summaryrefslogtreecommitdiffstats
path: root/api
diff options
context:
space:
mode:
Diffstat (limited to 'api')
-rw-r--r--api/admin_test.go4
-rw-r--r--api/api_test.go1
-rw-r--r--api/context.go2
-rw-r--r--api/file.go2
-rw-r--r--api/post.go70
-rw-r--r--api/post_test.go92
-rw-r--r--api/team.go25
-rw-r--r--api/team_test.go76
-rw-r--r--api/user.go16
-rw-r--r--api/user_test.go1
10 files changed, 12 insertions, 277 deletions
diff --git a/api/admin_test.go b/api/admin_test.go
index c74fbf6e5..ad7ac08f8 100644
--- a/api/admin_test.go
+++ b/api/admin_test.go
@@ -83,7 +83,7 @@ func TestGetConfig(t *testing.T) {
} else {
cfg := result.Data.(*model.Config)
- if len(cfg.ServiceSettings.SiteName) == 0 {
+ if len(cfg.TeamSettings.SiteName) == 0 {
t.Fatal()
}
}
@@ -117,7 +117,7 @@ func TestSaveConfig(t *testing.T) {
} else {
cfg := result.Data.(*model.Config)
- if len(cfg.ServiceSettings.SiteName) == 0 {
+ if len(cfg.TeamSettings.SiteName) == 0 {
t.Fatal()
}
}
diff --git a/api/api_test.go b/api/api_test.go
index 642db581e..490f8ab5b 100644
--- a/api/api_test.go
+++ b/api/api_test.go
@@ -14,6 +14,7 @@ var Client *model.Client
func Setup() {
if Srv == nil {
utils.LoadConfig("config.json")
+ utils.Cfg.TeamSettings.MaxUsersPerTeam = 50
NewServer()
StartServer()
InitApi()
diff --git a/api/context.go b/api/context.go
index 02716bb33..c4684221d 100644
--- a/api/context.go
+++ b/api/context.go
@@ -471,7 +471,7 @@ func RenderWebError(err *model.AppError, w http.ResponseWriter, r *http.Request)
m := make(map[string]string)
m["Message"] = err.Message
m["Details"] = err.DetailedError
- m["SiteName"] = utils.Cfg.ServiceSettings.SiteName
+ m["SiteName"] = utils.Cfg.TeamSettings.SiteName
m["SiteURL"] = SiteURL
w.WriteHeader(err.StatusCode)
diff --git a/api/file.go b/api/file.go
index 69303f5f8..61d0df413 100644
--- a/api/file.go
+++ b/api/file.go
@@ -447,7 +447,7 @@ func getPublicLink(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if !utils.Cfg.TeamSettings.AllowPublicLink {
+ if !utils.Cfg.ImageSettings.EnablePublicLink {
c.Err = model.NewAppError("getPublicLink", "Public links have been disabled", "")
c.Err.StatusCode = http.StatusForbidden
}
diff --git a/api/post.go b/api/post.go
index 21bc35b97..4294ae03c 100644
--- a/api/post.go
+++ b/api/post.go
@@ -25,7 +25,6 @@ func InitPost(r *mux.Router) {
sr := r.PathPrefix("/channels/{id:[A-Za-z0-9]+}").Subrouter()
sr.Handle("/create", ApiUserRequired(createPost)).Methods("POST")
- sr.Handle("/valet_create", ApiUserRequired(createValetPost)).Methods("POST")
sr.Handle("/update", ApiUserRequired(updatePost)).Methods("POST")
sr.Handle("/posts/{offset:[0-9]+}/{limit:[0-9]+}", ApiUserRequiredActivity(getPosts, false)).Methods("GET")
sr.Handle("/posts/{time:[0-9]+}", ApiUserRequiredActivity(getPostsSince, false)).Methods("GET")
@@ -60,75 +59,6 @@ func createPost(c *Context, w http.ResponseWriter, r *http.Request) {
}
}
-func createValetPost(c *Context, w http.ResponseWriter, r *http.Request) {
- tchan := Srv.Store.Team().Get(c.Session.TeamId)
-
- post := model.PostFromJson(r.Body)
- if post == nil {
- c.SetInvalidParam("createValetPost", "post")
- return
- }
-
- cchan := Srv.Store.Channel().CheckOpenChannelPermissions(c.Session.TeamId, post.ChannelId)
-
- // Any one with access to the team can post as valet to any open channel
- if !c.HasPermissionsToChannel(cchan, "createValetPost") {
- return
- }
-
- // Make sure this team has the valet feature enabled
- if tResult := <-tchan; tResult.Err != nil {
- c.Err = model.NewAppError("createValetPost", "Could not find the team for this session, team_id="+c.Session.TeamId, "")
- return
- } else {
- if !tResult.Data.(*model.Team).AllowValet {
