mirror of
https://github.com/mattermost/mattermost.git
synced 2026-02-23 01:40:32 -05:00
1297 lines
44 KiB
Go
1297 lines
44 KiB
Go
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
|
|
// See LICENSE.txt for license information.
|
|
|
|
package api4
|
|
|
|
import (
|
|
"fmt"
|
|
"io/ioutil"
|
|
"net/http"
|
|
"os"
|
|
"path/filepath"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/mattermost/mattermost-server/v5/model"
|
|
"github.com/mattermost/mattermost-server/v5/utils/fileutils"
|
|
"github.com/mattermost/mattermost-server/v5/utils/testutils"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestCreateBot(t *testing.T) {
|
|
t.Run("create bot without permissions", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
_, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
})
|
|
|
|
t.Run("create bot without config permissions", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.Config().ServiceSettings.EnableBotAccountCreation = model.NewBool(false)
|
|
|
|
_, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
|
|
CheckErrorMessage(t, resp, "api.bot.create_disabled")
|
|
})
|
|
|
|
t.Run("create bot with permissions", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
}
|
|
|
|
createdBot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
require.Equal(t, bot.Username, createdBot.Username)
|
|
require.Equal(t, bot.DisplayName, createdBot.DisplayName)
|
|
require.Equal(t, bot.Description, createdBot.Description)
|
|
require.Equal(t, th.BasicUser.Id, createdBot.OwnerId)
|
|
})
|
|
|
|
t.Run("create invalid bot", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
_, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: "username",
|
|
DisplayName: "a bot",
|
|
Description: strings.Repeat("x", 1025),
|
|
})
|
|
|
|
CheckErrorMessage(t, resp, "model.bot.is_valid.description.app_error")
|
|
})
|
|
|
|
t.Run("bot attempt to create bot fails", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableUserAccessTokens = true })
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_EDIT_OTHER_USERS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID+" "+model.SYSTEM_USER_ACCESS_TOKEN_ROLE_ID, false)
|
|
|
|
bot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
th.App.UpdateUserRoles(bot.UserId, model.TEAM_USER_ROLE_ID+" "+model.SYSTEM_USER_ACCESS_TOKEN_ROLE_ID, false)
|
|
|
|
rtoken, resp := th.Client.CreateUserAccessToken(bot.UserId, "test token")
|
|
CheckNoError(t, resp)
|
|
th.Client.AuthToken = rtoken.Token
|
|
|
|
_, resp = th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
OwnerId: bot.UserId,
|
|
DisplayName: "a bot2",
|
|
Description: "bot2",
|
|
})
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
})
|
|
|
|
}
|
|
|
|
func TestPatchBot(t *testing.T) {
|
|
t.Run("patch non-existent bot", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
_, resp := th.SystemAdminClient.PatchBot(model.NewId(), &model.BotPatch{})
|
|
CheckNotFoundStatus(t, resp)
|
|
})
|
|
|
|
t.Run("patch someone else's bot without permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
createdBot, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
_, resp = th.Client.PatchBot(createdBot.UserId, &model.BotPatch{})
|
|
CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error")
|
|
})
|
|
|
|
t.Run("patch someone else's bot without permission, but with read others permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
createdBot, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
_, resp = th.Client.PatchBot(createdBot.UserId, &model.BotPatch{})
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
})
|
|
|
|
t.Run("patch someone else's bot with permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
createdBot, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
botPatch := &model.BotPatch{
|
|
Username: sToP(GenerateTestUsername()),
|
|
DisplayName: sToP("an updated bot"),
|
|
Description: sToP("updated bot"),
|
|
}
|
|
|
|
patchedBot, resp := th.Client.PatchBot(createdBot.UserId, botPatch)
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, *botPatch.Username, patchedBot.Username)
|
|
require.Equal(t, *botPatch.DisplayName, patchedBot.DisplayName)
|
|
require.Equal(t, *botPatch.Description, patchedBot.Description)
|
|
require.Equal(t, th.SystemAdminUser.Id, patchedBot.OwnerId)
|
|
})
|
|
|
|
t.Run("patch my bot without permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
createdBot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
botPatch := &model.BotPatch{
|
|
Username: sToP(GenerateTestUsername()),
|
|
DisplayName: sToP("an updated bot"),
|
|
Description: sToP("updated bot"),
|
|
}
|
|
|
|
_, resp = th.Client.PatchBot(createdBot.UserId, botPatch)
|
|
CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error")
|
|
})
|
|
|
|
t.Run("patch my bot without permission, but with read permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
createdBot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
botPatch := &model.BotPatch{
|
|
Username: sToP(GenerateTestUsername()),
|
|
DisplayName: sToP("an updated bot"),
|
|
Description: sToP("updated bot"),
|
|
}
|
|
|
|
_, resp = th.Client.PatchBot(createdBot.UserId, botPatch)
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
})
|
|
|
|
t.Run("patch my bot with permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
