diff options
Diffstat (limited to 'model')
-rw-r--r-- | model/authorization.go | 41 | ||||
-rw-r--r-- | model/client.go | 38 | ||||
-rw-r--r-- | model/config.go | 26 | ||||
-rw-r--r-- | model/file.go | 4 | ||||
-rw-r--r-- | model/post.go | 4 | ||||
-rw-r--r-- | model/team.go | 8 | ||||
-rw-r--r-- | model/user.go | 7 | ||||
-rw-r--r-- | model/websocket_client.go | 4 |
8 files changed, 129 insertions, 3 deletions
diff --git a/model/authorization.go b/model/authorization.go index 75aebf55c..56bb58913 100644 --- a/model/authorization.go +++ b/model/authorization.go @@ -27,6 +27,8 @@ var PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS *Permission var PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS *Permission var PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE *Permission var PERMISSION_MANAGE_ROLES *Permission +var PERMISSION_MANAGE_TEAM_ROLES *Permission +var PERMISSION_MANAGE_CHANNEL_ROLES *Permission var PERMISSION_CREATE_DIRECT_CHANNEL *Permission var PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES *Permission var PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES *Permission @@ -46,7 +48,10 @@ var PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH *Permission var PERMISSION_CREATE_POST *Permission var PERMISSION_EDIT_POST *Permission var PERMISSION_EDIT_OTHERS_POSTS *Permission +var PERMISSION_DELETE_POST *Permission +var PERMISSION_DELETE_OTHERS_POSTS *Permission var PERMISSION_REMOVE_USER_FROM_TEAM *Permission +var PERMISSION_CREATE_TEAM *Permission var PERMISSION_MANAGE_TEAM *Permission var PERMISSION_IMPORT_TEAM *Permission @@ -123,6 +128,16 @@ func InitalizePermissions() { "authentication.permissions.manage_roles.name", "authentication.permissions.manage_roles.description", } + PERMISSION_MANAGE_TEAM_ROLES = &Permission{ + "manage_team_roles", + "authentication.permissions.manage_team_roles.name", + "authentication.permissions.manage_team_roles.description", + } + PERMISSION_MANAGE_CHANNEL_ROLES = &Permission{ + "manage_channel_roles", + "authentication.permissions.manage_channel_roles.name", + "authentication.permissions.manage_channel_roles.description", + } PERMISSION_MANAGE_SYSTEM = &Permission{ "manage_system", "authentication.permissions.manage_system.name", @@ -223,11 +238,26 @@ func InitalizePermissions() { "authentication.permissions.edit_others_posts.name", "authentication.permissions.edit_others_posts.description", } + PERMISSION_DELETE_POST = &Permission{ + "delete_post", + "authentication.permissions.delete_post.name", + "authentication.permissions.delete_post.description", + } + PERMISSION_DELETE_OTHERS_POSTS = &Permission{ + "delete_others_posts", + "authentication.permissions.delete_others_posts.name", + "authentication.permissions.delete_others_posts.description", + } PERMISSION_REMOVE_USER_FROM_TEAM = &Permission{ "remove_user_from_team", "authentication.permissions.remove_user_from_team.name", "authentication.permissions.remove_user_from_team.description", } + PERMISSION_CREATE_TEAM = &Permission{ + "create_team", + "authentication.permissions.create_team.name", + "authentication.permissions.create_team.description", + } PERMISSION_MANAGE_TEAM = &Permission{ "manage_team", "authentication.permissions.manage_team.name", @@ -264,7 +294,9 @@ func InitalizeRoles() { "channel_admin", "authentication.roles.channel_admin.name", "authentication.roles.channel_admin.description", - []string{}, + []string{ + PERMISSION_MANAGE_CHANNEL_ROLES.Id, + }, } BuiltInRoles[ROLE_CHANNEL_ADMIN.Id] = ROLE_CHANNEL_ADMIN ROLE_CHANNEL_GUEST = &Role{ @@ -295,7 +327,8 @@ func