summaryrefslogtreecommitdiffstats
path: root/api
diff options
context:
space:
mode:
Diffstat (limited to 'api')
-rw-r--r--api/admin.go35
-rw-r--r--api/command_test.go3
-rw-r--r--api/context.go27
-rw-r--r--api/file.go2
-rw-r--r--api/post.go4
-rw-r--r--api/team.go13
-rw-r--r--api/user.go11
-rw-r--r--api/webhook.go2
8 files changed, 58 insertions, 39 deletions
diff --git a/api/admin.go b/api/admin.go
index 568d8f6e8..d9714d6d2 100644
--- a/api/admin.go
+++ b/api/admin.go
@@ -23,8 +23,10 @@ func InitAdmin(r *mux.Router) {
sr.Handle("/logs", ApiUserRequired(getLogs)).Methods("GET")
sr.Handle("/config", ApiUserRequired(getConfig)).Methods("GET")
sr.Handle("/save_config", ApiUserRequired(saveConfig)).Methods("POST")
- sr.Handle("/client_props", ApiAppHandler(getClientProperties)).Methods("GET")
sr.Handle("/test_email", ApiUserRequired(testEmail)).Methods("POST")
+ sr.Handle("/client_props", ApiAppHandler(getClientProperties)).Methods("GET")
+ sr.Handle("/log_client", ApiAppHandler(logClient)).Methods("POST")
+
}
func getLogs(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -59,6 +61,26 @@ func getClientProperties(c *Context, w http.ResponseWriter, r *http.Request) {
w.Write([]byte(model.MapToJson(utils.ClientProperties)))
}
+func logClient(c *Context, w http.ResponseWriter, r *http.Request) {
+ m := model.MapFromJson(r.Body)
+
+ lvl := m["level"]
+ msg := m["message"]
+
+ if len(msg) > 400 {
+ msg = msg[0:399]
+ }
+
+ if lvl == "ERROR" {
+ err := model.NewAppError("client", msg, "")
+ c.LogError(err)
+ }
+
+ rm := make(map[string]string)
+ rm["SUCCESS"] = "true"
+ w.Write([]byte(model.MapToJson(rm)))
+}
+
func getConfig(c *Context, w http.ResponseWriter, r *http.Request) {
if !c.HasSystemAdminPermissions("getConfig") {
return
@@ -82,18 +104,11 @@ func saveConfig(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if len(cfg.ServiceSettings.ListenAddress) == 0 {
- c.SetInvalidParam("saveConfig", "config")
- return
- }
-
- if cfg.TeamSettings.MaxUsersPerTeam == 0 {
- c.SetInvalidParam("saveConfig", "config")
+ if err := cfg.IsValid(); err != nil {
+ c.Err = err
return
}
- // TODO run some cleanup validators
-
utils.SaveConfig(utils.CfgFileName, cfg)
utils.LoadConfig(utils.CfgFileName)
json := utils.Cfg.ToJson()
diff --git a/api/command_test.go b/api/command_test.go
index d70729448..360c4da58 100644
--- a/api/command_test.go
+++ b/api/command_test.go
@@ -6,6 +6,7 @@ package api
import (
"strings"
"testing"
+ "time"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/store"
@@ -176,6 +177,8 @@ func TestEchoCommand(t *testing.T) {
t.Fatal("Echo command failed to execute")
}
+ time.Sleep(100 * time.Millisecond)
+
p1 := Client.Must(Client.GetPosts(channel1.Id, 0, 2, "")).Data.(*model.PostList)
if len(p1.Order) != 1 {
t.Fatal("Echo command failed to send")
diff --git a/api/context.go b/api/context.go
index d90fbd9ee..02c3dc902 100644
--- a/api/context.go
+++ b/api/context.go
@@ -292,14 +292,6 @@ func (c *Context) HasPermissionsToChannel(sc store.StoreChannel, where string) b
return true
}
-func (c *Context) IsSystemAdmin() bool {
- // TODO XXX FIXME && IsPrivateIpAddress(c.IpAddress)
- if model.IsInRole(c.Session.Roles, model.ROLE_SYSTEM_ADMIN) {
- return true
- }
- return false
-}
-
func (c *Context) HasSystemAdminPermissions(where string) bool {
if c.IsSystemAdmin() {
return true
@@ -310,14 +302,19 @@ func (c *Context) HasSystemAdminPermissions(where string) bool {
return false