createdBot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
botPatch := &model.BotPatch{
|
|
Username: sToP(GenerateTestUsername()),
|
|
DisplayName: sToP("an updated bot"),
|
|
Description: sToP("updated bot"),
|
|
}
|
|
|
|
patchedBot, resp := th.Client.PatchBot(createdBot.UserId, botPatch)
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, *botPatch.Username, patchedBot.Username)
|
|
require.Equal(t, *botPatch.DisplayName, patchedBot.DisplayName)
|
|
require.Equal(t, *botPatch.Description, patchedBot.Description)
|
|
require.Equal(t, th.BasicUser.Id, patchedBot.OwnerId)
|
|
})
|
|
|
|
t.Run("partial patch my bot with permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
}
|
|
|
|
createdBot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
botPatch := &model.BotPatch{
|
|
Username: sToP(GenerateTestUsername()),
|
|
}
|
|
|
|
patchedBot, resp := th.Client.PatchBot(createdBot.UserId, botPatch)
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, *botPatch.Username, patchedBot.Username)
|
|
require.Equal(t, bot.DisplayName, patchedBot.DisplayName)
|
|
require.Equal(t, bot.Description, patchedBot.Description)
|
|
require.Equal(t, th.BasicUser.Id, patchedBot.OwnerId)
|
|
})
|
|
|
|
t.Run("update bot, internally managed fields ignored", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
createdBot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
r, err := th.Client.DoApiPut(th.Client.GetBotRoute(createdBot.UserId), `{"creator_id":"`+th.BasicUser2.Id+`"}`)
|
|
require.Nil(t, err)
|
|
defer func() {
|
|
_, _ = ioutil.ReadAll(r.Body)
|
|
_ = r.Body.Close()
|
|
}()
|
|
patchedBot := model.BotFromJson(r.Body)
|
|
resp = model.BuildResponse(r)
|
|
CheckOKStatus(t, resp)
|
|
|
|
require.Equal(t, th.BasicUser.Id, patchedBot.OwnerId)
|
|
})
|
|
}
|
|
|
|
func TestGetBot(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot1, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "the first bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot1.UserId)
|
|
|
|
bot2, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "another bot",
|
|
Description: "the second bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot2.UserId)
|
|
|
|
deletedBot, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "a deleted bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(deletedBot.UserId)
|
|
deletedBot, resp = th.SystemAdminClient.DisableBot(deletedBot.UserId)
|
|
CheckOKStatus(t, resp)
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
myBot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "my bot",
|
|
Description: "a bot created by non-admin",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(myBot.UserId)
|
|
th.RemovePermissionFromRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
|
|
t.Run("get unknown bot", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
_, resp := th.Client.GetBot(model.NewId(), "")
|
|
CheckNotFoundStatus(t, resp)
|
|
})
|
|
|
|
t.Run("get bot1", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bot, resp := th.Client.GetBot(bot1.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, bot1, bot)
|
|
|
|
bot, resp = th.Client.GetBot(bot1.UserId, bot.Etag())
|
|
CheckEtag(t, bot, resp)
|
|
})
|
|
|
|
t.Run("get bot2", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bot, resp := th.Client.GetBot(bot2.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, bot2, bot)
|
|
|
|
bot, resp = th.Client.GetBot(bot2.UserId, bot.Etag())
|
|
CheckEtag(t, bot, resp)
|
|
})
|
|
|
|
t.Run("get bot1 without READ_OTHERS_BOTS permission", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
_, resp := th.Client.GetBot(bot1.UserId, "")
|
|
CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error")
|
|
})
|
|
|
|
t.Run("get myBot without READ_BOTS OR READ_OTHERS_BOTS permissions", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
_, resp := th.Client.GetBot(myBot.UserId, "")
|
|
CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error")
|
|
})
|
|
|
|
t.Run("get deleted bot", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
_, resp := th.Client.GetBot(deletedBot.UserId, "")
|
|
CheckNotFoundStatus(t, resp)
|
|
})
|
|
|
|
t.Run("get deleted bot, include deleted", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bot, resp := th.Client.GetBotIncludeDeleted(deletedBot.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.NotEqual(t, 0, bot.DeleteAt)
|
|
deletedBot.UpdateAt = bot.UpdateAt
|
|
deletedBot.DeleteAt = bot.DeleteAt
|
|
require.Equal(t, deletedBot, bot)
|
|
|
|
bot, resp = th.Client.GetBotIncludeDeleted(deletedBot.UserId, bot.Etag())
|
|
CheckEtag(t, bot, resp)
|
|
})
|
|
}
|
|
|
|
func TestGetBots(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot1, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "the first bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot1.UserId)
|
|
|
|
deletedBot1, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "a deleted bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(deletedBot1.UserId)
|
|
deletedBot1, resp = th.SystemAdminClient.DisableBot(deletedBot1.UserId)
|
|
CheckOKStatus(t, resp)
|
|
|
|
bot2, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "another bot",
|
|
Description: "the second bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot2.UserId)
