From 5da5c0bbfb80cb5c9cf2699f42d17decc2d60f5b Mon Sep 17 00:00:00 2001 From: Joram Wilander Date: Tue, 1 Aug 2017 11:06:53 -0400 Subject: PLT-6987 User access token UI (#7007) * Add user access token UI * Fix enter press and update mattermost-redux * Updating UI for access token stuff (#7066) * Revert segment key --- .../admin_console/custom_integrations_settings.jsx | 21 +- .../admin_console/manage_roles_modal/index.js | 25 ++ .../manage_roles_modal/manage_roles_modal.jsx | 349 +++++++++++++++ .../manage_teams_modal/manage_teams_modal.jsx | 21 +- .../manage_teams_modal/remove_from_team_button.jsx | 2 +- .../admin_console/manage_tokens_modal/index.js | 27 ++ .../manage_tokens_modal/manage_tokens_modal.jsx | 181 ++++++++ .../admin_console/revoke_token_button/index.js | 24 ++ .../revoke_token_button/revoke_token_button.jsx | 56 +++ .../components/admin_console/system_users/index.js | 5 +- .../admin_console/system_users/system_users.jsx | 25 +- .../system_users/system_users_dropdown.jsx | 175 ++++---- .../system_users/system_users_list.jsx | 103 ++++- webapp/components/setting_item_max.jsx | 55 ++- .../user_settings/user_settings_security/index.js | 16 +- .../user_settings_security.jsx | 470 +++++++++++++++++++-- 16 files changed, 1372 insertions(+), 183 deletions(-) create mode 100644 webapp/components/admin_console/manage_roles_modal/index.js create mode 100644 webapp/components/admin_console/manage_roles_modal/manage_roles_modal.jsx create mode 100644 webapp/components/admin_console/manage_tokens_modal/index.js create mode 100644 webapp/components/admin_console/manage_tokens_modal/manage_tokens_modal.jsx create mode 100644 webapp/components/admin_console/revoke_token_button/index.js create mode 100644 webapp/components/admin_console/revoke_token_button/revoke_token_button.jsx (limited to 'webapp/components') diff --git a/webapp/components/admin_console/custom_integrations_settings.jsx b/webapp/components/admin_console/custom_integrations_settings.jsx index 18fdd22fd..3b5c51171 100644 --- a/webapp/components/admin_console/custom_integrations_settings.jsx +++ b/webapp/components/admin_console/custom_integrations_settings.jsx @@ -25,6 +25,7 @@ export default class WebhookSettings extends AdminSettings { config.ServiceSettings.EnablePostUsernameOverride = this.state.enablePostUsernameOverride; config.ServiceSettings.EnablePostIconOverride = this.state.enablePostIconOverride; config.ServiceSettings.EnableOAuthServiceProvider = this.state.enableOAuthServiceProvider; + config.ServiceSettings.EnableUserAccessTokens = this.state.enableUserAccessTokens; return config; } @@ -37,7 +38,8 @@ export default class WebhookSettings extends AdminSettings { enableOnlyAdminIntegrations: config.ServiceSettings.EnableOnlyAdminIntegrations, enablePostUsernameOverride: config.ServiceSettings.EnablePostUsernameOverride, enablePostIconOverride: config.ServiceSettings.EnablePostIconOverride, - enableOAuthServiceProvider: config.ServiceSettings.EnableOAuthServiceProvider + enableOAuthServiceProvider: config.ServiceSettings.EnableOAuthServiceProvider, + enableUserAccessTokens: config.ServiceSettings.EnableUserAccessTokens }; } @@ -172,6 +174,23 @@ export default class WebhookSettings extends AdminSettings { value={this.state.enablePostIconOverride} onChange={this.handleChange} /> + + } + helpText={ + + } + value={this.state.enableUserAccessTokens} + onChange={this.handleChange} + /> ); } diff --git a/webapp/components/admin_console/manage_roles_modal/index.js b/webapp/components/admin_console/manage_roles_modal/index.js new file mode 100644 index 000000000..1ca243621 --- /dev/null +++ b/webapp/components/admin_console/manage_roles_modal/index.js @@ -0,0 +1,25 @@ +// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +import {connect} from 'react-redux'; +import {bindActionCreators} from 'redux'; +import {updateUserRoles} from 'mattermost-redux/actions/users'; + +import ManageRolesModal from './manage_roles_modal.jsx'; + +function mapStateToProps(state, ownProps) { + return { + ...ownProps, + userAccessTokensEnabled: state.entities.admin.config.ServiceSettings.EnableUserAccessTokens + }; +} + +function mapDispatchToProps(dispatch) { + return { + actions: bindActionCreators({ + updateUserRoles + }, dispatch) + }; +} + +export default connect(mapStateToProps, mapDispatchToProps)(ManageRolesModal); diff --git a/webapp/components/admin_console/manage_roles_modal/manage_roles_modal.jsx b/webapp/components/admin_console/manage_roles_modal/manage_roles_modal.jsx new file mode 100644 index 000000000..2358f0241 --- /dev/null +++ b/webapp/components/admin_console/manage_roles_modal/manage_roles_modal.jsx @@ -0,0 +1,349 @@ +// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +import * as UserUtils from 'mattermost-redux/utils/user_utils'; +import {Client4} from 'mattermost-redux/client'; +import {General} from 'mattermost-redux/constants'; + +import {trackEvent} from 