func (s SqlChannelStore) get(id string, master bool) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
var db *gorp.DbMap
if master {
db = s.GetMaster()
} else {
db = s.GetReplica()
}
if obj, err := db.Get(model.Channel{}, id); err != nil {
result.Err = model.NewAppError("SqlChannelStore.Get", "We encountered an error finding the channel", "id="+id+", "+err.Error())
} else if obj == nil {
result.Err = model.NewAppError("SqlChannelStore.Get", "We couldn't find the existing channel", "id="+id)
} else {
result.Data = obj.(*model.Channel)
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func (s SqlChannelStore) SaveMember(member *model.ChannelMember) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
var result StoreResult
// Grab the channel we are saving this member to
if cr := <-s.GetFromMaster(member.ChannelId); cr.Err != nil {
result.Err = cr.Err
} else {
channel := cr.Data.(*model.Channel)
if transaction, err := s.GetMaster().Begin(); err != nil {
result.Err = model.NewAppError("SqlChannelStore.SaveMember", "Unable to open transaction", err.Error())
} else {
result = s.saveMemberT(transaction, member, channel)
if result.Err != nil {
transaction.Rollback()
} else {
if err := transaction.Commit(); err != nil {
result.Err = model.NewAppError("SqlChannelStore.SaveMember", "Unable to commit transaction", err.Error())
}
// If sucessfull record members have changed in channel
if mu := <-s.extraUpdated(channel); mu.Err != nil {
result.Err = mu.Err
}
}
}
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func (s SqlTeamStore) GetByInviteId(inviteId string) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
team := model.Team{}
if err := s.GetReplica().SelectOne(&team, "SELECT * FROM Teams WHERE Id = :InviteId OR InviteId = :InviteId", map[string]interface{}{"InviteId": inviteId}); err != nil {
result.Err = model.NewAppError("SqlTeamStore.GetByInviteId", "We couldn't find the existing team", "inviteId="+inviteId+", "+err.Error())
}
if len(team.InviteId) == 0 {
team.InviteId = team.Id
}
if len(inviteId) == 0 || team.InviteId != inviteId {
result.Err = model.NewAppError("SqlTeamStore.GetByInviteId", "We couldn't find the existing team", "inviteId="+inviteId)
}
result.Data = &team
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func removeChannelMember(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
id := params["id"]
data := model.MapFromJson(r.Body)
userId := data["user_id"]
if len(userId) != 26 {
c.SetInvalidParam("addChannelMember", "user_id")
return
}
sc := Srv.Store.Channel().Get(id)
cmc := Srv.Store.Channel().GetMember(id, c.Session.UserId)
if cresult := <-sc; cresult.Err != nil {
c.Err = cresult.Err
return
} else if cmcresult := <-cmc; cmcresult.Err != nil {
c.Err = cmcresult.Err
return
} else {
channel := cresult.Data.(*model.Channel)
channelMember := cmcresult.Data.(model.ChannelMember)
if !c.HasPermissionsToTeam(channel.TeamId, "removeChannelMember") {
return
}
if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) {
c.Err = model.NewAppError("updateChannel", "You do not have the appropriate permissions ", "")
c.Err.StatusCode = http.StatusForbidden
return
}
if channel.DeleteAt > 0 {
c.Err = model.NewAppError("updateChannel", "The channel has been archived or deleted", "")
c.Err.StatusCode = http.StatusBadRequest
return
}
if cmresult := <-Srv.Store.Channel().RemoveMember(id, userId); cmresult.Err != nil {
c.Err = cmresult.Err
return
}
message := model.NewMessage(c.Session.TeamId, "", userId, model.ACTION_USER_REMOVED)
message.Add("channel_id", id)
message.Add("remover", c.Session.UserId)
PublishAndForget(message)
c.LogAudit("name=" + channel.Name + " user_id=" + userId)
result := make(map[string]string)
result["channel_id"] = channel.Id
result["removed_user_id"] = userId
w.Write([]byte(model.MapToJson(result)))
}
}
func (s SqlChannelStore) SaveMember(member *model.ChannelMember) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
member.PreSave()
if result.Err = member.IsValid(); result.Err != nil {
storeChannel <- result
return
}
if err := s.GetMaster().Insert(member); err != nil {
