From 0a6b96cb40d9dd5acca7e366df9cd14fa4eff6a7 Mon Sep 17 00:00:00 2001 From: Harrison Healey Date: Mon, 9 Apr 2018 12:16:11 -0400 Subject: MM-9849 Added tracking of which settings are set through environment variables (#8586) * MM-9849 Added tracking of which settings are set through environment variables * Removed old version of viper * Added forked version of viper * Fixed unit tests * Fixed more unit tests * Removed copy from App.GetEnvironmentConfig --- api4/system.go | 13 +++++++++++ api4/system_test.go | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+) (limited to 'api4') diff --git a/api4/system.go b/api4/system.go index b34f2af6b..c307a39b7 100644 --- a/api4/system.go +++ b/api4/system.go @@ -23,6 +23,7 @@ func (api *API) InitSystem() { api.BaseRoutes.ApiRoot.Handle("/config", api.ApiSessionRequired(updateConfig)).Methods("PUT") api.BaseRoutes.ApiRoot.Handle("/config/reload", api.ApiSessionRequired(configReload)).Methods("POST") api.BaseRoutes.ApiRoot.Handle("/config/client", api.ApiHandler(getClientConfig)).Methods("GET") + api.BaseRoutes.ApiRoot.Handle("/config/environment", api.ApiSessionRequired(getEnvironmentConfig)).Methods("GET") api.BaseRoutes.ApiRoot.Handle("/license", api.ApiSessionRequired(addLicense)).Methods("POST") api.BaseRoutes.ApiRoot.Handle("/license", api.ApiSessionRequired(removeLicense)).Methods("DELETE") @@ -251,6 +252,18 @@ func getClientConfig(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(model.MapToJson(c.App.ClientConfigWithComputed()))) } +func getEnvironmentConfig(c *Context, w http.ResponseWriter, r *http.Request) { + if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + envConfig := c.App.GetEnvironmentConfig() + + w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate") + w.Write([]byte(model.StringInterfaceToJson(envConfig))) +} + func getClientLicense(c *Context, w http.ResponseWriter, r *http.Request) { format := r.URL.Query().Get("format") diff --git a/api4/system_test.go b/api4/system_test.go index bb3790d4b..f74d91563 100644 --- a/api4/system_test.go +++ b/api4/system_test.go @@ -161,6 +161,70 @@ func TestUpdateConfig(t *testing.T) { }) } +func TestGetEnvironmentConfig(t *testing.T) { + os.Setenv("MM_SERVICESETTINGS_SITEURL", "http://example.mattermost.com") + os.Setenv("MM_SERVICESETTINGS_ENABLECUSTOMEMOJI", "true") + defer os.Unsetenv("MM_SERVICESETTINGS_SITEURL") + + th := Setup().InitBasic().InitSystemAdmin() + defer th.TearDown() + + t.Run("as system admin", func(t *testing.T) { + SystemAdminClient := th.SystemAdminClient + + envConfig, resp := SystemAdminClient.GetEnvironmentConfig() + CheckNoError(t, resp) + + if serviceSettings, ok := envConfig["ServiceSettings"]; !ok { + t.Fatal("should've returned ServiceSettings") + } else if serviceSettingsAsMap, ok := serviceSettings.(map[string]interface{}); !ok { + t.Fatal("should've returned ServiceSettings as a map") + } else { + if siteURL, ok := serviceSettingsAsMap["SiteURL"]; !ok { + t.Fatal("should've returned ServiceSettings.SiteURL") + } else if siteURLAsBool, ok := siteURL.(bool); !ok { + t.Fatal("should've returned ServiceSettings.SiteURL as a boolean") + } else if !siteURLAsBool { + t.Fatal("should've returned ServiceSettings.SiteURL as true") + } + + if enableCustomEmoji, ok := serviceSettingsAsMap["EnableCustomEmoji"]; !ok { + t.Fatal("should've returned ServiceSettings.EnableCustomEmoji") + } else if enableCustomEmojiAsBool, ok := enableCustomEmoji.(bool); !ok { + t.Fatal("should've returned ServiceSettings.EnableCustomEmoji as a boolean") + } else if !enableCustomEmojiAsBool { + t.Fatal("should've returned ServiceSettings.EnableCustomEmoji as true") + } + } + + if _, ok := envConfig["TeamSettings"]; ok { + t.Fatal("should not have returned TeamSettings") + } + }) + + t.Run("as team admin", func(t *testing.T) { + TeamAdminClient := th.CreateClient() + th.LoginTeamAdminWithClient(TeamAdminClient) + + _, resp := TeamAdminClient.GetEnvironmentConfig() + CheckForbiddenStatus(t, resp) + }) + + t.Run("as regular user", func(t *testing.T) { + Client := th.Client + + _, resp := Client.GetEnvironmentConfig() + CheckForbiddenStatus(t, resp) + }) + + t.Run("as not-regular user", func(t *testing.T) { + Client := th.CreateClient() + + _, resp := Client.GetEnvironmentConfig() + CheckUnauthorizedStatus(t, resp) + }) +} + func TestGetOldClientConfig(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer th.TearDown() -- cgit v1.2.3-1-g7c22