'actions/diagnostics_actions.jsx'; + +import React from 'react'; +import {Modal} from 'react-bootstrap'; +import PropTypes from 'prop-types'; +import {FormattedMessage, FormattedHTMLMessage} from 'react-intl'; + +function getStateFromProps(props) { + const roles = props.user && props.user.roles ? props.user.roles : ''; + + return { + error: null, + hasPostAllRole: UserUtils.hasPostAllRole(roles), + hasPostAllPublicRole: UserUtils.hasPostAllPublicRole(roles), + hasUserAccessTokenRole: UserUtils.hasUserAccessTokenRole(roles), + isSystemAdmin: UserUtils.isSystemAdmin(roles) + }; +} + +export default class ManageRolesModal extends React.PureComponent { + static propTypes = { + + /** + * Set to render the modal + */ + show: PropTypes.bool.isRequired, + + /** + * The user the roles are being managed for + */ + user: PropTypes.object, + + /** + * Set if user access tokens are enabled + */ + userAccessTokensEnabled: PropTypes.bool.isRequired, + + /** + * Function called when modal is dismissed + */ + onModalDismissed: PropTypes.func.isRequired, + + actions: PropTypes.shape({ + + /** + * Function to update a user's roles + */ + updateUserRoles: PropTypes.func.isRequired + }).isRequired + }; + + constructor(props) { + super(props); + this.state = getStateFromProps(props); + } + + componentWillReceiveProps(nextProps) { + const user = this.props.user || {}; + const nextUser = nextProps.user || {}; + if (user.id !== nextUser.id) { + this.setState(getStateFromProps(nextProps)); + } + } + + handleError = (error) => { + this.setState({ + error + }); + } + + handleSystemAdminChange = (e) => { + if (e.target.name === 'systemadmin') { + this.setState({isSystemAdmin: true}); + } else if (e.target.name === 'systemmember') { + this.setState({isSystemAdmin: false}); + } + }; + + handleUserAccessTokenChange = (e) => { + this.setState({ + hasUserAccessTokenRole: e.target.checked + }); + }; + + handlePostAllChange = (e) => { + this.setState({ + hasPostAllRole: e.target.checked + }); + }; + + handlePostAllPublicChange = (e) => { + this.setState({ + hasPostAllPublicRole: e.target.checked + }); + }; + + trackRoleChanges = (roles, oldRoles) => { + if (UserUtils.hasUserAccessTokenRole(roles) && !UserUtils.hasUserAccessTokenRole(oldRoles)) { + trackEvent('actions', 'add_roles', {role: General.SYSTEM_USER_ACCESS_TOKEN_ROLE}); + } else if (!UserUtils.hasUserAccessTokenRole(roles) && UserUtils.hasUserAccessTokenRole(oldRoles)) { + trackEvent('actions', 'remove_roles', {role: General.SYSTEM_USER_ACCESS_TOKEN_ROLE}); + } + + if (UserUtils.hasPostAllRole(roles) && !UserUtils.hasPostAllRole(oldRoles)) { + trackEvent('actions', 'add_roles', {role: General.SYSTEM_POST_ALL_ROLE}); + } else if (!UserUtils.hasPostAllRole(roles) && UserUtils.hasPostAllRole(oldRoles)) { + trackEvent('actions', 'remove_roles', {role: General.SYSTEM_POST_ALL_ROLE}); + } + + if (UserUtils.hasPostAllPublicRole(roles) && !UserUtils.hasPostAllPublicRole(oldRoles)) { + trackEvent('actions', 'add_roles', {role: General.SYSTEM_POST_ALL_PUBLIC_ROLE}); + } else if (!UserUtils.hasPostAllPublicRole(roles) && UserUtils.hasPostAllPublicRole(oldRoles)) { + trackEvent('actions', 'remove_roles', {role: General.SYSTEM_POST_ALL_PUBLIC_ROLE}); + } + } + + handleSave = async () => { + this.setState({error: null}); + + let roles = General.SYSTEM_USER_ROLE; + + if (this.state.isSystemAdmin) { + roles += ' ' + General.SYSTEM_ADMIN_ROLE; + } else if (this.state.hasUserAccessTokenRole) { + roles += ' ' + General.SYSTEM_USER_ACCESS_TOKEN_ROLE; + if (this.state.hasPostAllRole) { + roles += ' ' + General.SYSTEM_POST_ALL_ROLE; + } else if (this.state.hasPostAllPublicRole) { + roles += ' ' + General.SYSTEM_POST_ALL_PUBLIC_ROLE; + } + } + + const data = await this.props.actions.updateUserRoles(this.props.user.id, roles); + + this.trackRoleChanges(roles, this.props.user.roles); + + if (data) { + this.props.onModalDismissed(); + } else { + this.handleError( + + ); + } + } + + renderContents = () => { + const {user} = this.props; + + if (user == null) { + return
; + } + + let name = UserUtils.getFullName(user); + if (name) { + name += ` (@${user.username})`; + } else { + name = `@${user.username}`; + } + + let additionalRoles; + if (this.state.hasUserAccessTokenRole || this.state.isSystemAdmin) { + additionalRoles = ( +
+

+ +

+
+ +
+
+ +
+
+ ); + } + + let userAccessTokenContent; + if (this.props.userAccessTokensEnabled) { + userAccessTokenContent = ( +
+
+ +
+
+ {additionalRoles} +
+
+ ); + } + + return ( +
+
+ +
+
+ {name} +
+
+ {user.email} +
+
+
+
+
+
+ +
+
+ +
+
+ {userAccessTokenContent} +
+
