diff options
Diffstat (limited to 'api')
-rw-r--r-- | api/admin_test.go | 4 | ||||
-rw-r--r-- | api/api_test.go | 1 | ||||
-rw-r--r-- | api/context.go | 2 | ||||
-rw-r--r-- | api/file.go | 2 | ||||
-rw-r--r-- | api/post.go | 70 | ||||
-rw-r--r-- | api/post_test.go | 92 | ||||
-rw-r--r-- | api/team.go | 25 | ||||
-rw-r--r-- | api/team_test.go | 76 | ||||
-rw-r--r-- | api/user.go | 16 | ||||
-rw-r--r-- | api/user_test.go | 1 |
10 files changed, 12 insertions, 277 deletions
diff --git a/api/admin_test.go b/api/admin_test.go index c74fbf6e5..ad7ac08f8 100644 --- a/api/admin_test.go +++ b/api/admin_test.go @@ -83,7 +83,7 @@ func TestGetConfig(t *testing.T) { } else { cfg := result.Data.(*model.Config) - if len(cfg.ServiceSettings.SiteName) == 0 { + if len(cfg.TeamSettings.SiteName) == 0 { t.Fatal() } } @@ -117,7 +117,7 @@ func TestSaveConfig(t *testing.T) { } else { cfg := result.Data.(*model.Config) - if len(cfg.ServiceSettings.SiteName) == 0 { + if len(cfg.TeamSettings.SiteName) == 0 { t.Fatal() } } diff --git a/api/api_test.go b/api/api_test.go index 642db581e..490f8ab5b 100644 --- a/api/api_test.go +++ b/api/api_test.go @@ -14,6 +14,7 @@ var Client *model.Client func Setup() { if Srv == nil { utils.LoadConfig("config.json") + utils.Cfg.TeamSettings.MaxUsersPerTeam = 50 NewServer() StartServer() InitApi() diff --git a/api/context.go b/api/context.go index 02716bb33..c4684221d 100644 --- a/api/context.go +++ b/api/context.go @@ -471,7 +471,7 @@ func RenderWebError(err *model.AppError, w http.ResponseWriter, r *http.Request) m := make(map[string]string) m["Message"] = err.Message m["Details"] = err.DetailedError - m["SiteName"] = utils.Cfg.ServiceSettings.SiteName + m["SiteName"] = utils.Cfg.TeamSettings.SiteName m["SiteURL"] = SiteURL w.WriteHeader(err.StatusCode) diff --git a/api/file.go b/api/file.go index 69303f5f8..61d0df413 100644 --- a/api/file.go +++ b/api/file.go @@ -447,7 +447,7 @@ func getPublicLink(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !utils.Cfg.TeamSettings.AllowPublicLink { + if !utils.Cfg.ImageSettings.EnablePublicLink { c.Err = model.NewAppError("getPublicLink", "Public links have been disabled", "") c.Err.StatusCode = http.StatusForbidden } diff --git a/api/post.go b/api/post.go index 21bc35b97..4294ae03c 100644 --- a/api/post.go +++ b/api/post.go @@ -25,7 +25,6 @@ func InitPost(r *mux.Router) { sr := r.PathPrefix("/channels/{id:[A-Za-z0-9]+}").Subrouter() sr.Handle("/create", ApiUserRequired(createPost)).Methods("POST") - sr.Handle("/valet_create", ApiUserRequired(createValetPost)).Methods("POST") sr.Handle("/update", ApiUserRequired(updatePost)).Methods("POST") sr.Handle("/posts/{offset:[0-9]+}/{limit:[0-9]+}", ApiUserRequiredActivity(getPosts, false)).Methods("GET") sr.Handle("/posts/{time:[0-9]+}", ApiUserRequiredActivity(getPostsSince, false)).Methods("GET") @@ -60,75 +59,6 @@ func createPost(c *Context, w http.ResponseWriter, r *http.Request) { } } -func createValetPost(c *Context, w http.ResponseWriter, r *http.Request) { - tchan := Srv.Store.Team().Get(c.Session.TeamId) - - post := model.PostFromJson(r.Body) - if post == nil { - c.SetInvalidParam("createValetPost", "post") - return - } - - cchan := Srv.Store.Channel().CheckOpenChannelPermissions(c.Session.TeamId, post.ChannelId) - - // Any one with access to the team can post as valet to any open channel - if !c.HasPermissionsToChannel(cchan, "createValetPost") { - return - } - - // Make sure this team has the valet feature enabled - if tResult := <-tchan; tResult.Err != nil { - c.Err = model.NewAppError("createValetPost", "Could not find the team for this session, team_id="+c.Session.TeamId, "") - return - } else { - if !tResult.Data.