2015-10-08 12:27:09 -04:00
|
|
|
// Copyright (c) 2015 Mattermost, Inc. All Rights Reserved.
|
2015-06-14 23:53:32 -08:00
|
|
|
// See License.txt for license information.
|
|
|
|
|
|
|
|
|
|
package api
|
|
|
|
|
|
|
|
|
|
import (
|
2015-07-07 09:16:13 -04:00
|
|
|
"bytes"
|
2015-06-14 23:53:32 -08:00
|
|
|
"fmt"
|
2016-01-24 17:10:54 -03:00
|
|
|
"html/template"
|
2016-01-20 13:36:16 -06:00
|
|
|
"net/http"
|
|
|
|
|
"net/url"
|
|
|
|
|
"strconv"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
2016-04-21 22:37:01 -07:00
|
|
|
|
|
|
|
|
l4g "github.com/alecthomas/log4go"
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
|
|
|
|
|
|
"github.com/mattermost/platform/model"
|
2016-06-07 17:43:06 -04:00
|
|
|
"github.com/mattermost/platform/store"
|
2016-04-21 22:37:01 -07:00
|
|
|
"github.com/mattermost/platform/utils"
|
2015-06-14 23:53:32 -08:00
|
|
|
)
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
func InitTeam() {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Debug(utils.T("api.team.init.debug"))
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
BaseRoutes.Teams.Handle("/create", ApiAppHandler(createTeam)).Methods("POST")
|
|
|
|
|
BaseRoutes.Teams.Handle("/create_from_signup", ApiAppHandler(createTeamFromSignup)).Methods("POST")
|
|
|
|
|
BaseRoutes.Teams.Handle("/signup", ApiAppHandler(signupTeam)).Methods("POST")
|
|
|
|
|
BaseRoutes.Teams.Handle("/all", ApiAppHandler(getAll)).Methods("GET")
|
|
|
|
|
BaseRoutes.Teams.Handle("/all_team_listings", ApiUserRequired(GetAllTeamListings)).Methods("GET")
|
|
|
|
|
BaseRoutes.Teams.Handle("/get_invite_info", ApiAppHandler(getInviteInfo)).Methods("POST")
|
|
|
|
|
BaseRoutes.Teams.Handle("/find_team_by_name", ApiAppHandler(findTeamByName)).Methods("POST")
|
|
|
|
|
BaseRoutes.Teams.Handle("/members/{id:[A-Za-z0-9]+}", ApiUserRequired(getMembers)).Methods("GET")
|
|
|
|
|
|
|
|
|
|
BaseRoutes.NeedTeam.Handle("/me", ApiUserRequired(getMyTeam)).Methods("GET")
|
|
|
|
|
BaseRoutes.NeedTeam.Handle("/update", ApiUserRequired(updateTeam)).Methods("POST")
|
|
|
|
|
|
|
|
|
|
BaseRoutes.NeedTeam.Handle("/invite_members", ApiUserRequired(inviteMembers)).Methods("POST")
|
|
|
|
|
|
|
|
|
|
BaseRoutes.NeedTeam.Handle("/add_user_to_team", ApiUserRequired(addUserToTeam)).Methods("POST")
|
|
|
|
|
|
2016-06-02 18:39:23 -04:00
|
|
|
// These should be moved to the global admin console
|
2016-04-28 16:29:13 -04:00
|
|
|
BaseRoutes.NeedTeam.Handle("/import_team", ApiUserRequired(importTeam)).Methods("POST")
|
2016-04-21 22:37:01 -07:00
|
|
|
BaseRoutes.Teams.Handle("/add_user_to_team_from_invite", ApiUserRequired(addUserToTeamFromInvite)).Methods("POST")
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) {
|
2015-09-22 12:12:50 -07:00
|
|
|
if !utils.Cfg.EmailSettings.EnableSignUpWithEmail {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("signupTeam", "api.team.signup_team.email_disabled.app_error", nil, "")
|
2015-08-28 08:37:55 -04:00
|
|
|
c.Err.StatusCode = http.StatusNotImplemented
|
|
|
|
|
return
|
|
|
|
|
}
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
m := model.MapFromJson(r.Body)
|
|
|
|
|
email := strings.ToLower(strings.TrimSpace(m["email"]))
|
|
|
|
|
|
|
|
|
|
if len(email) == 0 {
|
|
|
|
|
c.SetInvalidParam("signupTeam", "email")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-14 18:31:58 +03:00
|
|
|
if !isTeamCreationAllowed(c, email) {
|
2015-08-25 14:28:02 -07:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-08 07:26:10 -05:00
|
|
|
subjectPage := utils.NewHTMLTemplate("signup_team_subject", c.Locale)
|
2016-01-24 17:10:54 -03:00
|
|
|
subjectPage.Props["Subject"] = c.T("api.templates.signup_team_subject",
|
|
|
|
|
map[string]interface{}{"SiteName": utils.ClientCfg["SiteName"]})
|
|
|
|
|
|
2016-02-08 07:26:10 -05:00
|
|
|
bodyPage := utils.NewHTMLTemplate("signup_team_body", c.Locale)
|
2015-09-15 18:59:14 -07:00
|
|
|
bodyPage.Props["SiteURL"] = c.GetSiteURL()
|
2016-01-24 17:10:54 -03:00
|
|
|
bodyPage.Props["Title"] = c.T("api.templates.signup_team_body.title")
|
|
|
|
|
bodyPage.Props["Button"] = c.T("api.templates.signup_team_body.button")
|
2016-02-03 00:46:56 -03:00
|
|
|
bodyPage.Html["Info"] = template.HTML(c.T("api.templates.signup_team_body.info",
|
2016-01-24 17:10:54 -03:00
|
|
|
map[string]interface{}{"SiteName": utils.ClientCfg["SiteName"]}))
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
props := make(map[string]string)
|
|
|
|
|
props["email"] = email
