diff options
Diffstat (limited to 'web/react/components')
-rw-r--r-- | web/react/components/admin_console/service_settings.jsx | 70 | ||||
-rw-r--r-- | web/react/components/post.jsx | 9 | ||||
-rw-r--r-- | web/react/components/post_header.jsx | 20 | ||||
-rw-r--r-- | web/react/components/post_list.jsx | 15 | ||||
-rw-r--r-- | web/react/components/user_profile.jsx | 16 |
5 files changed, 121 insertions, 9 deletions
diff --git a/web/react/components/admin_console/service_settings.jsx b/web/react/components/admin_console/service_settings.jsx index 245ffa871..b2d1b7b4d 100644 --- a/web/react/components/admin_console/service_settings.jsx +++ b/web/react/components/admin_console/service_settings.jsx @@ -37,6 +37,8 @@ export default class ServiceSettings extends React.Component { config.ServiceSettings.GoogleDeveloperKey = React.findDOMNode(this.refs.GoogleDeveloperKey).value.trim(); //config.ServiceSettings.EnableOAuthServiceProvider = React.findDOMNode(this.refs.EnableOAuthServiceProvider).checked; config.ServiceSettings.EnableIncomingWebhooks = React.findDOMNode(this.refs.EnableIncomingWebhooks).checked; + config.ServiceSettings.EnablePostUsernameOverride = React.findDOMNode(this.refs.EnablePostUsernameOverride).checked; + config.ServiceSettings.EnablePostIconOverride = React.findDOMNode(this.refs.EnablePostIconOverride).checked; config.ServiceSettings.EnableTesting = React.findDOMNode(this.refs.EnableTesting).checked; var MaximumLoginAttempts = 10; @@ -199,7 +201,73 @@ export default class ServiceSettings extends React.Component { /> {'false'} </label> - <p className='help-text'>{'When true, incoming webhooks will be allowed.'}</p> + <p className='help-text'>{'When true, incoming webhooks will be allowed. To help combat phishing attacks, all posts from webhooks will be labelled by a BOT tag.'}</p> + </div> + </div> + + <div className='form-group'> + <label + className='control-label col-sm-4' + htmlFor='EnablePostUsernameOverride' + > + {'Enable Overriding Usernames from Webhooks: '} + </label> + <div className='col-sm-8'> + <label className='radio-inline'> + <input + type='radio' + name='EnablePostUsernameOverride' + value='true' + ref='EnablePostUsernameOverride' + defaultChecked={this.props.config.ServiceSettings.EnablePostUsernameOverride} + onChange={this.handleChange} + /> + {'true'} + </label> + <label className='radio-inline'> + <input + type='radio' + name='EnablePostUsernameOverride' + value='false' + defaultChecked={!this.props.config.ServiceSettings.EnablePostUsernameOverride} + onChange={this.handleChange} + /> + {'false'} + </label> + <p className='help-text'>{'When true, webhooks will be allowed to change the username they are posting as. Note, combined with allowing icon overriding, this could open users up to phishing attacks.'}</p> + </div> + </div> + + <div className='form-group'> + <label + className='control-label col-sm-4' + htmlFor='EnablePostIconOverride' + > + {'Enable Overriding Icon from Webhooks: '} + </label> + <div className='col-sm-8'> + <label className='radio-inline'> + <input + type='radio' + name='EnablePostIconOverride' + value='true' + ref='EnablePostIconOverride' + defaultChecked={this.props.config.ServiceSettings.EnablePostIconOverride} + onChange={this.handleChange} + /> + {'true'} + </label> + <label className='radio-inline'> + <input + type='radio' + name='EnablePostIconOverride' + value='false' + defaultChecked={!this.props.config.ServiceSettings.EnablePostIconOverride} + onChange={this.handleChange} + /> + {'false'} + </label> + <p className='help-text'>{'When true, webhooks will be allowed to change the icon they post with. Note, combined with allowing username overriding, this could open users up to phishing attacks.'