From 2e5617c29be69637acd384e85f795a0b343bec8d Mon Sep 17 00:00:00 2001 From: Corey Hulen Date: Thu, 21 Apr 2016 22:37:01 -0700 Subject: PLT-2057 User as a first class object (#2648) * Adding TeamMember to system * Fixing all unit tests on the backend * Fixing merge conflicts * Fixing merge conflict * Adding javascript unit tests * Adding TeamMember to system * Fixing all unit tests on the backend * Fixing merge conflicts * Fixing merge conflict * Adding javascript unit tests * Adding client side unit test * Cleaning up the clint side tests * Fixing msg * Adding more client side unit tests * Adding more using tests * Adding last bit of client side unit tests and adding make cmd * Fixing bad merge * Fixing libraries * Updating to new client side API * Fixing borken unit test * Fixing unit tests * ugg...trying to beat gofmt * ugg...trying to beat gofmt * Cleaning up remainder of the server side routes * Adding inital load api * Increased coverage of webhook unit tests (#2660) * Adding loading ... to root html * Fixing bad merge * Removing explicit content type so superagent will guess corectly (#2685) * Fixing merge and unit tests * Adding create team UI * Fixing signup flows * Adding LDAP unit tests and enterprise unit test helper (#2702) * Add the ability to reset MFA from the commandline (#2706) * Fixing compliance unit tests * Fixing client side tests * Adding open server to system console * Moving websocket connection * Fixing unit test * Fixing unit tests * Fixing unit tests * Adding nickname and more LDAP unit tests (#2717) * Adding join open teams * Cleaning up all TODOs in the code * Fixing web sockets * Removing unused webockets file * PLT-2533 Add the ability to reset a user's MFA from the system console (#2715) * Add the ability to reset a user's MFA from the system console * Add client side unit test for adminResetMfa * Reorganizing authentication to fix LDAP error message (#2723) * Fixing failing unit test * Initial upgrade db code * Adding upgrade script * Fixing upgrade script after running on core * Update OAuth and Claim routes to work with user model changes (#2739) * Fixing perminant deletion. Adding ability to delete all user and the entire database (#2740) * Fixing team invite ldap login call (#2741) * Fixing bluebar and some img stuff * Fix all the different file upload web utils (#2743) * Fixing invalid session redirect (#2744) * Redirect on bad channel name (#2746) * Fixing a bunch of issue and removing dead code * Patch to fix error message on leave channel (#2747) * Setting EnableOpenServer to false by default * Fixing config * Fixing upgrade * Fixing reported bugs * Bug fixes for PLT-2057 * PLT-2563 Redo password recovery to use a database table (#2745) * Redo password recovery to use a database table * Update reset password audits * Split out admin and user reset password APIs to be separate * Delete password recovery when user is permanently deleted * Consolidate password resetting into a single function * Removed private channels as an option for outgoing webhooks (#2752) * PLT-2577/PLT-2552 Fixes for backstage (#2753) * Added URL to incoming webhook list * Fixed client functions for adding/removing integrations * Disallowed slash commands without trigger words * Fixed clientside handling of errors on AddCommand page * Minor auth cleanup (#2758) * Changed EditPostModal to just close if you save without making any changes (#2759) * Renamed client -> Client in async_client.jsx and fixed eslint warnings (#2756) * Fixed url in channel info modal (#2755) * Fixing reported issues * Moving to version 3 of the apis * Fixing command unit tests (#2760) * Adding team admins * Fixing DM issue * Fixing eslint error * Properly set EditPostModal's originalText state in all cases (#2762) * Update client config check to assume features is defined if server is licensed (#2772) * Fixing url link * Fixing issue with websocket crashing when sending messages to different teams --- api/admin_test.go | 324 +++++++++++++++++++----------------------------------- 1 file changed, 113 insertions(+), 211 deletions(-) (limited to 'api/admin_test.go') diff --git a/api/admin_test.go b/api/admin_test.go index 67bc1d38b..2edc151bd 