From fc158fce907b602bbde3babfadfd1a04d1dde31e Mon Sep 17 00:00:00 2001 From: George Goldberg Date: Mon, 25 Jun 2018 14:34:59 +0100 Subject: MM-10570: Make permissions reset command clear custom role assignments. (#8976) --- store/sqlstore/channel_store.go | 69 +++++++++++++++++++++++++++++++++++++++++ store/sqlstore/team_store.go | 69 +++++++++++++++++++++++++++++++++++++++++ store/sqlstore/user_store.go | 69 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 207 insertions(+) (limited to 'store/sqlstore') diff --git a/store/sqlstore/channel_store.go b/store/sqlstore/channel_store.go index 476665514..eb88bc42a 100644 --- a/store/sqlstore/channel_store.go +++ b/store/sqlstore/channel_store.go @@ -1784,3 +1784,72 @@ func (s SqlChannelStore) ResetAllChannelSchemes() store.StoreChannel { } }) } + +func (s SqlChannelStore) ClearAllCustomRoleAssignments() store.StoreChannel { + return store.Do(func(result *store.StoreResult) { + builtInRoles := model.MakeDefaultRoles() + lastUserId := strings.Repeat("0", 26) + lastChannelId := strings.Repeat("0", 26) + + for true { + var transaction *gorp.Transaction + var err error + + if transaction, err = s.GetMaster().Begin(); err != nil { + result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.open_transaction.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + + var channelMembers []*channelMember + if _, err := transaction.Select(&channelMembers, "SELECT * from ChannelMembers WHERE (ChannelId, UserId) > (:ChannelId, :UserId) ORDER BY ChannelId, UserId LIMIT 1000", map[string]interface{}{"ChannelId": lastChannelId, "UserId": lastUserId}); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.select.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + + if len(channelMembers) == 0 { + break + } + + for _, member := range channelMembers { + lastUserId = member.UserId + lastChannelId = member.ChannelId + + var newRoles []string + + for _, role := range strings.Fields(member.Roles) { + for name := range builtInRoles { + if name == role { + newRoles = append(newRoles, role) + break + } + } + } + + newRolesString := strings.Join(newRoles, " ") + if newRolesString != member.Roles { + if _, err := transaction.Exec("UPDATE ChannelMembers SET Roles = :Roles WHERE UserId = :UserId AND ChannelId = :ChannelId", map[string]interface{}{"Roles": newRolesString, "ChannelId": member.ChannelId, "UserId": member.UserId}); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.update.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + } + } + + if err := transaction.Commit(); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlChannelStore.ClearAllCustomRoleAssignments", "store.sql_channel.clear_all_custom_role_assignments.commit_transaction.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + } + }) +} diff --git a/store/sqlstore/team_store.go b/store/sqlstore/team_store.go index 95b73e542..65b767430 100644 --- a/store/sqlstore/team_store.go +++ b/store/sqlstore/team_store.go @@ -806,3 +806,72 @@ func (s SqlTeamStore) ResetAllTeamSchemes() store.StoreChannel { } }) } + +func (s SqlTeamStore) ClearAllCustomRoleAssignments() store.StoreChannel { + return store.Do(func(result *store.StoreResult) { + builtInRoles := model.MakeDefaultRoles() + lastUserId := strings.Repeat("0", 26) + lastTeamId := strings.Repeat("0", 26) + + for true { + var transaction *gorp.Transaction + var err error + + if transaction, err = s.GetMaster().Begin(); err != nil { + result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.open_transaction.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + + var teamMembers []*teamMember + if _, err := transaction.Select(&teamMembers, "SELECT * from TeamMembers WHERE (TeamId, UserId) > (:TeamId, :UserId) ORDER BY TeamId, UserId LIMIT 1000", map[string]interface{}{"TeamId": lastTeamId, "UserId": lastUserId}); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.select.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + + if len(teamMembers) == 0 { + break + } + + for _, member := range teamMembers { + lastUserId = member.UserId + lastTeamId = member.TeamId + + var newRoles []string + + for _, role := range strings.Fields(member.Roles) { + for name := range builtInRoles { + if name == role { + newRoles = append(newRoles, role) + break + } + } + } + + newRolesString := strings.Join(newRoles, " ") + if newRolesString != member.Roles { + if _, err := transaction.Exec("UPDATE TeamMembers SET Roles = :Roles WHERE UserId = :UserId AND TeamId = :TeamId", map[string]interface{}{"Roles": newRolesString, "TeamId": member.TeamId, "UserId": member.UserId}); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.update.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + } + } + + if err := transaction.Commit(); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlTeamStore.ClearAllCustomRoleAssignments", "store.sql_team.clear_all_custom_role_assignments.commit_transaction.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + } + }) +} diff --git a/store/sqlstore/user_store.go b/store/sqlstore/user_store.go index a695e4aa8..203ad4c26 100644 --- a/store/sqlstore/user_store.go +++ b/store/sqlstore/user_store.go @@ -10,6 +10,8 @@ import ( "strconv" "strings" + "github.com/mattermost/gorp" + "github.com/mattermost/mattermost-server/einterfaces" "github.com/mattermost/mattermost-server/model" "github.com/mattermost/mattermost-server/store" @@ -1247,3 +1249,70 @@ func (us SqlUserStore) GetEtagForProfilesNotInTeam(teamId string) store.StoreCha } }) } + +func (us SqlUserStore) ClearAllCustomRoleAssignments() store.StoreChannel { + return store.Do(func(result *store.StoreResult) { + builtInRoles := model.MakeDefaultRoles() + lastUserId := strings.Repeat("0", 26) + + for true { + var transaction *gorp.Transaction + var err error + + if transaction, err = us.GetMaster().Begin(); err != nil { + result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.open_transaction.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + + var users []*model.User + if _, err := transaction.Select(&users, "SELECT * from Users WHERE Id > :Id ORDER BY Id LIMIT 1000", map[string]interface{}{"Id": lastUserId}); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.select.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + + if len(users) == 0 { + break + } + + for _, user := range users { + lastUserId = user.Id + + var newRoles []string + + for _, role := range strings.Fields(user.Roles) { + for name := range builtInRoles { + if name == role { + newRoles = append(newRoles, role) + break + } + } + } + + newRolesString := strings.Join(newRoles, " ") + if newRolesString != user.Roles { + if _, err := transaction.Exec("UPDATE Users SET Roles = :Roles WHERE Id = :Id", map[string]interface{}{"Roles": newRolesString, "Id": user.Id}); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.update.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + } + } + + if err := transaction.Commit(); err != nil { + if err2 := transaction.Rollback(); err2 != nil { + result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.rollback_transaction.app_error", nil, err2.Error(), http.StatusInternalServerError) + return + } + result.Err = model.NewAppError("SqlUserStore.ClearAllCustomRoleAssignments", "store.sql_user.clear_all_custom_role_assignments.commit_transaction.app_error", nil, err.Error(), http.StatusInternalServerError) + return + } + } + }) +} -- cgit v1.2.3-1-g7c22