summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--api/file_test.go54
-rw-r--r--api/team.go3
-rw-r--r--api/user.go22
-rw-r--r--api/user_test.go26
-rw-r--r--config/config.json18
-rw-r--r--model/config.go14
-rw-r--r--utils/config.go24
7 files changed, 75 insertions, 86 deletions
diff --git a/api/file_test.go b/api/file_test.go
index a62bdc83e..a0a2f3255 100644
--- a/api/file_test.go
+++ b/api/file_test.go
@@ -68,7 +68,7 @@ func TestUploadFile(t *testing.T) {
}
resp, appErr := Client.UploadFile("/files/upload", body.Bytes(), writer.FormDataContentType())
- if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage {
+ if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 {
if appErr != nil {
t.Fatal(appErr)
}
@@ -81,11 +81,11 @@ func TestUploadFile(t *testing.T) {
fileId := strings.Split(filename, ".")[0]
var auth aws.Auth
- auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId
- auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey
+ auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId
+ auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey
- s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region])
- bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket)
+ s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region])
+ bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket)
// wait a bit for files to ready
time.Sleep(5 * time.Second)
@@ -104,7 +104,7 @@ func TestUploadFile(t *testing.T) {
if err != nil {
t.Fatal(err)
}
- } else if utils.Cfg.ServiceSettings.UseLocalStorage && len(utils.Cfg.ServiceSettings.StorageDirectory) > 0 {
+ } else if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_LOCAL {
filenames := strings.Split(resp.Data.(*model.FileUploadResponse).Filenames[0], "/")
filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1]
if strings.Contains(filename, "../") {
@@ -115,17 +115,17 @@ func TestUploadFile(t *testing.T) {
// wait a bit for files to ready
time.Sleep(5 * time.Second)
- path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename
+ path := utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
- path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg"
+ path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg"
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
- path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg"
+ path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg"
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
@@ -151,7 +151,7 @@ func TestGetFile(t *testing.T) {
channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
- if utils.IsS3Configured() || utils.Cfg.ServiceSettings.UseLocalStorage {
+ if utils.Cfg.ImageSettings.DriverName != "" {
body := &bytes.Buffer{}
writer := multipart.NewWriter(body)
@@ -262,13 +262,13 @@ func TestGetFile(t *testing.T) {
t.Fatal("Should have errored - user not logged in and link not public")
}
- if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage {
+ if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 {
var auth aws.Auth
- auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId
- auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey
+ auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId
+ auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey
- s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region])
- bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket)
+ s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region])
+ bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket)
filenames := strings.Split(resp.Data.(*model.FileUploadResponse).Filenames[0], "/")
filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1]
@@ -293,17 +293,17 @@ func TestGetFile(t *testing.T) {
filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1]
fileId := strings.Split(filename, ".")[0]
- path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename
+ path := utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
- path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg"
+ path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg"
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
- path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg"
+ path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg"
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
@@ -334,7 +334,7 @@ func TestGetPublicLink(t *testing.T) {
channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
- if utils.IsS3Configured() || utils.Cfg.ServiceSettings.UseLocalStorage {
+ if utils.Cfg.ImageSettings.DriverName != "" {
body := &bytes.Buffer{}
writer := multipart.NewWriter(body)
@@ -410,14 +410,14 @@ func TestGetPublicLink(t *testing.T) {
t.Fatal("should have errored, user not member of channel")
}
- if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage {
+ if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 {
// perform clean-up on s3
var auth aws.Auth
- auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId
- auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey
+ auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId
+ auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey
- s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region])
- bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket)
+ s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region])
+ bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket)
filenames := strings.Split(resp.Data.(*model.FileUploadResponse).Filenames[0], "/")
filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1]
@@ -442,17 +442,17 @@ func TestGetPublicLink(t *testing.T) {
filename := filenames[len(filenames)-2] + "/" + filenames[len(filenames)-1]
fileId := strings.Split(filename, ".")[0]
- path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename
+ path := utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + filename
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
- path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg"
+ path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_thumb.jpg"
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
- path = utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg"
+ path = utils.Cfg.ImageSettings.Directory + "teams/" + team.Id + "/channels/" + channel1.Id + "/users/" + user1.Id + "/" + fileId + "_preview.jpg"
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
diff --git a/api/team.go b/api/team.go
index f0025fdbd..4531c83b9 100644
--- a/api/team.go
+++ b/api/team.go
@@ -85,7 +85,8 @@ func createTeamFromSSO(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
service := params["service"]
- if !utils.IsServiceAllowed(service) {
+ sso := utils.Cfg.GetSSOService(service)
+ if sso != nil && !sso.Allow {
c.SetInvalidParam("createTeamFromSSO", "service")
return
}
diff --git a/api/user.go b/api/user.go
index 32dfa7dfb..7f4eb6c2d 100644
--- a/api/user.go
+++ b/api/user.go
@@ -1362,15 +1362,16 @@ func getStatuses(c *Context, w http.ResponseWriter, r *http.Request) {
func GetAuthorizationCode(c *Context, w http.ResponseWriter, r *http.Request, teamName, service, redirectUri, loginHint string) {
- if s, ok := utils.Cfg.SSOSettings[service]; !ok || !s.Allow {
+ sso := utils.Cfg.GetSSOService(service)
+ if sso != nil && !sso.Allow {
c.Err = model.NewAppError("GetAuthorizationCode", "Unsupported OAuth service provider", "service="+service)
c.Err.StatusCode = http.StatusBadRequest
return
}
- clientId := utils.Cfg.SSOSettings[service].Id
- endpoint := utils.Cfg.SSOSettings[service].AuthEndpoint
- scope := utils.Cfg.SSOSettings[service].Scope
+ clientId := sso.Id
+ endpoint := sso.AuthEndpoint
+ scope := sso.Scope
stateProps := map[string]string{"team": teamName, "hash": model.HashPassword(clientId)}
state := b64.StdEncoding.EncodeToString([]byte(model.MapToJson(stateProps)))
@@ -1389,7 +1390,8 @@ func GetAuthorizationCode(c *Context, w http.ResponseWriter, r *http.Request, te
}
func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser, *model.Team, *model.AppError) {
- if s, ok := utils.Cfg.SSOSettings[service]; !ok || !s.Allow {
+ sso := utils.Cfg.GetSSOService(service)
+ if sso != nil && !sso.Allow {
return nil, nil, model.NewAppError("AuthorizeOAuthUser", "Unsupported OAuth service provider", "service="+service)
}
@@ -1402,7 +1404,7 @@ func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser
stateProps := model.MapFromJson(strings.NewReader(stateStr))
- if !model.ComparePassword(stateProps["hash"], utils.Cfg.SSOSettings[service].Id) {
+ if !model.ComparePassword(stateProps["hash"], sso.Id) {
return nil, nil, model.NewAppError("AuthorizeOAuthUser", "Invalid state", "")
}
@@ -1414,14 +1416,14 @@ func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser
tchan := Srv.Store.Team().GetByName(teamName)
p := url.Values{}
- p.Set("client_id", utils.Cfg.SSOSettings[service].Id)
- p.Set("client_secret", utils.Cfg.SSOSettings[service].Secret)
+ p.Set("client_id", sso.Id)
+ p.Set("client_secret", sso.Secret)
p.Set("code", code)
p.Set("grant_type", model.ACCESS_TOKEN_GRANT_TYPE)
p.Set("redirect_uri", redirectUri)
client := &http.Client{}
- req, _ := http.NewRequest("POST", utils.Cfg.SSOSettings[service].TokenEndpoint, strings.NewReader(p.Encode()))
+ req, _ := http.NewRequest("POST", sso.TokenEndpoint, strings.NewReader(p.Encode()))
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Accept", "application/json")
@@ -1443,7 +1445,7 @@ func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser
p = url.Values{}
p.Set("access_token", ar.AccessToken)
- req, _ = http.NewRequest("GET", utils.Cfg.SSOSettings[service].UserApiEndpoint, strings.NewReader(""))
+ req, _ = http.NewRequest("GET", sso.UserApiEndpoint, strings.NewReader(""))
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Accept", "application/json")
diff --git a/api/user_test.go b/api/user_test.go
index a9529e937..8342f37f6 100644
--- a/api/user_test.go
+++ b/api/user_test.go
@@ -352,19 +352,19 @@ func TestUserCreateImage(t *testing.T) {
Client.DoApiGet("/users/"+user.Id+"/image", "", "")
- if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage {
+ if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 {
var auth aws.Auth
- auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId
- auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey
+ auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId
+ auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey
- s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region])
- bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket)
+ s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region])
+ bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket)
if err := bucket.Del("teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"); err != nil {
t.Fatal(err)
}
} else {
- path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"
+ path := utils.Cfg.ImageSettings.Directory + "teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
@@ -382,7 +382,7 @@ func TestUserUploadProfileImage(t *testing.T) {
user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
store.Must(Srv.Store.User().VerifyEmail(user.Id))
- if utils.IsS3Configured() || utils.Cfg.ServiceSettings.UseLocalStorage {
+ if utils.Cfg.ImageSettings.DriverName != "" {
body := &bytes.Buffer{}
writer := multipart.NewWriter(body)
@@ -450,19 +450,19 @@ func TestUserUploadProfileImage(t *testing.T) {
Client.DoApiGet("/users/"+user.Id+"/image", "", "")
- if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage {
+ if utils.Cfg.ImageSettings.DriverName == model.IMAGE_DRIVER_S3 {
var auth aws.Auth
- auth.AccessKey = utils.Cfg.AWSSettings.AmazonS3AccessKeyId
- auth.SecretKey = utils.Cfg.AWSSettingsAmazonS3SecretAccessKey
+ auth.AccessKey = utils.Cfg.ImageSettings.AmazonS3AccessKeyId
+ auth.SecretKey = utils.Cfg.ImageSettings.AmazonS3SecretAccessKey
- s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettingsAmazonS3Region])
- bucket := s.Bucket(utils.Cfg.AWSSettingsAmazonS3Bucket)
+ s := s3.New(auth, aws.Regions[utils.Cfg.ImageSettings.AmazonS3Region])
+ bucket := s.Bucket(utils.Cfg.ImageSettings.AmazonS3Bucket)
if err := bucket.Del("teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"); err != nil {
t.Fatal(err)
}
} else {
- path := utils.Cfg.ServiceSettings.StorageDirectory + "teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"
+ path := utils.Cfg.ImageSettings.Directory + "teams/" + user.TeamId + "/users/" + user.Id + "/profile.png"
if err := os.Remove(path); err != nil {
t.Fatal("Couldn't remove file at " + path)
}
diff --git a/config/config.json b/config/config.json
index e1907152b..108271bca 100644
--- a/config/config.json
+++ b/config/config.json
@@ -84,15 +84,13 @@
"ShowEmailAddress": true,
"ShowFullName": true
},
- "SSOSettings": {
- "gitlab": {
- "Allow": false,
- "Secret": "",
- "Id": "",
- "Scope": "",
- "AuthEndpoint": "",
- "TokenEndpoint": "",
- "UserApiEndpoint": ""
- }
+ "GitLabSSOSettings": {
+ "Allow": false,
+ "Secret": "",
+ "Id": "",
+ "Scope": "",
+ "AuthEndpoint": "",
+ "TokenEndpoint": "",
+ "UserApiEndpoint": ""
}
} \ No newline at end of file
diff --git a/model/config.go b/model/config.go
index d4eb1e714..31af619a5 100644
--- a/model/config.go
+++ b/model/config.go
@@ -15,6 +15,8 @@ const (
IMAGE_DRIVER_LOCAL = "local"
IMAGE_DRIVER_S3 = "amazons3"
+
+ SERVICE_GITLAB = "gitlab"
)
type ServiceSettings struct {
@@ -34,7 +36,7 @@ type ServiceSettings struct {
GoogleDeveloperKey string
}
-type SSOSetting struct {
+type SSOSettings struct {
Allow bool
Secret string
Id string
@@ -129,7 +131,7 @@ type Config struct {
EmailSettings EmailSettings
RateLimitSettings RateLimitSettings
PrivacySettings PrivacySettings
- SSOSettings map[string]SSOSetting
+ GitLabSSOSettings SSOSettings
}
func (o *Config) ToJson() string {
@@ -141,6 +143,14 @@ func (o *Config) ToJson() string {
}
}
+func (o *Config) GetSSOService(service string) *SSOSettings {
+ if service == SERVICE_GITLAB {
+ return &o.GitLabSSOSettings
+ }
+
+ return nil
+}
+
func ConfigFromJson(data io.Reader) *Config {
decoder := json.NewDecoder(data)
var o Config
diff --git a/utils/config.go b/utils/config.go
index 5b7cc7c64..66a20c39b 100644
--- a/utils/config.go
+++ b/utils/config.go
@@ -183,7 +183,7 @@ func getClientProperties(c *model.Config) map[string]string {
props["AllowSignUpWithEmail"] = strconv.FormatBool(c.EmailSettings.AllowSignUpWithEmail)
props["FeedbackEmail"] = c.EmailSettings.FeedbackEmail
- props["AllowSignUpWithGitLab"] = strconv.FormatBool(false)
+ props["AllowSignUpWithGitLab"] = strconv.FormatBool(c.GitLabSSOSettings.Allow)
props["ShowEmailAddress"] = strconv.FormatBool(c.PrivacySettings.ShowEmailAddress)
props["AllowPublicLink"] = strconv.FormatBool(c.TeamSettings.AllowPublicLink)
@@ -194,25 +194,3 @@ func getClientProperties(c *model.Config) map[string]string {
return props
}
-
-// func IsS3Configured() bool {
-// if Cfg.AWSSettings.AmazonS3AccessKeyId == "" || Cfg.AWSSettingsAmazonS3SecretAccessKey == "" || Cfg.AWSSettingsAmazonS3Region == "" || Cfg.AWSSettingsAmazonS3Bucket == "" {
-// return false
-// }
-
-// return true
-// }
-
-func IsServiceAllowed(s string) bool {
- if len(s) == 0 {
- return false
- }
-
- if service, ok := Cfg.SSOSettings[s]; ok {
- if service.Allow {
- return true
- }
- }
-
- return false
-}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-08-08 20:46:09 +0000