diff --git a/server/integrationtests/local_permissions_test.go b/server/integrationtests/local_permissions_test.go deleted file mode 100644 index 262a1fe6b..000000000 --- a/server/integrationtests/local_permissions_test.go +++ /dev/null @@ -1,2059 +0,0 @@ -//nolint:dupl -package integrationtests - -import ( - "bytes" - "fmt" - "net/http" - "testing" - - "github.com/mattermost/focalboard/server/api" - "github.com/mattermost/focalboard/server/client" - "github.com/mattermost/focalboard/server/model" - "github.com/stretchr/testify/require" -) - -func setupLocalClients(th *TestHelper) Clients { - th.Client = client.NewClient(th.Server.Config().ServerRoot, "") - th.RegisterAndLogin(th.Client, "sysadmin", "sysadmin@sample.com", password, "") - - clients := Clients{ - Anon: client.NewClient(th.Server.Config().ServerRoot, ""), - NoTeamMember: client.NewClient(th.Server.Config().ServerRoot, ""), - TeamMember: client.NewClient(th.Server.Config().ServerRoot, ""), - Viewer: client.NewClient(th.Server.Config().ServerRoot, ""), - Commenter: client.NewClient(th.Server.Config().ServerRoot, ""), - Editor: client.NewClient(th.Server.Config().ServerRoot, ""), - Admin: client.NewClient(th.Server.Config().ServerRoot, ""), - } - - // get token - team, resp := th.Client.GetTeam(model.GlobalTeamID) - th.CheckOK(resp) - require.NotNil(th.T, team) - require.NotNil(th.T, team.SignupToken) - - th.RegisterAndLogin(clients.NoTeamMember, userNoTeamMember, userNoTeamMember+"@sample.com", password, team.SignupToken) - userNoTeamMemberID = clients.NoTeamMember.GetUserID() - - th.RegisterAndLogin(clients.TeamMember, userTeamMember, userTeamMember+"@sample.com", password, team.SignupToken) - userTeamMemberID = clients.TeamMember.GetUserID() - - th.RegisterAndLogin(clients.Viewer, userViewer, userViewer+"@sample.com", password, team.SignupToken) - userViewerID = clients.Viewer.GetUserID() - - th.RegisterAndLogin(clients.Commenter, userCommenter, userCommenter+"@sample.com", password, team.SignupToken) - userCommenterID = clients.Commenter.GetUserID() - - th.RegisterAndLogin(clients.Editor, userEditor, userEditor+"@sample.com", password, team.SignupToken) - userEditorID = clients.Editor.GetUserID() - - th.RegisterAndLogin(clients.Admin, userAdmin, userAdmin+"@sample.com", password, team.SignupToken) - userAdminID = clients.Admin.GetUserID() - - return clients -} - -func TestLocalPermissionsGetTeamBoards(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams/test-team/boards", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/boards", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/boards", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/boards", methodGet, "", userViewer, http.StatusOK, 2}, - {"/teams/test-team/boards", methodGet, "", userCommenter, http.StatusOK, 2}, - {"/teams/test-team/boards", methodGet, "", userEditor, http.StatusOK, 2}, - {"/teams/test-team/boards", methodGet, "", userAdmin, http.StatusOK, 2}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsSearchTeamBoards(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - // Search boards - {"/teams/test-team/boards/search?q=b", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/boards/search?q=b", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/boards/search?q=b", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/boards/search?q=b", methodGet, "", userViewer, http.StatusOK, 2}, - {"/teams/test-team/boards/search?q=b", methodGet, "", userCommenter, http.StatusOK, 2}, - {"/teams/test-team/boards/search?q=b", methodGet, "", userEditor, http.StatusOK, 2}, - {"/teams/test-team/boards/search?q=b", methodGet, "", userAdmin, http.StatusOK, 2}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetTeamTemplates(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - err := th.Server.App().InitTemplates() - require.NoError(t, err, "InitTemplates should succeed") - - builtInTemplateCount := 7 - - ttCases := []TestCase{ - // Get Team Boards - {"/teams/test-team/templates", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/templates", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/templates", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/templates", methodGet, "", userViewer, http.StatusOK, 2}, - {"/teams/test-team/templates", methodGet, "", userCommenter, http.StatusOK, 2}, - {"/teams/test-team/templates", methodGet, "", userEditor, http.StatusOK, 2}, - {"/teams/test-team/templates", methodGet, "", userAdmin, http.StatusOK, 2}, - // Built-in templates - {"/teams/0/templates", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/0/templates", methodGet, "", userNoTeamMember, http.StatusOK, builtInTemplateCount}, - {"/teams/0/templates", methodGet, "", userTeamMember, http.StatusOK, builtInTemplateCount}, - {"/teams/0/templates", methodGet, "", userViewer, http.StatusOK, builtInTemplateCount}, - {"/teams/0/templates", methodGet, "", userCommenter, http.StatusOK, builtInTemplateCount}, - {"/teams/0/templates", methodGet, "", userEditor, http.StatusOK, builtInTemplateCount}, - {"/teams/0/templates", methodGet, "", userAdmin, http.StatusOK, builtInTemplateCount}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsCreateBoard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - publicBoard := toJSON(t, model.Board{Title: "Board To Create", TeamID: "test-team", Type: model.BoardTypeOpen}) - privateBoard := toJSON(t, model.Board{Title: "Board To Create", TeamID: "test-team", Type: model.BoardTypeOpen}) - - ttCases := []TestCase{ - // Create Public boards - {"/boards", methodPost, publicBoard, userAnon, http.StatusUnauthorized, 0}, - {"/boards", methodPost, publicBoard, userNoTeamMember, http.StatusOK, 1}, - {"/boards", methodPost, publicBoard, userTeamMember, http.StatusOK, 1}, - - // Create private boards - {"/boards", methodPost, privateBoard, userAnon, http.StatusUnauthorized, 0}, - {"/boards", methodPost, privateBoard, userNoTeamMember, http.StatusOK, 1}, - {"/boards", methodPost, privateBoard, userTeamMember, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetBoard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_BOARD_ID}?read_token=invalid", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}?read_token=valid", methodGet, "", userAnon, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}?read_token=invalid", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}?read_token=valid", methodGet, "", userTeamMember, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsPatchBoard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsDeleteBoard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_BOARD_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PRIVATE_TEMPLATE_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsDuplicateBoard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - // In same team - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userNoTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) - - // In other team - ttCases = []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/duplicate?toTeam=other-team", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userNoTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetBoardBlocks(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_BOARD_ID}/blocks?read_token=invalid", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks?read_token=valid", methodGet, "", userAnon, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/blocks?read_token=invalid", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks?read_token=valid", methodGet, "", userTeamMember, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsCreateBoardBlocks(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - counter := 0 - newBlockJSON := func(boardID string) string { - counter++ - return toJSON(t, []*model.Block{{ - ID: fmt.Sprintf("%d", counter), - Title: "Board To Create", - BoardID: boardID, - Type: "card", - CreateAt: model.GetMillis(), - UpdateAt: model.GetMillis(), - }}) - } - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsPatchBoardBlocks(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - counter := 0 - newBlocksPatchJSON := func(blockID string) string { - counter++ - newTitle := "New Patch Block Title" - return toJSON(t, model.BlockPatchBatch{ - BlockIDs: []string{blockID}, - BlockPatches: []model.BlockPatch{ - {Title: &newTitle}, - }, - }) - } - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-4"), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-4"), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-4"), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-4"), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-4"), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-4"), userEditor, http.StatusOK, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-4"), userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-3"), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-3"), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-3"), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-3"), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-3"), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-3"), userEditor, http.StatusOK, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPatch, newBlocksPatchJSON("block-3"), userAdmin, http.StatusOK, 0}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-2"), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-2"), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-2"), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-2"), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-2"), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-2"), userEditor, http.StatusOK, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-2"), userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userEditor, http.StatusOK, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsPatchBoardBlock(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - newTitle := "New Patch Title" - patchJSON := toJSON(t, model.BlockPatch{Title: &newTitle}) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodPatch, patchJSON, userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodPatch, patchJSON, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodPatch, patchJSON, userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodPatch, patchJSON, userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodPatch, patchJSON, userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodPatch, patchJSON, userEditor, http.StatusOK, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodPatch, patchJSON, userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodPatch, patchJSON, userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodPatch, patchJSON, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodPatch, patchJSON, userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodPatch, patchJSON, userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodPatch, patchJSON, userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodPatch, patchJSON, userEditor, http.StatusOK, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodPatch, patchJSON, userAdmin, http.StatusOK, 0}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodPatch, patchJSON, userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodPatch, patchJSON, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodPatch, patchJSON, userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodPatch, patchJSON, userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodPatch, patchJSON, userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodPatch, patchJSON, userEditor, http.StatusOK, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodPatch, patchJSON, userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodPatch, patchJSON, userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodPatch, patchJSON, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodPatch, patchJSON, userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodPatch, patchJSON, userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodPatch, patchJSON, userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodPatch, patchJSON, userEditor, http.StatusOK, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodPatch, patchJSON, userAdmin, http.StatusOK, 0}, - - // Invalid boardID/blockID combination - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-3", methodPatch, patchJSON, userAdmin, http.StatusNotFound, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsDeleteBoardBlock(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodDelete, "", userEditor, http.StatusOK, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-8", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3", methodDelete, "", userEditor, http.StatusOK, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-7", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2", methodDelete, "", userEditor, http.StatusOK, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-6", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1", methodDelete, "", userEditor, http.StatusOK, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-5", methodDelete, "", userAdmin, http.StatusOK, 0}, - - // Invalid boardID/blockID combination - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-3", methodDelete, "", userAdmin, http.StatusNotFound, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUndeleteBoardBlock(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-1", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-2", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-3", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-4", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-5", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-6", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-7", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-8", userAdmin) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/undelete", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/undelete", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/undelete", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/undelete", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/undelete", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-8/undelete", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/undelete", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/undelete", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/undelete", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/undelete", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/undelete", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-7/undelete", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/undelete", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/undelete", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/undelete", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/undelete", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/undelete", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-6/undelete", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/undelete", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/undelete", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/undelete", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/undelete", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/undelete", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-5/undelete", methodPost, "", userAdmin, http.StatusOK, 1}, - - // Invalid boardID/blockID combination - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-3/undelete", methodPost, "", userAdmin, http.StatusNotFound, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUndeleteBoard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - err := th.Server.App().DeleteBoard(testData.publicBoard.ID, userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBoard(testData.privateBoard.ID, userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBoard(testData.publicTemplate.ID, userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBoard(testData.privateTemplate.ID, userAdmin) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/undelete", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/undelete", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/undelete", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/undelete", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/undelete", methodPost, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/undelete", methodPost, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_BOARD_ID}/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/undelete", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/undelete", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/undelete", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/undelete", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/undelete", methodPost, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/undelete", methodPost, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/undelete", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/undelete", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/undelete", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/undelete", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/undelete", methodPost, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/undelete", methodPost, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsDuplicateBoardBlock(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/duplicate", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/duplicate", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/duplicate", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/duplicate", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/duplicate", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/duplicate", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/duplicate", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/duplicate", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/blocks/block-3/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/duplicate", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/duplicate", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/duplicate", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/duplicate", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks/block-2/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/duplicate", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/duplicate", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/duplicate", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/duplicate", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-1/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, - - // Invalid