mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
daec0b3201
* initial
* Revert "initial"
This reverts commit 3d631aeecd.
* [MM-32352] Add Experimental Subsections BACKEND (#16887)
Automatic Merge
* update appiface
* Fix app layers
* Ancillary Permissions on backend (#17061)
Automatic Merge
* [MM-32799] Add About Section (#17015)
* Add About Section
* add mock key
* Update role.go
* Update role.go
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* [MM-33437] Fix config access tags for experimental settings (#17111)
Automatic Merge
* [MM-32794] Reporting Sub Section (#17035)
* test
* revert
* add permissions
* add new permission stuff
* add store mock
* fix bad merge
* gofmt fix
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
* [MM-32343] Environment SubSection (#17054)
* pre-checkout commit
* fix permission for testSiteURL
* pre-merge commit
* increase size of Permissions column in Roles table
* add entry for ENVIRONMENT to testlib/store.go
* use TEXT for Permissions column in Roles table
* use environment subsection permissions for API endpoints
* use subsections permissions for /config/environment
* add suggestions from hahmadia
* update tests to use subsection permissions
* add permissions column back in
* comment out code in upgradeDatabaseToVersion534
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
* MM-32351: Add Compliance Subsections (#17023)
* add subsections for compliance sectin
* add to mock functions
* updates for read job
* fixes
* fix test
* update tests
* update tests
* another test fix
* some cleanup
* update mlog
* fix linting
* Fix bad merges
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
Co-authored-by: Hossein <hahmadia@users.noreply.github.com>
Co-authored-by: Hossein Ahmadian-Yazdi <hyazdi1997@gmail.com>
* MM-32347 Site Subsections (#17095)
* Init
* Added migration key in testlib store
* Fix syntax error
* fix bad merge
* fix lint
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
* MM-32350 Integrations (#17097)
* implement server subsections
* fix tests
* update test
* go fmt
Co-authored-by: Hossein Ahmadian-Yazdi <hyazdi1997@gmail.com>
* patch forgotten endpoints
* Adding subsection permissions for Authentication (#17087)
* adding new permissions, migrations to do
* permission migrations and ancilary permissions
* running make app-layers
* fixing tests and lint
* adding permissions to saml
* ldap write permissions
* running make app-layers
* fixing conflict
* making app layers
* clean up and fix tests
* change job type
* fix js error, if site url not returned
Co-authored-by: Benjamin Cooke <benjamincooke@Benjamins-MacBook-Pro.local>
Co-authored-by: Hossein Ahmadian-Yazdi <hyazdi1997@gmail.com>
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
* Update permissions_migrations.go
* gofmt
* upgrade to 535
* gofmt
Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
Co-authored-by: Max Erenberg <max.erenberg@mattermost.com>
Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
Co-authored-by: Anurag Shivarathri <anurag6713@gmail.com>
Co-authored-by: Ben Cooke <benkcooke@gmail.com>
Co-authored-by: Benjamin Cooke <benjamincooke@Benjamins-MacBook-Pro.local>
230 lines
6.5 KiB
Go
230 lines
6.5 KiB
Go
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
|
|
// See LICENSE.txt for license information.
|
|
|
|
package api4
|
|
|
|
import (
|
|
"net/http"
|
|
"path/filepath"
|
|
"strconv"
|
|
"time"
|
|
|
|
"github.com/mattermost/mattermost-server/v5/audit"
|
|
"github.com/mattermost/mattermost-server/v5/model"
|
|
"github.com/mattermost/mattermost-server/v5/shared/mlog"
|
|
)
|
|
|
|
func (api *API) InitJob() {
|
|
api.BaseRoutes.Jobs.Handle("", api.ApiSessionRequired(getJobs)).Methods("GET")
|
|
api.BaseRoutes.Jobs.Handle("", api.ApiSessionRequired(createJob)).Methods("POST")
|
|
api.BaseRoutes.Jobs.Handle("/{job_id:[A-Za-z0-9]+}", api.ApiSessionRequired(getJob)).Methods("GET")
|
|
api.BaseRoutes.Jobs.Handle("/{job_id:[A-Za-z0-9]+}/download", api.ApiSessionRequiredTrustRequester(downloadJob)).Methods("GET")
|
|
api.BaseRoutes.Jobs.Handle("/{job_id:[A-Za-z0-9]+}/cancel", api.ApiSessionRequired(cancelJob)).Methods("POST")
|
|
api.BaseRoutes.Jobs.Handle("/type/{job_type:[A-Za-z0-9_-]+}", api.ApiSessionRequired(getJobsByType)).Methods("GET")
|
|
}
|
|
|
|
func getJob(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
c.RequireJobId()
|
|
if c.Err != nil {
|
|
return
|
|
}
|
|
|
|
job, err := c.App.GetJob(c.Params.JobId)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
hasPermission, permissionRequired := c.App.SessionHasPermissionToReadJob(*c.App.Session(), job.Type)
|
|
if permissionRequired == nil {
|
|
c.Err = model.NewAppError("getJob", "api.job.retrieve.nopermissions", nil, "", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if !hasPermission {
|
|
c.SetPermissionError(permissionRequired)
|
|
return
|
|
}
|
|
|
|
w.Write([]byte(job.ToJson()))
|
|
}
|
|
|
|
func downloadJob(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
config := c.App.Config()
|
|
const FilePath = "export"
|
|
const FileMime = "application/zip"
|
|
|
|
c.RequireJobId()
|
|
if c.Err != nil {
|
|
return
|
|
}
|
|
|
|
if !*config.MessageExportSettings.DownloadExportResults {
|
|
c.Err = model.NewAppError("downloadExportResultsNotEnabled", "app.job.download_export_results_not_enabled", nil, "", http.StatusNotImplemented)
|
|
return
|
|
}
|
|
|
|
job, err := c.App.GetJob(c.Params.JobId)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
// Currently, this endpoint only supports downloading the compliance report.
