diff options
-rw-r--r-- | api/file_test.go | 54 | ||||
-rw-r--r-- | api/team.go | 3 | ||||
-rw-r--r-- | api/user.go | 22 | ||||
-rw-r--r-- | api/user_test.go | 26 | ||||
-rw-r--r-- | config/config.json | 18 | ||||
-rw-r--r-- | model/config.go | 14 | ||||
-rw-r--r-- | utils/config.go | 24 |
7 files changed, 75 insertions, 86 deletions
diff --git a/api/file_test.go b/api/file_test.go index a62bdc83e..a0a2f3255 100644 --- a/api/file_test.go +++ b/api/file_test.go @@ -68,7 +68,7 @@ func TestUploadFile(t *testing.T) { } resp, appErr := Client.UploadFile("/files/upload", body.Bytes(), writer.FormDataContentType()) - if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage { + if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 { if appErr != nil { t.Fatal(appErr) } @@ -81,11 +81,11 @@ func TestUploadFile(t *testing.T) { fileId := strings.Split(filename, ".")[0] var auth aws.Auth - auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId - auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey + auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId + auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey - s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region]) - bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket) + s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region]) + bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket) // wait a bit for files to ready time.Sleep(5 * time.Second) @@ -104,7 +104,7 @@ func TestUploadFile(t *testing.T) { if err != nil { t.Fatal(err) } - } else if utils.Cfg.ServiceSettings.UseLocalStorage && len(utils.Cfg.ServiceSettings.StorageDirectory) > 0 { + } else if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_LOCAL { filenames := strings.Split(resp.Data.(*model.FileUploadResponse).Filenames[0], "/") filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1] if strings.Contains(filename, "../") { @@ -115,17 +115,17 @@ func TestUploadFile(t *testing.T) { // wait a bit for files to ready time.Sleep(5 * time.Second) - path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename + path := utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } - path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg" + path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg" if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } - path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg" + path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg" if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } @@ -151,7 +151,7 @@ func TestGetFile(t *testing.T) { channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) - if utils.IsS3Configured() || utils.Cfg.ServiceSettings.UseLocalStorage { + if utils.Cfg.ImageSettings.DriverName != "" { body := &bytes.Buffer{} writer := multipart.NewWriter(body) @@ -262,13 +262,13 @@ func TestGetFile(t *testing.T) { t.Fatal("Should have errored - user not logged in and link not public") } - if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage { + if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 { var auth aws.Auth - auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId - auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey + auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId + auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey - s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region]) - bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket) + s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region]) + bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket) filenames := strings.Split(resp.Data.(*model.FileUploadResponse).Filenames[0], "/") filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1] @@ -293,17 +293,17 @@ func TestGetFile(t *testing.T) { filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1] fileId := strings.Split(filename, ".")[0] - path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename + path := utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } - path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg" + path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg" if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } - path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg" + path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg" if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } @@ -334,7 +334,7 @@ func TestGetPublicLink(t *testing.T) { channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) - if utils.IsS3Configured() || utils.Cfg.ServiceSettings.UseLocalStorage { + if utils.Cfg.ImageSettings.DriverName != "" { body := &bytes.Buffer{} writer := multipart.NewWriter(body) @@ -410,14 +410,14 @@ func TestGetPublicLink(t *testing.T) { t.Fatal("should have errored, user not member of channel") } - if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage { + if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 { // perform clean-up on s3 var auth aws.Auth - auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId - auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey + auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId + auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey - s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region]) - bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket) + s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region]) + bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket) filenames := strings.Split(resp.Data.(*model.FileUploadResponse).Filenames[0], "/") filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1] @@ -442,17 +442,17 @@ func TestGetPublicLink(t *testing.T) { filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1] fileId := strings.Split(filename, ".")[0] - path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename + path := utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } - path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg" + path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg" if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } - path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg" + path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg" if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } diff --git a/api/team.go b/api/team.go index f0025fdbd..4531c83b9 100644 --- a/api/team.go +++ b/api/team.go @@ -85,7 +85,8 @@ func createTeamFromSSO(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) service := params["service"] - if !utils.IsServiceAllowed(service) { + sso := utils.Cfg.GetSSOService(service) + if sso != nil && !sso.Allow { c.SetInvalidParam("createTeamFromSSO", "service") return } diff --git a/api/user.go b/api/user.go index 32dfa7dfb..7f4eb6c2d 100644 --- a/api/user.go +++ b/api/user.go @@ -1362,15 +1362,16 @@ func getStatuses(c *Context, w http.ResponseWriter, r *http.Request) { func GetAuthorizationCode(c *Context, w http.ResponseWriter, r *http.Request, teamName, service, redirectUri, loginHint string) { - if s, ok := utils.Cfg.SSOSettings[service]; !ok || !s.Allow { + sso := utils.Cfg.GetSSOService(service) + if sso != nil && !sso.Allow { c.Err = model.NewAppError("GetAuthorizationCode", "Unsupported OAuth service provider", "service="+service) c.Err.StatusCode = http.StatusBadRequest return } - clientId := utils.Cfg.SSOSettings[service].Id - endpoint := utils.Cfg.SSOSettings[service].AuthEndpoint - scope := utils.Cfg.SSOSettings[service].Scope + clientId := sso.Id + endpoint := sso.AuthEndpoint + scope := sso.Scope stateProps := map[string]string{"team": teamName, "hash": model.HashPassword(clientId)} state := b64.StdEncoding.EncodeToString([]byte(model.MapToJson(stateProps))) @@ -1389,7 +1390,8 @@ func GetAuthorizationCode(c *Context, w http.ResponseWriter, r *http.Request, te } func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser, *model.Team, *model.AppError) { - if s, ok := utils.Cfg.SSOSettings[service]; !ok || !s.Allow { + sso := utils.Cfg.GetSSOService(service) + if sso != nil && !sso.Allow { return nil, nil, model.NewAppError("AuthorizeOAuthUser", "Unsupported OAuth service provider", "service="+service) } @@ -1402,7 +1404,7 @@ func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser stateProps := model.MapFromJson(strings.NewReader(stateStr)) - if !model.ComparePassword(stateProps["hash"], utils.Cfg.SSOSettings[service].Id) { + if !model.ComparePassword(stateProps["hash"], sso.Id) { return nil, nil, model.NewAppError("AuthorizeOAuthUser", "Invalid state", "") } @@ -1414,14 +1416,14 @@ func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser tchan := Srv.Store.Team().GetByName(teamName) p := url.Values{} - p.Set("client_id", utils.Cfg.SSOSettings[service].Id) - p.Set("client_secret", utils.Cfg.SSOSettings[service].Secret) + p.Set("client_id", sso.Id) + p.Set("client_secret", sso.Secret) p.Set("code", code) p.Set("grant_type", model.ACCESS_TOKEN_GRANT_TYPE) p.Set("redirect_uri", redirectUri) client := &http.Client{} - req, _ := http.NewRequest("POST", utils.Cfg.SSOSettings[service].TokenEndpoint, strings.NewReader(p.Encode())) + req, _ := http.NewRequest("POST", sso.TokenEndpoint, strings.NewReader(p.Encode())) req.Header.Set("Content-Type", "application/x-www-form-urlencoded") req.Header.Set("Accept", "application/json") @@ -1443,7 +1445,7 @@ func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser p = url.Values{} p.Set("access_token", ar.AccessToken) - req, _ = http.NewRequest("GET", utils.Cfg.SSOSettings[service].UserApiEndpoint, strings.NewReader("")) + req, _ = http.NewRequest("GET", sso.UserApiEndpoint, strings.NewReader("")) req.Header.Set("Content-Type", "application/x-www-form-urlencoded") req.Header.Set("Accept", "application/json") diff --git a/api/user_test.go b/api/user_test.go index a9529e937..8342f37f6 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -352,19 +352,19 @@ func TestUserCreateImage(t *testing.T) { Client.DoApiGet("/users/"+user.Id+"/image", "", "") - if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage { + if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 { var auth aws.Auth - auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId - auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey + auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId + auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey - s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region]) - bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket) + s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region]) + bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket) if err := bucket.Del("teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"); err != nil { t.Fatal(err) } } else { - path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + user.TeamId + "/users/" + user.Id + "/profile.png" + path := utils.Cfg.ImageSettings.Directory + "teams/" + user.TeamId + "/users/" + user.Id + "/profile.png" if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } @@ -382,7 +382,7 @@ func TestUserUploadProfileImage(t *testing.T) { user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) store.Must(Srv.Store.User().VerifyEmail(user.Id)) - if utils.IsS3Configured() || utils.Cfg.ServiceSettings.UseLocalStorage { + if utils.Cfg.ImageSettings.DriverName != "" { body := &bytes.Buffer{} writer := multipart.NewWriter(body) @@ -450,19 +450,19 @@ func TestUserUploadProfileImage(t *testing.T) { Client.DoApiGet("/users/"+user.Id+"/image", "", "") - if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage { + if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 { var auth aws.Auth - auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId - auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey + auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId + auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey - s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region]) - bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket) + s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region]) + bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket) if err := bucket.Del("teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"); err != nil { t.Fatal(err) } } else { - path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + user.TeamId + "/users/" + user.Id + "/profile.png" + path := utils.Cfg.ImageSettings.Directory + "teams/" + user.TeamId + "/users/" + user.Id + "/profile.png" if err := os.Remove(path); err != nil { t.Fatal("Couldn't remove file at " + path) } diff --git a/config/config.json b/config/config.json index e1907152b..108271bca 100644 --- a/config/config.json +++ b/config/config.json @@ -84,15 +84,13 @@ "ShowEmailAddress": true, "ShowFullName": true }, - "SSOSettings": { - "gitlab": { - "Allow": false, - "Secret": "", - "Id": "", - "Scope": "", - "AuthEndpoint": "", - "TokenEndpoint": "", - "UserApiEndpoint": "" - } + "GitLabSSOSettings": { + "Allow": false, + "Secret": "", + "Id": "", + "Scope": "", + "AuthEndpoint": "", + "TokenEndpoint": "", + "UserApiEndpoint": "" } }
\ No newline at end of file diff --git a/model/config.go b/model/config.go index d4eb1e714..31af619a5 100644 --- a/model/config.go +++ b/model/config.go @@ -15,6 +15,8 @@ const ( IMAGE_DRIVER_LOCAL = "local" IMAGE_DRIVER_S3 = "amazons3" + + SERVICE_GITLAB = "gitlab" ) type ServiceSettings struct { @@ -34,7 +36,7 @@ type ServiceSettings struct { GoogleDeveloperKey string } -type SSOSetting struct { +type SSOSettings struct { Allow bool Secret string Id string @@ -129,7 +131,7 @@ type Config struct { EmailSettings EmailSettings RateLimitSettings RateLimitSettings PrivacySettings PrivacySettings - SSOSettings map[string]SSOSetting + GitLabSSOSettings SSOSettings } func (o *Config) ToJson() string { @@ -141,6 +143,14 @@ func (o *Config) ToJson() string { } } +func (o *Config) GetSSOService(service string) *SSOSettings { + if service == SERVICE_GITLAB { + return &o.GitLabSSOSettings + } + + return nil +} + func ConfigFromJson(data io.Reader) *Config { decoder := json.NewDecoder(data) var o Config diff --git a/utils/config.go b/utils/config.go index 5b7cc7c64..66a20c39b 100644 --- a/utils/config.go +++ b/utils/config.go @@ -183,7 +183,7 @@ func getClientProperties(c *model.Config) map[string]string { props["AllowSignUpWithEmail"] = strconv.FormatBool(c.EmailSettings.AllowSignUpWithEmail) props["FeedbackEmail"] = c.EmailSettings.FeedbackEmail - props["AllowSignUpWithGitLab"] = strconv.FormatBool(false) + props["AllowSignUpWithGitLab"] = strconv.FormatBool(c.GitLabSSOSettings.Allow) props["ShowEmailAddress"] = strconv.FormatBool(c.PrivacySettings.ShowEmailAddress) props["AllowPublicLink"] = strconv.FormatBool(c.TeamSettings.AllowPublicLink) @@ -194,25 +194,3 @@ func getClientProperties(c *model.Config) map[string]string { return props } - -// func IsS3Configured() bool { -// if Cfg.AWSSettings.AmazonS3AccessKeyId == "" || Cfg.AWSSettingsAmazonS3SecretAccessKey == "" || Cfg.AWSSettingsAmazonS3Region == "" || Cfg.AWSSettingsAmazonS3Bucket == "" { -// return false -// } - -// return true -// } - -func IsServiceAllowed(s string) bool { - if len(s) == 0 { - return false - } - - if service, ok := Cfg.SSOSettings[s]; ok { - if service.Allow { - return true - } - } - - return false -} |