diff options
Diffstat (limited to 'api4')
-rw-r--r-- | api4/api.go | 2 | ||||
-rw-r--r-- | api4/team.go | 88 | ||||
-rw-r--r-- | api4/team_test.go | 170 |
3 files changed, 259 insertions, 1 deletions
diff --git a/api4/api.go b/api4/api.go index 223017151..289291951 100644 --- a/api4/api.go +++ b/api4/api.go @@ -28,6 +28,7 @@ type Routes struct { Teams *mux.Router // 'api/v4/teams' TeamsForUser *mux.Router // 'api/v4/users/{user_id:[A-Za-z0-9]+}/teams' Team *mux.Router // 'api/v4/teams/{team_id:[A-Za-z0-9]+}' + TeamForUser *mux.Router // 'api/v4/users/{user_id:[A-Za-z0-9]+}/teams/{team_id:[A-Za-z0-9]+}' TeamByName *mux.Router // 'api/v4/teams/name/{team_name:[A-Za-z0-9_-]+}' TeamMembers *mux.Router // 'api/v4/teams/{team_id:[A-Za-z0-9_-]+}/members' TeamMember *mux.Router // 'api/v4/teams/{team_id:[A-Za-z0-9_-]+}/members/{user_id:[A-Za-z0-9_-]+}' @@ -99,6 +100,7 @@ func InitApi(full bool) { BaseRoutes.Teams = BaseRoutes.ApiRoot.PathPrefix("/teams").Subrouter() BaseRoutes.TeamsForUser = BaseRoutes.User.PathPrefix("/teams").Subrouter() BaseRoutes.Team = BaseRoutes.Teams.PathPrefix("/{team_id:[A-Za-z0-9]+}").Subrouter() + BaseRoutes.TeamForUser = BaseRoutes.TeamsForUser.PathPrefix("/{team_id:[A-Za-z0-9]+}").Subrouter() BaseRoutes.TeamByName = BaseRoutes.Teams.PathPrefix("/name/{team_name:[A-Za-z0-9_-]+}").Subrouter() BaseRoutes.TeamMembers = BaseRoutes.Team.PathPrefix("/members").Subrouter() BaseRoutes.TeamMember = BaseRoutes.TeamMembers.PathPrefix("/{user_id:[A-Za-z0-9]+}").Subrouter() diff --git a/api4/team.go b/api4/team.go index 40f41aaab..ed4929326 100644 --- a/api4/team.go +++ b/api4/team.go @@ -21,8 +21,12 @@ func InitTeam() { BaseRoutes.TeamsForUser.Handle("/unread", ApiSessionRequired(getTeamsUnreadForUser)).Methods("GET") BaseRoutes.Team.Handle("", ApiSessionRequired(getTeam)).Methods("GET") + BaseRoutes.Team.Handle("", ApiSessionRequired(updateTeam)).Methods("PUT") BaseRoutes.Team.Handle("/stats", ApiSessionRequired(getTeamStats)).Methods("GET") - BaseRoutes.Team.Handle("/members", ApiSessionRequired(getTeamMembers)).Methods("GET") + BaseRoutes.TeamMembers.Handle("", ApiSessionRequired(getTeamMembers)).Methods("GET") + BaseRoutes.TeamMembers.Handle("/ids", ApiSessionRequired(getTeamMembersByIds)).Methods("POST") + + BaseRoutes.TeamForUser.Handle("/unread", ApiSessionRequired(getTeamUnread)).Methods("GET") BaseRoutes.TeamByName.Handle("", ApiSessionRequired(getTeamByName)).Methods("GET") BaseRoutes.TeamMember.Handle("", ApiSessionRequired(getTeamMember)).Methods("GET") @@ -92,6 +96,36 @@ func getTeamByName(c *Context, w http.ResponseWriter, r *http.Request) { } } +func updateTeam(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireTeamId() + if c.Err != nil { + return + } + + team := model.TeamFromJson(r.Body) + + if team == nil { + c.SetInvalidParam("team") + return + } + + team.Id = c.Params.TeamId + + if !app.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_MANAGE_TEAM) { + c.SetPermissionError(model.PERMISSION_MANAGE_TEAM) + return + } + + updatedTeam, err := app.UpdateTeam(team) + + if err != nil { + c.Err = err + return + } + + w.Write([]byte(updatedTeam.ToJson())) +} + func getTeamsForUser(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireUserId() if c.Err != nil { @@ -174,6 +208,58 @@ func getTeamMembers(c *Context, w http.ResponseWriter, r *http.Request) { } } +func getTeamMembersByIds(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireTeamId() + if c.Err != nil { + return + } + + userIds := model.ArrayFromJson(r.Body) + + if len(userIds) == 0 { + c.SetInvalidParam("user_ids") + return + } + + if !app.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_VIEW_TEAM) { + c.SetPermissionError(model.PERMISSION_VIEW_TEAM) + return + } + + members, err := app.GetTeamMembersByIds(c.Params.TeamId, userIds) + if err != nil { + c.Err = err + return + } + + w.Write([]byte(model.TeamMembersToJson(members))) +} + +func getTeamUnread(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireTeamId().RequireUserId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) { + c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) + return + } + + if !app.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_VIEW_TEAM) { + c.SetPermissionError(model.PERMISSION_VIEW_TEAM) + return + } + + unreadTeam, err := app.GetTeamUnread(c.Params.TeamId, c.Params.UserId) + if err != nil { + c.Err = err + return + } + + w.Write([]byte(unreadTeam.ToJson())) +} + func getTeamStats(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireTeamId() if c.Err != nil { diff --git a/api4/team_test.go b/api4/team_test.go index 1ace69685..4b69f5b62 100644 --- a/api4/team_test.go +++ b/api4/team_test.go @@ -114,6 +114,138 @@ func TestGetTeam(t *testing.T) { CheckNoError(t, resp) } +func TestGetTeamUnread(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + teamUnread, resp := Client.