diff options
author | Corey Hulen <corey@hulen.com> | 2016-04-21 22:37:01 -0700 |
---|---|---|
committer | Corey Hulen <corey@hulen.com> | 2016-04-21 22:37:01 -0700 |
commit | 2e5617c29be69637acd384e85f795a0b343bec8d (patch) | |
tree | 6b8bdae1e664013b97c2dda94985375abda91aa5 /api/web_conn.go | |
parent | 5c755463ed3a4c74a383fb4460b5be02d8868481 (diff) | |
download | chat-2e5617c29be69637acd384e85f795a0b343bec8d.tar.gz chat-2e5617c29be69637acd384e85f795a0b343bec8d.tar.bz2 chat-2e5617c29be69637acd384e85f795a0b343bec8d.zip |
PLT-2057 User as a first class object (#2648)
* Adding TeamMember to system
* Fixing all unit tests on the backend
* Fixing merge conflicts
* Fixing merge conflict
* Adding javascript unit tests
* Adding TeamMember to system
* Fixing all unit tests on the backend
* Fixing merge conflicts
* Fixing merge conflict
* Adding javascript unit tests
* Adding client side unit test
* Cleaning up the clint side tests
* Fixing msg
* Adding more client side unit tests
* Adding more using tests
* Adding last bit of client side unit tests and adding make cmd
* Fixing bad merge
* Fixing libraries
* Updating to new client side API
* Fixing borken unit test
* Fixing unit tests
* ugg...trying to beat gofmt
* ugg...trying to beat gofmt
* Cleaning up remainder of the server side routes
* Adding inital load api
* Increased coverage of webhook unit tests (#2660)
* Adding loading ... to root html
* Fixing bad merge
* Removing explicit content type so superagent will guess corectly (#2685)
* Fixing merge and unit tests
* Adding create team UI
* Fixing signup flows
* Adding LDAP unit tests and enterprise unit test helper (#2702)
* Add the ability to reset MFA from the commandline (#2706)
* Fixing compliance unit tests
* Fixing client side tests
* Adding open server to system console
* Moving websocket connection
* Fixing unit test
* Fixing unit tests
* Fixing unit tests
* Adding nickname and more LDAP unit tests (#2717)
* Adding join open teams
* Cleaning up all TODOs in the code
* Fixing web sockets
* Removing unused webockets file
* PLT-2533 Add the ability to reset a user's MFA from the system console (#2715)
* Add the ability to reset a user's MFA from the system console
* Add client side unit test for adminResetMfa
* Reorganizing authentication to fix LDAP error message (#2723)
* Fixing failing unit test
* Initial upgrade db code
* Adding upgrade script
* Fixing upgrade script after running on core
* Update OAuth and Claim routes to work with user model changes (#2739)
* Fixing perminant deletion. Adding ability to delete all user and the entire database (#2740)
* Fixing team invite ldap login call (#2741)
* Fixing bluebar and some img stuff
* Fix all the different file upload web utils (#2743)
* Fixing invalid session redirect (#2744)
* Redirect on bad channel name (#2746)
* Fixing a bunch of issue and removing dead code
* Patch to fix error message on leave channel (#2747)
* Setting EnableOpenServer to false by default
* Fixing config
* Fixing upgrade
* Fixing reported bugs
* Bug fixes for PLT-2057
* PLT-2563 Redo password recovery to use a database table (#2745)
* Redo password recovery to use a database table
* Update reset password audits
* Split out admin and user reset password APIs to be separate
* Delete password recovery when user is permanently deleted
* Consolidate password resetting into a single function
* Removed private channels as an option for outgoing webhooks (#2752)
* PLT-2577/PLT-2552 Fixes for backstage (#2753)
* Added URL to incoming webhook list
* Fixed client functions for adding/removing integrations
* Disallowed slash commands without trigger words
* Fixed clientside handling of errors on AddCommand page
* Minor auth cleanup (#2758)
* Changed EditPostModal to just close if you save without making any changes (#2759)
* Renamed client -> Client in async_client.jsx and fixed eslint warnings (#2756)