boardID/blockID combination - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-3/duplicate", methodPost, "", userAdmin, http.StatusNotFound, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetBoardMembers(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userViewer, http.StatusOK, 4}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userCommenter, http.StatusOK, 4}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userEditor, http.StatusOK, 4}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userAdmin, http.StatusOK, 4}, - - {"/boards/{PUBLIC_BOARD_ID}/members", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodGet, "", userViewer, http.StatusOK, 4}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodGet, "", userCommenter, http.StatusOK, 4}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodGet, "", userEditor, http.StatusOK, 4}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodGet, "", userAdmin, http.StatusOK, 4}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodGet, "", userViewer, http.StatusOK, 4}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodGet, "", userCommenter, http.StatusOK, 4}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodGet, "", userEditor, http.StatusOK, 4}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodGet, "", userAdmin, http.StatusOK, 4}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userViewer, http.StatusOK, 4}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userCommenter, http.StatusOK, 4}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userEditor, http.StatusOK, 4}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userAdmin, http.StatusOK, 4}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsCreateBoardMembers(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - boardMemberJSON := func(boardID string) string { - return toJSON(t, model.BoardMember{ - BoardID: boardID, - UserID: userTeamMember, - SchemeEditor: true, - }) - } - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUpdateBoardMember(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - boardMemberJSON := func(boardID string) string { - return toJSON(t, model.BoardMember{ - BoardID: boardID, - UserID: userTeamMember, - SchemeEditor: false, - SchemeViewer: true, - }) - } - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, - - // Invalid boardID/memberID combination - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodPut, "", userAdmin, http.StatusBadRequest, 0}, - - // Invalid boardID - {"/boards/invalid/members/{USER_VIEWER_ID}", methodPut, "", userAdmin, http.StatusBadRequest, 0}, - - // Invalid memberID - {"/boards/{PUBLIC_TEMPLATE_ID}/members/invalid", methodPut, "", userAdmin, http.StatusBadRequest, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsDeleteBoardMember(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - _, err := th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: userTeamMemberID, SchemeViewer: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: userTeamMemberID, SchemeViewer: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: userTeamMemberID, SchemeViewer: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: userTeamMemberID, SchemeViewer: true}) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - // Invalid boardID/memberID combination - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - // Invalid boardID - {"/boards/invalid/members/{USER_VIEWER_ID}", methodDelete, "", userAdmin, http.StatusNotFound, 0}, - - // Invalid memberID - {"/boards/{PUBLIC_TEMPLATE_ID}/members/invalid", methodDelete, "", userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsJoinBoardAsMember(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - - // Do we want to forbid already existing members to join to the board or simply return the current membership? - {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userAdmin, http.StatusForbidden, 0}, - - {"/boards/{PUBLIC_BOARD_ID}/join", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/join", methodPost, "", userNoTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/join", methodPost, "", userTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/join", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/join", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/join", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/join", methodPost, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/join", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/join", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/join", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/join", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/join", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/join", methodPost, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/join", methodPost, "", userAdmin, http.StatusForbidden, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userNoTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userTeamMember, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsLeaveBoardAsMember(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - _, err := th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: "not-real-user", SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: "not-real-user", SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: "not-real-user", SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: "not-real-user", SchemeAdmin: true}) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userViewer, http.StatusOK, 0}, - {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userCommenter, http.StatusOK, 0}, - {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userEditor, http.StatusOK, 0}, - {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userViewer, http.StatusOK, 0}, - {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userCommenter, http.StatusOK, 0}, - {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userEditor, http.StatusOK, 0}, - {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userViewer, http.StatusOK, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userCommenter, http.StatusOK, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userEditor, http.StatusOK, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userViewer, http.StatusOK, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userCommenter, http.StatusOK, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userEditor, http.StatusOK, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) - - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: userAdminID, SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: userAdminID, SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: userAdminID, SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: userAdminID, SchemeAdmin: true}) - require.NoError(t, err) - - require.NoError(t, th.Server.App().DeleteBoardMember(testData.publicBoard.ID, "not-real-user")) - require.NoError(t, th.Server.App().DeleteBoardMember(testData.privateBoard.ID, "not-real-user")) - require.NoError(t, th.Server.App().DeleteBoardMember(testData.publicTemplate.ID, "not-real-user")) - require.NoError(t, th.Server.App().DeleteBoardMember(testData.privateTemplate.ID, "not-real-user")) - - // Last admin leave should fail - ttCases = []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userAdmin, http.StatusBadRequest, 0}, - {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userAdmin, http.StatusBadRequest, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userAdmin, http.StatusBadRequest, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userAdmin, http.StatusBadRequest, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsShareBoard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - sharing := toJSON(t, model.Sharing{Enabled: true, Token: "test-token"}) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodPost, sharing, userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodPost, sharing, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodPost, sharing, userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodPost, sharing, userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodPost, sharing, userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodPost, sharing, userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodPost, sharing, userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodPost, sharing, userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodPost, sharing, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodPost, sharing, userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodPost, sharing, userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodPost, sharing, userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodPost, sharing, userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodPost, sharing, userAdmin, http.StatusOK, 0}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodPost, sharing, userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodPost, sharing, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodPost, sharing, userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodPost, sharing, userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodPost, sharing, userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodPost, sharing, userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodPost, sharing, userAdmin, http.StatusOK, 0}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetSharedBoardInfo(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - clients.Admin.PostSharing(&model.Sharing{ID: testData.publicBoard.ID, Enabled: true, Token: "test-token"}) - clients.Admin.PostSharing(&model.Sharing{ID: testData.privateBoard.ID, Enabled: true, Token: "test-token"}) - clients.Admin.PostSharing(&model.Sharing{ID: testData.publicTemplate.ID, Enabled: true, Token: "test-token"}) - clients.Admin.PostSharing(&model.Sharing{ID: testData.privateTemplate.ID, Enabled: true, Token: "test-token"}) - - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodGet, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodGet, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodGet, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/sharing", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodGet, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodGet, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodGet, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/sharing", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsListTeams(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/teams", methodGet, "", userViewer, http.StatusOK, 1}, - {"/teams", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/teams", methodGet, "", userEditor, http.StatusOK, 1}, - {"/teams", methodGet, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetTeam(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams/test-team", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userViewer, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userEditor, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userAdmin, http.StatusOK, 1}, - - // {"/teams/empty-team", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - // {"/teams/empty-team", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - // {"/teams/empty-team", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - // {"/teams/empty-team", methodGet, "", userViewer, http.StatusForbidden, 0}, - // {"/teams/empty-team", methodGet, "", userCommenter, http.StatusForbidden, 0}, - // {"/teams/empty-team", methodGet, "", userEditor, http.StatusForbidden, 0}, - // {"/teams/empty-team", methodGet, "", userAdmin, http.StatusForbidden, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsRegenerateSignupToken(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams/test-team/regenerate_signup_token", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/regenerate_signup_token", methodPost, "", userAdmin, http.StatusOK, 0}, - - {"/teams/empty-team/regenerate_signup_token", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/empty-team/regenerate_signup_token", methodPost, "", userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetTeamUsers(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams/test-team/users", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/users", methodGet, "", userNoTeamMember, http.StatusOK, 7}, - {"/teams/test-team/users", methodGet, "", userTeamMember, http.StatusOK, 7}, - {"/teams/test-team/users", methodGet, "", userViewer, http.StatusOK, 7}, - {"/teams/test-team/users", methodGet, "", userCommenter, http.StatusOK, 7}, - {"/teams/test-team/users", methodGet, "", userEditor, http.StatusOK, 7}, - {"/teams/test-team/users", methodGet, "", userAdmin, http.StatusOK, 7}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsTeamArchiveExport(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams/test-team/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/teams/empty-team/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/empty-team/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUploadFile(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userEditor, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions - {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userAdmin, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions - - {"/teams/test-team/{PUBLIC_BOARD_ID}/files", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/{PUBLIC_BOARD_ID}/files", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/{PUBLIC_BOARD_ID}/files", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/{PUBLIC_BOARD_ID}/files", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/teams/test-team/{PUBLIC_BOARD_ID}/files", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/teams/test-team/{PUBLIC_BOARD_ID}/files", methodPost, "", userEditor, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions - {"/teams/test-team/{PUBLIC_BOARD_ID}/files", methodPost, "", userAdmin, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions - - {"/teams/test-team/{PRIVATE_TEMPLATE_ID}/files", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/{PRIVATE_TEMPLATE_ID}/files", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/{PRIVATE_TEMPLATE_ID}/files", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/{PRIVATE_TEMPLATE_ID}/files", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/teams/test-team/{PRIVATE_TEMPLATE_ID}/files", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/teams/test-team/{PRIVATE_TEMPLATE_ID}/files", methodPost, "", userEditor, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions - {"/teams/test-team/{PRIVATE_TEMPLATE_ID}/files", methodPost, "", userAdmin, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions - - {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userViewer, http.StatusForbidden, 0}, - {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userCommenter, http.StatusForbidden, 0}, - {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userEditor, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions - {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userAdmin, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetMe(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/users/me", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/users/me", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/users/me", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/users/me", methodGet, "", userViewer, http.StatusOK, 1}, - {"/users/me", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/users/me", methodGet, "", userEditor, http.StatusOK, 1}, - {"/users/me", methodGet, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetMyMemberships(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/users/me/memberships", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/users/me/memberships", methodGet, "", userNoTeamMember, http.StatusOK, 0}, - {"/users/me/memberships", methodGet, "", userTeamMember, http.StatusOK, 0}, - {"/users/me/memberships", methodGet, "", userViewer, http.StatusOK, 4}, - {"/users/me/memberships", methodGet, "", userCommenter, http.StatusOK, 4}, - {"/users/me/memberships", methodGet, "", userEditor, http.StatusOK, 4}, - {"/users/me/memberships", methodGet, "", userAdmin, http.StatusOK, 4}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetUser(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userViewer, http.StatusOK, 1}, - {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userEditor, http.StatusOK, 