2020-01-16 14:06:28 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace Tests\E2E\Services\Teams;
|
|
|
|
|
|
2022-01-02 16:08:27 +00:00
|
|
|
use Tests\E2E\Client;
|
2020-01-16 14:06:28 +00:00
|
|
|
use Tests\E2E\Scopes\ProjectConsole;
|
2024-03-06 17:34:21 +00:00
|
|
|
use Tests\E2E\Scopes\Scope;
|
2020-01-16 14:06:28 +00:00
|
|
|
use Tests\E2E\Scopes\SideClient;
|
|
|
|
|
|
|
|
|
|
class TeamsConsoleClientTest extends Scope
|
|
|
|
|
{
|
|
|
|
|
use TeamsBase;
|
|
|
|
|
use TeamsBaseClient;
|
|
|
|
|
use ProjectConsole;
|
|
|
|
|
use SideClient;
|
2022-01-02 16:08:27 +00:00
|
|
|
|
2022-08-31 17:27:32 +00:00
|
|
|
/**
|
|
|
|
|
* @depends testCreateTeam
|
2025-04-14 08:47:57 +00:00
|
|
|
*/
|
|
|
|
|
public function testTeamCreateMembershipConsole($data): array
|
|
|
|
|
{
|
|
|
|
|
$teamUid = $data['teamUid'] ?? '';
|
|
|
|
|
$email = uniqid() . 'friend@localhost.test';
|
|
|
|
|
$name = 'Friend User';
|
|
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_POST, '/teams/' . $teamUid . '/memberships', array_merge([
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()), [
|
|
|
|
|
'email' => $email,
|
|
|
|
|
'name' => $name,
|
|
|
|
|
'roles' => ['developer'],
|
|
|
|
|
'url' => 'http://example.com/join-us#title' // bad url
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
|
|
|
|
|
|
|
|
|
return $data;
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-31 17:27:32 +00:00
|
|
|
/**
|
|
|
|
|
* @depends testCreateTeam
|
|
|
|
|
*/
|
2022-09-01 09:09:28 +00:00
|
|
|
public function testTeamMembershipPerms($data): array
|
2022-08-31 17:27:32 +00:00
|
|
|
{
|
|
|
|
|
$teamUid = $data['teamUid'] ?? '';
|
|
|
|
|
$teamName = $data['teamName'] ?? '';
|
|
|
|
|
$email = uniqid() . 'friend@localhost.test';
|
|
|
|
|
$name = 'Friend User';
|
|
|
|
|
$password = 'password';
|
|
|
|
|
|
|
|
|
|
// Create a user account before we create a invite so we can check if the user has permissions when it shouldn't
|
|
|
|
|
$user = $this->client->call(Client::METHOD_POST, '/account', [
|
|
|
|
|
'content-type' => 'application/json',
|
2024-07-17 21:18:15 +00:00
|
|
|
'x-appwrite-project' => 'console'
|
|
|
|
|
], [
|
|
|
|
|
'userId' => 'unique()',
|
|
|
|
|
'email' => $email,
|
|
|
|
|
'password' => $password,
|
|
|
|
|
'name' => $name,
|
|
|
|
|
], false);
|
2022-08-31 17:27:32 +00:00
|
|
|
|
|
|
|
|
$this->assertEquals(201, $user['headers']['status-code']);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Test for SUCCESS
|
|
|
|
|
*/
|
2025-05-26 06:03:58 +00:00
|
|
|
$developer = $this->client->call(Client::METHOD_POST, '/teams/' . $teamUid . '/memberships', array_merge([
|
2022-08-31 17:27:32 +00:00
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()), [
|
2022-09-01 09:09:28 +00:00
|
|
|
'email' => $email,
|
|
|
|
|
'name' => $name,
|
2024-09-05 03:24:57 +00:00
|
|
|
'roles' => ['developer'],
|
2022-08-31 17:27:32 +00:00
|
|
|
'url' => 'http://localhost:5000/join-us#title'
|
|
|
|
|
]);
|
|
|
|
|
|
2025-05-26 06:03:58 +00:00
|
|
|
$developerUserId = $developer['body']['$id'];
|
|
|
|
|
$this->assertEquals(201, $developer['headers']['status-code']);
|
2022-08-31 17:27:32 +00:00
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_GET, '/users', array_merge([
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()));
|
|
|
|
|
$this->assertEquals(401, $response['headers']['status-code']);
|
|
|
|
|
|
2022-09-01 09:09:28 +00:00
|
|
|
$response = $this->client->call(Client::METHOD_GET, '/teams/' . $teamUid . '/memberships', array_merge([
|
2022-08-31 17:27:32 +00:00
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()));
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(200, $response['headers']['status-code']);
|
|
|
|
|
|
2025-05-26 06:03:58 +00:00
|
|
|
$ownerMembershipUid = $response['body']['memberships'][0]['$id'];
|
2022-08-31 17:27:32 +00:00
|
|
|
|
2022-09-01 09:09:28 +00:00
|
|
|
$response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamUid . '/memberships/' . $ownerMembershipUid, array_merge([
|
2022-08-31 17:27:32 +00:00
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()));
|
2025-05-25 06:57:29 +00:00
|
|
|
|
|
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
2025-05-30 08:51:11 +00:00
|
|
|
$this->assertEquals('membership_deletion_prohibited', $response['body']['type']);
|
2025-05-25 06:57:29 +00:00
|
|
|
$this->assertEquals('There must be at least one owner in the organization.', $response['body']['message']);
|
2022-09-01 09:09:28 +00:00
|
|
|
|
2025-05-26 06:03:58 +00:00
|
|
|
// Remove the excess developer member to reduce the membership count in `TeamsBaseClient` tests.
