Add tests to GET `/api/pulse/form_input`

Also moves the segmented permissions regex to a named var.

src/metabase/api/user.clj

@@ -2,6 +2,7 @@
   "/api/user endpoints"
   (:require [cemerick.friend.credentials :as creds]
             [compojure.core :refer [DELETE GET POST PUT]]
+            [honeysql.helpers :as hh]
             [metabase.api
              [common :as api]
              [session :as session-api]]
@@ -35,10 +36,10 @@
   (cond-> (db/select (vec (cons User (if api/*is-superuser?*
                                        user/admin-or-self-visible-columns
                                        user/non-admin-or-self-visible-columns)))
-            (merge {:order-by [[:%lower.last_name :asc]
-                               [:%lower.first_name :asc]]}
-                   (when-not include_deactivated
-                     {:where [:= :is_active true]})))
+            (-> {}
+                (hh/merge-order-by [:%lower.last_name :asc] [:%lower.first_name :asc])
+                (hh/merge-where (when-not include_deactivated
+                                  [:= :is_active true]))))
     ;; For admins, also include the IDs of the  Users' Personal Collections
     api/*is-superuser?* (hydrate :personal_collection_id)))
 

src/metabase/models/permissions.clj

@@ -38,22 +38,25 @@
    prevent accidental tragedy, but you can enable it here when creating the default entry for `Admin`."
   false)
 
+(def segmented-perm-regex
+  "Regex that matches a segmented permission"
+  #"^/db/(\d+)/schema/([^\\/]*)/table/(\d+)/query/segmented/$")
 
 ;;; --------------------------------------------------- Validation ---------------------------------------------------
 
 (def ^:private ^:const valid-object-path-patterns
-  [#"^/db/(\d+)/$"                                              ; permissions for the entire DB -- native and all schemas
-   #"^/db/(\d+)/native/$"                                       ; permissions to create new native queries for the DB
-   #"^/db/(\d+)/schema/$"                                       ; permissions for all schemas in the DB
-   #"^/db/(\d+)/schema/([^\\/]*)/$"                             ; permissions for a specific schema
-   #"^/db/(\d+)/schema/([^\\/]*)/table/(\d+)/$"                 ; FULL permissions for a specific table
-   #"^/db/(\d+)/schema/([^\\/]*)/table/(\d+)/read/$"            ; Permissions to fetch the Metadata for a specific Table
-   #"^/db/(\d+)/schema/([^\\/]*)/table/(\d+)/query/$"           ; Permissions to run any sort of query against a Table
-   #"^/db/(\d+)/schema/([^\\/]*)/table/(\d+)/query/segmented/$" ; Permissions to run a query against a Table using GTAP
-   #"^/collection/(\d+)/$"                                      ; readwrite permissions for a collection
-   #"^/collection/(\d+)/read/$"                                 ; read permissions for a collection
-   #"^/collection/root/$"                                       ; readwrite permissions for the 'Root' Collection (things with `nil` collection_id)
-   #"^/collection/root/read/$"])                                ; read permissions for the 'Root' Collection
+  [#"^/db/(\d+)/$"                                    ; permissions for the entire DB -- native and all schemas
+   #"^/db/(\d+)/native/$"                             ; permissions to create new native queries for the DB
+   #"^/db/(\d+)/schema/$"                             ; permissions for all schemas in the DB
+   #"^/db/(\d+)/schema/([^\\/]*)/$"                   ; permissions for a specific schema
+   #"^/db/(\d+)/schema/([^\\/]*)/table/(\d+)/$"       ; FULL permissions for a specific table
+   #"^/db/(\d+)/schema/([^\\/]*)/table/(\d+)/read/$"  ; Permissions to fetch the Metadata for a specific Table
+   #"^/db/(\d+)/schema/([^\\/]*)/table/(\d+)/query/$" ; Permissions to run any sort of query against a Table
+   segmented-perm-regex                               ; Permissions to run a query against a Table using GTAP
+   #"^/collection/(\d+)/$"                            ; readwrite permissions for a collection
+   #"^/collection/(\d+)/read/$"                       ; read permissions for a collection
+   #"^/collection/root/$"          ; readwrite permissions for the 'Root' Collection (things with `nil` collection_id)
+   #"^/collection/root/read/$"])   ; read permissions for the 'Root' Collection
 
 (defn valid-object-path?
   "Does OBJECT-PATH follow a known, allowed format to an *object*?

test/metabase/api/pulse_test.clj

@@ -917,3 +917,23 @@
             ;; Don't update the pulse, but test the pulse with the updated recipients
             {:response ((user->client :rasta) :post 200 "pulse/test" (assoc result :channels [email-channel]))
              :emails   (et/regex-email-bodies #"A Pulse")}))))))
+
+;;; +----------------------------------------------------------------------------------------------------------------+
+;;; |                                         GET /api/pulse/form_input                                              |
+;;; +----------------------------------------------------------------------------------------------------------------+
+
+;; Check that Slack channels come back when configured
+(expect
+  [{:name "channel", :type "select", :displayName "Post to", :options ["#foo" "@bar"], :required true}]
+  (tu/with-temporary-setting-values [slack-token "something"]
+    (with-redefs [metabase.integrations.slack/channels-list (constantly [{:name "foo"}])
+                  metabase.integrations.slack/users-list (constantly [{:name "bar"}])]
+      (-> ((user->client :rasta) :get 200 "pulse/form_input")
+          (get-in [:channels :slack :fields])))))
+
+;; When slack is not configured, `form_input` returns just the #genreal slack channel
+(expect
+  [{:name "channel", :type "select", :displayName "Post to", :options ["#general"], :required true}]
+  (tu/with-temporary-setting-values [slack-token nil]
+    (-> ((user->client :rasta) :get 200 "pulse/form_input")
+        (get-in [:channels :slack :fields]))))