(*model.Team).AllowValet { - c.Err = model.NewAppError("createValetPost", "The valet feature is currently turned off. Please contact your team administrator for details.", "") - c.Err.StatusCode = http.StatusNotImplemented - return - } - } - - if rp, err := CreateValetPost(c, post); err != nil { - c.Err = err - - if strings.Contains(c.Err.Message, "parameter") { - c.Err.StatusCode = http.StatusBadRequest - } - - return - } else { - w.Write([]byte(rp.ToJson())) - } -} - -func CreateValetPost(c *Context, post *model.Post) (*model.Post, *model.AppError) { - post.Hashtags, _ = model.ParseHashtags(post.Message) - - post.Filenames = []string{} // no files allowed in valet posts yet - - if result := <-Srv.Store.User().GetByUsername(c.Session.TeamId, "valet"); result.Err != nil { - // if the bot doesn't exist, create it - if tresult := <-Srv.Store.Team().Get(c.Session.TeamId); tresult.Err != nil { - return nil, tresult.Err - } else { - post.UserId = (CreateValet(c, tresult.Data.(*model.Team))).Id - } - } else { - post.UserId = result.Data.(*model.User).Id - } - - var rpost *model.Post - if result := <-Srv.Store.Post().Save(post); result.Err != nil { - return nil, result.Err - } else { - rpost = result.Data.(*model.Post) - } - - fireAndForgetNotifications(rpost, c.Session.TeamId, c.GetSiteURL()) - - return rpost, nil -} - func CreatePost(c *Context, post *model.Post, doUpdateLastViewed bool) (*model.Post, *model.AppError) { var pchan store.StoreChannel if len(post.RootId) > 0 { diff --git a/api/post_test.go b/api/post_test.go index 4cccfd62a..358611240 100644 --- a/api/post_test.go +++ b/api/post_test.go @@ -123,98 +123,6 @@ func TestCreatePost(t *testing.T) { } } -func TestCreateValetPost(t *testing.T) { - Setup() - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - team2 := &model.Team{DisplayName: "Name Team 2", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team) - - user1 := &model.User{TeamId: team.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"} - user1 = Client.Must(Client.CreateUser(user1, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user1.Id)) - - user2 := &model.User{TeamId: team.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"} - user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user2.Id)) - - Client.LoginByEmail(team.Name, user1.Email, "pwd") - - channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} - channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel) - - channel2 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} - channel2 = Client.Must(Client.CreateChannel(channel2)).Data.(*model.Channel) - - if utils.Cfg.TeamSettings.AllowValetDefault { - post1 := &model.Post{ChannelId: channel1.Id, Message: "#hashtag a" + model.NewId() + "a"} - rpost1, err := Client.CreateValetPost(post1) - if err != nil { - t.Fatal(err) - } - - if rpost1.Data.(*model.Post).Message != post1.Message { - t.Fatal("message didn't match") - } - - if rpost1.Data.(*model.Post).Hashtags != "#hashtag" { - t.Fatal("hashtag didn't match") - } - - post2 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a", RootId: rpost1.Data.(*model.Post).Id} - rpost2, err := Client.CreateValetPost(post2) - if err != nil { - t.Fatal(err) - } - - post3 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a", RootId: rpost1.Data.(*model.Post).Id, ParentId: rpost2.Data.(*model.Post).Id} - _, err = Client.CreateValetPost(post3) - if err != nil { - t.Fatal(err) - } - - post4 := &model.Post{ChannelId: "junk", Message: "a" + model.NewId() + "a"} - _, err = Client.CreateValetPost(post4) - if err.StatusCode != http.StatusForbidden { - t.Fatal("Should have been forbidden") - } - - Client.LoginByEmail(team.Name, user2.Email, "pwd") - post5 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"} - _, err = Client.CreateValetPost(post5) - if err != nil { - t.Fatal(err) - } - - user3 := &model.User{TeamId: team2.