* MM-14052: fix subpath yet again
The server now emits a script-src directive that overrides the root.html
rewrite. Fix this by emitting the requisite sha-256 hash server-side as
well as rewriting root.html. We can't remove the root.html rewrite,
since the assets may be on a CDN instead and we use the same code path
to rewrite them (on demand).
Prior to this change, going from / -> /subpath -> / would leave changes
in root.html: the Content-Security-Policy header would still have the
sha-256 hash, and the inline script would still override the publicPath
but to the default subpath value. To avoid sending down a sha-256 hash
server-side when no subpath is required, change this to fully strip out
the subpath changes. This is the only unit test change, as the existing
coverage proves the algorithm still works.
* fix subpath concatenation in test
path.Join isn't meant to work with a URL + path, and my test was effectively working with the subpath "/localhost:8065/subpath" instead of just "/subpath". The CI servers presumably caught this due to a different configuration than my local development.
* refactor utils/config* to config/
* pull validateLdapFilter into app
* clean up Config/GetConfig/GetSanitizedConfig usage
Eliminate app.GetConfig() in favour of just using app.Config() directly,
but expose app.GetSanitizedConfig() for when the old behaviour was
required.
* web: isolate config setup
* TestInvitePeopleProvider: make config explicit
* regenerateClientConfig: avoid racey map access
* integrate watch flag into app.ConfigFile option
* make app.Option return an error
* release.mk: only cp static files from config/
* release.mk: fix cp static files from config/
* api4: TestPlugin cleanup
* s/c/cfg/ for clarity
* fix merge conflict
* testlib: allow customization of testlib driver name
* MM 10658 Change config fields to pointers (#8898)
* Change fields of config structs to pointers and set defaults
MM-10658 https://github.com/mattermost/mattermost-server/issues/8841
* Fix tests that go broken during switching config structs to pointers
MM-10658 https://github.com/mattermost/mattermost-server/issues/8841
* Apply changes of current master while switching config structs to pointers
MM-10658 https://github.com/mattermost/mattermost-server/issues/8841
* Fix new config pointer uses
* Fix app tests
* Fix mail test
* remove debugging statement
* fix TestUpdateConfig
* assign config consistently
* initialize AmazonS3Region in TestS3TestConnection
* initialize fields for TestEmailTest
* fix TestCheckMandatoryS3Fields
* MM-10417 Add local image proxy and enable by default
* Remove unused function
* Add dependencies for willnorris/imageproxy
* Fixed compilation errors
* Lock to the master version of willnorris/imageproxy
* Fix atmos/camo proxy when no SiteURL is specified
* Re-add default values for deprecated settings
* Fix unit tests added by merge
* Pass imageproxy to App struct
* Remove unneeded locking when creating the image proxy
* Remove empty test file
This fixes a race condition client-side that fails to connect to websockets during MFA enforcement since the necessary config data isn't fetched. There are no security concerns in exposing this data to non-authenticated users, though we'd like to revisit this to tighten it down later: https://mattermost.atlassian.net/browse/MM-13785.
* Initial models, API, app, and persistence of groups and group syncing.
* Consistent letter casing in ldif.
* Moves group-specific migrations into func.
* Adds API endpoint to retrieve LDAP groups (and associated MM groups) one tree level at a time.
* Adds mattermost group id to SCIMGroup (if available).
* Splits user and group creation so that memberOf works. Returns users from ldap interface.
* Updates method name.
* Returns users IDs instead of User.
* Removes non-essential group data.
* MM-11807: Add GroupFilter to LDAP config. (#9513)
* MM-11807: Add GroupFilter to LDAP config.
* Add diagnostic.
* Adds new config option for using 'memberOf' overlay.
* Adds API endpoint to link a group.
* Removes debug statements.
* Adds unlink group API endpoint.
* Fix to LDAP API. Adds API method to client4 and app.
* Adds some missing app methods. Renames API unexported func.
* Fixes link/unlink API path to accept valid DNs.
* Allow any character for DN portion of path.
