Support for handling username collisions between remote clusters. Users belonging to remote clusters have their username changed to include the remote name e.g. wiggin becomes wiggin:mattermost.
@mentions are also modified so the munged username is replaced with the original username when the post is sync'd with the remote the user belongs to.
When adding remote users:
- append the remote name to the username with colon separator
- append the remote name to the email address with colon separator
- store the original username and email address in user props
- when resolving @mentions replace with the stored original username
Remote Cluster Service
- provides ability for multiple Mattermost cluster instances to create a trusted connection with each other and exchange messages
- trusted connections are managed via slash commands (for now)
- facilitates features requiring inter-cluster communication, such as Shared Channels
Shared Channels Service
- provides ability to shared channels between one or more Mattermost cluster instances (using trusted connection)
- sharing/unsharing of channels is managed via slash commands (for now)
* Create the system console setting and send to webapp
* MI-1145: Add custom status APIs
* MI-1145 Add slash commands to set and clear status
* Add validation for custom status API
* Trim custom status message
* Code refactoring
- Run gofmt
- Rename constants
* Remove sendUserUpdated webhook event
* Fix recent custom status length
* Update error conditions
* Disable /status slash command when config setting is off
* MI-1155: Create the feature flag for custom status APIs and slash commands
* Move recent custom statuses to user preferences (#7)
* Move recent custom statuses to user preferences
* Code refactoring and feedback changes
* Update slash command text and emoji regex
* Make the custom status feature flag off by default
* Update SetCustomStatus, handle recents not set better
* Update status codes
* Update slash command handling
* Add telementry settings
* Fix i18n order
* Revert "Fix i18n order"
This reverts commit 499f7eaca8.
* Update i18n strings
We were allowing new password to be reset without asking
for the old password. This was not advertised but was possible nevertheless
through the API.
Since there is already a separate API to change password, we choose to remove
this functionality.
https://mattermost.atlassian.net/browse/MM-32013
```release-note
The /api/v4/users/me/auth API endpoint cannot be used to change password anymore.
This was a hidden feature that was not documented, but was nevertheless possible.
We are just removing the hidden feature.
```
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* format using `goimports -local github.com/mattermost/mattermost-server/v5 -w`
* added goimports lint check to .golangci.yml
* format using `goimports -local github.com/mattermost/mattermost-server/v5 -w` for a corner case
* make app-layers, *-mocks and store-layers for ci check
Co-authored-by: Mahmudul Haque <mahmudulhaque@protonmail.com>
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* MM-29980: Optimize profilesInChannels cache to fast path
We add one more message type to the fast path- profiles in channels. There
are 2 primary reasons for this:
- This is not really a new model type, but just a map of users. And users already use
the fast path. So we can get some more gains without really investing much more code.
- A more important reason is that with the upcoming striped mutex changes, we will get
a higher throughput at the cost of a bit more CPU utilization. The reason being that
since less amount of time will be spent in lock-contention, the CPU is free to do more
stuff. So this change is to counter that increase.
As usual, this gives much better performance than the original decoder.
Micro-benchmark results
```
name old time/op new time/op delta
LRU/UserMap=new-8 16.6µs ± 3% 3.9µs ± 4% -76.15% (p=0.000 n=10+10)
name old alloc/op new alloc/op delta
LRU/UserMap=new-8 4.78kB ± 0% 2.74kB ± 0% -42.65% (p=0.000 n=10+10)
name old allocs/op new allocs/op delta
LRU/UserMap=new-8 38.0 ± 0% 30.0 ± 0% -21.05% (p=0.000 n=10+10)
```
https://mattermost.atlassian.net/browse/MM-29980
Here are some results from a load test. The comparison is done with a 2 node cluster; one running master
and one running with this patch so that it's easier to compare. The total users are 2000.
<See PR>
```release-note
NONE
```
* Fix gofmt
* Trigger CI
Filter blacklisted Unicode characters from:
user: first name, last name, nickname, bot description, username
team: name, display name, description, company name
channel: name, display name
* promote user to admin upon login
* Add SAML support for admin accounts
* update en.json
* update i18n
* Add tests as per comments
* change function name
* fix config.go
* invalidate cache so its not checking for cache when roles change
* add enable attribute and filter
Display LHS bot Icon in web app. As part of mentioned task, Added LastIconUpdate variable in model.bot to store last update time of icon. Also added code to update/delete value of the mentioned variable when setting/deleting bot icon.
