IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

More app code migration (#5170)

Browse Source 
* Migrate admin functions into app package

* More user function refactoring

* Move post functions into app package
This commit is contained in:
Joram Wilander
2017-01-25 09:32:42 -05:00
committed by Harrison Healey
parent 8ed665cb76
commit d245b29f82
24 changed files with 1466 additions and 1081 deletions
Download Patch File Download Diff File Expand all files Collapse all files

610
api/admin.go
View File

@@ -4,32 +4,17 @@
package api
import (
"bufio"
"io"
"io/ioutil"
"net/http"
"os"
"strconv"
"strings"
"time"
"runtime/debug"
l4g "github.com/alecthomas/log4go"
"github.com/gorilla/mux"
"github.com/mattermost/platform/app"
"github.com/mattermost/platform/einterfaces"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/store"
"github.com/mattermost/platform/utils"
"github.com/mssola/user_agent"
)
const (
DAY_MILLISECONDS = 24 * 60 * 60 * 1000
MONTH_MILLISECONDS = 31 * DAY_MILLISECONDS
)
func InitAdmin() {
l4g.Debug(utils.T("api.admin.init.debug"))
@@ -61,68 +46,28 @@ func InitAdmin() {
}
func getLogs(c *Context, w http.ResponseWriter, r *http.Request) {
lines, err := GetLogs()
lines, err := app.GetLogs()
if err != nil {
c.Err = err
return
}
if einterfaces.GetClusterInterface() != nil {
clines, err := einterfaces.GetClusterInterface().GetLogs()
if err != nil {
c.Err = err
return
}
lines = append(lines, clines...)
}
w.Write([]byte(model.ArrayToJson(lines)))
}
func GetLogs() ([]string, *model.AppError) {
var lines []string
if utils.Cfg.LogSettings.EnableFile {
file, err := os.Open(utils.GetLogFileLocation(utils.Cfg.LogSettings.FileLocation))
if err != nil {
return nil, model.NewLocAppError("getLogs", "api.admin.file_read_error", nil, err.Error())
}
defer file.Close()
scanner := bufio.NewScanner(file)
for scanner.Scan() {
lines = append(lines, scanner.Text())
}
} else {
lines = append(lines, "")
}
return lines, nil
}
func getClusterStatus(c *Context, w http.ResponseWriter, r *http.Request) {
infos := make([]*model.ClusterInfo, 0)
if einterfaces.GetClusterInterface() != nil {
infos = einterfaces.GetClusterInterface().GetClusterInfos()
}
infos := app.GetClusterStatus()
w.Write([]byte(model.ClusterInfosToJson(infos)))
}
func getAllAudits(c *Context, w http.ResponseWriter, r *http.Request) {
if result := <-app.Srv.Store.Audit().Get("", 200); result.Err != nil {
c.Err = result.Err
if audits, err := app.GetAudits("", 200); err != nil {
c.Err = err
return
} else if HandleEtag(audits.Etag(), "Get All Audits", w, r) {
return
} else {
audits := result.Data.(model.Audits)
etag := audits.Etag()
if HandleEtag(etag, "Get All Audits", w, r) {
return
}
if len(etag) > 0 {
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
}
@@ -133,38 +78,22 @@ func getAllAudits(c *Context, w http.ResponseWriter, r *http.Request) {
}
func getConfig(c *Context, w http.ResponseWriter, r *http.Request) {
json := utils.Cfg.ToJson()
cfg := model.ConfigFromJson(strings.NewReader(json))
cfg.Sanitize()
cfg := app.GetConfig()
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
w.Write([]byte(cfg.ToJson()))
}
func reloadConfig(c *Context, w http.ResponseWriter, r *http.Request) {
debug.FreeOSMemory()
utils.LoadConfig(utils.CfgFileName)
// start/restart email batching job if necessary
app.InitEmailBatching()
app.ReloadConfig()
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
ReturnStatusOK(w)
}
func invalidateAllCaches(c *Context, w http.ResponseWriter, r *http.Request) {
debug.FreeOSMemory()
app.InvalidateAllCaches()
if einterfaces.GetClusterInterface() != nil {
err := einterfaces.GetClusterInterface().InvalidateAllCaches()
if err != nil {
c.Err = err
return
}
err := app.InvalidateAllCaches()
if err != nil {
c.Err = err
return
}
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
@@ -178,66 +107,18 @@ func saveConfig(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
cfg.SetDefaults()
utils.Desanitize(cfg)
if err := cfg.IsValid(); err != nil {
err := app.SaveConfig(cfg)
if err != nil {
c.Err = err
return
}
if err := utils.ValidateLdapFilter(cfg); err != nil {
c.Err = err
return
}
if *utils.Cfg.ClusterSettings.Enable {
c.Err = model.NewLocAppError("saveConfig", "ent.cluster.save_config.error", nil, "")
return
}
c.LogAudit("")
//oldCfg := utils.Cfg
utils.SaveConfig(utils.CfgFileName, cfg)
utils.LoadConfig(utils.CfgFileName)
if einterfaces.GetMetricsInterface() != nil {
if *utils.Cfg.MetricsSettings.Enable {
einterfaces.GetMetricsInterface().StartServer()
} else {
einterfaces.GetMetricsInterface().StopServer()
}
}
// Future feature is to sync the configuration files
// if einterfaces.GetClusterInterface() != nil {
// err := einterfaces.GetClusterInterface().ConfigChanged(cfg, oldCfg, true)
// if err != nil {
// c.Err = err
// return
// }
// }
// start/restart email batching job if necessary
app.InitEmailBatching()
rdata := map[string]string{}
rdata["status"] = "OK"
w.Write([]byte(model.MapToJson(rdata)))
ReturnStatusOK(w)
}
func recycleDatabaseConnection(c *Context, w http.ResponseWriter, r *http.Request) {
oldStore := app.Srv.Store
l4g.Warn(utils.T("api.admin.recycle_db_start.warn"))
app.Srv.Store = store.NewSqlStore()
time.Sleep(20 * time.Second)
oldStore.Close()
l4g.Warn(utils.T("api.admin.recycle_db_end.warn"))
app.RecycleDatabaseConnection()
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
ReturnStatusOK(w)
}
@@ -249,60 +130,27 @@ func testEmail(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if len(cfg.EmailSettings.SMTPServer) == 0 {
c.Err = model.NewLocAppError("testEmail", "api.admin.test_email.missing_server", nil, utils.T("api.context.invalid_param.app_error", map[string]interface{}{"Name": "SMTPServer"}))
err := app.TestEmail(c.Session.UserId, cfg)
if err != nil {
c.Err = err
return
}
// if the user hasn't changed their email settings, fill in the actual SMTP password so that
// the user can verify an existing SMTP connection
if cfg.EmailSettings.SMTPPassword == model.FAKE_SETTING {
if cfg.EmailSettings.SMTPServer == utils.Cfg.EmailSettings.SMTPServer &&
cfg.EmailSettings.SMTPPort == utils.Cfg.EmailSettings.SMTPPort &&
cfg.EmailSettings.SMTPUsername == utils.Cfg.EmailSettings.SMTPUsername {
cfg.EmailSettings.SMTPPassword = utils.Cfg.EmailSettings.SMTPPassword
} else {
c.Err = model.NewLocAppError("testEmail", "api.admin.test_email.reenter_password", nil, "")
return
}
}
if result := <-app.Srv.Store.User().Get(c.Session.UserId); result.Err != nil {
c.Err = result.Err
return
} else {
if err := utils.SendMailUsingConfig(result.Data.(*model.User).Email, c.T("api.admin.test_email.subject"), c.T("api.admin.test_email.body"), cfg); err != nil {
c.Err = err
return
}
}
m := make(map[string]string)
m["SUCCESS"] = "true"
w.Write([]byte(model.MapToJson(m)))
}
func getComplianceReports(c *Context, w http.ResponseWriter, r *http.Request) {
if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance {
c.Err = model.NewLocAppError("getComplianceReports", "ent.compliance.licence_disable.app_error", nil, "")
crs, err := app.GetComplianceReports()
if err != nil {
c.Err = err
return
}
if result := <-app.Srv.Store.Compliance().GetAll(); result.Err != nil {
c.Err = result.Err
return
} else {
crs := result.Data.(model.Compliances)
w.Write([]byte(crs.ToJson()))
}
w.Write([]byte(crs.ToJson()))
}
func saveComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) {
if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance || einterfaces.GetComplianceInterface() == nil {
