Unverified Commit fc158fce authored by George Goldberg's avatar George Goldberg Committed by GitHub

MM-10570: Make permissions reset command clear custom role assignments. (#8976)

parent 1c194e5f
......@@ -27,6 +27,21 @@ func (a *App) ResetPermissionsSystem() *model.AppError {
return result.Err
}
// Reset all Custom Role assignments to Users.
if result := <-a.Srv.Store.User().ClearAllCustomRoleAssignments(); result.Err != nil {
return result.Err
}
// Reset all Custom Role assignments to TeamMembers.
if result := <-a.Srv.Store.Team().ClearAllCustomRoleAssignments(); result.Err != nil {
return result.Err
}
// Reset all Custom Role assignments to ChannelMembers.
if result := <-a.Srv.Store.Channel().ClearAllCustomRoleAssignments(); result.Err != nil {
return result.Err
}
// Purge all schemes from the database.
if result := <-a.Srv.Store.Scheme().PermanentDeleteAll(); result.Err != nil {
return result.Err
......
......@@ -1534,6 +1534,66 @@
"id": "api.slackimport.slack_import.zip.app_error",
"translation": "Unable to open the Slack export zip file.\r\n"
},
{
"id": "store.sql_user.clear_all_custom_role_assignments.open_transaction.app_error",
"translation": "Failed to begin the database transaction"
},
{
"id": "store.sql_user.clear_all_custom_role_assignments.rollback_transaction.app_error",
"translation": "Failed to rollback the database transaction"
},
{
"id": "store.sql_user.clear_all_custom_role_assignments.select.app_error",
"translation": "Failed to retrieve the users"
},
{
"id": "store.sql_user.clear_all_custom_role_assignments.update.app_error",
"translation": "Failed to update the user"
},
{
"id": "store.sql_user.clear_all_custom_role_assignments.commit_transaction.app_error",
"translation": "Failed to commit the database transaction"
},
{
"id": "store.sql_team.clear_all_custom_role_assignments.open_transaction.app_error",
"translation": "Failed to begin the database transaction"
},
{
"id": "store.sql_team.clear_all_custom_role_assignments.rollback_transaction.app_error",
"translation": "Failed to rollback the database transaction"
},
{
"id": "store.sql_team.clear_all_custom_role_assignments.select.app_error",
"translation": "Failed to retrieve the team members"
},
{
"id": "store.sql_team.clear_all_custom_role_assignments.update.app_error",
"translation": "Failed to update the team member"
},
{
"id": "store.sql_team.clear_all_custom_role_assignments.commit_transaction.app_error",
"translation": "Failed to commit the database transaction"
},
{
"id": "store.sql_channel.clear_all_custom_role_assignments.open_transaction.app_error",
"translation": "Failed to begin the database transaction"
},
{
"id": "store.sql_channel.clear_all_custom_role_assignments.rollback_transaction.app_error",
"translation": "Failed to rollback the database transaction"
},
{
"id": "store.sql_channel.clear_all_custom_role_assignments.select.app_error",
"translation": "Failed to retrieve the channel members"
},
{
"id": "store.sql_channel.clear_all_custom_role_assignments.update.app_error",
"translation": "Failed to update the channel member"
},
{
"id": "store.sql_channel.clear_all_custom_role_assignments.commit_transaction.app_error",
"translation": "Failed to commit the database transaction"
},
{
"id": "api.status.user_not_found.app_error",
"translation": "User not found"
......
