diff options
| author | Joram Wilander <jwawilander@gmail.com> | 2017-01-25 09:32:42 -0500 |
|---|---|---|
| committer | Harrison Healey <harrisonmhealey@gmail.com> | 2017-01-25 09:32:42 -0500 |
| commit | d245b29f82a03f1aff966a2fb2100a5703d82f32 (patch) | |
| tree | cf204039af74fa2579e0291e9e595f08411b0a7a /api | |
| parent | 8ed665cb76c0763e83a2949c4bdd70153baf72f7 (diff) | |
| download | chat-d245b29f82a03f1aff966a2fb2100a5703d82f32.tar.gz chat-d245b29f82a03f1aff966a2fb2100a5703d82f32.tar.bz2 chat-d245b29f82a03f1aff966a2fb2100a5703d82f32.zip | |
More app code migration (#5170)
* Migrate admin functions into app package
* More user function refactoring
* Move post functions into app package
Diffstat (limited to 'api')
| -rw-r--r-- | api/admin.go | 596 | ||||
| -rw-r--r-- | api/api.go | 8 | ||||
| -rw-r--r-- | api/post.go | 356 | ||||
| -rw-r--r-- | api/user.go | 239 | ||||
| -rw-r--r-- | api/user_test.go | 27 | ||||
| -rw-r--r-- | api/webrtc.go | 2 |
6 files changed, 170 insertions, 1058 deletions
diff --git a/api/admin.go b/api/admin.go index 4e4d21b0b..3aa1dc67d 100644 --- a/api/admin.go +++ b/api/admin.go @@ -4,32 +4,17 @@ package api import ( - "bufio" - "io" - "io/ioutil" "net/http" - "os" "strconv" - "strings" - "time" - - "runtime/debug" l4g "github.com/alecthomas/log4go" "github.com/gorilla/mux" "github.com/mattermost/platform/app" - "github.com/mattermost/platform/einterfaces" "github.com/mattermost/platform/model" - "github.com/mattermost/platform/store" "github.com/mattermost/platform/utils" "github.com/mssola/user_agent" ) -const ( - DAY_MILLISECONDS = 24 * 60 * 60 * 1000 - MONTH_MILLISECONDS = 31 * DAY_MILLISECONDS -) - func InitAdmin() { l4g.Debug(utils.T("api.admin.init.debug")) @@ -61,68 +46,28 @@ func InitAdmin() { } func getLogs(c *Context, w http.ResponseWriter, r *http.Request) { - lines, err := GetLogs() + lines, err := app.GetLogs() if err != nil { c.Err = err return } - if einterfaces.GetClusterInterface() != nil { - clines, err := einterfaces.GetClusterInterface().GetLogs() - if err != nil { - c.Err = err - return - } - - lines = append(lines, clines...) - } - w.Write([]byte(model.ArrayToJson(lines))) } -func GetLogs() ([]string, *model.AppError) { - var lines []string - - if utils.Cfg.LogSettings.EnableFile { - file, err := os.Open(utils.GetLogFileLocation(utils.Cfg.LogSettings.FileLocation)) - if err != nil { - return nil, model.NewLocAppError("getLogs", "api.admin.file_read_error", nil, err.Error()) - } - - defer file.Close() - - scanner := bufio.NewScanner(file) - for scanner.Scan() { - lines = append(lines, scanner.Text()) - } - } else { - lines = append(lines, "") - } - - return lines, nil -} - func getClusterStatus(c *Context, w http.ResponseWriter, r *http.Request) { - infos := make([]*model.ClusterInfo, 0) - if einterfaces.GetClusterInterface() != nil { - infos = einterfaces.GetClusterInterface().GetClusterInfos() - } - + infos := app.GetClusterStatus() w.Write([]byte(model.ClusterInfosToJson(infos))) } func getAllAudits(c *Context, w http.ResponseWriter, r *http.Request) { - if result := <-app.Srv.Store.Audit().Get("", 200); result.Err != nil { - c.Err = result.Err + if audits, err := app.GetAudits("", 200); err != nil { + c.Err = err + return + } else if HandleEtag(audits.Etag(), "Get All Audits", w, r) { return } else { - audits := result.Data.(model.Audits) etag := audits.Etag() - - if HandleEtag(etag, "Get All Audits", w, r) { - return - } - if len(etag) > 0 { w.Header().Set(model.HEADER_ETAG_SERVER, etag) } @@ -133,38 +78,22 @@ func getAllAudits(c *Context, w http.ResponseWriter, r *http.Request) { } func getConfig(c *Context, w http.ResponseWriter, r *http.Request) { - json := utils.Cfg.ToJson() - cfg := model.ConfigFromJson(strings.NewReader(json)) - - cfg.Sanitize() - + cfg := app.GetConfig() w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate") w.Write([]byte(cfg.ToJson())) } func reloadConfig(c *Context, w http.ResponseWriter, r *http.Request) { - debug.FreeOSMemory() - utils.LoadConfig(utils.CfgFileName) - - // start/restart email batching job if necessary - app.InitEmailBatching() - + app.ReloadConfig() w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate") ReturnStatusOK(w) } func invalidateAllCaches(c *Context, w http.ResponseWriter, r *http.Request) { - debug.FreeOSMemory() - - app.InvalidateAllCaches() - - if einterfaces.GetClusterInterface() != nil { - err := einterfaces.GetClusterInterface().InvalidateAllCaches() - if err != nil { - c.Err = err - return - } - + err := app.InvalidateAllCaches() + if err != nil { + c.Err = err + return } w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate") @@ -178,66 +107,18 @@ func saveConfig(c *Context, w http.ResponseWriter, r *http.Request) { return } - cfg.SetDefaults() - utils.Desanitize(cfg) - - if err := cfg.IsValid(); err != nil { - c.Err = err - return - } - - if err := utils.ValidateLdapFilter(cfg); err != nil { + err := app.SaveConfig(cfg) + if err != nil { c.Err = err return } - if *utils.Cfg.ClusterSettings.Enable { - c.Err = model.NewLocAppError("saveConfig", "ent.cluster.save_config.error", nil, "") - return - } - c.LogAudit("") - - //oldCfg := utils.Cfg - utils.SaveConfig(utils.CfgFileName, cfg) - utils.LoadConfig(utils.CfgFileName) - - if einterfaces.GetMetricsInterface() != nil { - if *utils.Cfg.MetricsSettings.Enable { - einterfaces.GetMetricsInterface().StartServer() - } else { - einterfaces.GetMetricsInterface().StopServer() - } - } - - // Future feature is to sync the configuration files - // if einterfaces.GetClusterInterface() != nil { - // err := einterfaces.GetClusterInterface().ConfigChanged(cfg, oldCfg, true) - // if err != nil { - // c.Err = err - // return - // } - // } - - // start/restart email batching job if necessary - app.InitEmailBatching() - - rdata := map[string]string{} - rdata["status"] = "OK" - w.Write([]byte(model.MapToJson(rdata))) + ReturnStatusOK(w) } func recycleDatabaseConnection(c *Context, w http.ResponseWriter, r *http.Request) { - oldStore := app.Srv.Store - - l4g.Warn(utils.T("api.admin.recycle_db_start.warn")) - app.Srv.Store = store.NewSqlStore() - - time.Sleep(20 * time.Second) - oldStore.Close() - - l4g.Warn(utils.T("api.admin.recycle_db_end.warn")) - + app.RecycleDatabaseConnection() w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate") ReturnStatusOK(w) } @@ -249,32 +130,10 @@ func testEmail(c *Context, w http.ResponseWriter, r *http.Request) { return } - if len(cfg.EmailSettings.SMTPServer) == 0 { - c.Err = model.NewLocAppError("testEmail", "api.admin.test_email.missing_server", nil, utils.T("api.context.invalid_param.app_error", map[string]interface{}{"Name": "SMTPServer"})) - return - } - - // if the user hasn't changed their email settings, fill in the actual SMTP password so that - // the user can verify an existing SMTP connection - if cfg.EmailSettings.SMTPPassword == model.FAKE_SETTING { - if cfg.EmailSettings.SMTPServer == utils.Cfg.EmailSettings.SMTPServer && - cfg.EmailSettings.SMTPPort == utils.Cfg.EmailSettings.SMTPPort && - cfg.EmailSettings.SMTPUsername == utils.Cfg.EmailSettings.SMTPUsername { - cfg.EmailSettings.SMTPPassword = utils.Cfg.EmailSettings.SMTPPassword - } else { - c.Err = model.NewLocAppError("testEmail", "api.admin.test_email.reenter_password", nil, "") - return - } - } - - if result := <-app.Srv.Store.User().Get(c.Session.UserId); result.Err != nil { - c.Err = result.Err + err := app.TestEmail(c.Session.UserId, cfg) + if err != nil { + c.Err = err return - } else { - if err := utils.SendMailUsingConfig(result.Data.