Commit 06ec648c authored by Joram Wilander's avatar Joram Wilander Committed by George Goldberg

PLT-7978 Add websocket event for user role update (#7745)

* Add websocket event for user role update

* Fix tests

* More test fixes
parent 6886de04
......@@ -115,7 +115,7 @@ func (me *TestHelper) InitBasic() *TestHelper {
me.BasicClient = me.CreateClient()
me.BasicUser = me.CreateUser(me.BasicClient)
me.App.UpdateUserRoles(me.BasicUser.Id, model.ROLE_SYSTEM_USER.Id)
me.App.UpdateUserRoles(me.BasicUser.Id, model.ROLE_SYSTEM_USER.Id, false)
me.LoginBasic()
me.BasicTeam = me.CreateTeam(me.BasicClient)
me.LinkUserToTeam(me.BasicUser, me.BasicTeam)
......@@ -142,7 +142,7 @@ func (me *TestHelper) InitSystemAdmin() *TestHelper {
me.SystemAdminTeam = me.CreateTeam(me.SystemAdminClient)
me.LinkUserToTeam(me.SystemAdminUser, me.SystemAdminTeam)
me.SystemAdminClient.SetTeamId(me.SystemAdminTeam.Id)
me.App.UpdateUserRoles(me.SystemAdminUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_ADMIN.Id)
me.App.UpdateUserRoles(me.SystemAdminUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_ADMIN.Id, false)
me.SystemAdminChannel = me.CreateChannel(me.SystemAdminClient, me.SystemAdminTeam)
return me
......
......@@ -78,7 +78,7 @@ func TestOAuthRegisterApp(t *testing.T) {
user := &model.User{Email: strings.ToLower("test+"+model.NewId()) + "@simulator.amazonses.com", Password: "hello1", Username: "n" + model.NewId(), EmailVerified: true}
ruser := Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
th.App.UpdateUserRoles(ruser.Id, "")
th.App.UpdateUserRoles(ruser.Id, "", false)
Client.Logout()
Client.Login(user.Email, user.Password)
......@@ -257,7 +257,7 @@ func TestOAuthGetAppsByUser(t *testing.T) {
user := &model.User{Email: strings.ToLower("test+"+model.NewId()) + "@simulator.amazonses.com", Password: "hello1", Username: "n" + model.NewId(), EmailVerified: true}
ruser := Client.Must(AdminClient.CreateUser(user, "")).Data.(*model.User)
th.App.UpdateUserRoles(ruser.Id, "")
th.App.UpdateUserRoles(ruser.Id, "", false)
Client.Logout()
Client.Login(user.Email, user.Password)
......@@ -480,7 +480,7 @@ func TestOAuthDeleteApp(t *testing.T) {
user := &model.User{Email: strings.ToLower("test+"+model.NewId()) + "@simulator.amazonses.com", Password: "hello1", Username: "n" + model.NewId(), EmailVerified: true}
ruser := Client.Must(AdminClient.CreateUser(user, "")).Data.(*model.User)
th.App.UpdateUserRoles(ruser.Id, "")
th.App.UpdateUserRoles(ruser.Id, "", false)
Client.Logout()
Client.Login(user.Email, user.Password)
......
......@@ -395,7 +395,7 @@ func TestGetAllTeamListings(t *testing.T) {
}
}
th.App.UpdateUserRoles(user.Id, model.ROLE_SYSTEM_ADMIN.Id)
th.App.UpdateUserRoles(user.Id, model.ROLE_SYSTEM_ADMIN.Id, false)
Client.Login(user.Email, "passwd1")
Client.SetTeamId(team.Id)
......
......@@ -699,7 +699,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if _, err := c.App.UpdateUserRoles(userId, newRoles); err != nil {
if _, err := c.App.UpdateUserRoles(userId, newRoles, true); err != nil {
return
} else {
c.LogAuditWithUserId(userId, "roles="+newRoles)
......
......@@ -483,7 +483,7 @@ func TestGetUser(t *testing.T) {
t.Fatal("shouldn't have accss")
}
th.App.UpdateUserRoles(ruser.Data.(*model.User).Id, model.ROLE_SYSTEM_ADMIN.Id)
th.App.UpdateUserRoles(ruser.Data.(*model.User).Id, model.ROLE_SYSTEM_ADMIN.Id, false)
Client.Login(user.Email, "passwd1")
......
