diff options
Diffstat (limited to 'mattermost.go')
-rw-r--r-- | mattermost.go | 93 |
1 files changed, 66 insertions, 27 deletions
diff --git a/mattermost.go b/mattermost.go index e78e8d04a..8fa217a3e 100644 --- a/mattermost.go +++ b/mattermost.go @@ -6,6 +6,9 @@ package main import ( "flag" "fmt" + "io/ioutil" + "net/http" + "net/url" "os" "os/signal" "runtime" @@ -63,7 +66,7 @@ func main() { manualtesting.InitManualTesting() } - diagnosticsJob() + securityAndDiagnosticsJob() // wait for kill signal before attempting to gracefully shutdown // the running service @@ -75,49 +78,85 @@ func main() { } } -func diagnosticsJob() { +func securityAndDiagnosticsJob() { go func() { for { - if utils.Cfg.PrivacySettings.EnableDiagnostic && !model.IsOfficalBuild() { + if utils.Cfg.PrivacySettings.EnableSecurityFixAlert && model.IsOfficalBuild() { if result := <-api.Srv.Store.System().Get(); result.Err == nil { props := result.Data.(model.StringMap) - lastTime, _ := strconv.ParseInt(props["LastDiagnosticTime"], 10, 0) + lastSecurityTime, _ := strconv.ParseInt(props["LastSecurityTime"], 10, 0) currentTime := model.GetMillis() - if (currentTime - lastTime) > 1000*60*60*24*7 { - l4g.Info("Sending error and diagnostic information to mattermost") + id := props["DiagnosticId"] + if len(id) == 0 { + id = model.NewId() + systemId := &model.System{Name: "DiagnosticId", Value: id} + <-api.Srv.Store.System().Save(systemId) + } - id := props["DiagnosticId"] - if len(id) == 0 { - id = model.NewId() - systemId := &model.System{Name: "DiagnosticId", Value: id} - <-api.Srv.Store.System().Save(systemId) - } + v := url.Values{} + v.Set(utils.PROP_DIAGNOSTIC_ID, id) + v.Set(utils.PROP_DIAGNOSTIC_BUILD, model.CurrentVersion+"."+model.BuildNumber) + v.Set(utils.PROP_DIAGNOSTIC_DATABASE, utils.Cfg.SqlSettings.DriverName) + v.Set(utils.PROP_DIAGNOSTIC_OS, runtime.GOOS) + v.Set(utils.PROP_DIAGNOSTIC_CATEGORY, utils.VAL_DIAGNOSTIC_CATEGORY_DEFAULT) + + if (currentTime - lastSecurityTime) > 1000*60*60*24*1 { + l4g.Info("Checking for security update from Mattermost") - systemLastTime := &model.System{Name: "LastDiagnosticTime", Value: strconv.FormatInt(currentTime, 10)} - if lastTime == 0 { - <-api.Srv.Store.System().Save(systemLastTime) + systemSecurityLastTime := &model.System{Name: "LastSecurityTime", Value: strconv.FormatInt(currentTime, 10)} + if lastSecurityTime == 0 { + <-api.Srv.Store.System().Save(systemSecurityLastTime) } else { - <-api.Srv.Store.System().Update(systemLastTime) + <-api.Srv.Store.System().Update(systemSecurityLastTime) } - m := make(map[string]string) - m[utils.PROP_DIAGNOSTIC_ID] = id - m[utils.PROP_DIAGNOSTIC_BUILD] = model.CurrentVersion + "." + model.BuildNumber - m[utils.PROP_DIAGNOSTIC_DATABASE] = utils.Cfg.SqlSettings.DriverName - m[utils.PROP_DIAGNOSTIC_OS] = runtime.GOOS - m[utils.PROP_DIAGNOSTIC_CATEGORY] = utils.VAL_DIAGNOSTIC_CATEGORY_DEFALUT - - if ucr := <-api.Srv.Store.User().GetTotalUsersCount(); ucr.Err == nil { - m[utils.PROP_DIAGNOSTIC_USER_COUNT] = strconv.FormatInt(ucr.Data.(int64), 10) + res, err := http.Get(utils.DIAGNOSTIC_URL + "/security?" + v.Encode()) + if err != nil { + l4g.Error("Failed to get security update information from Mattermost.") + return } - utils.SendDiagnostic(m) + bulletins := model.SecurityBulletinsFromJson(res.Body) + + for _, bulletin := range bulletins { + if bulletin.AppliesToVersion == model.CurrentVersion { + if props["SecurityBulletin_"+bulletin.Id] == "" { + if results := <-api.Srv.Store.User().GetSystemAdminProfiles(); results.Err != nil { + l4g.Error("Failed to get system admins for security update information from Mattermost.") + return + } else { + users := results.Data.(map[string]*model.User) + + resBody, err := http.Get(utils.DIAGNOSTIC_URL + "/bulletins/" + bulletin.Id) + if err != nil { + l4g.Error("Failed to get security bulletin details") + return + } + + body, err := ioutil.ReadAll(resBody.Body) + res.Body.Close() + if err != nil || resBody.StatusCode != 200 { + l4g.Error("Failed to read security bulletin details") + return + } + + for _, user := range users { + l4g.Info("Sending security bulletin for " + bulletin.Id + " to " + user.Email) + utils.SendMail(user.Email, "Mattermost Security Bulletin", string(body)) + } + } + + bulletinSeen := &model.System{Name: "SecurityBulletin_" + bulletin.Id, Value: bulletin.Id} + <-api.Srv.Store.System().Save(bulletinSeen) + } + } + } } } } - time.Sleep(time.Hour * 24) + time.Sleep(time.Hour * 4) } }() } |