Filter blacklisted Unicode characters from:
user: first name, last name, nickname, bot description, username
team: name, display name, description, company name
channel: name, display name
* promote user to admin upon login
* Add SAML support for admin accounts
* update en.json
* update i18n
* Add tests as per comments
* change function name
* fix config.go
* invalidate cache so its not checking for cache when roles change
* add enable attribute and filter
Display LHS bot Icon in web app. As part of mentioned task, Added LastIconUpdate variable in model.bot to store last update time of icon. Also added code to update/delete value of the mentioned variable when setting/deleting bot icon.
* Consistent license message for all the go files
* Fixing the last set of unconsistencies with the license headers
* Addressing PR review comments
* Fixing busy.go and busy_test.go license header
This changes the bulk import so when it needs to generate a password
because no password or auth data was supplied, it now takes into account
the configured minimum length, as well as assuming all other distinct
character types are configured to be required. It should now generate
valid passwords regardless of the password policy configuration in the
Mattermost configuration file.
* Add different types for different mentions
* Remove redundant THREAD_ANY and THREAD_ROOT constants
* Make PostStore.Get return thread in order
* MM-17071 Add initial version of countMentionsFromPost
* MM-17071 Refactor comment mention counting
* MM-17071 Use mention counting when marking post as unread
* Fix shadowing in tests
* Remove repeated check of user count
* Refactor code using MentionType
* Update comments around -1 return value
* Move inner functions out of countMentionsFromPost
* Remove preconditions check as separate test case
* Update comments
* Add User.GetMentionKeys
* Revert "Make PostStore.Get return thread in order"
This reverts commit 22aa010cee.
* Fix tests
* Fix merge conflict
* Add store.MentionAllPosts
* MM-17383: Update query to include users who are not members of any groups.
* MM-17383: Fixes govet complaint.
* MM-17383: Sorts by username.
* MM-17383: Removes accidental staging.
* MM-16258: Adds new API endpoint + (App & Client & Store) to retrieve Users who would be removed from a list of hypothetical group IDs representing the synced groups.
* MM-16258: Adds roles to JSON response.
* MM-16258: Updates GetByIDs to use Squirrel.
* MM-16258: Puts as much as possible into Squirrel.
* MM-16258: Changes names of methods, functions, and route.
* MM-16258: Updates some comments.
* MM-16258: Extra validation of group_ids parameter.
* MM-16258: Changes validation of group_ids query param.
* MM-16258: Rename a variable and a constant.
* MM-16258: Fix test.
* MM-15021: Adding new builtin system schema for Guests
* Fixing tests
* Setting properly the permissions
* Adding guests to sampledata
* Restrict more roles updates in the app layer for guests
* Adding comment to explain that permissions migration must go at the end
* Setting the default guest role for custom scheme during migration
* Fixing import and export
* Creating scheme guest roles on migration
* Fixing tests
* Fixing tests
* Fixing tests
* MM-14138: Adding new "VIEW_MEMBERS" permissions restrict the scope of users visibility
* Fixing gofmt
* Fixing broken tests
* Addressing PR review comments from Miguel de la Cruz
* Removed hack
* A bit nicer and cleaner code in the UserBelongsToChannels function
* Adding cluster cache invalidation for user team ids
* Checking in the correct order permissions to not leek existency information
* Adding restrictions to TeamMembers and User status requests
* Fixing tests
* Fixing status endpoint permissions checks
* Adding more tests
* Fixing tests
* More tests and making the restrictions query based only on joins
* Adding more tests
* Adding more tests
* fixing merge problems
* Reverting status changes to avoid performance issues
* Adding more tests
* Fixing test
* i18n extract
* Adding extra method for get restrictions for a team
* Add the new elasticsearch functions to search users with restrictions
* Add missing translation string
* Rename restrictedChannelIds to restrictedToChannels
* Remove ToDo
* Adding the permission to the SystemAdmin role during permissions migrations
* MM-14417: Adds support for out-of-channel notifications of users who are not in associated groups of group-constrained channels.
* MM-14417: Fix for mobile backwards compatibility.