c.Err = model.NewLocAppError("saveComplianceReport", "ent.compliance.licence_disable.app_error", nil, "")
return
}
job := model.ComplianceFromJson(r.Body)
if job == nil {
c.SetInvalidParam("saveComplianceReport", "compliance")
@@ -310,25 +158,18 @@ func saveComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) {
}
job.UserId = c.Session.UserId
job.Type = model.COMPLIANCE_TYPE_ADHOC
if result := <-app.Srv.Store.Compliance().Save(job); result.Err != nil {
c.Err = result.Err
rjob, err := app.SaveComplianceReport(job)
if err != nil {
c.Err = err
return
} else {
job = result.Data.(*model.Compliance)
go einterfaces.GetComplianceInterface().RunComplianceJob(job)
}
w.Write([]byte(job.ToJson()))
c.LogAudit("")
w.Write([]byte(rjob.ToJson()))
}
func downloadComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) {
if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance || einterfaces.GetComplianceInterface() == nil {
c.Err = model.NewLocAppError("downloadComplianceReport", "ent.compliance.licence_disable.app_error", nil, "")
return
}
params := mux.Vars(r)
id := params["id"]
@@ -337,35 +178,36 @@ func downloadComplianceReport(c *Context, w http.ResponseWriter, r *http.Request
return
}
if result := <-app.Srv.Store.Compliance().Get(id); result.Err != nil {
c.Err = result.Err
job, err := app.GetComplianceReport(id)
if err != nil {
c.Err = err
return
} else {
job := result.Data.(*model.Compliance)
c.LogAudit("downloaded " + job.Desc)
if f, err := ioutil.ReadFile(*utils.Cfg.ComplianceSettings.Directory + "compliance/" + job.JobName() + ".zip"); err != nil {
c.Err = model.NewLocAppError("readFile", "api.file.read_file.reading_local.app_error", nil, err.Error())
return
} else {
w.Header().Set("Cache-Control", "max-age=2592000, public")
w.Header().Set("Content-Length", strconv.Itoa(len(f)))
w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer
// attach extra headers to trigger a download on IE, Edge, and Safari
ua := user_agent.New(r.UserAgent())
bname, _ := ua.Browser()
w.Header().Set("Content-Disposition", "attachment;filename=\""+job.JobName()+".zip\"")
if bname == "Edge" || bname == "Internet Explorer" || bname == "Safari" {
// trim off anything before the final / so we just get the file's name
w.Header().Set("Content-Type", "application/octet-stream")
}
w.Write(f)
}
}
reportBytes, err := app.GetComplianceFile(job)
if err != nil {
c.Err = err
return
}
c.LogAudit("downloaded " + job.Desc)
w.Header().Set("Cache-Control", "max-age=2592000, public")
w.Header().Set("Content-Length", strconv.Itoa(len(reportBytes)))
w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer
// attach extra headers to trigger a download on IE, Edge, and Safari
ua := user_agent.New(r.UserAgent())
bname, _ := ua.Browser()
w.Header().Set("Content-Disposition", "attachment;filename=\""+job.JobName()+".zip\"")
if bname == "Edge" || bname == "Internet Explorer" || bname == "Safari" {
// trim off anything before the final / so we just get the file's name
w.Header().Set("Content-Type", "application/octet-stream")
}
w.Write(reportBytes)
}
func getAnalytics(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -373,237 +215,18 @@ func getAnalytics(c *Context, w http.ResponseWriter, r *http.Request) {
teamId := params["id"]
name := params["name"]
skipIntensiveQueries := false
var systemUserCount int64
if r := <-app.Srv.Store.User().AnalyticsUniqueUserCount(""); r.Err != nil {
c.Err = r.Err
rows, err := app.GetAnalytics(name, teamId)
if err != nil {
c.Err = err
return
} else {
systemUserCount = r.Data.(int64)
if systemUserCount > int64(*utils.Cfg.AnalyticsSettings.MaxUsersForStatistics) {
l4g.Debug("More than %v users on the system, intensive queries skipped", *utils.Cfg.AnalyticsSettings.MaxUsersForStatistics)
skipIntensiveQueries = true
}
}
if name == "standard" {
var rows model.AnalyticsRows = make([]*model.AnalyticsRow, 10)
rows[0] = &model.AnalyticsRow{"channel_open_count", 0}
rows[1] = &model.AnalyticsRow{"channel_private_count", 0}
rows[2] = &model.AnalyticsRow{"post_count", 0}
rows[3] = &model.AnalyticsRow{"unique_user_count", 0}
rows[4] = &model.AnalyticsRow{"team_count", 0}
rows[5] = &model.AnalyticsRow{"total_websocket_connections", 0}
rows[6] = &model.AnalyticsRow{"total_master_db_connections", 0}
rows[7] = &model.AnalyticsRow{"total_read_db_connections", 0}
rows[8] = &model.AnalyticsRow{"daily_active_users", 0}
rows[9] = &model.AnalyticsRow{"monthly_active_users", 0}
openChan := app.Srv.Store.Channel().AnalyticsTypeCount(teamId, model.CHANNEL_OPEN)
privateChan := app.Srv.Store.Channel().AnalyticsTypeCount(teamId, model.CHANNEL_PRIVATE)
teamChan := app.Srv.Store.Team().AnalyticsTeamCount()
var userChan store.StoreChannel
if teamId != "" {
userChan = app.Srv.Store.User().AnalyticsUniqueUserCount(teamId)
}
var postChan store.StoreChannel
if !skipIntensiveQueries {
postChan = app.Srv.Store.Post().AnalyticsPostCount(teamId, false, false)
}
dailyActiveChan := app.Srv.Store.User().AnalyticsActiveCount(DAY_MILLISECONDS)
monthlyActiveChan := app.Srv.Store.User().AnalyticsActiveCount(MONTH_MILLISECONDS)
if r := <-openChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[0].Value = float64(r.Data.(int64))
}
if r := <-privateChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[1].Value = float64(r.Data.(int64))
}
if postChan == nil {
rows[2].Value = -1
} else {
if r := <-postChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[2].Value = float64(r.Data.(int64))
}
}
if userChan == nil {
rows[3].Value = float64(systemUserCount)
} else {
if r := <-userChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[3].Value = float64(r.Data.(int64))
}
}
if r := <-teamChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[4].Value = float64(r.Data.(int64))
}
// If in HA mode then aggregrate all the stats
if einterfaces.GetClusterInterface() != nil && *utils.Cfg.ClusterSettings.Enable {
stats, err := einterfaces.GetClusterInterface().GetClusterStats()
if err != nil {
c.Err = err
return
}
totalSockets := app.TotalWebsocketConnections()
totalMasterDb := app.Srv.Store.TotalMasterDbConnections()
totalReadDb := app.Srv.Store.TotalReadDbConnections()
for _, stat := range stats {
totalSockets = totalSockets + stat.TotalWebsocketConnections
totalMasterDb = totalMasterDb + stat.TotalMasterDbConnections
totalReadDb = totalReadDb + stat.TotalReadDbConnections
}
rows[5].Value = float64(totalSockets)
rows[6].Value = float64(totalMasterDb)
rows[7].Value = float64(totalReadDb)
} else {
rows[5].Value = float64(app.TotalWebsocketConnections())
rows[6].Value = float64(app.Srv.Store.TotalMasterDbConnections())
rows[7].Value = float64(app.Srv.Store.TotalReadDbConnections())
}
if r := <-dailyActiveChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[8].Value = float64(r.Data.(int64))
}
if r := <-monthlyActiveChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[9].Value = float64(r.Data.(int64))
}
w.Write([]byte(rows.ToJson()))
} else if name == "post_counts_day" {
if skipIntensiveQueries {
rows := model.AnalyticsRows{&model.AnalyticsRow{"", -1}}
w.Write([]byte(rows.ToJson()))
return
}
if r := <-app.Srv.Store.Post().AnalyticsPostCountsByDay(teamId); r.Err != nil {
c.Err = r.Err
return
} else {
w.Write([]byte(r.Data.(model.AnalyticsRows).ToJson()))
}
} else if name == "user_counts_with_posts_day" {
if skipIntensiveQueries {
rows := model.AnalyticsRows{&model.AnalyticsRow{"", -1}}
w.Write([]byte(rows.ToJson()))
return
}
if r := <-app.Srv.Store.Post().AnalyticsUserCountsWithPostsByDay(teamId); r.Err != nil {
c.Err = r.Err
return
} else {
w.Write([]byte(r.Data.(model.AnalyticsRows).ToJson()))
