* Cloud token login
This PR adds the capability of activate the cloud token login that
will be used in our Cloud installations to let the customer login
for the first time without using credentials.
* Read CSRF from cookie when is not on the header and we're login with CWS
* Create new CWS login endpoint
- New endpoint created
- We're using the cloud feature from the license instead of the
configuration flag
- Removed the CSRF changes
* Reduce amount of work if cws token is not set
* Removed unused config key
* Now we store the token to detect it was used
If the token is in the token store then we are assuming that the
token was used
* Add tests
* Add i18n strings
* MM-27722 Make sidebar category validation silently reject bad channel IDs
* Call validateSidebarCategories when possible
* Remove blank line
* Stop restarting server between subtests
* Start plugins concurrently
* Determine which plugins need to be activated/deactivated before changing their state
* Test activation/deactivation of plugins in TestSyncPluginsActiveState
* Change test comments
* remove unneeded temp var
* Add functionality to update password with password hash
This can be used to update a user's password with a direct password
hash instead of providing the password in plaintext.
* Use test helper for local mode
* [MM-27919] Allow i18n and resources to be loaded using an environment variable
* Improve error message
* Modify environment variable name to be less ambiguous
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* MM-23063: Fix flaky test TestTermsOfServiceStore
The call to testGetLatestTermsOfService would happen after testSaveTermsOfService
which would persist the data between calls. Therefore, if they were to happen under
a milisecond, there would be 2 rows with the same CreateAt timestamp and the DB
would randomly return any row.
If this were to happen, then the wrong row would not match the user id and would fail.
To fix this, we just clear the table data before proceeding with the test.
https://mattermost.atlassian.net/browse/MM-23063
* Use t.Cleanup to refactor things
* Fix cleanup of tables
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* Fix return nil
A nil error is an interface having nil value but a non-nil type.
This leads to unexpected errors in the code well-documented here:
https://golang.org/doc/faq#nil_error
We fix this by passing an additional parameter to handle it.
Caught using https://github.com/dgryski/semgrep-go
* Bring back auto-generated line
- Update reference to mmgotool in go.tools.mod
This would automatically be bumped while running i18n-extract.
- We also remove some other redundant lines for mmgotool that went in.
This has to be removed manually because go mod tidy would automatically scan the entire
codebase which is not possible with this file.
* MM-23832: Initial set of changes
* MM-23832: further iteration
* MM-23832: further iteration
* MM-23832: further iteration
* MM-23832: Fixes merge.
* create migration for new Roles
* MM-23832: Renames some roles.
* MM-23832: Adds ability to see logs.
* MM-23832: Removes manage roles from restricted admin.
* MM-23832: Make authentication section read-only for restricted admin.
* MM-23832: Allow restricted admin to purge caches.
* MM-23832: Adds ability to recycle DB connections.
* MM-23832: Adds ability to purge indexes.
* MM-23832: Adds ability to test email and S3 config.
* MM-23832: Adds abilituy to read job status.
* MM-23832: Adds ability to read plugin statuses.
* MM-23832: Renames Restricted Admin to System Manager.
* MM-23832: Adds manage team roles to system_user_manager.
* MM-23832: Updates some permissions.
* MM-23832: Allow get all channels and get moderations.
* MM-23832: Adds some permissions to User Manager.
* MM-23832: Remove write users from user manager.
* MM-23832: Changes permissions for the usermanagement > users sysconsole section.
* MM-23832: Removes read_settings and write_settings permissions. Ensures the usermanagement parent permissions encompass the sub-permissions.
* MM-23832: Updates permissions.
* MM-23832: Changes some permissions checks, adds new permissions to roles.
* MM-23832: Adds ability to update a role.
* MM-23832: Permissions updates.
* MM-23832: Removes write access to plugins for system manager.
* MM-23832: Removes read compliance from new roles.
* MM-23832: Adds mock for new roles creation migration.
* MM-23832: Changes to variadic param.
* MM-23832: Removes some duplication in the permissions model. Renames some permissions constants.
* MM-23832: Updates some migrations.
* MM-23832: Removes some unnecessary constants.
* MM-23832: Changes back to old app method name.
* MM-23832: Fixes incorrect permission check.
* MM-23832: Changes write to read permission check.
* MM-23832: Removes the authentication permission from link/unlink group.
* MM-23832: Enable testing LDAP with read permissions.
* MM-23832: Make testing elasticsearch a read permission.
* MM-23832: Warn metrics are associated to any system console read permissions.
* MM-23832: Updates some permissions checks.
* MM-23832: Removes non-systemconsole permissions from roles.
* MM-23832: Update default permission assignment of sysadmin.
* MM-23832: Fixes incorrect permission check. Removes some unused stuff.
* MM-23832: Update permission to check.
* MM-23832: Switches to struct tags.
* MM-23832: Adds some docs for the permissions tag.
* MM-23832: Removes whitespace.
* MM-23832: Combines system admin restricted access with other acess-control tag.