1}, - {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/users/{USER_TEAM_MEMBER_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/users/{USER_TEAM_MEMBER_ID}", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/users/{USER_TEAM_MEMBER_ID}", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/users/{USER_TEAM_MEMBER_ID}", methodGet, "", userViewer, http.StatusOK, 1}, - {"/users/{USER_TEAM_MEMBER_ID}", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/users/{USER_TEAM_MEMBER_ID}", methodGet, "", userEditor, http.StatusOK, 1}, - {"/users/{USER_TEAM_MEMBER_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/users/{USER_VIEWER_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/users/{USER_VIEWER_ID}", methodGet, "", userNoTeamMember, http.StatusOK, 1}, - {"/users/{USER_VIEWER_ID}", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/users/{USER_VIEWER_ID}", methodGet, "", userViewer, http.StatusOK, 1}, - {"/users/{USER_VIEWER_ID}", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/users/{USER_VIEWER_ID}", methodGet, "", userEditor, http.StatusOK, 1}, - {"/users/{USER_VIEWER_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUserChangePassword(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - postBody := toJSON(t, api.ChangePasswordRequest{ - OldPassword: password, - NewPassword: "newpa$$word123", - }) - - ttCases := []TestCase{ - {"/users/{USER_ADMIN_ID}/changepassword", methodPost, postBody, userAnon, http.StatusUnauthorized, 0}, - {"/users/{USER_ADMIN_ID}/changepassword", methodPost, postBody, userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUpdateUserConfig(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - patch := toJSON(t, model.UserPropPatch{UpdatedFields: map[string]string{"test": "test"}}) - - ttCases := []TestCase{ - {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userAnon, http.StatusUnauthorized, 0}, - {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userNoTeamMember, http.StatusForbidden, 0}, - {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userTeamMember, http.StatusOK, 1}, - {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userViewer, http.StatusForbidden, 0}, - {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userCommenter, http.StatusForbidden, 0}, - {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userEditor, http.StatusForbidden, 0}, - {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userAdmin, http.StatusForbidden, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsCreateBoardsAndBlocks(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - bab := toJSON(t, model.BoardsAndBlocks{ - Boards: []*model.Board{{ID: "test", Title: "Test Board", TeamID: "test-team"}}, - Blocks: []model.Block{ - {ID: "test-block", BoardID: "test", Type: "card", CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - }, - }) - - ttCases := []TestCase{ - {"/boards-and-blocks", methodPost, bab, userAnon, http.StatusUnauthorized, 0}, - {"/boards-and-blocks", methodPost, bab, userNoTeamMember, http.StatusOK, 1}, - {"/boards-and-blocks", methodPost, bab, userTeamMember, http.StatusOK, 1}, - {"/boards-and-blocks", methodPost, bab, userViewer, http.StatusOK, 1}, - {"/boards-and-blocks", methodPost, bab, userCommenter, http.StatusOK, 1}, - {"/boards-and-blocks", methodPost, bab, userEditor, http.StatusOK, 1}, - {"/boards-and-blocks", methodPost, bab, userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUpdateBoardsAndBlocks(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - newTitle := "New Block Title" - bab := toJSON(t, model.PatchBoardsAndBlocks{ - BoardIDs: []string{testData.publicBoard.ID}, - BoardPatches: []*model.BoardPatch{{Title: &newTitle}}, - BlockIDs: []string{"block-3"}, - BlockPatches: []*model.BlockPatch{{Title: &newTitle}}, - }) - - ttCases := []TestCase{ - {"/boards-and-blocks", methodPatch, bab, userAnon, http.StatusUnauthorized, 0}, - {"/boards-and-blocks", methodPatch, bab, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userViewer, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userCommenter, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userEditor, http.StatusOK, 1}, - {"/boards-and-blocks", methodPatch, bab, userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) - - newType := model.BoardTypePrivate - // With type change - bab = toJSON(t, model.PatchBoardsAndBlocks{ - BoardIDs: []string{testData.publicBoard.ID}, - BoardPatches: []*model.BoardPatch{{Type: &newType}}, - BlockIDs: []string{"block-3"}, - BlockPatches: []*model.BlockPatch{{Title: &newTitle}}, - }) - - ttCases = []TestCase{ - {"/boards-and-blocks", methodPatch, bab, userAnon, http.StatusUnauthorized, 0}, - {"/boards-and-blocks", methodPatch, bab, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userViewer, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userCommenter, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userEditor, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsDeleteBoardsAndBlocks(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - bab := toJSON(t, model.DeleteBoardsAndBlocks{ - Boards: []string{testData.publicBoard.ID}, - Blocks: []string{"block-3"}, - }) - - ttCases := []TestCase{ - {"/boards-and-blocks", methodDelete, bab, userAnon, http.StatusUnauthorized, 0}, - {"/boards-and-blocks", methodDelete, bab, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userViewer, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userCommenter, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userEditor, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsLogin(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - loginReq := func(username, password string) string { - return toJSON(t, api.LoginRequest{ - Type: "normal", - Username: username, - Password: password, - }) - } - - ttCases := []TestCase{ - {"/login", methodPost, loginReq(userAnon, password), userAnon, http.StatusUnauthorized, 0}, - {"/login", methodPost, loginReq(userAdmin, password), userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsLogout(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/logout", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/logout", methodPost, "", userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsRegister(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - team, resp := th.Client.GetTeam(model.GlobalTeamID) - th.CheckOK(resp) - require.NotNil(th.T, team) - require.NotNil(th.T, team.SignupToken) - - postData := toJSON(t, api.RegisterRequest{ - Username: "newuser", - Email: "newuser@test.com", - Password: password, - Token: team.SignupToken, - }) - - ttCases := []TestCase{ - {"/register", methodPost, postData, userAnon, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsClientConfig(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/clientConfig", methodGet, "", userAnon, http.StatusOK, 1}, - {"/clientConfig", methodGet, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetCategories(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams/test-team/categories", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories", methodGet, "", userNoTeamMember, http.StatusOK, 0}, - {"/teams/test-team/categories", methodGet, "", userTeamMember, http.StatusOK, 0}, - {"/teams/test-team/categories", methodGet, "", userViewer, http.StatusOK, 0}, - {"/teams/test-team/categories", methodGet, "", userCommenter, http.StatusOK, 0}, - {"/teams/test-team/categories", methodGet, "", userEditor, http.StatusOK, 0}, - {"/teams/test-team/categories", methodGet, "", userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsCreateCategory(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - category := func(userID string) string { - return toJSON(t, model.Category{ - Name: "Test category", - TeamID: "test-team", - UserID: userID, - CreateAt: model.GetMillis(), - UpdateAt: model.GetMillis(), - }) - } - - ttCases := []TestCase{ - {"/teams/test-team/categories", methodPost, category(""), userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories", methodPost, category(userNoTeamMemberID), userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userTeamMemberID), userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userViewerID), userViewer, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userCommenterID), userCommenter, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userEditorID), userEditor, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userAdminID), userAdmin, http.StatusOK, 1}, - - {"/teams/test-team/categories", methodPost, category("other"), userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userTeamMember, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userViewer, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userCommenter, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userEditor, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userAdmin, http.StatusBadRequest, 0}, - - {"/teams/other-team/categories", methodPost, category(""), userAnon, http.StatusUnauthorized, 0}, - {"/teams/other-team/categories", methodPost, category(userNoTeamMemberID), userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userTeamMemberID), userTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userViewerID), userViewer, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userCommenterID), userCommenter, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userEditorID), userEditor, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userAdminID), userAdmin, http.StatusBadRequest, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUpdateCategory(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - categoryNoTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryViewer, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryCommenter, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryEditor, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryAdmin, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - - category := func(userID string, categoryID string) string { - return toJSON(t, model.Category{ - ID: categoryID, - Name: "Test category", - TeamID: "test-team", - UserID: userID, - CreateAt: model.GetMillis(), - UpdateAt: model.GetMillis(), - }) - } - - ttCases := []TestCase{ - {"/teams/test-team/categories/any", methodPut, category("", "any"), userAnonID, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories/" + categoryNoTeamMember.ID, methodPut, category(userNoTeamMemberID, categoryNoTeamMember.ID), userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryTeamMember.ID, methodPut, category(userTeamMemberID, categoryTeamMember.ID), userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryViewer.ID, methodPut, category(userViewerID, categoryViewer.ID), userViewer, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryCommenter.ID, methodPut, category(userCommenterID, categoryCommenter.ID), userCommenter, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryEditor.ID, methodPut, category(userEditorID, categoryEditor.ID), userEditor, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryAdmin.ID, methodPut, category(userAdminID, categoryAdmin.ID), userAdmin, http.StatusOK, 1}, - - {"/teams/test-team/categories/any", methodPut, category("other", "any"), userAnonID, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories/" + categoryNoTeamMember.ID, methodPut, category("other", categoryNoTeamMember.ID), userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryTeamMember.ID, methodPut, category("other", categoryTeamMember.ID), userTeamMember, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryViewer.ID, methodPut, category("other", categoryViewer.ID), userViewer, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryCommenter.ID, methodPut, category("other", categoryCommenter.ID), userCommenter, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryEditor.ID, methodPut, category("other", categoryEditor.ID), userEditor, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryAdmin.ID, methodPut, category("other", categoryAdmin.ID), userAdmin, http.StatusBadRequest, 0}, - - {"/teams/other-team/categories/any", methodPut, category("", "any"), userAnonID, http.StatusUnauthorized, 0}, - {"/teams/other-team/categories/" + categoryNoTeamMember.ID, methodPut, category(userNoTeamMemberID, categoryNoTeamMember.ID), userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryTeamMember.ID, methodPut, category(userTeamMemberID, categoryTeamMember.ID), userTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryViewer.ID, methodPut, category(userViewerID, categoryViewer.ID), userViewer, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryCommenter.ID, methodPut, category(userCommenterID, categoryCommenter.ID), userCommenter, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryEditor.ID, methodPut, category(userEditorID, categoryEditor.ID), userEditor, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryAdmin.ID, methodPut, category(userAdminID, categoryAdmin.ID), userAdmin, http.StatusBadRequest, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsDeleteCategory(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - categoryNoTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryViewer, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryCommenter, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryEditor, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryAdmin, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/teams/other-team/categories/any", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/other-team/categories/" + categoryNoTeamMember.ID, methodDelete, "", userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryTeamMember.ID, methodDelete, "", userTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryViewer.ID, methodDelete, "", userViewer, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryCommenter.ID, methodDelete, "", userCommenter, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryEditor.ID, methodDelete, "", userEditor, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryAdmin.ID, methodDelete, "", userAdmin, http.StatusBadRequest, 0}, - - {"/teams/test-team/categories/any", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories/" + categoryNoTeamMember.ID, methodDelete, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryTeamMember.ID, methodDelete, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryViewer.ID, methodDelete, "", userViewer, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryCommenter.ID, methodDelete, "", userCommenter, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryEditor.ID, methodDelete, "", userEditor, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryAdmin.ID, methodDelete, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsUpdateCategoryBoard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - categoryNoTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryViewer, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryCommenter, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryEditor, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryAdmin, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/teams/test-team/categories/any/boards/any", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories/" + categoryNoTeamMember.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userNoTeamMember, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryTeamMember.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userTeamMember, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryViewer.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userViewer, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryCommenter.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userCommenter, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryEditor.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userEditor, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryAdmin.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userAdmin, http.StatusOK, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetFile(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - newFileID, err := th.Server.App().SaveFile(bytes.NewBuffer([]byte("test")), "test-team", testData.privateBoard.ID, "test.png") - require.NoError(t, err) - - ttCases := []TestCase{ - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userViewer, http.StatusOK, 1}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userCommenter, http.StatusOK, 1}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userEditor, http.StatusOK, 1}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID + "?read_token=invalid", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID + "?read_token=valid", methodGet, "", userAnon, http.StatusOK, 1}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID + "?read_token=invalid", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID + "?read_token=valid", methodGet, "", userTeamMember, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsCreateSubscription(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - subscription := func(userID string) string { - return toJSON(t, model.Subscription{ - BlockType: "card", - BlockID: "block-3", - SubscriberType: "user", - SubscriberID: userID, - CreateAt: model.GetMillis(), - }) - } - ttCases := []TestCase{ - {"/subscriptions", methodPost, subscription(""), userAnon, http.StatusUnauthorized, 0}, - {"/subscriptions", methodPost, subscription(userNoTeamMemberID), userNoTeamMember, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userTeamMemberID), userTeamMember, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userViewerID), userViewer, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userCommenterID), userCommenter, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userEditorID), userEditor, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userAdminID), userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsGetSubscriptions(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/subscriptions/{USER_ANON_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/subscriptions/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userNoTeamMember, http.StatusOK, 0}, - {"/subscriptions/{USER_TEAM_MEMBER_ID}", methodGet, "", userTeamMember, http.StatusOK, 0}, - {"/subscriptions/{USER_VIEWER_ID}", methodGet, "", userViewer, http.StatusOK, 0}, - {"/subscriptions/{USER_COMMENTER_ID}", methodGet, "", userCommenter, http.StatusOK, 0}, - {"/subscriptions/{USER_EDITOR_ID}", methodGet, "", userEditor, http.StatusOK, 0}, - {"/subscriptions/{USER_ADMIN_ID}", methodGet, "", userAdmin, http.StatusOK, 0}, - - {"/subscriptions/other", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/subscriptions/other", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/subscriptions/other", methodGet, "", userViewer, http.StatusForbidden, 0}, - {"/subscriptions/other", methodGet, "", userCommenter, http.StatusForbidden, 0}, - {"/subscriptions/other", methodGet, "", userEditor, http.StatusForbidden, 0}, - {"/subscriptions/other", methodGet, "", userAdmin, http.StatusForbidden, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsDeleteSubscription(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - _, err := th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userNoTeamMemberID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userTeamMemberID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userViewerID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userCommenterID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userEditorID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userAdminID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: "other", CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/subscriptions/block-3/{USER_ANON_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/subscriptions/block-3/{USER_NO_TEAM_MEMBER_ID}", methodDelete, "", userNoTeamMember, http.StatusOK, 0}, - {"/subscriptions/block-3/{USER_TEAM_MEMBER_ID}", methodDelete, "", userTeamMember, http.StatusOK, 0}, - {"/subscriptions/block-3/{USER_VIEWER_ID}", methodDelete, "", userViewer, http.StatusOK, 0}, - {"/subscriptions/block-3/{USER_COMMENTER_ID}", methodDelete, "", userCommenter, http.StatusOK, 0}, - {"/subscriptions/block-3/{USER_EDITOR_ID}", methodDelete, "", userEditor, http.StatusOK, 0}, - {"/subscriptions/block-3/{USER_ADMIN_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, - - {"/subscriptions/block-3/other", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/subscriptions/block-3/other", methodDelete, "", userTeamMember, http.StatusForbidden, 0}, - {"/subscriptions/block-3/other", methodDelete, "", userViewer, http.StatusForbidden, 0}, - {"/subscriptions/block-3/other", methodDelete, "", userCommenter, http.StatusForbidden, 0}, - {"/subscriptions/block-3/other", methodDelete, "", userEditor, http.StatusForbidden, 0}, - {"/subscriptions/block-3/other", methodDelete, "", userAdmin, http.StatusForbidden, 0}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsOnboard(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - err := th.Server.App().InitTemplates() - require.NoError(t, err, "InitTemplates should not fail") - - ttCases := []TestCase{ - {"/teams/test-team/onboard", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/onboard", methodPost, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/onboard", methodPost, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/onboard", methodPost, "", userViewer, http.StatusOK, 1}, - {"/teams/test-team/onboard", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/teams/test-team/onboard", methodPost, "", userEditor, http.StatusOK, 1}, - {"/teams/test-team/onboard", methodPost, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsBoardArchiveExport(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_BOARD_ID}/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/archive/export", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/archive/export", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/archive/export", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/archive/export", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/archive/export", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/archive/export", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/archive/export", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/archive/export", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/archive/export", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/archive/export", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userViewer, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} - -func TestLocalPermissionsBoardArchiveImport(t *testing.T) { - th := SetupTestHelperLocalMode(t) - defer th.TearDown() - clients := setupLocalClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/teams/test-team/archive/import", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/archive/import", methodPost, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/archive/import", methodPost, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/archive/import", methodPost, "", userViewer, http.StatusOK, 1}, - {"/teams/test-team/archive/import", methodPost, "", userCommenter, http.StatusOK, 1}, - {"/teams/test-team/archive/import", methodPost, "", userEditor, http.StatusOK, 1}, - {"/teams/test-team/archive/import", methodPost, "", userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) -} diff --git a/server/integrationtests/permissions_test.go b/server/integrationtests/permissions_test.go index 7bf4c9154..e2fbcfadc 100644 --- a/server/integrationtests/permissions_test.go +++ b/server/integrationtests/permissions_test.go @@ -74,6 +74,47 @@ func setupClients(th *TestHelper) Clients { return clients } +func setupLocalClients(th *TestHelper) Clients { + th.Client = client.NewClient(th.Server.Config().ServerRoot, "") + th.RegisterAndLogin(th.Client, "sysadmin", "sysadmin@sample.com", password, "") + + clients := Clients{ + Anon: client.NewClient(th.Server.Config().ServerRoot, ""), + NoTeamMember: client.NewClient(th.Server.Config().ServerRoot, ""), + TeamMember: client.NewClient(th.Server.Config().ServerRoot, ""), + Viewer: client.NewClient(th.Server.Config().ServerRoot, ""), + Commenter: client.NewClient(th.Server.Config().ServerRoot, ""), + Editor: client.NewClient(th.Server.Config().ServerRoot, ""), + Admin: client.NewClient(th.Server.Config().ServerRoot, ""), + } + + // get token + team, resp := th.Client.GetTeam(model.GlobalTeamID) + th.CheckOK(resp) + require.NotNil(th.T, team) + require.NotNil(th.T, team.SignupToken) + + th.RegisterAndLogin(clients.NoTeamMember, userNoTeamMember, userNoTeamMember+"@sample.com", password, team.SignupToken) + userNoTeamMemberID = clients.NoTeamMember.GetUserID() + + th.RegisterAndLogin(clients.TeamMember, userTeamMember, userTeamMember+"@sample.com", password, team.SignupToken) + userTeamMemberID = clients.TeamMember.GetUserID() + + th.RegisterAndLogin(clients.Viewer, userViewer, userViewer+"@sample.com", password, team.SignupToken) + userViewerID = clients.Viewer.GetUserID() + + th.RegisterAndLogin(clients.Commenter, userCommenter, userCommenter+"@sample.com", password, team.SignupToken) + userCommenterID = clients.Commenter.GetUserID() + + th.RegisterAndLogin(clients.Editor, userEditor, userEditor+"@sample.com", password, team.SignupToken) + userEditorID = clients.Editor.GetUserID() + + th.RegisterAndLogin(clients.Admin, userAdmin, userAdmin+"@sample.com", password, team.SignupToken) + userAdminID = clients.Admin.GetUserID() + + return clients +} + func toJSON(t *testing.T, obj interface{}) string { result, err := json.Marshal(obj) require.NoError(t, err) @@ -268,11 +309,6 @@ func runTestCases(t *testing.T, ttCases []TestCase, testData TestData, clients C } func TestPermissionsGetTeamBoards(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/teams/test-team/boards", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/teams/test-team/boards", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -282,15 +318,26 @@ func TestPermissionsGetTeamBoards(t *testing.T) { {"/teams/test-team/boards", methodGet, "", userEditor, http.StatusOK, 2}, {"/teams/test-team/boards", methodGet, "", userAdmin, http.StatusOK, 2}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[1].expectedStatusCode = http.StatusOK + ttCases[1].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsSearchTeamBoards(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ // Search boards {"/teams/test-team/boards/search?q=b", methodGet, "", userAnon, http.StatusUnauthorized, 0}, @@ -301,17 +348,29 @@ func TestPermissionsSearchTeamBoards(t *testing.T) { {"/teams/test-team/boards/search?q=b", methodGet, "", userEditor, http.StatusOK, 2}, {"/teams/test-team/boards/search?q=b", methodGet, "", userAdmin, http.StatusOK, 2}, } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[1].expectedStatusCode = http.StatusOK + ttCases[1].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetTeamTemplates(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - err := th.Server.App().InitTemplates() - require.NoError(t, err, "InitTemplates should succeed") + extraSetup := func(t *testing.T, th *TestHelper) { + err := th.Server.App().InitTemplates() + require.NoError(t, err, "InitTemplates should succeed") + } builtInTemplateCount := 7 @@ -333,15 +392,28 @@ func TestPermissionsGetTeamTemplates(t *testing.T) { {"/teams/0/templates", methodGet, "", userEditor, http.StatusOK, builtInTemplateCount}, {"/teams/0/templates", methodGet, "", userAdmin, http.StatusOK, builtInTemplateCount}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th) + ttCases[1].expectedStatusCode = http.StatusOK + ttCases[1].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsCreateBoard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - publicBoard := toJSON(t, model.Board{Title: "Board To Create", TeamID: "test-team", Type: model.BoardTypeOpen}) privateBoard := toJSON(t, model.Board{Title: "Board To Create", TeamID: "test-team", Type: model.BoardTypeOpen}) @@ -356,15 +428,27 @@ func TestPermissionsCreateBoard(t *testing.T) { {"/boards", methodPost, privateBoard, userNoTeamMember, http.StatusForbidden, 0}, {"/boards", methodPost, privateBoard, userTeamMember, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[1].expectedStatusCode = http.StatusOK + ttCases[1].totalResults = 1 + ttCases[4].expectedStatusCode = http.StatusOK + ttCases[4].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetBoard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/boards/{PRIVATE_BOARD_ID}", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -403,15 +487,27 @@ func TestPermissionsGetBoard(t *testing.T) { {"/boards/{PRIVATE_BOARD_ID}?read_token=invalid", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, {"/boards/{PRIVATE_BOARD_ID}?read_token=valid", methodGet, "", userTeamMember, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[8].expectedStatusCode = http.StatusOK + ttCases[8].totalResults = 1 + ttCases[22].expectedStatusCode = http.StatusOK + ttCases[22].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsPatchBoard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userAnon, http.StatusUnauthorized, 0}, {"/boards/{PRIVATE_BOARD_ID}", methodPatch, "{\"title\": \"test\"}", userNoTeamMember, http.StatusForbidden, 0}, @@ -445,15 +541,24 @@ func TestPermissionsPatchBoard(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userEditor, http.StatusOK, 1}, {"/boards/{PUBLIC_TEMPLATE_ID}", methodPatch, "{\"title\": \"test\"}", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsDeleteBoard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, {"/boards/{PRIVATE_BOARD_ID}", methodDelete, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -487,15 +592,24 @@ func TestPermissionsDeleteBoard(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userEditor, http.StatusForbidden, 0}, {"/boards/{PUBLIC_TEMPLATE_ID}", methodDelete, "", userAdmin, http.StatusOK, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsDuplicateBoard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - // In same team ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, @@ -530,7 +644,22 @@ func TestPermissionsDuplicateBoard(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userEditor, http.StatusOK, 1}, {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate", methodPost, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin-same-team", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local-same-team", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[22].expectedStatusCode = http.StatusOK + ttCases[22].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) // In other team ttCases = []TestCase{ @@ -566,7 +695,22 @@ func TestPermissionsDuplicateBoard(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userEditor, http.StatusOK, 1}, {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=other-team", methodPost, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin-other-team", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local-other-team", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[22].expectedStatusCode = http.StatusOK + ttCases[22].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) // In empty team ttCases = []TestCase{ @@ -602,15 +746,16 @@ func TestPermissionsDuplicateBoard(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=empty-team", methodPost, "", userEditor, http.StatusForbidden, 0}, {"/boards/{PUBLIC_TEMPLATE_ID}/duplicate?toTeam=empty-team", methodPost, "", userAdmin, http.StatusForbidden, 0}, } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin-empty-team", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetBoardBlocks(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/boards/{PRIVATE_BOARD_ID}/blocks", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -649,73 +794,94 @@ func TestPermissionsGetBoardBlocks(t *testing.T) { {"/boards/{PRIVATE_BOARD_ID}/blocks?read_token=invalid", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, {"/boards/{PRIVATE_BOARD_ID}/blocks?read_token=valid", methodGet, "", userTeamMember, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[22].expectedStatusCode = http.StatusOK + ttCases[22].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsCreateBoardBlocks(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCasesF := func(testData TestData) []TestCase { + counter := 0 + newBlockJSON := func(boardID string) string { + counter++ + return toJSON(t, []*model.Block{{ + ID: fmt.Sprintf("%d", counter), + Title: "Board To Create", + BoardID: boardID, + Type: "card", + CreateAt: model.GetMillis(), + UpdateAt: model.GetMillis(), + }}) + } - counter := 0 - newBlockJSON := func(boardID string) string { - counter++ - return toJSON(t, []*model.Block{{ - ID: fmt.Sprintf("%d", counter), - Title: "Board To Create", - BoardID: boardID, - Type: "card", - CreateAt: model.GetMillis(), - UpdateAt: model.GetMillis(), - }}) + return []TestCase{ + {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userEditor, http.StatusOK, 1}, + {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userEditor, http.StatusOK, 1}, + {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userEditor, http.StatusOK, 1}, + {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userEditor, http.StatusOK, 1}, + {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, + } } - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_BOARD_ID}/blocks", methodPost, newBlockJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userEditor, http.StatusOK, 1}, - {"/boards/{PRIVATE_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userEditor, http.StatusOK, 1}, - {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPost, newBlockJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsPatchBoardBlocks(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - counter := 0 newBlocksPatchJSON := func(blockID string) string { - counter++ newTitle := "New Patch Block Title" return toJSON(t, model.BlockPatchBatch{ BlockIDs: []string{blockID}, @@ -758,15 +924,24 @@ func TestPermissionsPatchBoardBlocks(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userEditor, http.StatusOK, 0}, {"/boards/{PUBLIC_TEMPLATE_ID}/blocks", methodPatch, newBlocksPatchJSON("block-1"), userAdmin, http.StatusOK, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsPatchBoardBlock(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - newTitle := "New Patch Title" patchJSON := toJSON(t, model.BlockPatch{Title: &newTitle}) @@ -806,23 +981,34 @@ func TestPermissionsPatchBoardBlock(t *testing.T) { // Invalid boardID/blockID combination {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-3", methodPatch, patchJSON, userAdmin, http.StatusNotFound, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsDeleteBoardBlock(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) - require.NoError(t, err) + extraSetup := func(t *testing.T, th *TestHelper, testData TestData) { + err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) + require.NoError(t, err) + } ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, @@ -860,39 +1046,52 @@ func TestPermissionsDeleteBoardBlock(t *testing.T) { // Invalid