+ ); + } + + render() { + return ( + + + + + + + + {this.renderContents()} + {this.state.error} + + + + + + + ); + } +} diff --git a/webapp/components/admin_console/manage_teams_modal/manage_teams_modal.jsx b/webapp/components/admin_console/manage_teams_modal/manage_teams_modal.jsx index a579ab03c..21f9d762d 100644 --- a/webapp/components/admin_console/manage_teams_modal/manage_teams_modal.jsx +++ b/webapp/components/admin_console/manage_teams_modal/manage_teams_modal.jsx @@ -1,11 +1,10 @@ -import PropTypes from 'prop-types'; - // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. // See License.txt for license information. import React from 'react'; import {Modal} from 'react-bootstrap'; import {FormattedMessage} from 'react-intl'; +import PropTypes from 'prop-types'; import * as TeamActions from 'actions/team_actions.jsx'; @@ -29,14 +28,6 @@ export default class ManageTeamsModal extends React.Component { constructor(props) { super(props); - this.loadTeamsAndTeamMembers = this.loadTeamsAndTeamMembers.bind(this); - - this.handleError = this.handleError.bind(this); - this.handleMemberChange = this.handleMemberChange.bind(this); - this.handleMemberRemove = this.handleMemberRemove.bind(this); - - this.renderContents = this.renderContents.bind(this); - this.state = { error: null, teams: null, @@ -66,7 +57,7 @@ export default class ManageTeamsModal extends React.Component { } } - loadTeamsAndTeamMembers(user = this.props.user) { + loadTeamsAndTeamMembers = (user = this.props.user) => { TeamActions.getTeamsForUser(user.id, (teams) => { this.setState({ teams: teams.sort(sortTeamsByDisplayName) @@ -80,13 +71,13 @@ export default class ManageTeamsModal extends React.Component { }); } - handleError(error) { + handleError = (error) => { this.setState({ error }); } - handleMemberChange() { + handleMemberChange = () => { TeamActions.getTeamMembersForUser(this.props.user.id, (teamMembers) => { this.setState({ teamMembers @@ -94,14 +85,14 @@ export default class ManageTeamsModal extends React.Component { }); } - handleMemberRemove(teamId) { + handleMemberRemove = (teamId) => { this.setState({ teams: this.state.teams.filter((team) => team.id !== teamId), teamMembers: this.state.teamMembers.filter((teamMember) => teamMember.team_id !== teamId) }); } - renderContents() { + renderContents = () => { const {user} = this.props; const {teams, teamMembers} = this.state; diff --git a/webapp/components/admin_console/manage_teams_modal/remove_from_team_button.jsx b/webapp/components/admin_console/manage_teams_modal/remove_from_team_button.jsx index 28e9fde8f..69579d46f 100644 --- a/webapp/components/admin_console/manage_teams_modal/remove_from_team_button.jsx +++ b/webapp/components/admin_console/manage_teams_modal/remove_from_team_button.jsx @@ -41,7 +41,7 @@ export default class RemoveFromTeamButton extends React.PureComponent { render() { return ( + ); + } +} diff --git a/webapp/components/admin_console/system_users/index.js b/webapp/components/admin_console/system_users/index.js index 8f1c0dc35..261a11d7e 100644 --- a/webapp/components/admin_console/system_users/index.js +++ b/webapp/components/admin_console/system_users/index.js @@ -4,7 +4,7 @@ import {connect} from 'react-redux'; import {bindActionCreators} from 'redux'; import {getTeams, getTeamStats} from 'mattermost-redux/actions/teams'; -import {getUser} from 'mattermost-redux/actions/users'; +import {getUser, getUserAccessToken} from 'mattermost-redux/actions/users'; import {getTeamsList} from 'mattermost-redux/selectors/entities/teams'; @@ -22,7 +22,8 @@ function mapDispatchToProps(dispatch) { actions: bindActionCreators({ getTeams, getTeamStats, - getUser + getUser, + getUserAccessToken }, dispatch) }; } diff --git a/webapp/components/admin_console/system_users/system_users.jsx b/webapp/components/admin_console/system_users/system_users.jsx index 5c8aa9bfd..4fbdc26d8 100644 --- a/webapp/components/admin_console/system_users/system_users.jsx +++ b/webapp/components/admin_console/system_users/system_users.jsx @@ -54,7 +54,12 @@ export default class SystemUsers extends React.Component { /* * Function to get a user */ - getUser: PropTypes.func.isRequired + getUser: PropTypes.func.isRequired, + + /* + * Function to get a user access token + */ + getUserAccessToken: PropTypes.func.isRequired }).isRequired } @@ -240,7 +245,7 @@ export default class SystemUsers extends React.Component { (users) => { if (users.length === 0 && term.length === USER_ID_LENGTH) { // This term didn't match any users name, but it does look like it might be a user's ID - this.getUserById(term); + this.getUserByTokenOrId(term); } else { this.setState({loading: false}); } @@ -269,6 +274,22 @@ export default class SystemUsers extends React.Component { ); } + getUserByTokenOrId = async (id) => { + if (global.window.mm_config.EnableUserAccessTokens === 'true') { + const {data} = await this.props.actions.getUserAccessToken(id); + + if (data) { + this.term = data.user_id; + this.setState({term: data.user_id}); + this.updateUsersFromStore(this.state.teamId, data.user_id); + this.getUserById(data.user_id); + return; + } + } + + this.getUserById(id); + } + renderFilterRow(doSearch) { const teams = this.props.teams.map((team) => { return ( diff --git a/webapp/components/admin_console/system_users/system_users_dropdown.jsx