......@@ -1784,3 +1784,72 @@ func (s SqlChannelStore) ResetAllChannelSchemes() store.StoreChannel {
}
})
}
func (s SqlChannelStore) ClearAllCustomRoleAssignments() store.StoreChannel {
return store.Do(func(result *store.StoreResult) {
builtInRoles := model.MakeDefaultRoles()
lastUserId := strings.Repeat("0", 26)
lastChannelId := strings.Repeat("0", 26)
for true {
var transaction *gorp.Transaction
var err error
if transaction, err = s.GetMaster().Begin(); err != nil {
result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.open_transaction.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
var channelMembers []*channelMember
if _, err := transaction.Select(&channelMembers, "SELECT * from ChannelMembers WHERE (ChannelId, UserId) > (:ChannelId, :UserId) ORDER BY ChannelId, UserId LIMIT 1000", map[string]interface{}{"ChannelId": lastChannelId, "UserId": lastUserId}); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.select.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
if len(channelMembers) == 0 {
break
}
for _, member := range channelMembers {
lastUserId = member.UserId
lastChannelId = member.ChannelId
var newRoles []string
for _, role := range strings.Fields(member.Roles) {
for name := range builtInRoles {
if name == role {
newRoles = append(newRoles, role)
break
}
}
}
newRolesString := strings.Join(newRoles, " ")
if newRolesString != member.Roles {
if _, err := transaction.Exec("UPDATE ChannelMembers SET Roles = :Roles WHERE UserId = :UserId AND ChannelId = :ChannelId", map[string]interface{}{"Roles": newRolesString, "ChannelId": member.ChannelId, "UserId": member.UserId}); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.update.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
}
}
if err := transaction.Commit(); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.commit_transaction.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
}
})
}
......@@ -806,3 +806,72 @@ func (s SqlTeamStore) ResetAllTeamSchemes() store.StoreChannel {
}
})
}
func (s SqlTeamStore) ClearAllCustomRoleAssignments() store.StoreChannel {
return store.Do(func(result *store.StoreResult) {
builtInRoles := model.MakeDefaultRoles()
lastUserId := strings.Repeat("0", 26)
lastTeamId := strings.Repeat("0", 26)
for true {
var transaction *gorp.Transaction
var err error
if transaction, err = s.GetMaster().Begin(); err != nil {
result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.open_transaction.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
var teamMembers []*teamMember
if _, err := transaction.Select(&teamMembers, "SELECT * from TeamMembers WHERE (TeamId, UserId) > (:TeamId, :UserId) ORDER BY TeamId, UserId LIMIT 1000", map[string]interface{}{"TeamId": lastTeamId, "UserId": lastUserId}); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.select.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
if len(teamMembers) == 0 {
break
}
for _, member := range teamMembers {
lastUserId = member.UserId
lastTeamId = member.TeamId
var newRoles []string
for _, role := range strings.Fields(member.Roles) {
for name := range builtInRoles {
if name == role {
newRoles = append(newRoles, role)
break
}
}
}
newRolesString := strings.Join(newRoles, " ")
if newRolesString != member.Roles {
if _, err := transaction.Exec("UPDATE TeamMembers SET Roles = :Roles WHERE UserId = :UserId AND TeamId = :TeamId", map[string]interface{}{"Roles": newRolesString, "TeamId": member.TeamId, "UserId": member.UserId}); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.update.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
}
}
if err := transaction.Commit(); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.commit_transaction.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
}
})
}
......@@ -10,6 +10,8 @@ import (
"strconv"
"strings"
"github.com/mattermost/gorp"
"github.com/mattermost/mattermost-server/einterfaces"
"github.com/mattermost/mattermost-server/model"
"github.com/mattermost/mattermost-server/store"
......@@ -1247,3 +1249,70 @@ func (us SqlUserStore) GetEtagForProfilesNotInTeam(teamId string) store.StoreCha
}
})
}
func (us SqlUserStore) ClearAllCustomRoleAssignments() store.StoreChannel {
return store.Do(func(result *store.StoreResult) {
builtInRoles := model.MakeDefaultRoles()
lastUserId := strings.Repeat("0", 26)
for true {
var transaction *gorp.Transaction
var err error
if transaction, err = us.GetMaster().Begin(); err != nil {
result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.open_transaction.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
var users []*model.User
if _, err := transaction.Select(&users, "SELECT * from Users WHERE Id > :Id ORDER BY Id LIMIT 1000", map[string]interface{}{"Id": lastUserId}); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.select.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
if len(users) == 0 {
break