boardID/blockID combination {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-3", methodDelete, "", userAdmin, http.StatusNotFound, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsUndeleteBoardBlock(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-1", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-2", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-3", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-4", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-5", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-6", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-7", userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBlock("block-8", userAdmin) - require.NoError(t, err) + extraSetup := func(t *testing.T, th *TestHelper, testData TestData) { + err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBlock("block-1", userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBlock("block-2", userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBlock("block-3", userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBlock("block-4", userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBlock("block-5", userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBlock("block-6", userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBlock("block-7", userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBlock("block-8", userAdmin) + require.NoError(t, err) + } ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, @@ -930,23 +1129,36 @@ func TestPermissionsUndeleteBoardBlock(t *testing.T) { // Invalid boardID/blockID combination {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-3/undelete", methodPost, "", userAdmin, http.StatusNotFound, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsUndeleteBoard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - err := th.Server.App().DeleteBoard(testData.publicBoard.ID, userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBoard(testData.privateBoard.ID, userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBoard(testData.publicTemplate.ID, userAdmin) - require.NoError(t, err) - err = th.Server.App().DeleteBoard(testData.privateTemplate.ID, userAdmin) - require.NoError(t, err) + extraSetup := func(t *testing.T, th *TestHelper, testData TestData) { + err := th.Server.App().DeleteBoard(testData.publicBoard.ID, userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBoard(testData.privateBoard.ID, userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBoard(testData.publicTemplate.ID, userAdmin) + require.NoError(t, err) + err = th.Server.App().DeleteBoard(testData.privateTemplate.ID, userAdmin) + require.NoError(t, err) + } ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/undelete", methodPost, "", userAnon, http.StatusUnauthorized, 0}, @@ -981,23 +1193,36 @@ func TestPermissionsUndeleteBoard(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userEditor, http.StatusForbidden, 0}, {"/boards/{PUBLIC_TEMPLATE_ID}/undelete", methodPost, "", userAdmin, http.StatusOK, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsDuplicateBoardBlock(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) - require.NoError(t, err) - err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) - require.NoError(t, err) + extraSetup := func(t *testing.T, th *TestHelper, testData TestData) { + err := th.Server.App().InsertBlock(model.Block{ID: "block-5", Title: "Test", Type: "card", BoardID: testData.publicTemplate.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-6", Title: "Test", Type: "card", BoardID: testData.privateTemplate.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-7", Title: "Test", Type: "card", BoardID: testData.publicBoard.ID}, userAdmin) + require.NoError(t, err) + err = th.Server.App().InsertBlock(model.Block{ID: "block-8", Title: "Test", Type: "card", BoardID: testData.privateBoard.ID}, userAdmin) + require.NoError(t, err) + } ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/blocks/block-4/duplicate", methodPost, "", userAnon, http.StatusUnauthorized, 0}, @@ -1035,15 +1260,26 @@ func TestPermissionsDuplicateBoardBlock(t *testing.T) { // Invalid boardID/blockID combination {"/boards/{PUBLIC_TEMPLATE_ID}/blocks/block-3/duplicate", methodPost, "", userAdmin, http.StatusNotFound, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetBoardMembers(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/boards/{PRIVATE_BOARD_ID}/members", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -1077,133 +1313,170 @@ func TestPermissionsGetBoardMembers(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userEditor, http.StatusOK, 4}, {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodGet, "", userAdmin, http.StatusOK, 4}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsCreateBoardMembers(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCasesF := func(testData TestData) []TestCase { + boardMemberJSON := func(boardID string) string { + return toJSON(t, model.BoardMember{ + BoardID: boardID, + UserID: userTeamMember, + SchemeEditor: true, + }) + } - boardMemberJSON := func(boardID string) string { - return toJSON(t, model.BoardMember{ - BoardID: boardID, - UserID: userTeamMember, - SchemeEditor: true, - }) + return []TestCase{ + {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userEditor, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userEditor, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userEditor, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userEditor, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, + } } - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members", methodPost, boardMemberJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members", methodPost, boardMemberJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members", methodPost, boardMemberJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsUpdateBoardMember(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCasesF := func(testData TestData) []TestCase { + boardMemberJSON := func(boardID string) string { + return toJSON(t, model.BoardMember{ + BoardID: boardID, + UserID: userTeamMember, + SchemeEditor: false, + SchemeViewer: true, + }) + } - boardMemberJSON := func(boardID string) string { - return toJSON(t, model.BoardMember{ - BoardID: boardID, - UserID: userTeamMember, - SchemeEditor: false, - SchemeViewer: true, - }) + return []TestCase{ + {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userEditor, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userEditor, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userEditor, http.StatusForbidden, 0}, + {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, + + {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userEditor, http.StatusForbidden, 0}, + {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, + + // Invalid boardID/memberID combination + {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodPut, "", userAdmin, http.StatusBadRequest, 0}, + + // Invalid boardID + {"/boards/invalid/members/{USER_VIEWER_ID}", methodPut, "", userAdmin, http.StatusBadRequest, 0}, + + // Invalid memberID + {"/boards/{PUBLIC_TEMPLATE_ID}/members/invalid", methodPut, "", userAdmin, http.StatusBadRequest, 0}, + } } - ttCases := []TestCase{ - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_BOARD_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicBoard.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PRIVATE_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.privateTemplate.ID), userAdmin, http.StatusOK, 1}, - - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userAnon, http.StatusUnauthorized, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userNoTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userTeamMember, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userViewer, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userCommenter, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userEditor, http.StatusForbidden, 0}, - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_VIEWER_ID}", methodPut, boardMemberJSON(testData.publicTemplate.ID), userAdmin, http.StatusOK, 1}, - - // Invalid boardID/memberID combination - {"/boards/{PUBLIC_TEMPLATE_ID}/members/{USER_TEAM_MEMBER_ID}", methodPut, "", userAdmin, http.StatusBadRequest, 0}, - - // Invalid boardID - {"/boards/invalid/members/{USER_VIEWER_ID}", methodPut, "", userAdmin, http.StatusBadRequest, 0}, - - // Invalid memberID - {"/boards/{PUBLIC_TEMPLATE_ID}/members/invalid", methodPut, "", userAdmin, http.StatusBadRequest, 0}, - } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsDeleteBoardMember(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - _, err := th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: userTeamMemberID, SchemeViewer: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: userTeamMemberID, SchemeViewer: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: userTeamMemberID, SchemeViewer: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: userTeamMemberID, SchemeViewer: true}) - require.NoError(t, err) + extraSetup := func(t *testing.T, th *TestHelper, testData TestData) { + _, err := th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: userTeamMemberID, SchemeViewer: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: userTeamMemberID, SchemeViewer: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: userTeamMemberID, SchemeViewer: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: userTeamMemberID, SchemeViewer: true}) + require.NoError(t, err) + } ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/members/{USER_TEAM_MEMBER_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, @@ -1247,15 +1520,26 @@ func TestPermissionsDeleteBoardMember(t *testing.T) { // Invalid memberID {"/boards/{PUBLIC_TEMPLATE_ID}/members/invalid", methodDelete, "", userAdmin, http.StatusOK, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsJoinBoardAsMember(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userAnon, http.StatusUnauthorized, 0}, {"/boards/{PRIVATE_BOARD_ID}/join", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -1291,23 +1575,38 @@ func TestPermissionsJoinBoardAsMember(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userEditor, http.StatusOK, 1}, {"/boards/{PUBLIC_TEMPLATE_ID}/join", methodPost, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[8].expectedStatusCode = http.StatusOK + ttCases[8].totalResults = 1 + ttCases[22].expectedStatusCode = http.StatusOK + ttCases[22].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsLeaveBoardAsMember(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - _, err := th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: "not-real-user", SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: "not-real-user", SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: "not-real-user", SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: "not-real-user", SchemeAdmin: true}) - require.NoError(t, err) + extraSetup := func(t *testing.T, th *TestHelper, testData TestData) { + _, err := th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: "not-real-user", SchemeAdmin: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: "not-real-user", SchemeAdmin: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: "not-real-user", SchemeAdmin: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: "not-real-user", SchemeAdmin: true}) + require.NoError(t, err) + } ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userAnon, http.StatusUnauthorized, 0}, @@ -1342,38 +1641,66 @@ func TestPermissionsLeaveBoardAsMember(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userEditor, http.StatusOK, 0}, {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userAdmin, http.StatusOK, 0}, } - runTestCases(t, ttCases, testData, clients) - - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: userAdminID, SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: userAdminID, SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: userAdminID, SchemeAdmin: true}) - require.NoError(t, err) - _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: userAdminID, SchemeAdmin: true}) - require.NoError(t, err) - - require.NoError(t, th.Server.App().DeleteBoardMember(testData.publicBoard.ID, "not-real-user")) - require.NoError(t, th.Server.App().DeleteBoardMember(testData.privateBoard.ID, "not-real-user")) - require.NoError(t, th.Server.App().DeleteBoardMember(testData.publicTemplate.ID, "not-real-user")) - require.NoError(t, th.Server.App().DeleteBoardMember(testData.privateTemplate.ID, "not-real-user")) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) // Last admin leave should fail + extraSetup = func(t *testing.T, th *TestHelper, testData TestData) { + _, err := th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicBoard.ID, UserID: userAdminID, SchemeAdmin: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateBoard.ID, UserID: userAdminID, SchemeAdmin: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.publicTemplate.ID, UserID: userAdminID, SchemeAdmin: true}) + require.NoError(t, err) + _, err = th.Server.App().AddMemberToBoard(&model.BoardMember{BoardID: testData.privateTemplate.ID, UserID: userAdminID, SchemeAdmin: true}) + require.NoError(t, err) + + require.NoError(t, th.Server.App().DeleteBoardMember(testData.publicBoard.ID, "not-real-user")) + require.NoError(t, th.Server.App().DeleteBoardMember(testData.privateBoard.ID, "not-real-user")) + require.NoError(t, th.Server.App().DeleteBoardMember(testData.publicTemplate.ID, "not-real-user")) + require.NoError(t, th.Server.App().DeleteBoardMember(testData.privateTemplate.ID, "not-real-user")) + } + ttCases = []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/leave", methodPost, "", userAdmin, http.StatusBadRequest, 0}, {"/boards/{PUBLIC_BOARD_ID}/leave", methodPost, "", userAdmin, http.StatusBadRequest, 0}, {"/boards/{PRIVATE_TEMPLATE_ID}/leave", methodPost, "", userAdmin, http.StatusBadRequest, 0}, {"/boards/{PUBLIC_TEMPLATE_ID}/leave", methodPost, "", userAdmin, http.StatusBadRequest, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th, testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsShareBoard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - sharing := toJSON(t, model.Sharing{Enabled: true, Token: "test-token"}) ttCases := []TestCase{ @@ -1409,20 +1736,24 @@ func TestPermissionsShareBoard(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userEditor, http.StatusForbidden, 0}, {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodPost, sharing, userAdmin, http.StatusOK, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetSharedBoardInfo(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - clients.Admin.PostSharing(&model.Sharing{ID: testData.publicBoard.ID, Enabled: true, Token: "test-token"}) - clients.Admin.PostSharing(&model.Sharing{ID: testData.privateBoard.ID, Enabled: true, Token: "test-token"}) - clients.Admin.PostSharing(&model.Sharing{ID: testData.publicTemplate.ID, Enabled: true, Token: "test-token"}) - clients.Admin.PostSharing(&model.Sharing{ID: testData.privateTemplate.ID, Enabled: true, Token: "test-token"}) - ttCases := []TestCase{ {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/boards/{PRIVATE_BOARD_ID}/sharing", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -1456,15 +1787,36 @@ func TestPermissionsGetSharedBoardInfo(t *testing.T) { {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userEditor, http.StatusForbidden, 0}, {"/boards/{PUBLIC_TEMPLATE_ID}/sharing", methodGet, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + + clients.Admin.PostSharing(&model.Sharing{ID: testData.publicBoard.ID, Enabled: true, Token: "test-token"}) + clients.Admin.PostSharing(&model.Sharing{ID: testData.privateBoard.ID, Enabled: true, Token: "test-token"}) + clients.Admin.PostSharing(&model.Sharing{ID: testData.publicTemplate.ID, Enabled: true, Token: "test-token"}) + clients.Admin.PostSharing(&model.Sharing{ID: testData.privateTemplate.ID, Enabled: true, Token: "test-token"}) + + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + + clients.Admin.PostSharing(&model.Sharing{ID: testData.publicBoard.ID, Enabled: true, Token: "test-token"}) + clients.Admin.PostSharing(&model.Sharing{ID: testData.privateBoard.ID, Enabled: true, Token: "test-token"}) + clients.Admin.PostSharing(&model.Sharing{ID: testData.publicTemplate.ID, Enabled: true, Token: "test-token"}) + clients.Admin.PostSharing(&model.Sharing{ID: testData.privateTemplate.ID, Enabled: true, Token: "test-token"}) + + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsListTeams(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/teams", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/teams", methodGet, "", userNoTeamMember, http.StatusOK, 0}, @@ -1474,99 +1826,177 @@ func TestPermissionsListTeams(t *testing.T) { {"/teams", methodGet, "", userEditor, http.StatusOK, 2}, {"/teams", methodGet, "", userAdmin, http.StatusOK, 2}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[1].expectedStatusCode = http.StatusOK + for i := range ttCases { + ttCases[i].totalResults = 1 + } + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetTeam(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/teams/test-team", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, + {"/teams/test-team", methodGet, "", userTeamMember, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userViewer, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userCommenter, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userEditor, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userAdmin, http.StatusOK, 