Unverified Commit c042ffa4 authored by cpanato's avatar cpanato

Merge remote-tracking branch 'upstream/release-5.1' into release-5.1-daily-merge-20180710

parents 9470564d dccd95bc
......@@ -96,12 +96,28 @@ func updateChannel(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if _, err = c.App.GetChannelMember(channel.Id, c.Session.UserId); err != nil {
c.Err = err
return
}
switch oldChannel.Type {
case model.CHANNEL_OPEN:
if !c.App.SessionHasPermissionToChannel(c.Session, c.Params.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES)
return
}
if !CanManageChannel(c, channel) {
case model.CHANNEL_PRIVATE:
if !c.App.SessionHasPermissionToChannel(c.Session, c.Params.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES)
return
}
case model.CHANNEL_GROUP, model.CHANNEL_DIRECT:
// Modifying the header is not linked to any specific permission for group/dm channels, so just check for membership.
if _, err := c.App.GetChannelMember(channel.Id, c.Session.UserId); err != nil {
c.Err = model.NewAppError("updateChannel", "api.channel.patch_update_channel.forbidden.app_error", nil, "", http.StatusForbidden)
return
}
default:
c.Err = model.NewAppError("updateChannel", "api.channel.patch_update_channel.forbidden.app_error", nil, "", http.StatusForbidden)
return
}
......@@ -205,7 +221,28 @@ func patchChannel(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if !CanManageChannel(c, oldChannel) {
switch oldChannel.Type {
case model.CHANNEL_OPEN:
if !c.App.SessionHasPermissionToChannel(c.Session, c.Params.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES)
return
}
case model.CHANNEL_PRIVATE:
if !c.App.SessionHasPermissionToChannel(c.Session, c.Params.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES)
return
}
case model.CHANNEL_GROUP, model.CHANNEL_DIRECT:
// Modifying the header is not linked to any specific permission for group/dm channels, so just check for membership.
if _, err := c.App.GetChannelMember(c.Params.ChannelId, c.Session.UserId); err != nil {
c.Err = model.NewAppError("patchChannel", "api.channel.patch_update_channel.forbidden.app_error", nil, "", http.StatusForbidden)
return
}
default:
c.Err = model.NewAppError("patchChannel", "api.channel.patch_update_channel.forbidden.app_error", nil, "", http.StatusForbidden)
return
}
......@@ -255,20 +292,6 @@ func restoreChannel(c *Context, w http.ResponseWriter, r *http.Request) {
}
func CanManageChannel(c *Context, channel *model.Channel) bool {
if channel.Type == model.CHANNEL_OPEN && !c.App.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES)
return false
}
if channel.Type == model.CHANNEL_PRIVATE && !c.App.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES)
return false
}
return true
}
func createDirectChannel(c *Context, w http.ResponseWriter, r *http.Request) {
userIds := model.ArrayFromJson(r.Body)
allowed := false
......
......@@ -209,8 +209,34 @@ func TestUpdateChannel(t *testing.T) {
channel.DisplayName = "Should not update"
_, resp = Client.UpdateChannel(channel)
CheckNotFoundStatus(t, resp)
CheckForbiddenStatus(t, resp)
// Test updating the header of someone else's GM channel.
user1 := th.CreateUser()
user2 := th.CreateUser()
user3 := th.CreateUser()
groupChannel, resp := Client.CreateGroupChannel([]string{user1.Id, user2.Id})
CheckNoError(t, resp)
groupChannel.Header = "lolololol"
Client.Logout()
Client.Login(user3.Email, user3.Password)
_, resp = Client.UpdateChannel(groupChannel)
CheckForbiddenStatus(t, resp)
// Test updating the header of someone else's GM channel.
Client.Logout()
Client.Login(user.Email, user.Password)
directChannel, resp := Client.CreateDirectChannel(user.Id, user1.Id)
CheckNoError(t, resp)
directChannel.Header = "lolololol"
Client.Logout()
Client.Login(user3.Email, user3.Password)
_, resp = Client.UpdateChannel(directChannel)
CheckForbiddenStatus(t, resp)
}
func TestPatchChannel(t *testing.T) {
......@@ -267,6 +293,36 @@ func TestPatchChannel(t *testing.T) {
_, resp = th.SystemAdminClient.PatchChannel(th.BasicPrivateChannel.Id, patch)
CheckNoError(t, resp)
// Test updating the header of someone else's GM channel.
user1 := th.CreateUser()
user2 := th.CreateUser()
user3 := th.CreateUser()
groupChannel, resp := Client.CreateGroupChannel([]string{user1.Id, user2.Id})
CheckNoError(t, resp)
Client.Logout()
Client.Login(user3.Email, user3.Password)
channelPatch := &model.ChannelPatch{}
channelPatch.Header = new(string)
*channelPatch.Header = "lolololol"
_, resp = Client.PatchChannel(groupChannel.Id, channelPatch)
CheckForbiddenStatus(t, resp)
// Test updating the header of someone else's GM channel.