(*model.User).Email, c.T("api.admin.test_email.subject"), c.T("api.admin.test_email.body"), cfg); err != nil { - c.Err = err - return - } } m := make(map[string]string) @@ -283,26 +142,15 @@ func testEmail(c *Context, w http.ResponseWriter, r *http.Request) { } func getComplianceReports(c *Context, w http.ResponseWriter, r *http.Request) { - if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance { - c.Err = model.NewLocAppError("getComplianceReports", "ent.compliance.licence_disable.app_error", nil, "") - return - } - - if result := <-app.Srv.Store.Compliance().GetAll(); result.Err != nil { - c.Err = result.Err + crs, err := app.GetComplianceReports() + if err != nil { + c.Err = err return - } else { - crs := result.Data.(model.Compliances) - w.Write([]byte(crs.ToJson())) } + w.Write([]byte(crs.ToJson())) } func saveComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) { - if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance || einterfaces.GetComplianceInterface() == nil { - c.Err = model.NewLocAppError("saveComplianceReport", "ent.compliance.licence_disable.app_error", nil, "") - return - } - job := model.ComplianceFromJson(r.Body) if job == nil { c.SetInvalidParam("saveComplianceReport", "compliance") @@ -310,25 +158,18 @@ func saveComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) { } job.UserId = c.Session.UserId - job.Type = model.COMPLIANCE_TYPE_ADHOC - if result := <-app.Srv.Store.Compliance().Save(job); result.Err != nil { - c.Err = result.Err + rjob, err := app.SaveComplianceReport(job) + if err != nil { + c.Err = err return - } else { - job = result.Data.(*model.Compliance) - go einterfaces.GetComplianceInterface().RunComplianceJob(job) } - w.Write([]byte(job.ToJson())) + c.LogAudit("") + w.Write([]byte(rjob.ToJson())) } func downloadComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) { - if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance || einterfaces.GetComplianceInterface() == nil { - c.Err = model.NewLocAppError("downloadComplianceReport", "ent.compliance.licence_disable.app_error", nil, "") - return - } - params := mux.Vars(r) id := params["id"] @@ -337,35 +178,36 @@ func downloadComplianceReport(c *Context, w http.ResponseWriter, r *http.Request return } - if result := <-app.Srv.Store.Compliance().Get(id); result.Err != nil { - c.Err = result.Err + job, err := app.GetComplianceReport(id) + if err != nil { + c.Err = err return - } else { - job := result.Data.(*model.Compliance) - c.LogAudit("downloaded " + job.Desc) + } - if f, err := ioutil.ReadFile(*utils.Cfg.ComplianceSettings.Directory + "compliance/" + job.JobName() + ".zip"); err != nil { - c.Err = model.NewLocAppError("readFile", "api.file.read_file.reading_local.app_error", nil, err.Error()) - return - } else { - w.Header().Set("Cache-Control", "max-age=2592000, public") - w.Header().Set("Content-Length", strconv.Itoa(len(f))) - w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer + reportBytes, err := app.GetComplianceFile(job) + if err != nil { + c.Err = err + return + } - // attach extra headers to trigger a download on IE, Edge, and Safari - ua := user_agent.New(r.UserAgent()) - bname, _ := ua.Browser() + c.LogAudit("downloaded " + job.Desc) - w.Header().Set("Content-Disposition", "attachment;filename=\""+job.JobName()+".zip\"") + w.Header().Set("Cache-Control", "max-age=2592000, public") + w.Header().Set("Content-Length", strconv.Itoa(len(reportBytes))) + w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer - if bname == "Edge" || bname == "Internet Explorer" || bname == "Safari" { - // trim off anything before the final / so we just get the file's name - w.Header().Set("Content-Type", "application/octet-stream") - } + // attach extra headers to trigger a download on IE, Edge, and Safari + ua := user_agent.New(r.UserAgent()) + bname, _ := ua.Browser() - w.Write(f) - } + w.Header().Set("Content-Disposition", "attachment;filename=\""+job.JobName()+".zip\"") + + if bname == "Edge" || bname == "Internet Explorer" || bname == "Safari" { + // trim off anything before the final / so we just get the file's name + w.Header().Set("Content-Type", "application/octet-stream") } + + w.Write(reportBytes) } func getAnalytics(c *Context, w http.ResponseWriter, r *http.Request) { @@ -373,237 +215,18 @@ func getAnalytics(c *Context, w http.ResponseWriter, r *http.Request) { teamId := params["id"] name := params["name"] - skipIntensiveQueries := false - var systemUserCount int64 - if r := <-app.Srv.Store.User().AnalyticsUniqueUserCount(""); r.Err != nil { - c.Err = r.Err + rows, err := app.GetAnalytics(name, teamId) + if err != nil { + c.Err = err return - } else { - systemUserCount = r.Data.(int64) - if systemUserCount > int64(*utils.Cfg.AnalyticsSettings.MaxUsersForStatistics) { - l4g.Debug("More than %v users on the system, intensive queries skipped", *utils.Cfg.AnalyticsSettings.MaxUsersForStatistics) - skipIntensiveQueries = true - } } - if name == "standard" { - var rows model.AnalyticsRows = make([]*model.AnalyticsRow, 10) - rows[0] = &model.AnalyticsRow{"channel_open_count", 0} - rows[1] = &model.AnalyticsRow{"channel_private_count", 0} - rows[2] = &model.AnalyticsRow{"post_count", 0} - rows[3] = &model.AnalyticsRow{"unique_user_count", 0} - rows[4] = &model.AnalyticsRow{"team_count", 0} - rows[5] = &model.AnalyticsRow{"total_websocket_connections", 0} - rows[6] = &model.AnalyticsRow{"total_master_db_connections", 0} - rows[7] = &model.AnalyticsRow{"total_read_db_connections", 0} - rows[8] = &model.AnalyticsRow{"daily_active_users", 0} - rows[9] = &model.AnalyticsRow{"monthly_active_users", 0} - - openChan := app.Srv.Store.Channel().AnalyticsTypeCount(teamId, model.CHANNEL_OPEN) - privateChan := app.Srv.Store.Channel().AnalyticsTypeCount(teamId, model.CHANNEL_PRIVATE) - teamChan := app.Srv.Store.Team().AnalyticsTeamCount() - - var userChan store.StoreChannel - if teamId != "" { - userChan = app.Srv.Store.User().AnalyticsUniqueUserCount(teamId) - } - - var postChan store.StoreChannel - if !skipIntensiveQueries { - postChan = app.Srv.Store.Post().AnalyticsPostCount(teamId, false, false) - } - - dailyActiveChan := app.Srv.Store.User().AnalyticsActiveCount(DAY_MILLISECONDS) - monthlyActiveChan := app.Srv.Store.User().AnalyticsActiveCount(MONTH_MILLISECONDS) - - if r := <-openChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[0].Value = float64(r.Data.