|
|
|
|
bot3, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "another bot",
|
|
Description: "the third bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot3.UserId)
|
|
|
|
deletedBot2, resp := th.SystemAdminClient.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "a deleted bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(deletedBot2.UserId)
|
|
deletedBot2, resp = th.SystemAdminClient.DisableBot(deletedBot2.UserId)
|
|
CheckOKStatus(t, resp)
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser2.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.LoginBasic2()
|
|
orphanedBot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "an oprphaned bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
th.LoginBasic()
|
|
defer th.App.PermanentDeleteBot(orphanedBot.UserId)
|
|
// Automatic deactivation disabled
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.DisableBotsWhenOwnerIsDeactivated = false
|
|
})
|
|
_, resp = th.SystemAdminClient.DeleteUser(th.BasicUser2.Id)
|
|
CheckOKStatus(t, resp)
|
|
|
|
t.Run("get bots, page=0, perPage=10", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBots(0, 10, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{bot1, bot2, bot3, orphanedBot}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBots(0, 10, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots, page=0, perPage=1", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBots(0, 1, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{bot1}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBots(0, 1, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots, page=1, perPage=2", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBots(1, 2, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{bot3, orphanedBot}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBots(1, 2, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots, page=2, perPage=2", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBots(2, 2, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBots(2, 2, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots, page=0, perPage=10, include deleted", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBotsIncludeDeleted(0, 10, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{bot1, deletedBot1, bot2, bot3, deletedBot2, orphanedBot}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBotsIncludeDeleted(0, 10, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots, page=0, perPage=1, include deleted", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBotsIncludeDeleted(0, 1, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{bot1}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBotsIncludeDeleted(0, 1, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots, page=1, perPage=2, include deleted", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBotsIncludeDeleted(1, 2, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{bot2, bot3}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBotsIncludeDeleted(1, 2, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots, page=2, perPage=2, include deleted", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBotsIncludeDeleted(2, 2, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{deletedBot2, orphanedBot}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBotsIncludeDeleted(2, 2, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots, page=0, perPage=10, only orphaned", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
bots, resp := th.Client.GetBotsOrphaned(0, 10, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, []*model.Bot{orphanedBot}, bots)
|
|
|
|
botList := model.BotList(bots)
|
|
bots, resp = th.Client.GetBotsOrphaned(0, 10, botList.Etag())
|
|
CheckEtag(t, bots, resp)
|
|
})
|
|
|
|
t.Run("get bots without permission", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
|
|
_, resp := th.Client.GetBots(0, 10, "")
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
})
|
|
}
|
|
|
|
func TestDisableBot(t *testing.T) {
|
|
t.Run("disable non-existent bot", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
_, resp := th.Client.DisableBot(model.NewId())
|
|
CheckNotFoundStatus(t, resp)
|
|
})
|
|
|
|
t.Run("disable bot without permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
|
|
createdBot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
_, resp = th.Client.DisableBot(createdBot.UserId)
|
|
CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error")
|
|
})
|
|
|
|
t.Run("disable bot without permission, but with read permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
|
|
createdBot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
_, resp = th.Client.DisableBot(createdBot.UserId)
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
})
|
|
|
|
t.Run("disable bot with permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
|
|
enabledBot1, resp := th.Client.DisableBot(bot.UserId)
|
|
CheckOKStatus(t, resp)
|
|
bot.UpdateAt = enabledBot1.UpdateAt
|
|
bot.DeleteAt = enabledBot1.DeleteAt
|
|
require.Equal(t, bot, enabledBot1)
|
|
|
|
// Check bot disabled
|
|
disab, resp := th.SystemAdminClient.GetBotIncludeDeleted(bot.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.NotZero(t, disab.DeleteAt)
|
|
|
|
// Disabling should be idempotent.