* Switches from DN to objectGUID or entryUUID as the remote identifier linking LDAP groups to MM groups.
* Formatting.
* Formatting.
* Setting group name field to an ID for phase 1.
* Adds an LDAP config field to Setting up configuration for local LDAP.
* Changes to LDAP and GroupStore interfaces.
* Draft of nesting groups in API response.
* Removes unnecessary tree models.
* Updates group membershipt create store method to also restore.
* Adds new config to test config.
* Accept AD format length.
* Switches to SetUniqueTogether method.
* Updates revert.
* Tweaks to syncing queries .
* Updates query for pending team and channel memberships.
* Removes old GroupSyncableScanner usage. Some formatting and renaming.
* Fixes bug setting syncable type in selecting paged.
* Adds tests for syncables populator.
* Only add users to teams and channels that are not deleted.
* Renames method.
* Updates test LDAP setup.
* Removes memberof config stuff.
* Renames.
* Updates test data.
* Fix for gofmt.
* Adds missing license.
* Adds missing teardowns.
* Test fix.
* Adds a cycle to the groups test data.
* Changes API to return flat list.
* Removes some unused interface and app methods.
* Returns empty braces if results are empty.
* Adds more LDAP test data.
* Fix for test data error.
* Adds error.
* Moves test groups.
* Adds OU for load test data.
* Moves load test ou creation to load data.
* Adds a new bool flag to SCIMGroups.
* Removes SCIMGroup completely.
* Removes FULL JOIN because it is not supported in MySQL.
* Adds tests for sync queries; renames constant.
* Bad merge fix.
* Vet fix.
* Returning OK on delete ldap group link
* Removes foreign key constraints.
* Adding total to the ldap getAllGroups api endpoint
* Adds get group members page.
* Removes pagination from groups syncables list API.
* Adding syncable check now that foreign key constraint is removes.
* Joins teams and channels to group syncables.
* Adds group member count.
* Adding GetAllChannels and SearchAllChannels for system admins only
* Fix.
* Test fix from pagination removal.
* Orders groupmembers by createat.
* Fixing search of all channels
* Test fix after removing pagination.
* JSON syntax error fix.
* Changing tests (for now) pending investigation.
* Adding GetAllChannels and SearchAllChannels tests for the store
* Adding GetAllChannels and SearchAllChannels API tests
* Omit empty JSON values of group syncables.
* Fixing GetAllChannels and SearchAllChannels tests
* Fixing GetAllChannels and SearchAllChannels store tests
* Fixing GetAllChannels api tests
* Adds 'LDAP groups' feature flag. (#9861)
* Migrate new client functions to idiomatic error handling
* Test fixes.
* Simplification of groups api (#9860)
* Simplification of groups api
* Fixing RequireSyncableType
* Test fix.
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Update api4/group.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Fix copy/paste error.
* Fix copy/paste error.
* Adds missing return, changes to correct HTTP status code.
* Adds missing return, changes status codes.
* Check for license.
* Renames variable for new signature.
* Adds client method to get a group.
* Adds client method and tests for PatchGroup.
* Adds more API tests.
* Adds groups API tests.
* Adds client method and tests for getting group syncables.
* Adds tests for patching group teams and channels.
* Update to translations.
* Removes test.
* Fix incorrect conditional.
* Removes unnecessary nil check.
* Removes unnecessary return.
* Updates comment, removes unused variable.
* Uses consistent JSON unmarshal pattern.
* Uses consistent JSON unmarshal pattern.
* Moves const block.
* Switches 'already linked' from error to success response.
* Removes commented-out code.
* Switched to status ok.
* Add parens for readability.
* Fix copy/paste error.
* Unexport some structs.
* Removes repeated validity check.
* Return without attempting commit if there's a rollback.
* Fix incorrect HTTP status code.
* Update store/sqlstore/group_supplier.go
Co-Authored-By: mkraft <martinkraft@gmail.com>
* Adds utility methods for going from groupsyncable to groupteam and groupchannel.
