diff options
Diffstat (limited to 'api')
-rw-r--r-- | api/post_test.go | 18 | ||||
-rw-r--r-- | api/user.go | 45 | ||||
-rw-r--r-- | api/user_test.go | 28 |
3 files changed, 83 insertions, 8 deletions
diff --git a/api/post_test.go b/api/post_test.go index a0b8cc9bd..72abcd5cc 100644 --- a/api/post_test.go +++ b/api/post_test.go @@ -601,13 +601,11 @@ func TestSearchPostsFromUser(t *testing.T) { post2 := &model.Post{ChannelId: channel2.Id, Message: "sgtitlereview\n with return"} post2 = Client.Must(Client.CreatePost(post2)).Data.(*model.Post) - // includes "X has joined the channel" messages for both user2 and user3 - if result := Client.Must(Client.SearchPosts("from: " + user1.Username)).Data.(*model.PostList); len(result.Order) != 1 { t.Fatalf("wrong number of posts returned %v", len(result.Order)) } - if result := Client.Must(Client.SearchPosts("from: " + user2.Username)).Data.(*model.PostList); len(result.Order) != 3 { + if result := Client.Must(Client.SearchPosts("from: " + user2.Username)).Data.(*model.PostList); len(result.Order) != 1 { t.Fatalf("wrong number of posts returned %v", len(result.Order)) } @@ -615,6 +613,9 @@ func TestSearchPostsFromUser(t *testing.T) { t.Fatalf("wrong number of posts returned %v", len(result.Order)) } + post3 := &model.Post{ChannelId: channel1.Id, Message: "hullo"} + post3 = Client.Must(Client.CreatePost(post3)).Data.(*model.Post) + if result := Client.Must(Client.SearchPosts("from: " + user2.Username + " in:" + channel1.Name)).Data.(*model.PostList); len(result.Order) != 1 { t.Fatalf("wrong number of posts returned %v", len(result.Order)) } @@ -630,19 +631,22 @@ func TestSearchPostsFromUser(t *testing.T) { // wait for the join/leave messages to be created for user3 since they're done asynchronously time.Sleep(100 * time.Millisecond) - if result := Client.Must(Client.SearchPosts("from: " + user2.Username)).Data.(*model.PostList); len(result.Order) != 3 { + if result := Client.Must(Client.SearchPosts("from: " + user2.Username)).Data.(*model.PostList); len(result.Order) != 2 { t.Fatalf("wrong number of posts returned %v", len(result.Order)) } - if result := Client.Must(Client.SearchPosts("from: " + user2.Username + " from: " + user3.Username)).Data.(*model.PostList); len(result.Order) != 5 { + if result := Client.Must(Client.SearchPosts("from: " + user2.Username + " from: " + user3.Username)).Data.(*model.PostList); len(result.Order) != 2 { t.Fatalf("wrong number of posts returned %v", len(result.Order)) } - if result := Client.Must(Client.SearchPosts("from: " + user2.Username + " from: " + user3.Username + " in:" + channel2.Name)).Data.(*model.PostList); len(result.Order) != 3 { + if result := Client.Must(Client.SearchPosts("from: " + user2.Username + " from: " + user3.Username + " in:" + channel2.Name)).Data.(*model.PostList); len(result.Order) != 1 { t.Fatalf("wrong number of posts returned %v", len(result.Order)) } - if result := Client.Must(Client.SearchPosts("from: " + user2.Username + " from: " + user3.Username + " in:" + channel2.Name + " joined")).Data.(*model.PostList); len(result.Order) != 2 { + post4 := &model.Post{ChannelId: channel2.Id, Message: "coconut"} + post4 = Client.Must(Client.CreatePost(post4)).Data.(*model.Post) + + if result := Client.Must(Client.SearchPosts("from: " + user2.Username + " from: " + user3.Username + " in:" + channel2.Name + " coconut")).Data.(*model.PostList); len(result.Order) != 1 { t.Fatalf("wrong number of posts returned %v", len(result.Order)) } } diff --git a/api/user.go b/api/user.go index 473f0da54..ceaf1fc2d 100644 --- a/api/user.go +++ b/api/user.go @@ -48,6 +48,7 @@ func InitUser(r *mux.Router) { sr.Handle("/logout", ApiUserRequired(logout)).Methods("POST") sr.Handle("/login_ldap", ApiAppHandler(loginLdap)).Methods("POST") sr.Handle("/revoke_session", ApiUserRequired(revokeSession)).Methods("POST") + sr.Handle("/attach_device", ApiUserRequired(attachDeviceId)).Methods("POST") sr.Handle("/switch_to_sso", ApiAppHandler(switchToSSO)).Methods("POST") sr.Handle("/switch_to_email", ApiUserRequired(switchToEmail)).Methods("POST") @@ -546,7 +547,6 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User, } } } - } else { session.SetExpireInDays(*utils.Cfg.ServiceSettings.SessionLengthWebInDays) } @@ -718,6 +718,49 @@ func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(model.MapToJson(props))) } +func attachDeviceId(c *Context, w http.ResponseWriter, r *http.Request) { + props := model.MapFromJson(r.Body) + + deviceId := props["device_id"] + if len(deviceId) == 0 { + c.SetInvalidParam("attachDevice", "deviceId") + return + } + + if !(strings.HasPrefix(deviceId, model.PUSH_NOTIFY_APPLE+":") || strings.HasPrefix(deviceId, model.PUSH_NOTIFY_ANDROID+":")) { + c.SetInvalidParam("attachDevice", "deviceId") + return + } + + // A special case where we logout of all other sessions with the same Id + if result := <-Srv.Store.Session().GetSessions(c.Session.UserId); result.Err != nil { + c.Err = result.Err + c.Err.StatusCode = http.StatusForbidden + return + } else { + sessions := result.Data.([]*model.Session) + for _, session := range sessions { + if session.DeviceId == deviceId && session.Id != c.Session.Id { + l4g.Debug(utils.T("api.user.login.revoking.app_error"), session.Id, c.Session.UserId) + RevokeSessionById(c, session.Id) + if c.Err != nil { + c.LogError(c.Err) + c.Err = nil + } + } + } + } + + sessionCache.Remove(c.Session.Token) + + if result := <-Srv.Store.Session().UpdateDeviceId(c.Session.Id, deviceId); result.Err != nil { + c.Err = result.Err + return + } + + w.Write([]byte(deviceId)) +} + func RevokeSessionById(c *Context, sessionId string) { if result := <-Srv.Store.Session().Get(sessionId); result.Err != nil { c.Err = result.Err diff --git a/api/user_test.go b/api/user_test.go index 9a172805a..5f85bda0f 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -734,6 +734,34 @@ func TestUserUpdateRoles(t *testing.T) { } } +func TestUserUpdateDeviceId(t *testing.T) { + Setup() + + team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} + team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) + + user := &model.User{TeamId: team.Id, Email: "test@nowhere.com", Nickname: "Corey Hulen", Password: "pwd"} + user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) + store.Must(Srv.Store.User().VerifyEmail(user.Id)) + + Client.LoginByEmail(team.Name, user.Email, "pwd") + deviceId := model.PUSH_NOTIFY_APPLE + ":1234567890" + + if _, err := Client.AttachDeviceId(deviceId); err != nil { + t.Fatal(err) + } + + if result := <-Srv.Store.Session().GetSessions(user.Id); result.Err != nil { + t.Fatal(result.Err) + } else { + sessions := result.Data.([]*model.Session) + + if sessions[0].DeviceId != deviceId { + t.Fatal("Missing device Id") + } + } +} + func TestUserUpdateActive(t *testing.T) { Setup() |