InitalizeRoles() { PERMISSION_REMOVE_USER_FROM_TEAM.Id, PERMISSION_MANAGE_TEAM.Id, PERMISSION_IMPORT_TEAM.Id, - PERMISSION_MANAGE_ROLES.Id, + PERMISSION_MANAGE_TEAM_ROLES.Id, + PERMISSION_MANAGE_CHANNEL_ROLES.Id, PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id, PERMISSION_MANAGE_SLASH_COMMANDS.Id, PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id, @@ -329,6 +362,7 @@ func InitalizeRoles() { []string{ PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id, PERMISSION_MANAGE_SYSTEM.Id, + PERMISSION_MANAGE_ROLES.Id, PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, PERMISSION_DELETE_PUBLIC_CHANNEL.Id, PERMISSION_CREATE_PUBLIC_CHANNEL.Id, @@ -340,6 +374,9 @@ func InitalizeRoles() { PERMISSION_EDIT_OTHER_USERS.Id, PERMISSION_MANAGE_OAUTH.Id, PERMISSION_INVITE_USER.Id, + PERMISSION_DELETE_POST.Id, + PERMISSION_DELETE_OTHERS_POSTS.Id, + PERMISSION_CREATE_TEAM.Id, }, ROLE_TEAM_USER.Permissions..., ), diff --git a/model/client.go b/model/client.go index 540bc747f..c75121e97 100644 --- a/model/client.go +++ b/model/client.go @@ -1471,6 +1471,21 @@ func (c *Client) GetPostById(postId string, etag string) (*PostList, *ResponseMe } } +// GetPermalink returns a post list, based on the provided channel and post ID. +func (c *Client) GetPermalink(channelId string, postId string, etag string) (*PostList, *ResponseMetadata) { + if r, err := c.DoApiGet(c.GetTeamRoute()+fmt.Sprintf("/pltmp/%v", postId), "", etag); err != nil { + return nil, &ResponseMetadata{StatusCode: r.StatusCode, Error: err} + } else { + defer closeBody(r) + return PostListFromJson(r.Body), + &ResponseMetadata{ + StatusCode: r.StatusCode, + RequestId: r.Header.Get(HEADER_REQUEST_ID), + Etag: r.Header.Get(HEADER_ETAG_SERVER), + } + } +} + func (c *Client) DeletePost(channelId string, postId string) (*Result, *AppError) { if r, err := c.DoApiPost(c.GetChannelRoute(channelId)+fmt.Sprintf("/posts/%v/delete", postId), ""); err != nil { return nil, err @@ -2319,3 +2334,26 @@ func (c *Client) ListReactions(channelId string, postId string) ([]*Reaction, *A return ReactionsFromJson(r.Body), nil } } + +// Updates the user's roles in the channel by replacing them with the roles provided. +func (c *Client) UpdateChannelRoles(channelId string, userId string, roles string) (map[string]string, *ResponseMetadata) { + data := make(map[string]string) + data["new_roles"] = roles + data["user_id"] = userId + + if r, err := c.DoApiPost(c.GetChannelRoute(channelId)+"/update_member_roles", MapToJson(data)); err != nil { + metadata := ResponseMetadata{Error: err} + if r != nil { + metadata.StatusCode = r.StatusCode + } + return nil, &metadata + } else { + defer closeBody(r) + return MapFromJson(r.Body), + &ResponseMetadata{ + StatusCode: r.StatusCode, + RequestId: r.Header.Get(HEADER_REQUEST_ID), + Etag: r.Header.Get(HEADER_ETAG_SERVER), + } + } +} diff --git a/model/config.go b/model/config.go index 0134e1a34..13e795170 100644 --- a/model/config.go +++ b/model/config.go @@ -49,6 +49,14 @@ const ( RESTRICT_EMOJI_CREATION_ADMIN = "admin" RESTRICT_EMOJI_CREATION_SYSTEM_ADMIN = "system_admin" + PERMISSIONS_DELETE_POST_ALL = "all" + PERMISSIONS_DELETE_POST_TEAM_ADMIN = "team_admin" + PERMISSIONS_DELETE_POST_SYSTEM_ADMIN = "system_admin" + + ALLOW_EDIT_POST_ALWAYS = "always" + ALLOW_EDIT_POST_NEVER = "never" + ALLOW_EDIT_POST_TIME_LIMIT = "time_limit" + EMAIL_BATCHING_BUFFER_SIZE = 256 EMAIL_BATCHING_INTERVAL = 30 @@ -92,6 +100,9 @@ type ServiceSettings struct { WebserverMode *string EnableCustomEmoji *bool RestrictCustomEmojiCreation *string + RestrictPostDelete *string + AllowEditPost *string + PostEditTimeLimit *int } type ClusterSettings struct { @@ -827,6 +838,21 @@ func (o *Config) SetDefaults() { *o.ServiceSettings.RestrictCustomEmojiCreation = RESTRICT_EMOJI_CREATION_ALL } + if o.ServiceSettings.RestrictPostDelete == nil { + o.ServiceSettings.RestrictPostDelete = new(string) + *o.ServiceSettings.RestrictPostDelete = PERMISSIONS_DELETE_POST_ALL + } + + if o.ServiceSettings.AllowEditPost == nil { + o.ServiceSettings.AllowEditPost = new(string) + *o.ServiceSettings.AllowEditPost = ALLOW_EDIT_POST_TIME_LIMIT + } + + if o.ServiceSettings.PostEditTimeLimit == nil { + o.ServiceSettings.PostEditTimeLimit = new(int) + *o.ServiceSettings.PostEditTimeLimit = 300 + } + if o.ClusterSettings.InterNodeListenAddress == nil { o.ClusterSettings.InterNodeListenAddress = new(string) *o.ClusterSettings.InterNodeListenAddress = ":8075" diff --git a/model/file.go b/model/file.go index c218c4246..20f6236de 100644 --- a/model/file.go +++ b/model/file.go @@ -8,6 +8,10 @@ import ( "io" ) +const ( + MaxImageSize = 6048 * 4032 // 24 megapixels, roughly 36MB as a raw image +) + var ( IMAGE_EXTENSIONS = [5]string{".jpg", ".jpeg", ".gif", ".bmp", ".png"} IMAGE_MIME_TYPES = map[string]string{".jpg": "image/jpeg", ".jpeg": "image/jpeg", ".gif": "image/gif", ".bmp": "image/bmp", ".png": "image/png", ".tiff": "image/tiff"} diff --git a/model/post.go b/model/post.go index 7097e031d..668c4db61 100644 --- a/model/post.go +++ b/model/post.go @@ -18,6 +18,7 @@ const ( POST_ADD_REMOVE = "system_add_remove" POST_HEADER_CHANGE = "system_header_change" POST_DISPLAYNAME_CHANGE = "system_displayname_change" + POST_PURPOSE_CHANGE = "system_purpose_change" POST_CHANNEL_DELETED = "system_channel_deleted" POST_EPHEMERAL = "system_ephemeral" POST_FILEIDS_MAX_RUNES = 150 @@ -31,6 +32,7 @@ type Post struct { Id string `json:"id"` CreateAt int64 `json:"create_at"` UpdateAt int64 `json:"update_at"` + EditAt int64 `json:"edit_at"` DeleteAt int64 `json:"delete_at"` UserId string `json:"user_id"` ChannelId string `json:"channel_id"` @@ -119,7 +121,7 @@ func (o *Post) IsValid() *AppError { // should be removed once more message types are supported if !(o.Type == POST_DEFAULT || o.Type == POST_JOIN_LEAVE || o.Type == POST_ADD_REMOVE || - o.Type == POST_SLACK_ATTACHMENT || o.Type == POST_HEADER_CHANGE || + o.Type == POST_SLACK_ATTACHMENT || o.Type == POST_HEADER_CHANGE || o.Type == POST_PURPOSE_CHANGE || o.Type == POST_DISPLAYNAME_CHANGE || o.Type == POST_CHANNEL_DELETED) { return NewLocAppError("Post.IsValid", "model.post.is_valid.type.app_error", nil, "id="+o.Type) } diff --git a/model/team.go b/model/team.go index 3f05ce83a..195bac571 100644 --- a/model/team.go +++ b/model/team.go @@ -48,6 +48,14 @@ func InvitesFromJson(data io.Reader) *Invites { } } +func (o *Invites) ToEmailList() []string { + emailList := make([]string, len(o.Invites)) + for _, invite := range o.Invites { + emailList = append(emailList, invite["email"]) + } + return emailList +} + func (o *Invites) ToJson() string { b, err := json.Marshal(o) if err != nil { diff --git a/model/user.go b/model/user.go index 76c3772cb..876ba70e7 100644 --- a/model/user.go +++ b/model/user.go @@ -376,6 +376,13 @@ func IsInRole(userRoles string, inRole string) bool { return false } +func (u *User) IsSSOUser() bool { + if u.AuthService != "" && u.AuthService != USER_AUTH_SERVICE_EMAIL { + return true + } + return false +} + func (u *User) IsOAuthUser() bool { if u.AuthService == USER_AUTH_SERVICE_GITLAB { return true diff --git a/model/websocket_client.go b/model/websocket_client.go index 453ae49b7..c91855134 100644 --- a/model/websocket_client.go +++ b/model/websocket_client.go @@ -8,6 +8,10 @@ import ( "github.com/gorilla/websocket" ) +const ( + SOCKET_MAX_MESSAGE_SIZE_KB = 8 * 1024 // 8KB +) + type WebSocketClient struct { Url string // The location of the server like "ws://localhost:8065" ApiUrl string // The api location of the server like "ws://localhost:8065/api/v3" |