IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixes PL-3 Restrict team creation to specific domains

Browse Source
This commit is contained in:
=Corey Hulen
2015-08-25 14:40:16 -07:00
parent d132de4400
commit 67bc12e4b7
4 changed files with 52 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
api/team.go
View File

@@ -44,8 +44,7 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if utils.Cfg.TeamSettings.DisableTeamCreation {
c.Err = model.NewAppError("createTeamFromSignup", "Team creation has been disabled. Please ask your systems administrator for details.", "")
if !isTreamCreationAllowed(c, email) {
return
}
@@ -84,11 +83,6 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if utils.Cfg.TeamSettings.DisableTeamCreation {
c.Err = model.NewAppError("createTeamFromSignup", "Team creation has been disabled. Please ask your systems administrator for details.", "")
return
}
props := model.MapFromJson(strings.NewReader(teamSignup.Data))
teamSignup.Team.Email = props["email"]
teamSignup.User.Email = props["email"]
@@ -99,6 +93,11 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) {
c.Err = err
return
}
if !isTreamCreationAllowed(c, teamSignup.Team.Email) {
return
}
teamSignup.Team.Id = ""
password := teamSignup.User.Password
@@ -179,8 +178,7 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if utils.Cfg.TeamSettings.DisableTeamCreation {
c.Err = model.NewAppError("createTeam", "Team creation has been disabled. Please ask your systems administrator for details.", "")
if !isTreamCreationAllowed(c, team.Email) {
return
}
@@ -211,6 +209,35 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) {
}
}
func isTreamCreationAllowed(c *Context, email string) bool {
email = strings.ToLower(email)
if utils.Cfg.TeamSettings.DisableTeamCreation {
c.Err = model.NewAppError("isTreamCreationAllowed", "Team creation has been disabled. Please ask your systems administrator for details.", "")
return false
}
// commas and @ signs are optional
// can be in the form of "@corp.mattermost.com, mattermost.com mattermost.org" -> corp.mattermost.com mattermost.com mattermost.org
domains := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(utils.Cfg.TeamSettings.RestrictCreationToDomains, "@", " ", -1), ",", " ", -1))))
matched := false
for _, d := range domains {
if strings.HasSuffix(email, "@"+d) {
matched = true
break
}
}
if len(utils.Cfg.TeamSettings.RestrictCreationToDomains) > 0 && !matched {
c.Err = model.NewAppError("isTreamCreationAllowed", "Email must be from a specific domain (e.g. @example.com). Please ask your systems administrator for details.", "")
return false
}
return true
}
func findTeamByName(c *Context, w http.ResponseWriter, r *http.Request) {
m := model.MapFromJson(r.Body)