* Consistent license message for all the go files
* Fixing the last set of unconsistencies with the license headers
* Addressing PR review comments
* Fixing busy.go and busy_test.go license header
This changes the bulk import so when it needs to generate a password
because no password or auth data was supplied, it now takes into account
the configured minimum length, as well as assuming all other distinct
character types are configured to be required. It should now generate
valid passwords regardless of the password policy configuration in the
Mattermost configuration file.
* Add different types for different mentions
* Remove redundant THREAD_ANY and THREAD_ROOT constants
* Make PostStore.Get return thread in order
* MM-17071 Add initial version of countMentionsFromPost
* MM-17071 Refactor comment mention counting
* MM-17071 Use mention counting when marking post as unread
* Fix shadowing in tests
* Remove repeated check of user count
* Refactor code using MentionType
* Update comments around -1 return value
* Move inner functions out of countMentionsFromPost
* Remove preconditions check as separate test case
* Update comments
* Add User.GetMentionKeys
* Revert "Make PostStore.Get return thread in order"
This reverts commit 22aa010cee.
* Fix tests
* Fix merge conflict
* Add store.MentionAllPosts
* MM-17383: Update query to include users who are not members of any groups.
* MM-17383: Fixes govet complaint.
* MM-17383: Sorts by username.
* MM-17383: Removes accidental staging.
* MM-16258: Adds new API endpoint + (App & Client & Store) to retrieve Users who would be removed from a list of hypothetical group IDs representing the synced groups.
* MM-16258: Adds roles to JSON response.
* MM-16258: Updates GetByIDs to use Squirrel.
* MM-16258: Puts as much as possible into Squirrel.
* MM-16258: Changes names of methods, functions, and route.
* MM-16258: Updates some comments.
* MM-16258: Extra validation of group_ids parameter.
* MM-16258: Changes validation of group_ids query param.
* MM-16258: Rename a variable and a constant.
* MM-16258: Fix test.
* MM-15021: Adding new builtin system schema for Guests
* Fixing tests
* Setting properly the permissions
* Adding guests to sampledata
* Restrict more roles updates in the app layer for guests
* Adding comment to explain that permissions migration must go at the end
* Setting the default guest role for custom scheme during migration
* Fixing import and export
* Creating scheme guest roles on migration
* Fixing tests
* Fixing tests
* Fixing tests
* MM-14138: Adding new "VIEW_MEMBERS" permissions restrict the scope of users visibility
* Fixing gofmt
* Fixing broken tests
* Addressing PR review comments from Miguel de la Cruz
* Removed hack
* A bit nicer and cleaner code in the UserBelongsToChannels function
* Adding cluster cache invalidation for user team ids
* Checking in the correct order permissions to not leek existency information
* Adding restrictions to TeamMembers and User status requests
* Fixing tests
* Fixing status endpoint permissions checks
* Adding more tests
* Fixing tests
* More tests and making the restrictions query based only on joins
* Adding more tests
* Adding more tests
* fixing merge problems
* Reverting status changes to avoid performance issues
* Adding more tests
* Fixing test
* i18n extract
* Adding extra method for get restrictions for a team
* Add the new elasticsearch functions to search users with restrictions
* Add missing translation string
* Rename restrictedChannelIds to restrictedToChannels
* Remove ToDo
* Adding the permission to the SystemAdmin role during permissions migrations
* MM-14417: Adds support for out-of-channel notifications of users who are not in associated groups of group-constrained channels.
* MM-14417: Fix for mobile backwards compatibility.
* Used user TOS data embedded in user object itself
* #MI-372 Added user TOS data in getUserByUsername API and updated tests
* #MI-372 returned user TOS data only for admin or self
* #MI-372 fixed tests
* #MI-372 added user ID checks in a missing place
* [MM-14253] Adds channels and users to the bulk index process
* Add support for PostgreSQL and sort the user query result
* Add tests for user and channel batch queries
* Fix test times
* bots model, store and api (#9903)
* bots model, store and api
Fixes: MM-13100, MM-13101, MM-13103, MM-13105, MMM-13119
* uncomment tests incorrectly commented, and fix merge issues
* add etags support
* add missing licenses
* remove unused sqlbuilder.go (for now...)