Client.Logout()
Client.Login(user.Email, user.Password)
directChannel, resp := Client.CreateDirectChannel(user.Id, user1.Id)
CheckNoError(t, resp)
Client.Logout()
Client.Login(user3.Email, user3.Password)
_, resp = Client.PatchChannel(directChannel.Id, channelPatch)
CheckForbiddenStatus(t, resp)
}
func TestCreateDirectChannel(t *testing.T) {
......
......@@ -4,6 +4,8 @@
package api4
import (
"io"
"io/ioutil"
"net/http"
"strings"
......@@ -28,6 +30,8 @@ func (api *API) InitEmoji() {
}
func createEmoji(c *Context, w http.ResponseWriter, r *http.Request) {
defer io.Copy(ioutil.Discard, r.Body)
if !*c.App.Config().ServiceSettings.EnableCustomEmoji {
c.Err = model.NewAppError("createEmoji", "api.emoji.disabled.app_error", nil, "", http.StatusNotImplemented)
return
......
......@@ -1935,6 +1935,15 @@ func TestInviteUsersToTeam(t *testing.T) {
utils.DeleteMailBox(user1)
utils.DeleteMailBox(user2)
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableEmailInvitations = false })
_, resp := th.SystemAdminClient.InviteUsersToTeam(th.BasicTeam.Id, emailList)
if resp.Error == nil {
t.Fatal("Should be disabled")
}
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableEmailInvitations = true })
okMsg, resp := th.SystemAdminClient.InviteUsersToTeam(th.BasicTeam.Id, emailList)
CheckNoError(t, resp)
if !okMsg {
......
......@@ -17,6 +17,7 @@ import (
"github.com/gorilla/mux"
"github.com/pkg/errors"
"github.com/throttled/throttled"
"github.com/mattermost/mattermost-server/einterfaces"
ejobs "github.com/mattermost/mattermost-server/einterfaces/jobs"
......@@ -46,7 +47,8 @@ type App struct {
IsPluginSandboxSupported bool
pluginStatuses map[string]*model.PluginStatus
EmailBatching *EmailBatchingJob
EmailBatching *EmailBatchingJob
EmailRateLimiter *throttled.GCRARateLimiter
Hubs []*Hub
HubsStopCheckingForDeadlock chan bool
......@@ -185,6 +187,10 @@ func New(options ...Option) (outApp *App, outErr error) {
})
if err := app.SetupInviteEmailRateLimiting(); err != nil {
return nil, err
}
mlog.Info("Server is initializing...")
app.initEnterprise()
......
......@@ -206,6 +206,10 @@ func (me *TestHelper) CreateChannel(team *model.Team) *model.Channel {
return me.createChannel(team, model.CHANNEL_OPEN)
}
func (me *TestHelper) CreatePrivateChannel(team *model.Team) *model.Channel {
return me.createChannel(team, model.CHANNEL_PRIVATE)
}
func (me *TestHelper) createChannel(team *model.Team, channelType string) *model.Channel {
id := model.NewId()
......@@ -266,6 +270,20 @@ func (me *TestHelper) CreateDmChannel(user *model.User) *model.Channel {
return channel
}
func (me *TestHelper) CreateGroupChannel(user1 *model.User, user2 *model.User) *model.Channel {
utils.DisableDebugLogForTest()
var err *model.AppError
var channel *model.Channel
if channel, err = me.App.CreateGroupChannel([]string{me.BasicUser.Id, user1.Id, user2.Id}, me.BasicUser.Id); err != nil {
mlog.Error(err.Error())
time.Sleep(time.Second)
panic(err)
}
utils.EnableDebugLogForTest()
return channel
}
func (me *TestHelper) CreatePost(channel *model.Channel) *model.Post {
id := model.NewId()
......