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) + CheckNoError(t, resp) + if teamUnread.TeamId != th.BasicTeam.Id { + t.Fatal("wrong team id returned for regular user call") + } + + _, resp = Client.GetTeamUnread("junk", th.BasicUser.Id) + CheckBadRequestStatus(t, resp) + + _, resp = Client.GetTeamUnread(th.BasicTeam.Id, "junk") + CheckBadRequestStatus(t, resp) + + _, resp = Client.GetTeamUnread(model.NewId(), th.BasicUser.Id) + CheckForbiddenStatus(t, resp) + + _, resp = Client.GetTeamUnread(th.BasicTeam.Id, model.NewId()) + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) + CheckUnauthorizedStatus(t, resp) + + teamUnread, resp = th.SystemAdminClient.GetTeamUnread(th.BasicTeam.Id, th.BasicUser.Id) + CheckNoError(t, resp) + if teamUnread.TeamId != th.BasicTeam.Id { + t.Fatal("wrong team id returned") + } +} + +func TestUpdateTeam(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + team := &model.Team{DisplayName: "Name", Description: "Some description", AllowOpenInvite: false, InviteId: "inviteid0", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN} + team, _ = Client.CreateTeam(team) + + team.Description = "updated description" + uteam, resp := Client.UpdateTeam(team) + CheckNoError(t, resp) + + if uteam.Description != "updated description" { + t.Fatal("Update failed") + } + + team.DisplayName = "Updated Name" + uteam, resp = Client.UpdateTeam(team) + CheckNoError(t, resp) + + if uteam.DisplayName != "Updated Name" { + t.Fatal("Update failed") + } + + team.AllowOpenInvite = true + uteam, resp = Client.UpdateTeam(team) + CheckNoError(t, resp) + + if uteam.AllowOpenInvite != true { + t.Fatal("Update failed") + } + + team.InviteId = "inviteid1" + uteam, resp = Client.UpdateTeam(team) + CheckNoError(t, resp) + + if uteam.InviteId != "inviteid1" { + t.Fatal("Update failed") + } + + team.Name = "Updated name" + uteam, resp = Client.UpdateTeam(team) + CheckNoError(t, resp) + + if uteam.Name == "Updated name" { + t.Fatal("Should not update name") + } + + team.Email = "test@domain.com" + uteam, resp = Client.UpdateTeam(team) + CheckNoError(t, resp) + + if uteam.Email == "test@domain.com" { + t.Fatal("Should not update email") + } + + team.Type = model.TEAM_INVITE + uteam, resp = Client.UpdateTeam(team) + CheckNoError(t, resp) + + if uteam.Type == model.TEAM_INVITE { + t.Fatal("Should not update type") + } + + team.AllowedDomains = "domain" + uteam, resp = Client.UpdateTeam(team) + CheckNoError(t, resp) + + if uteam.AllowedDomains == "domain" { + t.Fatal("Should not update allowed_domains") + } + + originalTeamId := team.Id + team.Id = model.NewId() + + if r, err := Client.DoApiPut(Client.GetTeamRoute(originalTeamId), team.ToJson()); err != nil { + t.Fatal(err) + } else { + uteam = model.TeamFromJson(r.Body) + } + + if uteam.Id != originalTeamId { + t.Fatal("wrong team id") + } + + team.Id = "fake" + _, resp = Client.UpdateTeam(team) + CheckBadRequestStatus(t, resp) + + Client.Logout() + _, resp = Client.UpdateTeam(team) + CheckUnauthorizedStatus(t, resp) + + team.Id = originalTeamId + _, resp = th.SystemAdminClient.UpdateTeam(team) + CheckNoError(t, resp) +} + func TestGetAllTeams(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() @@ -332,6 +464,44 @@ func TestGetTeamMembers(t *testing.T) { CheckNoError(t, resp) } +func TestGetTeamMembersByIds(t *testing.T) { + th := Setup().InitBasic() + defer TearDown() + Client := th.Client + + tm, resp := Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{th.BasicUser.Id}) + CheckNoError(t, resp) + + if tm[0].UserId != th.BasicUser.Id { + t.Fatal("returned wrong user") + } + + _, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{}) + CheckBadRequestStatus(t, resp) + + tm1, resp := Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{"junk"}) + CheckNoError(t, resp) + if len(tm1) > 0 { + t.Fatal("no users should be returned") + } + + tm1, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{"junk", th.BasicUser.Id}) + CheckNoError(t, resp) + if len(tm1) != 1 { + t.Fatal("1 user should be returned") + } + + tm1, resp = Client.GetTeamMembersByIds("junk", []string{th.BasicUser.Id}) + CheckBadRequestStatus(t, resp) + + tm1, resp = Client.GetTeamMembersByIds(model.NewId(), []string{th.BasicUser.Id}) + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.GetTeamMembersByIds(th.BasicTeam.Id, []string{th.BasicUser.Id}) + CheckUnauthorizedStatus(t, resp) +} + func TestGetTeamStats(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() |