2017-04-12 08:27:57 -04:00
|
|
|
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
|
2015-09-16 19:59:57 -07:00
|
|
|
// See License.txt for license information.
|
|
|
|
|
|
|
|
|
|
package model
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"encoding/json"
|
|
|
|
|
"io"
|
2018-02-07 11:05:46 -06:00
|
|
|
"math/big"
|
2015-09-16 19:59:57 -07:00
|
|
|
)
|
|
|
|
|
|
2015-10-15 11:16:26 -07:00
|
|
|
const (
|
MM-10516: Added support for PostActions in ephemeral posts (#10258)
* Added support for PostActions in ephemeral posts
The general approach is that we take all the metadata that DoPostAction
needs to process client DoPostActionRequests, and store it in a
serialized, encrypted Cookie field, in the PostAction struct.
The client then must send it back, and it is then used to process
PostActions as a fallback top the metadata in the database.
This PR adds a new config setting, `ServiceSettings.ActionCookieSecret`.
In a cluster environment it must be the same for all instances.
- Added type PostActionCookie, and a Cookie string to PostAction.
- Added App.AddActionCookiesToPost.
- Use App.AddActionCookiesToPost in api4.createEphemeralPost,
App.SendEphemeralPost, App.UpdateEphemeralPost.
- Added App.DoPostActionWithCookie to process incoming requests with
cookies. For backward compatibility, it prefers the metadata in the
database; falls back to cookie.
- Added plugin.API.UpdateEphemeralPost and plugin.API.DeleteEphemeralPost.
- Added App.encryptActionCookie/App.decryptActionCookie.
* Style
* Fixed an unfortunate typo, tested with matterpoll
* minor PR feedback
* Fixed uninitialized Context
* Fixed another test failure
* Fixed permission check
* Added api test for DoPostActionWithCookie
* Replaced config.ActionCookieSecret with Server.PostActionCookieSecret
Modeled after AsymetricSigningKey
* style
* Set DeleteAt in DeleteEphemeralPost
* PR feedback
* Removed deadwood comment
* Added EXPERIMENTAL comment to the 2 APIs in question
2019-03-01 10:15:31 -08:00
|
|
|
SYSTEM_DIAGNOSTIC_ID = "DiagnosticId"
|
|
|
|
|
SYSTEM_RAN_UNIT_TESTS = "RanUnitTests"
|
|
|
|
|
SYSTEM_LAST_SECURITY_TIME = "LastSecurityTime"
|
|
|
|
|
SYSTEM_ACTIVE_LICENSE_ID = "ActiveLicenseId"
|
|
|
|
|
SYSTEM_LAST_COMPLIANCE_TIME = "LastComplianceTime"
|
|
|
|
|
SYSTEM_ASYMMETRIC_SIGNING_KEY = "AsymmetricSigningKey"
|
|
|
|
|
SYSTEM_POST_ACTION_COOKIE_SECRET = "PostActionCookieSecret"
|
|
|
|
|
SYSTEM_INSTALLATION_DATE_KEY = "InstallationDate"
|
2015-10-15 11:16:26 -07:00
|
|
|
)
|
|
|
|
|
|
2015-09-16 19:59:57 -07:00
|
|
|
type System struct {
|
|
|
|
|
Name string `json:"name"`
|
|
|
|
|
Value string `json:"value"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (o *System) ToJson() string {
|
2018-01-30 17:23:00 -06:00
|
|
|
b, _ := json.Marshal(o)
|
|
|
|
|
return string(b)
|
2015-09-16 19:59:57 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func SystemFromJson(data io.Reader) *System {
|
2018-01-30 17:23:00 -06:00
|
|
|
var o *System
|
|
|
|
|
json.NewDecoder(data).Decode(&o)
|
|
|
|
|
return o
|
2015-09-16 19:59:57 -07:00
|
|
|
}
|
2018-02-07 11:05:46 -06:00
|
|
|
|
MM-10516: Added support for PostActions in ephemeral posts (#10258)
* Added support for PostActions in ephemeral posts
The general approach is that we take all the metadata that DoPostAction
needs to process client DoPostActionRequests, and store it in a
serialized, encrypted Cookie field, in the PostAction struct.
The client then must send it back, and it is then used to process
PostActions as a fallback top the metadata in the database.
This PR adds a new config setting, `ServiceSettings.ActionCookieSecret`.
In a cluster environment it must be the same for all instances.
- Added type PostActionCookie, and a Cookie string to PostAction.
- Added App.AddActionCookiesToPost.
- Use App.AddActionCookiesToPost in api4.createEphemeralPost,
App.SendEphemeralPost, App.UpdateEphemeralPost.
- Added App.DoPostActionWithCookie to process incoming requests with
cookies. For backward compatibility, it prefers the metadata in the
database; falls back to cookie.
- Added plugin.API.UpdateEphemeralPost and plugin.API.DeleteEphemeralPost.
- Added App.encryptActionCookie/App.decryptActionCookie.
* Style
* Fixed an unfortunate typo, tested with matterpoll
* minor PR feedback
* Fixed uninitialized Context
* Fixed another test failure
* Fixed permission check
* Added api test for DoPostActionWithCookie
* Replaced config.ActionCookieSecret with Server.PostActionCookieSecret
Modeled after AsymetricSigningKey
* style
* Set DeleteAt in DeleteEphemeralPost
* PR feedback
* Removed deadwood comment
* Added EXPERIMENTAL comment to the 2 APIs in question
2019-03-01 10:15:31 -08:00
|
|
|
type SystemPostActionCookieSecret struct {
|
|
|
|
|
Secret []byte `json:"key,omitempty"`
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-07 11:05:46 -06:00
|
|
|
type SystemAsymmetricSigningKey struct {
|
|
|
|
|
ECDSAKey *SystemECDSAKey `json:"ecdsa_key,omitempty"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type SystemECDSAKey struct {
|
|
|
|
|
Curve string `json:"curve"`
|
|
|
|
|
X *big.Int `json:"x"`
|
|
|
|
|
Y *big.Int `json:"y"`
|
|
|
|
|
D *big.Int `json:"d,omitempty"`
|
|
|
|
|
}
|