(int64)) - } - - if r := <-privateChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[1].Value = float64(r.Data.(int64)) - } - - if postChan == nil { - rows[2].Value = -1 - } else { - if r := <-postChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[2].Value = float64(r.Data.(int64)) - } - } - - if userChan == nil { - rows[3].Value = float64(systemUserCount) - } else { - if r := <-userChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[3].Value = float64(r.Data.(int64)) - } - } - - if r := <-teamChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[4].Value = float64(r.Data.(int64)) - } - - // If in HA mode then aggregrate all the stats - if einterfaces.GetClusterInterface() != nil && *utils.Cfg.ClusterSettings.Enable { - stats, err := einterfaces.GetClusterInterface().GetClusterStats() - if err != nil { - c.Err = err - return - } - - totalSockets := app.TotalWebsocketConnections() - totalMasterDb := app.Srv.Store.TotalMasterDbConnections() - totalReadDb := app.Srv.Store.TotalReadDbConnections() - - for _, stat := range stats { - totalSockets = totalSockets + stat.TotalWebsocketConnections - totalMasterDb = totalMasterDb + stat.TotalMasterDbConnections - totalReadDb = totalReadDb + stat.TotalReadDbConnections - } - - rows[5].Value = float64(totalSockets) - rows[6].Value = float64(totalMasterDb) - rows[7].Value = float64(totalReadDb) - - } else { - rows[5].Value = float64(app.TotalWebsocketConnections()) - rows[6].Value = float64(app.Srv.Store.TotalMasterDbConnections()) - rows[7].Value = float64(app.Srv.Store.TotalReadDbConnections()) - } - - if r := <-dailyActiveChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[8].Value = float64(r.Data.(int64)) - } - - if r := <-monthlyActiveChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[9].Value = float64(r.Data.(int64)) - } - - w.Write([]byte(rows.ToJson())) - } else if name == "post_counts_day" { - if skipIntensiveQueries { - rows := model.AnalyticsRows{&model.AnalyticsRow{"", -1}} - w.Write([]byte(rows.ToJson())) - return - } - - if r := <-app.Srv.Store.Post().AnalyticsPostCountsByDay(teamId); r.Err != nil { - c.Err = r.Err - return - } else { - w.Write([]byte(r.Data.(model.AnalyticsRows).ToJson())) - } - } else if name == "user_counts_with_posts_day" { - if skipIntensiveQueries { - rows := model.AnalyticsRows{&model.AnalyticsRow{"", -1}} - w.Write([]byte(rows.ToJson())) - return - } - - if r := <-app.Srv.Store.Post().AnalyticsUserCountsWithPostsByDay(teamId); r.Err != nil { - c.Err = r.Err - return - } else { - w.Write([]byte(r.Data.(model.AnalyticsRows).ToJson())) - } - } else if name == "extra_counts" { - var rows model.AnalyticsRows = make([]*model.AnalyticsRow, 6) - rows[0] = &model.AnalyticsRow{"file_post_count", 0} - rows[1] = &model.AnalyticsRow{"hashtag_post_count", 0} - rows[2] = &model.AnalyticsRow{"incoming_webhook_count", 0} - rows[3] = &model.AnalyticsRow{"outgoing_webhook_count", 0} - rows[4] = &model.AnalyticsRow{"command_count", 0} - rows[5] = &model.AnalyticsRow{"session_count", 0} - - iHookChan := app.Srv.Store.Webhook().AnalyticsIncomingCount(teamId) - oHookChan := app.Srv.Store.Webhook().AnalyticsOutgoingCount(teamId) - commandChan := app.Srv.Store.Command().AnalyticsCommandCount(teamId) - sessionChan := app.Srv.Store.Session().AnalyticsSessionCount() - - var fileChan store.StoreChannel - var hashtagChan store.StoreChannel - if !skipIntensiveQueries { - fileChan = app.Srv.Store.Post().AnalyticsPostCount(teamId, true, false) - hashtagChan = app.Srv.Store.Post().AnalyticsPostCount(teamId, false, true) - } - - if fileChan == nil { - rows[0].Value = -1 - } else { - if r := <-fileChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[0].Value = float64(r.Data.(int64)) - } - } - - if hashtagChan == nil { - rows[1].Value = -1 - } else { - if r := <-hashtagChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[1].Value = float64(r.Data.(int64)) - } - } - - if r := <-iHookChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[2].Value = float64(r.Data.(int64)) - } - - if r := <-oHookChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[3].Value = float64(r.Data.(int64)) - } - - if r := <-commandChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[4].Value = float64(r.Data.(int64)) - } - - if r := <-sessionChan; r.Err != nil { - c.Err = r.Err - return - } else { - rows[5].Value = float64(r.Data.(int64)) - } - - w.Write([]byte(rows.ToJson())) - } else { + if rows == nil { c.SetInvalidParam("getAnalytics", "name") + return } + w.Write([]byte(rows.ToJson())) } func uploadBrandImage(c *Context, w http.ResponseWriter, r *http.Request) { @@ -639,40 +262,18 @@ func uploadBrandImage(c *Context, w http.ResponseWriter, r *http.Request) { return } - brandInterface := einterfaces.GetBrandInterface() - if brandInterface == nil { - c.Err = model.NewLocAppError("uploadBrandImage", "api.admin.upload_brand_image.not_available.app_error", nil, "") - c.Err.StatusCode = http.StatusNotImplemented - return - } - - if err := brandInterface.SaveBrandImage(imageArray[0]); err != nil { + if err := app.SaveBrandImage(imageArray[0]); err != nil { c.Err = err return } c.LogAudit("") - rdata := map[string]string{} - rdata["status"] = "OK" - w.Write([]byte(model.MapToJson(rdata))) + ReturnStatusOK(w) } func getBrandImage(c *Context, w http.ResponseWriter, r *http.Request) { - if len(utils.Cfg.FileSettings.DriverName) == 0 { - c.Err = model.NewLocAppError("getBrandImage", "api.admin.get_brand_image.storage.app_error", nil, "") - c.Err.StatusCode = http.StatusNotImplemented - return - } - - brandInterface := einterfaces.GetBrandInterface() - if brandInterface == nil { - c.Err = model.NewLocAppError("getBrandImage", "api.admin.get_brand_image.not_available.app_error", nil, "") - c.Err.StatusCode = http.StatusNotImplemented - return - } - - if img, err := brandInterface.GetBrandImage(); err != nil { + if img, err := app.GetBrandImage(); err != nil { w.Write(nil) } else { w.Header().Set("Content-Type", "image/png") @@ -716,7 +317,7 @@ func adminResetPassword(c *Context, w http.ResponseWriter, r *http.Request) { return } - if err := ResetPassword(c, userId, newPassword); err != nil { + if err := app.UpdatePasswordByUserIdSendEmail(userId, newPassword, c.T("api.user.reset_password.method"), c.GetSiteURL()); err != nil { c.Err = err return } @@ -729,15 +330,7 @@ func adminResetPassword(c *Context, w http.ResponseWriter, r *http.Request) { } func ldapSyncNow(c *Context, w http.ResponseWriter, r *http.Request) { - go func() { - if utils.IsLicensed && *utils.License.Features.LDAP && *utils.Cfg.LdapSettings.Enable { - if ldapI := einterfaces.GetLdapInterface(); ldapI != nil { - ldapI.SyncNow() - } else { - l4g.Error("%v", model.NewLocAppError("ldapSyncNow", "ent.ldap.disabled.app_error", nil, "").Error()) - } - } - }() + app.SyncLdap() rdata := map[string]string{} rdata["status"] = "ok" @@ -745,33 +338,18 @@ func ldapSyncNow(c *Context, w http.ResponseWriter, r *http.Request) { } func ldapTest(c *Context, w http.ResponseWriter, r *http.Request) { - if ldapI := einterfaces.GetLdapInterface(); ldapI != nil && utils.IsLicensed && *utils.License.Features.LDAP && *utils.Cfg.LdapSettings.Enable { - if err := ldapI.RunTest(); err != nil { - c.Err = err - c.Err.StatusCode = 500 - } - } else { - c.Err = model.NewLocAppError("ldapTest", "ent.ldap.disabled.app_error", nil, "") - c.Err.StatusCode = http.StatusNotImplemented + if err := app.TestLdap(); err != nil { + c.Err = err + return } - if c.Err == nil { - rdata := map[string]string{} - rdata["status"] = "ok" - w.Write([]byte(model.MapToJson(rdata))) - } + rdata := map[string]string{} + rdata["status"] = "ok" + w.Write([]byte(model.MapToJson(rdata))) } func samlMetadata(c *Context, w http.ResponseWriter, r *http.Request) { - samlInterface := einterfaces.GetSamlInterface() - - if samlInterface == nil { - c.Err = model.NewLocAppError("loginWithSaml", "api.admin.saml.not_available.app_error", nil, "") - c.Err.StatusCode = http.StatusFound - return - } - - if result, err := samlInterface.GetMetadata(); err != nil { + if result, err := app.GetSamlMetadata(); err != nil { c.Err = model.NewLocAppError("loginWithSaml", "api.admin.saml.metadata.app_error", nil, "err="+err.Message) return } else { @@ -805,58 +383,38 @@ func addCertificate(c *Context, w http.ResponseWriter, r *http.Request) { fileData := fileArray[0] - file, err := fileData.Open() - defer file.Close() - if err != nil { - c.Err = model.NewLocAppError("addCertificate", "api.admin.add_certificate.open.app_error", nil, err.Error()) - return - } - - out, err := os.Create(utils.FindDir("config") + fileData.Filename) - if err != nil { - c.Err = model.NewLocAppError("addCertificate", "api.admin.add_certificate.saving.app_error", nil, err.Error()) + if err := app.AddSamlCertificate(fileData); err != nil { + c.Err = err return } - defer out.Close() - - io.Copy(out, file) ReturnStatusOK(w) } func removeCertificate(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) - filename := props["filename"] - if err := os.Remove(utils.FindConfigFile(filename)); err != nil { - c.Err = model.NewLocAppError("removeCertificate", "api.admin.remove_certificate.delete.app_error", - map[string]interface{}{"Filename": filename}, err.Error()) + if err := app.RemoveSamlCertificate(props["filename"]); err != nil { + c.Err = err return } + ReturnStatusOK(w) } func samlCertificateStatus(c *Context, w http.ResponseWriter, r *http.Request) { - status := make(map[string]interface{}) - - status["IdpCertificateFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.IdpCertificateFile) - status["PrivateKeyFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.PrivateKeyFile) - status["PublicCertificateFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.PublicCertificateFile) - + status := app.GetSamlCertificateStatus() w.Write([]byte(model.StringInterfaceToJson(status))) } func getRecentlyActiveUsers(c *Context, w http.ResponseWriter, r *http.Request) { - if result := <-app.Srv.Store.User().GetRecentlyActiveUsersForTeam(c.TeamId); result.Err != nil { - c.Err = result.Err + if profiles, err := app.GetRecentlyActiveUsersForTeam(c.TeamId); err != nil { + c.Err = err return } else { - profiles := result.Data.(map[string]*model.User) - for _, p := range profiles { sanitizeProfile(c, p) } w.Write([]byte(model.UserMapToJson(profiles))) } - } diff --git a/api/api.go b/api/api.go index 3d2217ef5..59c547b8c 100644 --- a/api/api.go +++ b/api/api.go @@ -4,7 +4,6 @@ package api import ( - "io/ioutil" "net/http" "github.com/gorilla/mux" @@ -144,10 +143,3 @@ func ReturnStatusOK(w http.ResponseWriter) { m[model.STATUS] = model.STATUS_OK w.Write([]byte(model.MapToJson(m))) } - -func closeBody(r *http.Response) { - if r.Body != nil { - ioutil.ReadAll(r.Body) - r.Body.Close() - } -} diff --git a/api/post.go b/api/post.go index 13cfecfdf..4d1425c18 100644 --- a/api/post.go +++ b/api/post.go @@ -8,11 +8,9 @@ import ( "strconv" l4g "github.com/alecthomas/log4go" - "github.com/dyatlov/go-opengraph/opengraph" "github.com/gorilla/mux" "github.com/mattermost/platform/app" "github.com/mattermost/platform/model" - "github.com/mattermost/platform/store" "github.com/mattermost/platform/utils" ) @@ -44,67 +42,28 @@ func createPost(c *Context, w http.ResponseWriter, r *http.Request) { c.SetInvalidParam("createPost", "post") return } - post.UserId = c.Session.UserId - cchan := app.Srv.Store.Channel().Get(post.ChannelId, true) + post.UserId = c.Session.UserId if !app.SessionHasPermissionToChannel(c.Session, post.ChannelId, model.PERMISSION_CREATE_POST) { c.SetPermissionError(model.PERMISSION_CREATE_POST) return } - // Check that channel has not been deleted - var channel *model.Channel - if result := <-cchan; result.Err != nil { - c.SetInvalidParam("createPost", "post.channelId") - return - } else { - channel = result.Data.(*model.Channel) - } - - if channel.DeleteAt != 0 { - c.Err = model.NewLocAppError("createPost", "api.post.create_post.can_not_post_to_deleted.error", nil, "") - c.Err.StatusCode = http.StatusBadRequest - return - } - if post.CreateAt != 0 && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { post.CreateAt = 0 } - if rp, err := app.CreatePost(post, c.TeamId, true); err != nil { + rp, err := app.CreatePostAsUser(post, c.TeamId) + if err != nil { c.Err = err - - if c.Err.Id == "api.post.create_post.root_id.app_error" || - c.Err.Id == "api.post.create_post.channel_root_id.app_error" || - c.Err.Id == "api.post.create_post.parent_id.app_error" { - c.Err.StatusCode = http.StatusBadRequest - } - return - } else { - // Update the LastViewAt only if the post does not have from_webhook prop set (eg. Zapier app) - if _, ok := post.Props["from_webhook"]; !ok { - if result := <-app.Srv.Store.Channel().UpdateLastViewedAt([]string{post.ChannelId}, c.Session.UserId); result.Err != nil { - l4g.Error(utils.T("api.post.create_post.last_viewed.error"), post.ChannelId, c.Session.UserId, result.Err) - } - } - - w.Write([]byte(rp.ToJson())) } + + w.Write([]byte(rp.ToJson())) } func updatePost(c *Context, w http.ResponseWriter, r *http.Request) { - - if utils.IsLicensed { - if *utils.Cfg.ServiceSettings.AllowEditPost == model.ALLOW_EDIT_POST_NEVER { - c.Err = model.NewLocAppError("updatePost", "api.post.update_post.permissions.app_error", nil, - c.T("api.post.update_post.permissions_denied.app_error")) - c.Err.StatusCode = http.StatusForbidden - return - } - } - post := model.PostFromJson(r.Body) if post == nil { @@ -112,77 +71,20 @@ func updatePost(c *Context, w http.ResponseWriter, r *http.Request) { return } - pchan := app.Srv.Store.Post().Get(post.Id) - if !app.SessionHasPermissionToChannel(c.Session, post.ChannelId, model.PERMISSION_EDIT_POST) { c.SetPermissionError(model.PERMISSION_EDIT_POST) return } - var oldPost *model.Post - if result := <-pchan; result.Err != nil { - c.Err = result.Err - return - } else { - oldPost = result.Data.