summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--api4/team_test.go16
-rw-r--r--app/team.go33
-rw-r--r--i18n/en.json4
-rw-r--r--webapp/components/invite_member_modal.jsx3
4 files changed, 48 insertions, 8 deletions
diff --git a/api4/team_test.go b/api4/team_test.go
index e62790173..665db95f5 100644
--- a/api4/team_test.go
+++ b/api4/team_test.go
@@ -1449,6 +1449,22 @@ func TestInviteUsersToTeam(t *testing.T) {
}
}
}
+
+ restrictCreationToDomains := utils.Cfg.TeamSettings.RestrictCreationToDomains
+ defer func() {
+ utils.Cfg.TeamSettings.RestrictCreationToDomains = restrictCreationToDomains
+ }()
+ utils.Cfg.TeamSettings.RestrictCreationToDomains = "@example.com"
+
+ err := app.InviteNewUsersToTeam(emailList, th.BasicTeam.Id, th.BasicUser.Id)
+
+ if err == nil {
+ t.Fatal("Adding users with non-restricted domains was allowed")
+ }
+ if err.Where != "InviteNewUsersToTeam" || err.Message != "api.team.invite_members.invalid_email.app_error" {
+ t.Log(err)
+ t.Fatal("Got wrong error message!")
+ }
}
func TestGetTeamInviteInfo(t *testing.T) {
diff --git a/app/team.go b/app/team.go
index 94523f8b5..be15b8a39 100644
--- a/app/team.go
+++ b/app/team.go
@@ -55,13 +55,8 @@ func CreateTeamWithUser(team *model.Team, userId string) (*model.Team, *model.Ap
return rteam, nil
}
-func isTeamEmailAllowed(user *model.User) bool {
- email := strings.ToLower(user.Email)
-
- if len(user.AuthService) > 0 && len(*user.AuthData) > 0 {
- return true
- }
-
+func isTeamEmailAddressAllowed(email string) bool {
+ email = strings.ToLower(email)
// commas and @ signs are optional
// can be in the form of "@corp.mattermost.com, mattermost.com mattermost.org" -> corp.mattermost.com mattermost.com mattermost.org
domains := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(utils.Cfg.TeamSettings.RestrictCreationToDomains, "@", " ", -1), ",", " ", -1))))
@@ -81,6 +76,16 @@ func isTeamEmailAllowed(user *model.User) bool {
return true
}
+func isTeamEmailAllowed(user *model.User) bool {
+ email := strings.ToLower(user.Email)
+
+ if len(user.AuthService) > 0 && len(*user.AuthData) > 0 {
+ return true
+ }
+
+ return isTeamEmailAddressAllowed(email)
+}
+
func UpdateTeam(team *model.Team) (*model.Team, *model.AppError) {
var oldTeam *model.Team
var err *model.AppError
@@ -621,6 +626,20 @@ func InviteNewUsersToTeam(emailList []string, teamId, senderId string) *model.Ap
return err
}
+ var invalidEmailList []string
+
+ for _, email := range emailList {
+ if ! isTeamEmailAddressAllowed(email) {
+ invalidEmailList = append(invalidEmailList, email)
+ }
+ }
+
+ if len(invalidEmailList) > 0 {
+ s := strings.Join(invalidEmailList, ", ")
+ err := model.NewAppError("InviteNewUsersToTeam", "api.team.invite_members.invalid_email.app_error", map[string]interface{}{"Addresses": s}, "", http.StatusBadRequest)
+ return err
+ }
+
tchan := Srv.Store.Team().Get(teamId)
uchan := Srv.Store.User().Get(senderId)
diff --git a/i18n/en.json b/i18n/en.json
index a2d1637a3..6371522a4 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -2132,6 +2132,10 @@
"translation": "Failed to send invite email successfully err=%v"
},
{
+ "id": "api.team.invite_members.invalid_email.app_error",
+ "translation": "The following email addresses do not belong to an accepted domain: {{.Addresses}}. Please contact your System Administrator for details."
+ },
+ {
"id": "api.team.invite_members.sending.info",
"translation": "sending invitation to %v %v"
},
diff --git a/webapp/components/invite_member_modal.jsx b/webapp/components/invite_member_modal.jsx
index 1e500115d..07aa9a1a3 100644
--- a/webapp/components/invite_member_modal.jsx
+++ b/webapp/components/invite_member_modal.jsx
@@ -97,7 +97,8 @@ class InviteMemberModal extends React.Component {
handleToggle(value) {
this.setState({
- show: value
+ show: value,
+ serverError: null
});
}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-28 00:18:49 +0000