mirror of
https://github.com/mattermost/mattermost.git
synced 2026-02-19 02:28:08 -05:00
5d3a04760b
* [MM-67605] Add DCR redirect URI allowlist enforcement Introduce ServiceSettings.DCRRedirectURIAllowlist with glob-based validation and enforce it during OAuth dynamic client registration to block unapproved redirect URIs. Add System Console wiring and tests for config validation, wildcard matching semantics, API error behavior, and localhost wildcard support. Co-authored-by: Cursor <cursoragent@cursor.com> * Fix pre-commit checks: TypeScript type assertion, gofmt, and regenerate CI artifacts - admin_definition_dcr_allowlist.test.tsx: Add AdminDefinitionSettingInput type assertion for 'multiple' property - oauth_dcr_test.go: Fix comment spacing (gofmt) - Regenerate mocks, go.sum, gen-serialized, mmctl-docs per CI requirements Co-authored-by: Cursor <cursoragent@cursor.com> * Revert unnecessary pre-commit regenerations Revert mmctl docs, mocks, go.sum, and gen-serialized to master. Keep only the TypeScript and gofmt fixes from the previous commit. Co-authored-by: Cursor <cursoragent@cursor.com> * Fix import order in admin_definition_dcr_allowlist.test.tsx Co-authored-by: Cursor <cursoragent@cursor.com> * Fix i18n * Update server/public/model/oauth_dcr.go Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com> * Fix --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com> |
||
|---|---|---|
| .. | ||
| exif_samples | ||
| 1x10000.png | ||
| 1x10000_expected_preview.png | ||
| 1x10000_expected_thumb.png | ||
| 10000x1.png | ||
| 10000x1_expected_preview.png | ||
| 10000x1_expected_thumb.png | ||
| channel-role-has-permission.csv | ||
| crop_test_input.png | ||
| crop_test_output_45x45.png | ||
| crop_test_output_45x100.png | ||
| crop_test_output_100x45.png | ||
| crop_test_output_100x100.png | ||
| custom-schema-cpa.ldif | ||
| custom-schema-objectID.ldif | ||
| development-private-key.asc | ||
| development-public-key.asc | ||
| development-public-key.gpg | ||
| export_test.zip | ||
| Fake_Team_Import.rar | ||
| Fake_Team_Import.tar.gz | ||
| Fake_Team_Import.zip | ||
| fill_test_8bit_palette.png | ||
| fill_test_8bit_palette_out.png | ||
| fill_test_8bit_rgb.png | ||
| fill_test_8bit_rgb_out.png | ||
| fill_test_8bit_rgba.png | ||
| fill_test_8bit_rgba_out.png | ||
| fill_test_16bit_rgb.png | ||
| fill_test_16bit_rgb_out.png | ||
| fill_test_16bit_rgba.png | ||
| fill_test_16bit_rgba_out.png | ||
| fill_test_input.png | ||
| fill_test_opaque.png | ||
| fill_test_output_45x45.png | ||
| fill_test_output_45x100.png | ||
| fill_test_output_100x45.png | ||
| fill_test_output_100x100.png | ||
| fit_test_input.png | ||
| fit_test_output_45x45.png | ||
| fit_test_output_45x100.png | ||
| fit_test_output_100x45.png | ||
| fit_test_output_100x100.png | ||
| group-role-has-permission.csv | ||
| import_test.zip | ||
| large_image_file.jpg | ||
| large_lzw_frame.gif | ||
| orientation_test.jpeg | ||
| orientation_test_1.jpeg | ||
| orientation_test_1_expected_preview.jpeg | ||
| orientation_test_1_expected_thumb.jpeg | ||
| orientation_test_2.jpeg | ||
| orientation_test_2_expected_preview.jpeg | ||
| orientation_test_2_expected_thumb.jpeg | ||
| orientation_test_3.jpeg | ||
| orientation_test_3_expected_preview.jpeg | ||
| orientation_test_3_expected_thumb.jpeg | ||
| orientation_test_4.jpeg | ||
| orientation_test_4_expected_preview.jpeg | ||
| orientation_test_4_expected_thumb.jpeg | ||
| orientation_test_5.jpeg | ||
| orientation_test_5_expected_preview.jpeg | ||
| orientation_test_5_expected_thumb.jpeg | ||
| orientation_test_6.jpeg | ||
| orientation_test_6_expected_preview.jpeg | ||
| orientation_test_6_expected_thumb.jpeg | ||
| orientation_test_7.jpeg | ||
| orientation_test_7_expected_preview.jpeg | ||
| orientation_test_7_expected_thumb.jpeg | ||
| orientation_test_8.jpeg | ||
| orientation_test_8_expected_preview.jpeg | ||
| orientation_test_8_expected_thumb.jpeg | ||
| orientation_test_9.jpeg | ||
| orientation_test_9_expected_preview.jpeg | ||
| orientation_test_9_expected_thumb.jpeg | ||
| qa-data-graph.png | ||
| qa-data.ldif | ||
| README.md | ||
| sample-doc.doc | ||
| sample-doc.docx | ||
