a4ef8ec6bc
* Initial permissions review infrastructure * Adding more tests cases * Modifying a bit the tests approach and adding more tests * Adding more tests * Adding more tests for permissions * Adding more tests * Adding more permissions tests * Adding more tests * Adding more permission checks * Adding more permissions tests * Adding more permission tests * Adding more tests * Adding subscriptions tests * Adding more permissions tests * Adding tests for read tokens in the files * Update APIs and fix unit tests * Fix linter errors * Auto-assign category id from the database (as expected because is serial/auto_increment integer field) * Revert "Auto-assign category id from the database (as expected because is serial/auto_increment integer field)" This reverts commit 5c98fd76a32f1a7ef6a6258497ec7ac64e034640. * Fixing Category scheme in postgres and MySQL * Removing restriction about the channel_id and add it to all the databases * Moving everything to a new migration * Fix bad merge (?) * Update 000021_fix_categories.up.sql Fix Postgres ALTER COLUMN syntax * Update 000021_fix_categories.down.sql Fix Postgres ALTER COLUMN syntax * Update 000021_fix_categories.up.sql Remove unnecessary, and unsupported MODIFY COLUMNs for SQLite. * Update 000021_fix_categories.up.sql Remove not null from categories.channel_id * Update 000021_fix_categories.down.sql Migrate down removing not null from categories.channel_id * Update 000021_fix_categories.up.sql Fix drop not null on categories.channel_id * Update 000021_fix_categories.down.sql Fix down migration of drop not null from categories.channel_id. * Restore default notification level to debug Co-authored-by: Chen-I Lim <chenilim@gmail.com> Co-authored-by: Chen-I Lim <46905241+chenilim@users.noreply.github.com>
817 lines
23 KiB
Go
817 lines
23 KiB
Go
package integrationtests
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/mattermost/focalboard/server/model"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestCreateBoardsAndBlocks(t *testing.T) {
|
|
teamID := testTeamID
|
|
|
|
t.Run("a non authenticated user should be rejected", func(t *testing.T) {
|
|
th := SetupTestHelper(t).Start()
|
|
defer th.TearDown()
|
|
|
|
newBab := &model.BoardsAndBlocks{
|
|
Boards: []*model.Board{},
|
|
Blocks: []model.Block{},
|
|
}
|
|
|
|
bab, resp := th.Client.CreateBoardsAndBlocks(newBab)
|
|
th.CheckUnauthorized(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("invalid boards and blocks", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
t.Run("no boards", func(t *testing.T) {
|
|
newBab := &model.BoardsAndBlocks{
|
|
Boards: []*model.Board{},
|
|
Blocks: []model.Block{
|
|
{ID: "block-id", BoardID: "board-id", Type: model.TypeCard},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.CreateBoardsAndBlocks(newBab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("no blocks", func(t *testing.T) {
|
|
newBab := &model.BoardsAndBlocks{
|
|
Boards: []*model.Board{
|
|
{ID: "board-id", TeamID: teamID, Type: model.BoardTypePrivate},
|
|
},
|
|
Blocks: []model.Block{},
|
|
}
|
|
|
|
bab, resp := th.Client.CreateBoardsAndBlocks(newBab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("blocks from nonexistent boards", func(t *testing.T) {
|
|
newBab := &model.BoardsAndBlocks{
|
|
Boards: []*model.Board{
|
|
{ID: "board-id", TeamID: teamID, Type: model.BoardTypePrivate},
|
|
},
|
|
Blocks: []model.Block{
|
|
{ID: "block-id", BoardID: "nonexistent-board-id", Type: model.TypeCard, CreateAt: 1, UpdateAt: 1},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.CreateBoardsAndBlocks(newBab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("boards with no IDs", func(t *testing.T) {
|
|
newBab := &model.BoardsAndBlocks{
|
|
Boards: []*model.Board{
|
|
{ID: "board-id", TeamID: teamID, Type: model.BoardTypePrivate},
|
|
{TeamID: teamID, Type: model.BoardTypePrivate},
|
|
},
|
|
Blocks: []model.Block{
|
|
{ID: "block-id", BoardID: "board-id", Type: model.TypeCard, CreateAt: 1, UpdateAt: 1},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.CreateBoardsAndBlocks(newBab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("boards from different teams", func(t *testing.T) {
|
|
newBab := &model.BoardsAndBlocks{
|
|
Boards: []*model.Board{
|
|
{ID: "board-id-1", TeamID: "team-id-1", Type: model.BoardTypePrivate},
|
|
{ID: "board-id-2", TeamID: "team-id-2", Type: model.BoardTypePrivate},
|
|
},
|
|
Blocks: []model.Block{
|
|
{ID: "block-id", BoardID: "board-id-1", Type: model.TypeCard, CreateAt: 1, UpdateAt: 1},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.CreateBoardsAndBlocks(newBab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("creating boards and blocks", func(t *testing.T) {
|
|
newBab := &model.BoardsAndBlocks{
|
|
Boards: []*model.Board{
|
|
{ID: "board-id-1", Title: "public board", TeamID: teamID, Type: model.BoardTypeOpen},
|
|
{ID: "board-id-2", Title: "private board", TeamID: teamID, Type: model.BoardTypePrivate},
|
|
},
|
|
Blocks: []model.Block{
|
|
{ID: "block-id-1", Title: "block 1", BoardID: "board-id-1", Type: model.TypeCard, CreateAt: 1, UpdateAt: 1},
|
|
{ID: "block-id-2", Title: "block 2", BoardID: "board-id-2", Type: model.TypeCard, CreateAt: 1, UpdateAt: 1},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.CreateBoardsAndBlocks(newBab)
|
|
th.CheckOK(resp)
|
|
require.NotNil(t, bab)
|
|
|
|
require.Len(t, bab.Boards, 2)
|
|
require.Len(t, bab.Blocks, 2)
|
|
|
|
// board 1 should have been created with a new ID, and its
|
|
// block should be there too
|
|
boardsTermPublic, resp := th.Client.SearchBoardsForTeam(teamID, "public")
|
|
th.CheckOK(resp)
|
|
require.Len(t, boardsTermPublic, 1)
|
|
board1 := boardsTermPublic[0]
|
|
require.Equal(t, "public board", board1.Title)
|
|
require.Equal(t, model.BoardTypeOpen, board1.Type)
|
|
require.NotEqual(t, "board-id-1", board1.ID)
|
|
blocks1, err := th.Server.App().GetBlocksForBoard(board1.ID)
|
|
require.NoError(t, err)
|
|
require.Len(t, blocks1, 1)
|
|
require.Equal(t, "block 1", blocks1[0].Title)
|
|
|
|
// board 1 should have been created with a new ID, and its
|
|
// block should be there too
|
|
boardsTermPrivate, resp := th.Client.SearchBoardsForTeam(teamID, "private")
|
|
th.CheckOK(resp)
|
|
require.Len(t, boardsTermPrivate, 1)
|
|
board2 := boardsTermPrivate[0]
|
|
require.Equal(t, "private board", board2.Title)
|
|
require.Equal(t, model.BoardTypePrivate, board2.Type)
|
|
require.NotEqual(t, "board-id-2", board2.ID)
|
|
blocks2, err := th.Server.App().GetBlocksForBoard(board2.ID)
|
|
require.NoError(t, err)
|
|
require.Len(t, blocks2, 1)
|
|
require.Equal(t, "block 2", blocks2[0].Title)
|
|
|
|
// user should be an admin of both newly created boards
|
|
user1 := th.GetUser1()
|
|
members1, err := th.Server.App().GetMembersForBoard(board1.ID)
|
|
require.NoError(t, err)
|
|
require.Len(t, members1, 1)
|
|
require.Equal(t, user1.ID, members1[0].UserID)
|
|
members2, err := th.Server.App().GetMembersForBoard(board2.ID)
|
|
require.NoError(t, err)
|
|
require.Len(t, members2, 1)
|
|
require.Equal(t, user1.ID, members2[0].UserID)
|
|
})
|
|
})
|
|
}
|
|
|
|
func TestPatchBoardsAndBlocks(t *testing.T) {
|
|
teamID := "team-id"
|
|
|
|
t.Run("a non authenticated user should be rejected", func(t *testing.T) {
|
|
th := SetupTestHelper(t).Start()
|
|
defer th.TearDown()
|
|
|
|
pbab := &model.PatchBoardsAndBlocks{}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckUnauthorized(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("invalid patch boards and blocks", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
userID := th.GetUser1().ID
|
|
initialTitle := "initial title 1"
|
|
newTitle := "new title 1"
|
|
|
|
newBoard1 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board1, err := th.Server.App().CreateBoard(newBoard1, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board1)
|
|
|
|
newBoard2 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board2, err := th.Server.App().CreateBoard(newBoard2, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board2)
|
|
|
|
newBlock1 := model.Block{
|
|
ID: "block-id-1",
|
|
BoardID: board1.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock1, userID))
|
|
block1, err := th.Server.App().GetBlockByID("block-id-1")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block1)
|
|
|
|
newBlock2 := model.Block{
|
|
ID: "block-id-2",
|
|
BoardID: board2.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock2, userID))
|
|
block2, err := th.Server.App().GetBlockByID("block-id-2")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block2)
|
|
|
|
t.Run("no board IDs", func(t *testing.T) {
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{block1.ID, block2.ID},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("missmatch board IDs and patches", func(t *testing.T) {
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID, board2.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{block1.ID, block2.ID},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("no block IDs", func(t *testing.T) {
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID, board2.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("missmatch block IDs and patches", func(t *testing.T) {
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID, board2.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{block1.ID, block2.ID},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("block that doesn't belong to any board", func(t *testing.T) {
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{block1.ID, "board-id-2"},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
})
|
|
|
|
t.Run("if the user doesn't have permissions for one of the boards, nothing should be updated", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
userID := th.GetUser1().ID
|
|
initialTitle := "initial title 2"
|
|
newTitle := "new title 2"
|
|
|
|
newBoard1 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board1, err := th.Server.App().CreateBoard(newBoard1, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board1)
|
|
|
|
newBoard2 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board2, err := th.Server.App().CreateBoard(newBoard2, userID, false)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board2)
|
|
|
|
newBlock1 := model.Block{
|
|
ID: "block-id-1",
|
|
BoardID: board1.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock1, userID))
|
|
block1, err := th.Server.App().GetBlockByID("block-id-1")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block1)
|
|
|
|
newBlock2 := model.Block{
|
|
ID: "block-id-2",
|
|
BoardID: board2.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock2, userID))
|
|
block2, err := th.Server.App().GetBlockByID("block-id-2")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block2)
|
|
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID, board2.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{block1.ID, block2.ID},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckForbidden(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("boards belonging to different teams should be rejected", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
userID := th.GetUser1().ID
|
|
initialTitle := "initial title 3"
|
|
newTitle := "new title 3"
|
|
|
|
newBoard1 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board1, err := th.Server.App().CreateBoard(newBoard1, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board1)
|
|
|
|
newBoard2 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: "different-team-id",
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board2, err := th.Server.App().CreateBoard(newBoard2, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board2)
|
|
|
|
newBlock1 := model.Block{
|
|
ID: "block-id-1",
|
|
BoardID: board1.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock1, userID))
|
|
block1, err := th.Server.App().GetBlockByID("block-id-1")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block1)
|
|
|
|
newBlock2 := model.Block{
|
|
ID: "block-id-2",
|
|
BoardID: board2.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock2, userID))
|
|
block2, err := th.Server.App().GetBlockByID("block-id-2")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block2)
|
|
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID, board2.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{block1.ID, "board-id-2"},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("patches should be rejected if one is invalid", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
userID := th.GetUser1().ID
|
|
initialTitle := "initial title 4"
|
|
newTitle := "new title 4"
|
|
|
|
newBoard1 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board1, err := th.Server.App().CreateBoard(newBoard1, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board1)
|
|
|
|
newBoard2 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board2, err := th.Server.App().CreateBoard(newBoard2, userID, false)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board2)
|
|
|
|
newBlock1 := model.Block{
|
|
ID: "block-id-1",
|
|
BoardID: board1.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock1, userID))
|
|
block1, err := th.Server.App().GetBlockByID("block-id-1")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block1)
|
|
|
|
newBlock2 := model.Block{
|
|
ID: "block-id-2",
|
|
BoardID: board2.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock2, userID))
|
|
block2, err := th.Server.App().GetBlockByID("block-id-2")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block2)
|
|
|
|
var invalidPatchType model.BoardType = "invalid"
|
|
invalidPatch := &model.BoardPatch{Type: &invalidPatchType}
|
|
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID, board2.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
invalidPatch,
|
|
},
|
|
BlockIDs: []string{block1.ID, "board-id-2"},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("patches should be rejected if there is a block that doesn't belong to the boards being patched", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
userID := th.GetUser1().ID
|
|
initialTitle := "initial title"
|
|
newTitle := "new patched title"
|
|
|
|
newBoard1 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board1, err := th.Server.App().CreateBoard(newBoard1, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board1)
|
|
|
|
newBoard2 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board2, err := th.Server.App().CreateBoard(newBoard2, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board2)
|
|
|
|
newBlock1 := model.Block{
|
|
ID: "block-id-1",
|
|
BoardID: board1.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock1, userID))
|
|
block1, err := th.Server.App().GetBlockByID("block-id-1")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block1)
|
|
|
|
newBlock2 := model.Block{
|
|
ID: "block-id-2",
|
|
BoardID: board2.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock2, userID))
|
|
block2, err := th.Server.App().GetBlockByID("block-id-2")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block2)
|
|
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{block1.ID, block2.ID},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckBadRequest(resp)
|
|
require.Nil(t, bab)
|
|
})
|
|
|
|
t.Run("patches should be applied if they're valid and they're related", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
userID := th.GetUser1().ID
|
|
initialTitle := "initial title"
|
|
newTitle := "new other title"
|
|
|
|
newBoard1 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board1, err := th.Server.App().CreateBoard(newBoard1, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board1)
|
|
|
|
newBoard2 := &model.Board{
|
|
Title: initialTitle,
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board2, err := th.Server.App().CreateBoard(newBoard2, userID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board2)
|
|
|
|
newBlock1 := model.Block{
|
|
ID: "block-id-1",
|
|
BoardID: board1.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock1, userID))
|
|
block1, err := th.Server.App().GetBlockByID("block-id-1")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block1)
|
|
|
|
newBlock2 := model.Block{
|
|
ID: "block-id-2",
|
|
BoardID: board2.ID,
|
|
Title: initialTitle,
|
|
}
|
|
require.NoError(t, th.Server.App().InsertBlock(newBlock2, userID))
|
|
block2, err := th.Server.App().GetBlockByID("block-id-2")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block2)
|
|
|
|
pbab := &model.PatchBoardsAndBlocks{
|
|
BoardIDs: []string{board1.ID, board2.ID},
|
|
BoardPatches: []*model.BoardPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
BlockIDs: []string{block1.ID, block2.ID},
|
|
BlockPatches: []*model.BlockPatch{
|
|
{Title: &newTitle},
|
|
{Title: &newTitle},
|
|
},
|
|
}
|
|
|
|
bab, resp := th.Client.PatchBoardsAndBlocks(pbab)
|
|
th.CheckOK(resp)
|
|
require.NotNil(t, bab)
|
|
require.Len(t, bab.Boards, 2)
|
|
require.Len(t, bab.Blocks, 2)
|
|
|
|
// ensure that the entities have been updated
|
|
rBoard1, err := th.Server.App().GetBoard(board1.ID)
|
|
require.NoError(t, err)
|
|
require.Equal(t, newTitle, rBoard1.Title)
|
|
rBlock1, err := th.Server.App().GetBlockByID(block1.ID)
|
|
require.NoError(t, err)
|
|
require.Equal(t, newTitle, rBlock1.Title)
|
|
|
|
rBoard2, err := th.Server.App().GetBoard(board2.ID)
|
|
require.NoError(t, err)
|
|
require.Equal(t, newTitle, rBoard2.Title)
|
|
rBlock2, err := th.Server.App().GetBlockByID(block2.ID)
|
|
require.NoError(t, err)
|
|
require.Equal(t, newTitle, rBlock2.Title)
|
|
})
|
|
}
|
|
|
|
func TestDeleteBoardsAndBlocks(t *testing.T) {
|
|
teamID := "team-id"
|
|
|
|
t.Run("a non authenticated user should be rejected", func(t *testing.T) {
|
|
th := SetupTestHelper(t).Start()
|
|
defer th.TearDown()
|
|
|
|
dbab := &model.DeleteBoardsAndBlocks{}
|
|
|
|
success, resp := th.Client.DeleteBoardsAndBlocks(dbab)
|
|
th.CheckUnauthorized(resp)
|
|
require.False(t, success)
|
|
})
|
|
|
|
t.Run("invalid delete boards and blocks", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
// a board is required for the permission checks
|
|
newBoard := &model.Board{
|
|
TeamID: teamID,
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board, err := th.Server.App().CreateBoard(newBoard, th.GetUser1().ID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board)
|
|
|
|
t.Run("no boards", func(t *testing.T) {
|
|
dbab := &model.DeleteBoardsAndBlocks{
|
|
Blocks: []string{"block-id-1"},
|
|
}
|
|
|
|
success, resp := th.Client.DeleteBoardsAndBlocks(dbab)
|
|
th.CheckBadRequest(resp)
|
|
require.False(t, success)
|
|
})
|
|
|
|
t.Run("no blocks", func(t *testing.T) {
|
|
dbab := &model.DeleteBoardsAndBlocks{
|
|
Boards: []string{board.ID},
|
|
}
|
|
|
|
success, resp := th.Client.DeleteBoardsAndBlocks(dbab)
|
|
th.CheckBadRequest(resp)
|
|
require.False(t, success)
|
|
})
|
|
|
|
t.Run("boards from different teams", func(t *testing.T) {
|
|
newOtherTeamsBoard := &model.Board{
|
|
TeamID: "another-team-id",
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
otherTeamsBoard, err := th.Server.App().CreateBoard(newOtherTeamsBoard, th.GetUser1().ID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board)
|
|
|
|
dbab := &model.DeleteBoardsAndBlocks{
|
|
Boards: []string{board.ID, otherTeamsBoard.ID},
|
|
Blocks: []string{"block-id-1"},
|
|
}
|
|
|
|
success, resp := th.Client.DeleteBoardsAndBlocks(dbab)
|
|
th.CheckBadRequest(resp)
|
|
require.False(t, success)
|
|
})
|
|
})
|
|
|
|
t.Run("if the user has no permissions to one of the boards, nothing should be deleted", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
// the user is an admin of the first board
|
|
newBoard1 := &model.Board{
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board1, err := th.Server.App().CreateBoard(newBoard1, th.GetUser1().ID, true)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board1)
|
|
|
|
// but not of the second
|
|
newBoard2 := &model.Board{
|
|
Type: model.BoardTypeOpen,
|
|
}
|
|
board2, err := th.Server.App().CreateBoard(newBoard2, th.GetUser1().ID, false)
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board2)
|
|
|
|
dbab := &model.DeleteBoardsAndBlocks{
|
|
Boards: []string{board1.ID, board2.ID},
|
|
Blocks: []string{"block-id-1"},
|
|
}
|
|
|
|
success, resp := th.Client.DeleteBoardsAndBlocks(dbab)
|
|
th.CheckForbidden(resp)
|
|
require.False(t, success)
|
|
})
|
|
|
|
t.Run("all boards and blocks should be deleted if the request is correct", func(t *testing.T) {
|
|
th := SetupTestHelper(t).InitBasic()
|
|
defer th.TearDown()
|
|
|
|
newBab := &model.BoardsAndBlocks{
|
|
Boards: []*model.Board{
|
|
{ID: "board-id-1", Title: "public board", TeamID: teamID, Type: model.BoardTypeOpen},
|
|
{ID: "board-id-2", Title: "private board", TeamID: teamID, Type: model.BoardTypePrivate},
|
|
},
|
|
Blocks: []model.Block{
|
|
{ID: "block-id-1", Title: "block 1", BoardID: "board-id-1", Type: model.TypeCard, CreateAt: 1, UpdateAt: 1},
|
|
{ID: "block-id-2", Title: "block 2", BoardID: "board-id-2", Type: model.TypeCard, CreateAt: 1, UpdateAt: 1},
|
|
},
|
|
}
|
|
|
|
bab, err := th.Server.App().CreateBoardsAndBlocks(newBab, th.GetUser1().ID, true)
|
|
require.NoError(t, err)
|
|
require.Len(t, bab.Boards, 2)
|
|
require.Len(t, bab.Blocks, 2)
|
|
|
|
// ensure that the entities have been successfully created
|
|
board1, err := th.Server.App().GetBoard("board-id-1")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board1)
|
|
block1, err := th.Server.App().GetBlockByID("block-id-1")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block1)
|
|
|
|
board2, err := th.Server.App().GetBoard("board-id-2")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, board2)
|
|
block2, err := th.Server.App().GetBlockByID("block-id-2")
|
|
require.NoError(t, err)
|
|
require.NotNil(t, block2)
|
|
|
|
// call the API to delete boards and blocks
|
|
dbab := &model.DeleteBoardsAndBlocks{
|
|
Boards: []string{"board-id-1", "board-id-2"},
|
|
Blocks: []string{"block-id-1", "block-id-2"},
|
|
}
|
|
|
|
success, resp := th.Client.DeleteBoardsAndBlocks(dbab)
|
|
th.CheckOK(resp)
|
|
require.True(t, success)
|
|
|
|
// ensure that the entities have been successfully deleted
|
|
board1, err = th.Server.App().GetBoard("board-id-1")
|
|
require.NoError(t, err)
|
|
require.Nil(t, board1)
|
|
block1, err = th.Server.App().GetBlockByID("block-id-1")
|
|
require.NoError(t, err)
|
|
require.Nil(t, block1)
|
|
|
|
board2, err = th.Server.App().GetBoard("board-id-2")
|
|
require.NoError(t, err)
|
|
require.Nil(t, board2)
|
|
block2, err = th.Server.App().GetBlockByID("block-id-2")
|
|
require.NoError(t, err)
|
|
require.Nil(t, block2)
|
|
})
|
|
}
|