b/webapp/components/admin_console/system_users/system_users_dropdown.jsx index fe53ade44..1dbb6b325 100644 --- a/webapp/components/admin_console/system_users/system_users_dropdown.jsx +++ b/webapp/components/admin_console/system_users/system_users_dropdown.jsx @@ -8,7 +8,7 @@ import UserStore from 'stores/user_store.jsx'; import Constants from 'utils/constants.jsx'; import * as Utils from 'utils/utils.jsx'; -import {updateUserRoles, updateActive} from 'actions/user_actions.jsx'; +import {updateActive} from 'actions/user_actions.jsx'; import {adminResetMfa} from 'actions/admin_actions.jsx'; import {FormattedMessage} from 'react-intl'; @@ -19,28 +19,36 @@ import React from 'react'; export default class SystemUsersDropdown extends React.Component { static propTypes = { + + /* + * User to manage with dropdown + */ user: PropTypes.object.isRequired, + + /* + * Function to open password reset, takes user as an argument + */ doPasswordReset: PropTypes.func.isRequired, - doManageTeams: PropTypes.func.isRequired + + /* + * Function to open manage teams, takes user as an argument + */ + doManageTeams: PropTypes.func.isRequired, + + /* + * Function to open manage roles, takes user as an argument + */ + doManageRoles: PropTypes.func.isRequired, + + /* + * Function to open manage tokens, takes user as an argument + */ + doManageTokens: PropTypes.func.isRequired }; constructor(props) { super(props); - this.handleMakeMember = this.handleMakeMember.bind(this); - this.handleMakeActive = this.handleMakeActive.bind(this); - this.handleShowDeactivateMemberModal = this.handleShowDeactivateMemberModal.bind(this); - this.handleDeactivateMember = this.handleDeactivateMember.bind(this); - this.handleDeactivateCancel = this.handleDeactivateCancel.bind(this); - this.handleMakeSystemAdmin = this.handleMakeSystemAdmin.bind(this); - this.handleManageTeams = this.handleManageTeams.bind(this); - this.handleResetPassword = this.handleResetPassword.bind(this); - this.handleResetMfa = this.handleResetMfa.bind(this); - this.handleDemoteSystemAdmin = this.handleDemoteSystemAdmin.bind(this); - this.handleDemoteSubmit = this.handleDemoteSubmit.bind(this); - this.handleDemoteCancel = this.handleDemoteCancel.bind(this); - this.renderDeactivateMemberModal = this.renderDeactivateMemberModal.bind(this); - this.state = { serverError: null, showDemoteModal: false, @@ -50,61 +58,39 @@ export default class SystemUsersDropdown extends React.Component { }; } - doMakeMember() { - updateUserRoles( - this.props.user.id, - 'system_user', - null, + handleMakeActive = (e) => { + e.preventDefault(); + updateActive(this.props.user.id, true, null, (err) => { this.setState({serverError: err.message}); } ); } - handleMakeMember(e) { + handleManageTeams = (e) => { e.preventDefault(); - const me = UserStore.getCurrentUser(); - if (this.props.user.id === me.id && me.roles.includes('system_admin')) { - this.handleDemoteSystemAdmin(this.props.user, 'member'); - } else { - this.doMakeMember(); - } - } - handleMakeActive(e) { - e.preventDefault(); - updateActive(this.props.user.id, true, null, - (err) => { - this.setState({serverError: err.message}); - } - ); + this.props.doManageTeams(this.props.user); } - handleMakeSystemAdmin(e) { + handleManageRoles = (e) => { e.preventDefault(); - updateUserRoles( - this.props.user.id, - 'system_user system_admin', - null, - (err) => { - this.setState({serverError: err.message}); - } - ); + this.props.doManageRoles(this.props.user); } - handleManageTeams(e) { + handleManageTokens = (e) => { e.preventDefault(); - this.props.doManageTeams(this.props.user); + this.props.doManageTokens(this.props.user); } - handleResetPassword(e) { + handleResetPassword = (e) => { e.preventDefault(); this.props.doPasswordReset(this.props.user); } - handleResetMfa(e) { + handleResetMfa = (e) => { e.preventDefault(); adminResetMfa(this.props.user.id, @@ -115,7 +101,7 @@ export default class SystemUsersDropdown extends React.Component { ); } - handleDemoteSystemAdmin(user, role) { + handleDemoteSystemAdmin = (user, role) => { this.setState({ serverError: this.state.serverError, showDemoteModal: true, @@ -124,7 +110,7 @@ export default class SystemUsersDropdown extends React.Component { }); } - handleDemoteCancel() { + handleDemoteCancel = () => { this.setState({ serverError: null, showDemoteModal: false, @@ -133,7 +119,7 @@ export default class SystemUsersDropdown extends React.Component { }); } - handleDemoteSubmit() { + handleDemoteSubmit = () => { if (this.state.role === 'member') { this.doMakeMember(); } @@ -147,13 +133,13 @@ export default class SystemUsersDropdown extends React.Component { } } - handleShowDeactivateMemberModal(e) { + handleShowDeactivateMemberModal = (e) => { e.preventDefault(); this.setState({showDeactivateMemberModal: true}); } - handleDeactivateMember() { + handleDeactivateMember = () => { updateActive(this.props.user.id, false, null, (err) => { this.setState({serverError: err.message}); @@ -163,11 +149,11 @@ export default class SystemUsersDropdown extends React.Component { this.setState({showDeactivateMemberModal: false}); } - handleDeactivateCancel() { + handleDeactivateCancel = () => { this.setState({showDeactivateMemberModal: false}); } - renderDeactivateMemberModal() { + renderDeactivateMemberModal = () => { const title = ( ); - showMakeMember = false; - showMakeSystemAdmin = false; showMakeActive = true; showMakeNotActive = false; showManageTeams = false; @@ -267,44 +249,6 @@ export default class SystemUsersDropdown extends React.Component { disableActivationToggle = true; } - let makeSystemAdmin = null; - if (showMakeSystemAdmin) { - makeSystemAdmin = ( -
