* Remove NotificationRegistry table and use structured logging
* Fix ackId for notification sent
* Notification logger at server level
* Remove unused i18n strings
* MM-14723 add config flag for creating bots
* MM-14723 - update i18n to handle new config flag
* MM-14723 - change API tests to allow bots by default
* Update i18n/en.json
Co-Authored-By: andresoro <ao15@my.fsu.edu>
* MM-14723: add config flag for enabling/disabling bot creation
* undo changes to apitestlib.go to explicitly change config in each test
* add unit tests for config changes
* MM-14723 update test cases
* MM-14723 update test cases to use UpdateConfig method
* MM-14289 Add Push notification acknowledge identifier and store tracing logs
* MM-14884 include SenderName property in Push Notifications
* Remove @ sign from channel Name in push notifications
* Fix i18n
* Fix push notification model
* fix TestPostNotificationGetChannelName
* Remove colon from model constant
* Fix Notification Registry tests
* Make postId optional for clear notifications
* Update http status when service is not available
Co-Authored-By: enahum <nahumhbl@gmail.com>
* MM-15021: Adding new builtin system schema for Guests
* Fixing tests
* Setting properly the permissions
* Adding guests to sampledata
* Restrict more roles updates in the app layer for guests
* Adding comment to explain that permissions migration must go at the end
* Setting the default guest role for custom scheme during migration
* Fixing import and export
* Creating scheme guest roles on migration
* Fixing tests
* Fixing tests
* Fixing tests
* MM-14138: Adding new "VIEW_MEMBERS" permissions restrict the scope of users visibility
* Fixing gofmt
* Fixing broken tests
* Addressing PR review comments from Miguel de la Cruz
* Removed hack
* A bit nicer and cleaner code in the UserBelongsToChannels function
* Adding cluster cache invalidation for user team ids
* Checking in the correct order permissions to not leek existency information
* Adding restrictions to TeamMembers and User status requests
* Fixing tests
* Fixing status endpoint permissions checks
* Adding more tests
* Fixing tests
* More tests and making the restrictions query based only on joins
* Adding more tests
* Adding more tests
* fixing merge problems
* Reverting status changes to avoid performance issues
* Adding more tests
* Fixing test
* i18n extract
* Adding extra method for get restrictions for a team
* Add the new elasticsearch functions to search users with restrictions
* Add missing translation string
* Rename restrictedChannelIds to restrictedToChannels
* Remove ToDo
* Adding the permission to the SystemAdmin role during permissions migrations
* Add regenerate invite ID endpoint; Dont allow inviteID updates via other methods; Remove unrequired checks in get handler
* Fix tests; Dont accept TeamId as invite ID
* Ensure all teams have an InviteID set
* Custom Selector to get empty teams; dont crash when inviteid set fails
* Remote InviteId from TeamPatch
* Add missing translation
* Translation string order
* Use sync store
* gofmt
* MM-15276: Migrate Team.Update to sync by default
* MM-15276: Addressing review comments and change Update func signature similar to other interface Update method
* update store mocks for update fn
* addressing review comments
This change is being made to address an issue where the go-i18n
translation library would result in partial-translations when a
given language dictionary was missing a given plural keyword. The
improvement made here leads the translation library to try an
'other' keyword lookup if the first plural keyword fails to have
a value.
This change was not accepted upstream due to concern regarding
changing the behavior, so we are using a fork at this time to
address the issue.
* Use gzip for API responses [MM-11426]
- Update api4/handlers to use gziphandler wrapper if api configured to
use gzip
- Add test to ensure `Content-Encoding` header is set if `WebserverMode=="gzip"` and `Accept-Encoding="gzip"` present in http request
Authored-by: Tyler Ramer <tyaramer@gmail.com>
* WIP: refractor handlers_test
Clean up, include gzip tests for all functions in handlers
Authored-by: Tyler Ramer <tyaramer@gmail.com>
* fixup! WIP: refractor handlers_test
* fixup! fixup! WIP: refractor handlers_test
* Migrating audit store
* Final migration example for the audit store
* async example
* Ending migration
* Removing Async helper
* Fixing tests
* Fixing govet problems with the StoreResult instanstiation
* MM-14757/14758: Update APIs to reject removals from group-constrained teams.