}
-func (c *Context) IsTeamAdmin(userId string) bool {
- if uresult := <-Srv.Store.User().Get(userId); uresult.Err != nil {
- c.Err = uresult.Err
- return false
- } else {
- user := uresult.Data.(*model.User)
- return model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && user.TeamId == c.Session.TeamId
+func (c *Context) IsSystemAdmin() bool {
+ // TODO XXX FIXME && IsPrivateIpAddress(c.IpAddress)
+ if model.IsInRole(c.Session.Roles, model.ROLE_SYSTEM_ADMIN) {
+ return true
+ }
+ return false
+}
+
+func (c *Context) IsTeamAdmin() bool {
+ if model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) || c.IsSystemAdmin() {
+ return true
}
+ return false
}
func (c *Context) RemoveSessionCookie(w http.ResponseWriter) {
diff --git a/api/file.go b/api/file.go
index be8fc5456..5dc1db650 100644
--- a/api/file.go
+++ b/api/file.go
@@ -488,7 +488,7 @@ func getPublicLink(c *Context, w http.ResponseWriter, r *http.Request) {
}
func getExport(c *Context, w http.ResponseWriter, r *http.Request) {
- if !c.HasPermissionsToTeam(c.Session.TeamId, "export") || !c.IsTeamAdmin(c.Session.UserId) {
+ if !c.HasPermissionsToTeam(c.Session.TeamId, "export") || !c.IsTeamAdmin() {
c.Err = model.NewAppError("getExport", "Only a team admin can retrieve exported data.", "userId="+c.Session.UserId)
c.Err.StatusCode = http.StatusForbidden
return
diff --git a/api/post.go b/api/post.go
index 0379f6af5..2b683fb7d 100644
--- a/api/post.go
+++ b/api/post.go
@@ -633,7 +633,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) {
post := result.Data.(*model.PostList).Posts[postId]
- if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin(post.UserId) {
+ if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin() {
return
}
@@ -648,7 +648,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if post.UserId != c.Session.UserId && !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
+ if post.UserId != c.Session.UserId && !c.IsTeamAdmin() {
c.Err = model.NewAppError("deletePost", "You do not have the appropriate permissions", "")
c.Err.StatusCode = http.StatusForbidden
return
diff --git a/api/team.go b/api/team.go
index 4794b66df..8e5d634aa 100644
--- a/api/team.go
+++ b/api/team.go
@@ -75,7 +75,10 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- m["follow_link"] = bodyPage.Props["Link"]
+ if !utils.Cfg.EmailSettings.RequireEmailVerification {
+ m["follow_link"] = bodyPage.Props["Link"]
+ }
+
w.Header().Set("Access-Control-Allow-Origin", " *")
w.Write([]byte(model.MapToJson(m)))
}
@@ -506,7 +509,7 @@ func InviteMembers(c *Context, team *model.Team, user *model.User, invites []str
sender := user.GetDisplayName()
senderRole := ""
- if model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) || model.IsInRole(user.Roles, model.ROLE_SYSTEM_ADMIN) {
+ if c.IsTeamAdmin() {
senderRole = "administrator"
} else {
senderRole = "member"
@@ -566,7 +569,7 @@ func updateTeamDisplayName(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
+ if !c.IsTeamAdmin() {
c.Err = model.NewAppError("updateTeamDisplayName", "You do not have the appropriate permissions", "userId="+c.Session.UserId)
c.Err.StatusCode = http.StatusForbidden
return
@@ -600,7 +603,7 @@ func getMyTeam(c *Context, w http.ResponseWriter, r *http.Request) {
}
func importTeam(c *Context, w http.ResponseWriter, r *http.Request) {
- if !c.HasPermissionsToTeam(c.Session.TeamId, "import") || !c.IsTeamAdmin(c.Session.UserId) {