|
|
enabledBot2, resp := th.Client.DisableBot(bot.UserId)
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, bot, enabledBot2)
|
|
})
|
|
}
|
|
func TestEnableBot(t *testing.T) {
|
|
t.Run("enable non-existent bot", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
_, resp := th.Client.EnableBot(model.NewId())
|
|
CheckNotFoundStatus(t, resp)
|
|
})
|
|
|
|
t.Run("enable bot without permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
|
|
createdBot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
_, resp = th.SystemAdminClient.DisableBot(createdBot.UserId)
|
|
CheckOKStatus(t, resp)
|
|
|
|
_, resp = th.Client.EnableBot(createdBot.UserId)
|
|
CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error")
|
|
})
|
|
|
|
t.Run("enable bot without permission, but with read permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
|
|
createdBot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
_, resp = th.SystemAdminClient.DisableBot(createdBot.UserId)
|
|
CheckOKStatus(t, resp)
|
|
|
|
_, resp = th.Client.EnableBot(createdBot.UserId)
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
})
|
|
|
|
t.Run("enable bot with permission", func(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.TEAM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.TEAM_USER_ROLE_ID)
|
|
th.App.UpdateUserRoles(th.BasicUser.Id, model.TEAM_USER_ROLE_ID, false)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
})
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
|
|
_, resp = th.SystemAdminClient.DisableBot(bot.UserId)
|
|
CheckOKStatus(t, resp)
|
|
|
|
enabledBot1, resp := th.Client.EnableBot(bot.UserId)
|
|
CheckOKStatus(t, resp)
|
|
bot.UpdateAt = enabledBot1.UpdateAt
|
|
bot.DeleteAt = enabledBot1.DeleteAt
|
|
require.Equal(t, bot, enabledBot1)
|
|
|
|
// Check bot enabled
|
|
enab, resp := th.SystemAdminClient.GetBotIncludeDeleted(bot.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Zero(t, enab.DeleteAt)
|
|
|
|
// Disabling should be idempotent.
|
|
enabledBot2, resp := th.Client.EnableBot(bot.UserId)
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, bot, enabledBot2)
|
|
})
|
|
}
|
|
|
|
func TestAssignBot(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
t.Run("claim non-existent bot", func(t *testing.T) {
|
|
_, resp := th.SystemAdminClient.AssignBot(model.NewId(), model.NewId())
|
|
CheckNotFoundStatus(t, resp)
|
|
})
|
|
|
|
t.Run("system admin assign bot", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
bot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
|
|
before, resp := th.Client.GetBot(bot.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, th.BasicUser.Id, before.OwnerId)
|
|
|
|
_, resp = th.SystemAdminClient.AssignBot(bot.UserId, th.SystemAdminUser.Id)
|
|
CheckOKStatus(t, resp)
|
|
|
|
// Original owner doesn't have read others bots permission, therefore can't see bot anymore
|
|
_, resp = th.Client.GetBot(bot.UserId, "")
|
|
CheckNotFoundStatus(t, resp)
|
|
|
|
// System admin can see creator ID has changed
|
|
after, resp := th.SystemAdminClient.GetBot(bot.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, th.SystemAdminUser.Id, after.OwnerId)
|
|
|
|
// Assign back to user without permissions to manage
|
|
_, resp = th.SystemAdminClient.AssignBot(bot.UserId, th.BasicUser.Id)
|
|
CheckOKStatus(t, resp)
|
|
|
|
after, resp = th.SystemAdminClient.GetBot(bot.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, th.BasicUser.Id, after.OwnerId)
|
|
})
|
|
|
|
t.Run("random user assign bot", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
createdBot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(createdBot.UserId)
