mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
6d30b21dd2
* Initial models, API, app, and persistence of groups and group syncing. * Consistent letter casing in ldif. * Moves group-specific migrations into func. * Adds API endpoint to retrieve LDAP groups (and associated MM groups) one tree level at a time. * Adds mattermost group id to SCIMGroup (if available). * Splits user and group creation so that memberOf works. Returns users from ldap interface. * Updates method name. * Returns users IDs instead of User. * Removes non-essential group data. * MM-11807: Add GroupFilter to LDAP config. (#9513) * MM-11807: Add GroupFilter to LDAP config. * Add diagnostic. * Adds new config option for using 'memberOf' overlay. * Adds API endpoint to link a group. * Removes debug statements. * Adds unlink group API endpoint. * Fix to LDAP API. Adds API method to client4 and app. * Adds some missing app methods. Renames API unexported func. * Fixes link/unlink API path to accept valid DNs. * Allow any character for DN portion of path. * Switches from DN to objectGUID or entryUUID as the remote identifier linking LDAP groups to MM groups. * Formatting. * Formatting. * Setting group name field to an ID for phase 1. * Adds an LDAP config field to Setting up configuration for local LDAP. * Changes to LDAP and GroupStore interfaces. * Draft of nesting groups in API response. * Removes unnecessary tree models. * Updates group membershipt create store method to also restore. * Adds new config to test config. * Accept AD format length. * Switches to SetUniqueTogether method. * Updates revert. * Tweaks to syncing queries . * Updates query for pending team and channel memberships. * Removes old GroupSyncableScanner usage. Some formatting and renaming. * Fixes bug setting syncable type in selecting paged. * Adds tests for syncables populator. * Only add users to teams and channels that are not deleted. * Renames method. * Updates test LDAP setup. * Removes memberof config stuff. * Renames. * Updates test data. * Fix for gofmt. * Adds missing license. * Adds missing teardowns. * Test fix. * Adds a cycle to the groups test data. * Changes API to return flat list. * Removes some unused interface and app methods. * Returns empty braces if results are empty. * Adds more LDAP test data. * Fix for test data error. * Adds error. * Moves test groups. * Adds OU for load test data. * Moves load test ou creation to load data. * Adds a new bool flag to SCIMGroups. * Removes SCIMGroup completely. * Removes FULL JOIN because it is not supported in MySQL. * Adds tests for sync queries; renames constant. * Bad merge fix. * Vet fix. * Returning OK on delete ldap group link * Removes foreign key constraints. * Adding total to the ldap getAllGroups api endpoint * Adds get group members page. * Removes pagination from groups syncables list API. * Adding syncable check now that foreign key constraint is removes. * Joins teams and channels to group syncables. * Adds group member count. * Adding GetAllChannels and SearchAllChannels for system admins only * Fix. * Test fix from pagination removal. * Orders groupmembers by createat. * Fixing search of all channels * Test fix after removing pagination. * JSON syntax error fix. * Changing tests (for now) pending investigation. * Adding GetAllChannels and SearchAllChannels tests for the store * Adding GetAllChannels and SearchAllChannels API tests * Omit empty JSON values of group syncables. * Fixing GetAllChannels and SearchAllChannels tests * Fixing GetAllChannels and SearchAllChannels store tests * Fixing GetAllChannels api tests * Adds 'LDAP groups' feature flag. (#9861) * Migrate new client functions to idiomatic error handling * Test fixes. * Simplification of groups api (#9860) * Simplification of groups api * Fixing RequireSyncableType * Test fix. * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Update api4/group.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Fix copy/paste error. * Fix copy/paste error. * Adds missing return, changes to correct HTTP status code. * Adds missing return, changes status codes. * Check for license. * Renames variable for new signature. * Adds client method to get a group. * Adds client method and tests for PatchGroup. * Adds more API tests. * Adds groups API tests. * Adds client method and tests for getting group syncables. * Adds tests for patching group teams and channels. * Update to translations. * Removes test. * Fix incorrect conditional. * Removes unnecessary nil check. * Removes unnecessary return. * Updates comment, removes unused variable. * Uses consistent JSON unmarshal pattern. * Uses consistent JSON