* Fixed url in channel info modal (#2755)
* Fixing reported issues
* Moving to version 3 of the apis
* Fixing command unit tests (#2760)
* Adding team admins
* Fixing DM issue
* Fixing eslint error
* Properly set EditPostModal's originalText state in all cases (#2762)
* Update client config check to assume features is defined if server is licensed (#2772)
* Fixing url link
* Fixing issue with websocket crashing when sending messages to different teams
Diffstat (limited to 'api/web_conn.go')
-rw-r--r-- | api/web_conn.go | 78 |
1 files changed, 59 insertions, 19 deletions
diff --git a/api/web_conn.go b/api/web_conn.go index 515a8ab31..397af0696 100644 --- a/api/web_conn.go +++ b/api/web_conn.go @@ -7,7 +7,6 @@ import ( l4g "github.com/alecthomas/log4go" "github.com/gorilla/websocket" "github.com/mattermost/platform/model" - "github.com/mattermost/platform/store" "github.com/mattermost/platform/utils" "time" ) @@ -21,14 +20,15 @@ const ( ) type WebConn struct { - WebSocket *websocket.Conn - Send chan *model.Message - TeamId string - UserId string - ChannelAccessCache map[string]bool + WebSocket *websocket.Conn + Send chan *model.Message + SessionId string + UserId string + hasPermissionsToChannel map[string]bool + hasPermissionsToTeam map[string]bool } -func NewWebConn(ws *websocket.Conn, teamId string, userId string, sessionId string) *WebConn { +func NewWebConn(ws *websocket.Conn, userId string, sessionId string) *WebConn { go func() { achan := Srv.Store.User().UpdateUserAndSessionActivity(userId, sessionId, model.GetMillis()) pchan := Srv.Store.User().UpdateLastPingAt(userId, model.GetMillis()) @@ -42,7 +42,14 @@ func NewWebConn(ws *websocket.Conn, teamId string, userId string, sessionId stri } }() - return &WebConn{Send: make(chan *model.Message, 64), WebSocket: ws, UserId: userId, TeamId: teamId, ChannelAccessCache: make(map[string]bool)} + return &WebConn{ + Send: make(chan *model.Message, 64), + WebSocket: ws, + UserId: userId, + SessionId: sessionId, + hasPermissionsToChannel: make(map[string]bool), + hasPermissionsToTeam: make(map[string]bool), + } } func (c *WebConn) readPump() { @@ -69,7 +76,6 @@ func (c *WebConn) readPump() { if err := c.WebSocket.ReadJSON(&msg); err != nil { return } else { - msg.TeamId = c.TeamId msg.UserId = c.UserId PublishAndForget(&msg) } @@ -107,19 +113,53 @@ func (c *WebConn) writePump() { } } -func (c *WebConn) updateChannelAccessCache(channelId string) bool { - allowed := hasPermissionsToChannel(Srv.Store.Channel().CheckPermissionsTo(c.TeamId, channelId, c.UserId)) - c.ChannelAccessCache[channelId] = allowed +func (c *WebConn) InvalidateCache() { + c.hasPermissionsToChannel = make(map[string]bool) + c.hasPermissionsToTeam = make(map[string]bool) +} + +func (c *WebConn) HasPermissionsToTeam(teamId string) bool { + perm, ok := c.hasPermissionsToTeam[teamId] + if !ok { + session := GetSession(c.SessionId) + if session == nil { + perm = false + c.hasPermissionsToTeam[teamId] = perm + } else { + member := session.GetTeamByTeamId(teamId) + + if member != nil { + perm = true + c.hasPermissionsToTeam[teamId] = perm + } else { + perm = true + c.hasPermissionsToTeam[teamId] = perm + } - return allowed + } + } + + return perm } -func hasPermissionsToChannel(sc store.StoreChannel) bool { - if cresult := <-sc; cresult.Err != nil { - return false - } else if cresult.Data.(int64) != 1 { - return false +func (c *WebConn) HasPermissionsToChannel(channelId string) bool { + perm, ok := c.hasPermissionsToChannel[channelId] + if !ok { + if cresult := <-Srv.Store.Channel().CheckPermissionsToNoTeam(channelId, c.UserId); cresult.Err != nil { + perm = false + c.hasPermissionsToChannel[channelId] = perm + } else { + count := cresult.Data.(int64) + + if count == 1 { + perm = true + c.hasPermissionsToChannel[channelId] = perm + } else { + perm = false + c.hasPermissionsToChannel[channelId] = perm + } + } } - return true + return perm } |