* ABC-179: check email verification last
This change changes the authentication checks to be:
* "preflight checks"
** mfa
** not disabled
** login attempts
* password
* "postflight checks"
** email verified
Checking whether the email is verified or not last avoids the weird edge
case where entering any bogus password for an account with an unverified
email shows a message about verifying the email and offering to resend.
* fix invalid unit test assertion
Client.CreateUser returns a user whose password has been sanitized.
Adopt the pattern in the previous assertions to use a new variable name
and test the password on the original model.User object. This didn't
expose any underlying broken behaviour, but the test wouldn't have
caught it if it had regressed.
Also fix a minor typo.
* don't use global app for api / api4 tests
* put sleep back. we're gonna have to do some goroutine wrangling
* fix oauth test config assumptions
* jobs package, i'm comin' for you next
* app test fix
* try increasing sleep a little
* add S3 region to system console and add S3 validation
* update translation message
* add bool as return value to Validate* functions
* update Validate* functions to be pure
This is necessary for certain users where
GetBucketLocation API is disabled using IAM
policies. There is a field AmazonS3Region
which we need to re-purpose and use to support
this properly.
Fixes https://github.com/mattermost/platform/issues/6999
Certain S3 compatible servers only use Legacy Signature (AWS
Signature V2), current code only supports signature v4.
This PR adds facility to click a button on the UI to enable
legacy signature with S3 compatible servers.
* PLT-6471 Properly panic when translations can't be loaded
* Print usage messages when errors occur during CLI initialization
* Reverted behaviour of FindDir and added second return value to it
* Fixed merge conflict
* Implement POST /users/search endpoint for APIv4
* PLT-2713 Added store functions for searching users that don't have a team
* PLT-2713 Added 'without_team' option when searching users
* PLT-2713 Added 'without_team' option when searching users (v4)
* Refactor and move session logic into app package
* Refactor email functions into the app package
* Refactor password update into app package
* Migrate user functions to app package
* Move team functions into app package
* Migrate channel functions into app package
* Pass SiteURL through to app functions
* Update based on feedback
* add docker container for inbucket
* Add way to get the emails using inbucket and add a test for reset password
* add config setting to send emails
* update TestEmailTest
update
* add another test and fix wrong assert
* update per review
fix lint
change senders email
* Revert config.json to default values for EmailSettings section
* update test
* add setup to make the test run
* Add app package and move logic over from api package
* Change app package functions to return errors
* Move non-api tests into app package
* Fix merge
* Create MFA setup page and remove MFA setup from account settings modal
* Add enforce MFA to system console and force redirect
* Lockdown mfa required API routes, add localization, other changes
* Minor fixes
* Fix typo
* Fix some unit tests
* Fix more unit tests
* Minor fix
* Updating UI for MFA screen (#4670)
* Updating UI for MFA screen
* Updating styles for MFA page
* Add the ability to switch between email/sso with MFA enabled
* Added mfa change email
* Minor UI updates for MFA enforcement
* Fix unit test
* Fix client unit test
* Allow switching email to ldap and back when MFA is enabled
* Fix unit test
* Revert config.json
* PLT-3762 - Add API call to get a user by their username
* fix lint
* update rote
* update per code review
* update per code review
* remove first/last name is not used in this test
* Add options to user database search
* Fix inactive users showing up incorrectly in some user searches
* Read JSON for searchUsers API into anonymous struct
* Move anonymous struct to be a normal struct in model directory and upadte client to use it
* Added clarification comment about slightly odd query condition in search