if IsUniqueConstraintError(err.Error(), "ChannelId", "channelmembers_pkey") {
result.Err = model.NewAppError("SqlChannelStore.SaveMember", "A channel member with that id already exists", "channel_id="+member.ChannelId+", user_id="+member.UserId+", "+err.Error())
} else {
result.Err = model.NewAppError("SqlChannelStore.SaveMember", "We couldn't save the channel member", "channel_id="+member.ChannelId+", user_id="+member.UserId+", "+err.Error())
}
} else {
result.Data = member
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func (s SqlTeamStore) Get(id string) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
if obj, err := s.GetReplica().Get(model.Team{}, id); err != nil {
result.Err = model.NewAppError("SqlTeamStore.Get", "We encountered an error finding the team", "id="+id+", "+err.Error())
} else if obj == nil {
result.Err = model.NewAppError("SqlTeamStore.Get", "We couldn't find the existing team", "id="+id)
} else {
team := obj.(*model.Team)
if len(team.InviteId) == 0 {
team.InviteId = team.Id
}
result.Data = team
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func (as SqlOAuthStore) SaveApp(app *model.OAuthApp) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
if len(app.Id) > 0 {
result.Err = model.NewAppError("SqlOAuthStore.SaveApp", "Must call update for exisiting app", "app_id="+app.Id)
storeChannel <- result
close(storeChannel)
return
}
app.PreSave()
if result.Err = app.IsValid(); result.Err != nil {
storeChannel <- result
close(storeChannel)
return
}
if err := as.GetMaster().Insert(app); err != nil {
result.Err = model.NewAppError("SqlOAuthStore.SaveApp", "We couldn't save the app.", "app_id="+app.Id+", "+err.Error())
} else {
result.Data = app
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func SendMail(to, subject, body string) *model.AppError {
if len(Cfg.EmailSettings.SMTPServer) == 0 || Cfg.EmailSettings.ByPassEmail {
return nil
}
fromMail := mail.Address{Cfg.EmailSettings.FeedbackName, Cfg.EmailSettings.FeedbackEmail}
toMail := mail.Address{"", to}
headers := make(map[string]string)
headers["From"] = fromMail.String()
headers["To"] = toMail.String()
headers["Subject"] = html.UnescapeString(subject)
headers["MIME-version"] = "1.0"
headers["Content-Type"] = "text/html"
message := ""
for k, v := range headers {
message += fmt.Sprintf("%s: %s\r\n", k, v)
}
message += "\r\n<html><body>" + body + "</body></html>"
conn, err1 := connectToSMTPServer()
if err1 != nil {
return err1
}
defer conn.Close()
c, err2 := newSMTPClient(conn)
if err2 != nil {
return err2
}
defer c.Quit()
defer c.Close()
if err := c.Mail(fromMail.Address); err != nil {
return model.NewAppError("SendMail", "Failed to add from email address", err.Error())
}
if err := c.Rcpt(toMail.Address); err != nil {
return model.NewAppError("SendMail", "Failed to add to email address", err.Error())
}
w, err := c.Data()
if err != nil {
return model.NewAppError("SendMail", "Failed to add email messsage data", err.Error())
}
_, err = w.Write([]byte(message))
if err != nil {
return model.NewAppError("SendMail", "Failed to write email message", err.Error())
}
err = w.Close()
if err != nil {
return model.NewAppError("SendMail", "Failed to close connection to SMTP server", err.Error())
}
return nil
}
func CreateDirectChannel(c *Context, otherUserId string) (*model.Channel, *model.AppError) {
if len(otherUserId) != 26 {
return nil, model.NewAppError("CreateDirectChannel", "Invalid other user id ", otherUserId)
}
uc := Srv.Store.User().Get(otherUserId)
channel := new(model.Channel)
channel.DisplayName = ""
channel.Name = model.GetDMNameFromIds(otherUserId, c.Session.UserId)
channel.TeamId = c.Session.TeamId
channel.Description = ""
channel.Type = model.CHANNEL_DIRECT
if uresult := <-uc; uresult.Err != nil {
return nil, model.NewAppError("CreateDirectChannel", "Invalid other user id ", otherUserId)
}
if sc, err := CreateChannel(c, channel, true); err != nil {
return nil, err
} else {
cm := &model.ChannelMember{ChannelId: sc.Id, UserId: otherUserId,
Roles: "", NotifyLevel: model.CHANNEL_NOTIFY_ALL}
if cmresult := <-Srv.Store.Channel().SaveMember(cm); cmresult.Err != nil {