......@@ -340,6 +340,30 @@ func (a *App) createGroupChannel(userIds []string, creatorId string) (*model.Cha
}
}
func (a *App) GetGroupChannel(userIds []string) (*model.Channel, *model.AppError) {
if len(userIds) > model.CHANNEL_GROUP_MAX_USERS || len(userIds) < model.CHANNEL_GROUP_MIN_USERS {
return nil, model.NewAppError("GetGroupChannel", "api.channel.create_group.bad_size.app_error", nil, "", http.StatusBadRequest)
}
var users []*model.User
if result := <-a.Srv.Store.User().GetProfileByIds(userIds, true); result.Err != nil {
return nil, result.Err
} else {
users = result.Data.([]*model.User)
}
if len(users) != len(userIds) {
return nil, model.NewAppError("GetGroupChannel", "api.channel.create_group.bad_user.app_error", nil, "user_ids="+model.ArrayToJson(userIds), http.StatusBadRequest)
}
channel, err := a.GetChannelByName(model.GetGroupNameFromUserIds(userIds), "")
if err != nil {
return nil, err
}
return channel, nil
}
func (a *App) UpdateChannel(channel *model.Channel) (*model.Channel, *model.AppError) {
if result := <-a.Srv.Store.Channel().Update(channel); result.Err != nil {
return nil, result.Err
......
......@@ -40,11 +40,25 @@ func (me *HeaderProvider) DoCommand(a *App, args *model.CommandArgs, message str
return &model.CommandResponse{Text: args.T("api.command_channel_header.channel.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
if channel.Type == model.CHANNEL_OPEN && !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
switch channel.Type {
case model.CHANNEL_OPEN:
if !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
case model.CHANNEL_PRIVATE:
if !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
case model.CHANNEL_GROUP, model.CHANNEL_DIRECT:
// Modifying the header is not linked to any specific permission for group/dm channels, so just check for membership.
channelMember, err := a.GetChannelMember(args.ChannelId, args.Session.UserId)
if err != nil || channelMember == nil {
return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
if channel.Type == model.CHANNEL_PRIVATE && !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
default:
return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
......
......@@ -12,6 +12,8 @@ func TestHeaderProviderDoCommand(t *testing.T) {
defer th.TearDown()
hp := HeaderProvider{}
// Try a public channel *with* permission.
args := &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: th.BasicChannel.Id,
......@@ -25,4 +27,84 @@ func TestHeaderProviderDoCommand(t *testing.T) {
actual := hp.DoCommand(th.App, args, msg).Text
assert.Equal(t, expected, actual)
}
// Try a public channel *without* permission.
args = &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: th.BasicChannel.Id,
Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}},
}
actual := hp.DoCommand(th.App, args, "hello").Text
assert.Equal(t, "api.command_channel_header.permission.app_error", actual)
// Try a private channel *with* permission.
privateChannel := th.CreatePrivateChannel(th.BasicTeam)
args = &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: privateChannel.Id,
Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: model.TEAM_USER_ROLE_ID}}},
}
actual = hp.DoCommand(th.App, args, "hello").Text
assert.Equal(t, "", actual)
// Try a private channel *without* permission.
args = &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: privateChannel.Id,
Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}},
}
actual = hp.DoCommand(th.App, args, "hello").Text
assert.Equal(t, "api.command_channel_header.permission.app_error", actual)
// Try a group channel *with* being a member.
user1 := th.CreateUser()
user2 := th.CreateUser()
user3 := th.CreateUser()
groupChannel := th.CreateGroupChannel(user1, user2)
args = &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: groupChannel.Id,
Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}},
}
actual = hp.DoCommand(th.App, args, "hello").Text
assert.Equal(t, "", actual)
// Try a group channel *without* being a member.
args = &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: groupChannel.Id,
Session: model.Session{UserId: user3.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}},
}
actual = hp.DoCommand(th.App, args, "hello").Text
assert.Equal(t, "api.command_channel_header.permission.app_error", actual)
// Try a direct channel *with* being a member.
directChannel := th.CreateDmChannel(user1)
args = &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: directChannel.Id,
Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}},
}
actual = hp.DoCommand(th.App, args, "hello").Text
assert.Equal(t, "", actual)
// Try a direct channel *without* being a member.
args = &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: directChannel.Id,
Session: model.Session{UserId: user2.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}},
}
actual = hp.DoCommand(th.App, args, "hello").Text
assert.Equal(t, "api.command_channel_header.permission.app_error", actual)
}
......@@ -93,10 +93,20 @@ func (me *groupmsgProvider) DoCommand(a *App, args *model.CommandArgs, message s
}
}
groupChannel, channelErr := a.CreateGroupChannel(targetUsersSlice, args.UserId)
if channelErr != nil {
mlog.Error(channelErr.Error())
return &model.CommandResponse{Text: args.T("api.command_groupmsg.group_fail.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
var groupChannel *model.Channel
var channelErr *model.AppError
if a.SessionHasPermissionTo(args.Session, model.PERMISSION_CREATE_GROUP_CHANNEL) {
groupChannel, channelErr = a.CreateGroupChannel(targetUsersSlice, args.UserId)
if channelErr != nil {
mlog.Error(channelErr.Error())
return &model.CommandResponse{Text: args.T("api.command_groupmsg.group_fail.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
} else {
groupChannel, channelErr = a.GetGroupChannel(targetUsersSlice)
if channelErr != nil {
return &model.CommandResponse{Text: args.T("api.command_groupmsg.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
}
if len(parsedMessage) > 0 {
......