......@@ -194,7 +194,7 @@ func (me *TestHelper) InitBasic() *TestHelper {
me.waitForConnectivity()
me.TeamAdminUser = me.CreateUser()
me.App.UpdateUserRoles(me.TeamAdminUser.Id, model.ROLE_SYSTEM_USER.Id)
me.App.UpdateUserRoles(me.TeamAdminUser.Id, model.ROLE_SYSTEM_USER.Id, false)
me.LoginTeamAdmin()
me.BasicTeam = me.CreateTeam()
me.BasicChannel = me.CreatePublicChannel()
......@@ -211,7 +211,7 @@ func (me *TestHelper) InitBasic() *TestHelper {
me.App.AddUserToChannel(me.BasicUser2, me.BasicChannel2)
me.App.AddUserToChannel(me.BasicUser, me.BasicPrivateChannel)
me.App.AddUserToChannel(me.BasicUser2, me.BasicPrivateChannel)
me.App.UpdateUserRoles(me.BasicUser.Id, model.ROLE_SYSTEM_USER.Id)
me.App.UpdateUserRoles(me.BasicUser.Id, model.ROLE_SYSTEM_USER.Id, false)
me.LoginBasic()
return me
......@@ -221,7 +221,7 @@ func (me *TestHelper) InitSystemAdmin() *TestHelper {
me.waitForConnectivity()
me.SystemAdminUser = me.CreateUser()
me.App.UpdateUserRoles(me.SystemAdminUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_ADMIN.Id)
me.App.UpdateUserRoles(me.SystemAdminUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_ADMIN.Id, false)
me.LoginSystemAdmin()
return me
......
......@@ -292,7 +292,7 @@ func TestCreatePostPublic(t *testing.T) {
_, resp = Client.CreatePost(post)
CheckForbiddenStatus(t, resp)
th.App.UpdateUserRoles(ruser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_POST_ALL_PUBLIC.Id)
th.App.UpdateUserRoles(ruser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_POST_ALL_PUBLIC.Id, false)
th.App.InvalidateAllCaches()
Client.Login(user.Email, user.Password)
......@@ -304,7 +304,7 @@ func TestCreatePostPublic(t *testing.T) {
_, resp = Client.CreatePost(post)
CheckForbiddenStatus(t, resp)
th.App.UpdateUserRoles(ruser.Id, model.ROLE_SYSTEM_USER.Id)
th.App.UpdateUserRoles(ruser.Id, model.ROLE_SYSTEM_USER.Id, false)
th.App.JoinUserToTeam(th.BasicTeam, ruser, "")
th.App.UpdateTeamMemberRoles(th.BasicTeam.Id, ruser.Id, model.ROLE_TEAM_USER.Id+" "+model.ROLE_TEAM_POST_ALL_PUBLIC.Id)
th.App.InvalidateAllCaches()
......@@ -339,7 +339,7 @@ func TestCreatePostAll(t *testing.T) {
_, resp = Client.CreatePost(post)
CheckForbiddenStatus(t, resp)
th.App.UpdateUserRoles(ruser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_POST_ALL.Id)
th.App.UpdateUserRoles(ruser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_POST_ALL.Id, false)
th.App.InvalidateAllCaches()
Client.Login(user.Email, user.Password)
......@@ -355,7 +355,7 @@ func TestCreatePostAll(t *testing.T) {
_, resp = Client.CreatePost(post)
CheckNoError(t, resp)
th.App.UpdateUserRoles(ruser.Id, model.ROLE_SYSTEM_USER.Id)
th.App.UpdateUserRoles(ruser.Id, model.ROLE_SYSTEM_USER.Id, false)
th.App.JoinUserToTeam(th.BasicTeam, ruser, "")
th.App.UpdateTeamMemberRoles(th.BasicTeam.Id, ruser.Id, model.ROLE_TEAM_USER.Id+" "+model.ROLE_TEAM_POST_ALL.Id)
th.App.InvalidateAllCaches()
......
......@@ -651,7 +651,7 @@ func updateUserRoles(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if _, err := c.App.UpdateUserRoles(c.Params.UserId, newRoles); err != nil {
if _, err := c.App.UpdateUserRoles(c.Params.UserId, newRoles, true); err != nil {
c.Err = err
return
} else {
......