|
|
|
|
|
props["time"] = fmt.Sprintf("%v", model.GetMillis())
|
|
|
|
|
|
|
|
|
|
data := model.MapToJson(props)
|
2015-09-22 12:12:50 -07:00
|
|
|
hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.InviteSalt))
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2015-07-08 11:50:10 -04:00
|
|
|
bodyPage.Props["Link"] = fmt.Sprintf("%s/signup_team_complete/?d=%s&h=%s", c.GetSiteURL(), url.QueryEscape(data), url.QueryEscape(hash))
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
if err := utils.SendMail(email, subjectPage.Render(), bodyPage.Render()); err != nil {
|
|
|
|
|
c.Err = err
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-29 12:09:18 -07:00
|
|
|
if !utils.Cfg.EmailSettings.RequireEmailVerification {
|
2016-02-08 07:26:10 -05:00
|
|
|
m["follow_link"] = fmt.Sprintf("/signup_team_complete/?d=%s&h=%s", url.QueryEscape(data), url.QueryEscape(hash))
|
2015-09-29 12:09:18 -07:00
|
|
|
}
|
|
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
w.Header().Set("Access-Control-Allow-Origin", " *")
|
|
|
|
|
w.Write([]byte(model.MapToJson(m)))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) {
|
2015-09-22 12:12:50 -07:00
|
|
|
if !utils.Cfg.EmailSettings.EnableSignUpWithEmail {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("createTeamFromSignup", "api.team.create_team_from_signup.email_disabled.app_error", nil, "")
|
2015-08-28 08:37:55 -04:00
|
|
|
c.Err.StatusCode = http.StatusNotImplemented
|
|
|
|
|
return
|
|
|
|
|
}
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
teamSignup := model.TeamSignupFromJson(r.Body)
|
|
|
|
|
|
|
|
|
|
if teamSignup == nil {
|
|
|
|
|
c.SetInvalidParam("createTeam", "teamSignup")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
props := model.MapFromJson(strings.NewReader(teamSignup.Data))
|
|
|
|
|
teamSignup.Team.Email = props["email"]
|
|
|
|
|
teamSignup.User.Email = props["email"]
|
|
|
|
|
|
|
|
|
|
teamSignup.Team.PreSave()
|
|
|
|
|
|
2015-10-20 17:30:24 -07:00
|
|
|
if err := teamSignup.Team.IsValid(*utils.Cfg.TeamSettings.RestrictTeamNames); err != nil {
|
2015-06-14 23:53:32 -08:00
|
|
|
c.Err = err
|
|
|
|
|
return
|
|
|
|
|
}
|
2015-08-25 14:40:16 -07:00
|
|
|
|
2015-10-14 18:31:58 +03:00
|
|
|
if !isTeamCreationAllowed(c, teamSignup.Team.Email) {
|
2015-08-25 14:40:16 -07:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
teamSignup.Team.Id = ""
|
|
|
|
|
|
|
|
|
|
password := teamSignup.User.Password
|
|
|
|
|
teamSignup.User.PreSave()
|
|
|
|
|
if err := teamSignup.User.IsValid(); err != nil {
|
|
|
|
|
c.Err = err
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
teamSignup.User.Id = ""
|
|
|
|
|
teamSignup.User.Password = password
|
|
|
|
|
|
2015-09-22 12:12:50 -07:00
|
|
|
if !model.ComparePassword(teamSignup.Hash, fmt.Sprintf("%v:%v", teamSignup.Data, utils.Cfg.EmailSettings.InviteSalt)) {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("createTeamFromSignup", "api.team.create_team_from_signup.invalid_link.app_error", nil, "")
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
t, err := strconv.ParseInt(props["time"], 10, 64)
|
|
|
|
|
if err != nil || model.GetMillis()-t > 1000*60*60 { // one hour
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("createTeamFromSignup", "api.team.create_team_from_signup.expired_link.app_error", nil, "")
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
found := FindTeamByName(teamSignup.Team.Name)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
if found {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("createTeamFromSignup", "api.team.create_team_from_signup.unavailable.app_error", nil, "d="+teamSignup.Team.Name)
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Team().Save(&teamSignup.Team); result.Err != nil {
|
2015-06-14 23:53:32 -08:00
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
rteam := result.Data.(*model.Team)
|
|
|
|
|
|
2015-06-29 10:24:45 -04:00
|
|
|
if _, err := CreateDefaultChannels(c, rteam.Id); err != nil {
|
|
|
|
|
c.Err = nil
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
teamSignup.User.EmailVerified = true
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
ruser, err := CreateUser(&teamSignup.User)
|
2015-12-08 13:38:43 -05:00
|
|
|
if err != nil {
|
|
|
|
|
c.Err = err
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
JoinUserToTeam(rteam, ruser)
|
|
|
|
|
|
2015-07-08 11:50:10 -04:00
|
|
|
InviteMembers(c, rteam, ruser, teamSignup.Invites)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