}
} else if name == "extra_counts" {
var rows model.AnalyticsRows = make([]*model.AnalyticsRow, 6)
rows[0] = &model.AnalyticsRow{"file_post_count", 0}
rows[1] = &model.AnalyticsRow{"hashtag_post_count", 0}
rows[2] = &model.AnalyticsRow{"incoming_webhook_count", 0}
rows[3] = &model.AnalyticsRow{"outgoing_webhook_count", 0}
rows[4] = &model.AnalyticsRow{"command_count", 0}
rows[5] = &model.AnalyticsRow{"session_count", 0}
iHookChan := app.Srv.Store.Webhook().AnalyticsIncomingCount(teamId)
oHookChan := app.Srv.Store.Webhook().AnalyticsOutgoingCount(teamId)
commandChan := app.Srv.Store.Command().AnalyticsCommandCount(teamId)
sessionChan := app.Srv.Store.Session().AnalyticsSessionCount()
var fileChan store.StoreChannel
var hashtagChan store.StoreChannel
if !skipIntensiveQueries {
fileChan = app.Srv.Store.Post().AnalyticsPostCount(teamId, true, false)
hashtagChan = app.Srv.Store.Post().AnalyticsPostCount(teamId, false, true)
}
if fileChan == nil {
rows[0].Value = -1
} else {
if r := <-fileChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[0].Value = float64(r.Data.(int64))
}
}
if hashtagChan == nil {
rows[1].Value = -1
} else {
if r := <-hashtagChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[1].Value = float64(r.Data.(int64))
}
}
if r := <-iHookChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[2].Value = float64(r.Data.(int64))
}
if r := <-oHookChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[3].Value = float64(r.Data.(int64))
}
if r := <-commandChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[4].Value = float64(r.Data.(int64))
}
if r := <-sessionChan; r.Err != nil {
c.Err = r.Err
return
} else {
rows[5].Value = float64(r.Data.(int64))
}
w.Write([]byte(rows.ToJson()))
} else {
if rows == nil {
c.SetInvalidParam("getAnalytics", "name")
return
}
w.Write([]byte(rows.ToJson()))
}
func uploadBrandImage(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -639,40 +262,18 @@ func uploadBrandImage(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
brandInterface := einterfaces.GetBrandInterface()
if brandInterface == nil {
c.Err = model.NewLocAppError("uploadBrandImage", "api.admin.upload_brand_image.not_available.app_error", nil, "")
c.Err.StatusCode = http.StatusNotImplemented
return
}
if err := brandInterface.SaveBrandImage(imageArray[0]); err != nil {
if err := app.SaveBrandImage(imageArray[0]); err != nil {
c.Err = err
return
}
c.LogAudit("")
rdata := map[string]string{}
rdata["status"] = "OK"
w.Write([]byte(model.MapToJson(rdata)))
ReturnStatusOK(w)
}
func getBrandImage(c *Context, w http.ResponseWriter, r *http.Request) {
if len(utils.Cfg.FileSettings.DriverName) == 0 {
c.Err = model.NewLocAppError("getBrandImage", "api.admin.get_brand_image.storage.app_error", nil, "")
c.Err.StatusCode = http.StatusNotImplemented
return
}
brandInterface := einterfaces.GetBrandInterface()
if brandInterface == nil {
c.Err = model.NewLocAppError("getBrandImage", "api.admin.get_brand_image.not_available.app_error", nil, "")
c.Err.StatusCode = http.StatusNotImplemented
return
}
if img, err := brandInterface.GetBrandImage(); err != nil {
if img, err := app.GetBrandImage(); err != nil {
w.Write(nil)
} else {
w.Header().Set("Content-Type", "image/png")
@@ -716,7 +317,7 @@ func adminResetPassword(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if err := ResetPassword(c, userId, newPassword); err != nil {
if err := app.UpdatePasswordByUserIdSendEmail(userId, newPassword, c.T("api.user.reset_password.method"), c.GetSiteURL()); err != nil {
c.Err = err
return
}
@@ -729,15 +330,7 @@ func adminResetPassword(c *Context, w http.ResponseWriter, r *http.Request) {
}
func ldapSyncNow(c *Context, w http.ResponseWriter, r *http.Request) {
go func() {
if utils.IsLicensed && *utils.License.Features.LDAP && *utils.Cfg.LdapSettings.Enable {
if ldapI := einterfaces.GetLdapInterface(); ldapI != nil {
ldapI.SyncNow()
} else {
l4g.Error("%v", model.NewLocAppError("ldapSyncNow", "ent.ldap.disabled.app_error", nil, "").Error())
}
}
}()
app.SyncLdap()
rdata := map[string]string{}
rdata["status"] = "ok"
@@ -745,33 +338,18 @@ func ldapSyncNow(c *Context, w http.ResponseWriter, r *http.Request) {
}
func ldapTest(c *Context, w http.ResponseWriter, r *http.Request) {
if ldapI := einterfaces.GetLdapInterface(); ldapI != nil && utils.IsLicensed && *utils.License.Features.LDAP && *utils.Cfg.LdapSettings.Enable {
if err := ldapI.RunTest(); err != nil {
c.Err = err
c.Err.StatusCode = 500
}
} else {
c.Err = model.NewLocAppError("ldapTest", "ent.ldap.disabled.app_error", nil, "")
c.Err.StatusCode = http.StatusNotImplemented
}
if c.Err == nil {
rdata := map[string]string{}
rdata["status"] = "ok"
w.Write([]byte(model.MapToJson(rdata)))
}
}
func samlMetadata(c *Context, w http.ResponseWriter, r *http.Request) {
samlInterface := einterfaces.GetSamlInterface()
if samlInterface == nil {
c.Err = model.NewLocAppError("loginWithSaml", "api.admin.saml.not_available.app_error", nil, "")
c.Err.StatusCode = http.StatusFound
if err := app.TestLdap(); err != nil {
c.Err = err
return
}
if result, err := samlInterface.GetMetadata(); err != nil {
rdata := map[string]string{}
rdata["status"] = "ok"
w.Write([]byte(model.MapToJson(rdata)))
}
func samlMetadata(c *Context, w http.ResponseWriter, r *http.Request) {
if result, err := app.GetSamlMetadata(); err != nil {
c.Err = model.NewLocAppError("loginWithSaml", "api.admin.saml.metadata.app_error", nil, "err="+err.Message)
return
} else {
@@ -805,58 +383,38 @@ func addCertificate(c *Context, w http.ResponseWriter, r *http.Request) {
fileData := fileArray[0]
file, err := fileData.Open()
defer file.Close()
if err != nil {
c.Err = model.NewLocAppError("addCertificate", "api.admin.add_certificate.open.app_error", nil, err.Error())
if err := app.AddSamlCertificate(fileData); err != nil {
c.Err = err
return
}
out, err := os.Create(utils.FindDir("config") + fileData.Filename)
if err != nil {
c.Err = model.NewLocAppError("addCertificate", "api.admin.add_certificate.saving.app_error", nil, err.Error())
return
}
defer out.Close()
io.Copy(out, file)
ReturnStatusOK(w)
}
func removeCertificate(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.MapFromJson(r.Body)
filename := props["filename"]
if err := os.Remove(utils.FindConfigFile(filename)); err != nil {
c.Err = model.NewLocAppError("removeCertificate", "api.admin.remove_certificate.delete.app_error",
map[string]interface{}{"Filename": filename}, err.Error())
if err := app.RemoveSamlCertificate(props["filename"]); err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}
func samlCertificateStatus(c *Context, w http.ResponseWriter, r *http.Request) {
status := make(map[string]interface{})
status["IdpCertificateFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.IdpCertificateFile)
status["PrivateKeyFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.PrivateKeyFile)
status["PublicCertificateFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.PublicCertificateFile)
status := app.GetSamlCertificateStatus()
w.Write([]byte(model.StringInterfaceToJson(status)))
}
func getRecentlyActiveUsers(c *Context, w http.ResponseWriter, r *http.Request) {
if result := <-app.Srv.Store.User().GetRecentlyActiveUsersForTeam(c.TeamId); result.Err != nil {
c.Err = result.Err
if profiles, err := app.GetRecentlyActiveUsersForTeam(c.TeamId); err != nil {
c.Err = err
return
} else {
profiles := result.Data.(map[string]*model.User)
for _, p := range profiles {
sanitizeProfile(c, p)
}
w.Write([]byte(model.UserMapToJson(profiles)))
}
}