  • - - - -
    • - ); - } - - let makeMember = null; - if (showMakeMember) { - makeMember = ( -
  • - - - -
    • - ); - } - let menuClass = ''; if (disableActivationToggle) { menuClass = 'disabled'; @@ -427,6 +371,25 @@ export default class SystemUsersDropdown extends React.Component { ); } + let manageTokens; + if (global.window.mm_config.EnableUserAccessTokens === 'true') { + manageTokens = ( +
  • + + + +
    • + ); + } + let makeDemoteModal = null; if (this.props.user.id === me.id) { const title = ( @@ -498,11 +461,23 @@ export default class SystemUsersDropdown extends React.Component { className='dropdown-menu member-menu' role='menu' > - {makeMember} {makeActive} {makeNotActive} - {makeSystemAdmin} +
  • + + + +
    • {manageTeams} + {manageTokens} {mfaReset} {passwordReset} diff --git a/webapp/components/admin_console/system_users/system_users_list.jsx b/webapp/components/admin_console/system_users/system_users_list.jsx index 6d58137ff..2863f9cec 100644 --- a/webapp/components/admin_console/system_users/system_users_list.jsx +++ b/webapp/components/admin_console/system_users/system_users_list.jsx @@ -6,6 +6,8 @@ import PropTypes from 'prop-types'; import {FormattedMessage, FormattedHTMLMessage} from 'react-intl'; import ManageTeamsModal from 'components/admin_console/manage_teams_modal/manage_teams_modal.jsx'; +import ManageRolesModal from 'components/admin_console/manage_roles_modal'; +import ManageTokensModal from 'components/admin_console/manage_tokens_modal'; import ResetPasswordModal from 'components/admin_console/reset_password_modal.jsx'; import SearchableUserList from 'components/searchable_user_list/searchable_user_list.jsx'; @@ -14,6 +16,7 @@ const dispatch = store.dispatch; const getState = store.getState; import {getUser} from 'mattermost-redux/actions/users'; +import * as UserUtils from 'mattermost-redux/utils/user_utils'; import {Constants} from 'utils/constants.jsx'; import * as Utils from 'utils/utils.jsx'; @@ -37,21 +40,12 @@ export default class SystemUsersList extends React.Component { constructor(props) { super(props); - this.nextPage = this.nextPage.bind(this); - this.previousPage = this.previousPage.bind(this); - this.search = this.search.bind(this); - - this.doManageTeams = this.doManageTeams.bind(this); - this.doManageTeamsDismiss = this.doManageTeamsDismiss.bind(this); - - this.doPasswordReset = this.doPasswordReset.bind(this); - this.doPasswordResetDismiss = this.doPasswordResetDismiss.bind(this); - this.doPasswordResetSubmit = this.doPasswordResetSubmit.bind(this); - this.state = { page: 0, showManageTeamsModal: false, + showManageRolesModal: false, + showManageTokensModal: false, showPasswordModal: false, user: null }; @@ -63,17 +57,17 @@ export default class SystemUsersList extends React.Component { } } - nextPage() { + nextPage = () => { this.setState({page: this.state.page + 1}); this.props.nextPage(this.state.page + 1); } - previousPage() { + previousPage = () => { this.setState({page: this.state.page - 1}); } - search(term) { + search = (term) => { this.props.search(term); if (term !== '') { @@ -81,35 +75,63 @@ export default class SystemUsersList extends React.Component { } } - doManageTeams(user) { + doManageTeams = (user) => { this.setState({ showManageTeamsModal: true, user }); } - doManageTeamsDismiss() { + doManageRoles = (user) => { + this.setState({ + showManageRolesModal: true, + user + }); + } + + doManageTokens = (user) => { + this.setState({ + showManageTokensModal: true, + user + }); + } + + doManageTeamsDismiss = () => { this.setState({ showManageTeamsModal: false, user: null }); } - doPasswordReset(user) { + doManageRolesDismiss = () => { + this.setState({ + showManageRolesModal: false, + user: null + }); + } + + doManageTokensDismiss = () => { + this.setState({ + showManageTokensModal: false, + user: null + }); + } + + doPasswordReset = (user) => { this.setState({ showPasswordModal: true, user }); } - doPasswordResetDismiss() { + doPasswordResetDismiss = () => { this.setState({ showPasswordModal: false, user: null }); } - doPasswordResetSubmit(user) { + doPasswordResetSubmit = (user) => { getUser(user.id)(dispatch, getState); this.setState({ @@ -174,6 +196,35 @@ export default class SystemUsersList