(*model.PostList).Posts[post.Id] - - if oldPost == nil { - c.Err = model.NewLocAppError("updatePost", "api.post.update_post.find.app_error", nil, "id="+post.Id) - c.Err.StatusCode = http.StatusBadRequest - return - } - - if oldPost.UserId != c.Session.UserId { - c.Err = model.NewLocAppError("updatePost", "api.post.update_post.permissions.app_error", nil, "oldUserId="+oldPost.UserId) - c.Err.StatusCode = http.StatusForbidden - return - } - - if oldPost.DeleteAt != 0 { - c.Err = model.NewLocAppError("updatePost", "api.post.update_post.permissions.app_error", nil, - c.T("api.post.update_post.permissions_details.app_error", map[string]interface{}{"PostId": post.Id})) - c.Err.StatusCode = http.StatusForbidden - return - } - - if oldPost.IsSystemMessage() { - c.Err = model.NewLocAppError("updatePost", "api.post.update_post.system_message.app_error", nil, "id="+post.Id) - c.Err.StatusCode = http.StatusForbidden - return - } - - if utils.IsLicensed { - if *utils.Cfg.ServiceSettings.AllowEditPost == model.ALLOW_EDIT_POST_TIME_LIMIT && model.GetMillis() > oldPost.CreateAt+int64(*utils.Cfg.ServiceSettings.PostEditTimeLimit*1000) { - c.Err = model.NewLocAppError("updatePost", "api.post.update_post.permissions.app_error", nil, - c.T("api.post.update_post.permissions_time_limit.app_error", map[string]interface{}{"timeLimit": *utils.Cfg.ServiceSettings.PostEditTimeLimit})) - c.Err.StatusCode = http.StatusForbidden - return - } - } - } - - newPost := &model.Post{} - *newPost = *oldPost - - newPost.Message = post.Message - newPost.EditAt = model.GetMillis() - newPost.Hashtags, _ = model.ParseHashtags(post.Message) + post.UserId = c.Session.UserId - if result := <-app.Srv.Store.Post().Update(newPost, oldPost); result.Err != nil { - c.Err = result.Err + rpost, err := app.UpdatePost(post) + if err != nil { + c.Err = err return - } else { - rpost := result.Data.(*model.Post) - - message := model.NewWebSocketEvent(model.WEBSOCKET_EVENT_POST_EDITED, "", rpost.ChannelId, "", nil) - message.Add("post", rpost.ToJson()) - - go app.Publish(message) - - app.InvalidateCacheForChannelPosts(rpost.ChannelId) - - w.Write([]byte(rpost.ToJson())) } + + w.Write([]byte(rpost.ToJson())) } func getFlaggedPosts(c *Context, w http.ResponseWriter, r *http.Request) { @@ -200,16 +102,12 @@ func getFlaggedPosts(c *Context, w http.ResponseWriter, r *http.Request) { return } - posts := &model.PostList{} - - if result := <-app.Srv.Store.Post().GetFlaggedPosts(c.Session.UserId, offset, limit); result.Err != nil { - c.Err = result.Err + if posts, err := app.GetFlaggedPosts(c.Session.UserId, offset, limit); err != nil { + c.Err = err return } else { - posts = result.Data.(*model.PostList) + w.Write([]byte(posts.ToJson())) } - - w.Write([]byte(posts.ToJson())) } func getPosts(c *Context, w http.ResponseWriter, r *http.Request) { @@ -233,27 +131,21 @@ func getPosts(c *Context, w http.ResponseWriter, r *http.Request) { return } - etagChan := app.Srv.Store.Post().GetEtag(id, true) - if !app.SessionHasPermissionToChannel(c.Session, id, model.PERMISSION_CREATE_POST) { c.SetPermissionError(model.PERMISSION_CREATE_POST) return } - etag := (<-etagChan).Data.(string) + etag := app.GetPostsEtag(id) if HandleEtag(etag, "Get Posts", w, r) { return } - pchan := app.Srv.Store.Post().GetPosts(id, offset, limit, true) - - if result := <-pchan; result.Err != nil { - c.Err = result.Err + if list, err := app.GetPosts(id, offset, limit); err != nil { + c.Err = err return } else { - list := result.Data.(*model.PostList) - w.Header().Set(model.HEADER_ETAG_SERVER, etag) w.Write([]byte(list.ToJson())) } @@ -275,19 +167,15 @@ func getPostsSince(c *Context, w http.ResponseWriter, r *http.Request) { return } - pchan := app.Srv.Store.Post().GetPostsSince(id, time, true) - if !app.SessionHasPermissionToChannel(c.Session, id, model.PERMISSION_READ_CHANNEL) { c.SetPermissionError(model.PERMISSION_READ_CHANNEL) return } - if result := <-pchan; result.Err != nil { - c.Err = result.Err + if list, err := app.GetPostsSince(id, time); err != nil { + c.Err = err return } else { - list := result.Data.(*model.PostList) - w.Write([]byte(list.ToJson())) } @@ -308,21 +196,17 @@ func getPost(c *Context, w http.ResponseWriter, r *http.Request) { return } - pchan := app.Srv.Store.Post().Get(postId) - if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) { c.SetPermissionError(model.PERMISSION_READ_CHANNEL) return } - if result := <-pchan; result.Err != nil { - c.Err = result.Err + if list, err := app.GetPostThread(postId); err != nil { + c.Err = err return - } else if HandleEtag(result.Data.(*model.PostList).Etag(), "Get Post", w, r) { + } else if HandleEtag(list.Etag(), "Get Post", w, r) { return } else { - list := result.Data.(*model.PostList) - if !list.IsChannelId(channelId) { c.Err = model.NewLocAppError("getPost", "api.post.get_post.permissions.app_error", nil, "") c.Err.StatusCode = http.StatusForbidden @@ -343,12 +227,10 @@ func getPostById(c *Context, w http.ResponseWriter, r *http.Request) { return } - if result := <-app.Srv.Store.Post().Get(postId); result.Err != nil { - c.Err = result.Err + if list, err := app.GetPostThread(postId); err != nil { + c.Err = err return } else { - list := result.Data.(*model.PostList) - if len(list.Order) != 1 { c.Err = model.NewLocAppError("getPostById", "api.post_get_post_by_id.get.app_error", nil, "") return @@ -378,39 +260,17 @@ func getPermalinkTmp(c *Context, w http.ResponseWriter, r *http.Request) { return } - if result := <-app.Srv.Store.Post().Get(postId); result.Err != nil { - c.Err = result.Err + if !app.HasPermissionToChannelByPost(c.Session.UserId, postId, model.PERMISSION_JOIN_PUBLIC_CHANNELS) { + c.SetPermissionError(model.PERMISSION_JOIN_PUBLIC_CHANNELS) return - } else { - list := result.Data.(*model.PostList) - - if len(list.Order) != 1 { - c.Err = model.NewLocAppError("getPermalinkTmp", "api.post_get_post_by_id.get.app_error", nil, "") - return - } - post := list.Posts[list.Order[0]] - - var channel *model.Channel - var err *model.AppError - if channel, err = app.GetChannel(post.ChannelId); err != nil { - c.Err = err - return - } - - if !app.SessionHasPermissionToTeam(c.Session, channel.TeamId, model.PERMISSION_JOIN_PUBLIC_CHANNELS) { - c.SetPermissionError(model.PERMISSION_JOIN_PUBLIC_CHANNELS) - return - } - - if err = app.JoinChannel(channel, c.Session.UserId); err != nil { - c.Err = err - return - } - - if HandleEtag(list.Etag(), "Get Permalink TMP", w, r) { - return - } + } + if list, err := app.GetPermalinkPost(postId, c.Session.UserId); err != nil { + c.Err = err + return + } else if HandleEtag(list.Etag(), "Get Permalink TMP", w, r) { + return + } else { w.Header().Set(model.HEADER_ETAG_SERVER, list.Etag()) w.Write([]byte(list.ToJson())) } @@ -436,69 +296,27 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) { return } - pchan := app.Srv.Store.Post().Get(postId) + if !app.SessionHasPermissionToPost(c.Session, postId, model.PERMISSION_DELETE_OTHERS_POSTS) { + c.SetPermissionError(model.PERMISSION_DELETE_OTHERS_POSTS) + return + } - if result := <-pchan; result.Err != nil { - c.Err = result.Err + if post, err := app.DeletePost(postId); err != nil { + c.Err = err return } else { - - post := result.Data.(*model.PostList).Posts[postId] - - if post == nil { - c.SetInvalidParam("deletePost", "postId") - return - } - if post.ChannelId != channelId { c.Err = model.NewLocAppError("deletePost", "api.post.delete_post.permissions.app_error", nil, "") c.Err.StatusCode = http.StatusForbidden return } - if post.UserId != c.Session.UserId && !app.SessionHasPermissionToChannel(c.Session, post.ChannelId, model.PERMISSION_DELETE_OTHERS_POSTS) { - c.Err = model.NewLocAppError("deletePost", "api.post.delete_post.permissions.app_error", nil, "") - c.Err.StatusCode = http.StatusForbidden - return - } - - if dresult := <-app.Srv.Store.Post().Delete(postId, model.GetMillis()); dresult.Err != nil { - c.Err = dresult.Err - return - } - - message := model.NewWebSocketEvent(model.WEBSOCKET_EVENT_POST_DELETED, "", post.ChannelId, "", nil) - message.Add("post", post.ToJson()) - - go app.Publish(message) - go DeletePostFiles(post) - go DeleteFlaggedPost(c.Session.UserId, post) - - app.InvalidateCacheForChannelPosts(post.ChannelId) - result := make(map[string]string) result["id"] = postId w.Write([]byte(model.MapToJson(result))) } } -func DeleteFlaggedPost(userId string, post *model.Post) { - if result := <-app.Srv.Store.Preference().Delete(userId, model.PREFERENCE_CATEGORY_FLAGGED_POST, post.Id); result.Err != nil { - l4g.Warn(utils.T("api.post.delete_flagged_post.app_error.warn"), result.Err) - return - } -} - -func DeletePostFiles(post *model.Post) { - if len(post.FileIds) != 0 { - return - } - - if result := <-app.Srv.Store.FileInfo().DeleteForPost(post.Id); result.Err != nil { - l4g.Warn(utils.T("api.post.delete_post_files.app_error.warn"), post.Id, result.Err) - } -} - func getPostsBefore(c *Context, w http.ResponseWriter, r *http.Request) { getPostsBeforeOrAfter(c, w, r, true) } @@ -534,32 +352,22 @@ func getPostsBeforeOrAfter(c *Context, w http.ResponseWriter, r *http.Request, b return } - // We can do better than this etag in this situation - etagChan := app.Srv.Store.Post().GetEtag(id, true) - if !app.SessionHasPermissionToChannel(c.Session, id, model.PERMISSION_READ_CHANNEL) { c.SetPermissionError(model.PERMISSION_READ_CHANNEL) return } - etag := (<-etagChan).Data.(string) + // We can do better than this etag in this situation + etag := app.GetPostsEtag(id) + if HandleEtag(etag, "Get Posts Before or After", w, r) { return } - var pchan store.StoreChannel - if before { - pchan = app.Srv.Store.Post().GetPostsBefore(id, postId, numPosts, offset) - } else { - pchan = app.Srv.Store.Post().GetPostsAfter(id, postId, numPosts, offset) - } - - if result := <-pchan; result.Err != nil { - c.Err = result.Err + if list, err := app.GetPostsAroundPost(postId, id, offset, numPosts, before); err != nil { + c.Err = err return } else { - list := result.Data.(*model.PostList) - w.Header().Set(model.HEADER_ETAG_SERVER, etag) w.Write([]byte(list.ToJson())) } @@ -579,26 +387,10 @@ func searchPosts(c *Context, w http.ResponseWriter, r *http.Request) { isOrSearch = val.(bool) } - paramsList := model.ParseSearchParams(terms) - channels := []store.StoreChannel{} - - for _, params := range paramsList { - params.OrTerms = isOrSearch - // don't allow users to search for everything - if params.Terms != "*" { - channels = append(channels, app.Srv.Store.Post().Search(c.TeamId, c.Session.UserId, params)) - } - } - - posts := &model.PostList{} - for _, channel := range channels { - if result := <-channel; result.Err != nil { - c.Err = result.Err - return - } else { - data := result.Data.(*model.PostList) - posts.Extend(data) - } + posts, err := app.SearchPostsInTeam(terms, c.Session.UserId, c.TeamId, isOrSearch) + if err != nil { + c.Err = err + return } w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate") @@ -620,69 +412,35 @@ func getFileInfosForPost(c *Context, w http.ResponseWriter, r *http.Request) { return } - pchan := app.Srv.Store.Post().Get(postId) - fchan := app.Srv.Store.FileInfo().GetForPost(postId) - if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) { c.SetPermissionError(model.PERMISSION_READ_CHANNEL) return } - var infos []*model.FileInfo - if result := <-fchan; result.Err != nil { - c.Err = result.Err + if infos, err := app.GetFileInfosForPost(postId); err != nil { + c.Err = err return - } else { - infos = result.Data.([]*model.FileInfo) - } - - if len(infos) == 0 { - // No FileInfos were returned so check if they need to be created for this post - var post *model.Post - if result := <-pchan; result.Err != nil { - c.Err = result.Err - return - } else { - post = result.Data.(*model.PostList).Posts[postId] - } - - if len(post.Filenames) > 0 { - // The post has Filenames that need to be replaced with FileInfos - infos = app.MigrateFilenamesToFileInfos(post) - } - } - - etag := model.GetEtagForFileInfos(infos) - - if HandleEtag(etag, "Get File Infos For Post", w, r) { + } else if HandleEtag(model.GetEtagForFileInfos(infos), "Get File Infos For Post", w, r) { return } else { w.Header().Set("Cache-Control", "max-age=2592000, public") - w.Header().Set(model.HEADER_ETAG_SERVER, etag) + w.Header().Set(model.HEADER_ETAG_SERVER, model.GetEtagForFileInfos(infos)) w.Write([]byte(model.FileInfosToJson(infos))) } } func getOpenGraphMetadata(c *Context, w http.ResponseWriter, r *http.Request) { props := model.StringInterfaceFromJson(r.Body) - og := opengraph.NewOpenGraph() - res, err := http.Get(props["url"].(string)) - defer closeBody(res) - if err != nil { - writeOpenGraphToResponse(w, og) + url := "" + ok := false + if url, ok = props["url"].