return nil, cmresult.Err
}
return sc, nil
}
}
func readFile(path string) ([]byte, *model.AppError) {
if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 {
var auth aws.Auth
auth.AccessKey = utils.Cfg.FileSettings.AmazonS3AccessKeyId
auth.SecretKey = utils.Cfg.FileSettings.AmazonS3SecretAccessKey
s := s3.New(auth, awsRegion())
bucket := s.Bucket(utils.Cfg.FileSettings.AmazonS3Bucket)
// try to get the file from S3 with some basic retry logic
tries := 0
for {
tries++
f, err := bucket.Get(path)
if f != nil {
return f, nil
} else if tries >= 3 {
return nil, model.NewAppError("readFile", "Unable to get file from S3", "path="+path+", err="+err.Error())
}
time.Sleep(3000 * time.Millisecond)
}
} else if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_LOCAL {
if f, err := ioutil.ReadFile(utils.Cfg.FileSettings.Directory + path); err != nil {
return nil, model.NewAppError("readFile", "Encountered an error reading from local server storage", err.Error())
} else {
return f, nil
}
} else {
return nil, model.NewAppError("readFile", "File storage not configured properly. Please configure for either S3 or local server file storage.", "")
}
}
func newSMTPClient(conn net.Conn) (*smtp.Client, *model.AppError) {
host, _, _ := net.SplitHostPort(Cfg.EmailSettings.SMTPServer)
c, err := smtp.NewClient(conn, host)
if err != nil {
l4g.Error("Failed to open a connection to SMTP server %v", err)
return nil, model.NewAppError("SendMail", "Failed to open TLS connection", err.Error())
}
// GO does not support plain auth over a non encrypted connection.
// so if not tls then no auth
auth := smtp.PlainAuth("", Cfg.EmailSettings.SMTPUsername, Cfg.EmailSettings.SMTPPassword, host)
if Cfg.EmailSettings.UseTLS {
if err = c.Auth(auth); err != nil {
return nil, model.NewAppError("SendMail", "Failed to authenticate on SMTP server", err.Error())
}
} else if Cfg.EmailSettings.UseStartTLS {
tlsconfig := &tls.Config{
InsecureSkipVerify: true,
ServerName: host,
}
c.StartTLS(tlsconfig)
if err = c.Auth(auth); err != nil {
return nil, model.NewAppError("SendMail", "Failed to authenticate on SMTP server", err.Error())
}
}
return c, nil
}
func (s SqlAuditStore) Get(user_id string, limit int) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
if limit > 1000 {
limit = 1000
result.Err = model.NewAppError("SqlAuditStore.Get", "Limit exceeded for paging", "user_id="+user_id)
storeChannel <- result
close(storeChannel)
return
}
var audits model.Audits
if _, err := s.GetReplica().Select(&audits, "SELECT * FROM Audits WHERE UserId = :user_id ORDER BY CreateAt DESC LIMIT :limit",
map[string]interface{}{"user_id": user_id, "limit": limit}); err != nil {
result.Err = model.NewAppError("SqlAuditStore.Get", "We encounted an error finding the audits", "user_id="+user_id)
} else {
result.Data = audits
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func (s SqlWebhookStore) SaveIncoming(webhook *model.IncomingWebhook) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
if len(webhook.Id) > 0 {
result.Err = model.NewAppError("SqlWebhookStore.SaveIncoming",
"You cannot overwrite an existing IncomingWebhook", "id="+webhook.Id)
storeChannel <- result
close(storeChannel)
return
}
webhook.PreSave()
if result.Err = webhook.IsValid(); result.Err != nil {
storeChannel <- result
close(storeChannel)
return
}
if err := s.GetMaster().Insert(webhook); err != nil {
result.Err = model.NewAppError("SqlWebhookStore.SaveIncoming", "We couldn't save the IncomingWebhook", "id="+webhook.Id+", "+err.Error())
} else {
result.Data = webhook
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func RevokeAccessToken(token string) *model.AppError {
schan := Srv.Store.Session().Remove(token)
sessionCache.Remove(token)
var accessData *model.AccessData
if result := <-Srv.Store.OAuth().GetAccessData(token); result.Err != nil {
return model.NewAppError("RevokeAccessToken", "Error getting access token from DB before deletion", "")
} else {
accessData = result.Data.(*model.AccessData)
}
tchan := Srv.Store.OAuth().RemoveAccessData(token)
cchan := Srv.Store.OAuth().RemoveAuthData(accessData.AuthCode)