* MM-23832: Fixes some tests.
* MM-23832: Clarifies docs, does not assume prior permission check in '-' access value case.
* MM-23832: Updates to correct access tag value.
* MM-23832: Adds test of the config settings tag access.
* MM-23832: Undoes whitespace change.
* MM-23832: Removes comment.
* MM-23832: Adds the permissions to the new roles rather than using OR conditions on the permissions checks.
* MM-23832: Removes or condition on permission check.
* MM-23832: Updates mapping.
* MM-23832: Typo fix.
* MM-23832: Adds new 'read_jobs' permission.
* MM-23832: Add read_jobs to all roles with manage_jobs.
* MM-23832: Adds new permission read_other_users_teams.
* MM-23832: Adds read filtering of config.
* MM-23932: Change tag value.
* MM-23832: Fixes some tests. Adds test for read config access tag.
* MM-23832: Adds permissions to list teams.
* MM-23832: Removes the '-' tag value. Adds a new permission read_channel_groups. Updates a permission check.
* MM-23832: Removes unnecessary parent permission for user_management. Fixes permission check change error.
* MM-23832: Removes unused parameter to filter/merge function.
* MM-23832: Renames migration name.
* MM-23832: Fix for godoc.
* MM-23832: Fixes tests.
* MM-23832: Only makes a map once rather than every function call. Doesn't require access tag on config field structs. Reverts one test update and fixes another.
* MM-23832: Removes all of the unnecessary uses of (*App).SessionHasPermissionToAny since removing the user_management parent permission.
* MM-23832: Updates constant type.
* MM-23832: Removes unnecessary comment.
* MM-23832: Renames permissions.
* MM-23832: Fix for permission name changes.
* MM-23832: Adds missing config access tags. Adds some requirec ancillary permissions for write_usermanagement_teams.
* MM-23832: Adds local API endpoint for getting config.
* MM-23832: If tag value is blank or restrict_sys_admin_write then don't do the permission check.
* MM-23832: nil check for strings prior to dereferencing.
* MM-23832: Fix for config display logic.
* MM-23832: Updates godoc.
* MM-23832: Delays the unrestricted check for parity with other permissions checks if the channel id does not exist.
* MM-23832: Removes tautology.
* MM-23832: Re-adds status code check.
* MM-23832: Adds new permission to edit brand image.
* MM-23832: Exports variable for use by mmctl.
* MM-23832: Initialize exported map for use by mmctl.
* MM-23832: Accept deprecated permissions as valid.
* MM-23832: Adds missing permissions to archive a channel.
* MM-23832: Adds missing permissions for managing team.
* MM-23832: Properly filters config values in patch and update API responses.
* MM-23832: Fixes license viewing and writing permissions.
* MM-23832: Require license to assign 'new system roles'.
* MM-23832: Adds translation keys.
* MM-23832: Updates translation order.
* MM-27529: Splits read_channel_groups into read_public_channel_groups and read_private_channel_groups.
* MM-23832: Prevent read-only permissions from editing site url test parameter.
* MM-23832: Prevent read permissions from sniffing ports and elastic password.
* MM-23832: Adds missing permission required for write user management channels.
* MM-23832: Allows new roles to search for channels.
* MM-23832: Adds ability for system_manager to manage jobs.
* MM-23832: Cluster status access by sysconsole permission, not manage_system.
* MM-23832: Adds 'add_user_to_team' permission to sysconsole write usermanagement teams.
* MM-23832: Fixes lint.
* MM-23832: Test fix.
* MM-23832: Test fix.
Co-authored-by: Catalin Tomai <catalin.tomai@mattermost.com>
Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* Adding Upgrade to Enterprise version feature
* Addressing PR review comments, and adding some minor improvements
* Add tests file
* Addressing PR comments
* fix linter checks
* Storing and exposing the upgraded from TE info
* Fix showing errors on mac
* A more appropiate status code for not-supported upgrade
* Fixing tests
* Handling permissions errors
* More server logging around upgrade failures
* Apply text changes suggested from code review
Co-authored-by: Eric Sadur <57730300+esadur@users.noreply.github.com>
* Address PR review comments
* Only allow to restart the system after an upgrade
* Verify file signature before upgrade
* Adding limit to the downloaded file
* Simplifying the upgrade binary process with backup in memory
* Fixing backup/restore mechanism for the binary file
* Improve file permissions handling
* Askin the permissions for the right place (the parent directory)
* Fixing tests
* Addressing PR review comments
* Fix license headers
* Fixing retry layer
* Making it work on windows builds
* Adding license header
* Fixing 2 tests
* Fixing tests that need UpgradeFromTE System key mock
* Extracting i18n translation
* Apply suggestions from code review
Co-authored-by: Eric Sadur <57730300+esadur@users.noreply.github.com>
* Improving how the errors are written
* Fixing another error text
* Removing unneeded translation
* Fixing upgrade status strings
* Update i18n/en.json
Co-authored-by: Eric Sadur <57730300+esadur@users.noreply.github.com>
* Fixing tests
Co-authored-by: Eric Sadur <57730300+esadur@users.noreply.github.com>
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* MM-27916: Improve logging when session is not found
The error handling in this code is pretty bad and the same error message happens
for multiple conditions, making it difficult to diagnose the real issue.