......@@ -2200,7 +2200,7 @@ func TestCreateUserAccessToken(t *testing.T) {
_, resp = Client.CreateUserAccessToken(th.BasicUser.Id, "")
CheckBadRequestStatus(t, resp)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id, false)
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableUserAccessTokens = false })
_, resp = Client.CreateUserAccessToken(th.BasicUser.Id, testDescription)
......@@ -2278,7 +2278,7 @@ func TestGetUserAccessToken(t *testing.T) {
_, resp = Client.GetUserAccessToken(model.NewId())
CheckForbiddenStatus(t, resp)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id, false)
token, resp := Client.CreateUserAccessToken(th.BasicUser.Id, testDescription)
CheckNoError(t, resp)
......@@ -2339,7 +2339,7 @@ func TestRevokeUserAccessToken(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableUserAccessTokens = true })
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id, false)
token, resp := Client.CreateUserAccessToken(th.BasicUser.Id, testDescription)
CheckNoError(t, resp)
......@@ -2387,7 +2387,7 @@ func TestDisableUserAccessToken(t *testing.T) {
}()
*utils.Cfg.ServiceSettings.EnableUserAccessTokens = true
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id, false)
token, resp := Client.CreateUserAccessToken(th.BasicUser.Id, testDescription)
CheckNoError(t, resp)
......@@ -2434,7 +2434,7 @@ func TestEnableUserAccessToken(t *testing.T) {
}()
*utils.Cfg.ServiceSettings.EnableUserAccessTokens = true
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id, false)
token, resp := Client.CreateUserAccessToken(th.BasicUser.Id, testDescription)
CheckNoError(t, resp)
......@@ -2476,7 +2476,7 @@ func TestUserAccessTokenInactiveUser(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableUserAccessTokens = true })
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id, false)
token, resp := Client.CreateUserAccessToken(th.BasicUser.Id, testDescription)
CheckNoError(t, resp)
......@@ -2499,7 +2499,7 @@ func TestUserAccessTokenDisableConfig(t *testing.T) {
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableUserAccessTokens = true })
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id)
th.App.UpdateUserRoles(th.BasicUser.Id, model.ROLE_SYSTEM_USER.Id+" "+model.ROLE_SYSTEM_USER_ACCESS_TOKEN.Id, false)
token, resp := Client.CreateUserAccessToken(th.BasicUser.Id, testDescription)
CheckNoError(t, resp)
......
......@@ -657,7 +657,7 @@ func (a *App) ImportUser(data *UserImportData, dryRun bool) *model.AppError {
}
}
if hasUserRolesChanged {
if savedUser, err = a.UpdateUserRoles(user.Id, roles); err != nil {
if savedUser, err = a.UpdateUserRoles(user.Id, roles, false); err != nil {
return err
}
}
......
......@@ -1188,7 +1188,7 @@ func (a *App) DeleteToken(token *model.Token) *model.AppError {
return nil
}
func (a *App) UpdateUserRoles(userId string, newRoles string) (*model.User, *model.AppError) {
func (a *App) UpdateUserRoles(userId string, newRoles string, sendWebSocketEvent bool) (*model.User, *model.AppError) {
var user *model.User
var err *model.AppError
if user, err = a.GetUser(userId); err != nil {
......@@ -1214,6 +1214,13 @@ func (a *App) UpdateUserRoles(userId string, newRoles string) (*model.User, *mod
a.ClearSessionCacheForUser(user.Id)
if sendWebSocketEvent {
message := model.NewWebSocketEvent(model.WEBSOCKET_EVENT_USER_ROLE_UPDATED, "", "", user.Id, nil)
message.Add("user_id", user.Id)
message.Add("roles", newRoles)
a.Publish(message)
}
return ruser, nil
}
......
......@@ -52,7 +52,7 @@ func makeSystemAdminCmdF(cmd *cobra.Command, args []string) error {
return errors.New("Unable to find user '" + args[i] + "'")
}
if _, err := a.UpdateUserRoles(user.Id, "system_admin system_user"); err != nil {
if _, err := a.UpdateUserRoles(user.Id, "system_admin system_user", true); err != nil {
return err
}
}
......@@ -76,7 +76,7 @@ func makeMemberCmdF(cmd *cobra.Command, args []string) error {
return errors.New("Unable to find user '" + args[i] + "'")
}
if _, err := a.UpdateUserRoles(user.Id, "system_user"); err != nil {
if _, err := a.UpdateUserRoles(user.Id, "system_user", true); err != nil {
return err
}
}
......
......@@ -246,7 +246,7 @@ func userCreateCmdF(cmd *cobra.Command, args []string) error {
if ruser, err := a.CreateUser(user); err != nil {
return errors.New("Unable to create user. Error: " + err.Error())
} else if systemAdmin {
a.UpdateUserRoles(ruser.Id, "system_user system_admin")
a.UpdateUserRoles(ruser.Id, "system_user system_admin", false)
}
CommandPrettyPrintln("Created User")
......
......@@ -24,6 +24,7 @@ const (
WEBSOCKET_EVENT_UPDATE_TEAM = "update_team"
WEBSOCKET_EVENT_USER_ADDED = "user_added"
WEBSOCKET_EVENT_USER_UPDATED = "user_updated"
WEBSOCKET_EVENT_USER_ROLE_UPDATED = "user_role_updated"
WEBSOCKET_EVENT_MEMBERROLE_UPDATED = "memberrole_updated"
WEBSOCKET_EVENT_USER_REMOVED = "user_removed"
WEBSOCKET_EVENT_PREFERENCE_CHANGED = "preference_changed"
......
......@@ -98,7 +98,7 @@ func TestIncomingWebhook(t *testing.T) {
a.JoinUserToTeam(team, user, "")
a.UpdateUserRoles(user.Id, model.ROLE_SYSTEM_ADMIN.Id)
a.UpdateUserRoles(user.Id, model.ROLE_SYSTEM_ADMIN.Id, false)
ApiClient.SetTeamId(team.Id)
channel1 := &model.Channel{DisplayName: "Test API Name", Name: "zz" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment