claude/mattermost-community-enterprise
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ec1f89217a
mattermost-community-enterp.../cmd/mmctl/commands/permissions_test.go
Claude ec1f89217a Merge: Complete Mattermost Server with Community Enterprise 
Full Mattermost server source with integrated Community Enterprise features.
Includes vendor directory for offline/air-gapped builds.

Structure:
- enterprise-impl/: Enterprise feature implementations
- enterprise-community/: Init files that register implementations
- enterprise/: Bridge imports (community_imports.go)
- vendor/: All dependencies for offline builds

Build (online):
  go build ./cmd/mattermost

Build (offline/air-gapped):
  go build -mod=vendor ./cmd/mattermost

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-17 23:59:07 +09:00

274 lines
7.4 KiB
Go
Raw Blame History

// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See LICENSE.txt for license information.
package commands
import (
"context"
"net/http"
gomock "github.com/golang/mock/gomock"
"github.com/pkg/errors"
"github.com/mattermost/mattermost/server/public/model"
"github.com/spf13/cobra"
)
func (s *MmctlUnitTestSuite) TestAddPermissionsCmd() {
s.Run("Adding a new permission to an existing role", func() {
mockRole := &model.Role{
Id: "mock-id",
Name: "mock-role",
Permissions: []string{"view", "edit"},
}
newPermission := "delete"
expectedPermissions := mockRole.Permissions
expectedPermissions = append(expectedPermissions, newPermission)
expectedPatch := &model.RolePatch{
Permissions: &expectedPermissions,
}
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(mockRole, &model.Response{}, nil).
Times(1)
s.client.
EXPECT().
PatchRole(context.TODO(), mockRole.Id, expectedPatch).
Return(&model.Role{}, &model.Response{}, nil).
Times(1)
args := []string{mockRole.Name, newPermission}
err := addPermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().Nil(err)
})
s.Run("Trying to add a new permission to a non existing role", func() {
expectedError := errors.New("role_not_found")
s.client.
EXPECT().
GetRoleByName(context.TODO(), gomock.Any()).
Return(nil, &model.Response{StatusCode: http.StatusNotFound}, expectedError).
Times(1)
args := []string{"mockRole", "newPermission"}
err := addPermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().Equal(expectedError, err)
})
s.Run("Adding a new sysconsole_* permission to a role", func() {
mockRole := &model.Role{
Id: "mock-id",
Name: "mock-role",
Permissions: []string{},
}
newPermission := "sysconsole_read_user_management_channels"
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(mockRole, &model.Response{}, nil).
Times(1)
s.Run("with ancillary permissions", func() {
expectedPermissions := mockRole.Permissions
expectedPermissions = append(expectedPermissions, []string{newPermission, "read_public_channel", "read_channel", "read_public_channel_groups", "read_private_channel_groups"}...)
expectedPatch := &model.RolePatch{
Permissions: &expectedPermissions,
}
s.client.
EXPECT().
PatchRole(context.TODO(), mockRole.Id, expectedPatch).
Return(&model.Role{}, &model.Response{}, nil).
Times(1)
args := []string{mockRole.Name, newPermission}
cmd := &cobra.Command{}
err := addPermissionsCmdF(s.client, cmd, args)
s.Require().Nil(err)
})
})
}
func (s *MmctlUnitTestSuite) TestRemovePermissionsCmd() {
s.Run("Removing a permission from an existing role", func() {
mockRole := &model.Role{
Id: "mock-id",
Name: "mock-role",
Permissions: []string{"view", "edit", "delete"},
}
expectedPatch := &model.RolePatch{
Permissions: &[]string{"view", "edit"},
}
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(mockRole, &model.Response{}, nil).
Times(1)
s.client.
EXPECT().
PatchRole(context.TODO(), mockRole.Id, expectedPatch).
Return(&model.Role{}, &model.Response{}, nil).
Times(1)
args := []string{mockRole.Name, "delete"}
err := removePermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().Nil(err)
})
s.Run("Removing multiple permissions from an existing role", func() {
mockRole := &model.Role{
Id: "mock-id",
Name: "mock-role",
Permissions: []string{"view", "edit", "delete"},
}
expectedPatch := &model.RolePatch{
Permissions: &[]string{"edit"},
}
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(mockRole, &model.Response{}, nil).
Times(1)
s.client.
EXPECT().
PatchRole(context.TODO(), mockRole.Id, expectedPatch).
Return(&model.Role{}, &model.Response{}, nil).
Times(1)
args := []string{mockRole.Name, "view", "delete"}
err := removePermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().Nil(err)
})
s.Run("Removing a non-existing permission from an existing role", func() {
mockRole := &model.Role{
Id: "mock-id",
Name: "mock-role",
Permissions: []string{"view", "edit"},
}
expectedPatch := &model.RolePatch{
Permissions: &[]string{"view", "edit"},
}
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(mockRole, &model.Response{}, nil).
Times(1)
s.client.
EXPECT().
PatchRole(context.TODO(), mockRole.Id, expectedPatch).
Return(&model.Role{}, &model.Response{}, nil).
Times(1)
args := []string{mockRole.Name, "delete"}
err := removePermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().Nil(err)
})
s.Run("Removing a permission from a non-existing role", func() {
mockRole := model.Role{
Name: "exampleName",
}
mockError := errors.New("role_not_found")
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(nil, &model.Response{StatusCode: http.StatusNotFound}, mockError).
Times(1)
args := []string{mockRole.Name, "delete"}
err := removePermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().EqualError(err, "role_not_found")
})
}
func (s *MmctlUnitTestSuite) TestResetPermissionsCmd() {
s.Run("A non-existent role", func() {
mockRole := model.Role{
Name: "exampleName",
}
mockError := errors.New("role_not_found")
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(nil, &model.Response{StatusCode: http.StatusNotFound}, mockError).
Times(1)
args := []string{mockRole.Name}
err := resetPermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().EqualError(err, "role_not_found")
})
s.Run("A role without default permissions", func() {
mockRole := model.Role{
Id: "mock-id",
Name: "mock-role",
Permissions: []string{"view", "edit", "delete"},
}
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(&mockRole, &model.Response{}, nil).
Times(1)
args := []string{mockRole.Name}
err := resetPermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().EqualError(err, "no default permissions available for role")
})
s.Run("Resets the permissions", func() {
mockRole := model.Role{
Id: "mock-id",
Name: "channel_admin",
Permissions: []string{"view_foos", "delete_bars"},
}
expectedPermissions := []string{
"manage_channel_roles",
"use_group_mentions",
"add_bookmark_public_channel",
"edit_bookmark_public_channel",
"delete_bookmark_public_channel",
"order_bookmark_public_channel",
"add_bookmark_private_channel",
"edit_bookmark_private_channel",
"delete_bookmark_private_channel",
"order_bookmark_private_channel",
"manage_public_channel_banner",
"manage_private_channel_banner",
"manage_channel_access_rules",
}
expectedPatch := &model.RolePatch{
Permissions: &expectedPermissions,
}
s.client.
EXPECT().
GetRoleByName(context.TODO(), mockRole.Name).
Return(&mockRole, &model.Response{}, nil).
Times(1)
s.client.
EXPECT().
PatchRole(context.TODO(), mockRole.Id, expectedPatch).
Return(&model.Role{}, &model.Response{}, nil).
Times(1)
args := []string{mockRole.Name}
err := resetPermissionsCmdF(s.client, &cobra.Command{}, args)
s.Require().Nil(err)
})
}
Reference in New Issue View Git Blame Copy Permalink