* Fixing george suggestions (#9911)
* Test fix.
* Adds QA data to VC with visualization.
* Fixes typo in graph image.
* Update display name when re-linking in case it has changed in LDAP.
* Adds ability to configure group display name and unique identifier. (#9923)
* Adds ability to configure group display name and unique identifier.
* Adds some configs to confi-ldap make command.
* Fix for move of session.
* Exposes method for use by SAML package.
* Switches GroupSyncableType from int to string.
* Update Jenkins build files.
* Removes unused variable assignment.
* Removes old unnecessary early return.
* Removes unnecessary variable.
* Moves param parsing before license and permissions checks.
* Removes old code.
* Compares agains underlying error rather than error id.
* Switches tests to assertions.
* Adds more assertions.
* Adds missing return.
* Adds space after comma for added legibility.
* Moves a view model to the api package.
* Unexports method.
* Uses id validator function.
* Fix docker-compose flag.
* Typo fix.
* Moves index creation to supplier.
* Removes bad merge.
* Renames parameter.
* Re-adds space.
* Removes unnecessary transaction.
* Escapes the Groups table name with backticks because it is a reserved keyword.
* Fix roles cache bug
* Removing unnecesiary deserializing function
* Switches table name rather than custom SQL everywhere for Postgres without backticks.
* Removes redundant check for sql.ErrNoRows.
* Removes redundant check for sql.ErrNoRows.
* Removes data integrity check and redundant nil conditional.
* Removes redundant check for sql.ErrNoRows.
* Removes unnecessary query.
* Removes ID length validation from persistence tier.
* Makes some supplier methods idempotent.
* Removes some empty switch defaults.
* Renames Group Type field to Source.
* Fix for mistaken field name change.
* Uses IsValidId function.
* Removes comment.
* Changes json key name.
* Removes test because no longer validating user.
* Moves model state validation to app layer.
* Don't create Groups.CanLeave column until phase 2.
* Removes state validation until properties are used in phase 2.
* Removes duplicated check.
* Removes state validation until properties are used in phase 2.
* Removes some tests until phase 2.
* Comment-out a bunch of test related to CanLeave.
* Extra unmarshal validation check. Removes more code for CanLeave.
* Removes tests for CanLeave.
* Explict error msg.
* Rewrite queries.
* Changes index name. Adds index.
* Removes assertion.
* Adds experimental feature flag.
* MM-10856: deduplicate posts with the same pending post id
Leverage a fixed size cache with a window of 30 seconds to deduplicate posts received by a single app server. Clients that duplicate the same pending post id will see one request potentially delayed until the first finishes, after which the same payload should be returned by both. Duplicate posts outside the 30 second window will not be de-duplicated.
Note that the cache is not synchronized between app servers. In an HA cluster consisting of more than one app server, sticky load balancing (e.g. hashing by IP or Session ID) is required to route the users to the same app instance for multiple requests.