if result := <-tchan; result.Err != nil {
return model.NewAppError("RevokeAccessToken", "Error deleting access token from DB", "")
}
if result := <-cchan; result.Err != nil {
return model.NewAppError("RevokeAccessToken", "Error deleting authorization code from DB", "")
}
if result := <-schan; result.Err != nil {
return model.NewAppError("RevokeAccessToken", "Error deleting session from DB", "")
}
return nil
}
func (s SqlChannelStore) SaveMember(member *model.ChannelMember) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
if result.Err = member.IsValid(); result.Err != nil {
storeChannel <- result
return
}
if err := s.GetMaster().Insert(member); err != nil {
if strings.Contains(err.Error(), "Duplicate entry") && strings.Contains(err.Error(), "for key 'ChannelId'") {
result.Err = model.NewAppError("SqlChannelStore.SaveMember", "A channel member with that id already exists", "channel_id="+member.ChannelId+", user_id="+member.UserId+", "+err.Error())
} else {
result.Err = model.NewAppError("SqlChannelStore.SaveMember", "We couldn't save the channel member", "channel_id="+member.ChannelId+", user_id="+member.UserId+", "+err.Error())
}
} else {
result.Data = member
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func connectToSMTPServer() (net.Conn, *model.AppError) {
host, _, _ := net.SplitHostPort(Cfg.EmailSettings.SMTPServer)
var conn net.Conn
var err error
if Cfg.EmailSettings.UseTLS {
tlsconfig := &tls.Config{
InsecureSkipVerify: true,
ServerName: host,
}
conn, err = tls.Dial("tcp", Cfg.EmailSettings.SMTPServer, tlsconfig)
if err != nil {
return nil, model.NewAppError("SendMail", "Failed to open TLS connection", err.Error())
}
} else {
conn, err = net.Dial("tcp", Cfg.EmailSettings.SMTPServer)
if err != nil {
return nil, model.NewAppError("SendMail", "Failed to open connection", err.Error())
}
}
return conn, nil
}
func (s SqlChannelStore) Update(channel *model.Channel) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
channel.PreUpdate()
if result.Err = channel.IsValid(); result.Err != nil {
storeChannel <- result
close(storeChannel)
return
}
if count, err := s.GetMaster().Update(channel); err != nil {
if strings.Contains(err.Error(), "Duplicate entry") && strings.Contains(err.Error(), "for key 'Name'") {
result.Err = model.NewAppError("SqlChannelStore.Update", "A channel with that name already exists", "id="+channel.Id+", "+err.Error())
} else {
result.Err = model.NewAppError("SqlChannelStore.Update", "We encounted an error updating the channel", "id="+channel.Id+", "+err.Error())
}
} else if count != 1 {
result.Err = model.NewAppError("SqlChannelStore.Update", "We couldn't update the channel", "id="+channel.Id)
} else {
result.Data = channel
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func (s SqlChannelStore) GetChannels(teamId string, userId string) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
var data []channelWithMember
_, err := s.GetReplica().Select(&data, "SELECT * FROM Channels, ChannelMembers WHERE Id = ChannelId AND TeamId = :TeamId AND UserId = :UserId AND DeleteAt = 0 ORDER BY DisplayName", map[string]interface{}{"TeamId": teamId, "UserId": userId})
if err != nil {
result.Err = model.NewAppError("SqlChannelStore.GetChannels", "We couldn't get the channels", "teamId="+teamId+", userId="+userId+", err="+err.Error())
} else {
channels := &model.ChannelList{make([]*model.Channel, len(data)), make(map[string]*model.ChannelMember)}
for i := range data {
v := data[i]
channels.Channels[i] = &v.Channel
channels.Members[v.Channel.Id] = &v.ChannelMember
}
if len(channels.Channels) == 0 {
result.Err = model.NewAppError("SqlChannelStore.GetChannels", "No channels were found", "teamId="+teamId+", userId="+userId)
} else {
result.Data = channels
}
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func (s SqlChannelStore) Save(channel *model.Channel) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
var result StoreResult
if channel.Type == model.CHANNEL_DIRECT {
result.Err = model.NewAppError("SqlChannelStore.Save", "Use SaveDirectChannel to create a direct channel", "")