* MM-14757/14758: Tests API changes.
* MM-14757/14758: Allow users to leave channals and teams.
* MM-14757/14758: Updates translation key order.
* MM-14757/14758: Adds user to team before setting it to group-constrained b/c of new add restrictions.
* MM-147753: Verifies that users are allowed to be members of a team or a channel, based on group constraints, prior to allowing the API to add them.
* MM-14753: Allow methods to return meaningful results for deleted teams or channels.
* MM-14753: Renames methods to differentiate from permissions and other team and channel restrictions.
* MM-14753: Only check if users are team/channel members if team/channel is group constrained.
* MM-14753: Updates test function names.
* MM-14753: Changes a few method signatures.
* MM-14753: Small refactor and adds missing returns.
* MM-14753: Changes method names from Get* to Filter* name prefixes.
* MM-14753: Renames error variables.
* MM-14753: Updates method names for consistency with join table names.
* MM-14753: Adds case for non AppError return.
* Update i18n/en.json
* Set EditAt for FileIds and Attachments; Disallow update/patch of FileIds in API Handler
* Add custom comparison methods for StringArray and Post Attachments
* gofmt
* Split up comparison function to child structs
* Naming consistency
* gofmt
* Used user TOS data embedded in user object itself
* #MI-372 Added user TOS data in getUserByUsername API and updated tests
* #MI-372 returned user TOS data only for admin or self
* #MI-372 fixed tests
* #MI-372 added user ID checks in a missing place
* tweak utils.Merge docs
* move merge_test to utils_test package for easier testing
* utils: support MergeConfig and StructFieldFilter
* constrain updating certain fields by the restricted system admin
* Adding list/join public/private teams permissions
* Add permission migration and allow to migrate based on role name
* Adding JoinTeam new endpoint
* Addressing PR review comments
* Keep the previous API consistent
* Adds elasticsearch to the user and channel autocompletion functions
* Implement channel store GetChannelsByIds test
* Style changes and govet fixes
* Add gofmt fixes
* Extract default channel search limit to a const
* Add StringSliceDiff function to the utils package
* Honor USER_SEARCH_MAX_LIMIT on the user autocomplete api handler
* Change the elasticsearch development image
* api4: break out license and config from system
* app: move some config functions from admin.go to config.go
* add ExperimentalSettings.RestrictSystemAdmin
* forbid various actions to restricted system admin
* update default.json
* fix function names in errors
* TestGetLicenseFileFromDisk: avoid using fileutils.FindConfigFile
* config: abstract config-related file access, extend memory store
* simplify config validate to avoid file knowledge
* fix relative file tests
* cluster: fix ConfigChanged event
The old and new configurations were swapped when notifying the enterprise code of configuration changes, creating needless instability in propagating config updates across a cluster.
* config/database: ignore duplicates
* test cleanup
* remove unnecessary Save() in test
* bots model, store and api (#9903)
* bots model, store and api
Fixes: MM-13100, MM-13101, MM-13103, MM-13105, MMM-13119
* uncomment tests incorrectly commented, and fix merge issues
* add etags support
* add missing licenses
* remove unused sqlbuilder.go (for now...)
* rejig permissions
* split out READ_BOTS into READ_BOTS and READ_OTHERS_BOTS, the latter
implicitly allowing the former
* make MANAGE_OTHERS_BOTS imply MANAGE_BOTS
* conform to general rest api pattern
* eliminate redundant http.StatusOK
* Update api4/bot.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* s/model.UserFromBotModel/model.UserFromBot/g
* Update model/bot.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* Update model/client4.go
Co-Authored-By: lieut-data <jesse.hallam@gmail.com>
* move sessionHasPermissionToManageBot to app/authorization.go
* use api.ApiSessionRequired for createBot
* introduce BOT_DESCRIPTION_MAX_RUNES constant
* MM-13512 Prevent getting a user by email based on privacy settings (#10021)
* MM-13512 Prevent getting a user by email based on privacy settings
* Add additional config settings to tests
* upgrade db to 5.7 (#10019)
* MM-13526 Add validation when setting a user's Locale field (#10022)
* Fix typos (#10024)
* Fixing first user being created with system admin privilages without being explicity specified. (#10014)
* Revert "Support for Embeded chat (#9129)" (#10017)
This reverts commit 3fcecd521a.