}
for _, user := range users {
lastUserId = user.Id
var newRoles []string
for _, role := range strings.Fields(user.Roles) {
for name := range builtInRoles {
if name == role {
newRoles = append(newRoles, role)
break
}
}
}
newRolesString := strings.Join(newRoles, " ")
if newRolesString != user.Roles {
if _, err := transaction.Exec("UPDATE Users SET Roles = :Roles WHERE Id = :Id", map[string]interface{}{"Roles": newRolesString, "Id": user.Id}); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.update.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
}
}
if err := transaction.Commit(); err != nil {
if err2 := transaction.Rollback(); err2 != nil {
result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError)
return
}
result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.commit_transaction.app_error", nil, err.Error(), http.StatusInternalServerError)
return
}
}
})
}
......@@ -107,6 +107,7 @@ type TeamStore interface {
GetTeamsByScheme(schemeId string, offset int, limit int) StoreChannel
MigrateTeamMembers(fromTeamId string, fromUserId string) StoreChannel
ResetAllTeamSchemes() StoreChannel
ClearAllCustomRoleAssignments() StoreChannel
}
type ChannelStore interface {
......@@ -167,6 +168,7 @@ type ChannelStore interface {
GetChannelsByScheme(schemeId string, offset int, limit int) StoreChannel
MigrateChannelMembers(fromChannelId string, fromUserId string) StoreChannel
ResetAllChannelSchemes() StoreChannel
ClearAllCustomRoleAssignments() StoreChannel
}
type ChannelMemberHistoryStore interface {
......@@ -258,6 +260,7 @@ type UserStore interface {
AnalyticsGetSystemAdminCount() StoreChannel
GetProfilesNotInTeam(teamId string, offset int, limit int) StoreChannel
GetEtagForProfilesNotInTeam(teamId string) StoreChannel
ClearAllCustomRoleAssignments() StoreChannel
}
type SessionStore interface {
......
......@@ -55,6 +55,7 @@ func TestChannelStore(t *testing.T, ss store.Store) {
t.Run("GetChannelsByScheme", func(t *testing.T) { testChannelStoreGetChannelsByScheme(t, ss) })
t.Run("MigrateChannelMembers", func(t *testing.T) { testChannelStoreMigrateChannelMembers(t, ss) })
t.Run("ResetAllChannelSchemes", func(t *testing.T) { testResetAllChannelSchemes(t, ss) })
t.Run("ClearAllCustomRoleAssignments", func(t *testing.T) { testChannelStoreClearAllCustomRoleAssignments(t, ss) })
}
......@@ -2358,3 +2359,62 @@ func testResetAllChannelSchemes(t *testing.T, ss store.Store) {
assert.Equal(t, "", *c1.SchemeId)
assert.Equal(t, "", *c2.SchemeId)
}
func testChannelStoreClearAllCustomRoleAssignments(t *testing.T, ss store.Store) {
c := &model.Channel{
TeamId: model.NewId(),
DisplayName: "Name",
Name: model.NewId(),
Type: model.CHANNEL_OPEN,
}
c = (<-ss.Channel().Save(c, 100)).Data.(*model.Channel)
m1 := &model.ChannelMember{
ChannelId: c.Id,
UserId: model.NewId(),
NotifyProps: model.GetDefaultChannelNotifyProps(),
ExplicitRoles: "channel_user channel_admin system_user_access_token",
}
m2 := &model.ChannelMember{
ChannelId: c.Id,
UserId: model.NewId(),
NotifyProps: model.GetDefaultChannelNotifyProps(),
ExplicitRoles: "channel_user custom_role channel_admin another_custom_role",
}
m3 := &model.ChannelMember{
ChannelId: c.Id,
UserId: model.NewId(),
NotifyProps: model.GetDefaultChannelNotifyProps(),
ExplicitRoles: "channel_user",
}
m4 := &model.ChannelMember{
ChannelId: c.Id,
UserId: model.NewId(),
NotifyProps: model.GetDefaultChannelNotifyProps(),
ExplicitRoles: "custom_only",
}
store.Must(ss.Channel().SaveMember(m1))
store.Must(ss.Channel().SaveMember(m2))
store.Must(ss.Channel().SaveMember(m3))
store.Must(ss.Channel().SaveMember(m4))
require.Nil(t, (<-ss.Channel().ClearAllCustomRoleAssignments()).Err)
r1 := <-ss.Channel().GetMember(m1.ChannelId, m1.UserId)
require.Nil(t, r1.Err)
assert.Equal(t, m1.ExplicitRoles, r1.Data.(*model.ChannelMember).Roles)
r2 := <-ss.Channel().GetMember(m2.ChannelId, m2.UserId)
require.Nil(t, r2.Err)
assert.Equal(t, "channel_user channel_admin", r2.Data.(*model.ChannelMember).Roles)
r3 := <-ss.Channel().GetMember(m3.ChannelId, m3.UserId)
require.Nil(t, r3.Err)
assert.Equal(t, m3.ExplicitRoles, r3.Data.(*model.ChannelMember).Roles)
r4 := <-ss.Channel().GetMember(m4.ChannelId, m4.UserId)
require.Nil(t, r4.Err)
assert.Equal(t, "", r4.Data.(*model.ChannelMember).Roles)
}
......@@ -61,6 +61,22 @@ func (_m *ChannelStore) AutocompleteInTeam(teamId string, term string) store.Sto
return r0
}
// ClearAllCustomRoleAssignments provides a mock function with given fields:
func (_m *ChannelStore) ClearAllCustomRoleAssignments() store.StoreChannel {
ret := _m.Called()
var r0 store.StoreChannel
if rf, ok := ret.Get(0).(func() store.StoreChannel); ok {
r0 = rf()
} else {
if ret.Get(0) != nil {
r0 = ret.Get(0).(store.StoreChannel)
}
}
return r0
}
// ClearCaches provides a mock function with given fields:
func (_m *ChannelStore) ClearCaches() {
_m.Called()
......