teamSignup.Team = *rteam
|
|
|
|
|
teamSignup.User = *ruser
|
|
|
|
|
|
|
|
|
|
w.Write([]byte(teamSignup.ToJson()))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
func createTeam(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
team := model.TeamFromJson(r.Body)
|
2016-03-07 14:59:15 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
if team == nil {
|
|
|
|
|
c.SetInvalidParam("createTeam", "team")
|
2016-03-07 14:59:15 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
var user *model.User
|
|
|
|
|
if len(c.Session.UserId) > 0 {
|
|
|
|
|
uchan := Srv.Store.User().Get(c.Session.UserId)
|
2016-03-07 14:59:15 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
if result := <-uchan; result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
user = result.Data.(*model.User)
|
|
|
|
|
team.Email = user.Email
|
|
|
|
|
}
|
2016-03-07 14:59:15 -08:00
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
rteam := CreateTeam(c, team)
|
2016-03-07 14:59:15 -08:00
|
|
|
if c.Err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
if user != nil {
|
|
|
|
|
err := JoinUserToTeam(team, user)
|
2016-03-07 14:59:15 -08:00
|
|
|
if err != nil {
|
|
|
|
|
c.Err = err
|
|
|
|
|
return
|
|
|
|
|
}
|
2015-09-04 11:59:10 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Write([]byte(rteam.ToJson()))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func CreateTeam(c *Context, team *model.Team) *model.Team {
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
if team == nil {
|
|
|
|
|
c.SetInvalidParam("createTeam", "team")
|
2015-09-04 11:59:10 -07:00
|
|
|
return nil
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2015-10-14 18:31:58 +03:00
|
|
|
if !isTeamCreationAllowed(c, team.Email) {
|
2015-09-04 11:59:10 -07:00
|
|
|
return nil
|
2015-08-25 14:28:02 -07:00
|
|
|
}
|
|
|
|
|
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Team().Save(team); result.Err != nil {
|
2015-06-14 23:53:32 -08:00
|
|
|
c.Err = result.Err
|
2015-09-04 11:59:10 -07:00
|
|
|
return nil
|
2015-06-14 23:53:32 -08:00
|
|
|
} else {
|
|
|
|
|
rteam := result.Data.(*model.Team)
|
|
|
|
|
|
2015-06-29 10:24:45 -04:00
|
|
|
if _, err := CreateDefaultChannels(c, rteam.Id); err != nil {
|
2015-08-27 16:58:58 -07:00
|
|
|
c.Err = err
|
2015-09-04 11:59:10 -07:00
|
|
|
return nil
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2015-09-04 11:59:10 -07:00
|
|
|
return rteam
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-07 17:43:06 -04:00
|
|
|
func JoinUserToTeamById(teamId string, user *model.User) *model.AppError {
|
|
|
|
|
if result := <-Srv.Store.Team().Get(teamId); result.Err != nil {
|
|
|
|
|
return result.Err
|
|
|
|
|
} else {
|
|
|
|
|
return JoinUserToTeam(result.Data.(*model.Team), user)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
func JoinUserToTeam(team *model.Team, user *model.User) *model.AppError {
|
|
|
|
|
|
|
|
|
|
tm := &model.TeamMember{TeamId: team.Id, UserId: user.Id}
|
|
|
|
|
|
|
|
|
|
channelRole := ""
|
|
|
|
|
if team.Email == user.Email {
|
|
|
|
|
tm.Roles = model.ROLE_TEAM_ADMIN
|
|
|
|
|
channelRole = model.CHANNEL_ROLE_ADMIN
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if tmr := <-Srv.Store.Team().SaveMember(tm); tmr.Err != nil {
|
2016-06-07 17:43:06 -04:00
|
|
|
if tmr.Err.Id == store.TEAM_MEMBER_EXISTS_ERROR {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2016-04-21 22:37:01 -07:00
|
|
|
return tmr.Err
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-12 18:36:30 -07:00
|
|
|
if uua := <-Srv.Store.User().UpdateUpdateAt(user.Id); uua.Err != nil {
|
|
|
|
|
return uua.Err
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
// Soft error if there is an issue joining the default channels
|
|
|
|
|
if err := JoinDefaultChannels(team.Id, user, channelRole); err != nil {
|
|
|
|
|
l4g.Error(utils.T("api.user.create_user.joining.error"), user.Id, team.Id, err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
RemoveAllSessionsForUserId(user.Id)
|
|
|
|
|
InvalidateCacheForUser(user.Id)
|
|
|
|
|
|
2016-05-10 09:54:11 -07:00
|
|
|
// This message goes to every channel, so the channelId is irrelevant
|
2016-05-18 22:34:31 +02:00
|
|
|
go Publish(model.NewMessage("", "", user.Id, model.ACTION_NEW_USER))
|
2016-05-10 09:54:11 -07:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-14 18:31:58 +03:00
|
|
|
func isTeamCreationAllowed(c *Context, email string) bool {
|