| sample-doc.odp | ||
| sample-doc.odt | ||
| sample-doc.pdf | ||
| sample-doc.pptx | ||
| sample-doc.rtf | ||
| slack-import-test-channels.json | ||
| slack-import-test-direct-messages.json | ||
| slack-import-test-group-direct-messages.json | ||
| slack-import-test-posts.json | ||
| slack-import-test-private-channels.json | ||
| slack-import-test-users.json | ||
| test-attachments.md | ||
| test-config.json | ||
| test-data-graph.png | ||
| test-data.ldif | ||
| test-emoticons1.md | ||
| test-emoticons2.md | ||
| test-emoticons3.md | ||
| test-emoticons4.md | ||
| test-emoticons5.md | ||
| test-emoticons6.md | ||
| test-hashtags.md | ||
| test-link-preview.md | ||
| test-links.md | ||
| test-markdown-basics.md | ||
| test-markdown-lists.md | ||
| test-mentions.md | ||
| test-public-key.plugin.gpg | ||
| test-search.md | ||
| test-slack-attachments.json | ||
| test-syntax-highlighting.md | ||
| test-tables.md | ||
| test.png | ||
| test.svg | ||
| test.tiff | ||
| test_expected_tiff_preview.jpeg | ||
| test_expected_tiff_thumb.jpeg | ||
| test_img_diff_A.png | ||
| test_img_diff_B.png | ||
| testarchive.zip | ||
| testgif.gif | ||
| testgif_expected_preview.jpg | ||
| testgif_expected_thumbnail.jpg | ||
| testjpg.jpg | ||
| testplugin-v0.0.2.tar.gz | ||
| testplugin-v0.0.2.tar.gz.asc | ||
| testplugin-v0.0.2.tar.gz.sig | ||
| testplugin.tar.gz | ||
| testplugin.tar.gz.asc | ||
| testplugin.tar.gz.sig | ||
| testplugin2.tar.gz | ||
| testplugin2.tar.gz.asc | ||
| testplugin2.tar.gz.sig | ||
| testwebp.webp | ||
| tls_test_cert.pem | ||
| tls_test_key.pem | ||
Testing Text Processing
The text processing tests located in the doc/developer/tests folder are designed for use with the /test url command. This command posts the raw contents of a specified .md file in the doc/developer/test folder into Mattermost.
Turning on /test
Access the System Console from the Main Menu. Under Service Settings make sure that Enable Testing is set to true, then click Save. You may also change this setting from config.json by setting ”EnableTesting”: true. Changing this setting requires a server restart to take effect.
Running the Tests
In the text input box in Mattermost, type: /test url [file-name-in-testing-folder].md. Some examples:
/test url test-emoticons.md
/test url test-links.md
Notes:
- If a test has prerequisites, make sure your Mattermost setup meets the requirements described at the top of the test file.
- Some tests are over 4000 characters in length and will render across multiple posts.
Manual Testing
It is possible to manually test specific sections of any test, instead of using the /test command. Do this by clicking Raw in the header for the file when it’s open in GitHub, then copy and paste any section into Mattermost to post it. Manual testing only supports sections of 4000 characters or less per post.
Test plugins
There are three test plugins: testplugin.tar.gz, testplugin-v0.0.2.tar.gz, and testplugin2.tar.gz. These are use in some integration tests in the api4 package. Any changes to the plugin bundles require updating the corresponding signatures.
First, import the public and private development key:
gpg --import ./development-public-key.gpg
gpg --import ./development-private-key.asc
This has to be done only once.
Then update the signatures:
gpg -u F3FACE45E0DE642C8BD6A8E64C7C6562C192CC1F --verbose --personal-digest-preferences SHA256 --detach-sign testplugin.tar.gz
gpg -u F3FACE45E0DE642C8BD6A8E64C7C6562C192CC1F --verbose --personal-digest-preferences SHA256 --detach-sign --armor testplugin.tar.gz
gpg -u F3FACE45E0DE642C8BD6A8E64C7C6562C192CC1F --verbose --personal-digest-preferences SHA256 --detach-sign testplugin-v0.0.2.tar.gz
gpg -u F3FACE45E0DE642C8BD6A8E64C7C6562C192CC1F --verbose --personal-digest-preferences SHA256 --detach-sign --armor testplugin-v0.0.2.tar.gz
gpg -u F3FACE45E0DE642C8BD6A8E64C7C6562C192CC1F --verbose --personal-digest-preferences SHA256 --detach-sign testplugin2.tar.gz
gpg -u F3FACE45E0DE642C8BD6A8E64C7C6562C192CC1F --verbose --personal-digest-preferences SHA256 --detach-sign --armor testplugin2.tar.gz
Finally, include the updates bundles and signatures in your commit.