groups: only the local groups of a user can be set

src/test/groups-test.js

@@ -132,20 +132,22 @@ describe('Groups', function () {
         });
 
         it('can set group membership', async function () {
-            await groups.setMembership(admin, [ group0Object.id ]);
+            await groups.setLocalMembership(admin, [ group0Object.id ]);
+            const groupIds = await groups._getMembership(admin.id);
+            expect(groupIds.length).to.be(1);
         });
 
         it('cannot set user to same group twice', async function () {
-            const [error] = await safe(groups.setMembership(admin, [ group0Object.id, group0Object.id ]));
+            const [error] = await safe(groups.setLocalMembership(admin, [ group0Object.id, group0Object.id ]));
             expect(error.reason).to.be(BoxError.CONFLICT);
         });
 
         it('can set user to multiple groups', async function () {
-            await groups.setMembership(admin, [ group0Object.id, group1Object.id ]);
+            await groups.setLocalMembership(admin, [ group0Object.id, group1Object.id ]);
         });
 
         it('can get groups membership', async function () {
-            const groupIds = await groups.getMembership(admin.id);
+            const groupIds = await groups._getMembership(admin.id);
             expect(groupIds.length).to.be(2);
             expect(groupIds.sort()).to.eql([ group0Object.id, group1Object.id ].sort());
         });
@@ -224,8 +226,17 @@ describe('Groups', function () {
         });
 
         it('cannot set membership', async function () {
-            const [error] = await safe(groups.setMembership(admin, [ ldapGroup.id ]));
+            const [error] = await safe(groups.setLocalMembership(admin, [ ldapGroup.id ]));
             expect(error.reason).to.be(BoxError.BAD_STATE);
         });
+
+        it('does not clear remote membership', async function () {
+            await groups.setMembers(ldapGroup, [ admin.id ], { skipSourceCheck: true }); // would be called by ldap syncer
+            await groups.setLocalMembership(admin, [ group1Object.id ]);
+
+            const groupIds = await groups._getMembership(admin.id);
+            expect(groupIds.length).to.be(2);
+            expect(groupIds.sort()).to.eql([ group1Object.id, ldapGroup.id ].sort());
+        });
     });
 });