|
|
// If you need to download another job type, you will need to alter this section of the code to accommodate it.
|
|
if job.Type == model.JOB_TYPE_MESSAGE_EXPORT && !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_DOWNLOAD_COMPLIANCE_EXPORT_RESULT) {
|
|
c.SetPermissionError(model.PERMISSION_DOWNLOAD_COMPLIANCE_EXPORT_RESULT)
|
|
return
|
|
} else if job.Type != model.JOB_TYPE_MESSAGE_EXPORT {
|
|
c.Err = model.NewAppError("unableToDownloadJob", "api.job.unable_to_download_job.incorrect_job_type", nil, "", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
isDownloadable, _ := strconv.ParseBool(job.Data["is_downloadable"])
|
|
if !isDownloadable {
|
|
c.Err = model.NewAppError("unableToDownloadJob", "api.job.unable_to_download_job", nil, "", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
fileName := job.Id + ".zip"
|
|
filePath := filepath.Join(FilePath, fileName)
|
|
fileReader, err := c.App.FileReader(filePath)
|
|
if err != nil {
|
|
c.Err = err
|
|
c.Err.StatusCode = http.StatusNotFound
|
|
return
|
|
}
|
|
defer fileReader.Close()
|
|
|
|
// We are able to pass 0 for content size due to the fact that Golang's serveContent (https://golang.org/src/net/http/fs.go)
|
|
// already sets that for us
|
|
writeFileResponse(fileName, FileMime, 0, time.Unix(0, job.LastActivityAt*int64(1000*1000)), *c.App.Config().ServiceSettings.WebserverMode, fileReader, true, w, r)
|
|
}
|
|
|
|
func createJob(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
job := model.JobFromJson(r.Body)
|
|
if job == nil {
|
|
c.SetInvalidParam("job")
|
|
return
|
|
}
|
|
|
|
auditRec := c.MakeAuditRecord("createJob", audit.Fail)
|
|
defer c.LogAuditRec(auditRec)
|
|
auditRec.AddMeta("job", job)
|
|
|
|
hasPermission, permissionRequired := c.App.SessionHasPermissionToCreateJob(*c.App.Session(), job)
|
|
if permissionRequired == nil {
|
|
c.Err = model.NewAppError("unableToCreateJob", "api.job.unable_to_create_job.incorrect_job_type", nil, "", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
if !hasPermission {
|
|
c.SetPermissionError(permissionRequired)
|
|
return
|
|
}
|
|
|
|
job, err := c.App.CreateJob(job)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
auditRec.Success()
|
|
auditRec.AddMeta("job", job) // overwrite meta
|
|
|
|
w.WriteHeader(http.StatusCreated)
|
|
w.Write([]byte(job.ToJson()))
|
|
}
|
|
|
|
func getJobs(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
if c.Err != nil {
|
|
return
|
|
}
|
|
|
|
var validJobTypes []string
|
|
for _, jobType := range model.ALL_JOB_TYPES {
|
|
hasPermission, permissionRequired := c.App.SessionHasPermissionToReadJob(*c.App.Session(), jobType)
|
|
if permissionRequired == nil {
|
|
mlog.Warn("The job types of a job you are trying to retrieve does not contain permissions", mlog.String("jobType", jobType))
|
|
continue
|
|
}
|
|
if hasPermission {
|
|
validJobTypes = append(validJobTypes, jobType)
|
|
}
|
|
}
|
|
if len(validJobTypes) == 0 {
|
|
c.SetPermissionError()
|
|
return
|
|
}
|
|
|
|
jobs, err := c.App.GetJobsByTypesPage(validJobTypes, c.Params.Page, c.Params.PerPage)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
w.Write([]byte(model.JobsToJson(jobs)))
|
|
}
|
|
|
|
func getJobsByType(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
c.RequireJobType()
|
|
if c.Err != nil {
|
|
return
|
|
}
|
|
|
|
hasPermission, permissionRequired := c.App.SessionHasPermissionToReadJob(*c.App.Session(), c.Params.JobType)
|
|
if permissionRequired == nil {
|
|
c.Err = model.NewAppError("getJobsByType", "api.job.retrieve.nopermissions", nil, "", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if !hasPermission {
|
|
c.SetPermissionError(permissionRequired)
|
|
return
|
|
}
|
|
|
|
jobs, err := c.App.GetJobsByTypePage(c.Params.JobType, c.Params.Page, c.Params.PerPage)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
w.Write([]byte(model.JobsToJson(jobs)))
|
|
}
|
|
|
|
func cancelJob(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
c.RequireJobId()
|
|
if c.Err != nil {
|
|
return
|
|
}
|
|
|
|
auditRec := c.MakeAuditRecord("cancelJob", audit.Fail)
|
|
defer c.LogAuditRec(auditRec)
|
|
auditRec.AddMeta("job_id", c.Params.JobId)
|
|
|
|
job, err := c.App.GetJob(c.Params.JobId)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
// if permission to create, permission to cancel, same permission
|
|
hasPermission, permissionRequired := c.App.SessionHasPermissionToCreateJob(*c.App.Session(), job)
|
|
if permissionRequired == nil {
|
|
c.Err = model.NewAppError("unableToCancelJob", "api.job.unable_to_create_job.incorrect_job_type", nil, "", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
if !hasPermission {
|
|
c.SetPermissionError(permissionRequired)
|
|
return
|
|
}
|
|
|
|
if err := c.App.CancelJob(c.Params.JobId); err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
auditRec.Success()
|
|
|
|
ReturnStatusOK(w)
|
|
}
|