From 6ac87d82e38c83e3b9b3bd12c3122e047f0110b1 Mon Sep 17 00:00:00 2001 From: Harrison Healey Date: Wed, 29 Mar 2017 21:11:40 -0400 Subject: PLT-2713 Added ability for admins to list users not in any team (#5844) * PLT-2713 Added ability for admins to list users not in any team * Updated style of unit test --- api4/user.go | 11 ++++++++++- api4/user_test.go | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 1 deletion(-) (limited to 'api4') diff --git a/api4/user.go b/api4/user.go index 298c5cc8d..e4595ee54 100644 --- a/api4/user.go +++ b/api4/user.go @@ -269,6 +269,7 @@ func getUsers(c *Context, w http.ResponseWriter, r *http.Request) { notInTeamId := r.URL.Query().Get("not_in_team") inChannelId := r.URL.Query().Get("in_channel") notInChannelId := r.URL.Query().Get("not_in_channel") + withoutTeam := r.URL.Query().Get("without_team") if len(notInChannelId) > 0 && len(inTeamId) == 0 { c.SetInvalidParam("team_id") @@ -279,7 +280,15 @@ func getUsers(c *Context, w http.ResponseWriter, r *http.Request) { var err *model.AppError etag := "" - if len(notInChannelId) > 0 { + if withoutTeamBool, err := strconv.ParseBool(withoutTeam); err == nil && withoutTeamBool { + // Use a special permission for now + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_LIST_USERS_WITHOUT_TEAM) { + c.SetPermissionError(model.PERMISSION_LIST_USERS_WITHOUT_TEAM) + return + } + + profiles, err = app.GetUsersWithoutTeamPage(c.Params.Page, c.Params.PerPage, c.IsSystemAdmin()) + } else if len(notInChannelId) > 0 { if !app.SessionHasPermissionToChannel(c.Session, notInChannelId, model.PERMISSION_READ_CHANNEL) { c.SetPermissionError(model.PERMISSION_READ_CHANNEL) return diff --git a/api4/user_test.go b/api4/user_test.go index f6561310b..21b240957 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -851,6 +851,56 @@ func TestGetUsers(t *testing.T) { CheckUnauthorizedStatus(t, resp) } +func TestGetUsersWithoutTeam(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + SystemAdminClient := th.SystemAdminClient + + if _, resp := Client.GetUsersWithoutTeam(0, 100, ""); resp.Error == nil { + t.Fatal("should prevent non-admin user from getting users without a team") + } + + // These usernames need to appear in the first 100 users for this to work + + user, resp := Client.CreateUser(&model.User{ + Username: "a000000000" + model.NewId(), + Email: "success+" + model.NewId() + "@simulator.amazonses.com", + Password: "Password1", + }) + CheckNoError(t, resp) + LinkUserToTeam(user, th.BasicTeam) + defer app.Srv.Store.User().PermanentDelete(user.Id) + + user2, resp := Client.CreateUser(&model.User{ + Username: "a000000001" + model.NewId(), + Email: "success+" + model.NewId() + "@simulator.amazonses.com", + Password: "Password1", + }) + CheckNoError(t, resp) + defer app.Srv.Store.User().PermanentDelete(user2.Id) + + rusers, resp := SystemAdminClient.GetUsersWithoutTeam(0, 100, "") + CheckNoError(t, resp) + + found1 := false + found2 := false + + for _, u := range rusers { + if u.Id == user.Id { + found1 = true + } else if u.Id == user2.Id { + found2 = true + } + } + + if found1 { + t.Fatal("shouldn't have returned user that has a team") + } else if !found2 { + t.Fatal("should've returned user that has no teams") + } +} + func TestGetUsersInTeam(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() -- cgit v1.2.3-1-g7c22