8
api/api.go
View File

@@ -4,7 +4,6 @@
package api
import (
"io/ioutil"
"net/http"
"github.com/gorilla/mux"
@@ -144,10 +143,3 @@ func ReturnStatusOK(w http.ResponseWriter) {
m[model.STATUS] = model.STATUS_OK
w.Write([]byte(model.MapToJson(m)))
}
func closeBody(r *http.Response) {
if r.Body != nil {
ioutil.ReadAll(r.Body)
r.Body.Close()
}
}

356
api/post.go
View File

@@ -8,11 +8,9 @@ import (
"strconv"
l4g "github.com/alecthomas/log4go"
"github.com/dyatlov/go-opengraph/opengraph"
"github.com/gorilla/mux"
"github.com/mattermost/platform/app"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/store"
"github.com/mattermost/platform/utils"
)
@@ -44,67 +42,28 @@ func createPost(c *Context, w http.ResponseWriter, r *http.Request) {
c.SetInvalidParam("createPost", "post")
return
}
post.UserId = c.Session.UserId
cchan := app.Srv.Store.Channel().Get(post.ChannelId, true)
post.UserId = c.Session.UserId
if !app.SessionHasPermissionToChannel(c.Session, post.ChannelId, model.PERMISSION_CREATE_POST) {
c.SetPermissionError(model.PERMISSION_CREATE_POST)
return
}
// Check that channel has not been deleted
var channel *model.Channel
if result := <-cchan; result.Err != nil {
c.SetInvalidParam("createPost", "post.channelId")
return
} else {
channel = result.Data.(*model.Channel)
}
if channel.DeleteAt != 0 {
c.Err = model.NewLocAppError("createPost", "api.post.create_post.can_not_post_to_deleted.error", nil, "")
c.Err.StatusCode = http.StatusBadRequest
return
}
if post.CreateAt != 0 && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
post.CreateAt = 0
}
if rp, err := app.CreatePost(post, c.TeamId, true); err != nil {
rp, err := app.CreatePostAsUser(post, c.TeamId)
if err != nil {
c.Err = err
if c.Err.Id == "api.post.create_post.root_id.app_error" ||
c.Err.Id == "api.post.create_post.channel_root_id.app_error" ||
c.Err.Id == "api.post.create_post.parent_id.app_error" {
c.Err.StatusCode = http.StatusBadRequest
}
return
} else {
// Update the LastViewAt only if the post does not have from_webhook prop set (eg. Zapier app)
if _, ok := post.Props["from_webhook"]; !ok {
if result := <-app.Srv.Store.Channel().UpdateLastViewedAt([]string{post.ChannelId}, c.Session.UserId); result.Err != nil {
l4g.Error(utils.T("api.post.create_post.last_viewed.error"), post.ChannelId, c.Session.UserId, result.Err)
}
}
w.Write([]byte(rp.ToJson()))
}
w.Write([]byte(rp.ToJson()))
}
func updatePost(c *Context, w http.ResponseWriter, r *http.Request) {
if utils.IsLicensed {
if *utils.Cfg.ServiceSettings.AllowEditPost == model.ALLOW_EDIT_POST_NEVER {
c.Err = model.NewLocAppError("updatePost", "api.post.update_post.permissions.app_error", nil,
c.T("api.post.update_post.permissions_denied.app_error"))
c.Err.StatusCode = http.StatusForbidden
return
}
}
post := model.PostFromJson(r.Body)
if post == nil {
@@ -112,77 +71,20 @@ func updatePost(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
pchan := app.Srv.Store.Post().Get(post.Id)
if !app.SessionHasPermissionToChannel(c.Session, post.ChannelId, model.PERMISSION_EDIT_POST) {
c.SetPermissionError(model.PERMISSION_EDIT_POST)
return
}
var oldPost *model.Post
if result := <-pchan; result.Err != nil {
c.Err = result.Err
post.UserId = c.Session.UserId
rpost, err := app.UpdatePost(post)
if err != nil {
c.Err = err
return
} else {
oldPost = result.Data.(*model.PostList).Posts[post.Id]
if oldPost == nil {
c.Err = model.NewLocAppError("updatePost", "api.post.update_post.find.app_error", nil, "id="+post.Id)
c.Err.StatusCode = http.StatusBadRequest
return
}
if oldPost.UserId != c.Session.UserId {
c.Err = model.NewLocAppError("updatePost", "api.post.update_post.permissions.app_error", nil, "oldUserId="+oldPost.UserId)
c.Err.StatusCode = http.StatusForbidden
return
}
if oldPost.DeleteAt != 0 {
c.Err = model.NewLocAppError("updatePost", "api.post.update_post.permissions.app_error", nil,
c.T("api.post.update_post.permissions_details.app_error", map[string]interface{}{"PostId": post.Id}))
c.Err.StatusCode = http.StatusForbidden
return
}
if oldPost.IsSystemMessage() {
c.Err = model.NewLocAppError("updatePost", "api.post.update_post.system_message.app_error", nil, "id="+post.Id)
c.Err.StatusCode = http.StatusForbidden
return
}
if utils.IsLicensed {
if *utils.Cfg.ServiceSettings.AllowEditPost == model.ALLOW_EDIT_POST_TIME_LIMIT && model.GetMillis() > oldPost.CreateAt+int64(*utils.Cfg.ServiceSettings.PostEditTimeLimit*1000) {
c.Err = model.NewLocAppError("updatePost", "api.post.update_post.permissions.app_error", nil,
c.T("api.post.update_post.permissions_time_limit.app_error", map[string]interface{}{"timeLimit": *utils.Cfg.ServiceSettings.PostEditTimeLimit}))
c.Err.StatusCode = http.StatusForbidden
return
}
}
}
newPost := &model.Post{}
*newPost = *oldPost
newPost.Message = post.Message
newPost.EditAt = model.GetMillis()
newPost.Hashtags, _ = model.ParseHashtags(post.Message)
if result := <-app.Srv.Store.Post().Update(newPost, oldPost); result.Err != nil {
c.Err = result.Err
return
} else {
rpost := result.Data.(*model.Post)
message := model.NewWebSocketEvent(model.WEBSOCKET_EVENT_POST_EDITED, "", rpost.ChannelId, "", nil)
message.Add("post", rpost.ToJson())
go app.Publish(message)
app.InvalidateCacheForChannelPosts(rpost.ChannelId)
w.Write([]byte(rpost.ToJson()))
}
w.Write([]byte(rpost.ToJson()))
}
func getFlaggedPosts(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -200,16 +102,12 @@ func getFlaggedPosts(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
posts := &model.PostList{}
if result := <-app.Srv.Store.Post().GetFlaggedPosts(c.Session.UserId, offset, limit); result.Err != nil {
c.Err = result.Err
if posts, err := app.GetFlaggedPosts(c.Session.UserId, offset, limit); err != nil {
c.Err = err
return
} else {
posts = result.Data.(*model.PostList)
w.Write([]byte(posts.ToJson()))
}
w.Write([]byte(posts.ToJson()))
}
func getPosts(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -233,27 +131,21 @@ func getPosts(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
etagChan := app.Srv.Store.Post().GetEtag(id, true)
if !app.SessionHasPermissionToChannel(c.Session, id, model.PERMISSION_CREATE_POST) {
c.SetPermissionError(model.PERMISSION_CREATE_POST)
return
}
etag := (<-etagChan).Data.(string)
etag := app.GetPostsEtag(id)
if HandleEtag(etag, "Get Posts", w, r) {
return
}
pchan := app.Srv.Store.Post().GetPosts(id, offset, limit, true)
if result := <-pchan; result.Err != nil {
c.Err = result.Err
if list, err := app.GetPosts(id, offset, limit); err != nil {
c.Err = err
return
} else {
list := result.Data.(*model.PostList)
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
w.Write([]byte(list.ToJson()))
}
@@ -275,19 +167,15 @@ func getPostsSince(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
pchan := app.Srv.Store.Post().GetPostsSince(id, time, true)
if !app.SessionHasPermissionToChannel(c.Session, id, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
if result := <-pchan; result.Err != nil {
c.Err = result.Err
if list, err := app.GetPostsSince(id, time); err != nil {
c.Err = err
return
} else {
list := result.Data.(*model.PostList)
w.Write([]byte(list.ToJson()))
}
@@ -308,21 +196,17 @@ func getPost(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
pchan := app.Srv.Store.Post().Get(postId)
if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
if result := <-pchan; result.Err != nil {
c.Err = result.Err
if list, err := app.GetPostThread(postId); err != nil {
c.Err = err
return
} else if HandleEtag(result.Data.(*model.PostList).Etag(), "Get Post", w, r) {
} else if HandleEtag(list.Etag(), "Get Post", w, r) {
return
} else {
list := result.Data.(*model.PostList)
if !list.IsChannelId(channelId) {
c.Err = model.NewLocAppError("getPost", "api.post.get_post.permissions.app_error", nil, "")
