diff options
| -rw-r--r-- | CHANGELOG.md | 17 | ||||
| -rw-r--r-- | Makefile | 4 | ||||
| -rw-r--r-- | NOTICE.txt | 123 | ||||
| -rw-r--r-- | api/command_test.go | 3 | ||||
| -rw-r--r-- | api/context.go | 27 | ||||
| -rw-r--r-- | api/file.go | 2 | ||||
| -rw-r--r-- | api/post.go | 4 | ||||
| -rw-r--r-- | api/team.go | 8 | ||||
| -rw-r--r-- | api/user.go | 6 | ||||
| -rw-r--r-- | api/webhook.go | 2 | ||||
| -rw-r--r-- | build/MIT-COMPILED-LICENSE.md | 14 | ||||
| -rw-r--r-- | docker/1.0/Dockerfile | 2 | ||||
| -rw-r--r-- | docker/1.0/config_docker.json | 8 | ||||
| -rw-r--r-- | docker/dev/config_docker.json | 8 | ||||
| -rw-r--r-- | docker/local/config_docker.json | 8 | ||||
| -rw-r--r-- | model/user.go | 4 | ||||
| -rw-r--r-- | web/react/components/setting_upload.jsx | 45 | ||||
| -rw-r--r-- | web/react/components/sidebar_right.jsx | 4 | ||||
| -rw-r--r-- | web/react/components/team_signup_url_page.jsx | 4 | ||||
| -rw-r--r-- | web/react/components/team_signup_with_sso.jsx | 10 | ||||
| -rw-r--r-- | web/react/utils/utils.jsx | 2 |
21 files changed, 229 insertions, 76 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 64cc57ab8..c4f1f491e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,18 +1,17 @@ # Mattermost Changelog -## UNDER DEVELOPMENT - Release v1.0.0-RC1 +## UNDER DEVELOPMENT - Release v1.0.0-RC2 The "UNDER DEVELOPMENT" section of the Mattermost changelog appears in the product's `master` branch to note key changes committed to master and are on their way to the next stable release. When a stable release is pushed the "UNDER DEVELOPMENT" heading is removed from the final changelog of the release. -- **Release candidate anticipated:** September 28, 2015 - **Final release anticipated:** October 2, 2015 ### Release Highlights - System Console - UI for configuring deployments, managing teams, resetting user passwords and other admin features -- Markdown support in messages, comments and channel descriptions - Including font formatting, emoticons, headings and tables -- Preset themes and detailed theme color options, plus ability to import themes from Slack -- Numerous performance improvements and optimizations +- Markdown - Markdown support in messages, comments and channel descriptions - Including font formatting, emoticons, headings and tables +- Themes - Preset themes and detailed theme color options, plus ability to import themes from Slack +- Performance - Numerous performance improvements and optimizations ### New Features @@ -39,12 +38,14 @@ User Interface - Added ability to import themes from Slack Integrations + - (Preview) Initial support for incoming webhooks ### Improvements Documentation +- Added production installation instructions - Updated software and hardware requirements documentation - Re-organized install instructions out of README and into separate files - Added Code Contribution Guidelines @@ -59,11 +60,15 @@ Performance Code Quality - Reformatted Javascript per Mattermost Style Guide - + UI - Added version, build number, build date and build hash under Account Settings -> Security +Licensing + +- Compiled version of Mattermost v1.0.0 now available under MIT license + ### Bug Fixes - Numerous performance improvements @@ -92,7 +92,7 @@ travis: mkdir -p $(DIST_PATH)/api cp -RL api/templates $(DIST_PATH)/api - cp LICENSE.txt $(DIST_PATH) + cp build/MIT-COMPILED-LICENSE.md $(DIST_PATH) cp NOTICE.txt $(DIST_PATH) cp README.md $(DIST_PATH) @@ -261,7 +261,7 @@ dist: install mkdir -p $(DIST_PATH)/api cp -RL api/templates $(DIST_PATH)/api - cp LICENSE.txt $(DIST_PATH) + cp build/MIT-COMPILED-LICENSE.md $(DIST_PATH) cp NOTICE.txt $(DIST_PATH) cp README.md $(DIST_PATH) diff --git a/NOTICE.txt b/NOTICE.txt index b7a7fbc1d..f908bbd28 100644 --- a/NOTICE.txt +++ b/NOTICE.txt @@ -798,3 +798,126 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +--- + +This product contains a modified portion of 'react-bootstrap', a library of reuseable front-end components with the look and feel of Bootstrap, but rebuilt with