diff options
-rw-r--r-- | app/diagnostics.go | 1 | ||||
-rw-r--r-- | app/webhook.go | 4 | ||||
-rw-r--r-- | config/default.json | 1 | ||||
-rw-r--r-- | i18n/en.json | 4 | ||||
-rw-r--r-- | model/config.go | 5 | ||||
-rw-r--r-- | model/incoming_webhook.go | 23 | ||||
-rw-r--r-- | store/sqlstore/upgrade.go | 3 | ||||
-rw-r--r-- | utils/config.go | 1 | ||||
-rw-r--r-- | web/webhook_test.go | 23 |
9 files changed, 53 insertions, 12 deletions
diff --git a/app/diagnostics.go b/app/diagnostics.go index 6855731ce..527ca9840 100644 --- a/app/diagnostics.go +++ b/app/diagnostics.go @@ -338,6 +338,7 @@ func (a *App) trackConfig() { "enable_email_batching": *cfg.EmailSettings.EnableEmailBatching, "email_batching_buffer_size": *cfg.EmailSettings.EmailBatchingBufferSize, "email_batching_interval": *cfg.EmailSettings.EmailBatchingInterval, + "enable_preview_mode_banner": *cfg.EmailSettings.EnablePreviewModeBanner, "isdefault_feedback_name": isDefault(cfg.EmailSettings.FeedbackName, ""), "isdefault_feedback_email": isDefault(cfg.EmailSettings.FeedbackEmail, ""), "isdefault_feedback_organization": isDefault(*cfg.EmailSettings.FeedbackOrganization, model.EMAIL_SETTINGS_DEFAULT_FEEDBACK_ORGANIZATION), diff --git a/app/webhook.go b/app/webhook.go index a5ab28952..c887fec97 100644 --- a/app/webhook.go +++ b/app/webhook.go @@ -633,6 +633,10 @@ func (a *App) HandleIncomingWebhook(hookId string, req *model.IncomingWebhookReq } } + if hook.ChannelLocked && hook.ChannelId != channel.Id { + return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.channel_locked.app_error", nil, "", http.StatusForbidden) + } + if a.License() != nil && *a.Config().TeamSettings.ExperimentalTownSquareIsReadOnly && channel.Name == model.DEFAULT_CHANNEL { return model.NewAppError("HandleIncomingWebhook", "api.post.create_post.town_square_read_only", nil, "", http.StatusForbidden) diff --git a/config/default.json b/config/default.json index 97b2696aa..c80ff48de 100644 --- a/config/default.json +++ b/config/default.json @@ -177,6 +177,7 @@ "EnableEmailBatching": false, "EmailBatchingBufferSize": 256, "EmailBatchingInterval": 30, + "EnablePreviewModeBanner": true, "SkipServerCertificateVerification": false, "EmailNotificationContentsType": "full", "LoginButtonColor": "", diff --git a/i18n/en.json b/i18n/en.json index 88bbcb9f1..59a600f23 100644 --- a/i18n/en.json +++ b/i18n/en.json @@ -6887,6 +6887,10 @@ "translation": "Unable to get roles" }, { + "id": "web.incoming_webhook.channel_locked.app_error", + "translation": "This webhook is not permitted to post to the requested channel" + }, + { "id": "store.sql_role.permanent_delete_all.app_error", "translation": "We could not permanently delete all the roles" }, diff --git a/model/config.go b/model/config.go index 4710658ec..7a2125061 100644 --- a/model/config.go +++ b/model/config.go @@ -739,6 +739,7 @@ type EmailSettings struct { EnableEmailBatching *bool EmailBatchingBufferSize *int EmailBatchingInterval *int + EnablePreviewModeBanner *bool SkipServerCertificateVerification *bool EmailNotificationContentsType *string LoginButtonColor *string @@ -791,6 +792,10 @@ func (s *EmailSettings) SetDefaults() { s.EmailBatchingInterval = NewInt(EMAIL_BATCHING_INTERVAL) } + if s.EnablePreviewModeBanner == nil { + s.EnablePreviewModeBanner = NewBool(true) + } + if s.EnableSMTPAuth == nil { s.EnableSMTPAuth = new(bool) if s.ConnectionSecurity == CONN_SECURITY_NONE { diff --git a/model/incoming_webhook.go b/model/incoming_webhook.go index ca9bd116d..202073b5b 100644 --- a/model/incoming_webhook.go +++ b/model/incoming_webhook.go @@ -16,17 +16,18 @@ const ( ) type IncomingWebhook struct { - Id string `json:"id"` - CreateAt int64 `json:"create_at"` - UpdateAt int64 `json:"update_at"` - DeleteAt int64 `json:"delete_at"` - UserId string `json:"user_id"` - ChannelId string `json:"channel_id"` - TeamId string `json:"team_id"` - DisplayName string `json:"display_name"` - Description string `json:"description"` - Username string `json:"username"` - IconURL string `json:"icon_url"` + Id string `json:"id"` + CreateAt int64 `json:"create_at"` + UpdateAt int64 `json:"update_at"` + DeleteAt int64 `json:"delete_at"` + UserId string `json:"user_id"` + ChannelId string `json:"channel_id"` + TeamId string `json:"team_id"` + DisplayName string `json:"display_name"` + Description string `json:"description"` + Username string `json:"username"` + IconURL string `json:"icon_url"` + ChannelLocked bool `json:"channel_locked"` } type IncomingWebhookRequest struct { diff --git a/store/sqlstore/upgrade.go b/store/sqlstore/upgrade.go index 371639312..f6eb383f5 100644 --- a/store/sqlstore/upgrade.go +++ b/store/sqlstore/upgrade.go @@ -427,7 +427,7 @@ func UpgradeDatabaseToVersion410(sqlStore SqlStore) { func UpgradeDatabaseToVersion50(sqlStore SqlStore) { // TODO: Uncomment following condition when version 5.0.0 is released //if shouldPerformUpgrade(sqlStore, VERSION_4_10_0, VERSION_5_0_0) { - + sqlStore.CreateColumnIfNotExistsNoDefault("Teams", "SchemeId", "varchar(26)", "varchar(26)") sqlStore.CreateColumnIfNotExistsNoDefault("Channels", "SchemeId", "varchar(26)", "varchar(26)") @@ -439,6 +439,7 @@ func UpgradeDatabaseToVersion50(sqlStore SqlStore) { sqlStore.CreateColumnIfNotExists("Roles", "BuiltIn", "boolean", "boolean", "0") sqlStore.GetMaster().Exec("UPDATE Roles SET BuiltIn=true") sqlStore.GetMaster().Exec("UPDATE Roles SET SchemeManaged=false WHERE Name NOT IN ('system_user', 'system_admin', 'team_user', 'team_admin', 'channel_user', 'channel_admin')") + sqlStore.CreateColumnIfNotExists("IncomingWebhooks", "ChannelLocked", "boolean", "boolean", "0") // saveSchemaVersion(sqlStore, VERSION_5_0_0) //} diff --git a/utils/config.go b/utils/config.go index c3f58cc79..dd782c0fc 100644 --- a/utils/config.go +++ b/utils/config.go @@ -501,6 +501,7 @@ func GenerateClientConfig(c *model.Config, diagnosticId string, license *model.L props["EnableSignInWithUsername"] = strconv.FormatBool(*c.EmailSettings.EnableSignInWithUsername) props["RequireEmailVerification"] = strconv.FormatBool(c.EmailSettings.RequireEmailVerification) props["EnableEmailBatching"] = strconv.FormatBool(*c.EmailSettings.EnableEmailBatching) + props["EnablePreviewModeBanner"] = strconv.FormatBool(*c.EmailSettings.EnablePreviewModeBanner) props["EmailNotificationContentsType"] = *c.EmailSettings.EmailNotificationContentsType props["EmailLoginButtonColor"] = *c.EmailSettings.LoginButtonColor diff --git a/web/webhook_test.go b/web/webhook_test.go index 48e0a2744..64ce7bf25 100644 --- a/web/webhook_test.go +++ b/web/webhook_test.go @@ -182,6 +182,29 @@ func TestIncomingWebhook(t *testing.T) { assert.True(t, resp.StatusCode == http.StatusOK) }) + t.Run("ChannelLockedWebhook", func(t *testing.T) { + channel, err := th.App.CreateChannel(&model.Channel{TeamId: th.BasicTeam.Id, Name: model.NewId(), DisplayName: model.NewId(), Type: model.CHANNEL_OPEN, CreatorId: th.BasicUser.Id}, true) + require.Nil(t, err) + + hook, err := th.App.CreateIncomingWebhookForChannel(th.BasicUser.Id, th.BasicChannel, &model.IncomingWebhook{ChannelId: th.BasicChannel.Id, ChannelLocked: true}) + require.Nil(t, err) + + url := ApiClient.Url + "/hooks/" + hook.Id + + payload := "payload={\"text\": \"test text\"}" + resp, err2 := http.Post(url, "application/x-www-form-urlencoded", strings.NewReader(payload)) + require.Nil(t, err2) + assert.True(t, resp.StatusCode == http.StatusOK) + + resp, err2 = http.Post(url, "application/json", strings.NewReader(fmt.Sprintf("{\"text\":\"this is a test\", \"channel\":\"%s\"}", th.BasicChannel.Name))) + require.Nil(t, err2) + assert.True(t, resp.StatusCode == http.StatusOK) + + resp, err2 = http.Post(url, "application/json", strings.NewReader(fmt.Sprintf("{\"text\":\"this is a test\", \"channel\":\"%s\"}", channel.Name))) + require.Nil(t, err2) + assert.True(t, resp.StatusCode == http.StatusForbidden) + }) + t.Run("DisableWebhooks", func(t *testing.T) { th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableIncomingWebhooks = false }) resp, err := http.Post(url, "application/json", strings.NewReader("{\"text\":\"this is a test\"}")) |