Fatal("user should be a member of team")
+		}
+	}
+
+	rmembers, resp = Client.GetTeamMembers(team.Id, 0, 1, "")
+	CheckNoError(t, resp)
+	if len(rmembers) != 1 {
+		t.Fatal("should be 1 per page")
+	}
+
+	rmembers, resp = Client.GetTeamMembers(team.Id, 1, 1, "")
+	CheckNoError(t, resp)
+	if len(rmembers) != 1 {
+		t.Fatal("should be 1 per page")
+	}
+
+	rmembers, resp = Client.GetTeamMembers(team.Id, 10000, 100, "")
+	CheckNoError(t, resp)
+	if len(rmembers) != 0 {
+		t.Fatal("should be no member")
+	}
+
+	_, resp = Client.GetTeamMembers("junk", 0, 100, "")
+	CheckBadRequestStatus(t, resp)
+
+	_, resp = Client.GetTeamMembers(model.NewId(), 0, 100, "")
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	rmembers, resp = Client.GetTeamMembers(team.Id, 0, 1, "")
+	CheckUnauthorizedStatus(t, resp)
+
+	rmembers, resp = th.SystemAdminClient.GetTeamMembers(team.Id, 0, 100, "")
+	CheckNoError(t, resp)
+}
+
 func TestGetTeamStats(t *testing.T) {
 	th := Setup().InitBasic().InitSystemAdmin()
 	defer TearDown()