unmarshal pattern. * Moves const block. * Switches 'already linked' from error to success response. * Removes commented-out code. * Switched to status ok. * Add parens for readability. * Fix copy/paste error. * Unexport some structs. * Removes repeated validity check. * Return without attempting commit if there's a rollback. * Fix incorrect HTTP status code. * Update store/sqlstore/group_supplier.go Co-Authored-By: mkraft <martinkraft@gmail.com> * Adds utility methods for going from groupsyncable to groupteam and groupchannel. * Fixing george suggestions (#9911) * Test fix. * Adds QA data to VC with visualization. * Fixes typo in graph image. * Update display name when re-linking in case it has changed in LDAP. * Adds ability to configure group display name and unique identifier. (#9923) * Adds ability to configure group display name and unique identifier. * Adds some configs to confi-ldap make command. * Fix for move of session. * Exposes method for use by SAML package. * Switches GroupSyncableType from int to string. * Update Jenkins build files. * Removes unused variable assignment. * Removes old unnecessary early return. * Removes unnecessary variable. * Moves param parsing before license and permissions checks. * Removes old code. * Compares agains underlying error rather than error id. * Switches tests to assertions. * Adds more assertions. * Adds missing return. * Adds space after comma for added legibility. * Moves a view model to the api package. * Unexports method. * Uses id validator function. * Fix docker-compose flag. * Typo fix. * Moves index creation to supplier. * Removes bad merge. * Renames parameter. * Re-adds space. * Removes unnecessary transaction. * Escapes the Groups table name with backticks because it is a reserved keyword. * Fix roles cache bug * Removing unnecesiary deserializing function * Switches table name rather than custom SQL everywhere for Postgres without backticks. * Removes redundant check for sql.ErrNoRows. * Removes redundant check for sql.ErrNoRows. * Removes data integrity check and redundant nil conditional. * Removes redundant check for sql.ErrNoRows. * Removes unnecessary query. * Removes ID length validation from persistence tier. * Makes some supplier methods idempotent. * Removes some empty switch defaults. * Renames Group Type field to Source. * Fix for mistaken field name change. * Uses IsValidId function. * Removes comment. * Changes json key name. * Removes test because no longer validating user. * Moves model state validation to app layer. * Don't create Groups.CanLeave column until phase 2. * Removes state validation until properties are used in phase 2. * Removes duplicated check. * Removes state validation until properties are used in phase 2. * Removes some tests until phase 2. * Comment-out a bunch of test related to CanLeave. * Extra unmarshal validation check. Removes more code for CanLeave. * Removes tests for CanLeave. * Explict error msg. * Rewrite queries. * Changes index name. Adds index. * Removes assertion. * Adds experimental feature flag.
227 lines
5.9 KiB
Go
227 lines
5.9 KiB
Go
// Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved.
|
|
// See License.txt for license information.
|
|
|
|
package model
|
|
|
|
import (
|
|
"encoding/json"
|
|
"io"
|
|
"net/http"
|
|
)
|
|
|
|
const (
|
|
EXPIRED_LICENSE_ERROR = "api.license.add_license.expired.app_error"
|
|
INVALID_LICENSE_ERROR = "api.license.add_license.invalid.app_error"
|
|
)
|
|
|
|
type LicenseRecord struct {
|
|
Id string `json:"id"`
|
|
CreateAt int64 `json:"create_at"`
|
|
Bytes string `json:"-"`
|
|
}
|
|
|
|
type License struct {
|
|
Id string `json:"id"`
|
|
IssuedAt int64 `json:"issued_at"`
|
|
StartsAt int64 `json:"starts_at"`
|
|
ExpiresAt int64 `json:"expires_at"`
|
|
Customer *Customer `json:"customer"`
|
|
Features *Features `json:"features"`
|
|
SkuName string `json:"sku_name"`
|
|
SkuShortName string `json:"sku_short_name"`
|
|
}
|
|
|
|
type Customer struct {
|
|
Id string `json:"id"`
|
|
Name string `json:"name"`
|
|
Email string `json:"email"`
|
|
Company string `json:"company"`
|
|
PhoneNumber string `json:"phone_number"`
|
|
}
|
|
|
|
type Features struct {
|
|
Users *int `json:"users"`
|
|
LDAP *bool `json:"ldap"`
|
|
LDAPGroups *bool `json:"ldap_groups"`
|
|
MFA *bool `json:"mfa"`
|
|
GoogleOAuth *bool `json:"google_oauth"`
|
|
Office365OAuth *bool `json:"office365_oauth"`
|
|
Compliance *bool `json:"compliance"`
|
|
Cluster *bool `json:"cluster"`
|
|
Metrics *bool `json:"metrics"`
|
|
MHPNS *bool `json:"mhpns"`
|
|
SAML *bool `json:"saml"`
|
|
Elasticsearch *bool `json:"elastic_search"`
|
|
Announcement *bool `json:"announcement"`