Other options considered for this feature:
* adding a column to the `Posts` table: rejected as being too heavyweight
* maintaining a `PendingPostIds` table: similarly rejected for the database impact
* using the pending post id as the post id and relying on the unique constraints on the Post table: rejected for being difficult to show that it's safe to use a client-provided value as the row identifier
* utils/lru: simplify to ttl internally and for new methods
* move seenPendingPostIdsCache to App.Server
* just fail concurrent post requests, vs. trying to wait
* add debug log when create post is deduplicated
* #132 added UserTermsOfService model
* #132 added UserTermsOfService model
* #132 added logic to save user TOS data in a new table
* #132 Added logic to save and delete user TOS. Updated user TOS action logic
* #132 updated store mocks
* #132 added tests
* #132 removed cache from UserTermsOfService SQL store
* #132 fixed styling and license check
* #132 added message translations in en.json
* #132 fixed save user TOS logic to work second time as well
* #132 removed User.AcceptedTermsOfService colum and migrated accepted TOS data into new table
* #132 fixed formatting
* #132 fixed formatting
* #146 added field 'mandatory' to terms of service
* #146 updated tests
* #146 added getLatestTermsOfService API
* #146 Added tests
* #146 fixed styling
* #146 removed code for managing mandatory/optional TOS
* #146 Added TOS re-acceptance period config
* #146 fixed styling
* #146 removed some code left for debugging
* #146 added TOS re-acceptance period in config
* #146 fixed a json name from service_terms to terms_of_service
* #146 Minor refactoring and added TOS re-acceptance period to diagnistics
* Fixed style
* Updated upgraded script to keep app backward compatible
* Move OpenGraph code into its own file
* Move OpenGraph image proxying to app layer
* Move test file code out of api4 package
* MM-11272 Add OpenGraph and image dimension metadata to posts
* #124 renamed identififers from service terms to terms of service
* #124 renamed identififers from service terms to terms of service
* 124 renamed ServiceTerms model to TermsOfService
* 124 Renamed EnableCustomServiceTerms feature flag to EnableCustomTermsOfService
* 124 Renamed EnableCustomServiceTerms feature flag to EnableCustomTermsOfService
* #124 fixed formatting
* #124 fixed formatting
* #132 renamed table ServiceTerms to TermsOfService
* #124 renamed some missed files from 'service_terms' to 'terms_of_service'
* #124 removed fixed TODOs
* drop migrate of ServiceTerms table, since backporting
* s/ServiceTerms/TermsOfService/ in tests
* s/AcceptedServiceTermsId/AcceptedTermsOfServiceId/
Change the model attribute, even though the column name will eventually be removed.
* s/accepted_service_terms_id/accepted_terms_of_service_id/ to match redux
* s/serviceTerms/termsOfService
* rename column too, and add max size constraint
* s/EnableCustomServiceTerms/EnableCustomTermsOfService
Previously, mattermost-server would always request with the default
user-agent of Go's net/http package that is `Go-http-client/1.1` or
something similar.
This has several disadvantages, one is that the default user-agent
made it pretty hard to distinguish mattermost requests from other
service requests in a network log for example.
Now a user-agent of the form `mattermost-<current-version>` is set in
the client.
- [x] Added or updated unit tests (required for all new features)
* #MM-12130 changes for custom service terms
* Fixed styling
* Added getServiceTerms API
* removed unnecessary panic
* removed custom service terms text from flat config
* reverted user sql store as those changes are no longer needed
* added tests
* Updated a config key to be more standard
* Added copyright info
* Loading service terms only if the feature is enabled
* Loading service terms only if the feature is enabled
* removed unused index
* added createservice termns API
* made a param to bool instead of string
* added createservice termns API
* review fixes
* fixed styling
* Minor refactoring
* removed saveConfig and loadConfig magic
* added empty service terms text check to createServiceTerms API
* refactoed some urls to be terms_of_service instead of service_terms
* removed check for support settings
* changed URLs in tests
* removed unused code
* fixed a bug
* added service termd id in conif
* fixed a test
* review fixes
* minor fixes
* Fixed TestCreateServiceTerms
There are numerous issues here, including some non-determinism in the viper library (fixable) and some annoying behaviour regarding periods in keys, often used by plugin ids (fix unknown). Let's defer the handling of same until we can get our config loading library to do what we need it to do vs. having to hack around viper all the time.
Fix code issues in channel_test.go
Fix Channel Test Issues detected by Megacheck
Fix API Emoji Test Issues detected by Megacheck
Fixed API Issues Reported by Megacheck
Fixed App issues reported by megacheck
Remaining fixes
removed test added by mistake from old HEAD
gofmt
Store Fixes
simplified returns
Fix test for multi member channel delete
revert to delete unused function
* Allow connetions to /plugins for interactive message buttons.
* Adding siteurl to exclusions for AllowedUntrustedInternalConnections
* Adding subpath support for allowing interactive message buttons plugin connections.
* MM-11382 Only override PluginSettings from environment when necessary
* MM-11382 Remove special handling of PluginSettings when loading config
* Add extra unit test