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"} - user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user3.Id)) - - Client.LoginByEmail(team2.Name, user3.Email, "pwd") - - channel3 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team2.Id} - channel3 = Client.Must(Client.CreateChannel(channel3)).Data.(*model.Channel) - - post6 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"} - _, err = Client.CreateValetPost(post6) - if err.StatusCode != http.StatusForbidden { - t.Fatal("Should have been forbidden") - } - - if _, err = Client.DoApiPost("/channels/"+channel3.Id+"/create", "garbage"); err == nil { - t.Fatal("should have been an error") - } - } else { - post1 := &model.Post{ChannelId: channel1.Id, Message: "#hashtag a" + model.NewId() + "a"} - _, err := Client.CreateValetPost(post1) - if err.StatusCode != http.StatusNotImplemented { - t.Fatal("Should have failed with 501 - Not Implemented") - } - } -} - func TestUpdatePost(t *testing.T) { Setup() diff --git a/api/team.go b/api/team.go index 4531c83b9..8802208f7 100644 --- a/api/team.go +++ b/api/team.go @@ -60,7 +60,6 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) { subjectPage.Props["SiteURL"] = c.GetSiteURL() bodyPage := NewServerTemplatePage("signup_team_body") bodyPage.Props["SiteURL"] = c.GetSiteURL() - bodyPage.Props["TourUrl"] = utils.Cfg.TeamSettings.TourLink props := make(map[string]string) props["email"] = email @@ -124,8 +123,6 @@ func createTeamFromSSO(c *Context, w http.ResponseWriter, r *http.Request) { } } - team.AllowValet = utils.Cfg.TeamSettings.AllowValetDefault - if result := <-Srv.Store.Team().Save(team); result.Err != nil { c.Err = result.Err return @@ -207,8 +204,6 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { return } - teamSignup.Team.AllowValet = utils.Cfg.TeamSettings.AllowValetDefault - if result := <-Srv.Store.Team().Save(&teamSignup.Team); result.Err != nil { c.Err = result.Err return @@ -228,13 +223,6 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { return } - if teamSignup.Team.AllowValet { - CreateValet(c, rteam) - if c.Err != nil { - return - } - } - InviteMembers(c, rteam, ruser, teamSignup.Invites) teamSignup.Team = *rteam @@ -286,13 +274,6 @@ func CreateTeam(c *Context, team *model.Team) *model.Team { return nil } - if rteam.AllowValet { - CreateValet(c, rteam) - if c.Err != nil { - return nil - } - } - return rteam } } @@ -301,7 +282,7 @@ func isTreamCreationAllowed(c *Context, email string) bool { email = strings.ToLower(email) - if utils.Cfg.TeamSettings.DisableTeamCreation { + if !utils.Cfg.TeamSettings.EnableTeamCreation { c.Err = model.NewAppError("isTreamCreationAllowed", "Team creation has been disabled. Please ask your systems administrator for details.", "") return false } @@ -567,8 +548,6 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) { return } - allowValet := allowValetStr == "true" - teamId := props["team_id"] if len(teamId) > 0 && len(teamId) != 26 { c.SetInvalidParam("updateValetFeature", "team_id") @@ -597,8 +576,6 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) { team = tResult.Data.