......@@ -2,6 +2,11 @@ package app
import (
"testing"
"github.com/nicksnyder/go-i18n/i18n"
"github.com/stretchr/testify/assert"
"github.com/mattermost/mattermost-server/model"
)
func TestGroupMsgUsernames(t *testing.T) {
......@@ -35,3 +40,58 @@ func TestGroupMsgUsernames(t *testing.T) {
t.Fatal("error parsing different types of users")
}
}
func TestGroupMsgProvider(t *testing.T) {
th := Setup().InitBasic()
defer th.TearDown()
user3 := th.CreateUser()
targetUsers := "@" + th.BasicUser2.Username + ",@" + user3.Username + " "
team := th.CreateTeam()
th.LinkUserToTeam(th.BasicUser, team)
cmd := &groupmsgProvider{}
// Check without permission to create a GM channel.
resp := cmd.DoCommand(th.App, &model.CommandArgs{
T: i18n.IdentityTfunc(),
SiteURL: "http://test.url",
TeamId: team.Id,
UserId: th.BasicUser.Id,
Session: model.Session{
Roles: "",
},
}, targetUsers+"hello")
channelName := model.GetGroupNameFromUserIds([]string{th.BasicUser.Id, th.BasicUser2.Id, user3.Id})
assert.Equal(t, "api.command_groupmsg.permission.app_error", resp.Text)
assert.Equal(t, "", resp.GotoLocation)
// Check with permission to create a GM channel.
resp = cmd.DoCommand(th.App, &model.CommandArgs{
T: i18n.IdentityTfunc(),
SiteURL: "http://test.url",
TeamId: team.Id,
UserId: th.BasicUser.Id,
Session: model.Session{
Roles: model.SYSTEM_USER_ROLE_ID,
},
}, targetUsers+"hello")
assert.Equal(t, "", resp.Text)
assert.Equal(t, "http://test.url/"+team.Name+"/channels/"+channelName, resp.GotoLocation)
// Check without permission to post to an existing GM channel.
resp = cmd.DoCommand(th.App, &model.CommandArgs{
T: i18n.IdentityTfunc(),
SiteURL: "http://test.url",
TeamId: team.Id,
UserId: th.BasicUser.Id,
Session: model.Session{
Roles: "",
},
}, targetUsers+"hello")
assert.Equal(t, "", resp.Text)
assert.Equal(t, "http://test.url/"+team.Name+"/channels/"+channelName, resp.GotoLocation)
}
......@@ -28,7 +28,7 @@ func (me *InvitePeopleProvider) GetTrigger() string {
func (me *InvitePeopleProvider) GetCommand(a *App, T goi18n.TranslateFunc) *model.Command {
autoComplete := true
if !a.Config().EmailSettings.SendEmailNotifications || !*a.Config().TeamSettings.EnableUserCreation {
if !a.Config().EmailSettings.SendEmailNotifications || !*a.Config().TeamSettings.EnableUserCreation || !*a.Config().ServiceSettings.EnableEmailInvitations {
autoComplete = false
}
return &model.Command{
......@@ -41,6 +41,14 @@ func (me *InvitePeopleProvider) GetCommand(a *App, T goi18n.TranslateFunc) *mode
}
func (me *InvitePeopleProvider) DoCommand(a *App, args *model.CommandArgs, message string) *model.CommandResponse {
if !a.SessionHasPermissionToTeam(args.Session, args.TeamId, model.PERMISSION_INVITE_USER) {
return &model.CommandResponse{Text: args.T("api.command_invite_people.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
if !a.SessionHasPermissionToTeam(args.Session, args.TeamId, model.PERMISSION_ADD_USER_TO_TEAM) {
return &model.CommandResponse{Text: args.T("api.command_invite_people.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
if !a.Config().EmailSettings.SendEmailNotifications {
return &model.CommandResponse{ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL, Text: args.T("api.command.invite_people.email_off")}
}
......@@ -49,6 +57,10 @@ func (me *InvitePeopleProvider) DoCommand(a *App, args *model.CommandArgs, messa
return &model.CommandResponse{ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL, Text: args.T("api.command.invite_people.invite_off")}
}
if !*a.Config().ServiceSettings.EnableEmailInvitations {
return &model.CommandResponse{ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL, Text: args.T("api.command.invite_people.email_invitations_off")}
}
emailList := strings.Fields(message)
for i := len(emailList) - 1; i >= 0; i-- {
......