* s/DisableBot/UpdateBotActive
* add permissions on upgrade
* Update NOTICE.txt (#10054)
- add new dependency (text)
- handle switch to forked dependency (go-gomail -> go-mail)
- misc copyright owner updates
* avoid leaking bot knowledge without permission
* [GH-6798] added a new api endpoint to get the bulk reactions for posts (#10049)
* 6798 added a new api to get the bulk reactions for posts
* 6798 added the permsission check before getting the reactions
* GH-6798 added a new app function for the new endpoint
* 6798 added a store method to get reactions for multiple posts
* 6798 connected the app function with the new store function
* 6798 fixed the review comments
* MM-13559 Update model.post.is_valid.file_ids.app_error text per report (#10055)
Ticket: https://mattermost.atlassian.net/browse/MM-13559
Report: https://github.com/mattermost/mattermost-server/issues/10023
* Trigger Login Hooks with OAuth (#10061)
* make BotStore.GetAll deterministic even on duplicate CreateAt
* fix spurious TestMuteCommandSpecificChannel test failure
See
https://community-daily.mattermost.com/core/pl/px9p8s3dzbg1pf3ddrm5cr36uw
* fix race in TestExportUserChannels
* TestExportUserChannels: remove SaveMember call, as it is redundant and used to be silently failing anyway
* MM-13117: bot tokens (#10111)
* eliminate redundant Client/AdminClient declarations
* harden TestUpdateChannelScheme to API failures
* eliminate unnecessary config restoration
* minor cleanup
* make TestGenerateMfaSecret config dependency explicit
* TestCreateUserAccessToken for bots
* TestGetUserAccessToken* for bots
* leverage SessionHasPermissionToUserOrBot for user token APIs
* Test(Revoke|Disable|Enable)UserAccessToken
* make EnableUserAccessTokens explicit, so as to not rely on local config.json
* uncomment TestResetPassword, but still skip
* mark assert(Invalid)Token as helper
* fix whitespace issues
* fix mangled comments
* MM-13116: bot plugin api (#10113)
* MM-13117: expose bot API to plugins
This also changes the `CreatorId` column definition to allow for plugin
ids, as the default unless the plugin overrides is to use the plugin id
here. This branch hasn't hit master yet, so no migration needed.
* gofmt issues
* expunge use of BotList in plugin/client API
* introduce model.BotGetOptions
* use botUserId term for clarity
* MM-13129 Adding functionality to deal with orphaned bots (#10238)
* Add way to list orphaned bots.
* Add /assign route to modify ownership of bot accounts.
* Apply suggestions from code review
Co-Authored-By: crspeller <crspeller@gmail.com>
* MM-13120: add IsBot field to returned user objects (#10103)
* MM-13104: forbid bot login (#10251)
* MM-13104: disallow bot login
* fix shadowing
* MM-13136 Disable user bots when user is disabled. (#10293)
* Disable user bots when user is disabled.
* Grammer.
Co-Authored-By: crspeller <crspeller@gmail.com>
* Fixing bot branch for test changes.
* Don't use external dependancies in bot plugin tests.
* Rename bot CreatorId to OwnerId
* Adding ability to re-enable bots
* Fixing IsBot to not attempt to be saved to DB.
* Adding diagnostics and licencing counting for bot accounts.
* Modifying gorp to allow reading of '-' fields.
* Removing unnessisary nil values from UserCountOptions.
* Changing comment to GoDoc format
* Improving user count SQL
* Some improvments from feedback.
* Omit empty on User.IsBot
#### Summary
Unfortunately, `which shadow` didn't resolve to the shadow binary, so hard-code the expected path in `$GOPATH/bin`. At the same time, run `go vet` across both the server and enterprise (if present), reducing the number of required invocations.
This is accompanied by an enterprise change to fix shadowing issues there.
#### Ticket Link
N/A (tooling upgrade)
#### Checklist
- [x] Has enterprise changes: https://github.com/mattermost/enterprise/pull/403
