diff options
Diffstat (limited to 'api/team.go')
-rw-r--r-- | api/team.go | 100 |
1 files changed, 59 insertions, 41 deletions
diff --git a/api/team.go b/api/team.go index 92fcbff93..d59b2b484 100644 --- a/api/team.go +++ b/api/team.go @@ -25,6 +25,7 @@ func InitTeam(r *mux.Router) { sr.Handle("/create_from_signup", ApiAppHandler(createTeamFromSignup)).Methods("POST") sr.Handle("/create_with_sso/{service:[A-Za-z]+}", ApiAppHandler(createTeamFromSSO)).Methods("POST") sr.Handle("/signup", ApiAppHandler(signupTeam)).Methods("POST") + sr.Handle("/all", ApiUserRequired(getAll)).Methods("GET") sr.Handle("/find_team_by_name", ApiAppHandler(findTeamByName)).Methods("POST") sr.Handle("/find_teams", ApiAppHandler(findTeams)).Methods("POST") sr.Handle("/email_teams", ApiAppHandler(emailTeams)).Methods("POST") @@ -38,7 +39,7 @@ func InitTeam(r *mux.Router) { } func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) { - if utils.Cfg.ServiceSettings.DisableEmailSignUp { + if !utils.Cfg.EmailSettings.EnableSignUpWithEmail { c.Err = model.NewAppError("signupTeam", "Team sign-up with email is disabled.", "") c.Err.StatusCode = http.StatusNotImplemented return @@ -60,14 +61,13 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) { subjectPage.Props["SiteURL"] = c.GetSiteURL() bodyPage := NewServerTemplatePage("signup_team_body") bodyPage.Props["SiteURL"] = c.GetSiteURL() - bodyPage.Props["TourUrl"] = utils.Cfg.TeamSettings.TourLink props := make(map[string]string) props["email"] = email props["time"] = fmt.Sprintf("%v", model.GetMillis()) data := model.MapToJson(props) - hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.ServiceSettings.InviteSalt)) + hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.InviteSalt)) bodyPage.Props["Link"] = fmt.Sprintf("%s/signup_team_complete/?d=%s&h=%s", c.GetSiteURL(), url.QueryEscape(data), url.QueryEscape(hash)) @@ -76,10 +76,7 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) { return } - if utils.Cfg.ServiceSettings.Mode == utils.MODE_DEV || utils.Cfg.EmailSettings.ByPassEmail { - m["follow_link"] = bodyPage.Props["Link"] - } - + m["follow_link"] = bodyPage.Props["Link"] w.Header().Set("Access-Control-Allow-Origin", " *") w.Write([]byte(model.MapToJson(m))) } @@ -88,7 +85,8 @@ func createTeamFromSSO(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) service := params["service"] - if !utils.IsServiceAllowed(service) { + sso := utils.Cfg.GetSSOService(service) + if sso != nil && !sso.Enable { c.SetInvalidParam("createTeamFromSSO", "service") return } @@ -126,8 +124,6 @@ func createTeamFromSSO(c *Context, w http.ResponseWriter, r *http.Request) { } } - team.AllowValet = utils.Cfg.TeamSettings.AllowValetDefault - if result := <-Srv.Store.Team().Save(team); result.Err != nil { c.Err = result.Err return @@ -147,7 +143,7 @@ func createTeamFromSSO(c *Context, w http.ResponseWriter, r *http.Request) { } func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { - if utils.Cfg.ServiceSettings.DisableEmailSignUp { + if !utils.Cfg.EmailSettings.EnableSignUpWithEmail { c.Err = model.NewAppError("createTeamFromSignup", "Team sign-up with email is disabled.", "") c.Err.StatusCode = http.StatusNotImplemented return @@ -188,7 +184,7 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { teamSignup.User.TeamId = "" teamSignup.User.Password = password - if !model.ComparePassword(teamSignup.Hash, fmt.Sprintf("%v:%v", teamSignup.Data, utils.Cfg.ServiceSettings.InviteSalt)) { + if !model.ComparePassword(teamSignup.Hash, fmt.Sprintf("%v:%v", teamSignup.Data, utils.Cfg.EmailSettings.InviteSalt)) { c.Err = model.NewAppError("createTeamFromSignup", "The signup link does not appear to be valid", "") return } @@ -209,8 +205,6 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { return } - teamSignup.Team.AllowValet = utils.Cfg.TeamSettings.AllowValetDefault - if result := <-Srv.Store.Team().Save(&teamSignup.Team); result.Err != nil { c.Err = result.Err return @@ -230,13 +224,6 