diff options
-rw-r--r-- | api/user.go | 15 | ||||
-rw-r--r-- | api/user_test.go | 15 | ||||
-rw-r--r-- | api/web_conn.go | 11 | ||||
-rw-r--r-- | api/websocket_router.go | 2 |
4 files changed, 38 insertions, 5 deletions
diff --git a/api/user.go b/api/user.go index 2238aca8b..278199f7c 100644 --- a/api/user.go +++ b/api/user.go @@ -750,6 +750,10 @@ func RevokeSessionById(c *Context, sessionId string) { } RevokeWebrtcToken(session.Id) + + if einterfaces.GetClusterInterface() != nil { + einterfaces.GetClusterInterface().RemoveAllSessionsForUserId(session.UserId) + } } } @@ -766,7 +770,6 @@ func RevokeAllSession(c *Context, userId string) { if session.IsOAuth { RevokeAccessToken(session.Token) } else { - sessionCache.Remove(session.Token) if result := <-Srv.Store.Session().Remove(session.Id); result.Err != nil { c.Err = result.Err return @@ -776,6 +779,8 @@ func RevokeAllSession(c *Context, userId string) { RevokeWebrtcToken(session.Id) } } + + RemoveAllSessionsForUserId(userId) } // UGH... @@ -790,7 +795,6 @@ func RevokeAllSessionsNoContext(userId string) *model.AppError { if session.IsOAuth { RevokeAccessToken(session.Token) } else { - sessionCache.Remove(session.Token) if result := <-Srv.Store.Session().Remove(session.Id); result.Err != nil { return result.Err } @@ -799,6 +803,9 @@ func RevokeAllSessionsNoContext(userId string) *model.AppError { RevokeWebrtcToken(session.Id) } } + + RemoveAllSessionsForUserId(userId) + return nil } @@ -1590,6 +1597,10 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) { if ruser, err := UpdateActive(user, active); err != nil { c.Err = err } else { + if !active { + SetStatusOffline(ruser.Id, false) + } + c.LogAuditWithUserId(ruser.Id, fmt.Sprintf("active=%v", active)) w.Write([]byte(ruser.ToJson())) } diff --git a/api/user_test.go b/api/user_test.go index f91d71177..0d67030d2 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -1133,8 +1133,9 @@ func TestUserUpdateDeviceId(t *testing.T) { } func TestUserUpdateActive(t *testing.T) { - th := Setup() + th := Setup().InitSystemAdmin() Client := th.CreateClient() + SystemAdminClient := th.SystemAdminClient team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) @@ -1187,6 +1188,18 @@ func TestUserUpdateActive(t *testing.T) { if _, err := Client.UpdateActive("12345678901234567890123456", false); err == nil { t.Fatal("Should have errored, bad id") } + + SetStatusOnline(user3.Id, "", false) + + if _, err := SystemAdminClient.UpdateActive(user3.Id, false); err != nil { + t.Fatal(err) + } + + if status, err := GetStatus(user3.Id); err != nil { + t.Fatal(err) + } else if status.Status != model.STATUS_OFFLINE { + t.Fatal("status should have been set to offline") + } } func TestUserPermDelete(t *testing.T) { diff --git a/api/web_conn.go b/api/web_conn.go index c906b7c95..ae2a274d4 100644 --- a/api/web_conn.go +++ b/api/web_conn.go @@ -140,7 +140,16 @@ func (webCon *WebConn) InvalidateCache() { } func (webCon *WebConn) isAuthenticated() bool { - return webCon.SessionToken != "" + if webCon.SessionToken == "" { + return false + } + + session := GetSession(webCon.SessionToken) + if session == nil || session.IsExpired() { + return false + } + + return true } func (webCon *WebConn) SendHello() { diff --git a/api/websocket_router.go b/api/websocket_router.go index 504e434b7..989d41373 100644 --- a/api/websocket_router.go +++ b/api/websocket_router.go @@ -63,7 +63,7 @@ func (wr *WebSocketRouter) ServeWebSocket(conn *WebConn, r *model.WebSocketReque return } - if conn.SessionToken == "" { + if !conn.isAuthenticated() { err := model.NewLocAppError("ServeWebSocket", "api.web_socket_router.not_authenticated.app_error", nil, "") wr.ReturnWebSocketError(conn, r, err) return |