React.js. + +by Stephen J. Collings, Matthew Honnibal, Pieter Vanderwerff + +* HOMEPAGE: + * https://github.com/react-bootstrap/react-bootstrap + +* LICENSE: + +The MIT License (MIT) + +Copyright (c) 2014 Stephen J. Collings, Matthew Honnibal, Pieter Vanderwerff + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + +--- + +This product contains a modified portion of 'goexif', which provides decoding of basic exif and tiff encoded data. + +by Robert Carlsen & Contributors + +* HOMEPAGE: + * https://github.com/rwcarlsen/goexif + +* LICENSE: + +Copyright (c) 2012, Robert Carlsen & Contributors +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +--- + +This product contains a modified portion of 'graphics-go', an implementation of basic image manipulation operations in the Go programming language. + +by The Graphics-Go Authors + +* HOMEPAGE: + * https://code.google.com/p/graphics-go/ + +* LICENSE: + +Copyright (c) 2011 The Graphics-Go Authors. All rights reserved. +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: +Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. +Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. +Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +--- + +This product contains a modified portion of 'Bootstrap Colorpicker', a nice and customizable colorpicker plugin for Twitter Bootstrap. + +by Stefan Petre + +* HOMEPAGE: + * https://github.com/mjolnic/bootstrap-colorpicker/ + +* LICENSE: + +Copyright 2012 Stefan Petre + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/api/command_test.go b/api/command_test.go index d70729448..360c4da58 100644 --- a/api/command_test.go +++ b/api/command_test.go @@ -6,6 +6,7 @@ package api import ( "strings" "testing" + "time" "github.com/mattermost/platform/model" "github.com/mattermost/platform/store" @@ -176,6 +177,8 @@ func TestEchoCommand(t *testing.T) { t.Fatal("Echo command failed to execute") } + time.Sleep(100 * time.Millisecond) + p1 := Client.Must(Client.GetPosts(channel1.Id, 0, 2, "")).Data.(*model.PostList) if len(p1.Order) != 1 { t.Fatal("Echo command failed to send") diff --git a/api/context.go b/api/context.go index d90fbd9ee..02c3dc902 100644 --- a/api/context.go +++ b/api/context.go @@ -292,14 +292,6 @@ func (c *Context) HasPermissionsToChannel(sc store.StoreChannel, where string) b return true } -func (c *Context) IsSystemAdmin() bool { - // TODO XXX FIXME && IsPrivateIpAddress(c.IpAddress) - if model.IsInRole(c.Session.Roles, model.ROLE_SYSTEM_ADMIN) { - return true - } - return false -} - func (c *Context) HasSystemAdminPermissions(where string) bool { if c.IsSystemAdmin() { return true @@ -310,14 +302,19 @@ func (c *Context) HasSystemAdminPermissions(where string) bool { return false } -func (c *Context) IsTeamAdmin(userId string) bool { - if uresult := <-Srv.Store.User().Get(userId); uresult.Err != nil { - c.Err = uresult.Err - return false - } else { - user := uresult.Data.(*model.User) - return model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && user.TeamId == c.Session.TeamId +func (c *Context) IsSystemAdmin() bool { + // TODO XXX FIXME && IsPrivateIpAddress(c.IpAddress) + if model.IsInRole(c.Session.Roles, model.ROLE_SYSTEM_ADMIN) { + return true + } + return false +} + +func (c *Context) IsTeamAdmin() bool { + if model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) || c.IsSystemAdmin() { + return true } + return false } func (c *Context) RemoveSessionCookie(w http.ResponseWriter) { diff --git a/api/file.go b/api/file.go index be8fc5456..5dc1db650 100644 --- a/api/file.go +++ b/api/file.go @@ -488,7 +488,7 @@ func getPublicLink(c *Context, w http.ResponseWriter, r *http.Request) { } func getExport(c *Context, w http.ResponseWriter, r *http.Request) { - if !c.HasPermissionsToTeam(c.Session.TeamId, "export") || !c.IsTeamAdmin(c.Session.UserId) { + if !c.HasPermissionsToTeam(c.Session.TeamId, "export") || !c.IsTeamAdmin() { c.Err = model.NewAppError("getExport", "Only a team admin can retrieve exported data.", "userId="+c.Session.UserId) c.Err.StatusCode = http.StatusForbidden return diff --git a/api/post.go b/api/post.go index 0379f6af5..2b683fb7d 100644 --- a/api/post.go +++ b/api/post.go @@ -633,7 +633,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) { post := result.Data.