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { return } - if teamSignup.Team.AllowValet { - CreateValet(c, rteam) - if c.Err != nil { - return - } - } - InviteMembers(c, rteam, ruser, teamSignup.Invites) teamSignup.Team = *rteam @@ -257,7 +244,7 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) { } func CreateTeam(c *Context, team *model.Team) *model.Team { - if utils.Cfg.ServiceSettings.DisableEmailSignUp { + if !utils.Cfg.EmailSettings.EnableSignUpWithEmail { c.Err = model.NewAppError("createTeam", "Team sign-up with email is disabled.", "") c.Err.StatusCode = http.StatusNotImplemented return nil @@ -272,11 +259,6 @@ func CreateTeam(c *Context, team *model.Team) *model.Team { return nil } - if utils.Cfg.ServiceSettings.Mode != utils.MODE_DEV { - c.Err = model.NewAppError("CreateTeam", "The mode does not allow network creation without a valid invite", "") - return nil - } - if result := <-Srv.Store.Team().Save(team); result.Err != nil { c.Err = result.Err return nil @@ -288,13 +270,6 @@ func CreateTeam(c *Context, team *model.Team) *model.Team { return nil } - if rteam.AllowValet { - CreateValet(c, rteam) - if c.Err != nil { - return nil - } - } - return rteam } } @@ -303,7 +278,7 @@ func isTreamCreationAllowed(c *Context, email string) bool { email = strings.ToLower(email) - if utils.Cfg.TeamSettings.DisableTeamCreation { + if !utils.Cfg.TeamSettings.EnableTeamCreation { c.Err = model.NewAppError("isTreamCreationAllowed", "Team creation has been disabled. Please ask your systems administrator for details.", "") return false } @@ -328,6 +303,53 @@ func isTreamCreationAllowed(c *Context, email string) bool { return true } +func getAll(c *Context, w http.ResponseWriter, r *http.Request) { + if !c.HasSystemAdminPermissions("getLogs") { + return + } + + if result := <-Srv.Store.Team().GetAll(); result.Err != nil { + c.Err = result.Err + return + } else { + teams := result.Data.([]*model.Team) + m := make(map[string]*model.Team) + for _, v := range teams { + m[v.Id] = v + } + + w.Write([]byte(model.TeamMapToJson(m))) + } +} + +func revokeAllSessions(c *Context, w http.ResponseWriter, r *http.Request) { + props := model.MapFromJson(r.Body) + id := props["id"] + + if result := <-Srv.Store.Session().Get(id); result.Err != nil { + c.Err = result.Err + return + } else { + session := result.Data.(*model.Session) + + c.LogAudit("revoked_all=" + id) + + if session.IsOAuth { + RevokeAccessToken(session.Token) + } else { + sessionCache.Remove(session.Token) + + if result := <-Srv.Store.Session().Remove(session.Id); result.Err != nil { + c.Err = result.Err + return + } else { + w.Write([]byte(model.MapToJson(props))) + return + } + } + } +} + func findTeamByName(c *Context, w http.ResponseWriter, r *http.Request) { m := model.MapFromJson(r.Body) @@ -509,10 +531,10 @@ func InviteMembers(c *Context, team *model.Team, user *model.User, invites []str props["name"] = team.Name props["time"] = fmt.Sprintf("%v", model.GetMillis()) data := model.MapToJson(props) - hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.ServiceSettings.InviteSalt)) + hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.InviteSalt)) bodyPage.Props["Link"] = fmt.Sprintf("%s/signup_user_complete/?d=%s&h=%s", c.GetSiteURL(), url.QueryEscape(data), url.QueryEscape(hash)) - if utils.Cfg.ServiceSettings.Mode == utils.MODE_DEV { + if !utils.Cfg.EmailSettings.SendEmailNotifications { l4g.Info("sending invitation to %v %v", invite, bodyPage.Props["Link"]) } @@ -569,8 +591,6 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) { return } - allowValet := allowValetStr == "true" - teamId := props["team_id"] if len(teamId) > 0 && len(teamId) != 26 { c.SetInvalidParam("updateValetFeature", "team_id") @@ -599,8 +619,6 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) { team = tResult.Data.(*model.Team) } - team.AllowValet = allowValet - if result := <-Srv.Store.Team().Update(team); result.Err != nil { c.Err = result.Err return |