diff options
author | Christopher Speller <crspeller@gmail.com> | 2015-08-27 12:09:35 -0400 |
---|---|---|
committer | Christopher Speller <crspeller@gmail.com> | 2015-08-27 12:09:35 -0400 |
commit | 305a74c78d25a9e8fd6a5d03a8431c160226e1f4 (patch) | |
tree | 4382c340d3e4b7c228400f01ad21fc6a76262fb2 | |
parent | d3093028cff337ede3747c6f0908eda432c3cb88 (diff) | |
parent | 9abf980b0eadc51025282464b19d179d845b6769 (diff) | |
download | chat-305a74c78d25a9e8fd6a5d03a8431c160226e1f4.tar.gz chat-305a74c78d25a9e8fd6a5d03a8431c160226e1f4.tar.bz2 chat-305a74c78d25a9e8fd6a5d03a8431c160226e1f4.zip |
Merge pull request #474 from mattermost/PL-4
Fixes PL-1 and PL-3 Restricting team creation
-rw-r--r-- | api/team.go | 42 | ||||
-rw-r--r-- | config/config.json | 8 | ||||
-rw-r--r-- | docker/dev/config_docker.json | 4 | ||||
-rw-r--r-- | docker/local/config_docker.json | 4 | ||||
-rw-r--r-- | utils/config.go | 22 |
5 files changed, 65 insertions, 15 deletions
diff --git a/api/team.go b/api/team.go index 8587a6de4..eaa0d2695 100644 --- a/api/team.go +++ b/api/team.go @@ -44,6 +44,10 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) { return } + if !isTreamCreationAllowed(c, email) { + return + } + subjectPage := NewServerTemplatePage("signup_team_subject", c.GetSiteURL()) bodyPage := NewServerTemplatePage("signup_team_body", c.GetSiteURL()) bodyPage.Props["TourUrl"] = utils.Cfg.TeamSettings.TourLink @@ -89,6 +93,11 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { c.Err = err return } + + if !isTreamCreationAllowed(c, teamSignup.Team.Email) { + return + } + teamSignup.Team.Id = "" password := teamSignup.User.Password @@ -169,6 +178,10 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) { return } + if !isTreamCreationAllowed(c, team.Email) { + return + } + if utils.Cfg.ServiceSettings.Mode != utils.MODE_DEV { c.Err = model.NewAppError("createTeam", "The mode does not allow network creation without a valid invite", "") return @@ -196,6 +209,35 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) { } } +func isTreamCreationAllowed(c *Context, email string) bool { + + email = strings.ToLower(email) + + if utils.Cfg.TeamSettings.DisableTeamCreation { + c.Err = model.NewAppError("isTreamCreationAllowed", "Team creation has been disabled. Please ask your systems administrator for details.", "") + return false + } + + // commas and @ signs are optional + // can be in the form of "@corp.mattermost.com, mattermost.com mattermost.org" -> corp.mattermost.com mattermost.com mattermost.org + domains := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(utils.Cfg.TeamSettings.RestrictCreationToDomains, "@", " ", -1), ",", " ", -1)))) + + matched := false + for _, d := range domains { + if strings.HasSuffix(email, "@"+d) { + matched = true + break + } + } + + if len(utils.Cfg.TeamSettings.RestrictCreationToDomains) > 0 && !matched { + c.Err = model.NewAppError("isTreamCreationAllowed", "Email must be from a specific domain (e.g. @example.com). Please ask your systems administrator for details.", "") + return false + } + + return true +} + func findTeamByName(c *Context, w http.ResponseWriter, r *http.Request) { m := model.MapFromJson(r.Body) diff --git a/config/config.json b/config/config.json index f1f3ba22c..6c915e290 100644 --- a/config/config.json +++ b/config/config.json @@ -73,8 +73,8 @@ "SMTPUsername": "", "SMTPPassword": "", "SMTPServer": "", - "UseTLS": false, - "UseStartTLS": false, + "UseTLS": false, + "UseStartTLS": false, "FeedbackEmail": "", "FeedbackName": "", "ApplePushServer": "", @@ -104,6 +104,8 @@ "HelpLink": "/static/help/configure_links.html", "ReportProblemLink": "/static/help/configure_links.html", "TourLink": "/static/help/configure_links.html", - "DefaultThemeColor": "#2389D7" + "DefaultThemeColor": "#2389D7", + "DisableTeamCreation": false, + "RestrictCreationToDomains": "" } } diff --git a/docker/dev/config_docker.json b/docker/dev/config_docker.json index d336300ca..0fa51cfd4 100644 --- a/docker/dev/config_docker.json +++ b/docker/dev/config_docker.json @@ -94,6 +94,8 @@ "HelpLink": "/static/help/configure_links.html", "ReportProblemLink": "/static/help/configure_links.html", "TourLink": "/static/help/configure_links.html", - "DefaultThemeColor": "#2389D7" + "DefaultThemeColor": "#2389D7", + "DisableTeamCreation": false, + "RestrictCreationToDomains": "" } } diff --git a/docker/local/config_docker.json b/docker/local/config_docker.json index d336300ca..0fa51cfd4 100644 --- a/docker/local/config_docker.json +++ b/docker/local/config_docker.json @@ -94,6 +94,8 @@ "HelpLink": "/static/help/configure_links.html", "ReportProblemLink": "/static/help/configure_links.html", "TourLink": "/static/help/configure_links.html", - "DefaultThemeColor": "#2389D7" + "DefaultThemeColor": "#2389D7", + "DisableTeamCreation": false, + "RestrictCreationToDomains": "" } } diff --git a/utils/config.go b/utils/config.go index 46daf203c..36301264c 100644 --- a/utils/config.go +++ b/utils/config.go @@ -109,16 +109,18 @@ type PrivacySettings struct { } type TeamSettings struct { - MaxUsersPerTeam int - AllowPublicLink bool - AllowValetDefault bool - TermsLink string - PrivacyLink string - AboutLink string - HelpLink string - ReportProblemLink string - TourLink string - DefaultThemeColor string + MaxUsersPerTeam int + AllowPublicLink bool + AllowValetDefault bool + TermsLink string + PrivacyLink string + AboutLink string + HelpLink string + ReportProblemLink string + TourLink string + DefaultThemeColor string + DisableTeamCreation bool + RestrictCreationToDomains string } type Config struct { |