diff options
author | George Goldberg <george@gberg.me> | 2018-05-31 10:25:31 +0100 |
---|---|---|
committer | George Goldberg <george@gberg.me> | 2018-05-31 10:25:31 +0100 |
commit | 27e7841a734e9c3ed71f988a653f5865d2ef6f91 (patch) | |
tree | 1ccc65246fb166c25a9923f4e05ad7d6223892d1 /cmd/mattermost | |
parent | e39f5f46f3f6cdcb7ab8aeef8c601047f5942f85 (diff) | |
parent | 994ccf475f96bcad668269fe25b0d22e975bc222 (diff) | |
download | chat-27e7841a734e9c3ed71f988a653f5865d2ef6f91.tar.gz chat-27e7841a734e9c3ed71f988a653f5865d2ef6f91.tar.bz2 chat-27e7841a734e9c3ed71f988a653f5865d2ef6f91.zip |
Merge branch 'advanced-permissions-phase-2'
Diffstat (limited to 'cmd/mattermost')
-rw-r--r-- | cmd/mattermost/commands/init.go | 1 | ||||
-rw-r--r-- | cmd/mattermost/commands/permissions.go | 70 | ||||
-rw-r--r-- | cmd/mattermost/commands/permissions_test.go | 40 | ||||
-rw-r--r-- | cmd/mattermost/commands/roles.go | 46 | ||||
-rw-r--r-- | cmd/mattermost/commands/roles_test.go | 15 | ||||
-rw-r--r-- | cmd/mattermost/commands/server.go | 1 |
6 files changed, 168 insertions, 5 deletions
diff --git a/cmd/mattermost/commands/init.go b/cmd/mattermost/commands/init.go index aea2b1230..ea7e8ec84 100644 --- a/cmd/mattermost/commands/init.go +++ b/cmd/mattermost/commands/init.go @@ -23,6 +23,7 @@ func InitDBCommandContextCobra(command *cobra.Command) (*app.App, error) { } a.DoAdvancedPermissionsMigration() + a.DoEmojisPermissionsMigration() return a, nil } diff --git a/cmd/mattermost/commands/permissions.go b/cmd/mattermost/commands/permissions.go index 52cae0ecb..9d9962ce5 100644 --- a/cmd/mattermost/commands/permissions.go +++ b/cmd/mattermost/commands/permissions.go @@ -6,8 +6,11 @@ package commands import ( "errors" "fmt" + "os" "github.com/spf13/cobra" + + "github.com/mattermost/mattermost-server/utils" ) var PermissionsCmd = &cobra.Command{ @@ -23,11 +26,32 @@ var ResetPermissionsCmd = &cobra.Command{ RunE: resetPermissionsCmdF, } +var ExportPermissionsCmd = &cobra.Command{ + Use: "export", + Short: "Export permissions data", + Long: "Export Roles and Schemes to JSONL for use by Mattermost permissions import.", + Example: " permissions export > export.jsonl", + RunE: exportPermissionsCmdF, + PreRun: func(cmd *cobra.Command, args []string) { + os.Setenv("MM_LOGSETTINGS_CONSOLELEVEL", "error") + }, +} + +var ImportPermissionsCmd = &cobra.Command{ + Use: "import [file]", + Short: "Import permissions data", + Long: "Import Roles and Schemes JSONL data as created by the Mattermost permissions export.", + Example: " permissions import export.jsonl", + RunE: importPermissionsCmdF, +} + func init() { ResetPermissionsCmd.Flags().Bool("confirm", false, "Confirm you really want to reset the permissions system and a database backup has been performed.") PermissionsCmd.AddCommand( ResetPermissionsCmd, + ExportPermissionsCmd, + ImportPermissionsCmd, ) RootCmd.AddCommand(PermissionsCmd) } @@ -58,7 +82,51 @@ func resetPermissionsCmdF(command *cobra.Command, args []string) error { return errors.New(err.Error()) } - CommandPrettyPrintln("Permissions system successfully reset") + CommandPrettyPrintln("Permissions system successfully reset.") + CommandPrettyPrintln("Changes will take effect gradually as the server caches expire.") + CommandPrettyPrintln("For the changes to take effect immediately, go to the Mattermost System Console > General > Configuration and click \"Purge All Caches\".") + + return nil +} + +func exportPermissionsCmdF(command *cobra.Command, args []string) error { + a, err := InitDBCommandContextCobra(command) + if err != nil { + return err + } + defer a.Shutdown() + + if license := a.License(); license == nil { + return errors.New(utils.T("cli.license.critical")) + } + + if err = a.ExportPermissions(os.Stdout); err != nil { + return errors.New(err.Error()) + } + + return nil +} + +func importPermissionsCmdF(command *cobra.Command, args []string) error { + a, err := InitDBCommandContextCobra(command) + if err != nil { + return err + } + defer a.Shutdown() + + if license := a.License(); license == nil { + return errors.New(utils.T("cli.license.critical")) + } + + file, err := os.Open(args[0]) + if err != nil { + return err + } + defer file.Close() + + if err := a.ImportPermissions(file); err != nil { + return err + } return nil } diff --git a/cmd/mattermost/commands/permissions_test.go