......@@ -29,6 +29,22 @@ func (_m *TeamStore) AnalyticsTeamCount() store.StoreChannel {
return r0
}
// ClearAllCustomRoleAssignments provides a mock function with given fields:
func (_m *TeamStore) ClearAllCustomRoleAssignments() store.StoreChannel {
ret := _m.Called()
var r0 store.StoreChannel
if rf, ok := ret.Get(0).(func() store.StoreChannel); ok {
r0 = rf()
} else {
if ret.Get(0) != nil {
r0 = ret.Get(0).(store.StoreChannel)
}
}
return r0
}
// Get provides a mock function with given fields: id
func (_m *TeamStore) Get(id string) store.StoreChannel {
ret := _m.Called(id)
......
......@@ -77,6 +77,22 @@ func (_m *UserStore) AnalyticsUniqueUserCount(teamId string) store.StoreChannel
return r0
}
// ClearAllCustomRoleAssignments provides a mock function with given fields:
func (_m *UserStore) ClearAllCustomRoleAssignments() store.StoreChannel {
ret := _m.Called()
var r0 store.StoreChannel
if rf, ok := ret.Get(0).(func() store.StoreChannel); ok {
r0 = rf()
} else {
if ret.Get(0) != nil {
r0 = ret.Get(0).(store.StoreChannel)
}
}
return r0
}
// ClearCaches provides a mock function with given fields:
func (_m *UserStore) ClearCaches() {
_m.Called()
......
......@@ -9,10 +9,10 @@ import (
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/mattermost/mattermost-server/model"
"github.com/mattermost/mattermost-server/store"
"github.com/stretchr/testify/require"
)
func TestTeamStore(t *testing.T, ss store.Store) {
......@@ -43,6 +43,7 @@ func TestTeamStore(t *testing.T, ss store.Store) {
t.Run("GetTeamsByScheme", func(t *testing.T) { testGetTeamsByScheme(t, ss) })
t.Run("MigrateTeamMembers", func(t *testing.T) { testTeamStoreMigrateTeamMembers(t, ss) })
t.Run("ResetAllTeamSchemes", func(t *testing.T) { testResetAllTeamSchemes(t, ss) })
t.Run("ClearAllCustomRoleAssignments", func(t *testing.T) { testTeamStoreClearAllCustomRoleAssignments(t, ss) })
}
func testTeamStoreSave(t *testing.T, ss store.Store) {
......@@ -1245,3 +1246,49 @@ func testResetAllTeamSchemes(t *testing.T, ss store.Store) {
assert.Equal(t, "", *t1.SchemeId)
assert.Equal(t, "", *t2.SchemeId)
}
func testTeamStoreClearAllCustomRoleAssignments(t *testing.T, ss store.Store) {
m1 := &model.TeamMember{
TeamId: model.NewId(),
UserId: model.NewId(),
ExplicitRoles: "team_user team_admin team_post_all_public",
}
m2 := &model.TeamMember{
TeamId: model.NewId(),
UserId: model.NewId(),
ExplicitRoles: "team_user custom_role team_admin another_custom_role",
}
m3 := &model.TeamMember{
TeamId: model.NewId(),
UserId: model.NewId(),
ExplicitRoles: "team_user",
}
m4 := &model.TeamMember{
TeamId: model.NewId(),
UserId: model.NewId(),
ExplicitRoles: "custom_only",
}
store.Must(ss.Team().SaveMember(m1, -1))
store.Must(ss.Team().SaveMember(m2, -1))
store.Must(ss.Team().SaveMember(m3, -1))