* Used user TOS data embedded in user object itself
* #MI-372 Added user TOS data in getUserByUsername API and updated tests
* #MI-372 returned user TOS data only for admin or self
* #MI-372 fixed tests
* #MI-372 added user ID checks in a missing place
* [MM-14253] Adds channels and users to the bulk index process
* Add support for PostgreSQL and sort the user query result
* Add tests for user and channel batch queries
* Fix test times
* bots model, store and api (#9903)
* bots model, store and api
Fixes: MM-13100, MM-13101, MM-13103, MM-13105, MMM-13119
* uncomment tests incorrectly commented, and fix merge issues
* add etags support
* add missing licenses
* remove unused sqlbuilder.go (for now...)
* rejig permissions
* split out READ_BOTS into READ_BOTS and READ_OTHERS_BOTS, the latter
implicitly allowing the former
* make MANAGE_OTHERS_BOTS imply MANAGE_BOTS
* conform to general rest api pattern
* eliminate redundant http.StatusOK
* Update api4/bot.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* s/model.UserFromBotModel/model.UserFromBot/g
* Update model/bot.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* Update model/client4.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* move sessionHasPermissionToManageBot to app/authorization.go
* use api.ApiSessionRequired for createBot
* introduce BOT_DESCRIPTION_MAX_RUNES constant
* MM-13512 Prevent getting a user by email based on privacy settings (#10021)
* MM-13512 Prevent getting a user by email based on privacy settings
* Add additional config settings to tests
* upgrade db to 5.7 (#10019)
* MM-13526 Add validation when setting a user's Locale field (#10022)
* Fix typos (#10024)
* Fixing first user being created with system admin privilages without being explicity specified. (#10014)
* Revert "Support for Embeded chat (#9129)" (#10017)
This reverts commit 3fcecd521a.
* s/DisableBot/UpdateBotActive
* add permissions on upgrade
* Update NOTICE.txt (#10054)
- add new dependency (text)
- handle switch to forked dependency (go-gomail -> go-mail)
- misc copyright owner updates
* avoid leaking bot knowledge without permission
* [GH-6798] added a new api endpoint to get the bulk reactions for posts (#10049)
* 6798 added a new api to get the bulk reactions for posts
* 6798 added the permsission check before getting the reactions
* GH-6798 added a new app function for the new endpoint
* 6798 added a store method to get reactions for multiple posts
* 6798 connected the app function with the new store function
* 6798 fixed the review comments
* MM-13559 Update model.post.is_valid.file_ids.app_error text per report (#10055)
Ticket: https://mattermost.atlassian.net/browse/MM-13559
Report: https://github.com/mattermost/mattermost-server/issues/10023
* Trigger Login Hooks with OAuth (#10061)
* make BotStore.GetAll deterministic even on duplicate CreateAt
* fix spurious TestMuteCommandSpecificChannel test failure
See
https://community-daily.mattermost.com/core/pl/px9p8s3dzbg1pf3ddrm5cr36uw
* fix race in TestExportUserChannels
* TestExportUserChannels: remove SaveMember call, as it is redundant and used to be silently failing anyway
* MM-13117: bot tokens (#10111)
* eliminate redundant Client/AdminClient declarations
* harden TestUpdateChannelScheme to API failures
* eliminate unnecessary config restoration
* minor cleanup
* make TestGenerateMfaSecret config dependency explicit
* TestCreateUserAccessToken for bots
* TestGetUserAccessToken* for bots
* leverage SessionHasPermissionToUserOrBot for user token APIs
* Test(Revoke|Disable|Enable)UserAccessToken
* make EnableUserAccessTokens explicit, so as to not rely on local config.json
* uncomment TestResetPassword, but still skip
* mark assert(Invalid)Token as helper
* fix whitespace issues
* fix mangled comments
* MM-13116: bot plugin api (#10113)
* MM-13117: expose bot API to plugins
This also changes the `CreatorId` column definition to allow for plugin
ids, as the default unless the plugin overrides is to use the plugin id
here. This branch hasn't hit master yet, so no migration needed.
* gofmt issues
* expunge use of BotList in plugin/client API
* introduce model.BotGetOptions
* use botUserId term for clarity
* MM-13129 Adding functionality to deal with orphaned bots (#10238)
* Add way to list orphaned bots.
* Add /assign route to modify ownership of bot accounts.
* Apply suggestions from code review
Co-Authored-By: crspeller <crspeller@gmail.com>
* MM-13120: add IsBot field to returned user objects (#10103)
* MM-13104: forbid bot login (#10251)
* MM-13104: disallow bot login
* fix shadowing
* MM-13136 Disable user bots when user is disabled. (#10293)
* Disable user bots when user is disabled.