c.Err.StatusCode = http.StatusForbidden
@@ -343,12 +227,10 @@ func getPostById(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if result := <-app.Srv.Store.Post().Get(postId); result.Err != nil {
c.Err = result.Err
if list, err := app.GetPostThread(postId); err != nil {
c.Err = err
return
} else {
list := result.Data.(*model.PostList)
if len(list.Order) != 1 {
c.Err = model.NewLocAppError("getPostById", "api.post_get_post_by_id.get.app_error", nil, "")
return
@@ -378,39 +260,17 @@ func getPermalinkTmp(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if result := <-app.Srv.Store.Post().Get(postId); result.Err != nil {
c.Err = result.Err
if !app.HasPermissionToChannelByPost(c.Session.UserId, postId, model.PERMISSION_JOIN_PUBLIC_CHANNELS) {
c.SetPermissionError(model.PERMISSION_JOIN_PUBLIC_CHANNELS)
return
}
if list, err := app.GetPermalinkPost(postId, c.Session.UserId); err != nil {
c.Err = err
return
} else if HandleEtag(list.Etag(), "Get Permalink TMP", w, r) {
return
} else {
list := result.Data.(*model.PostList)
if len(list.Order) != 1 {
c.Err = model.NewLocAppError("getPermalinkTmp", "api.post_get_post_by_id.get.app_error", nil, "")
return
}
post := list.Posts[list.Order[0]]
var channel *model.Channel
var err *model.AppError
if channel, err = app.GetChannel(post.ChannelId); err != nil {
c.Err = err
return
}
if !app.SessionHasPermissionToTeam(c.Session, channel.TeamId, model.PERMISSION_JOIN_PUBLIC_CHANNELS) {
c.SetPermissionError(model.PERMISSION_JOIN_PUBLIC_CHANNELS)
return
}
if err = app.JoinChannel(channel, c.Session.UserId); err != nil {
c.Err = err
return
}
if HandleEtag(list.Etag(), "Get Permalink TMP", w, r) {
return
}
w.Header().Set(model.HEADER_ETAG_SERVER, list.Etag())
w.Write([]byte(list.ToJson()))
}
@@ -436,69 +296,27 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
pchan := app.Srv.Store.Post().Get(postId)
if !app.SessionHasPermissionToPost(c.Session, postId, model.PERMISSION_DELETE_OTHERS_POSTS) {
c.SetPermissionError(model.PERMISSION_DELETE_OTHERS_POSTS)
return
}
if result := <-pchan; result.Err != nil {
c.Err = result.Err
if post, err := app.DeletePost(postId); err != nil {
c.Err = err
return
} else {
post := result.Data.(*model.PostList).Posts[postId]
if post == nil {
c.SetInvalidParam("deletePost", "postId")
return
}
if post.ChannelId != channelId {
c.Err = model.NewLocAppError("deletePost", "api.post.delete_post.permissions.app_error", nil, "")
c.Err.StatusCode = http.StatusForbidden
return
}
if post.UserId != c.Session.UserId && !app.SessionHasPermissionToChannel(c.Session, post.ChannelId, model.PERMISSION_DELETE_OTHERS_POSTS) {
c.Err = model.NewLocAppError("deletePost", "api.post.delete_post.permissions.app_error", nil, "")
c.Err.StatusCode = http.StatusForbidden
return
}
if dresult := <-app.Srv.Store.Post().Delete(postId, model.GetMillis()); dresult.Err != nil {
c.Err = dresult.Err
return
}
message := model.NewWebSocketEvent(model.WEBSOCKET_EVENT_POST_DELETED, "", post.ChannelId, "", nil)
message.Add("post", post.ToJson())
go app.Publish(message)
go DeletePostFiles(post)
go DeleteFlaggedPost(c.Session.UserId, post)
app.InvalidateCacheForChannelPosts(post.ChannelId)
result := make(map[string]string)
result["id"] = postId
w.Write([]byte(model.MapToJson(result)))
}
}
func DeleteFlaggedPost(userId string, post *model.Post) {
if result := <-app.Srv.Store.Preference().Delete(userId, model.PREFERENCE_CATEGORY_FLAGGED_POST, post.Id); result.Err != nil {
l4g.Warn(utils.T("api.post.delete_flagged_post.app_error.warn"), result.Err)
return
}
}
func DeletePostFiles(post *model.Post) {
if len(post.FileIds) != 0 {
return
}
if result := <-app.Srv.Store.FileInfo().DeleteForPost(post.Id); result.Err != nil {
l4g.Warn(utils.T("api.post.delete_post_files.app_error.warn"), post.Id, result.Err)
}
}
func getPostsBefore(c *Context, w http.ResponseWriter, r *http.Request) {
getPostsBeforeOrAfter(c, w, r, true)
}
@@ -534,32 +352,22 @@ func getPostsBeforeOrAfter(c *Context, w http.ResponseWriter, r *http.Request, b
return
}
// We can do better than this etag in this situation
etagChan := app.Srv.Store.Post().GetEtag(id, true)
if !app.SessionHasPermissionToChannel(c.Session, id, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
etag := (<-etagChan).Data.(string)
// We can do better than this etag in this situation
etag := app.GetPostsEtag(id)
if HandleEtag(etag, "Get Posts Before or After", w, r) {
return
}
var pchan store.StoreChannel
if before {
pchan = app.Srv.Store.Post().GetPostsBefore(id, postId, numPosts, offset)
} else {
pchan = app.Srv.Store.Post().GetPostsAfter(id, postId, numPosts, offset)
}
if result := <-pchan; result.Err != nil {
c.Err = result.Err
if list, err := app.GetPostsAroundPost(postId, id, offset, numPosts, before); err != nil {
c.Err = err
return
} else {
list := result.Data.(*model.PostList)
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
w.Write([]byte(list.ToJson()))
}
@@ -579,26 +387,10 @@ func searchPosts(c *Context, w http.ResponseWriter, r *http.Request) {
isOrSearch = val.(bool)
}
paramsList := model.ParseSearchParams(terms)
channels := []store.StoreChannel{}
for _, params := range paramsList {
params.OrTerms = isOrSearch
// don't allow users to search for everything
if params.Terms != "*" {
channels = append(channels, app.Srv.Store.Post().Search(c.TeamId, c.Session.UserId, params))
}
}
posts := &model.PostList{}
for _, channel := range channels {
if result := <-channel; result.Err != nil {
c.Err = result.Err
return
} else {
data := result.Data.(*model.PostList)
posts.Extend(data)
}
posts, err := app.SearchPostsInTeam(terms, c.Session.UserId, c.TeamId, isOrSearch)
if err != nil {
c.Err = err
return
}
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
@@ -620,69 +412,35 @@ func getFileInfosForPost(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
pchan := app.Srv.Store.Post().Get(postId)
fchan := app.Srv.Store.FileInfo().GetForPost(postId)
if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
var infos []*model.FileInfo
if result := <-fchan; result.Err != nil {
c.Err = result.Err
if infos, err := app.GetFileInfosForPost(postId); err != nil {
c.Err = err
return
} else {
infos = result.Data.([]*model.FileInfo)
}
if len(infos) == 0 {
// No FileInfos were returned so check if they need to be created for this post
var post *model.Post
if result := <-pchan; result.Err != nil {
c.Err = result.Err
return
} else {
post = result.Data.(*model.PostList).Posts[postId]
}
if len(post.Filenames) > 0 {
// The post has Filenames that need to be replaced with FileInfos
infos = app.MigrateFilenamesToFileInfos(post)
}
}
etag := model.GetEtagForFileInfos(infos)
if HandleEtag(etag, "Get File Infos For Post", w, r) {
} else if HandleEtag(model.GetEtagForFileInfos(infos), "Get File Infos For Post", w, r) {
return
} else {
w.Header().Set("Cache-Control", "max-age=2592000, public")
w.Header().Set(model.HEADER_ETAG_SERVER, etag)
w.Header().Set(model.HEADER_ETAG_SERVER, model.GetEtagForFileInfos(infos))
w.Write([]byte(model.FileInfosToJson(infos)))
}
}
func getOpenGraphMetadata(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.StringInterfaceFromJson(r.Body)
og := opengraph.NewOpenGraph()
res, err := http.Get(props["url"].(string))
defer closeBody(res)
if err != nil {
writeOpenGraphToResponse(w, og)
url := ""
ok := false
if url, ok = props["url"].(string); len(url) == 0 || !ok {
c.SetInvalidParam("getOpenGraphMetadata", "url")
return
}
if err := og.ProcessHTML(res.Body); err != nil {
writeOpenGraphToResponse(w, og)
return
}
og := app.GetOpenGraphMetadata(url)
writeOpenGraphToResponse(w, og)
}
func writeOpenGraphToResponse(w http.ResponseWriter, og *opengraph.OpenGraph) {
ogJson, err := og.ToJSON()
if err != nil {
w.Write([]byte(`{"url": ""}`))