100644 --- a/api/admin_test.go +++ b/api/admin_test.go @@ -7,33 +7,18 @@ import ( "github.com/mattermost/platform/model" "github.com/mattermost/platform/store" "github.com/mattermost/platform/utils" + "strings" "testing" ) func TestGetLogs(t *testing.T) { - Setup() + th := Setup().InitSystemAdmin().InitBasic() - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if _, err := Client.GetLogs(); err == nil { + if _, err := th.BasicClient.GetLogs(); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if logs, err := Client.GetLogs(); err != nil { + if logs, err := th.SystemAdminClient.GetLogs(); err != nil { t.Fatal(err) } else if len(logs.Data.([]string)) <= 0 { t.Fatal() @@ -41,29 +26,13 @@ func TestGetLogs(t *testing.T) { } func TestGetAllAudits(t *testing.T) { - Setup() + th := Setup().InitBasic().InitSystemAdmin() - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if _, err := Client.GetAllAudits(); err == nil { + if _, err := th.BasicClient.GetAllAudits(); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if audits, err := Client.GetAllAudits(); err != nil { + if audits, err := th.SystemAdminClient.GetAllAudits(); err != nil { t.Fatal(err) } else if len(audits.Data.(model.Audits)) <= 0 { t.Fatal() @@ -71,9 +40,9 @@ func TestGetAllAudits(t *testing.T) { } func TestGetClientProperties(t *testing.T) { - Setup() + th := Setup().InitBasic() - if result, err := Client.GetClientProperties(); err != nil { + if result, err := th.BasicClient.GetClientProperties(); err != nil { t.Fatal(err) } else { props := result.Data.(map[string]string) @@ -85,29 +54,13 @@ func TestGetClientProperties(t *testing.T) { } func TestGetConfig(t *testing.T) { - Setup() + th := Setup().InitBasic().InitSystemAdmin() - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if _, err := Client.GetConfig(); err == nil { + if _, err := th.BasicClient.GetConfig(); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if result, err := Client.GetConfig(); err != nil { + if result, err := th.SystemAdminClient.GetConfig(); err != nil { t.Fatal(err) } else { cfg := result.Data.(*model.Config) @@ -119,29 +72,15 @@ func TestGetConfig(t *testing.T) { } func TestSaveConfig(t *testing.T) { - Setup() + th := Setup().InitBasic().InitSystemAdmin() - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if _, err := Client.SaveConfig(utils.Cfg); err == nil { + if _, err := th.BasicClient.SaveConfig(utils.Cfg); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") + *utils.Cfg.TeamSettings.EnableOpenServer = false - if result, err := Client.SaveConfig(utils.Cfg); err != nil { + if result, err := th.SystemAdminClient.SaveConfig(utils.Cfg); err != nil { t.Fatal(err) } else { cfg := result.Data.(*model.Config) @@ -150,66 +89,31 @@ func TestSaveConfig(t *testing.T) { t.Fatal() } } + + *utils.Cfg.TeamSettings.EnableOpenServer = true } func TestEmailTest(t *testing.T) { - Setup() + th := Setup().InitBasic().InitSystemAdmin() - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if _, err := Client.TestEmail(utils.Cfg); err == nil { + if _, err := th.BasicClient.TestEmail(utils.Cfg); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if _, err := Client.TestEmail(utils.Cfg); err != nil { + if _, err := th.SystemAdminClient.TestEmail(utils.Cfg); err != nil { t.Fatal(err) } } func TestGetTeamAnalyticsStandard(t *testing.T) { - Setup() - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - channel1 := &model.Channel{DisplayName: "TestGetPosts", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id} - channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) - - post1 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"} - post1 = Client.Must(Client.CreatePost(post1)).Data.(*model.Post) + th := Setup().InitBasic().InitSystemAdmin() + th.CreatePrivateChannel(th.BasicClient, th.BasicTeam) - if _, err := Client.GetTeamAnalytics(team.Id, "standard"); err == nil { + if _, err := th.BasicClient.GetTeamAnalytics(th.BasicTeam.Id, "standard"); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if result, err := Client.GetTeamAnalytics(team.Id, "standard"); err != nil { + if result, err := th.SystemAdminClient.GetTeamAnalytics(th.BasicTeam.Id, "standard"); err != nil { t.Fatal(err) } else { rows := result.Data.