1}, - ttCases := []TestCase{ - {"/teams/test-team", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team", methodGet, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userViewer, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userCommenter, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userEditor, http.StatusOK, 1}, - {"/teams/test-team", methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/teams/empty-team", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/empty-team", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/teams/empty-team", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/teams/empty-team", methodGet, "", userViewer, http.StatusForbidden, 0}, - {"/teams/empty-team", methodGet, "", userCommenter, http.StatusForbidden, 0}, - {"/teams/empty-team", methodGet, "", userEditor, http.StatusForbidden, 0}, - {"/teams/empty-team", methodGet, "", userAdmin, http.StatusForbidden, 0}, - } - runTestCases(t, ttCases, testData, clients) + {"/teams/empty-team", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/empty-team", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, + {"/teams/empty-team", methodGet, "", userTeamMember, http.StatusForbidden, 0}, + {"/teams/empty-team", methodGet, "", userViewer, http.StatusForbidden, 0}, + {"/teams/empty-team", methodGet, "", userCommenter, http.StatusForbidden, 0}, + {"/teams/empty-team", methodGet, "", userEditor, http.StatusForbidden, 0}, + {"/teams/empty-team", methodGet, "", userAdmin, http.StatusForbidden, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/teams/test-team", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team", methodGet, "", userNoTeamMember, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userTeamMember, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userViewer, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userCommenter, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userEditor, http.StatusOK, 1}, + {"/teams/test-team", methodGet, "", userAdmin, http.StatusOK, 1}, + } + runTestCases(t, ttCases, testData, clients) + }) } -func TestPermissionsRegenerateSignupTokenPluginMode(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) +func TestPermissionsRegenerateSignupToken(t *testing.T) { + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/teams/test-team/regenerate_signup_token", methodPost, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/regenerate_signup_token", methodPost, "", userAdmin, http.StatusNotImplemented, 0}, - ttCases := []TestCase{ - {"/teams/test-team/regenerate_signup_token", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/regenerate_signup_token", methodPost, "", userAdmin, http.StatusNotImplemented, 0}, + {"/teams/empty-team/regenerate_signup_token", methodPost, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/empty-team/regenerate_signup_token", methodPost, "", userAdmin, http.StatusNotImplemented, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/teams/test-team/regenerate_signup_token", methodPost, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/regenerate_signup_token", methodPost, "", userAdmin, http.StatusOK, 0}, - {"/teams/empty-team/regenerate_signup_token", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/empty-team/regenerate_signup_token", methodPost, "", userAdmin, http.StatusNotImplemented, 0}, - } - runTestCases(t, ttCases, testData, clients) + {"/teams/empty-team/regenerate_signup_token", methodPost, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/empty-team/regenerate_signup_token", methodPost, "", userAdmin, http.StatusOK, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetTeamUsers(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/teams/test-team/users", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/users", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, + {"/teams/test-team/users", methodGet, "", userTeamMember, http.StatusOK, 5}, + {"/teams/test-team/users", methodGet, "", userViewer, http.StatusOK, 5}, + {"/teams/test-team/users", methodGet, "", userCommenter, http.StatusOK, 5}, + {"/teams/test-team/users", methodGet, "", userEditor, http.StatusOK, 5}, + {"/teams/test-team/users", methodGet, "", userAdmin, http.StatusOK, 5}, - ttCases := []TestCase{ - {"/teams/test-team/users", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/users", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/teams/test-team/users", methodGet, "", userTeamMember, http.StatusOK, 5}, - {"/teams/test-team/users", methodGet, "", userViewer, http.StatusOK, 5}, - {"/teams/test-team/users", methodGet, "", userCommenter, http.StatusOK, 5}, - {"/teams/test-team/users", methodGet, "", userEditor, http.StatusOK, 5}, - {"/teams/test-team/users", methodGet, "", userAdmin, http.StatusOK, 5}, - - {"/teams/empty-team/users", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/empty-team/users", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/teams/empty-team/users", methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/teams/empty-team/users", methodGet, "", userViewer, http.StatusForbidden, 0}, - {"/teams/empty-team/users", methodGet, "", userCommenter, http.StatusForbidden, 0}, - {"/teams/empty-team/users", methodGet, "", userEditor, http.StatusForbidden, 0}, - {"/teams/empty-team/users", methodGet, "", userAdmin, http.StatusForbidden, 0}, - } - runTestCases(t, ttCases, testData, clients) + {"/teams/empty-team/users", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/empty-team/users", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, + {"/teams/empty-team/users", methodGet, "", userTeamMember, http.StatusForbidden, 0}, + {"/teams/empty-team/users", methodGet, "", userViewer, http.StatusForbidden, 0}, + {"/teams/empty-team/users", methodGet, "", userCommenter, http.StatusForbidden, 0}, + {"/teams/empty-team/users", methodGet, "", userEditor, http.StatusForbidden, 0}, + {"/teams/empty-team/users", methodGet, "", userAdmin, http.StatusForbidden, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/teams/test-team/users", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/users", methodGet, "", userNoTeamMember, http.StatusOK, 7}, + {"/teams/test-team/users", methodGet, "", userTeamMember, http.StatusOK, 7}, + {"/teams/test-team/users", methodGet, "", userViewer, http.StatusOK, 7}, + {"/teams/test-team/users", methodGet, "", userCommenter, http.StatusOK, 7}, + {"/teams/test-team/users", methodGet, "", userEditor, http.StatusOK, 7}, + {"/teams/test-team/users", methodGet, "", userAdmin, http.StatusOK, 7}, + } + runTestCases(t, ttCases, testData, clients) + }) } -func TestPermissionsTeamArchiveExportPluginMode(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) +func TestPermissionsTeamArchiveExport(t *testing.T) { + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/teams/test-team/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/archive/export", methodGet, "", userAdmin, http.StatusNotImplemented, 0}, - ttCases := []TestCase{ - {"/teams/test-team/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/archive/export", methodGet, "", userAdmin, http.StatusNotImplemented, 0}, + {"/teams/empty-team/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/empty-team/archive/export", methodGet, "", userAdmin, http.StatusNotImplemented, 0}, + } - {"/teams/empty-team/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/empty-team/archive/export", methodGet, "", userAdmin, http.StatusNotImplemented, 0}, - } - runTestCases(t, ttCases, testData, clients) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/teams/test-team/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, + + {"/teams/empty-team/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/empty-team/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, + } + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsUploadFile(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userAnon, http.StatusUnauthorized, 0}, {"/teams/test-team/{PRIVATE_BOARD_ID}/files", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -1600,15 +2030,24 @@ func TestPermissionsUploadFile(t *testing.T) { {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userEditor, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions {"/teams/test-team/{PUBLIC_TEMPLATE_ID}/files", methodPost, "", userAdmin, http.StatusBadRequest, 1}, // Not checking the logic, only the permissions } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetMe(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/users/me", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/users/me", methodGet, "", userNoTeamMember, http.StatusOK, 1}, @@ -1618,15 +2057,24 @@ func TestPermissionsGetMe(t *testing.T) { {"/users/me", methodGet, "", userEditor, http.StatusOK, 1}, {"/users/me", methodGet, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetMyMemberships(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/users/me/memberships", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/users/me/memberships", methodGet, "", userNoTeamMember, http.StatusOK, 0}, @@ -1636,15 +2084,24 @@ func TestPermissionsGetMyMemberships(t *testing.T) { {"/users/me/memberships", methodGet, "", userEditor, http.StatusOK, 4}, {"/users/me/memberships", methodGet, "", userAdmin, http.StatusOK, 4}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetUser(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/users/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userNoTeamMember, http.StatusOK, 1}, @@ -1670,33 +2127,54 @@ func TestPermissionsGetUser(t *testing.T) { {"/users/{USER_VIEWER_ID}", methodGet, "", userEditor, http.StatusOK, 1}, {"/users/{USER_VIEWER_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } -func TestPermissionsUserChangePasswordPluginMode(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - +func TestPermissionsUserChangePassword(t *testing.T) { postBody := toJSON(t, api.ChangePasswordRequest{ OldPassword: password, NewPassword: "newpa$$word123", }) - ttCases := []TestCase{ - {"/users/{USER_ADMIN_ID}/changepassword", methodPost, postBody, userAnon, http.StatusUnauthorized, 0}, - {"/users/{USER_ADMIN_ID}/changepassword", methodPost, postBody, userAdmin, http.StatusNotImplemented, 0}, - } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/users/{USER_ADMIN_ID}/changepassword", methodPost, postBody, userAnon, http.StatusUnauthorized, 0}, + {"/users/{USER_ADMIN_ID}/changepassword", methodPost, postBody, userAdmin, http.StatusNotImplemented, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/users/{USER_ADMIN_ID}/changepassword", methodPost, postBody, userAnon, http.StatusUnauthorized, 0}, + {"/users/{USER_ADMIN_ID}/changepassword", methodPost, postBody, userAdmin, http.StatusOK, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsUpdateUserConfig(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - patch := toJSON(t, model.UserPropPatch{UpdatedFields: map[string]string{"test": "test"}}) ttCases := []TestCase{ @@ -1708,15 +2186,23 @@ func TestPermissionsUpdateUserConfig(t *testing.T) { {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userEditor, http.StatusForbidden, 0}, {"/users/{USER_TEAM_MEMBER_ID}/config", methodPut, patch, userAdmin, http.StatusForbidden, 0}, } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsCreateBoardsAndBlocks(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - bab := toJSON(t, model.BoardsAndBlocks{ Boards: []*model.Board{{ID: "test", Title: "Test Board", TeamID: "test-team"}}, Blocks: []model.Block{ @@ -1733,84 +2219,139 @@ func TestPermissionsCreateBoardsAndBlocks(t *testing.T) { {"/boards-and-blocks", methodPost, bab, userEditor, http.StatusOK, 1}, {"/boards-and-blocks", methodPost, bab, userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[1].expectedStatusCode = http.StatusOK + ttCases[1].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsUpdateBoardsAndBlocks(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCasesF := func(t *testing.T, testData TestData) []TestCase { + newTitle := "New Block Title" + bab := toJSON(t, model.PatchBoardsAndBlocks{ + BoardIDs: []string{testData.publicBoard.ID}, + BoardPatches: []*model.BoardPatch{{Title: &newTitle}}, + BlockIDs: []string{"block-3"}, + BlockPatches: []*model.BlockPatch{{Title: &newTitle}}, + }) - newTitle := "New Block Title" - bab := toJSON(t, model.PatchBoardsAndBlocks{ - BoardIDs: []string{testData.publicBoard.ID}, - BoardPatches: []*model.BoardPatch{{Title: &newTitle}}, - BlockIDs: []string{"block-3"}, - BlockPatches: []*model.BlockPatch{{Title: &newTitle}}, + return []TestCase{ + {"/boards-and-blocks", methodPatch, bab, userAnon, http.StatusUnauthorized, 0}, + {"/boards-and-blocks", methodPatch, bab, userNoTeamMember, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userTeamMember, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userViewer, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userCommenter, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userEditor, http.StatusOK, 1}, + {"/boards-and-blocks", methodPatch, bab, userAdmin, http.StatusOK, 1}, + } + } + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(t, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(t, testData) + runTestCases(t, ttCases, testData, clients) }) - ttCases := []TestCase{ - {"/boards-and-blocks", methodPatch, bab, userAnon, http.StatusUnauthorized, 0}, - {"/boards-and-blocks", methodPatch, bab, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userViewer, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userCommenter, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userEditor, http.StatusOK, 1}, - {"/boards-and-blocks", methodPatch, bab, userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) - - newType := model.BoardTypePrivate // With type change - bab = toJSON(t, model.PatchBoardsAndBlocks{ - BoardIDs: []string{testData.publicBoard.ID}, - BoardPatches: []*model.BoardPatch{{Type: &newType}}, - BlockIDs: []string{"block-3"}, - BlockPatches: []*model.BlockPatch{{Title: &newTitle}}, - }) + ttCasesF = func(t *testing.T, testData TestData) []TestCase { + newType := model.BoardTypePrivate + newTitle := "New Block Title" + bab := toJSON(t, model.PatchBoardsAndBlocks{ + BoardIDs: []string{testData.publicBoard.ID}, + BoardPatches: []*model.BoardPatch{{Type: &newType}}, + BlockIDs: []string{"block-3"}, + BlockPatches: []*model.BlockPatch{{Title: &newTitle}}, + }) - ttCases = []TestCase{ - {"/boards-and-blocks", methodPatch, bab, userAnon, http.StatusUnauthorized, 0}, - {"/boards-and-blocks", methodPatch, bab, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userViewer, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userCommenter, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userEditor, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodPatch, bab, userAdmin, http.StatusOK, 1}, + return []TestCase{ + {"/boards-and-blocks", methodPatch, bab, userAnon, http.StatusUnauthorized, 0}, + {"/boards-and-blocks", methodPatch, bab, userNoTeamMember, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userTeamMember, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userViewer, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userCommenter, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userEditor, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodPatch, bab, userAdmin, http.StatusOK, 1}, + } } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(t, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(t, testData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsDeleteBoardsAndBlocks(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - bab := toJSON(t, model.DeleteBoardsAndBlocks{ - Boards: []string{testData.publicBoard.ID}, - Blocks: []string{"block-3"}, - }) - - ttCases := []TestCase{ - {"/boards-and-blocks", methodDelete, bab, userAnon, http.StatusUnauthorized, 0}, - {"/boards-and-blocks", methodDelete, bab, userNoTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userTeamMember, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userViewer, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userCommenter, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userEditor, http.StatusForbidden, 0}, - {"/boards-and-blocks", methodDelete, bab, userAdmin, http.StatusOK, 0}, + ttCasesF := func(t *testing.T, testData TestData) []TestCase { + bab := toJSON(t, model.DeleteBoardsAndBlocks{ + Boards: []string{testData.publicBoard.ID}, + Blocks: []string{"block-3"}, + }) + return []TestCase{ + {"/boards-and-blocks", methodDelete, bab, userAnon, http.StatusUnauthorized, 0}, + {"/boards-and-blocks", methodDelete, bab, userNoTeamMember, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodDelete, bab, userTeamMember, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodDelete, bab, userViewer, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodDelete, bab, userCommenter, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodDelete, bab, userEditor, http.StatusForbidden, 0}, + {"/boards-and-blocks", methodDelete, bab, userAdmin, http.StatusOK, 0}, + } } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(t, testData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := ttCasesF(t, testData) + runTestCases(t, ttCases, testData, clients) + }) } -func TestPermissionsLoginPluginMode(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - +func TestPermissionsLogin(t *testing.T) { loginReq := func(username, password string) string { return toJSON(t, api.LoginRequest{ Type: "normal", @@ -1819,58 +2360,115 @@ func TestPermissionsLoginPluginMode(t *testing.T) { }) } - ttCases := []TestCase{ - {"/login", methodPost, loginReq(userAnon, password), userAnon, http.StatusNotImplemented, 