2015-08-25 14:40:16 -07:00
|
|
|
|
|
|
|
|
email = strings.ToLower(email)
|
|
|
|
|
|
2016-06-30 08:43:46 -04:00
|
|
|
if !c.IsSystemAdmin() && !utils.Cfg.TeamSettings.EnableTeamCreation {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("isTeamCreationAllowed", "api.team.is_team_creation_allowed.disabled.app_error", nil, "")
|
2015-08-25 14:40:16 -07:00
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-21 10:49:48 -03:00
|
|
|
if result := <-Srv.Store.User().GetByEmail(email); result.Err == nil {
|
|
|
|
|
user := result.Data.(*model.User)
|
|
|
|
|
if len(user.AuthService) > 0 && len(*user.AuthData) > 0 {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-25 14:40:16 -07:00
|
|
|
// commas and @ signs are optional
|
|
|
|
|
// can be in the form of "@corp.mattermost.com, mattermost.com mattermost.org" -> corp.mattermost.com mattermost.com mattermost.org
|
|
|
|
|
domains := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(utils.Cfg.TeamSettings.RestrictCreationToDomains, "@", " ", -1), ",", " ", -1))))
|
|
|
|
|
|
|
|
|
|
matched := false
|
|
|
|
|
for _, d := range domains {
|
|
|
|
|
if strings.HasSuffix(email, "@"+d) {
|
|
|
|
|
matched = true
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(utils.Cfg.TeamSettings.RestrictCreationToDomains) > 0 && !matched {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("isTeamCreationAllowed", "api.team.is_team_creation_allowed.domain.app_error", nil, "")
|
2015-08-25 14:40:16 -07:00
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
func GetAllTeamListings(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
if result := <-Srv.Store.Team().GetAllTeamListing(); result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
teams := result.Data.([]*model.Team)
|
|
|
|
|
m := make(map[string]*model.Team)
|
|
|
|
|
for _, v := range teams {
|
|
|
|
|
m[v.Id] = v
|
|
|
|
|
if !c.IsSystemAdmin() {
|
|
|
|
|
m[v.Id].Sanitize()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Write([]byte(model.TeamMapToJson(m)))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-23 12:49:28 -07:00
|
|
|
func getAll(c *Context, w http.ResponseWriter, r *http.Request) {
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Team().GetAll(); result.Err != nil {
|
2015-09-23 12:49:28 -07:00
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
teams := result.Data.([]*model.Team)
|
|
|
|
|
m := make(map[string]*model.Team)
|
|
|
|
|
for _, v := range teams {
|
|
|
|
|
m[v.Id] = v
|
2016-02-08 07:26:10 -05:00
|
|
|
if !c.IsSystemAdmin() {
|
|
|
|
|
m[v.Id].SanitizeForNotLoggedIn()
|
|
|
|
|
}
|
2015-09-23 12:49:28 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Write([]byte(model.TeamMapToJson(m)))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func revokeAllSessions(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
props := model.MapFromJson(r.Body)
|
|
|
|
|
id := props["id"]
|
|
|
|
|
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Session().Get(id); result.Err != nil {
|
2015-09-23 12:49:28 -07:00
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
session := result.Data.(*model.Session)
|
|
|
|
|
|
|
|
|
|
c.LogAudit("revoked_all=" + id)
|
|
|
|
|
|
|
|
|
|
if session.IsOAuth {
|
2016-01-20 13:36:16 -06:00
|
|
|
RevokeAccessToken(session.Token)
|
2015-09-23 12:49:28 -07:00
|
|
|
} else {
|
|
|
|
|
sessionCache.Remove(session.Token)
|
|
|
|
|
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Session().Remove(session.Id); result.Err != nil {
|
2015-09-23 12:49:28 -07:00
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
w.Write([]byte(model.MapToJson(props)))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
func inviteMembers(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
invites := model.InvitesFromJson(r.Body)
|
|
|
|
|
if len(invites.Invites) == 0 {
|
2016-06-29 14:16:17 -04:00
|
|
|
c.Err = model.NewLocAppError("inviteMembers", "api.team.invite_members.no_one.app_error", nil, "")
|
2016-04-21 22:37:01 -07:00
|
|
|
c.Err.StatusCode = http.StatusBadRequest
|
|
|
|
|
return
|
|
|
|
|
}
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-06-29 14:16:17 -04:00
|
|
|
if utils.IsLicensed {
|
2016-07-06 08:23:24 -04:00
|
|
|
if *utils.Cfg.TeamSettings.RestrictTeamInvite == model.PERMISSIONS_SYSTEM_ADMIN && !c.IsSystemAdmin() {
|
2016-06-29 14:16:17 -04:00
|
|
|
c.Err = model.NewLocAppError("inviteMembers", "api.team.invite_members.restricted_system_admin.app_error", nil, "")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-07-06 08:23:24 -04:00