Most of the times, we get a log like:
```
"Invalid session {"error": "GetSession: Invalid session token=jodb6sau47rnugaqj1fy7khmpr, err=<no value>, "}"
```
And it could have happened from multiple places. So this log turns out to be not that useful.
We improve this by populating the Error field to fix the "<no value>" issue and also add a separate detailed error
field for each log line to uniquely identify each error.
* fix
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* MM-27525: Obscures the Global Relay SMTP password.
* MM-27525: Desanitize global relay's SMTP password.
* MM-27525: Does not set the fake value if the field is blank.
When we are reading from or putting to the cache, there is no need to deep copy
objects now because the cache is already serialized.
We also delete some lines from tests because the mock store directly returns the pointers
whereas actually they would be returned from the database where a serialization occurs again.
So we would be testing for the wrong thing by unnecessarily keeping the deep copies for DB reads.
https://mattermost.atlassian.net/browse/MM-27883
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* Add a config for MM User Limit
* Adding graceful errors for if an administrator invites people passed their user limit
* Including changed vendor files
* Adding unit test
* Fix a bug
* Push up working tests (Thanks Joram)
* Add more cases, clean up logs in code
* One more case
* Refactoring based on PR comments
* Updating i18n
* Some changes based on PR review
* Remove a comment
* Bring back some translations that were somehow removed
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* MM-27648: Fix a hub deadlock while revoking session
This is a bug which has always been there in the codebase.
And it can only occur in the extreme of edge-cases.
Following is the call trace due to which this happens:
```
0 0x0000000001dfea68 in github.com/mattermost/mattermost-server/v5/app.(*Hub).InvalidateUser // deadlock
at ./app/web_hub.go:369
1 0x0000000001dfc0bd in github.com/mattermost/mattermost-server/v5/app.(*App).InvalidateWebConnSessionCacheForUser
at ./app/web_hub.go:109
2 0x0000000001db1be5 in github.com/mattermost/mattermost-server/v5/app.(*App).ClearSessionCacheForUserSkipClusterSend
at ./app/session.go:209
3 0x0000000001db1763 in github.com/mattermost/mattermost-server/v5/app.(*App).ClearSessionCacheForUser
at ./app/session.go:170
4 0x0000000001db2d2f in github.com/mattermost/mattermost-server/v5/app.(*App).RevokeSession
at ./app/session.go:275
5 0x0000000001db2c09 in github.com/mattermost/mattermost-server/v5/app.(*App).RevokeSessionById
at ./app/session.go:260
6 0x0000000001daf442 in github.com/mattermost/mattermost-server/v5/app.(*App).GetSession
at ./app/session.go:93
7 0x0000000001df93f4 in github.com/mattermost/mattermost-server/v5/app.(*WebConn).IsAuthenticated
at ./app/web_conn.go:271
8 0x0000000001dfa29b in github.com/mattermost/mattermost-server/v5/app.(*WebConn).shouldSendEvent
at ./app/web_conn.go:323
9 0x0000000001e2667e in github.com/mattermost/mattermost-server/v5/app.(*Hub).Start.func1.3 // starting from hub
at ./app/web_hub.go:491
10 0x0000000001e27c01 in github.com/mattermost/mattermost-server/v5/app.(*Hub).Start.func1
at ./app/web_hub.go:504
11 0x0000000001e27ee2 in github.com/mattermost/mattermost-server/v5/app.(*Hub).Start.func2
at ./app/web_hub.go:528
12 0x0000000000473811 in runtime.goexit
at /usr/local/go/src/runtime/asm_amd64.s:1373
```
The stars have to align in such a way that the session idle timeout _has_ to happen
_exactly_ when a broadcast is happening for that user. Only then, this code path gets
triggered.
Since this is an extreme rabbit hole of calls, I have not attempted any big
refactors and went with the most sensible approach which is to make the RevokeSessionById
call asynchronous.
There are 2 main reasons:
- It was already treated as an asynchronous call because it happened during an error condition
and we were not checking for the return value anyways.
- Session idle timeout is a relatively infrequent event, so creating unbounded goroutines is not a concern.
As a bonus, we also get to check the error return and log it.
https://mattermost.atlassian.net/browse/MM-27648
* Add a test case
* Fix an incorrect comment
* To allow for ease of testing telemetry changes, we should make it so that the rudder key and dataplane URL can be customized through the config or environment.
* Instead of using a real config element that would be exposed to end users, we'll just use 'secret' environment variables to inject Rudder config data.
Co-authored-by: Alex Dovenmuehle <alex.dovenmuehle@mattermost.com>
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