- c.Err = model.NewAppError("createValetPost", "The valet feature is currently turned off. Please contact your team administrator for details.", "")
- c.Err.StatusCode = http.StatusNotImplemented
- return
- }
- }
-
- if rp, err := CreateValetPost(c, post); err != nil {
- c.Err = err
-
- if strings.Contains(c.Err.Message, "parameter") {
- c.Err.StatusCode = http.StatusBadRequest
- }
-
- return
- } else {
- w.Write([]byte(rp.ToJson()))
- }
-}
-
-func CreateValetPost(c *Context, post *model.Post) (*model.Post, *model.AppError) {
- post.Hashtags, _ = model.ParseHashtags(post.Message)
-
- post.Filenames = []string{} // no files allowed in valet posts yet
-
- if result := <-Srv.Store.User().GetByUsername(c.Session.TeamId, "valet"); result.Err != nil {
- // if the bot doesn't exist, create it
- if tresult := <-Srv.Store.Team().Get(c.Session.TeamId); tresult.Err != nil {
- return nil, tresult.Err
- } else {
- post.UserId = (CreateValet(c, tresult.Data.(*model.Team))).Id
- }
- } else {
- post.UserId = result.Data.(*model.User).Id
- }
-
- var rpost *model.Post
- if result := <-Srv.Store.Post().Save(post); result.Err != nil {
- return nil, result.Err
- } else {
- rpost = result.Data.(*model.Post)
- }
-
- fireAndForgetNotifications(rpost, c.Session.TeamId, c.GetSiteURL())
-
- return rpost, nil
-}
-
func CreatePost(c *Context, post *model.Post, doUpdateLastViewed bool) (*model.Post, *model.AppError) {
var pchan store.StoreChannel
if len(post.RootId) > 0 {
diff --git a/api/post_test.go b/api/post_test.go
index 4cccfd62a..358611240 100644
--- a/api/post_test.go
+++ b/api/post_test.go
@@ -123,98 +123,6 @@ func TestCreatePost(t *testing.T) {
}
}
-func TestCreateValetPost(t *testing.T) {
- Setup()
-
- team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
- team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
-
- team2 := &model.Team{DisplayName: "Name Team 2", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
- team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team)
-
- user1 := &model.User{TeamId: team.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"}
- user1 = Client.Must(Client.CreateUser(user1, "")).Data.(*model.User)
- store.Must(Srv.Store.User().VerifyEmail(user1.Id))
-
- user2 := &model.User{TeamId: team.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"}
- user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User)
- store.Must(Srv.Store.User().VerifyEmail(user2.Id))
-
- Client.LoginByEmail(team.Name, user1.Email, "pwd")
-
- channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
- channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
-
- channel2 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
- channel2 = Client.Must(Client.CreateChannel(channel2)).Data.(*model.Channel)
-
- if utils.Cfg.TeamSettings.AllowValetDefault {
- post1 := &model.Post{ChannelId: channel1.Id, Message: "#hashtag a" + model.NewId() + "a"}
- rpost1, err := Client.CreateValetPost(post1)
- if err != nil {
- t.Fatal(err)
- }
-
- if rpost1.Data.(*model.Post).Message != post1.Message {
- t.Fatal("message didn't match")
- }
-
- if rpost1.Data.(*model.Post).Hashtags != "#hashtag" {
- t.Fatal("hashtag didn't match")
- }
-
- post2 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a", RootId: rpost1.Data.(*model.Post).Id}
- rpost2, err := Client.CreateValetPost(post2)
- if err != nil {
- t.Fatal(err)
- }
-
- post3 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a", RootId: rpost1.Data.(*model.Post).Id, ParentId: rpost2.Data.(*model.Post).Id}
- _, err = Client.CreateValetPost(post3)
- if err != nil {
- t.Fatal(err)
- }
-
- post4 := &model.Post{ChannelId: "junk", Message: "a" + model.NewId() + "a"}
- _, err = Client.CreateValetPost(post4)
- if err.StatusCode != http.StatusForbidden {
- t.Fatal("Should have been forbidden")