* rejig permissions
* split out READ_BOTS into READ_BOTS and READ_OTHERS_BOTS, the latter
implicitly allowing the former
* make MANAGE_OTHERS_BOTS imply MANAGE_BOTS
* conform to general rest api pattern
* eliminate redundant http.StatusOK
* Update api4/bot.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* s/model.UserFromBotModel/model.UserFromBot/g
* Update model/bot.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* Update model/client4.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* move sessionHasPermissionToManageBot to app/authorization.go
* use api.ApiSessionRequired for createBot
* introduce BOT_DESCRIPTION_MAX_RUNES constant
* MM-13512 Prevent getting a user by email based on privacy settings (#10021)
* MM-13512 Prevent getting a user by email based on privacy settings
* Add additional config settings to tests
* upgrade db to 5.7 (#10019)
* MM-13526 Add validation when setting a user's Locale field (#10022)
* Fix typos (#10024)
* Fixing first user being created with system admin privilages without being explicity specified. (#10014)
* Revert "Support for Embeded chat (#9129)" (#10017)
This reverts commit 3fcecd521a.
* s/DisableBot/UpdateBotActive
* add permissions on upgrade
* Update NOTICE.txt (#10054)
- add new dependency (text)
- handle switch to forked dependency (go-gomail -> go-mail)
- misc copyright owner updates
* avoid leaking bot knowledge without permission
* [GH-6798] added a new api endpoint to get the bulk reactions for posts (#10049)
* 6798 added a new api to get the bulk reactions for posts
* 6798 added the permsission check before getting the reactions
* GH-6798 added a new app function for the new endpoint
* 6798 added a store method to get reactions for multiple posts
* 6798 connected the app function with the new store function
* 6798 fixed the review comments
* MM-13559 Update model.post.is_valid.file_ids.app_error text per report (#10055)
Ticket: https://mattermost.atlassian.net/browse/MM-13559
Report: https://github.com/mattermost/mattermost-server/issues/10023
* Trigger Login Hooks with OAuth (#10061)
* make BotStore.GetAll deterministic even on duplicate CreateAt
* fix spurious TestMuteCommandSpecificChannel test failure
See
https://community-daily.mattermost.com/core/pl/px9p8s3dzbg1pf3ddrm5cr36uw
* fix race in TestExportUserChannels
* TestExportUserChannels: remove SaveMember call, as it is redundant and used to be silently failing anyway
* MM-13117: bot tokens (#10111)
* eliminate redundant Client/AdminClient declarations
* harden TestUpdateChannelScheme to API failures
* eliminate unnecessary config restoration
* minor cleanup
* make TestGenerateMfaSecret config dependency explicit
* TestCreateUserAccessToken for bots
* TestGetUserAccessToken* for bots
* leverage SessionHasPermissionToUserOrBot for user token APIs
* Test(Revoke|Disable|Enable)UserAccessToken
* make EnableUserAccessTokens explicit, so as to not rely on local config.json
* uncomment TestResetPassword, but still skip
* mark assert(Invalid)Token as helper
* fix whitespace issues
* fix mangled comments
* MM-13116: bot plugin api (#10113)
* MM-13117: expose bot API to plugins
This also changes the `CreatorId` column definition to allow for plugin
ids, as the default unless the plugin overrides is to use the plugin id
here. This branch hasn't hit master yet, so no migration needed.
* gofmt issues
* expunge use of BotList in plugin/client API
* introduce model.BotGetOptions
* use botUserId term for clarity
* MM-13129 Adding functionality to deal with orphaned bots (#10238)
* Add way to list orphaned bots.
* Add /assign route to modify ownership of bot accounts.
* Apply suggestions from code review
Co-Authored-By: crspeller <crspeller@gmail.com>
* MM-13120: add IsBot field to returned user objects (#10103)
* MM-13104: forbid bot login (#10251)
* MM-13104: disallow bot login
* fix shadowing
* MM-13136 Disable user bots when user is disabled. (#10293)
* Disable user bots when user is disabled.
* Grammer.
Co-Authored-By: crspeller <crspeller@gmail.com>
* Fixing bot branch for test changes.
* Don't use external dependancies in bot plugin tests.
* Rename bot CreatorId to OwnerId
* Adding ability to re-enable bots
* Fixing IsBot to not attempt to be saved to DB.
* Adding diagnostics and licencing counting for bot accounts.
* Modifying gorp to allow reading of '-' fields.
* Removing unnessisary nil values from UserCountOptions.
* Changing comment to GoDoc format
* Improving user count SQL
* Some improvments from feedback.
* Omit empty on User.IsBot
* Check for password when updating the eMail
* Require password for email change
* Enhance unit testing
* Restructure error handling for update email path
* govet