|
|
|
if *utils.Cfg.TeamSettings.RestrictTeamInvite == model.PERMISSIONS_TEAM_ADMIN && !c.IsTeamAdmin() {
|
2016-06-29 14:16:17 -04:00
|
|
|
c.Err = model.NewLocAppError("inviteMembers", "api.team.invite_members.restricted_team_admin.app_error", nil, "")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
tchan := Srv.Store.Team().Get(c.TeamId)
|
|
|
|
|
uchan := Srv.Store.User().Get(c.Session.UserId)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
var team *model.Team
|
|
|
|
|
if result := <-tchan; result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
2016-04-21 22:37:01 -07:00
|
|
|
} else {
|
|
|
|
|
team = result.Data.(*model.Team)
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
var user *model.User
|
|
|
|
|
if result := <-uchan; result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
2015-06-14 23:53:32 -08:00
|
|
|
} else {
|
2016-04-21 22:37:01 -07:00
|
|
|
user = result.Data.(*model.User)
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2016-06-02 18:39:23 -04:00
|
|
|
emailList := make([]string, len(invites.Invites))
|
2016-04-21 22:37:01 -07:00
|
|
|
for _, invite := range invites.Invites {
|
2016-06-02 18:39:23 -04:00
|
|
|
emailList = append(emailList, invite["email"])
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2016-06-02 18:39:23 -04:00
|
|
|
InviteMembers(c, team, user, emailList)
|
2015-07-08 11:50:10 -04:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
w.Write([]byte(invites.ToJson()))
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
func addUserToTeam(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
params := model.MapFromJson(r.Body)
|
|
|
|
|
userId := params["user_id"]
|
|
|
|
|
|
|
|
|
|
if len(userId) != 26 {
|
|
|
|
|
c.SetInvalidParam("addUserToTeam", "user_id")
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
tchan := Srv.Store.Team().Get(c.TeamId)
|
|
|
|
|
uchan := Srv.Store.User().Get(userId)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
var team *model.Team
|
|
|
|
|
if result := <-tchan; result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
team = result.Data.(*model.Team)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var user *model.User
|
|
|
|
|
if result := <-uchan; result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
user = result.Data.(*model.User)
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
if !c.IsTeamAdmin() {
|
|
|
|
|
c.Err = model.NewLocAppError("addUserToTeam", "api.team.update_team.permissions.app_error", nil, "userId="+c.Session.UserId)
|
|
|
|
|
c.Err.StatusCode = http.StatusForbidden
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err := JoinUserToTeam(team, user)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Err = err
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Write([]byte(model.MapToJson(params)))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func addUserToTeamFromInvite(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
|
|
|
|
params := model.MapFromJson(r.Body)
|
|
|
|
|
hash := params["hash"]
|
|
|
|
|
data := params["data"]
|
|
|
|
|
inviteId := params["invite_id"]
|
|
|
|
|
|
|
|
|
|
teamId := ""
|
|
|
|
|
var team *model.Team
|
|
|
|
|
|
|
|
|
|
if len(hash) > 0 {
|
|
|
|
|
props := model.MapFromJson(strings.NewReader(data))
|
|
|
|
|
|
|
|
|
|
if !model.ComparePassword(hash, fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.InviteSalt)) {
|
|
|
|
|
c.Err = model.NewLocAppError("addUserToTeamFromInvite", "api.user.create_user.signup_link_invalid.app_error", nil, "")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
t, err := strconv.ParseInt(props["time"], 10, 64)
|
|
|
|
|
if err != nil || model.GetMillis()-t > 1000*60*60*48 { // 48 hours
|
|
|
|
|
c.Err = model.NewLocAppError("addUserToTeamFromInvite", "api.user.create_user.signup_link_expired.app_error", nil, "")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
teamId = props["id"]
|
|
|
|
|
|
|
|
|
|
// try to load the team to make sure it exists
|
|
|
|
|
if result := <-Srv.Store.Team().Get(teamId); result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
team = result.Data.(*model.Team)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(inviteId) > 0 {
|
|
|
|
|
if result := <-Srv.Store.Team().GetByInviteId(inviteId); result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
team = result.Data.(*model.Team)
|
|
|
|
|
teamId = team.Id
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(teamId) == 0 {