b/cmd/mattermost/commands/permissions_test.go new file mode 100644 index 000000000..eeaa17109 --- /dev/null +++ b/cmd/mattermost/commands/permissions_test.go @@ -0,0 +1,40 @@ +// Copyright (c) 2018-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package commands + +import ( + "os" + "os/exec" + "strings" + "testing" + + "github.com/mattermost/mattermost-server/api4" + "github.com/mattermost/mattermost-server/utils" +) + +func TestPermissionsExport_rejectsUnlicensed(t *testing.T) { + permissionsLicenseRequiredTest(t, "export") +} + +func TestPermissionsImport_rejectsUnlicensed(t *testing.T) { + permissionsLicenseRequiredTest(t, "import") +} + +func permissionsLicenseRequiredTest(t *testing.T, subcommand string) { + th := api4.Setup().InitBasic() + defer th.TearDown() + + path, err := os.Executable() + if err != nil { + t.Fail() + } + args := []string{"-test.run", "ExecCommand", "--", "--disableconfigwatch", "permissions", subcommand} + output, err := exec.Command(path, args...).CombinedOutput() + + actual := string(output) + expected := utils.T("cli.license.critical") + if !strings.Contains(actual, expected) { + t.Errorf("Expected '%v' but got '%v'.", expected, actual) + } +} diff --git a/cmd/mattermost/commands/roles.go b/cmd/mattermost/commands/roles.go index b8fdcdba2..f1c9d34c8 100644 --- a/cmd/mattermost/commands/roles.go +++ b/cmd/mattermost/commands/roles.go @@ -5,8 +5,11 @@ package commands import ( "errors" + "strings" "github.com/spf13/cobra" + + "github.com/mattermost/mattermost-server/model" ) var RolesCmd = &cobra.Command{ @@ -55,7 +58,27 @@ func makeSystemAdminCmdF(command *cobra.Command, args []string) error { return errors.New("Unable to find user '" + args[i] + "'") } - if _, err := a.UpdateUserRoles(user.Id, "system_admin system_user", true); err != nil { + systemAdmin := false + systemUser := false + + roles := strings.Fields(user.Roles) + for _, role := range roles { + switch role { + case model.SYSTEM_ADMIN_ROLE_ID: + systemAdmin = true + case model.SYSTEM_USER_ROLE_ID: + systemUser = true + } + } + + if !systemUser { + roles = append(roles, model.SYSTEM_USER_ROLE_ID) + } + if !systemAdmin { + roles = append(roles, model.SYSTEM_ADMIN_ROLE_ID) + } + + if _, err := a.UpdateUserRoles(user.Id, strings.Join(roles, " "), true); err != nil { return err } } @@ -80,7 +103,26 @@ func makeMemberCmdF(command *cobra.Command, args []string) error { return errors.New("Unable to find user '" + args[i] + "'") } - if _, err := a.UpdateUserRoles(user.Id, "system_user", true); err != nil { + systemUser := false + var newRoles []string + + roles := strings.Fields(user.Roles) + for _, role := range roles { + switch role { + case model.SYSTEM_ADMIN_ROLE_ID: + default: + if role == model.SYSTEM_USER_ROLE_ID { + systemUser = true + } + newRoles = append(newRoles, role) + } + } + + if !systemUser { + newRoles = append(roles, model.SYSTEM_USER_ROLE_ID) + } + + if _, err := a.UpdateUserRoles(user.Id, strings.Join(newRoles, " "), true); err != nil { return err } } diff --git a/cmd/mattermost/commands/roles_test.go b/cmd/mattermost/commands/roles_test.go index 0144bf0df..4f11ce7ed 100644 --- a/cmd/mattermost/commands/roles_test.go +++ b/cmd/mattermost/commands/roles_test.go @@ -20,8 +20,19 @@ func TestAssignRole(t *testing.T) { t.Fatal() } else { user := result.Data.(*model.User) - if user.Roles != "system_admin system_user" { - t.Fatal() + if user.Roles != "system_user system_admin" { + t.Fatal("Got wrong roles:", user.Roles) + } + } + + CheckCommand(t, "roles", "member", th.BasicUser.Email) + + if result := <-th.App.Srv.Store.User().GetByEmail(th.BasicUser.Email); result.Err != nil { + t.Fatal() + } else { + user := result.Data.(*model.User) + if user.Roles != "system_user" { + t.Fatal("Got wrong roles:", user.Roles, user.Id) } } } diff --git a/cmd/mattermost/commands/server.go b/cmd/mattermost/commands/server.go index 20ebfade6..10b44ad83 100644 --- a/cmd/mattermost/commands/server.go +++ b/cmd/mattermost/commands/server.go @@ -96,6 +96,7 @@ func runServer(configFileLocation string, disableConfigWatch bool, usedPlatform } a.DoAdvancedPermissionsMigration() + a.DoEmojisPermissionsMigration() a.InitPlugins(*a.Config().PluginSettings.Directory, *a.Config().PluginSettings.ClientDirectory, nil) a.AddConfigListener(func(prevCfg, cfg *model.Config) { |