|
|
ThemeManagement *bool `json:"theme_management"`
|
|
EmailNotificationContents *bool `json:"email_notification_contents"`
|
|
DataRetention *bool `json:"data_retention"`
|
|
MessageExport *bool `json:"message_export"`
|
|
CustomPermissionsSchemes *bool `json:"custom_permissions_schemes"`
|
|
CustomTermsOfService *bool `json:"custom_terms_of_service"`
|
|
|
|
// after we enabled more features we'll need to control them with this
|
|
FutureFeatures *bool `json:"future_features"`
|
|
}
|
|
|
|
func (f *Features) ToMap() map[string]interface{} {
|
|
return map[string]interface{}{
|
|
"ldap": *f.LDAP,
|
|
"ldap_groups": *f.LDAPGroups,
|
|
"mfa": *f.MFA,
|
|
"google": *f.GoogleOAuth,
|
|
"office365": *f.Office365OAuth,
|
|
"compliance": *f.Compliance,
|
|
"cluster": *f.Cluster,
|
|
"metrics": *f.Metrics,
|
|
"mhpns": *f.MHPNS,
|
|
"saml": *f.SAML,
|
|
"elastic_search": *f.Elasticsearch,
|
|
"email_notification_contents": *f.EmailNotificationContents,
|
|
"data_retention": *f.DataRetention,
|
|
"message_export": *f.MessageExport,
|
|
"custom_permissions_schemes": *f.CustomPermissionsSchemes,
|
|
"future": *f.FutureFeatures,
|
|
}
|
|
}
|
|
|
|
func (f *Features) SetDefaults() {
|
|
if f.FutureFeatures == nil {
|
|
f.FutureFeatures = NewBool(true)
|
|
}
|
|
|
|
if f.Users == nil {
|
|
f.Users = NewInt(0)
|
|
}
|
|
|
|
if f.LDAP == nil {
|
|
f.LDAP = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.LDAPGroups == nil {
|
|
f.LDAPGroups = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.MFA == nil {
|
|
f.MFA = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.GoogleOAuth == nil {
|
|
f.GoogleOAuth = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.Office365OAuth == nil {
|
|
f.Office365OAuth = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.Compliance == nil {
|
|
f.Compliance = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.Cluster == nil {
|
|
f.Cluster = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.Metrics == nil {
|
|
f.Metrics = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.MHPNS == nil {
|
|
f.MHPNS = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.SAML == nil {
|
|
f.SAML = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.Elasticsearch == nil {
|
|
f.Elasticsearch = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.Announcement == nil {
|
|
f.Announcement = NewBool(true)
|
|
}
|
|
|
|
if f.ThemeManagement == nil {
|
|
f.ThemeManagement = NewBool(true)
|
|
}
|
|
|
|
if f.EmailNotificationContents == nil {
|
|
f.EmailNotificationContents = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.DataRetention == nil {
|
|
f.DataRetention = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.MessageExport == nil {
|
|
f.MessageExport = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.CustomPermissionsSchemes == nil {
|
|
f.CustomPermissionsSchemes = NewBool(*f.FutureFeatures)
|
|
}
|
|
|
|
if f.CustomTermsOfService == nil {
|
|
f.CustomTermsOfService = NewBool(*f.FutureFeatures)
|
|
}
|
|
}
|
|
|
|
func (l *License) IsExpired() bool {
|
|
return l.ExpiresAt < GetMillis()
|
|
}
|
|
|
|
func (l *License) IsStarted() bool {
|
|
return l.StartsAt < GetMillis()
|
|
}
|
|
|
|
func (l *License) ToJson() string {
|
|
b, _ := json.Marshal(l)
|
|
return string(b)
|
|
}
|
|
|
|
// NewTestLicense returns a license that expires in the future and has the given features.
|
|
func NewTestLicense(features ...string) *License {
|
|
ret := &License{
|
|
ExpiresAt: GetMillis() + 90*24*60*60*1000,
|
|
Customer: &Customer{},
|
|
Features: &Features{},
|
|
}
|
|
ret.Features.SetDefaults()
|
|
|
|
featureMap := map[string]bool{}
|
|
for _, feature := range features {
|
|
featureMap[feature] = true
|
|
}
|
|
featureJson, _ := json.Marshal(featureMap)
|
|
json.Unmarshal(featureJson, &ret.Features)
|
|
|
|
return ret
|
|
}
|
|
|
|
func LicenseFromJson(data io.Reader) *License {
|
|
var o *License
|
|
json.NewDecoder(data).Decode(&o)
|
|
return o
|
|
}
|
|
|
|
func (lr *LicenseRecord) IsValid() *AppError {
|
|
if len(lr.Id) != 26 {
|
|
return NewAppError("LicenseRecord.IsValid", "model.license_record.is_valid.id.app_error", nil, "", http.StatusBadRequest)
|
|
}
|
|
|
|
if lr.CreateAt == 0 {
|
|
return NewAppError("LicenseRecord.IsValid", "model.license_record.is_valid.create_at.app_error", nil, "", http.StatusBadRequest)
|
|
}
|
|
|
|
if len(lr.Bytes) == 0 || len(lr.Bytes) > 10000 {
|
|
return NewAppError("LicenseRecord.IsValid", "model.license_record.is_valid.create_at.app_error", nil, "", http.StatusBadRequest)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (lr *LicenseRecord) PreSave() {
|
|
lr.CreateAt = GetMillis()
|
|
}
|