243
api/user.go
View File

@@ -7,10 +7,8 @@ import (
"bytes"
b64 "encoding/base64"
"fmt"
"html/template"
"io"
"net/http"
"net/url"
"strconv"
"strings"
"time"
@@ -94,16 +92,9 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) {
user.EmailVerified = false
shouldSendWelcomeEmail := true
hash := r.URL.Query().Get("h")
inviteId := r.URL.Query().Get("iid")
if !CheckUserDomain(user, utils.Cfg.TeamSettings.RestrictCreationToDomains) {
c.Err = model.NewLocAppError("createUser", "api.user.create_user.accepted_domain.app_error", nil, "")
return
}
var ruser *model.User
var err *model.AppError
if len(hash) > 0 {
@@ -113,10 +104,8 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) {
c.Err = err
return
}
shouldSendWelcomeEmail = false
} else if len(inviteId) > 0 {
ruser, err = app.CreateUserWithInviteId(user, inviteId)
ruser, err = app.CreateUserWithInviteId(user, inviteId, c.GetSiteURL())
if err != nil {
c.Err = err
return
@@ -132,9 +121,7 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) {
c.Err = err
return
}
}
if shouldSendWelcomeEmail {
if err := app.SendWelcomeEmail(ruser.Id, ruser.Email, ruser.EmailVerified, ruser.Locale, c.GetSiteURL()); err != nil {
l4g.Error(err.Error())
}
@@ -144,49 +131,6 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) {
}
// Check that a user's email domain matches a list of space-delimited domains as a string.
func CheckUserDomain(user *model.User, domains string) bool {
if len(domains) == 0 {
return true
}
domainArray := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(domains, "@", " ", -1), ",", " ", -1))))
matched := false
for _, d := range domainArray {
if strings.HasSuffix(strings.ToLower(user.Email), "@"+d) {
matched = true
break
}
}
return matched
}
func IsVerifyHashRequired(user *model.User, team *model.Team, hash string) bool {
shouldVerifyHash := true
if team.Type == model.TEAM_INVITE && len(team.AllowedDomains) > 0 && len(hash) == 0 && user != nil {
matched := CheckUserDomain(user, team.AllowedDomains)
if matched {
shouldVerifyHash = false
} else {
return true
}
}
if team.Type == model.TEAM_OPEN {
shouldVerifyHash = false
}
if len(hash) > 0 {
shouldVerifyHash = true
}
return shouldVerifyHash
}
func login(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.MapFromJson(r.Body)
@@ -594,10 +538,7 @@ func getByEmail(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
email := params["email"]
var user *model.User
var err *model.AppError
if user, err = app.GetUserByEmail(email); err != nil {
if user, err := app.GetUserByEmail(email); err != nil {
c.Err = err
return
} else if HandleEtag(user.Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress), "Get By Email", w, r) {
@@ -631,11 +572,8 @@ func getProfiles(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
var profiles map[string]*model.User
var profileErr *model.AppError
if profiles, profileErr = app.GetUsers(offset, limit); profileErr != nil {
c.Err = profileErr
if profiles, err := app.GetUsers(offset, limit); err != nil {
c.Err = err
return
} else {
for k, p := range profiles {
@@ -674,11 +612,8 @@ func getProfilesInTeam(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
var profiles map[string]*model.User
var profileErr *model.AppError
if profiles, profileErr = app.GetUsersInTeam(teamId, offset, limit); profileErr != nil {
c.Err = profileErr
if profiles, err := app.GetUsersInTeam(teamId, offset, limit); err != nil {
c.Err = err
return
} else {
for k, p := range profiles {
@@ -694,18 +629,6 @@ func getProfilesInChannel(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
channelId := params["channel_id"]
if c.Session.GetTeamByTeamId(c.TeamId) == nil {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
}
if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
offset, err := strconv.Atoi(params["offset"])
if err != nil {
c.SetInvalidParam("getProfiles", "offset")
@@ -718,6 +641,18 @@ func getProfilesInChannel(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if c.Session.GetTeamByTeamId(c.TeamId) == nil {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
}
if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
var profiles map[string]*model.User
var profileErr *model.AppError
@@ -761,11 +696,8 @@ func getProfilesNotInChannel(c *Context, w http.ResponseWriter, r *http.Request)
return
}
var profiles map[string]*model.User
var profileErr *model.AppError
if profiles, err = app.GetUsersNotInChannel(c.TeamId, channelId, offset, limit); profileErr != nil {
c.Err = profileErr
if profiles, err := app.GetUsersNotInChannel(c.TeamId, channelId, offset, limit); err != nil {
c.Err = err
return
} else {
for k, p := range profiles {
@@ -897,11 +829,6 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if err := utils.IsPasswordValid(user.Password); user.Password != "" && err != nil {
c.Err = err
return
}
if ruser, err := app.UpdateUser(user, c.GetSiteURL()); err != nil {
c.Err = err
return
@@ -942,11 +869,6 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) {
newPassword := props["new_password"]
if err := utils.IsPasswordValid(newPassword); err != nil {
c.Err = err
return
}
if userId != c.Session.UserId {
c.Err = model.NewLocAppError("updatePassword", "api.user.update_password.context.app_error", nil, "")
c.Err.StatusCode = http.StatusForbidden
@@ -984,7 +906,7 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if err := app.UpdatePasswordSendEmail(user, model.HashPassword(newPassword), c.T("api.user.update_password.menu"), c.GetSiteURL()); err != nil {
if err := app.UpdatePasswordSendEmail(user, newPassword, c.T("api.user.update_password.menu"), c.GetSiteURL()); err != nil {
c.Err = err
return
} else {
@@ -1039,13 +961,6 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) {
active := props["active"] == "true"
var user *model.User
var err *model.AppError
if user, err = app.GetUser(userId); err != nil {
c.Err = err
return
}
// true when you're trying to de-activate yourself
isSelfDeactive := !active && userId == c.Session.UserId
@@ -1055,13 +970,7 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if user.IsLDAPUser() {
c.Err = model.NewLocAppError("updateActive", "api.user.update_active.no_deactivate_ldap.app_error", nil, "userId="+userId)
c.Err.StatusCode = http.StatusBadRequest
return
}
if ruser, err := app.UpdateActive(user, active); err != nil {
if ruser, err := app.UpdateActiveNoLdap(userId, active); err != nil {
c.Err = err
} else {
c.LogAuditWithUserId(ruser.Id, fmt.Sprintf("active=%v", active))
@@ -1078,42 +987,13 @@ func sendPasswordReset(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
var user *model.User
var err *model.AppError
if user, err = app.GetUserByEmail(email); err != nil {
w.Write([]byte(model.MapToJson(props)))
return
}
if user.AuthData != nil && len(*user.AuthData) != 0 {
c.Err = model.NewLocAppError("sendPasswordReset", "api.user.send_password_reset.sso.app_error", nil, "userId="+user.Id)
return
}
var recovery *model.PasswordRecovery
if recovery, err = app.CreatePasswordRecovery(user.Id); err != nil {
if sent, err := app.SendPasswordReset(email, c.GetSiteURL()); err != nil {
c.Err = err
return
} else if sent {
c.LogAudit("sent=" + email)
}
link := fmt.Sprintf("%s/reset_password_complete?code=%s", c.GetSiteURL(), url.QueryEscape(recovery.Code))
subject := c.T("api.templates.reset_subject")
bodyPage := utils.NewHTMLTemplate("reset_body", c.Locale)
bodyPage.Props["SiteURL"] = c.GetSiteURL()
bodyPage.Props["Title"] = c.T("api.templates.reset_body.title")
bodyPage.Html["Info"] = template.HTML(c.T("api.templates.reset_body.info"))
bodyPage.Props["ResetUrl"] = link
bodyPage.Props["Button"] = c.T("api.templates.reset_body.button")
if err := utils.SendMail(email, subject, bodyPage.Render()); err != nil {
c.Err = model.NewLocAppError("sendPasswordReset", "api.user.send_password_reset.send.app_error", nil, "err="+err.Message)
return
}
c.LogAuditWithUserId(user.Id, "sent="+email)
w.Write([]byte(model.MapToJson(props)))
}
@@ -1127,64 +1007,22 @@ func resetPassword(c *Context, w http.ResponseWriter, r *http.Request) {
}
newPassword := props["new_password"]
if err := utils.IsPasswordValid(newPassword); err != nil {
c.LogAudit("attempt - code=" + code)
if err := app.ResetPasswordFromCode(code, newPassword, c.GetSiteURL()); err != nil {
c.LogAudit("fail - code=" + code)
c.Err = err
return
}
c.LogAudit("attempt")
userId := ""
if recovery, err := app.GetPasswordRecovery(code); err != nil {
c.LogAuditWithUserId(userId, "fail - bad code")
c.Err = err
return
} else {
if model.GetMillis()-recovery.CreateAt < model.PASSWORD_RECOVER_EXPIRY_TIME {
userId = recovery.UserId
} else {
c.LogAuditWithUserId(userId, "fail - link expired")
c.Err = model.NewLocAppError("resetPassword", "api.user.reset_password.link_expired.app_error", nil, "")
return
}
if err := app.DeletePasswordRecoveryForUser(userId); err != nil {
l4g.Error(err.Error())
}
}
if err := ResetPassword(c, userId, newPassword); err != nil {
c.Err = err
return
}
c.LogAuditWithUserId(userId, "success")
c.LogAudit("success - code=" + code)
rdata := map[string]string{}
rdata["status"] = "ok"
w.Write([]byte(model.MapToJson(rdata)))
}
func ResetPassword(c *Context, userId, newPassword string) *model.AppError {
var user *model.User
var err *model.AppError
if user, err = app.GetUser(userId); err != nil {
return err
}
if user.AuthData != nil && len(*user.AuthData) != 0 && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
return model.NewLocAppError("ResetPassword", "api.user.reset_password.sso.app_error", nil, "userId="+user.Id)
}
if err := app.UpdatePasswordSendEmail(user, model.HashPassword(newPassword), c.T("api.user.reset_password.method"), c.GetSiteURL()); err != nil {
return err
}
return nil
}
func updateUserNotify(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.MapFromJson(r.Body)
@@ -1225,22 +1063,13 @@ func updateUserNotify(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
var user *model.User
var err *model.AppError
if user, err = app.GetUser(userId); err != nil {
ruser, err := app.UpdateUserNotifyProps(userId, props, c.GetSiteURL())
if err != nil {
c.Err = err
return
}
user.NotifyProps = props
var ruser *model.User
if ruser, err = app.UpdateUser(user, c.GetSiteURL()); err != nil {
c.Err = err
return
}
c.LogAuditWithUserId(user.Id, "")
c.LogAuditWithUserId(ruser.Id, "")
options := utils.Cfg.GetSanitizeOptions()
options["passwordupdate"] = false
@@ -1340,7 +1169,7 @@ func oauthToEmail(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if err := app.UpdatePassword(user, model.HashPassword(password)); err != nil {
if err := app.UpdatePassword(user, password); err != nil {
c.LogAudit("fail - database issue")
c.Err = err
return
@@ -1509,7 +1338,7 @@ func ldapToEmail(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
if err := app.UpdatePassword(user, model.HashPassword(emailPassword)); err != nil {
if err := app.UpdatePassword(user, emailPassword); err != nil {
c.LogAudit("fail - database issue")
c.Err = err
return