|
|
|
|
|
c.Err = model.NewLocAppError("addUserToTeamFromInvite", "api.user.create_user.signup_link_invalid.app_error", nil, "")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uchan := Srv.Store.User().Get(c.Session.UserId)
|
|
|
|
|
|
|
|
|
|
var user *model.User
|
|
|
|
|
if result := <-uchan; result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
user = result.Data.(*model.User)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tm := c.Session.GetTeamByTeamId(teamId)
|
|
|
|
|
|
|
|
|
|
if tm == nil {
|
|
|
|
|
err := JoinUserToTeam(team, user)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Err = err
|
2015-07-07 17:57:25 -07:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
team.Sanitize()
|
|
|
|
|
|
|
|
|
|
w.Write([]byte(team.ToJson()))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func FindTeamByName(name string) bool {
|
|
|
|
|
if result := <-Srv.Store.Team().GetByName(name); result.Err != nil {
|
|
|
|
|
return false
|
|
|
|
|
} else {
|
|
|
|
|
return true
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
2016-04-21 22:37:01 -07:00
|
|
|
}
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
func findTeamByName(c *Context, w http.ResponseWriter, r *http.Request) {
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
m := model.MapFromJson(r.Body)
|
|
|
|
|
name := strings.ToLower(strings.TrimSpace(m["name"]))
|
|
|
|
|
|
|
|
|
|
found := FindTeamByName(name)
|
|
|
|
|
|
|
|
|
|
if found {
|
|
|
|
|
w.Write([]byte("true"))
|
|
|
|
|
} else {
|
|
|
|
|
w.Write([]byte("false"))
|
|
|
|
|
}
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2015-07-08 11:50:10 -04:00
|
|
|
func InviteMembers(c *Context, team *model.Team, user *model.User, invites []string) {
|
2015-06-14 23:53:32 -08:00
|
|
|
for _, invite := range invites {
|
|
|
|
|
if len(invite) > 0 {
|
|
|
|
|
|
2015-07-13 17:47:57 -04:00
|
|
|
sender := user.GetDisplayName()
|
2015-06-29 09:42:12 -07:00
|
|
|
|
|
|
|
|
senderRole := ""
|
2015-09-30 11:30:11 -04:00
|
|
|
if c.IsTeamAdmin() {
|
2016-01-22 01:37:11 -03:00
|
|
|
senderRole = c.T("api.team.invite_members.admin")
|
2015-06-29 09:42:12 -07:00
|
|
|
} else {
|
2016-01-22 01:37:11 -03:00
|
|
|
senderRole = c.T("api.team.invite_members.member")
|
2015-06-29 09:42:12 -07:00
|
|
|
}
|
|
|
|
|
|
2016-02-08 07:26:10 -05:00
|
|
|
subjectPage := utils.NewHTMLTemplate("invite_subject", c.Locale)
|
2016-01-24 17:10:54 -03:00
|
|
|
subjectPage.Props["Subject"] = c.T("api.templates.invite_subject",
|
|
|
|
|
map[string]interface{}{"SenderName": sender, "TeamDisplayName": team.DisplayName, "SiteName": utils.ClientCfg["SiteName"]})
|
2015-09-15 18:59:14 -07:00
|
|
|
|
2016-02-08 07:26:10 -05:00
|
|
|
bodyPage := utils.NewHTMLTemplate("invite_body", c.Locale)
|
2015-12-11 12:01:52 -05:00
|
|
|
bodyPage.Props["SiteURL"] = c.GetSiteURL()
|
2016-01-24 17:10:54 -03:00
|
|
|
bodyPage.Props["Title"] = c.T("api.templates.invite_body.title")
|
|
|
|
|
bodyPage.Html["Info"] = template.HTML(c.T("api.templates.invite_body.info",
|
|
|
|
|
map[string]interface{}{"SenderStatus": senderRole, "SenderName": sender, "TeamDisplayName": team.DisplayName}))
|
|
|
|
|
bodyPage.Props["Button"] = c.T("api.templates.invite_body.button")
|
|
|
|
|
bodyPage.Html["ExtraInfo"] = template.HTML(c.T("api.templates.invite_body.extra_info",
|
|
|
|
|
map[string]interface{}{"TeamDisplayName": team.DisplayName, "TeamURL": c.GetTeamURL()}))
|
|
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
props := make(map[string]string)
|
|
|
|
|
props["email"] = invite
|
|
|
|
|
props["id"] = team.Id
|
2015-07-08 11:50:10 -04:00
|
|
|
props["display_name"] = team.DisplayName
|
2015-06-14 23:53:32 -08:00
|
|
|
props["name"] = team.Name
|
|
|
|
|
props["time"] = fmt.Sprintf("%v", model.GetMillis())
|
|
|
|
|
data := model.MapToJson(props)
|
2015-09-22 12:12:50 -07:00
|
|
|
hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.InviteSalt))
|
2015-07-08 11:50:10 -04:00
|
|
|
bodyPage.Props["Link"] = fmt.Sprintf("%s/signup_user_complete/?d=%s&h=%s", c.GetSiteURL(), url.QueryEscape(data), url.QueryEscape(hash))
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2015-09-22 12:12:50 -07:00
|
|
|
if !utils.Cfg.EmailSettings.SendEmailNotifications {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Info(utils.T("api.team.invite_members.sending.info"), invite, bodyPage.Props["Link"])