store.Must(ss.Team().SaveMember(m4, -1))
require.Nil(t, (<-ss.Team().ClearAllCustomRoleAssignments()).Err)
r1 := <-ss.Team().GetMember(m1.TeamId, m1.UserId)
require.Nil(t, r1.Err)
assert.Equal(t, m1.ExplicitRoles, r1.Data.(*model.TeamMember).Roles)
r2 := <-ss.Team().GetMember(m2.TeamId, m2.UserId)
require.Nil(t, r2.Err)
assert.Equal(t, "team_user team_admin", r2.Data.(*model.TeamMember).Roles)
r3 := <-ss.Team().GetMember(m3.TeamId, m3.UserId)
require.Nil(t, r3.Err)
assert.Equal(t, m3.ExplicitRoles, r3.Data.(*model.TeamMember).Roles)
r4 := <-ss.Team().GetMember(m4.TeamId, m4.UserId)
require.Nil(t, r4.Err)
assert.Equal(t, "", r4.Data.(*model.TeamMember).Roles)
}
......@@ -9,6 +9,7 @@ import (
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/mattermost/mattermost-server/model"
"github.com/mattermost/mattermost-server/store"
......@@ -49,6 +50,7 @@ func TestUserStore(t *testing.T, ss store.Store) {
t.Run("AnalyticsGetInactiveUsersCount", func(t *testing.T) { testUserStoreAnalyticsGetInactiveUsersCount(t, ss) })
t.Run("AnalyticsGetSystemAdminCount", func(t *testing.T) { testUserStoreAnalyticsGetSystemAdminCount(t, ss) })
t.Run("GetProfilesNotInTeam", func(t *testing.T) { testUserStoreGetProfilesNotInTeam(t, ss) })
t.Run("ClearAllCustomRoleAssignments", func(t *testing.T) { testUserStoreClearAllCustomRoleAssignments(t, ss) })
}
func testUserStoreSave(t *testing.T, ss store.Store) {
......@@ -2118,3 +2120,49 @@ func testUserStoreGetProfilesNotInTeam(t *testing.T, ss store.Store) {
}
}
}
func testUserStoreClearAllCustomRoleAssignments(t *testing.T, ss store.Store) {
u1 := model.User{
Email: model.NewId(),
Username: model.NewId(),
Roles: "system_user system_admin system_post_all",
}
u2 := model.User{
Email: model.NewId(),
Username: model.NewId(),
Roles: "system_user custom_role system_admin another_custom_role",
}
u3 := model.User{
Email: model.NewId(),
Username: model.NewId(),
Roles: "system_user",
}
u4 := model.User{
Email: model.NewId(),
Username: model.NewId(),
Roles: "custom_only",
}
store.Must(ss.User().Save(&u1))
store.Must(ss.User().Save(&u2))
store.Must(ss.User().Save(&u3))
store.Must(ss.User().Save(&u4))
require.Nil(t, (<-ss.User().ClearAllCustomRoleAssignments()).Err)
r1 := <-ss.User().GetByUsername(u1.Username)
require.Nil(t, r1.Err)
assert.Equal(t, u1.Roles, r1.Data.(*model.User).Roles)
r2 := <-ss.User().GetByUsername(u2.Username)
require.Nil(t, r2.Err)
assert.Equal(t, "system_user system_admin", r2.Data.(*model.User).Roles)
r3 := <-ss.User().GetByUsername(u3.Username)
require.Nil(t, r3.Err)
assert.Equal(t, u3.Roles, r3.Data.(*model.User).Roles)
r4 := <-ss.User().GetByUsername(u4.Username)
require.Nil(t, r4.Err)
assert.Equal(t, "", r4.Data.(*model.User).Roles)
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment