summaryrefslogtreecommitdiffstats
path: root/api/team.go
diff options
context:
space:
mode:
Diffstat (limited to 'api/team.go')
-rw-r--r--api/team.go46
1 files changed, 44 insertions, 2 deletions
diff --git a/api/team.go b/api/team.go
index a331e9e34..eaa0d2695 100644
--- a/api/team.go
+++ b/api/team.go
@@ -44,6 +44,10 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
+ if !isTreamCreationAllowed(c, email) {
+ return
+ }
+
subjectPage := NewServerTemplatePage("signup_team_subject", c.GetSiteURL())
bodyPage := NewServerTemplatePage("signup_team_body", c.GetSiteURL())
bodyPage.Props["TourUrl"] = utils.Cfg.TeamSettings.TourLink
@@ -89,6 +93,11 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) {
c.Err = err
return
}
+
+ if !isTreamCreationAllowed(c, teamSignup.Team.Email) {
+ return
+ }
+
teamSignup.Team.Id = ""
password := teamSignup.User.Password
@@ -169,6 +178,10 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
+ if !isTreamCreationAllowed(c, team.Email) {
+ return
+ }
+
if utils.Cfg.ServiceSettings.Mode != utils.MODE_DEV {
c.Err = model.NewAppError("createTeam", "The mode does not allow network creation without a valid invite", "")
return
@@ -196,6 +209,35 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) {
}
}
+func isTreamCreationAllowed(c *Context, email string) bool {
+
+ email = strings.ToLower(email)
+
+ if utils.Cfg.TeamSettings.DisableTeamCreation {
+ c.Err = model.NewAppError("isTreamCreationAllowed", "Team creation has been disabled. Please ask your systems administrator for details.", "")
+ return false
+ }
+
+ // commas and @ signs are optional
+ // can be in the form of "@corp.mattermost.com, mattermost.com mattermost.org" -> corp.mattermost.com mattermost.com mattermost.org
+ domains := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(utils.Cfg.TeamSettings.RestrictCreationToDomains, "@", " ", -1), ",", " ", -1))))
+
+ matched := false
+ for _, d := range domains {
+ if strings.HasSuffix(email, "@"+d) {
+ matched = true
+ break
+ }
+ }
+
+ if len(utils.Cfg.TeamSettings.RestrictCreationToDomains) > 0 && !matched {
+ c.Err = model.NewAppError("isTreamCreationAllowed", "Email must be from a specific domain (e.g. @example.com). Please ask your systems administrator for details.", "")
+ return false
+ }
+
+ return true
+}
+
func findTeamByName(c *Context, w http.ResponseWriter, r *http.Request) {
m := model.MapFromJson(r.Body)
@@ -283,10 +325,10 @@ func emailTeams(c *Context, w http.ResponseWriter, r *http.Request) {
} else {
teams := result.Data.([]*model.Team)
- // the template expects Props to be a map with team names as the keys
+ // the template expects Props to be a map with team names as the keys and the team url as the value
props := make(map[string]string)
for _, team := range teams {
- props[team.Name] = team.Name
+ props[team.Name] = c.GetTeamURLFromTeam(team)
}
bodyPage.Props = props