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := utils.SendMail(invite, subjectPage.Render(), bodyPage.Render()); err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Error(utils.T("api.team.invite_members.send.error"), err)
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-27 22:18:52 -07:00
|
|
|
func updateTeam(c *Context, w http.ResponseWriter, r *http.Request) {
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2015-10-27 22:18:52 -07:00
|
|
|
team := model.TeamFromJson(r.Body)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2015-10-27 22:18:52 -07:00
|
|
|
if team == nil {
|
|
|
|
|
c.SetInvalidParam("updateTeam", "team")
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
team.Id = c.TeamId
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2015-10-27 22:18:52 -07:00
|
|
|
if !c.IsTeamAdmin() {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("updateTeam", "api.team.update_team.permissions.app_error", nil, "userId="+c.Session.UserId)
|
2015-10-27 22:18:52 -07:00
|
|
|
c.Err.StatusCode = http.StatusForbidden
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-27 22:18:52 -07:00
|
|
|
var oldTeam *model.Team
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Team().Get(team.Id); result.Err != nil {
|
2015-10-27 22:18:52 -07:00
|
|
|
c.Err = result.Err
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
2015-10-27 22:18:52 -07:00
|
|
|
} else {
|
|
|
|
|
oldTeam = result.Data.(*model.Team)
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2015-10-27 22:18:52 -07:00
|
|
|
oldTeam.DisplayName = team.DisplayName
|
|
|
|
|
oldTeam.InviteId = team.InviteId
|
|
|
|
|
oldTeam.AllowOpenInvite = team.AllowOpenInvite
|
|
|
|
|
oldTeam.CompanyName = team.CompanyName
|
|
|
|
|
oldTeam.AllowedDomains = team.AllowedDomains
|
|
|
|
|
//oldTeam.Type = team.Type
|
|
|
|
|
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Team().Update(oldTeam); result.Err != nil {
|
2015-06-14 23:53:32 -08:00
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-27 22:18:52 -07:00
|
|
|
oldTeam.Sanitize()
|
|
|
|
|
|
|
|
|
|
w.Write([]byte(oldTeam.ToJson()))
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
2015-06-18 08:05:41 -04:00
|
|
|
|
2015-11-16 17:12:49 -08:00
|
|
|
func PermanentDeleteTeam(c *Context, team *model.Team) *model.AppError {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Warn(utils.T("api.team.permanent_delete_team.attempting.warn"), team.Name, team.Id)
|
2015-11-18 08:53:17 -08:00
|
|
|
c.Path = "/teams/permanent_delete"
|
|
|
|
|
c.LogAuditWithUserId("", fmt.Sprintf("attempt teamId=%v", team.Id))
|
2015-11-16 17:12:49 -08:00
|
|
|
|
|
|
|
|
team.DeleteAt = model.GetMillis()
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Team().Update(team); result.Err != nil {
|
2015-11-16 17:12:49 -08:00
|
|
|
return result.Err
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
if result := <-Srv.Store.Channel().PermanentDeleteByTeam(team.Id); result.Err != nil {
|
2015-11-16 17:12:49 -08:00
|
|
|
return result.Err
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
if result := <-Srv.Store.Team().RemoveAllMembersByTeam(team.Id); result.Err != nil {
|
2015-11-16 18:18:37 -08:00
|
|
|
return result.Err
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-20 13:36:16 -06:00
|
|
|
if result := <-Srv.Store.Team().PermanentDelete(team.Id); result.Err != nil {
|
2015-11-16 17:12:49 -08:00
|
|
|
return result.Err
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Warn(utils.T("api.team.permanent_delete_team.deleted.warn"), team.Name, team.Id)
|
2015-11-18 08:53:17 -08:00
|
|
|
c.LogAuditWithUserId("", fmt.Sprintf("success teamId=%v", team.Id))
|
2015-11-16 17:12:49 -08:00
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-18 10:40:46 -04:00
|
|
|
func getMyTeam(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
if len(c.TeamId) == 0 {
|
2015-06-18 10:40:46 -04:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
if result := <-Srv.Store.Team().Get(c.TeamId); result.Err != nil {
|
2015-06-18 10:40:46 -04:00
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else if HandleEtag(result.Data.(*model.Team).Etag(), w, r) {
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
w.Header().Set(model.HEADER_ETAG_SERVER, result.Data.(*model.Team).Etag())
|
|
|
|
|
w.Write([]byte(result.Data.(*model.Team).ToJson()))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
2015-07-07 09:16:13 -04:00
|
|
|
|
|
|
|
|
func importTeam(c *Context, w http.ResponseWriter, r *http.Request) {
|
2016-04-21 22:37:01 -07:00