|
|
|
|
|
// This is necessary because the only owner cannot be removed in the console project / top level team / organization.
|
|
|
|
|
$response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamUid . '/memberships/' . $developerUserId, array_merge([
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()));
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(204, $response['headers']['status-code']);
|
|
|
|
|
|
2022-08-31 17:27:32 +00:00
|
|
|
return $data;
|
|
|
|
|
}
|
2024-09-05 03:43:02 +00:00
|
|
|
|
|
|
|
|
/** @depends testUpdateTeamMembership */
|
|
|
|
|
public function testUpdateTeamMembershipRoles($data): array
|
|
|
|
|
{
|
|
|
|
|
$teamUid = $data['teamUid'] ?? '';
|
|
|
|
|
$membershipUid = $data['membershipUid'] ?? '';
|
|
|
|
|
$session = $data['session'] ?? '';
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Test for unknown team
|
|
|
|
|
*/
|
|
|
|
|
$response = $this->client->call(Client::METHOD_PATCH, '/teams/' . 'abc' . '/memberships/' . $membershipUid, array_merge([
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()), [
|
2025-05-26 06:03:58 +00:00
|
|
|
'roles' => ['developer']
|
2024-09-05 03:43:02 +00:00
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(404, $response['headers']['status-code']);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Test for unknown membership ID
|
|
|
|
|
*/
|
|
|
|
|
$response = $this->client->call(Client::METHOD_PATCH, '/teams/' . $teamUid . '/memberships/' . 'abc', array_merge([
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()), [
|
2025-05-26 06:03:58 +00:00
|
|
|
'roles' => ['developer']
|
2024-09-05 03:43:02 +00:00
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(404, $response['headers']['status-code']);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Test for when a user other than the owner tries to update membership
|
|
|
|
|
*/
|
|
|
|
|
$response = $this->client->call(Client::METHOD_PATCH, '/teams/' . $teamUid . '/memberships/' . $membershipUid, [
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
|
|
|
|
|
], [
|
2025-05-26 06:03:58 +00:00
|
|
|
'roles' => ['developer']
|
2024-09-05 03:43:02 +00:00
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(401, $response['headers']['status-code']);
|
|
|
|
|
$this->assertEquals('User is not allowed to modify roles', $response['body']['message']);
|
|
|
|
|
|
|
|
|
|
return $data;
|
|
|
|
|
}
|
2025-05-26 06:03:58 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @depends testUpdateTeamMembershipRoles
|
|
|
|
|
*/
|
|
|
|
|
public function testDeleteTeamMembership($data): array
|
|
|
|
|
{
|
|
|
|
|
$teamUid = $data['teamUid'] ?? '';
|
|
|
|
|
$membershipUid = $data['membershipUid'] ?? '';
|
|
|
|
|
$session = $data['session'] ?? '';
|
|
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_GET, '/teams/' . $teamUid . '/memberships', array_merge([
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()));
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(200, $response['headers']['status-code']);
|
|
|
|
|
$this->assertEquals(3, $response['body']['total']);
|
|
|
|
|
|
|
|
|
|
$ownerMembershipUid = $response['body']['memberships'][0]['$id'];
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Test deleting a membership that does not exists
|
|
|
|
|
*/
|
|
|
|
|
$response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamUid . '/memberships/dne', [
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(404, $response['headers']['status-code']);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Test deleting another user's membership
|
|
|
|
|
*/
|
|
|
|
|
$response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamUid . '/memberships/' . $ownerMembershipUid, [
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(401, $response['headers']['status-code']);
|
|
|
|
|
$this->assertEquals('The current user is not authorized to perform the requested action.', $response['body']['message']);
|
|
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamUid . '/memberships/' . $membershipUid, [
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
|
|
|
|
|
]);
|
|
|
|
|
|
2025-05-30 12:35:03 +00:00
|
|
|
$this->assertEquals(204, $response['headers']['status-code']);
|
2025-05-26 06:03:58 +00:00
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_GET, '/teams/' . $teamUid . '/memberships', array_merge([
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()));
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(200, $response['headers']['status-code']);
|
2025-05-30 12:35:03 +00:00
|
|
|
$this->assertEquals(2, $response['body']['total']);
|
2025-05-26 06:03:58 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Test for when the owner tries to delete their membership
|
|
|
|
|
*/
|
|
|
|
|
$response = $this->client->call(Client::METHOD_DELETE, '/teams/' . $teamUid . '/memberships/' . $ownerMembershipUid, array_merge([
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()));
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(400, $response['headers']['status-code']);
|
2025-05-30 08:51:11 +00:00
|
|
|
$this->assertEquals('membership_deletion_prohibited', $response['body']['type']);
|
2025-05-26 06:03:58 +00:00
|
|
|
$this->assertEquals('There must be at least one owner in the organization.', $response['body']['message']);
|
|
|
|
|
|
|
|
|
|
$response = $this->client->call(Client::METHOD_GET, '/teams/' . $teamUid . '/memberships/' . $ownerMembershipUid, array_merge([
|
|
|
|
|
'origin' => 'http://localhost',
|
|
|
|
|
'content-type' => 'application/json',
|
|
|
|
|
'x-appwrite-project' => $this->getProject()['$id'],
|
|
|
|
|
], $this->getHeaders()));
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(200, $response['headers']['status-code']);
|
|
|
|
|
|
|
|
|
|
return [];
|
|
|
|
|
}
|
2022-05-23 14:54:50 +00:00
|
|
|
}
|