- }
-
- Client.LoginByEmail(team.Name, user2.Email, "pwd")
- post5 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"}
- _, err = Client.CreateValetPost(post5)
- if err != nil {
- t.Fatal(err)
- }
-
- user3 := &model.User{TeamId: team2.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"}
- user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User)
- store.Must(Srv.Store.User().VerifyEmail(user3.Id))
-
- Client.LoginByEmail(team2.Name, user3.Email, "pwd")
-
- channel3 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team2.Id}
- channel3 = Client.Must(Client.CreateChannel(channel3)).Data.(*model.Channel)
-
- post6 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"}
- _, err = Client.CreateValetPost(post6)
- if err.StatusCode != http.StatusForbidden {
- t.Fatal("Should have been forbidden")
- }
-
- if _, err = Client.DoApiPost("/channels/"+channel3.Id+"/create", "garbage"); err == nil {
- t.Fatal("should have been an error")
- }
- } else {
- post1 := &model.Post{ChannelId: channel1.Id, Message: "#hashtag a" + model.NewId() + "a"}
- _, err := Client.CreateValetPost(post1)
- if err.StatusCode != http.StatusNotImplemented {
- t.Fatal("Should have failed with 501 - Not Implemented")
- }
- }
-}
-
func TestUpdatePost(t *testing.T) {
Setup()
diff --git a/api/team.go b/api/team.go
index 4531c83b9..8802208f7 100644
--- a/api/team.go
+++ b/api/team.go
@@ -60,7 +60,6 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) {
subjectPage.Props["SiteURL"] = c.GetSiteURL()
bodyPage := NewServerTemplatePage("signup_team_body")
bodyPage.Props["SiteURL"] = c.GetSiteURL()
- bodyPage.Props["TourUrl"] = utils.Cfg.TeamSettings.TourLink
props := make(map[string]string)
props["email"] = email
@@ -124,8 +123,6 @@ func createTeamFromSSO(c *Context, w http.ResponseWriter, r *http.Request) {
}
}
- team.AllowValet = utils.Cfg.TeamSettings.AllowValetDefault
-
if result := <-Srv.Store.Team().Save(team); result.Err != nil {
c.Err = result.Err
return
@@ -207,8 +204,6 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- teamSignup.Team.AllowValet = utils.Cfg.TeamSettings.AllowValetDefault
-
if result := <-Srv.Store.Team().Save(&teamSignup.Team); result.Err != nil {
c.Err = result.Err
return
@@ -228,13 +223,6 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if teamSignup.Team.AllowValet {
- CreateValet(c, rteam)
- if c.Err != nil {
- return
- }
- }
-
InviteMembers(c, rteam, ruser, teamSignup.Invites)
teamSignup.Team = *rteam
@@ -286,13 +274,6 @@ func CreateTeam(c *Context, team *model.Team) *model.Team {
return nil
}
- if rteam.AllowValet {
- CreateValet(c, rteam)
- if c.Err != nil {
- return nil
- }
- }
-
return rteam
}
}
@@ -301,7 +282,7 @@ func isTreamCreationAllowed(c *Context, email string) bool {
email = strings.ToLower(email)
- if utils.Cfg.TeamSettings.DisableTeamCreation {
+ if !utils.Cfg.TeamSettings.EnableTeamCreation {
c.Err = model.NewAppError("isTreamCreationAllowed", "Team creation has been disabled. Please ask your systems administrator for details.", "")
return false
}
@@ -567,8 +548,6 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- allowValet := allowValetStr == "true"
-
teamId := props["team_id"]
if len(teamId) > 0 && len(teamId) != 26 {
c.SetInvalidParam("updateValetFeature", "team_id")
@@ -597,8 +576,6 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) {
team = tResult.Data.(*model.Team)
}
- team.AllowValet = allowValet
-
if result := <-Srv.Store.Team().Update(team); result.Err != nil {
c.Err = result.Err
return
diff --git a/api/team_test.go b/api/team_test.go
index 4f1b9e5f0..48c73c638 100644
--- a/api/team_test.go
+++ b/api/team_test.go
@@ -330,79 +330,3 @@ func TestGetMyTeam(t *testing.T) {
}
}
}
-
-func TestUpdateValetFeature(t *testing.T) {