* Grammer.
Co-Authored-By: crspeller <crspeller@gmail.com>
* Fixing bot branch for test changes.
* Don't use external dependancies in bot plugin tests.
* Rename bot CreatorId to OwnerId
* Adding ability to re-enable bots
* Fixing IsBot to not attempt to be saved to DB.
* Adding diagnostics and licencing counting for bot accounts.
* Modifying gorp to allow reading of '-' fields.
* Removing unnessisary nil values from UserCountOptions.
* Changing comment to GoDoc format
* Improving user count SQL
* Some improvments from feedback.
* Omit empty on User.IsBot
* Check for password when updating the eMail
* Require password for email change
* Enhance unit testing
* Restructure error handling for update email path
* govet
We have constants for (most) of the notify props keys. We should use
them consistently, instead of sometimes and other times having strings
scattered around the place.
* #132 added UserTermsOfService model
* #132 added UserTermsOfService model
* #132 added logic to save user TOS data in a new table
* #132 Added logic to save and delete user TOS. Updated user TOS action logic
* #132 updated store mocks
* #132 added tests
* #132 removed cache from UserTermsOfService SQL store
* #132 fixed styling and license check
* #132 added message translations in en.json
* #132 fixed save user TOS logic to work second time as well
* #132 removed User.AcceptedTermsOfService colum and migrated accepted TOS data into new table
* #132 fixed formatting
* #132 fixed formatting
* #146 added field 'mandatory' to terms of service
* #146 updated tests
* #146 added getLatestTermsOfService API
* #146 Added tests
* #146 fixed styling
* #146 removed code for managing mandatory/optional TOS
* #146 Added TOS re-acceptance period config
* #146 fixed styling
* #146 removed some code left for debugging
* #146 added TOS re-acceptance period in config
* #146 fixed a json name from service_terms to terms_of_service
* #146 Minor refactoring and added TOS re-acceptance period to diagnistics
* Fixed style
* Updated upgraded script to keep app backward compatible
* #124 renamed identififers from service terms to terms of service
* #124 renamed identififers from service terms to terms of service
* 124 renamed ServiceTerms model to TermsOfService
* 124 Renamed EnableCustomServiceTerms feature flag to EnableCustomTermsOfService
* 124 Renamed EnableCustomServiceTerms feature flag to EnableCustomTermsOfService
* #124 fixed formatting
* #124 fixed formatting
* #132 renamed table ServiceTerms to TermsOfService
* #124 renamed some missed files from 'service_terms' to 'terms_of_service'
* #124 removed fixed TODOs
* drop migrate of ServiceTerms table, since backporting
* s/ServiceTerms/TermsOfService/ in tests
* s/AcceptedServiceTermsId/AcceptedTermsOfServiceId/
Change the model attribute, even though the column name will eventually be removed.
* s/accepted_service_terms_id/accepted_terms_of_service_id/ to match redux
* s/serviceTerms/termsOfService
* rename column too, and add max size constraint
* s/EnableCustomServiceTerms/EnableCustomTermsOfService
* #MM-12130 changes for custom service terms
* Fixed styling
* Added getServiceTerms API
* removed unnecessary panic
* removed custom service terms text from flat config
* reverted user sql store as those changes are no longer needed
* added tests
* Updated a config key to be more standard
* Added copyright info
* Loading service terms only if the feature is enabled
* Loading service terms only if the feature is enabled
* removed unused index
* added createservice termns API
* made a param to bool instead of string
* added createservice termns API
* review fixes
* fixed styling
* Minor refactoring
* removed saveConfig and loadConfig magic
* added empty service terms text check to createServiceTerms API
* refactoed some urls to be terms_of_service instead of service_terms
* removed check for support settings
* changed URLs in tests
* removed unused code
* fixed a bug
* added service termd id in conif
* fixed a test
* review fixes
* minor fixes
* Fixed TestCreateServiceTerms
* MM-11522 Fix being able to create users with invalid emails through API
* Ensure store tests are using valid emails
* Add missing license header
* Remove invalid test case
* Fix TestUpdateOAuthUserAttrs
* Add user.DeepCopy() function
* Add omit admins/non-admins to WS broadcast and use for updating users
* Updates per feedback and adding unit test for ShouldSendEvent