27
api/user_test.go
View File

@@ -83,32 +83,6 @@ func TestCreateUser(t *testing.T) {
}
}
func TestCheckUserDomain(t *testing.T) {
th := Setup().InitBasic()
user := th.BasicUser
cases := []struct {
domains string
matched bool
}{
{"simulator.amazonses.com", true},
{"gmail.com", false},
{"", true},
{"gmail.com simulator.amazonses.com", true},
}
for _, c := range cases {
matched := CheckUserDomain(user, c.domains)
if matched != c.matched {
if c.matched {
t.Logf("'%v' should have matched '%v'", user.Email, c.domains)
} else {
t.Logf("'%v' should not have matched '%v'", user.Email, c.domains)
}
t.FailNow()
}
}
}
func TestLogin(t *testing.T) {
th := Setup().InitBasic()
Client := th.BasicClient
@@ -1356,6 +1330,7 @@ func TestResetPassword(t *testing.T) {
}
if _, err := Client.ResetPassword(recovery.Code, "newpwd1"); err != nil {
t.Log(recovery.Code)
t.Fatal(err)
}

2
api/webrtc.go
View File

@@ -89,7 +89,7 @@ func getWebrtcToken(sessionId string) (string, *model.AppError) {
if rp, err := httpClient.Do(rq); err != nil {
return "", model.NewLocAppError("WebRTC.Token", "model.client.connecting.app_error", nil, err.Error())
} else if rp.StatusCode >= 300 {
defer closeBody(rp)
defer app.CloseBody(rp)
return "", model.AppErrorFromJson(rp.Body)
} else {
janusResponse := model.GatewayResponseFromJson(rp.Body)