0}, - {"/login", methodPost, loginReq(userAdmin, password), userAdmin, http.StatusNotImplemented, 0}, - } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/login", methodPost, loginReq(userAnon, password), userAnon, http.StatusNotImplemented, 0}, + {"/login", methodPost, loginReq(userAdmin, password), userAdmin, http.StatusNotImplemented, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/login", methodPost, loginReq(userAnon, password), userAnon, http.StatusUnauthorized, 0}, + {"/login", methodPost, loginReq(userAdmin, password), userAdmin, http.StatusOK, 1}, + } + runTestCases(t, ttCases, testData, clients) + }) } -func TestPermissionsLogoutPluginMode(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - ttCases := []TestCase{ - {"/logout", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/logout", methodPost, "", userAdmin, http.StatusNotImplemented, 0}, - } - runTestCases(t, ttCases, testData, clients) +func TestPermissionsLogout(t *testing.T) { + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/logout", methodPost, "", userAnon, http.StatusUnauthorized, 0}, + {"/logout", methodPost, "", userAdmin, http.StatusNotImplemented, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/logout", methodPost, "", userAnon, http.StatusUnauthorized, 0}, + {"/logout", methodPost, "", userAdmin, http.StatusOK, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) } -func TestPermissionsRegisterPluginMode(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) +func TestPermissionsRegister(t *testing.T) { + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := []TestCase{ + {"/register", methodPost, "", userAnon, http.StatusNotImplemented, 0}, + {"/register", methodPost, "", userAdmin, http.StatusNotImplemented, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) - ttCases := []TestCase{ - {"/register", methodPost, "", userAnon, http.StatusNotImplemented, 0}, - {"/register", methodPost, "", userAdmin, http.StatusNotImplemented, 0}, - } - runTestCases(t, ttCases, testData, clients) + team, resp := th.Client.GetTeam(model.GlobalTeamID) + th.CheckOK(resp) + require.NotNil(th.T, team) + require.NotNil(th.T, team.SignupToken) + + postData := toJSON(t, api.RegisterRequest{ + Username: "newuser", + Email: "newuser@test.com", + Password: password, + Token: team.SignupToken, + }) + + ttCases := []TestCase{ + {"/register", methodPost, postData, userAnon, http.StatusOK, 0}, + } + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsClientConfig(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/clientConfig", methodGet, "", userAnon, http.StatusOK, 1}, {"/clientConfig", methodGet, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetCategories(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/teams/test-team/categories", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/teams/test-team/categories", methodGet, "", userNoTeamMember, http.StatusOK, 0}, @@ -1880,276 +2478,407 @@ func TestPermissionsGetCategories(t *testing.T) { {"/teams/test-team/categories", methodGet, "", userEditor, http.StatusOK, 0}, {"/teams/test-team/categories", methodGet, "", userAdmin, http.StatusOK, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsCreateCategory(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCasesF := func() []TestCase { + category := func(userID string) string { + return toJSON(t, model.Category{ + Name: "Test category", + TeamID: "test-team", + UserID: userID, + CreateAt: model.GetMillis(), + UpdateAt: model.GetMillis(), + }) + } - category := func(userID string) string { - return toJSON(t, model.Category{ - Name: "Test category", - TeamID: "test-team", - UserID: userID, - CreateAt: model.GetMillis(), - UpdateAt: model.GetMillis(), - }) + return []TestCase{ + {"/teams/test-team/categories", methodPost, category(""), userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/categories", methodPost, category(userNoTeamMemberID), userNoTeamMember, http.StatusOK, 1}, + {"/teams/test-team/categories", methodPost, category(userTeamMemberID), userTeamMember, http.StatusOK, 1}, + {"/teams/test-team/categories", methodPost, category(userViewerID), userViewer, http.StatusOK, 1}, + {"/teams/test-team/categories", methodPost, category(userCommenterID), userCommenter, http.StatusOK, 1}, + {"/teams/test-team/categories", methodPost, category(userEditorID), userEditor, http.StatusOK, 1}, + {"/teams/test-team/categories", methodPost, category(userAdminID), userAdmin, http.StatusOK, 1}, + + {"/teams/test-team/categories", methodPost, category("other"), userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/categories", methodPost, category("other"), userNoTeamMember, http.StatusBadRequest, 0}, + {"/teams/test-team/categories", methodPost, category("other"), userTeamMember, http.StatusBadRequest, 0}, + {"/teams/test-team/categories", methodPost, category("other"), userViewer, http.StatusBadRequest, 0}, + {"/teams/test-team/categories", methodPost, category("other"), userCommenter, http.StatusBadRequest, 0}, + {"/teams/test-team/categories", methodPost, category("other"), userEditor, http.StatusBadRequest, 0}, + {"/teams/test-team/categories", methodPost, category("other"), userAdmin, http.StatusBadRequest, 0}, + + {"/teams/other-team/categories", methodPost, category(""), userAnon, http.StatusUnauthorized, 0}, + {"/teams/other-team/categories", methodPost, category(userNoTeamMemberID), userNoTeamMember, http.StatusBadRequest, 0}, + {"/teams/other-team/categories", methodPost, category(userTeamMemberID), userTeamMember, http.StatusBadRequest, 0}, + {"/teams/other-team/categories", methodPost, category(userViewerID), userViewer, http.StatusBadRequest, 0}, + {"/teams/other-team/categories", methodPost, category(userCommenterID), userCommenter, http.StatusBadRequest, 0}, + {"/teams/other-team/categories", methodPost, category(userEditorID), userEditor, http.StatusBadRequest, 0}, + {"/teams/other-team/categories", methodPost, category(userAdminID), userAdmin, http.StatusBadRequest, 0}, + } } - - ttCases := []TestCase{ - {"/teams/test-team/categories", methodPost, category(""), userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories", methodPost, category(userNoTeamMemberID), userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userTeamMemberID), userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userViewerID), userViewer, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userCommenterID), userCommenter, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userEditorID), userEditor, http.StatusOK, 1}, - {"/teams/test-team/categories", methodPost, category(userAdminID), userAdmin, http.StatusOK, 1}, - - {"/teams/test-team/categories", methodPost, category("other"), userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userTeamMember, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userViewer, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userCommenter, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userEditor, http.StatusBadRequest, 0}, - {"/teams/test-team/categories", methodPost, category("other"), userAdmin, http.StatusBadRequest, 0}, - - {"/teams/other-team/categories", methodPost, category(""), userAnon, http.StatusUnauthorized, 0}, - {"/teams/other-team/categories", methodPost, category(userNoTeamMemberID), userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userTeamMemberID), userTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userViewerID), userViewer, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userCommenterID), userCommenter, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userEditorID), userEditor, http.StatusBadRequest, 0}, - {"/teams/other-team/categories", methodPost, category(userAdminID), userAdmin, http.StatusBadRequest, 0}, - } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + ttCases := ttCasesF() + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases := ttCasesF() + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsUpdateCategory(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCasesF := func(extraData map[string]string) []TestCase { + category := func(userID string, categoryID string) string { + return toJSON(t, model.Category{ + ID: categoryID, + Name: "Test category", + TeamID: "test-team", + UserID: userID, + CreateAt: model.GetMillis(), + UpdateAt: model.GetMillis(), + }) + } - categoryNoTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryViewer, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryCommenter, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryEditor, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryAdmin, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) + return []TestCase{ + {"/teams/test-team/categories/any", methodPut, category("", "any"), userAnonID, http.StatusUnauthorized, 0}, + {"/teams/test-team/categories/" + extraData["noTeamMember"], methodPut, category(userNoTeamMemberID, extraData["noTeamMember"]), userNoTeamMember, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["teamMember"], methodPut, category(userTeamMemberID, extraData["teamMember"]), userTeamMember, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["viewer"], methodPut, category(userViewerID, extraData["viewer"]), userViewer, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["commenter"], methodPut, category(userCommenterID, extraData["commenter"]), userCommenter, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["editor"], methodPut, category(userEditorID, extraData["editor"]), userEditor, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["admin"], methodPut, category(userAdminID, extraData["admin"]), userAdmin, http.StatusOK, 1}, - category := func(userID string, categoryID string) string { - return toJSON(t, model.Category{ - ID: categoryID, - Name: "Test category", - TeamID: "test-team", - UserID: userID, - CreateAt: model.GetMillis(), - UpdateAt: model.GetMillis(), - }) + {"/teams/test-team/categories/any", methodPut, category("other", "any"), userAnonID, http.StatusUnauthorized, 0}, + {"/teams/test-team/categories/" + extraData["noTeamMember"], methodPut, category("other", extraData["noTeamMember"]), userNoTeamMember, http.StatusBadRequest, 0}, + {"/teams/test-team/categories/" + extraData["teamMember"], methodPut, category("other", extraData["teamMember"]), userTeamMember, http.StatusBadRequest, 0}, + {"/teams/test-team/categories/" + extraData["viewer"], methodPut, category("other", extraData["viewer"]), userViewer, http.StatusBadRequest, 0}, + {"/teams/test-team/categories/" + extraData["commenter"], methodPut, category("other", extraData["commenter"]), userCommenter, http.StatusBadRequest, 0}, + {"/teams/test-team/categories/" + extraData["editor"], methodPut, category("other", extraData["editor"]), userEditor, http.StatusBadRequest, 0}, + {"/teams/test-team/categories/" + extraData["admin"], methodPut, category("other", extraData["admin"]), userAdmin, http.StatusBadRequest, 0}, + + {"/teams/other-team/categories/any", methodPut, category("", "any"), userAnonID, http.StatusUnauthorized, 0}, + {"/teams/other-team/categories/" + extraData["noTeamMember"], methodPut, category(userNoTeamMemberID, extraData["noTeamMember"]), userNoTeamMember, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["teamMember"], methodPut, category(userTeamMemberID, extraData["teamMember"]), userTeamMember, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["viewer"], methodPut, category(userViewerID, extraData["viewer"]), userViewer, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["commenter"], methodPut, category(userCommenterID, extraData["commenter"]), userCommenter, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["editor"], methodPut, category(userEditorID, extraData["editor"]), userEditor, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["admin"], methodPut, category(userAdminID, extraData["admin"]), userAdmin, http.StatusBadRequest, 0}, + } } - ttCases := []TestCase{ - {"/teams/test-team/categories/any", methodPut, category("", "any"), userAnonID, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories/" + categoryNoTeamMember.ID, methodPut, category(userNoTeamMemberID, categoryNoTeamMember.ID), userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryTeamMember.ID, methodPut, category(userTeamMemberID, categoryTeamMember.ID), userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryViewer.ID, methodPut, category(userViewerID, categoryViewer.ID), userViewer, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryCommenter.ID, methodPut, category(userCommenterID, categoryCommenter.ID), userCommenter, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryEditor.ID, methodPut, category(userEditorID, categoryEditor.ID), userEditor, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryAdmin.ID, methodPut, category(userAdminID, categoryAdmin.ID), userAdmin, http.StatusOK, 1}, - - {"/teams/test-team/categories/any", methodPut, category("other", "any"), userAnonID, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories/" + categoryNoTeamMember.ID, methodPut, category("other", categoryNoTeamMember.ID), userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryTeamMember.ID, methodPut, category("other", categoryTeamMember.ID), userTeamMember, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryViewer.ID, methodPut, category("other", categoryViewer.ID), userViewer, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryCommenter.ID, methodPut, category("other", categoryCommenter.ID), userCommenter, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryEditor.ID, methodPut, category("other", categoryEditor.ID), userEditor, http.StatusBadRequest, 0}, - {"/teams/test-team/categories/" + categoryAdmin.ID, methodPut, category("other", categoryAdmin.ID), userAdmin, http.StatusBadRequest, 0}, - - {"/teams/other-team/categories/any", methodPut, category("", "any"), userAnonID, http.StatusUnauthorized, 0}, - {"/teams/other-team/categories/" + categoryNoTeamMember.ID, methodPut, category(userNoTeamMemberID, categoryNoTeamMember.ID), userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryTeamMember.ID, methodPut, category(userTeamMemberID, categoryTeamMember.ID), userTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryViewer.ID, methodPut, category(userViewerID, categoryViewer.ID), userViewer, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryCommenter.ID, methodPut, category(userCommenterID, categoryCommenter.ID), userCommenter, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryEditor.ID, methodPut, category(userEditorID, categoryEditor.ID), userEditor, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryAdmin.ID, methodPut, category(userAdminID, categoryAdmin.ID), userAdmin, http.StatusBadRequest, 0}, + extraSetup := func(t *testing.T, th *TestHelper) map[string]string { + categoryNoTeamMember, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryTeamMember, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryViewer, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryCommenter, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryEditor, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryAdmin, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + return map[string]string{ + "noTeamMember": categoryNoTeamMember.ID, + "teamMember": categoryTeamMember.ID, + "viewer": categoryViewer.ID, + "commenter": categoryCommenter.ID, + "editor": categoryEditor.ID, + "admin": categoryAdmin.ID, + } } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraData := extraSetup(t, th) + ttCases := ttCasesF(extraData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraData := extraSetup(t, th) + ttCases := ttCasesF(extraData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsDeleteCategory(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCasesF := func(extraData map[string]string) []TestCase { + return []TestCase{ + {"/teams/other-team/categories/any", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/other-team/categories/" + extraData["noTeamMember"], methodDelete, "", userNoTeamMember, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["teamMember"], methodDelete, "", userTeamMember, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["viewer"], methodDelete, "", userViewer, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["commenter"], methodDelete, "", userCommenter, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["editor"], methodDelete, "", userEditor, http.StatusBadRequest, 0}, + {"/teams/other-team/categories/" + extraData["admin"], methodDelete, "", userAdmin, http.StatusBadRequest, 0}, - categoryNoTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryViewer, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryCommenter, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryEditor, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryAdmin, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/teams/other-team/categories/any", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/other-team/categories/" + categoryNoTeamMember.ID, methodDelete, "", userNoTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryTeamMember.ID, methodDelete, "", userTeamMember, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryViewer.ID, methodDelete, "", userViewer, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryCommenter.ID, methodDelete, "", userCommenter, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryEditor.ID, methodDelete, "", userEditor, http.StatusBadRequest, 0}, - {"/teams/other-team/categories/" + categoryAdmin.ID, methodDelete, "", userAdmin, http.StatusBadRequest, 