(model.AnalyticsRows) @@ -219,7 +123,7 @@ func TestGetTeamAnalyticsStandard(t *testing.T) { t.Fatal() } - if rows[0].Value != 2 { + if rows[0].Value != 3 { t.Log(rows.ToJson()) t.Fatal() } @@ -249,7 +153,7 @@ func TestGetTeamAnalyticsStandard(t *testing.T) { t.Fatal() } - if rows[3].Value != 1 { + if rows[3].Value != 2 { t.Log(rows.ToJson()) t.Fatal() } @@ -265,7 +169,7 @@ func TestGetTeamAnalyticsStandard(t *testing.T) { } } - if result, err := Client.GetSystemAnalytics("standard"); err != nil { + if result, err := th.SystemAdminClient.GetSystemAnalytics("standard"); err != nil { t.Fatal(err) } else { rows := result.Data.(model.AnalyticsRows) @@ -275,7 +179,7 @@ func TestGetTeamAnalyticsStandard(t *testing.T) { t.Fatal() } - if rows[0].Value < 2 { + if rows[0].Value < 3 { t.Log(rows.ToJson()) t.Fatal() } @@ -323,39 +227,17 @@ func TestGetTeamAnalyticsStandard(t *testing.T) { } func TestGetPostCount(t *testing.T) { - Setup() - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - channel1 := &model.Channel{DisplayName: "TestGetPosts", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id} - channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) - - post1 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"} - post1 = Client.Must(Client.CreatePost(post1)).Data.(*model.Post) + th := Setup().InitBasic().InitSystemAdmin() // manually update creation time, since it's always set to 0 upon saving and we only retrieve posts < today Srv.Store.(*store.SqlStore).GetMaster().Exec("UPDATE Posts SET CreateAt = :CreateAt WHERE ChannelId = :ChannelId", - map[string]interface{}{"ChannelId": channel1.Id, "CreateAt": utils.MillisFromTime(utils.Yesterday())}) + map[string]interface{}{"ChannelId": th.BasicChannel.Id, "CreateAt": utils.MillisFromTime(utils.Yesterday())}) - if _, err := Client.GetTeamAnalytics(team.Id, "post_counts_day"); err == nil { + if _, err := th.BasicClient.GetTeamAnalytics(th.BasicTeam.Id, "post_counts_day"); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if result, err := Client.GetTeamAnalytics(team.Id, "post_counts_day"); err != nil { + if result, err := th.SystemAdminClient.GetTeamAnalytics(th.BasicTeam.Id, "post_counts_day"); err != nil { t.Fatal(err) } else { rows := result.Data.(model.AnalyticsRows) @@ -368,39 +250,17 @@ func TestGetPostCount(t *testing.T) { } func TestUserCountsWithPostsByDay(t *testing.T) { - Setup() - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - channel1 := &model.Channel{DisplayName: "TestGetPosts", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id} - channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) - - post1 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"} - post1 = Client.Must(Client.CreatePost(post1)).Data.(*model.Post) + th := Setup().InitBasic().InitSystemAdmin() // manually update creation time, since it's always set to 0 upon saving and we only retrieve posts < today Srv.Store.(*store.SqlStore).GetMaster().Exec("UPDATE Posts SET CreateAt = :CreateAt WHERE ChannelId = :ChannelId", - map[string]interface{}{"ChannelId": channel1.Id, "CreateAt": utils.MillisFromTime(utils.Yesterday())}) + map[string]interface{}{"ChannelId": th.BasicChannel.Id, "CreateAt": utils.MillisFromTime(utils.Yesterday())}) - if _, err := Client.GetTeamAnalytics(team.Id, "user_counts_with_posts_day"); err == nil { + if _, err := th.BasicClient.GetTeamAnalytics(th.BasicTeam.Id, "user_counts_with_posts_day"); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if result, err := Client.GetTeamAnalytics(team.Id, "user_counts_with_posts_day"); err != nil { + if result, err := th.SystemAdminClient.GetTeamAnalytics(th.BasicTeam.Id, "user_counts_with_posts_day"); err != nil { t.Fatal(err) } else { rows := result.Data.(model.AnalyticsRows) @@ -413,38 +273,15 @@ func TestUserCountsWithPostsByDay(t *testing.T) { } func TestGetTeamAnalyticsExtra(t *testing.T) { - Setup() - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: model.NewId() + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - channel1 := &model.Channel{DisplayName: "TestGetPosts", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id} - channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) - - post1 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"} - post1 = Client.Must(Client.CreatePost(post1)).Data.