(*model.Team) } - team.AllowValet = allowValet - if result := <-Srv.Store.Team().Update(team); result.Err != nil { c.Err = result.Err return diff --git a/api/team_test.go b/api/team_test.go index 4f1b9e5f0..48c73c638 100644 --- a/api/team_test.go +++ b/api/team_test.go @@ -330,79 +330,3 @@ func TestGetMyTeam(t *testing.T) { } } } - -func TestUpdateValetFeature(t *testing.T) { - Setup() - - team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team) - - user := &model.User{TeamId: team.Id, Email: "test@nowhere.com", Nickname: "Corey Hulen", Password: "pwd"} - user = Client.Must(Client.CreateUser(user, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user.Id)) - - user2 := &model.User{TeamId: team.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"} - user2 = Client.Must(Client.CreateUser(user2, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user2.Id)) - - team2 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team) - - user3 := &model.User{TeamId: team2.Id, Email: model.NewId() + "corey@test.com", Nickname: "Corey Hulen", Password: "pwd"} - user3 = Client.Must(Client.CreateUser(user3, "")).Data.(*model.User) - store.Must(Srv.Store.User().VerifyEmail(user3.Id)) - - Client.LoginByEmail(team.Name, user2.Email, "pwd") - - data := make(map[string]string) - data["allow_valet"] = "true" - if _, err := Client.UpdateValetFeature(data); err == nil { - t.Fatal("Should have errored, not admin") - } - - Client.LoginByEmail(team.Name, user.Email, "pwd") - - data["allow_valet"] = "" - if _, err := Client.UpdateValetFeature(data); err == nil { - t.Fatal("Should have errored, empty allow_valet field") - } - - data["allow_valet"] = "true" - if _, err := Client.UpdateValetFeature(data); err != nil { - t.Fatal(err) - } - - rteam := Client.Must(Client.GetMyTeam("")).Data.(*model.Team) - if rteam.AllowValet != true { - t.Fatal("Should have errored - allow valet property not updated") - } - - data["team_id"] = "junk" - if _, err := Client.UpdateValetFeature(data); err == nil { - t.Fatal("Should have errored, junk team id") - } - - data["team_id"] = "12345678901234567890123456" - if _, err := Client.UpdateValetFeature(data); err == nil { - t.Fatal("Should have errored, bad team id") - } - - data["team_id"] = team.Id - data["allow_valet"] = "false" - if _, err := Client.UpdateValetFeature(data); err != nil { - t.Fatal(err) - } - - rteam = Client.Must(Client.GetMyTeam("")).Data.(*model.Team) - if rteam.AllowValet != false { - t.Fatal("Should have errored - allow valet property not updated") - } - - Client.LoginByEmail(team2.Name, user3.Email, "pwd") - - data["team_id"] = team.Id - data["allow_valet"] = "true" - if _, err := Client.UpdateValetFeature(data); err == nil { - t.Fatal("Should have errored, not part of team") - } -} diff --git a/api/user.go b/api/user.go index 7f4eb6c2d..ba5323d77 100644 --- a/api/user.go +++ b/api/user.go @@ -155,19 +155,13 @@ func IsVerifyHashRequired(user *model.User, team *model.Team, hash string) bool return shouldVerifyHash } -func CreateValet(c *Context, team *model.Team) *model.User { - valet := &model.User{} - valet.TeamId = team.Id - valet.Email = utils.Cfg.EmailSettings.FeedbackEmail - valet.EmailVerified = true - valet.Username = model.BOT_USERNAME - valet.Password = model.NewId() - - return CreateUser(c, team, valet) -} - func CreateUser(c *Context, team *model.Team, user *model.User) *model.User { + if !utils.Cfg.TeamSettings.EnableUserCreation { + c.Err = model.NewAppError("CreateUser", "User creation has been disabled. Please ask your systems administrator for details.", "") + return nil + } + channelRole := "" if team.Email == user.Email { user.Roles = model.ROLE_TEAM_ADMIN diff --git a/api/user_test.go b/api/user_test.go index 8342f37f6..7451cb615 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -952,6 +952,7 @@ func TestUserUpdateNotify(t *testing.T) { } func TestFuzzyUserCreate(t *testing.T) { + Setup() team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} rteam, _ := Client.CreateTeam(&team) |