- Setup()
-
- team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
- team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
-
- user := &model.User{TeamId: team.Id, Email: "test@nowhere.com", Nickname: "Corey Hulen", Password: "pwd"}
- user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User)
- store.Must(Srv.Store.User().VerifyEmail(user.Id))
-
- user2 := &model.User{TeamId: team.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"}
- user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User)
- store.Must(Srv.Store.User().VerifyEmail(user2.Id))
-
- team2 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
- team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team)
-
- user3 := &model.User{TeamId: team2.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"}
- user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User)
- store.Must(Srv.Store.User().VerifyEmail(user3.Id))
-
- Client.LoginByEmail(team.Name, user2.Email, "pwd")
-
- data := make(map[string]string)
- data["allow_valet"] = "true"
- if _, err := Client.UpdateValetFeature(data); err == nil {
- t.Fatal("Should have errored, not admin")
- }
-
- Client.LoginByEmail(team.Name, user.Email, "pwd")
-
- data["allow_valet"] = ""
- if _, err := Client.UpdateValetFeature(data); err == nil {
- t.Fatal("Should have errored, empty allow_valet field")
- }
-
- data["allow_valet"] = "true"
- if _, err := Client.UpdateValetFeature(data); err != nil {
- t.Fatal(err)
- }
-
- rteam := Client.Must(Client.GetMyTeam("")).Data.(*model.Team)
- if rteam.AllowValet != true {
- t.Fatal("Should have errored - allow valet property not updated")
- }
-
- data["team_id"] = "junk"
- if _, err := Client.UpdateValetFeature(data); err == nil {
- t.Fatal("Should have errored, junk team id")
- }
-
- data["team_id"] = "12345678901234567890123456"
- if _, err := Client.UpdateValetFeature(data); err == nil {
- t.Fatal("Should have errored, bad team id")
- }
-
- data["team_id"] = team.Id
- data["allow_valet"] = "false"
- if _, err := Client.UpdateValetFeature(data); err != nil {
- t.Fatal(err)
- }
-
- rteam = Client.Must(Client.GetMyTeam("")).Data.(*model.Team)
- if rteam.AllowValet != false {
- t.Fatal("Should have errored - allow valet property not updated")
- }
-
- Client.LoginByEmail(team2.Name, user3.Email, "pwd")
-
- data["team_id"] = team.Id
- data["allow_valet"] = "true"
- if _, err := Client.UpdateValetFeature(data); err == nil {
- t.Fatal("Should have errored, not part of team")
- }
-}
diff --git a/api/user.go b/api/user.go
index 7f4eb6c2d..ba5323d77 100644
--- a/api/user.go
+++ b/api/user.go
@@ -155,19 +155,13 @@ func IsVerifyHashRequired(user *model.User, team *model.Team, hash string) bool
return shouldVerifyHash
}
-func CreateValet(c *Context, team *model.Team) *model.User {
- valet := &model.User{}
- valet.TeamId = team.Id
- valet.Email = utils.Cfg.EmailSettings.FeedbackEmail
- valet.EmailVerified = true
- valet.Username = model.BOT_USERNAME
- valet.Password = model.NewId()
-
- return CreateUser(c, team, valet)
-}
-
func CreateUser(c *Context, team *model.Team, user *model.User) *model.User {
+ if !utils.Cfg.TeamSettings.EnableUserCreation {
+ c.Err = model.NewAppError("CreateUser", "User creation has been disabled. Please ask your systems administrator for details.", "")
+ return nil
+ }
+
channelRole := ""
if team.Email == user.Email {
user.Roles = model.ROLE_TEAM_ADMIN
diff --git a/api/user_test.go b/api/user_test.go
index 8342f37f6..7451cb615 100644
--- a/api/user_test.go
+++ b/api/user_test.go
@@ -952,6 +952,7 @@ func TestUserUpdateNotify(t *testing.T) {
}
func TestFuzzyUserCreate(t *testing.T) {
+ Setup()
team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
rteam, _ := Client.CreateTeam(&team)