(*model.Post) + th := Setup().InitBasic().InitSystemAdmin() - post2 := &model.Post{ChannelId: channel1.Id, Message: "#test a" + model.NewId() + "a"} - post2 = Client.Must(Client.CreatePost(post2)).Data.(*model.Post) + th.CreatePost(th.BasicClient, th.BasicChannel) - if _, err := Client.GetTeamAnalytics("", "extra_counts"); err == nil { + if _, err := th.BasicClient.GetTeamAnalytics("", "extra_counts"); err == nil { t.Fatal("Shouldn't have permissions") } - c := &Context{} - c.RequestId = model.NewId() - c.IpAddress = "cmd_line" - UpdateRoles(c, user, model.ROLE_SYSTEM_ADMIN) - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - if result, err := Client.GetTeamAnalytics(team.Id, "extra_counts"); err != nil { + if result, err := th.SystemAdminClient.GetTeamAnalytics(th.BasicTeam.Id, "extra_counts"); err != nil { t.Fatal(err) } else { rows := result.Data.(model.AnalyticsRows) @@ -464,7 +301,7 @@ func TestGetTeamAnalyticsExtra(t *testing.T) { t.Fatal() } - if rows[1].Value != 1 { + if rows[1].Value != 0 { t.Log(rows.ToJson()) t.Fatal() } @@ -510,7 +347,7 @@ func TestGetTeamAnalyticsExtra(t *testing.T) { } } - if result, err := Client.GetSystemAnalytics("extra_counts"); err != nil { + if result, err := th.SystemAdminClient.GetSystemAnalytics("extra_counts"); err != nil { t.Fatal(err) } else { rows := result.Data.(model.AnalyticsRows) @@ -525,11 +362,6 @@ func TestGetTeamAnalyticsExtra(t *testing.T) { t.Fatal() } - if rows[1].Value < 1 { - t.Log(rows.ToJson()) - t.Fatal() - } - if rows[2].Name != "incoming_webhook_count" { t.Log(rows.ToJson()) t.Fatal() @@ -551,3 +383,73 @@ func TestGetTeamAnalyticsExtra(t *testing.T) { } } } + +func TestAdminResetMfa(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + + if _, err := th.BasicClient.AdminResetMfa("12345678901234567890123456"); err == nil { + t.Fatal("should have failed - not an admin") + } + + if _, err := th.SystemAdminClient.AdminResetMfa(""); err == nil { + t.Fatal("should have failed - empty user id") + } + + if _, err := th.SystemAdminClient.AdminResetMfa("12345678901234567890123456"); err == nil { + t.Fatal("should have failed - bad user id") + } + + if _, err := th.SystemAdminClient.AdminResetMfa(th.BasicUser.Id); err == nil { + t.Fatal("should have failed - not licensed or configured") + } + + // need to add more test cases when enterprise bits can be loaded into tests +} + +func TestAdminResetPassword(t *testing.T) { + th := Setup().InitSystemAdmin() + Client := th.SystemAdminClient + team := th.SystemAdminTeam + + user := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", Password: "pwd"} + user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) + LinkUserToTeam(user, team) + store.Must(Srv.Store.User().VerifyEmail(user.Id)) + + if _, err := Client.AdminResetPassword("", "newpwd"); err == nil { + t.Fatal("Should have errored - empty user id") + } + + if _, err := Client.AdminResetPassword("123", "newpwd"); err == nil { + t.Fatal("Should have errored - bad user id") + } + + if _, err := Client.AdminResetPassword("12345678901234567890123456", "newpwd"); err == nil { + t.Fatal("Should have errored - bad user id") + } + + if _, err := Client.AdminResetPassword("12345678901234567890123456", "newp"); err == nil { + t.Fatal("Should have errored - password too short") + } + + user2 := &model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Nickname: "Corey Hulen", AuthData: "1", AuthService: "random"} + user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) + LinkUserToTeam(user2, team) + store.Must(Srv.Store.User().VerifyEmail(user2.Id)) + + if _, err := Client.AdminResetPassword(user2.Id, "newpwd"); err == nil { + t.Fatal("should have errored - SSO user can't reset password") + } + + if _, err := Client.AdminResetPassword(user.Id, "newpwd"); err != nil { + t.Fatal(err) + } + + Client.Logout() + Client.Must(Client.LoginById(user.Id, "newpwd")) + Client.SetTeamId(team.Id) + + if _, err := Client.AdminResetPassword(user.Id, "newpwd"); err == nil { + t.Fatal("Should have errored - not sytem admin") + } +} -- cgit v1.2.3-1-g7c22