0}, - - {"/teams/test-team/categories/any", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories/" + categoryNoTeamMember.ID, methodDelete, "", userNoTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryTeamMember.ID, methodDelete, "", userTeamMember, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryViewer.ID, methodDelete, "", userViewer, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryCommenter.ID, methodDelete, "", userCommenter, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryEditor.ID, methodDelete, "", userEditor, http.StatusOK, 1}, - {"/teams/test-team/categories/" + categoryAdmin.ID, methodDelete, "", userAdmin, http.StatusOK, 1}, + {"/teams/test-team/categories/any", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/categories/" + extraData["noTeamMember"], methodDelete, "", userNoTeamMember, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["teamMember"], methodDelete, "", userTeamMember, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["viewer"], methodDelete, "", userViewer, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["commenter"], methodDelete, "", userCommenter, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["editor"], methodDelete, "", userEditor, http.StatusOK, 1}, + {"/teams/test-team/categories/" + extraData["admin"], methodDelete, "", userAdmin, http.StatusOK, 1}, + } } - runTestCases(t, ttCases, testData, clients) + + extraSetup := func(t *testing.T, th *TestHelper) map[string]string { + categoryNoTeamMember, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryTeamMember, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryViewer, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryCommenter, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryEditor, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryAdmin, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + return map[string]string{ + "noTeamMember": categoryNoTeamMember.ID, + "teamMember": categoryTeamMember.ID, + "viewer": categoryViewer.ID, + "commenter": categoryCommenter.ID, + "editor": categoryEditor.ID, + "admin": categoryAdmin.ID, + } + } + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraData := extraSetup(t, th) + ttCases := ttCasesF(extraData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraData := extraSetup(t, th) + ttCases := ttCasesF(extraData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsUpdateCategoryBoard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - categoryNoTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryTeamMember, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryViewer, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryCommenter, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryEditor, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - categoryAdmin, err := th.Server.App().CreateCategory( - &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, - ) - require.NoError(t, err) - - ttCases := []TestCase{ - {"/teams/test-team/categories/any/boards/any", methodPost, "", userAnon, http.StatusUnauthorized, 0}, - {"/teams/test-team/categories/" + categoryNoTeamMember.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userNoTeamMember, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryTeamMember.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userTeamMember, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryViewer.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userViewer, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryCommenter.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userCommenter, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryEditor.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userEditor, http.StatusOK, 0}, - {"/teams/test-team/categories/" + categoryAdmin.ID + "/boards/" + testData.publicBoard.ID, methodPost, "", userAdmin, http.StatusOK, 0}, + ttCasesF := func(testData TestData, extraData map[string]string) []TestCase { + return []TestCase{ + {"/teams/test-team/categories/any/boards/any", methodPost, "", userAnon, http.StatusUnauthorized, 0}, + {"/teams/test-team/categories/" + extraData["noTeamMember"] + "/boards/" + testData.publicBoard.ID, methodPost, "", userNoTeamMember, http.StatusOK, 0}, + {"/teams/test-team/categories/" + extraData["teamMember"] + "/boards/" + testData.publicBoard.ID, methodPost, "", userTeamMember, http.StatusOK, 0}, + {"/teams/test-team/categories/" + extraData["viewer"] + "/boards/" + testData.publicBoard.ID, methodPost, "", userViewer, http.StatusOK, 0}, + {"/teams/test-team/categories/" + extraData["commenter"] + "/boards/" + testData.publicBoard.ID, methodPost, "", userCommenter, http.StatusOK, 0}, + {"/teams/test-team/categories/" + extraData["editor"] + "/boards/" + testData.publicBoard.ID, methodPost, "", userEditor, http.StatusOK, 0}, + {"/teams/test-team/categories/" + extraData["admin"] + "/boards/" + testData.publicBoard.ID, methodPost, "", userAdmin, http.StatusOK, 0}, + } } - runTestCases(t, ttCases, testData, clients) + + extraSetup := func(t *testing.T, th *TestHelper) map[string]string { + categoryNoTeamMember, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userNoTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryTeamMember, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userTeamMemberID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryViewer, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userViewerID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryCommenter, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userCommenterID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryEditor, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userEditorID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + categoryAdmin, err := th.Server.App().CreateCategory( + &model.Category{Name: "Test category", TeamID: "test-team", UserID: userAdminID, CreateAt: model.GetMillis(), UpdateAt: model.GetMillis()}, + ) + require.NoError(t, err) + return map[string]string{ + "noTeamMember": categoryNoTeamMember.ID, + "teamMember": categoryTeamMember.ID, + "viewer": categoryViewer.ID, + "commenter": categoryCommenter.ID, + "editor": categoryEditor.ID, + "admin": categoryAdmin.ID, + } + } + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraData := extraSetup(t, th) + ttCases := ttCasesF(testData, extraData) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraData := extraSetup(t, th) + ttCases := ttCasesF(testData, extraData) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsGetFile(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCasesF := func() []TestCase { + return []TestCase{ + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}", methodGet, "", userTeamMember, http.StatusForbidden, 0}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}", methodGet, "", userViewer, http.StatusOK, 1}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}", methodGet, "", userCommenter, http.StatusOK, 1}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}", methodGet, "", userEditor, http.StatusOK, 1}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}", methodGet, "", userAdmin, http.StatusOK, 1}, - newFileID, err := th.Server.App().SaveFile(bytes.NewBuffer([]byte("test")), "test-team", testData.privateBoard.ID, "test.png") - require.NoError(t, err) - - ttCases := []TestCase{ - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userTeamMember, http.StatusForbidden, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userViewer, http.StatusOK, 1}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userCommenter, http.StatusOK, 1}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userEditor, http.StatusOK, 1}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID, methodGet, "", userAdmin, http.StatusOK, 1}, - - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID + "?read_token=invalid", methodGet, "", userAnon, http.StatusUnauthorized, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID + "?read_token=valid", methodGet, "", userAnon, http.StatusOK, 1}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID + "?read_token=invalid", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, - {"/files/teams/test-team/{PRIVATE_BOARD_ID}/" + newFileID + "?read_token=valid", methodGet, "", userTeamMember, http.StatusOK, 1}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}?read_token=invalid", methodGet, "", userAnon, http.StatusUnauthorized, 0}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}?read_token=valid", methodGet, "", userAnon, http.StatusOK, 1}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}?read_token=invalid", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, + {"/files/teams/test-team/{PRIVATE_BOARD_ID}/{NEW_FILE_ID}?read_token=valid", methodGet, "", userTeamMember, http.StatusOK, 1}, + } } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + + newFileID, err := th.Server.App().SaveFile(bytes.NewBuffer([]byte("test")), "test-team", testData.privateBoard.ID, "test.png") + require.NoError(t, err) + + ttCases := ttCasesF() + for i, tc := range ttCases { + ttCases[i].url = strings.Replace(tc.url, "{NEW_FILE_ID}", newFileID, 1) + } + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + + newFileID, err := th.Server.App().SaveFile(bytes.NewBuffer([]byte("test")), "test-team", testData.privateBoard.ID, "test.png") + require.NoError(t, err) + + ttCases := ttCasesF() + for i, tc := range ttCases { + ttCases[i].url = strings.Replace(tc.url, "{NEW_FILE_ID}", newFileID, 1) + } + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsCreateSubscription(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) + ttCases := func() []TestCase { + subscription := func(userID string) string { + return toJSON(t, model.Subscription{ + BlockType: "card", + BlockID: "block-3", + SubscriberType: "user", + SubscriberID: userID, + CreateAt: model.GetMillis(), + }) + } + return []TestCase{ + {"/subscriptions", methodPost, subscription(""), userAnon, http.StatusUnauthorized, 0}, + {"/subscriptions", methodPost, subscription(userNoTeamMemberID), userNoTeamMember, http.StatusOK, 1}, + {"/subscriptions", methodPost, subscription(userTeamMemberID), userTeamMember, http.StatusOK, 1}, + {"/subscriptions", methodPost, subscription(userViewerID), userViewer, http.StatusOK, 1}, + {"/subscriptions", methodPost, subscription(userCommenterID), userCommenter, http.StatusOK, 1}, + {"/subscriptions", methodPost, subscription(userEditorID), userEditor, http.StatusOK, 1}, + {"/subscriptions", methodPost, subscription(userAdminID), userAdmin, http.StatusOK, 1}, + } + } - subscription := func(userID string) string { - return toJSON(t, model.Subscription{ - BlockType: "card", - BlockID: "block-3", - SubscriberType: "user", - SubscriberID: userID, - CreateAt: model.GetMillis(), - }) - } - ttCases := []TestCase{ - {"/subscriptions", methodPost, subscription(""), userAnon, http.StatusUnauthorized, 0}, - {"/subscriptions", methodPost, subscription(userNoTeamMemberID), userNoTeamMember, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userTeamMemberID), userTeamMember, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userViewerID), userViewer, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userCommenterID), userCommenter, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userEditorID), userEditor, http.StatusOK, 1}, - {"/subscriptions", methodPost, subscription(userAdminID), userAdmin, http.StatusOK, 1}, - } - runTestCases(t, ttCases, testData, clients) + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases(), testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases(), testData, clients) + }) } func TestPermissionsGetSubscriptions(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/subscriptions/{USER_ANON_ID}", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/subscriptions/{USER_NO_TEAM_MEMBER_ID}", methodGet, "", userNoTeamMember, http.StatusOK, 0}, @@ -2166,44 +2895,24 @@ func TestPermissionsGetSubscriptions(t *testing.T) { {"/subscriptions/other", methodGet, "", userEditor, http.StatusForbidden, 0}, {"/subscriptions/other", methodGet, "", userAdmin, http.StatusForbidden, 0}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsDeleteSubscription(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - _, err := th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userNoTeamMemberID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userTeamMemberID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userViewerID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userCommenterID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userEditorID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userAdminID, CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - _, err = th.Server.App().CreateSubscription( - &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: "other", CreateAt: model.GetMillis()}, - ) - require.NoError(t, err) - ttCases := []TestCase{ {"/subscriptions/block-3/{USER_ANON_ID}", methodDelete, "", userAnon, http.StatusUnauthorized, 0}, {"/subscriptions/block-3/{USER_NO_TEAM_MEMBER_ID}", methodDelete, "", userNoTeamMember, http.StatusOK, 0}, @@ -2220,18 +2929,57 @@ func TestPermissionsDeleteSubscription(t *testing.T) { {"/subscriptions/block-3/other", methodDelete, "", userEditor, http.StatusForbidden, 0}, {"/subscriptions/block-3/other", methodDelete, "", userAdmin, http.StatusForbidden, 0}, } - runTestCases(t, ttCases, testData, clients) + + extraSetup := func(t *testing.T, th *TestHelper) { + _, err := th.Server.App().CreateSubscription( + &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userNoTeamMemberID, CreateAt: model.GetMillis()}, + ) + require.NoError(t, err) + _, err = th.Server.App().CreateSubscription( + &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userTeamMemberID, CreateAt: model.GetMillis()}, + ) + require.NoError(t, err) + _, err = th.Server.App().CreateSubscription( + &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userViewerID, CreateAt: model.GetMillis()}, + ) + require.NoError(t, err) + _, err = th.Server.App().CreateSubscription( + &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userCommenterID, CreateAt: model.GetMillis()}, + ) + require.NoError(t, err) + _, err = th.Server.App().CreateSubscription( + &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userEditorID, CreateAt: model.GetMillis()}, + ) + require.NoError(t, err) + _, err = th.Server.App().CreateSubscription( + &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: userAdminID, CreateAt: model.GetMillis()}, + ) + require.NoError(t, err) + _, err = th.Server.App().CreateSubscription( + &model.Subscription{BlockType: "card", BlockID: "block-3", SubscriberType: "user", SubscriberID: "other", CreateAt: model.GetMillis()}, + ) + require.NoError(t, err) + } + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + extraSetup(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + extraSetup(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsOnboard(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - - err := th.Server.App().InitTemplates() - require.NoError(t, err, "InitTemplates should not fail") - ttCases := []TestCase{ {"/teams/test-team/onboard", methodPost, "", userAnon, http.StatusUnauthorized, 0}, {"/teams/test-team/onboard", methodPost, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -2241,15 +2989,34 @@ func TestPermissionsOnboard(t *testing.T) { {"/teams/test-team/onboard", methodPost, "", userEditor, http.StatusOK, 1}, {"/teams/test-team/onboard", methodPost, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + + err := th.Server.App().InitTemplates() + require.NoError(t, err, "InitTemplates should not fail") + + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + + err := th.Server.App().InitTemplates() + require.NoError(t, err, "InitTemplates should not fail") + + ttCases[1].expectedStatusCode = http.StatusOK + ttCases[1].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsBoardArchiveExport(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userAnon, http.StatusUnauthorized, 0}, {"/boards/{PUBLIC_BOARD_ID}/archive/export", methodGet, "", userNoTeamMember, http.StatusForbidden, 0}, @@ -2283,15 +3050,24 @@ func TestPermissionsBoardArchiveExport(t *testing.T) { {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userEditor, http.StatusOK, 1}, {"/boards/{PRIVATE_TEMPLATE_ID}/archive/export", methodGet, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) } func TestPermissionsBoardArchiveImport(t *testing.T) { - th := SetupTestHelperPluginMode(t) - defer th.TearDown() - clients := setupClients(th) - testData := setupData(t, th) - ttCases := []TestCase{ {"/teams/test-team/archive/import", methodPost, "", userAnon, http.StatusUnauthorized, 0}, {"/teams/test-team/archive/import", methodPost, "", userNoTeamMember, http.StatusForbidden, 1}, @@ -2301,5 +3077,21 @@ func TestPermissionsBoardArchiveImport(t *testing.T) { {"/teams/test-team/archive/import", methodPost, "", userEditor, http.StatusOK, 1}, {"/teams/test-team/archive/import", methodPost, "", userAdmin, http.StatusOK, 1}, } - runTestCases(t, ttCases, testData, clients) + + t.Run("plugin", func(t *testing.T) { + th := SetupTestHelperPluginMode(t) + defer th.TearDown() + clients := setupClients(th) + testData := setupData(t, th) + runTestCases(t, ttCases, testData, clients) + }) + t.Run("local", func(t *testing.T) { + th := SetupTestHelperLocalMode(t) + defer th.TearDown() + clients := setupLocalClients(th) + testData := setupData(t, th) + ttCases[1].expectedStatusCode = http.StatusOK + ttCases[1].totalResults = 1 + runTestCases(t, ttCases, testData, clients) + }) }