mirror of
https://github.com/mattermost/mattermost.git
synced 2026-04-24 15:47:47 -04:00
2e5617c29b
* Adding TeamMember to system * Fixing all unit tests on the backend * Fixing merge conflicts * Fixing merge conflict * Adding javascript unit tests * Adding TeamMember to system * Fixing all unit tests on the backend * Fixing merge conflicts * Fixing merge conflict * Adding javascript unit tests * Adding client side unit test * Cleaning up the clint side tests * Fixing msg * Adding more client side unit tests * Adding more using tests * Adding last bit of client side unit tests and adding make cmd * Fixing bad merge * Fixing libraries * Updating to new client side API * Fixing borken unit test * Fixing unit tests * ugg...trying to beat gofmt * ugg...trying to beat gofmt * Cleaning up remainder of the server side routes * Adding inital load api * Increased coverage of webhook unit tests (#2660) * Adding loading ... to root html * Fixing bad merge * Removing explicit content type so superagent will guess corectly (#2685) * Fixing merge and unit tests * Adding create team UI * Fixing signup flows * Adding LDAP unit tests and enterprise unit test helper (#2702) * Add the ability to reset MFA from the commandline (#2706) * Fixing compliance unit tests * Fixing client side tests * Adding open server to system console * Moving websocket connection * Fixing unit test * Fixing unit tests * Fixing unit tests * Adding nickname and more LDAP unit tests (#2717) * Adding join open teams * Cleaning up all TODOs in the code * Fixing web sockets * Removing unused webockets file * PLT-2533 Add the ability to reset a user's MFA from the system console (#2715) * Add the ability to reset a user's MFA from the system console * Add client side unit test for adminResetMfa * Reorganizing authentication to fix LDAP error message (#2723) * Fixing failing unit test * Initial upgrade db code * Adding upgrade script * Fixing upgrade script after running on core * Update OAuth and Claim routes to work with user model changes (#2739) * Fixing perminant deletion. Adding ability to delete all user and the entire database (#2740) * Fixing team invite ldap login call (#2741) * Fixing bluebar and some img stuff * Fix all the different file upload web utils (#2743) * Fixing invalid session redirect (#2744) * Redirect on bad channel name (#2746) * Fixing a bunch of issue and removing dead code * Patch to fix error message on leave channel (#2747) * Setting EnableOpenServer to false by default * Fixing config * Fixing upgrade * Fixing reported bugs * Bug fixes for PLT-2057 * PLT-2563 Redo password recovery to use a database table (#2745) * Redo password recovery to use a database table * Update reset password audits * Split out admin and user reset password APIs to be separate * Delete password recovery when user is permanently deleted * Consolidate password resetting into a single function * Removed private channels as an option for outgoing webhooks (#2752) * PLT-2577/PLT-2552 Fixes for backstage (#2753) * Added URL to incoming webhook list * Fixed client functions for adding/removing integrations * Disallowed slash commands without trigger words * Fixed clientside handling of errors on AddCommand page * Minor auth cleanup (#2758) * Changed EditPostModal to just close if you save without making any changes (#2759) * Renamed client -> Client in async_client.jsx and fixed eslint warnings (#2756) * Fixed url in channel info modal (#2755) * Fixing reported issues * Moving to version 3 of the apis * Fixing command unit tests (#2760) * Adding team admins * Fixing DM issue * Fixing eslint error * Properly set EditPostModal's originalText state in all cases (#2762) * Update client config check to assume features is defined if server is licensed (#2772) * Fixing url link * Fixing issue with websocket crashing when sending messages to different teams
165 lines
3.9 KiB
Go
165 lines
3.9 KiB
Go
// Copyright (c) 2015 Mattermost, Inc. All Rights Reserved.
|
|
// See License.txt for license information.