|
|
|
|
th.LoginBasic2()
|
|
|
|
// Without permission to read others bots it doesn't exist
|
|
_, resp = th.Client.AssignBot(createdBot.UserId, th.BasicUser2.Id)
|
|
CheckErrorMessage(t, resp, "store.sql_bot.get.missing.app_error")
|
|
|
|
// With permissions to read we don't have permissions to modify
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
_, resp = th.Client.AssignBot(createdBot.UserId, th.BasicUser2.Id)
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
|
|
th.LoginBasic()
|
|
})
|
|
|
|
t.Run("delegated user assign bot", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
bot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
|
|
// Simulate custom role by just changing the system user role
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.LoginBasic2()
|
|
|
|
_, resp = th.Client.AssignBot(bot.UserId, th.BasicUser2.Id)
|
|
CheckOKStatus(t, resp)
|
|
|
|
after, resp := th.SystemAdminClient.GetBot(bot.UserId, "")
|
|
CheckOKStatus(t, resp)
|
|
require.Equal(t, th.BasicUser2.Id, after.OwnerId)
|
|
})
|
|
|
|
t.Run("bot assigned to bot fails", func(t *testing.T) {
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_OTHERS_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_OTHERS_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
bot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
|
|
bot2, resp := th.Client.CreateBot(&model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
DisplayName: "a bot",
|
|
Description: "bot",
|
|
})
|
|
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot2.UserId)
|
|
|
|
_, resp = th.Client.AssignBot(bot.UserId, bot2.UserId)
|
|
CheckErrorMessage(t, resp, "api.context.permissions.app_error")
|
|
|
|
})
|
|
}
|
|
|
|
func TestSetBotIconImage(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
user := th.BasicUser
|
|
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
bot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
|
|
badData, err := testutils.ReadTestFile("test.png")
|
|
require.Nil(t, err)
|
|
|
|
goodData, err := testutils.ReadTestFile("test.svg")
|
|
require.Nil(t, err)
|
|
|
|
// SetBotIconImage only allowed for bots
|
|
_, resp = th.SystemAdminClient.SetBotIconImage(user.Id, goodData)
|
|
CheckNotFoundStatus(t, resp)
|
|
|
|
// png/jpg is not allowed
|
|
ok, resp := th.Client.SetBotIconImage(bot.UserId, badData)
|
|
require.False(t, ok, "Should return false, set icon image only allows svg")
|
|
CheckBadRequestStatus(t, resp)
|
|
|
|
ok, resp = th.Client.SetBotIconImage(model.NewId(), badData)
|
|
require.False(t, ok, "Should return false, set icon image not allowed")
|
|
CheckNotFoundStatus(t, resp)
|
|
|
|
_, resp = th.Client.SetBotIconImage(bot.UserId, goodData)
|
|
CheckNoError(t, resp)
|
|
|
|
// status code returns either forbidden or unauthorized
|
|
// note: forbidden is set as default at Client4.SetBotIconImage when request is terminated early by server
|
|
th.Client.Logout()
|
|
_, resp = th.Client.SetBotIconImage(bot.UserId, badData)
|
|
if resp.StatusCode == http.StatusForbidden {
|
|
CheckForbiddenStatus(t, resp)
|
|
} else if resp.StatusCode == http.StatusUnauthorized {
|
|
CheckUnauthorizedStatus(t, resp)
|
|
} else {
|
|
require.Fail(t, "Should have failed either forbidden or unauthorized")
|
|
}
|
|
|
|
_, resp = th.SystemAdminClient.SetBotIconImage(bot.UserId, goodData)
|
|
CheckNoError(t, resp)
|
|
|
|
fpath := fmt.Sprintf("/bots/%v/icon.svg", bot.UserId)
|
|
actualData, err := th.App.ReadFile(fpath)
|
|
require.Nil(t, err)
|
|
require.NotNil(t, actualData)
|
|
require.Equal(t, goodData, actualData)
|
|
|
|
info := &model.FileInfo{Path: fpath}
|
|
err = th.cleanupTestFile(info)
