PLT-7360 Adding SSE to compliance (#7165)

* Adding SSE to E20 * Fixing UI bug * Fixing loc strings
author: Corey Hulen <corey@hulen.com> 2017-08-10 18:44:28 -0700
committer: Saturnino Abril <saturnino.abril@gmail.com> 2017-08-11 09:44:28 +0800
commit: 48741434aa955d93e15e44f207294f0d90c2e0da (patch)
tree: a349f421a6c0d08555773791a8c4a050b50ebdb5
parent: 3ff4719d4658bd9fd0627459bb976675e3841e83 (diff)
download: chat-48741434aa955d93e15e44f207294f0d90c2e0da.tar.gz
chat-48741434aa955d93e15e44f207294f0d90c2e0da.tar.bz2
chat-48741434aa955d93e15e44f207294f0d90c2e0da.zip
2 files changed, 34 insertions, 21 deletions
diff --git a/app/file.go b/app/file.go
index 03d898acd..2ec6694b4 100644
--- a/app/file.go
+++ b/app/file.go
@@ -115,8 +115,11 @@ func MoveFile(oldPath, newPath string) *model.AppError {
 		secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
 		secure := *utils.Cfg.FileSettings.AmazonS3SSL
 		signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
-		encrypt := *utils.Cfg.FileSettings.AmazonS3SSE
 		region := utils.Cfg.FileSettings.AmazonS3Region
+		encrypt := false
+		if *utils.Cfg.FileSettings.AmazonS3SSE && utils.IsLicensed && *utils.License.Features.Compliance {
+			encrypt = true
+		}
 		s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
 		if err != nil {
 			return model.NewLocAppError("moveFile", "api.file.write_file.s3.app_error", nil, err.Error())
@@ -156,8 +159,12 @@ func WriteFile(f []byte, path string) *model.AppError {
 		secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
 		secure := *utils.Cfg.FileSettings.AmazonS3SSL
 		signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
-		encrypt := *utils.Cfg.FileSettings.AmazonS3SSE
 		region := utils.Cfg.FileSettings.AmazonS3Region
+		encrypt := false
+		if *utils.Cfg.FileSettings.AmazonS3SSE && utils.IsLicensed && *utils.License.Features.Compliance {
+			encrypt = true
+		}
+
 		s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
 		if err != nil {
 			return model.NewLocAppError("WriteFile", "api.file.write_file.s3.app_error", nil, err.Error())
diff --git a/webapp/components/admin_console/storage_settings.jsx b/webapp/components/admin_console/storage_settings.jsx
index 89a56c04b..b591758b1 100644
--- a/webapp/components/admin_console/storage_settings.jsx
+++ b/webapp/components/admin_console/storage_settings.jsx
@@ -68,6 +68,7 @@ export default class StorageSettings extends AdminSettings {
     }
 
     renderSettings() {
+        let amazonSSEComp;
         const mobileUploadDownloadSettings = [];
         if (window.mm_license.IsLicensed === 'true' && window.mm_license.Compliance === 'true') {
             mobileUploadDownloadSettings.push(
@@ -113,6 +114,29 @@ export default class StorageSettings extends AdminSettings {
                     disabled={!this.state.enableFileAttachments}
                 />
             );
+
+            amazonSSEComp =
+                (
+                    <BooleanSetting
+                        id='amazonS3SSE'
+                        label={
+                            <FormattedMessage
+                                id='admin.image.amazonS3SSETitle'
+                                defaultMessage='Enable Server-Side Encryption for Amazon S3:'
+                            />
+                        }
+                        placeholder={Utils.localizeMessage('admin.image.amazonS3SSEExample', 'Ex "false"')}
+                        helpText={
+                            <FormattedHTMLMessage
+                                id='admin.image.amazonS3SSEDescription'
+                                defaultMessage='When true, encrypt files in Amazon S3 using server-side encryption with Amazon S3-managed keys. See <a href="https://about.mattermost.com/default-server-side-encryption" target="_blank">documentation</a> to learn more.'
+                            />
+                        }
+                        value={this.state.amazonS3SSE}
+                        onChange={this.handleChange}
+                        disabled={this.state.driverName !== DRIVER_S3}
+                    />
+                );
         }
 
         return (
@@ -254,25 +278,7 @@ export default class StorageSettings extends AdminSettings {
                     onChange={this.handleChange}
                     disabled={this.state.driverName !== DRIVER_S3}
                 />
-                <BooleanSetting
-                    id='AmazonSSE'
-                    label={
-                        <FormattedMessage
-                            id='admin.image.AmazonSSETitle'
-                            defaultMessage='Enable Server-Side Encryption for Amazon S3:'
-                        />
-                    }
-                    placeholder={Utils.localizeMessage('admin.image.AmazonSSEExample', 'Ex "false"')}
-                    helpText={
-                        <FormattedMessage
-                            id='admin.image.AmazonSSEDescription'
-                            defaultMessage='When true, encrypt files in Amazon S3 using server-side encryption with Amazon S3-managed keys. See <a href="https://about.mattermost.com/default-server-side-encryption" target="_blank">documentation</a> to learn more.'
-                        />
-                    }
-                    value={this.state.AmazonSSE}
-                    onChange={this.handleChange}
-                    disabled={this.state.driverName !== DRIVER_S3}
-                />
+                {amazonSSEComp}
                 <BooleanSetting
                     id='enableFileAttachments'
                     label={
author	Corey Hulen <corey@hulen.com>	2017-08-10 18:44:28 -0700
committer	Saturnino Abril <saturnino.abril@gmail.com>	2017-08-11 09:44:28 +0800
commit	48741434aa955d93e15e44f207294f0d90c2e0da (patch)
tree	a349f421a6c0d08555773791a8c4a050b50ebdb5
parent	3ff4719d4658bd9fd0627459bb976675e3841e83 (diff)
download	chat-48741434aa955d93e15e44f207294f0d90c2e0da.tar.gz chat-48741434aa955d93e15e44f207294f0d90c2e0da.tar.bz2 chat-48741434aa955d93e15e44f207294f0d90c2e0da.zip