+ if !c.HasPermissionsToTeam(c.Session.TeamId, "import") || !c.IsTeamAdmin() {
c.Err = model.NewAppError("importTeam", "Only a team admin can import data.", "userId="+c.Session.UserId)
c.Err.StatusCode = http.StatusForbidden
return
@@ -667,7 +670,7 @@ func importTeam(c *Context, w http.ResponseWriter, r *http.Request) {
}
func exportTeam(c *Context, w http.ResponseWriter, r *http.Request) {
- if !c.HasPermissionsToTeam(c.Session.TeamId, "export") || !c.IsTeamAdmin(c.Session.UserId) {
+ if !c.HasPermissionsToTeam(c.Session.TeamId, "export") || !c.IsTeamAdmin() {
c.Err = model.NewAppError("exportTeam", "Only a team admin can export data.", "userId="+c.Session.UserId)
c.Err.StatusCode = http.StatusForbidden
return
diff --git a/api/user.go b/api/user.go
index 4240a795e..ed3576a30 100644
--- a/api/user.go
+++ b/api/user.go
@@ -198,7 +198,7 @@ func CreateUser(c *Context, team *model.Team, user *model.User) *model.User {
l4g.Error("Encountered an issue joining default channels user_id=%s, team_id=%s, err=%v", ruser.Id, ruser.TeamId, err)
}
- fireAndForgetWelcomeEmail(ruser.Email, team.DisplayName, c.GetTeamURLFromTeam(team))
+ fireAndForgetWelcomeEmail(ruser.Email, team.DisplayName, c.GetSiteURL(), c.GetTeamURLFromTeam(team))
if user.EmailVerified {
if cresult := <-Srv.Store.User().VerifyEmail(ruser.Id); cresult.Err != nil {
l4g.Error("Failed to set email verified err=%v", cresult.Err)
@@ -218,12 +218,13 @@ func CreateUser(c *Context, team *model.Team, user *model.User) *model.User {
}
}
-func fireAndForgetWelcomeEmail(email, teamDisplayName, teamURL string) {
+func fireAndForgetWelcomeEmail(email, teamDisplayName, siteURL, teamURL string) {
go func() {
subjectPage := NewServerTemplatePage("welcome_subject")
subjectPage.Props["TeamDisplayName"] = teamDisplayName
bodyPage := NewServerTemplatePage("welcome_body")
+ bodyPage.Props["SiteURL"] = siteURL
bodyPage.Props["TeamURL"] = teamURL
if err := utils.SendMail(email, subjectPage.Render(), bodyPage.Render()); err != nil {
@@ -972,7 +973,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() {
+ if !c.IsTeamAdmin() {
c.Err = model.NewAppError("updateRoles", "You do not have the appropriate permissions", "userId="+user_id)
c.Err.StatusCode = http.StatusForbidden
return
@@ -997,7 +998,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) {
} else {
sessions := result.Data.([]*model.Session)
for _, s := range sessions {
- sessionCache.Remove(s.Id)
+ sessionCache.Remove(s.Token)
}
}
@@ -1069,7 +1070,7 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() {
+ if !c.IsTeamAdmin() {
c.Err = model.NewAppError("updateActive", "You do not have the appropriate permissions", "userId="+user_id)
c.Err.StatusCode = http.StatusForbidden
return
diff --git a/api/webhook.go b/api/webhook.go
index b67655ff5..e694b202c 100644
--- a/api/webhook.go
+++ b/api/webhook.go
@@ -86,7 +86,7 @@ func deleteIncomingHook(c *Context, w http.ResponseWriter, r *http.Request) {
c.Err = result.Err
return
} else {
- if c.Session.UserId != result.Data.(*model.IncomingWebhook).UserId && !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
+ if c.Session.UserId != result.Data.(*model.IncomingWebhook).UserId && !c.IsTeamAdmin() {
c.LogAudit("fail - inappropriate conditions")
c.Err = model.NewAppError("deleteIncomingHook", "Inappropriate permissions to delete incoming webhook", "user_id="+c.Session.UserId)
return
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-10-05 04:24:51 +0000