|
|
require.Nil(t, err)
|
|
}
|
|
|
|
func TestGetBotIconImage(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
bot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
|
|
// Get icon image for user with no icon
|
|
data, resp := th.Client.GetBotIconImage(bot.UserId)
|
|
CheckNotFoundStatus(t, resp)
|
|
require.Equal(t, 0, len(data))
|
|
|
|
// Set an icon image
|
|
path, _ := fileutils.FindDir("tests")
|
|
svgFile, fileErr := os.Open(filepath.Join(path, "test.svg"))
|
|
require.NoError(t, fileErr)
|
|
defer svgFile.Close()
|
|
|
|
expectedData, err := ioutil.ReadAll(svgFile)
|
|
require.NoError(t, err)
|
|
|
|
svgFile.Seek(0, 0)
|
|
fpath := fmt.Sprintf("/bots/%v/icon.svg", bot.UserId)
|
|
_, err = th.App.WriteFile(svgFile, fpath)
|
|
require.Nil(t, err)
|
|
|
|
data, resp = th.Client.GetBotIconImage(bot.UserId)
|
|
CheckNoError(t, resp)
|
|
require.Equal(t, expectedData, data)
|
|
|
|
_, resp = th.Client.GetBotIconImage("junk")
|
|
CheckBadRequestStatus(t, resp)
|
|
|
|
_, resp = th.Client.GetBotIconImage(model.NewId())
|
|
CheckNotFoundStatus(t, resp)
|
|
|
|
th.Client.Logout()
|
|
_, resp = th.Client.GetBotIconImage(bot.UserId)
|
|
CheckUnauthorizedStatus(t, resp)
|
|
|
|
_, resp = th.SystemAdminClient.GetBotIconImage(bot.UserId)
|
|
CheckNoError(t, resp)
|
|
|
|
info := &model.FileInfo{Path: "/bots/" + bot.UserId + "/icon.svg"}
|
|
err = th.cleanupTestFile(info)
|
|
require.Nil(t, err)
|
|
}
|
|
|
|
func TestDeleteBotIconImage(t *testing.T) {
|
|
th := Setup(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
defer th.RestoreDefaultRolePermissions(th.SaveDefaultRolePermissions())
|
|
|
|
th.AddPermissionToRole(model.PERMISSION_CREATE_BOT.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_MANAGE_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.AddPermissionToRole(model.PERMISSION_READ_BOTS.Id, model.SYSTEM_USER_ROLE_ID)
|
|
th.App.UpdateConfig(func(cfg *model.Config) {
|
|
*cfg.ServiceSettings.EnableBotAccountCreation = true
|
|
})
|
|
|
|
bot := &model.Bot{
|
|
Username: GenerateTestUsername(),
|
|
Description: "bot",
|
|
}
|
|
bot, resp := th.Client.CreateBot(bot)
|
|
CheckCreatedStatus(t, resp)
|
|
defer th.App.PermanentDeleteBot(bot.UserId)
|
|
|
|
// Get icon image for user with no icon
|
|
data, resp := th.Client.GetBotIconImage(bot.UserId)
|
|
CheckNotFoundStatus(t, resp)
|
|
require.Equal(t, 0, len(data))
|
|
|
|
// Set an icon image
|
|
svgData, err := testutils.ReadTestFile("test.svg")
|
|
require.Nil(t, err)
|
|
|
|
_, resp = th.Client.SetBotIconImage(bot.UserId, svgData)
|
|
CheckNoError(t, resp)
|
|
|
|
fpath := fmt.Sprintf("/bots/%v/icon.svg", bot.UserId)
|
|
exists, err := th.App.FileExists(fpath)
|
|
require.Nil(t, err)
|
|
require.True(t, exists, "icon.svg needs to exist for the user")
|
|
|
|
data, resp = th.Client.GetBotIconImage(bot.UserId)
|
|
CheckNoError(t, resp)
|
|
require.Equal(t, svgData, data)
|
|
|
|
success, resp := th.Client.DeleteBotIconImage("junk")
|
|
CheckBadRequestStatus(t, resp)
|
|
require.False(t, success)
|
|
|
|
success, resp = th.Client.DeleteBotIconImage(model.NewId())
|
|
CheckNotFoundStatus(t, resp)
|
|
require.False(t, success)
|
|
|
|
success, resp = th.Client.DeleteBotIconImage(bot.UserId)
|
|
CheckNoError(t, resp)
|
|
require.True(t, success)
|
|
|
|
th.Client.Logout()
|
|
success, resp = th.Client.DeleteBotIconImage(bot.UserId)
|
|
CheckUnauthorizedStatus(t, resp)
|
|
require.False(t, success)
|
|
|
|
exists, err = th.App.FileExists(fpath)
|
|
require.Nil(t, err)
|
|
require.False(t, exists, "icon.svg should not for the user")
|
|
}
|
|
|
|
func sToP(s string) *string {
|
|
return &s
|
|
}
|