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package app
import (
"testing"
"github.com/stretchr/testify/assert"
"github.com/mattermost/mattermost-server/model"
)
func TestInvitePeopleProvider(t *testing.T) {
th := Setup().InitBasic()
defer th.TearDown()
enableEmailInvitations := *th.App.Config().ServiceSettings.EnableEmailInvitations
defer func() {
th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableEmailInvitations = &enableEmailInvitations })
}()
th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableEmailInvitations = true })
cmd := InvitePeopleProvider{}
// Test without required permissions
args := &model.CommandArgs{
T: func(s string, args ...interface{}) string { return s },
ChannelId: th.BasicChannel.Id,
TeamId: th.BasicTeam.Id,
UserId: th.BasicUser.Id,
Session: model.Session{UserId: th.BasicUser.Id, TeamMembers: []*model.TeamMember{{TeamId: th.BasicTeam.Id, Roles: ""}}},
}
actual := cmd.DoCommand(th.App, args, model.NewId()+"@simulator.amazonses.com")
assert.Equal(t, "api.command_invite_people.permission.app_error", actual.Text)
// Test with required permissions.
args.Session.TeamMembers[0].Roles = model.TEAM_USER_ROLE_ID
actual = cmd.DoCommand(th.App, args, model.NewId()+"@simulator.amazonses.com")
assert.Equal(t, "api.command.invite_people.sent", actual.Text)
}
......@@ -66,6 +66,10 @@ func (me *msgProvider) DoCommand(a *App, args *model.CommandArgs, message string
targetChannelId := ""
if channel := <-a.Srv.Store.Channel().GetByName(args.TeamId, channelName, true); channel.Err != nil {
if channel.Err.Id == "store.sql_channel.get_by_name.missing.app_error" {
if !a.SessionHasPermissionTo(args.Session, model.PERMISSION_CREATE_DIRECT_CHANNEL) {
return &model.CommandResponse{Text: args.T("api.command_msg.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
}
if directChannel, err := a.CreateDirectChannel(args.UserId, userProfile.Id); err != nil {
mlog.Error(err.Error())
return &model.CommandResponse{Text: args.T("api.command_msg.dm_fail.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
......
......@@ -19,13 +19,47 @@ func TestMsgProvider(t *testing.T) {
team := th.CreateTeam()
th.LinkUserToTeam(th.BasicUser, team)
cmd := &msgProvider{}
// Check without permission to create a DM channel.
resp := cmd.DoCommand(th.App, &model.CommandArgs{
T: i18n.IdentityTfunc(),
SiteURL: "http://test.url",
TeamId: team.Id,
UserId: th.BasicUser.Id,
Session: model.Session{
Roles: "",
},
}, "@"+th.BasicUser2.Username+" hello")
channelName := model.GetDMNameFromIds(th.BasicUser.Id, th.BasicUser2.Id)
assert.Equal(t, "api.command_msg.permission.app_error", resp.Text)
assert.Equal(t, "", resp.GotoLocation)
// Check with permission to create a DM channel.
resp = cmd.DoCommand(th.App, &model.CommandArgs{
T: i18n.IdentityTfunc(),
SiteURL: "http://test.url",
TeamId: team.Id,
UserId: th.BasicUser.Id,
Session: model.Session{
Roles: model.SYSTEM_USER_ROLE_ID,
},
}, "@"+th.BasicUser2.Username+" hello")
assert.Equal(t, "", resp.Text)
assert.Equal(t, "http://test.url/"+team.Name+"/channels/"+channelName, resp.GotoLocation)
// Check without permission to post to an existing DM channel.
resp = cmd.DoCommand(th.App, &model.CommandArgs{
T: i18n.IdentityTfunc(),
SiteURL: "http://test.url",
TeamId: team.Id,
UserId: th.BasicUser.Id,
Session: model.Session{
Roles: "",
},
}, "@"+th.BasicUser2.Username+" hello")
assert.Equal(t, "", resp.Text)
assert.Equal(t, "http://test.url/"+team.Name+"/channels/"+channelName, resp.GotoLocation)
}
......@@ -10,12 +10,41 @@ import (
"net/http"
"github.com/nicksnyder/go-i18n/i18n"
"github.com/pkg/errors"
"github.com/throttled/throttled"
"github.com/throttled/throttled/store/memstore"