extends React.Component { } } + const userAccessTokensEnabled = global.window.mm_config.EnableUserAccessTokens === 'true'; + if (userAccessTokensEnabled) { + const hasPostAllRole = UserUtils.hasPostAllRole(user.roles); + const hasPostAllPublicRole = UserUtils.hasPostAllPublicRole(user.roles); + const hasUserAccessTokenRole = UserUtils.hasUserAccessTokenRole(user.roles); + const isSystemAdmin = UserUtils.isSystemAdmin(user.roles); + + let messageId = 'admin.user_item.userAccessTokenNo'; + if (hasUserAccessTokenRole || isSystemAdmin) { + if (isSystemAdmin) { + messageId = 'admin.user_item.userAccessTokenAdmin'; + } else if (hasPostAllRole) { + messageId = 'admin.user_item.userAccessTokenPostAll'; + } else if (hasPostAllPublicRole) { + messageId = 'admin.user_item.userAccessTokenPostAllPublic'; + } else { + messageId = 'admin.user_item.userAccessTokenYes'; + } + } + + info.push(', '); + info.push( + + ); + } + return info; } @@ -236,7 +287,9 @@ export default class SystemUsersList extends React.Component { actions={[SystemUsersDropdown]} actionProps={{ doPasswordReset: this.doPasswordReset, - doManageTeams: this.doManageTeams + doManageTeams: this.doManageTeams, + doManageRoles: this.doManageRoles, + doManageTokens: this.doManageTokens }} nextPage={this.nextPage} previousPage={this.previousPage} @@ -250,6 +303,16 @@ export default class SystemUsersList extends React.Component { show={this.state.showManageTeamsModal} onModalDismissed={this.doManageTeamsDismiss} /> + + {this.props.extraInfo}
    ); + extraInfo = (
    {this.props.extraInfo}
    ); } var submit = ''; @@ -95,15 +100,40 @@ export default class SettingItemMax extends React.Component { titleProp = this.props.title; } + let listContent = ( +
  • + {inputs} + {extraInfo} +
    • + ); + + if (this.props.infoPosition === 'top') { + listContent = ( +
  • + {extraInfo} + {inputs} +
    • + ); + } + + let cancelButtonText; + if (this.props.cancelButtonText) { + cancelButtonText = this.props.cancelButtonText; + } else { + cancelButtonText = ( + + ); + } + return (
      {title}
      • -
      • - {inputs} - {extraInfo} -
        • + {listContent}
      • {this.props.submitExtra} @@ -116,10 +146,7 @@ export default class SettingItemMax extends React.Component { href='#' onClick={this.props.updateSection} > - + {cancelButtonText}
      @@ -134,9 +161,15 @@ SettingItemMax.propTypes = { client_error: PropTypes.string, server_error: PropTypes.string, extraInfo: PropTypes.element, + infoPosition: PropTypes.string, updateSection: PropTypes.func, submit: PropTypes.func, title: PropTypes.node, width: PropTypes.string, - submitExtra: PropTypes.node + submitExtra: PropTypes.node, + cancelButtonText: PropTypes.node +}; + +SettingItemMax.defaultProps = { + infoPosition: 'bottom' }; diff --git a/webapp/components/user_settings/user_settings_security/index.js b/webapp/components/user_settings/user_settings_security/index.js index cdbabd055..a3e83d7de 100644 --- a/webapp/components/user_settings/user_settings_security/index.js +++ b/webapp/components/user_settings/user_settings_security/index.js @@ -3,20 +3,30 @@ import {connect} from 'react-redux'; import {bindActionCreators} from 'redux'; -import {getMe} from 'mattermost-redux/actions/users'; +import {getMe, getUserAccessTokensForUser, createUserAccessToken, revokeUserAccessToken, clearUserAccessTokens} from 'mattermost-redux/actions/users'; +import * as UserUtils from 'mattermost-redux/utils/user_utils'; import SecurityTab from './user_settings_security.jsx'; function mapStateToProps(state, ownProps) { + const tokensEnabled = state.entities.general.config.EnableUserAccessTokens === 'true'; + const userHasTokenRole = UserUtils.hasUserAccessTokenRole(ownProps.user.roles) || UserUtils.isSystemAdmin(ownProps.user.roles); + return { - ...ownProps + ...ownProps, + userAccessTokens: state.entities.users.myUserAccessTokens, + canUseAccessTokens: tokensEnabled && userHasTokenRole }; } function mapDispatchToProps(dispatch) { return { actions: bindActionCreators({ - getMe + getMe, + getUserAccessTokensForUser, + createUserAccessToken, + revokeUserAccessToken, + clearUserAccessTokens }, dispatch) }; } diff --git a/webapp/components/user_settings/user_settings_security/user_settings_security.jsx b/webapp/components/user_settings/user_settings_security/user_settings_security.jsx index b8ec690a4..5c9ad67e3 100644 --- a/webapp/components/user_settings/user_settings_security/user_settings_security.jsx +++ b/webapp/components/user_settings/user_settings_security/user_settings_security.jsx @@ -6,6 +6,7 @@ import SettingItemMax from 'components/setting_item_max.jsx'; import AccessHistoryModal from 'components/access_history_modal'; import ActivityLogModal from 'components/activity_log_modal'; import ToggleModalButton from 'components/toggle_modal_button.jsx'; +import ConfirmModal from 'components/confirm_modal.jsx'; import PreferenceStore from 'stores/preference_store.jsx'; @@ -13,15 +14,22 @@ import * as Utils from 'utils/utils.jsx'; import Constants from 'utils/constants.jsx'; import {updatePassword, getAuthorizedApps, deactivateMfa, deauthorizeOAuthApp} from 'actions/user_actions.jsx'; +import {trackEvent} from 'actions/diagnostics_actions.jsx'; +import {isMobile} from 'utils/user_agent.jsx'; import $ from 'jquery'; import PropTypes from 'prop-types'; import React from 'react'; -import {FormattedMessage, FormattedTime, FormattedDate} from 'react-intl'; +import * as UserUtils from 'mattermost-redux/utils/user_utils'; +import {FormattedMessage, FormattedTime, FormattedDate, FormattedHTMLMessage} from 'react-intl'; import {browserHistory, Link} from 'react-router/es6'; import icon50 from 'images/icon50x50.png'; +const TOKEN_CREATING = 'creating'; +const TOKEN_CREATED = 'created'; +const TOKEN_NOT_CREATING = 'not_creating'; + export default class SecurityTab extends React.Component { static propTypes = { user: PropTypes.object, @@ -31,26 +39,45 @@ export default class SecurityTab extends React.Component { closeModal: PropTypes.func.isRequired, collapseModal: PropTypes.func.isRequired, setEnforceFocus: PropTypes.func.isRequired, + + /* + * The user access tokens for the user + */ + userAccessTokens: PropTypes.object, + + /* + * Set if access tokens are enabled and this user can use them + */ + canUseAccessTokens: PropTypes.bool, + actions: PropTypes.shape({ - getMe: PropTypes.func.isRequired + getMe: PropTypes.func.isRequired, + + /* + * Function to get user access tokens for a user + */ + getUserAccessTokensForUser: PropTypes.func.isRequired, + + /* + * Function to create a user access token + */ + createUserAccessToken: PropTypes.func.isRequired, + + /* + * Function to revoke a user access token + */ + revokeUserAccessToken: PropTypes.func.isRequired, + + /* + * Function to clear user access tokens locally + */ + clearUserAccessTokens: PropTypes.func.isRequired }).isRequired } constructor(props) { super(props); - this.submitPassword = this.submitPassword.bind(this); - this.setupMfa = this.setupMfa.bind(this); - this.removeMfa = this.removeMfa.bind(this); - this.updateCurrentPassword = this.updateCurrentPassword.bind(this); - this.updateNewPassword = this.updateNewPassword.bind(this); - this.updateConfirmPassword = this.updateConfirmPassword.bind(this); - this.getDefaultState = this.getDefaultState.bind(this); - this.createPasswordSection = this.createPasswordSection.bind(this); - this.createSignInSection = this.createSignInSection.bind(this); - this.createOAuthAppsSection = this.createOAuthAppsSection.bind(this); - this.deauthorizeApp = this.deauthorizeApp.bind(this); - this.state = this.getDefaultState(); } @@ -61,6 +88,8 @@ export default class SecurityTab extends React.Component { confirmPassword: '', passwordError: '', serverError: '', + tokenError: '', + showConfirmModal: false, authService: this.props.user.auth_service }; } @@ -73,11 +102,18 @@ export default class SecurityTab extends React.Component { }, (err) => { this.setState({serverError: err.message}); //eslint-disable-line react/no-did-mount-set-state - }); + } + ); + } + + if (this.props.canUseAccessTokens) { + this.props.actions.clearUserAccessTokens(); + const userId = this.props.user ? this.props.user.id : ''; + this.props.actions.getUserAccessTokensForUser(userId, 0, 200); } } - submitPassword(e) { + submitPassword = (e) => { e.preventDefault(); var user = this.props.user; @@ -127,12 +163,12 @@ export default class SecurityTab extends React.Component { ); } - setupMfa(e) { + setupMfa = (e) => { e.preventDefault(); browserHistory.push('/mfa/setup'); } - removeMfa() { + removeMfa = () => { deactivateMfa( () => { if (global.window.mm_license.MFA === 'true' && @@ -157,19 +193,19 @@ export default class SecurityTab extends React.Component { ); } - updateCurrentPassword(e) { + updateCurrentPassword = (e) => { this.setState({currentPassword: e.target.value}); } - updateNewPassword(e) { + updateNewPassword = (e) => { this.setState({newPassword: e.target.value}); } - updateConfirmPassword(e) { + updateConfirmPassword = (e) => { this.setState({confirmPassword: e.target.value}); } - deauthorizeApp(e) { + deauthorizeApp = (e) => { e.preventDefault(); const appId = e.currentTarget.getAttribute('data-app'); deauthorizeOAuthApp( @@ -183,10 +219,11 @@ export default class SecurityTab extends React.Component { }, (err) => { this.setState({serverError: err.message}); - }); + } + ); } - createMfaSection() { + createMfaSection = () => { let updateSectionStatus; let submit; @@ -321,7 +358,7 @@ export default class SecurityTab extends React.Component { ); } - createPasswordSection() { + createPasswordSection = () => { let updateSectionStatus; if (this.props.activeSection === 'password') { @@ -578,7 +615,7 @@ export default class SecurityTab extends React.Component { ); } - createSignInSection() { + createSignInSection = () => { let updateSectionStatus; const user = this.props.user; @@ -793,7 +830,7 @@ export default class SecurityTab extends React.Component { ); } - createOAuthAppsSection() { + createOAuthAppsSection = () => { let updateSectionStatus; if (this.props.activeSection === 'apps') { @@ -929,6 +966,368 @@ export default class SecurityTab extends React.Component { ); } + startCreatingToken = () => { + this.setState({tokenCreationState: TOKEN_CREATING}); + } + + stopCreatingToken = () => { + this.setState({tokenCreationState: TOKEN_NOT_CREATING}); + } + + handleCreateToken = async () => { + this.handleCancelConfirm(); + + const description = this.refs.newtokendescription ? this.refs.newtokendescription.value : ''; + + if (description === '') { + this.setState({tokenError: Utils.localizeMessage('user.settings.tokens.nameRequired', 'Please enter a name.')}); + return; + } + + this.setState({tokenError: ''}); + + const userId = this.props.user ? this.props.user.id : ''; + const {data, error} = await this.props.actions.createUserAccessToken(userId, description); + + if (data) { + this.setState({tokenCreationState: TOKEN_CREATED, newToken: data}); + } else if (error) { + this.setState({serverError: error.message}); + } + } + + handleCancelConfirm = () => { + this.setState({ + showConfirmModal: false, + confirmTitle: null, + confirmMessage: null, + confirmButton: null, + confirmComplete: null + }); + } + + confirmCreateToken = () => { + if (UserUtils.isSystemAdmin(this.props.user.roles)) { + this.setState({ + showConfirmModal: true, + confirmTitle: ( + + ), + confirmMessage: ( +
      + +
      + ), + confirmButton: ( + + ), + confirmComplete: () => { + this.handleCreateToken(); + trackEvent('settings', 'system_admin_create_user_access_token'); + } + }); + + return; + } + + this.handleCreateToken(); + } + + saveTokenKeyPress = (e) => { + if (e.which === Constants.KeyCodes.ENTER) { + this.confirmCreateToken(); + } + } + + confirmRevokeToken = (tokenId) => { + const token = this.props.userAccessTokens[tokenId]; + + this.setState({ + showConfirmModal: true, + confirmTitle: ( + + ), + confirmMessage: ( +
      + +
      + ), + confirmButton: ( + + ), + confirmComplete: () => { + this.revokeToken(tokenId); + trackEvent('settings', 'revoke_user_access_token'); + } + }); + } + + revokeToken = async (tokenId) => { + const {error} = await this.props.actions.revokeUserAccessToken(tokenId); + if (error) { + this.setState({serverError: error.message}); + } + this.handleCancelConfirm(); + } + + createTokensSection = () => { + let updateSectionStatus; + + if (this.props.activeSection === 'tokens') { + const tokenList = []; + Object.values(this.props.userAccessTokens).forEach((token) => { + if (this.state.newToken && this.state.newToken.id === token.id) { + return; + } + + tokenList.push( +
      +
      + {token.description} +
      +
      + + {token.id} +
      + +
      +
      + ); + }); + + if (tokenList.length === 0) { + tokenList.push( + + ); + } + let extraInfo; + + if (isMobile()) { + extraInfo = ( + + + + ); + } else { + extraInfo = ( + + + + ); + } + + let newTokenSection; + if (this.state.tokenCreationState === TOKEN_CREATING) { + newTokenSection = ( +
      +
      + +
      + +
      +
      +
      +
      + +
      +
      + +
      + + +
      +
      + ); + } else if (this.state.tokenCreationState === TOKEN_CREATED) { + newTokenSection = ( +
      + + +
      +
      + + {this.state.newToken.description} +
      + + {this.state.newToken.id} +
      + + + {this.state.newToken.token} + +
      + ); + } else { + newTokenSection = ( + + + + ); + } + + const inputs = []; + inputs.push( +
      +
      +
      + {tokenList} +
      +
      + {newTokenSection} +
      +
      + ); + + updateSectionStatus = function resetSection(e) { + this.props.updateSection(''); + this.setState({newToken: null, tokenCreationState: TOKEN_NOT_CREATING, serverError: null, tokenError: ''}); + e.preventDefault(); + }.bind(this); + + return ( + + } + /> + ); + } + + const describe = Utils.localizeMessage('user.settings.tokens.clickToEdit', "Click 'Edit' to manage your user access tokens"); + + updateSectionStatus = function updateSection() { + this.props.updateSection('tokens'); + }.bind(this); + + return ( + + ); + } + render() { const user = this.props.user; const config = window.mm_config; @@ -959,6 +1358,11 @@ export default class SecurityTab extends React.Component { oauthSection = this.createOAuthAppsSection(); } + let tokensSection; + if (this.props.canUseAccessTokens) { + tokensSection = this.createTokensSection(); + } + return (
      @@ -1001,6 +1405,8 @@ export default class SecurityTab extends React.Component {
      {oauthSection}
      + {tokensSection} +
      {signInSection}

      @@ -1014,7 +1420,7 @@ export default class SecurityTab extends React.Component { defaultMessage='View Access History' /> - +
      + {})} //eslint-disable-line no-empty-function + onCancel={this.handleCancelConfirm} + />
      ); } -- cgit v1.2.3-1-g7c22