|
|
|
|
package api
|
|
|
|
import (
|
|
l4g "github.com/alecthomas/log4go"
|
|
"github.com/gorilla/websocket"
|
|
"github.com/mattermost/platform/model"
|
|
"github.com/mattermost/platform/utils"
|
|
"time"
|
|
)
|
|
|
|
const (
|
|
WRITE_WAIT = 10 * time.Second
|
|
PONG_WAIT = 60 * time.Second
|
|
PING_PERIOD = (PONG_WAIT * 9) / 10
|
|
MAX_SIZE = 512
|
|
REDIS_WAIT = 60 * time.Second
|
|
)
|
|
|
|
type WebConn struct {
|
|
WebSocket *websocket.Conn
|
|
Send chan *model.Message
|
|
SessionId string
|
|
UserId string
|
|
hasPermissionsToChannel map[string]bool
|
|
hasPermissionsToTeam map[string]bool
|
|
}
|
|
|
|
func NewWebConn(ws *websocket.Conn, userId string, sessionId string) *WebConn {
|
|
go func() {
|
|
achan := Srv.Store.User().UpdateUserAndSessionActivity(userId, sessionId, model.GetMillis())
|
|
pchan := Srv.Store.User().UpdateLastPingAt(userId, model.GetMillis())
|
|
|
|
if result := <-achan; result.Err != nil {
|
|
l4g.Error(utils.T("api.web_conn.new_web_conn.last_activity.error"), userId, sessionId, result.Err)
|
|
}
|
|
|
|
if result := <-pchan; result.Err != nil {
|
|
l4g.Error(utils.T("api.web_conn.new_web_conn.last_ping.error"), userId, result.Err)
|
|
}
|
|
}()
|
|
|
|
return &WebConn{
|
|
Send: make(chan *model.Message, 64),
|
|
WebSocket: ws,
|
|
UserId: userId,
|
|
SessionId: sessionId,
|
|
hasPermissionsToChannel: make(map[string]bool),
|
|
hasPermissionsToTeam: make(map[string]bool),
|
|
}
|
|
}
|
|
|
|
func (c *WebConn) readPump() {
|
|
defer func() {
|
|
hub.Unregister(c)
|
|
c.WebSocket.Close()
|
|
}()
|
|
c.WebSocket.SetReadLimit(MAX_SIZE)
|
|
c.WebSocket.SetReadDeadline(time.Now().Add(PONG_WAIT))
|
|
c.WebSocket.SetPongHandler(func(string) error {
|
|
c.WebSocket.SetReadDeadline(time.Now().Add(PONG_WAIT))
|
|
|
|
go func() {
|
|
if result := <-Srv.Store.User().UpdateLastPingAt(c.UserId, model.GetMillis()); result.Err != nil {
|
|
l4g.Error(utils.T("api.web_conn.new_web_conn.last_ping.error"), c.UserId, result.Err)
|
|
}
|
|
}()
|
|
|
|
return nil
|
|
})
|
|
|
|
for {
|
|
var msg model.Message
|
|
if err := c.WebSocket.ReadJSON(&msg); err != nil {
|
|
return
|
|
} else {
|
|
msg.UserId = c.UserId
|
|
PublishAndForget(&msg)
|
|
}
|
|
}
|
|
}
|
|
|
|
func (c *WebConn) writePump() {
|
|
ticker := time.NewTicker(PING_PERIOD)
|
|
|
|
defer func() {
|
|
ticker.Stop()
|
|
c.WebSocket.Close()
|
|
}()
|
|
|
|
for {
|
|
select {
|
|
case msg, ok := <-c.Send:
|
|
if !ok {
|
|
c.WebSocket.SetWriteDeadline(time.Now().Add(WRITE_WAIT))
|
|
c.WebSocket.WriteMessage(websocket.CloseMessage, []byte{})
|
|
return
|
|
}
|
|
|
|
c.WebSocket.SetWriteDeadline(time.Now().Add(WRITE_WAIT))
|
|
if err := c.WebSocket.WriteJSON(msg); err != nil {
|
|
return
|
|
}
|
|
|
|
case <-ticker.C:
|
|
c.WebSocket.SetWriteDeadline(time.Now().Add(WRITE_WAIT))
|
|
if err := c.WebSocket.WriteMessage(websocket.PingMessage, []byte{}); err != nil {
|
|
return
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func (c *WebConn) InvalidateCache() {
|
|
c.hasPermissionsToChannel = make(map[string]bool)
|
|
c.hasPermissionsToTeam = make(map[string]bool)
|
|
}
|
|
|
|
func (c *WebConn) HasPermissionsToTeam(teamId string) bool {
|
|
perm, ok := c.hasPermissionsToTeam[teamId]
|
|
if !ok {
|
|
session := GetSession(c.SessionId)
|
|
if session == nil {
|
|
perm = false
|
|
c.hasPermissionsToTeam[teamId] = perm
|
|
} else {
|
|
member := session.GetTeamByTeamId(teamId)
|
|
|
|
if member != nil {
|
|
perm = true
|
|
c.hasPermissionsToTeam[teamId] = perm
|
|
} else {
|
|
perm = true
|
|
c.hasPermissionsToTeam[teamId] = perm
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
return perm
|
|
}
|
|
|
|
func (c *WebConn) HasPermissionsToChannel(channelId string) bool {
|
|
perm, ok := c.hasPermissionsToChannel[channelId]
|
|
if !ok {
|
|
if cresult := <-Srv.Store.Channel().CheckPermissionsToNoTeam(channelId, c.UserId); cresult.Err != nil {
|
|
perm = false
|
|
c.hasPermissionsToChannel[channelId] = perm
|
|
} else {
|
|
count := cresult.Data.(int64)
|
|
|
|
if count == 1 {
|
|
perm = true
|
|
c.hasPermissionsToChannel[channelId] = perm
|
|
} else {
|
|
perm = false
|
|
c.hasPermissionsToChannel[channelId] = perm
|
|
}
|
|
}
|
|
}
|
|
|
|
return perm
|
|
}
|