|
|
|
if !c.HasPermissionsToTeam(c.TeamId, "import") || !c.IsTeamAdmin() {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("importTeam", "api.team.import_team.admin.app_error", nil, "userId="+c.Session.UserId)
|
2015-07-07 09:16:13 -04:00
|
|
|
c.Err.StatusCode = http.StatusForbidden
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := r.ParseMultipartForm(10000000); err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("importTeam", "api.team.import_team.parse.app_error", nil, err.Error())
|
2015-07-07 09:16:13 -04:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
importFromArray, ok := r.MultipartForm.Value["importFrom"]
|
|
|
|
|
importFrom := importFromArray[0]
|
|
|
|
|
|
|
|
|
|
fileSizeStr, ok := r.MultipartForm.Value["filesize"]
|
|
|
|
|
if !ok {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("importTeam", "api.team.import_team.unavailable.app_error", nil, "")
|
2015-07-07 09:16:13 -04:00
|
|
|
c.Err.StatusCode = http.StatusBadRequest
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fileSize, err := strconv.ParseInt(fileSizeStr[0], 10, 64)
|
|
|
|
|
if err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("importTeam", "api.team.import_team.integer.app_error", nil, "")
|
2015-07-07 09:16:13 -04:00
|
|
|
c.Err.StatusCode = http.StatusBadRequest
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fileInfoArray, ok := r.MultipartForm.File["file"]
|
|
|
|
|
if !ok {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("importTeam", "api.team.import_team.no_file.app_error", nil, "")
|
2015-07-07 09:16:13 -04:00
|
|
|
c.Err.StatusCode = http.StatusBadRequest
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(fileInfoArray) <= 0 {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("importTeam", "api.team.import_team.array.app_error", nil, "")
|
2015-07-07 09:16:13 -04:00
|
|
|
c.Err.StatusCode = http.StatusBadRequest
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fileInfo := fileInfoArray[0]
|
|
|
|
|
|
|
|
|
|
fileData, err := fileInfo.Open()
|
|
|
|
|
defer fileData.Close()
|
|
|
|
|
if err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("importTeam", "api.team.import_team.open.app_error", nil, err.Error())
|
2015-07-07 09:16:13 -04:00
|
|
|
c.Err.StatusCode = http.StatusBadRequest
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var log *bytes.Buffer
|
|
|
|
|
switch importFrom {
|
|
|
|
|
case "slack":
|
|
|
|
|
var err *model.AppError
|
2016-04-21 22:37:01 -07:00
|
|
|
if err, log = SlackImport(fileData, fileSize, c.TeamId); err != nil {
|
2015-07-07 09:16:13 -04:00
|
|
|
c.Err = err
|
|
|
|
|
c.Err.StatusCode = http.StatusBadRequest
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Header().Set("Content-Disposition", "attachment; filename=MattermostImportLog.txt")
|
|
|
|
|
w.Header().Set("Content-Type", "application/octet-stream")
|
|
|
|
|
http.ServeContent(w, r, "MattermostImportLog.txt", time.Now(), bytes.NewReader(log.Bytes()))
|
|
|
|
|
}
|
2015-08-26 12:49:07 -04:00
|
|
|
|
2016-02-08 07:26:10 -05:00
|
|
|
func getInviteInfo(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
m := model.MapFromJson(r.Body)
|
|
|
|
|
inviteId := m["invite_id"]
|
|
|
|
|
|
|
|
|
|
if result := <-Srv.Store.Team().GetByInviteId(inviteId); result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
team := result.Data.(*model.Team)
|
|
|
|
|
if !(team.Type == model.TEAM_OPEN) {
|
|
|
|
|
c.Err = model.NewLocAppError("getInviteInfo", "api.team.get_invite_info.not_open_team", nil, "id="+inviteId)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result := map[string]string{}
|
|
|
|
|
result["display_name"] = team.DisplayName
|
|
|
|
|
result["name"] = team.Name
|
|
|
|
|
result["id"] = team.Id
|
|
|
|
|
w.Write([]byte(model.MapToJson(result)))
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-04-21 22:37:01 -07:00
|
|
|
|
|
|
|
|
func getMembers(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
params := mux.Vars(r)
|
|
|
|
|
id := params["id"]
|
|
|
|
|
|
|
|
|
|
if c.Session.GetTeamByTeamId(id) == nil {
|
|
|
|
|
if !c.HasSystemAdminPermissions("getMembers") {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if result := <-Srv.Store.Team().GetMembers(id); result.Err != nil {
|
|
|
|
|
c.Err = result.Err
|
|
|
|
|
return
|
|
|
|
|
} else {
|
|
|
|
|
members := result.Data.([]*model.TeamMember)
|
|
|
|
|
w.Write([]byte(model.TeamMembersToJson(members)))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