(string); len(url) == 0 || !ok { + c.SetInvalidParam("getOpenGraphMetadata", "url") return } - if err := og.ProcessHTML(res.Body); err != nil { - writeOpenGraphToResponse(w, og) - return - } - - writeOpenGraphToResponse(w, og) -} + og := app.GetOpenGraphMetadata(url) -func writeOpenGraphToResponse(w http.ResponseWriter, og *opengraph.OpenGraph) { ogJson, err := og.ToJSON() if err != nil { w.Write([]byte(`{"url": ""}`)) diff --git a/api/user.go b/api/user.go index 789e10f5e..7722e917b 100644 --- a/api/user.go +++ b/api/user.go @@ -7,10 +7,8 @@ import ( "bytes" b64 "encoding/base64" "fmt" - "html/template" "io" "net/http" - "net/url" "strconv" "strings" "time" @@ -94,16 +92,9 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) { user.EmailVerified = false - shouldSendWelcomeEmail := true - hash := r.URL.Query().Get("h") inviteId := r.URL.Query().Get("iid") - if !CheckUserDomain(user, utils.Cfg.TeamSettings.RestrictCreationToDomains) { - c.Err = model.NewLocAppError("createUser", "api.user.create_user.accepted_domain.app_error", nil, "") - return - } - var ruser *model.User var err *model.AppError if len(hash) > 0 { @@ -113,10 +104,8 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) { c.Err = err return } - - shouldSendWelcomeEmail = false } else if len(inviteId) > 0 { - ruser, err = app.CreateUserWithInviteId(user, inviteId) + ruser, err = app.CreateUserWithInviteId(user, inviteId, c.GetSiteURL()) if err != nil { c.Err = err return @@ -132,9 +121,7 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) { c.Err = err return } - } - if shouldSendWelcomeEmail { if err := app.SendWelcomeEmail(ruser.Id, ruser.Email, ruser.EmailVerified, ruser.Locale, c.GetSiteURL()); err != nil { l4g.Error(err.Error()) } @@ -144,49 +131,6 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) { } -// Check that a user's email domain matches a list of space-delimited domains as a string. -func CheckUserDomain(user *model.User, domains string) bool { - if len(domains) == 0 { - return true - } - - domainArray := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(domains, "@", " ", -1), ",", " ", -1)))) - - matched := false - for _, d := range domainArray { - if strings.HasSuffix(strings.ToLower(user.Email), "@"+d) { - matched = true - break - } - } - - return matched -} - -func IsVerifyHashRequired(user *model.User, team *model.Team, hash string) bool { - shouldVerifyHash := true - - if team.Type == model.TEAM_INVITE && len(team.AllowedDomains) > 0 && len(hash) == 0 && user != nil { - matched := CheckUserDomain(user, team.AllowedDomains) - - if matched { - shouldVerifyHash = false - } else { - return true - } - } - - if team.Type == model.TEAM_OPEN { - shouldVerifyHash = false - } - - if len(hash) > 0 { - shouldVerifyHash = true - } - - return shouldVerifyHash -} - func login(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) @@ -594,10 +538,7 @@ func getByEmail(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) email := params["email"] - var user *model.User - var err *model.AppError - - if user, err = app.GetUserByEmail(email); err != nil { + if user, err := app.GetUserByEmail(email); err != nil { c.Err = err return } else if HandleEtag(user.Etag(utils.Cfg.PrivacySettings.ShowFullName, utils.Cfg.PrivacySettings.ShowEmailAddress), "Get By Email", w, r) { @@ -631,11 +572,8 @@ func getProfiles(c *Context, w http.ResponseWriter, r *http.Request) { return } - var profiles map[string]*model.User - var profileErr *model.AppError - - if profiles, profileErr = app.GetUsers(offset, limit); profileErr != nil { - c.Err = profileErr + if profiles, err := app.GetUsers(offset, limit); err != nil { + c.Err = err return } else { for k, p := range profiles { @@ -674,11 +612,8 @@ func getProfilesInTeam(c *Context, w http.ResponseWriter, r *http.Request) { return } - var profiles map[string]*model.User - var profileErr *model.AppError - - if profiles, profileErr = app.GetUsersInTeam(teamId, offset, limit); profileErr != nil { - c.Err = profileErr + if profiles, err := app.GetUsersInTeam(teamId, offset, limit); err != nil { + c.Err = err return } else { for k, p := range profiles { @@ -694,18 +629,6 @@ func getProfilesInChannel(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) channelId := params["channel_id"] - if c.Session.GetTeamByTeamId(c.TeamId) == nil { - if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { - c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) - return - } - } - - if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) { - c.SetPermissionError(model.PERMISSION_READ_CHANNEL) - return - } - offset, err := strconv.Atoi(params["offset"]) if err != nil { c.SetInvalidParam("getProfiles", "offset") @@ -718,6 +641,18 @@ func getProfilesInChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } + if c.Session.GetTeamByTeamId(c.TeamId) == nil { + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + } + + if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) { + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + var profiles map[string]*model.User var profileErr *model.AppError @@ -761,11 +696,8 @@ func getProfilesNotInChannel(c *Context, w http.ResponseWriter, r *http.Request) return } - var profiles map[string]*model.User - var profileErr *model.AppError - - if profiles, err = app.GetUsersNotInChannel(c.TeamId, channelId, offset, limit); profileErr != nil { - c.Err = profileErr + if profiles, err := app.GetUsersNotInChannel(c.TeamId, channelId, offset, limit); err != nil { + c.Err = err return } else { for k, p := range profiles { @@ -897,11 +829,6 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { return } - if err := utils.IsPasswordValid(user.Password); user.Password != "" && err != nil { - c.Err = err - return - } - if ruser, err := app.UpdateUser(user, c.GetSiteURL()); err != nil { c.Err = err return @@ -942,11 +869,6 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) { newPassword := props["new_password"] - if err := utils.IsPasswordValid(newPassword); err != nil { - c.Err = err - return - } - if userId != c.Session.UserId { c.Err = model.NewLocAppError("updatePassword", "api.user.update_password.context.app_error", nil, "") c.Err.StatusCode = http.StatusForbidden @@ -984,7 +906,7 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) { return } - if err := app.UpdatePasswordSendEmail(user, model.HashPassword(newPassword), c.T("api.user.update_password.menu"), c.GetSiteURL()); err != nil { + if err := app.UpdatePasswordSendEmail(user, newPassword, c.T("api.user.update_password.menu"), c.GetSiteURL()); err != nil { c.Err = err return } else { @@ -1039,13 +961,6 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) { active := props["active"] == "true" - var user *model.User - var err *model.AppError - if user, err = app.GetUser(userId); err != nil { - c.Err = err - return - } - // true when you're trying to de-activate yourself isSelfDeactive := !active && userId == c.Session.UserId @@ -1055,13 +970,7 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) { return } - if user.IsLDAPUser() { - c.Err = model.NewLocAppError("updateActive", "api.user.update_active.no_deactivate_ldap.app_error", nil, "userId="+userId) - c.Err.StatusCode = http.StatusBadRequest - return - } - - if ruser, err := app.UpdateActive(user, active); err != nil { + if ruser, err := app.UpdateActiveNoLdap(userId, active); err != nil { c.Err = err } else { c.LogAuditWithUserId(ruser.Id, fmt.Sprintf("active=%v", active)) @@ -1078,42 +987,13 @@ func sendPasswordReset(c *Context, w http.ResponseWriter, r *http.Request) { return } - var user *model.User - var err *model.AppError - if user, err = app.GetUserByEmail(email); err != nil { - w.Write([]byte(model.MapToJson(props))) - return - } - - if user.AuthData != nil && len(*user.AuthData) != 0 { - c.Err = model.NewLocAppError("sendPasswordReset", "api.user.send_password_reset.sso.app_error", nil, "userId="+user.Id) - return - } - - var recovery *model.PasswordRecovery - if recovery, err = app.CreatePasswordRecovery(user.Id); err != nil { + if sent, err := app.SendPasswordReset(email, c.GetSiteURL()); err != nil { c.Err = err return + } else if sent { + c.LogAudit("sent=" + email) } - link := fmt.Sprintf("%s/reset_password_complete?code=%s", c.GetSiteURL(), url.QueryEscape(recovery.Code)) - - subject := c.T("api.templates.reset_subject") - - bodyPage := utils.NewHTMLTemplate("reset_body", c.Locale) - bodyPage.Props["SiteURL"] = c.GetSiteURL() - bodyPage.Props["Title"] = c.T("api.templates.reset_body.title") - bodyPage.Html["Info"] = template.HTML(c.T("api.templates.reset_body.info")) - bodyPage.Props["ResetUrl"] = link - bodyPage.Props["Button"] = c.T("api.templates.reset_body.button") - - if err := utils.SendMail(email, subject, bodyPage.Render()); err != nil { - c.Err = model.NewLocAppError("sendPasswordReset", "api.user.send_password_reset.send.app_error", nil, "err="+err.Message) - return - } - - c.LogAuditWithUserId(user.Id, "sent="+email) - w.Write([]byte(model.MapToJson(props))) } @@ -1127,64 +1007,22 @@ func resetPassword(c *Context, w http.ResponseWriter, r *http.Request) { } newPassword := props["new_password"] - if err := utils.IsPasswordValid(newPassword); err != nil { - c.Err = err - return - } - - c.LogAudit("attempt") - - userId := "" - - if recovery, err := app.GetPasswordRecovery(code); err != nil { - c.LogAuditWithUserId(userId, "fail - bad code") - c.Err = err - return - } else { - if model.GetMillis()-recovery.CreateAt < model.PASSWORD_RECOVER_EXPIRY_TIME { - userId = recovery.UserId - } else { - c.LogAuditWithUserId(userId, "fail - link expired") - c.Err = model.NewLocAppError("resetPassword", "api.user.reset_password.link_expired.app_error", nil, "") - return - } - if err := app.DeletePasswordRecoveryForUser(userId); err != nil { - l4g.Error(err.Error()) - } - } + c.LogAudit("attempt - code=" + code) - if err := ResetPassword(c, userId, newPassword); err != nil { + if err := app.ResetPasswordFromCode(code, newPassword, c.GetSiteURL()); err != nil { + c.LogAudit("fail - code=" + code) c.Err = err return } - c.LogAuditWithUserId(userId, "success") + c.LogAudit("success - code=" + code) rdata := map[string]string{} rdata["status"] = "ok" w.Write([]byte(model.MapToJson(rdata))) } -func ResetPassword(c *Context, userId, newPassword string) *model.AppError { - var user *model.User - var err *model.AppError - if user, err = app.GetUser(userId); err != nil { - return err - } - - if user.AuthData != nil && len(*user.AuthData) != 0 && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { - return model.NewLocAppError("ResetPassword", "api.user.reset_password.sso.app_error", nil, "userId="+user.Id) - - } - - if err := app.UpdatePasswordSendEmail(user, model.HashPassword(newPassword), c.T("api.user.reset_password.method"), c.GetSiteURL()); err != nil { - return err - } - - return nil -} - func updateUserNotify(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) @@ -1225,22 +1063,13 @@ func updateUserNotify(c *Context, w http.ResponseWriter, r *http.Request) { return } - var user *model.User - var err *model.AppError - if user, err = app.GetUser(userId); err != nil { - c.Err = err - return - } - - user.NotifyProps = props - - var ruser *model.User - if ruser, err = app.UpdateUser(user, c.GetSiteURL()); err != nil { + ruser, err := app.UpdateUserNotifyProps(userId, props, c.GetSiteURL()) + if err != nil { c.Err = err return } - c.LogAuditWithUserId(user.Id, "") + c.LogAuditWithUserId(ruser.Id, "") options := utils.Cfg.GetSanitizeOptions() options["passwordupdate"] = false @@ -1340,7 +1169,7 @@ func oauthToEmail(c *Context, w http.ResponseWriter, r *http.Request) { return } - if err := app.UpdatePassword(user, model.HashPassword(password)); err != nil { + if err := app.UpdatePassword(user, password); err != nil { c.LogAudit("fail - database issue") c.Err = err return @@ -1509,7 +1338,7 @@ func ldapToEmail(c *Context, w http.ResponseWriter, r *http.Request) { return } - if err := app.UpdatePassword(user, model.HashPassword(emailPassword)); err != nil { + if err := app.UpdatePassword(user, emailPassword); err != nil { c.LogAudit("fail - database issue") c.Err = err return diff --git a/api/user_test.go b/api/user_test.go index a7d6224ea..5a398a716 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -83,32 +83,6 @@ func TestCreateUser(t *testing.T) { } } -func TestCheckUserDomain(t *testing.T) { - th := Setup().InitBasic() - user := th.BasicUser - - cases := []struct { - domains string - matched bool - }{ - {"simulator.amazonses.com", true}, - {"gmail.com", false}, - {"", true}, - {"gmail.com simulator.amazonses.com", true}, - } - for _, c := range cases { - matched := CheckUserDomain(user, c.domains) - if matched != c.matched { - if c.matched { - t.Logf("'%v' should have matched '%v'", user.Email, c.domains) - } else { - t.Logf("'%v' should not have matched '%v'", user.Email, c.domains) - } - t.FailNow() - } - } -} - func TestLogin(t *testing.T) { th := Setup().InitBasic() Client := th.BasicClient @@ -1356,6 +1330,7 @@ func TestResetPassword(t *testing.T) { } if _, err := Client.ResetPassword(recovery.Code, "newpwd1"); err != nil { + t.Log(recovery.Code) t.Fatal(err) } diff --git a/api/webrtc.go b/api/webrtc.go index 7ea6b2e42..8b00e724d 100644 --- a/api/webrtc.go +++ b/api/webrtc.go @@ -89,7 +89,7 @@ func getWebrtcToken(sessionId string) (string, *model.AppError) { if rp, err := httpClient.Do(rq); err != nil { return "", model.NewLocAppError("WebRTC.Token", "model.client.connecting.app_error", nil, err.Error()) } else if rp.StatusCode >= 300 { - defer closeBody(rp) + defer app.CloseBody(rp) return "", model.AppErrorFromJson(rp.Body) } else { janusResponse := model.GatewayResponseFromJson(rp.Body) |