(*model.PostList).Posts[postId] - if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin(post.UserId) { + if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin() { return } @@ -648,7 +648,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) { return } - if post.UserId != c.Session.UserId && !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { + if post.UserId != c.Session.UserId && !c.IsTeamAdmin() { c.Err = model.NewAppError("deletePost", "You do not have the appropriate permissions", "") c.Err.StatusCode = http.StatusForbidden return diff --git a/api/team.go b/api/team.go index fba4b41c6..8e5d634aa 100644 --- a/api/team.go +++ b/api/team.go @@ -509,7 +509,7 @@ func InviteMembers(c *Context, team *model.Team, user *model.User, invites []str sender := user.GetDisplayName() senderRole := "" - if model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) || model.IsInRole(user.Roles, model.ROLE_SYSTEM_ADMIN) { + if c.IsTeamAdmin() { senderRole = "administrator" } else { senderRole = "member" @@ -569,7 +569,7 @@ func updateTeamDisplayName(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { + if !c.IsTeamAdmin() { c.Err = model.NewAppError("updateTeamDisplayName", "You do not have the appropriate permissions", "userId="+c.Session.UserId) c.Err.StatusCode = http.StatusForbidden return @@ -603,7 +603,7 @@ func getMyTeam(c *Context, w http.ResponseWriter, r *http.Request) { } func importTeam(c *Context, w http.ResponseWriter, r *http.Request) { - if !c.HasPermissionsToTeam(c.Session.TeamId, "import") || !c.IsTeamAdmin(c.Session.UserId) { + if !c.HasPermissionsToTeam(c.Session.TeamId, "import") || !c.IsTeamAdmin() { c.Err = model.NewAppError("importTeam", "Only a team admin can import data.", "userId="+c.Session.UserId) c.Err.StatusCode = http.StatusForbidden return @@ -670,7 +670,7 @@ func importTeam(c *Context, w http.ResponseWriter, r *http.Request) { } func exportTeam(c *Context, w http.ResponseWriter, r *http.Request) { - if !c.HasPermissionsToTeam(c.Session.TeamId, "export") || !c.IsTeamAdmin(c.Session.UserId) { + if !c.HasPermissionsToTeam(c.Session.TeamId, "export") || !c.IsTeamAdmin() { c.Err = model.NewAppError("exportTeam", "Only a team admin can export data.", "userId="+c.Session.UserId) c.Err.StatusCode = http.StatusForbidden return diff --git a/api/user.go b/api/user.go index b5f8e997d..ed3576a30 100644 --- a/api/user.go +++ b/api/user.go @@ -973,7 +973,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() { + if !c.IsTeamAdmin() { c.Err = model.NewAppError("updateRoles", "You do not have the appropriate permissions", "userId="+user_id) c.Err.StatusCode = http.StatusForbidden return @@ -998,7 +998,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { } else { sessions := result.Data.([]*model.Session) for _, s := range sessions { - sessionCache.Remove(s.Id) + sessionCache.Remove(s.Token) } } @@ -1070,7 +1070,7 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() { + if !c.IsTeamAdmin() { c.Err = model.NewAppError("updateActive", "You do not have the appropriate permissions", "userId="+user_id) c.Err.StatusCode = http.StatusForbidden return diff --git a/api/webhook.go b/api/webhook.go index b67655ff5..e694b202c 100644 --- a/api/webhook.go +++ b/api/webhook.go @@ -86,7 +86,7 @@ func deleteIncomingHook(c *Context, w http.ResponseWriter, r *http.Request) { c.Err = result.Err return } else { - if c.Session.UserId != result.Data.(*model.IncomingWebhook).UserId && !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { + if c.Session.UserId != result.Data.(*model.IncomingWebhook).UserId && !c.IsTeamAdmin() { c.LogAudit("fail - inappropriate conditions") c.Err = model.NewAppError("deleteIncomingHook", "Inappropriate permissions to delete incoming webhook", "user_id="+c.Session.UserId) return diff --git a/build/MIT-COMPILED-LICENSE.md b/build/MIT-COMPILED-LICENSE.md new file mode 100644 index 000000000..8a1a7dc27 --- /dev/null +++ b/build/MIT-COMPILED-LICENSE.md @@ -0,0 +1,14 @@ +Mattermost Compiled License +(MIT with Trademark Protection) + +**Note: this license does not cover source code, for information on source code licensing see LICENSE.txt in the Mattermost source code. + +Copyright (c) 2015 Mattermost, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software; + +The receiver of the Software will not remove or alter any product identification, trademark, copyright or other notices embedded within or appearing within or on the Software; + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/docker/1.0/Dockerfile b/docker/1.0/Dockerfile index 3d7c36f31..8eeef8fb7 100644 --- a/docker/1.0/Dockerfile +++ b/docker/1.0/Dockerfile @@ -34,7 +34,7 @@ VOLUME /var/lib/mysql WORKDIR /mattermost # Copy over files -ADD https://github.com/mattermost/platform/releases/download/v1.0.0-rc1/mattermost.tar.gz / +ADD https://github.com/mattermost/platform/releases/download/v1.0.0-rc2/mattermost.tar.gz / RUN tar -zxvf /mattermost.tar.gz --strip-components=1 && rm /mattermost.tar.gz ADD config_docker.json / ADD docker-entry.sh / diff --git a/docker/1.0/config_docker.json b/docker/1.0/config_docker.json index 06fee9bd5..806071376 100644 --- a/docker/1.0/config_docker.json +++ b/docker/1.0/config_docker.json @@ -22,7 +22,7 @@ "MaxIdleConns": 10, "MaxOpenConns": 10, "Trace": false, - "AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QV" + "AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QVg" }, "LogSettings": { "EnableConsole": false, @@ -36,7 +36,7 @@ "DriverName": "local", "Directory": "/mattermost/data/", "EnablePublicLink": true, - "PublicLinkSalt": "LhaAWC6lYEKHTkBKsvyXNIOfUIT37AX", + "PublicLinkSalt": "A705AklYF8MFDOfcwh3I488G8vtLlVip", "ThumbnailWidth": 120, "ThumbnailHeight": 100, "PreviewWidth": 1024, @@ -60,8 +60,8 @@ "SMTPServer": "", "SMTPPort": "", "ConnectionSecurity": "", - "InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9Yo", - "PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5e", + "InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9YoS", + "PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5eL", "ApplePushServer": "", "ApplePushCertPublic": "", "ApplePushCertPrivate": "" diff --git a/docker/dev/config_docker.json b/docker/dev/config_docker.json index 0001eeb0a..733267f74 100644 --- a/docker/dev/config_docker.json +++ b/docker/dev/config_docker.json @@ -22,7 +22,7 @@ "MaxIdleConns": 10, "MaxOpenConns": 10, "Trace": false, - "AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QV" + "AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QVg" }, "LogSettings": { "EnableConsole": false, @@ -36,7 +36,7 @@ "DriverName": "local", "Directory": "/mattermost/data/", "EnablePublicLink": true, - "PublicLinkSalt": "LhaAWC6lYEKHTkBKsvyXNIOfUIT37AX", + "PublicLinkSalt": "A705AklYF8MFDOfcwh3I488G8vtLlVip", "ThumbnailWidth": 120, "ThumbnailHeight": 100, "PreviewWidth": 1024, @@ -60,8 +60,8 @@ "SMTPServer": "", "SMTPPort": "", "ConnectionSecurity": "", - "InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9Yo", - "PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5e", + "InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9YoS", + "PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5eL", "ApplePushServer": "", "ApplePushCertPublic": "", "ApplePushCertPrivate": "" diff --git a/docker/local/config_docker.json b/docker/local/config_docker.json index 0001eeb0a..733267f74 100644 --- a/docker/local/config_docker.json +++ b/docker/local/config_docker.json @@ -22,7 +22,7 @@ "MaxIdleConns": 10, "MaxOpenConns": 10, "Trace": false, - "AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QV" + "AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QVg" }, "LogSettings": { "EnableConsole": false, @@ -36,7 +36,7 @@ "DriverName": "local", "Directory": "/mattermost/data/", "EnablePublicLink": true, - "PublicLinkSalt": "LhaAWC6lYEKHTkBKsvyXNIOfUIT37AX", + "PublicLinkSalt": "A705AklYF8MFDOfcwh3I488G8vtLlVip", "ThumbnailWidth": 120, "ThumbnailHeight": 100, "PreviewWidth": 1024, @@ -60,8 +60,8 @@ "SMTPServer": "", "SMTPPort": "", "ConnectionSecurity": "", - "InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9Yo", - "PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5e", + "InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9YoS", + "PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5eL", "ApplePushServer": "", "ApplePushCertPublic": "", "ApplePushCertPrivate": "" diff --git a/model/user.go b/model/user.go index 5cb774478..d8000a7e2 100644 --- a/model/user.go +++ b/model/user.go @@ -304,10 +304,14 @@ func isValidRole(role string) bool { return false } +// Make sure you acually want to use this function. In context.go there are functions to check permssions +// This function should not be used to check permissions. func (u *User) IsInRole(inRole string) bool { return IsInRole(u.Roles, inRole) } +// Make sure you acually want to use this function. In context.go there are functions to check permssions +// This function should not be used to check permissions. func IsInRole(userRoles string, inRole string) bool { roles := strings.Split(userRoles, " ") diff --git a/web/react/components/setting_upload.jsx b/web/react/components/setting_upload.jsx index fad27b355..ccb26cc58 100644 --- a/web/react/components/setting_upload.jsx +++ b/web/react/components/setting_upload.jsx @@ -7,11 +7,11 @@ export default class SettingsUpload extends React.Component { this.doFileSelect = this.doFileSelect.bind(this); this.doSubmit = this.doSubmit.bind(this); - this.onFileSelect = this.onFileSelect.bind(this); this.state = { clientError: this.props.clientError, - serverError: this.props.serverError + serverError: this.props.serverError, + filename: '' }; } @@ -24,9 +24,14 @@ export default class SettingsUpload extends React.Component { doFileSelect(e) { e.preventDefault(); + var filename = $(e.target).val(); + if (filename.substring(3, 11) === 'fakepath') { + filename = filename.substring(12); + } this.setState({ clientError: '', - serverError: '' + serverError: '', + filename }); } @@ -40,28 +45,28 @@ export default class SettingsUpload extends React.Component { } } - onFileSelect(e) { - var filename = $(e.target).val(); - if (filename.substring(3, 11) === 'fakepath') { - filename = filename.substring(12); - } - $(e.target).closest('li').find('.file-status').addClass('hide'); - $(e.target).closest('li').find('.file-name').removeClass('hide').html(filename); - } - render() { - var clientError = null; + let clientError = null; if (this.state.clientError) { clientError = ( <div className='file-status'>{this.state.clientError}</div> ); } - var serverError = null; + let serverError = null; if (this.state.serverError) { serverError = ( <div className='file-status'>{this.state.serverError}</div> ); } + let fileNameText = null; + let submitButtonClass = 'btn btn-sm btn-primary disabled'; + if (this.state.filename) { + fileNameText = ( + <div className='file-status file-name'>{this.state.filename}</div> + ); + submitButtonClass = 'btn btn-sm btn-primary'; + } + return ( <ul className='section-max'> <li className='col-sm-12 section-title'>{this.props.title}</li> @@ -70,21 +75,21 @@ export default class SettingsUpload extends React.Component { <ul className='setting-list'> <li className='setting-list-item'> <span className='btn btn-sm btn-primary btn-file sel-btn'> - Select file + {'Select file'} <input ref='uploadinput' accept={this.props.fileTypesAccepted} type='file' - onChange={this.onFileSelect} + onChange={this.doFileSelect} /> </span> <a - className={'btn btn-sm btn-primary'} + className={submitButtonClass} onClick={this.doSubmit} > - Import + {'Import'} </a> - <div className='file-status file-name hide'></div> + {fileNameText} {serverError} {clientError} </li> @@ -102,4 +107,4 @@ SettingsUpload.propTypes = { clientError: React.PropTypes.string, serverError: React.PropTypes.string, helpText: React.PropTypes.object -}; +};
\ No newline at end of file diff --git a/web/react/components/sidebar_right.jsx b/web/react/components/sidebar_right.jsx index e63418ae8..708cd04cb 100644 --- a/web/react/components/sidebar_right.jsx +++ b/web/react/components/sidebar_right.jsx @@ -33,7 +33,7 @@ export default class SidebarRight extends React.Component { if (!this.plScrolledToBottom) { $('.top-visible-post')[0].scrollIntoView(); } else { - var postHolder = $('.post-list-holder-by-time'); + var postHolder = $('.post-list-holder-by-time').not('.inactive'); postHolder.scrollTop(postHolder[0].scrollHeight); } } @@ -51,7 +51,7 @@ export default class SidebarRight extends React.Component { } } render() { - var postHolder = $('.post-list-holder-by-time'); + var postHolder = $('.post-list-holder-by-time').not('.inactive'); const position = postHolder.scrollTop() + postHolder.height() + 14; const bottom = postHolder[0].scrollHeight; this.plScrolledToBottom = position >= bottom; diff --git a/web/react/components/team_signup_url_page.jsx b/web/react/components/team_signup_url_page.jsx index 1b722d611..a3f89a217 100644 --- a/web/react/components/team_signup_url_page.jsx +++ b/web/react/components/team_signup_url_page.jsx @@ -35,8 +35,8 @@ export default class TeamSignupUrlPage extends React.Component { if (cleanedName !== name || !urlRegex.test(name)) { this.setState({nameError: "Use only lower case letters, numbers and dashes. Must start with a letter and can't end in a dash."}); return; - } else if (cleanedName.length <= 3 || cleanedName.length > 15) { - this.setState({nameError: 'Name must be 4 or more characters up to a maximum of 15'}); + } else if (cleanedName.length <= 2 || cleanedName.length > 15) { + this.setState({nameError: 'Name must be 3 or more characters up to a maximum of 15'}); return; } diff --git a/web/react/components/team_signup_with_sso.jsx b/web/react/components/team_signup_with_sso.jsx index a4972dd8d..14f281f7a 100644 --- a/web/react/components/team_signup_with_sso.jsx +++ b/web/react/components/team_signup_with_sso.jsx @@ -23,12 +23,14 @@ export default class SSOSignUpPage extends React.Component { team.display_name = this.state.name; - if (team.display_name.length <= 3) { + if (!team.display_name) { + state.nameError = 'Please enter a team name'; + this.setState(state); return; } - if (!team.display_name) { - state.nameError = 'Please enter a team name'; + if (team.display_name.length <= 2) { + state.nameError = 'Name must be 3 or more characters up to a maximum of 15'; this.setState(state); return; } @@ -68,7 +70,7 @@ export default class SSOSignUpPage extends React.Component { } var disabled = false; - if (this.state.name.length <= 3) { + if (this.state.name.length <= 2) { disabled = true; } diff --git a/web/react/utils/utils.jsx b/web/react/utils/utils.jsx index 91e47730e..8b20e2adf 100644 --- a/web/react/utils/utils.jsx +++ b/web/react/utils/utils.jsx @@ -483,7 +483,7 @@ export function applyTheme(theme) { changeCss('.post-image__column', 'border-color:' + changeOpacity(theme.centerChannelColor, 0.2), 2); changeCss('.post-image__column .post-image__details', 'color:' + theme.centerChannelColor, 2); changeCss('.post-image__column a, .post-image__column a:hover, .post-image__column a:focus', 'color:' + theme.centerChannelColor, 1); - changeCss('.search-bar__container .search__form .search-bar', 'background:' + changeOpacity(theme.centerChannelColor, 0.2), 1); + changeCss('@media(max-width: 768px){.search-bar__container .search__form .search-bar', 'background:' + changeOpacity(theme.centerChannelColor, 0.2), 1); changeCss('.search-bar__container .search__form', 'border-color:' + changeOpacity(theme.centerChannelColor, 0.2), 1); changeCss('.channel-intro .channel-intro__content', 'background:' + changeOpacity(theme.centerChannelColor, 0.05), 1); changeCss('.date-separator .separator__text', 'color:' + theme.centerChannelColor, 2); |