}</p> </div> </div> diff --git a/web/react/components/post.jsx b/web/react/components/post.jsx index 9127f00de..ac9c9252e 100644 --- a/web/react/components/post.jsx +++ b/web/react/components/post.jsx @@ -158,11 +158,18 @@ export default class Post extends React.Component { var profilePic = null; if (!this.props.hideProfilePic) { + let src = '/api/v1/users/' + post.user_id + '/image?time=' + timestamp; + if (post.props && post.props.from_webhook && global.window.config.EnablePostIconOverride === 'true') { + if (post.props.override_icon_url) { + src = post.props.override_icon_url; + } + } + profilePic = ( <div className='post-profile-img__container'> <img className='post-profile-img' - src={'/api/v1/users/' + post.user_id + '/image?time=' + timestamp} + src={src} height='36' width='36' /> diff --git a/web/react/components/post_header.jsx b/web/react/components/post_header.jsx index 9dc525e03..dd79b3e36 100644 --- a/web/react/components/post_header.jsx +++ b/web/react/components/post_header.jsx @@ -12,9 +12,27 @@ export default class PostHeader extends React.Component { render() { var post = this.props.post; + let userProfile = <UserProfile userId={post.user_id} />; + let botIndicator; + + if (post.props && post.props.from_webhook) { + if (post.props.override_username && global.window.config.EnablePostUsernameOverride === 'true') { + userProfile = ( + <UserProfile + userId={post.user_id} + overwriteName={post.props.override_username} + disablePopover={true} + /> + ); + } + + botIndicator = <li className='post-header-col post-header__name bot-indicator'>{'BOT'}</li>; + } + return ( <ul className='post-header post-header-post'> - <li className='post-header-col post-header__name'><strong><UserProfile userId={post.user_id} /></strong></li> + <li className='post-header-col post-header__name'><strong>{userProfile}</strong></li> + {botIndicator} <li className='post-info--hidden'> <PostInfo post={post} diff --git a/web/react/components/post_list.jsx b/web/react/components/post_list.jsx index a31967257..b90197ac4 100644 --- a/web/react/components/post_list.jsx +++ b/web/react/components/post_list.jsx @@ -516,8 +516,19 @@ export default class PostList extends React.Component { sameRoot = utils.isComment(post) && (prevPost.id === post.root_id || prevPost.root_id === post.root_id); - // we only hide the profile pic if the previous post is not a comment, the current post is not a comment, and the previous post was made by the same user as the current post - hideProfilePic = (prevPost.user_id === post.user_id) && !utils.isComment(prevPost) && !utils.isComment(post); + // hide the profile pic if: + // the previous post was made by the same user as the current post, + // the previous post is not a comment, + // the current post is not a comment, + // the current post is not from a webhook + // and the previous post is not from a webhook + if ((prevPost.user_id === post.user_id) && + !utils.isComment(prevPost) && + !utils.isComment(post) && + (!post.props || !post.props.from_webhook) && + (!prevPost.props || !prevPost.props.from_webhook)) { + hideProfilePic = true; + } } // check if it's the last comment in a consecutive string of comments on the same post diff --git a/web/react/components/user_profile.jsx b/web/react/components/user_profile.jsx index c5d028d31..ceb8f52a7 100644 --- a/web/react/components/user_profile.jsx +++ b/web/react/components/user_profile.jsx @@ -31,8 +31,10 @@ export default class UserProfile extends React.Component { } componentDidMount() { UserStore.addChangeListener(this.onChange); - $('#profile_' + this.uniqueId).popover({placement: 'right', container: 'body', trigger: 'hover', html: true, delay: {show: 200, hide: 100}}); - $('body').tooltip({selector: '[data-toggle=tooltip]', trigger: 'hover click'}); + if (!this.props.disablePopover) { + $('#profile_' + this.uniqueId).popover({placement: 'right', container: 'body', trigger: 'hover', html: true, delay: {show: 200, hide: 100}}); + $('body').tooltip({selector: '[data-toggle=tooltip]', trigger: 'hover click'}); + } } componentWillUnmount() { UserStore.removeChangeListener(this.onChange); @@ -56,6 +58,10 @@ export default class UserProfile extends React.Component { name = this.props.overwriteName; } + if (this.props.disablePopover) { + return <div>{name}</div>; + } + var dataContent = '<img class="user-popover__image" src="/api/v1/users/' + this.state.profile.id + '/image?time=' + this.state.profile.update_at + '" height="128" width="128" />'; if (!global.window.config.ShowEmailAddress === 'true') { dataContent += '<div class="text-nowrap">Email not shared</div>'; @@ -79,9 +85,11 @@ export default class UserProfile extends React.Component { UserProfile.defaultProps = { userId: '', - overwriteName: '' + overwriteName: '', + disablePopover: false }; UserProfile.propTypes = { userId: React.PropTypes.string, - overwriteName: React.PropTypes.string + overwriteName: React.PropTypes.string, + disablePopover: React.PropTypes.bool }; |