From 0910eae31de8ed7b409654515dbd11f5c86dbf71 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jes=C3=BAs=20Espino?= <jespinog@gmail.com>
Date: Wed, 18 Apr 2018 22:46:10 +0200
Subject: MM-9779: Incorporate a Token into the invitations system (#8604)

* Incorporate a Token into the invitations system

* Adding unit tests

* Fixing some api4 client tests

* Removing unnecesary hash validation

* Change the Hash concept on invitations with tokenId

* Not send invitation if it wasn't able to create the Token

* Fixing some naming problems

* Changing the hash query params received from the client side

* Removed unneded data param in the token usage
---
 app/user_test.go | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 70 insertions(+)

(limited to 'app/user_test.go')

diff --git a/app/user_test.go b/app/user_test.go
index 94052da61..20dafd826 100644
--- a/app/user_test.go
+++ b/app/user_test.go
@@ -428,3 +428,73 @@ func TestGetUsersByStatus(t *testing.T) {
 		}
 	})
 }
+
+func TestCreateUserWithToken(t *testing.T) {
+	th := Setup().InitBasic()
+	defer th.TearDown()
+
+	user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@example.com", Nickname: "Darth Vader", Username: "vader" + model.NewId(), Password: "passwd1", AuthService: ""}
+
+	t.Run("invalid token", func(t *testing.T) {
+		if _, err := th.App.CreateUserWithToken(&user, "123"); err == nil {
+			t.Fatal("Should fail on unexisting token")
+		}
+	})
+
+	t.Run("invalid token type", func(t *testing.T) {
+		token := model.NewToken(
+			TOKEN_TYPE_VERIFY_EMAIL,
+			model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": user.Email}),
+		)
+		<-th.App.Srv.Store.Token().Save(token)
+		defer th.App.DeleteToken(token)
+		if _, err := th.App.CreateUserWithToken(&user, token.Token); err == nil {
+			t.Fatal("Should fail on bad token type")
+		}
+	})
+
+	t.Run("expired token", func(t *testing.T) {
+		token := model.NewToken(
+			TOKEN_TYPE_TEAM_INVITATION,
+			model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": user.Email}),
+		)
+		token.CreateAt = model.GetMillis() - TEAM_INVITATION_EXPIRY_TIME - 1
+		<-th.App.Srv.Store.Token().Save(token)
+		defer th.App.DeleteToken(token)
+		if _, err := th.App.CreateUserWithToken(&user, token.Token); err == nil {
+			t.Fatal("Should fail on expired token")
+		}
+	})
+
+	t.Run("invalid team id", func(t *testing.T) {
+		token := model.NewToken(
+			TOKEN_TYPE_TEAM_INVITATION,
+			model.MapToJson(map[string]string{"teamId": model.NewId(), "email": user.Email}),
+		)
+		<-th.App.Srv.Store.Token().Save(token)
+		defer th.App.DeleteToken(token)
+		if _, err := th.App.CreateUserWithToken(&user, token.Token); err == nil {
+			t.Fatal("Should fail on bad team id")
+		}
+	})
+
+	t.Run("valid request", func(t *testing.T) {
+		invitationEmail := model.NewId() + "other-email@test.com"
+		token := model.NewToken(
+			TOKEN_TYPE_TEAM_INVITATION,
+			model.MapToJson(map[string]string{"teamId": th.BasicTeam.Id, "email": invitationEmail}),
+		)
+		<-th.App.Srv.Store.Token().Save(token)
+		newUser, err := th.App.CreateUserWithToken(&user, token.Token)
+		if err != nil {
+			t.Log(err)
+			t.Fatal("Should add user to the team")
+		}
+		if newUser.Email != invitationEmail {
+			t.Fatal("The user email must be the invitation one")
+		}
+		if result := <-th.App.Srv.Store.Token().GetByToken(token.Token); result.Err == nil {
+			t.Fatal("The token must be deleted after be used")
+		}
+	})
+}
-- 
cgit v1.2.3-1-g7c22