} else {
if transaction, err := s.GetMaster().Begin(); err != nil {
result.Err = model.NewAppError("SqlChannelStore.Save", "Unable to open transaction", err.Error())
} else {
result = s.saveChannelT(transaction, channel)
if result.Err != nil {
transaction.Rollback()
} else {
if err := transaction.Commit(); err != nil {
result.Err = model.NewAppError("SqlChannelStore.Save", "Unable to commit transaction", err.Error())
}
}
}
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func readFile(path string) ([]byte, *model.AppError) {
if utils.IsS3Configured() && !utils.Cfg.ServiceSettings.UseLocalStorage {
var auth aws.Auth
auth.AccessKey = utils.Cfg.AWSSettings.S3AccessKeyId
auth.SecretKey = utils.Cfg.AWSSettings.S3SecretAccessKey
s := s3.New(auth, aws.Regions[utils.Cfg.AWSSettings.S3Region])
bucket := s.Bucket(utils.Cfg.AWSSettings.S3Bucket)
// try to get the file from S3 with some basic retry logic
tries := 0
for {
tries++
f, err := bucket.Get(path)
if f != nil {
return f, nil
} else if tries >= 3 {
return nil, model.NewAppError("readFile", "Unable to get file from S3", "path="+path+", err="+err.Error())
}
time.Sleep(3000 * time.Millisecond)
}
} else if utils.Cfg.ServiceSettings.UseLocalStorage && len(utils.Cfg.ServiceSettings.StorageDirectory) > 0 {
if f, err := ioutil.ReadFile(utils.Cfg.ServiceSettings.StorageDirectory + path); err != nil {
return nil, model.NewAppError("readFile", "Encountered an error reading from local server storage", err.Error())
} else {
return f, nil
}
} else {
return nil, model.NewAppError("readFile", "File storage not configured properly. Please configure for either S3 or local server file storage.", "")
}
}
func writeFile(f []byte, path string) *model.AppError {
if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 {
var auth aws.Auth
auth.AccessKey = utils.Cfg.FileSettings.AmazonS3AccessKeyId
auth.SecretKey = utils.Cfg.FileSettings.AmazonS3SecretAccessKey
s := s3.New(auth, awsRegion())
bucket := s.Bucket(utils.Cfg.FileSettings.AmazonS3Bucket)
ext := filepath.Ext(path)
var err error
if model.IsFileExtImage(ext) {
options := s3.Options{}
err = bucket.Put(path, f, model.GetImageMimeType(ext), s3.Private, options)
} else {
options := s3.Options{}
err = bucket.Put(path, f, "binary/octet-stream", s3.Private, options)
}
if err != nil {
return model.NewAppError("writeFile", "Encountered an error writing to S3", err.Error())
}
} else if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_LOCAL {
if err := writeFileLocally(f, utils.Cfg.FileSettings.Directory+path); err != nil {
return err
}
} else {
return model.NewAppError("writeFile", "File storage not configured properly. Please configure for either S3 or local server file storage.", "")
}
return nil
}
func login(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.MapFromJson(r.Body)
if len(props["password"]) == 0 {
c.Err = model.NewAppError("login", "Password field must not be blank", "")
c.Err.StatusCode = http.StatusForbidden
return
}
var user *model.User
if len(props["id"]) != 0 {
user = LoginById(c, w, r, props["id"], props["password"], props["device_id"])
} else if len(props["email"]) != 0 && len(props["name"]) != 0 {
user = LoginByEmail(c, w, r, props["email"], props["name"], props["password"], props["device_id"])
} else {
c.Err = model.NewAppError("login", "Either user id or team name and user email must be provided", "")
c.Err.StatusCode = http.StatusForbidden
return
}
if c.Err != nil {
return
}
if user != nil {
user.Sanitize(map[string]bool{})
} else {
user = &model.User{}
}
w.Write([]byte(user.ToJson()))
}
func isTreamCreationAllowed(c *Context, email string) bool {
email = strings.ToLower(email)
if utils.Cfg.TeamSettings.DisableTeamCreation {
c.Err = model.NewAppError("isTreamCreationAllowed", "Team creation has been disabled. Please ask your systems administrator for details.", "")
return false
}
// commas and @ signs are optional
// can be in the form of "@corp.mattermost.com, mattermost.com mattermost.org" -> corp.mattermost.com mattermost.com mattermost.org
domains := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(utils.Cfg.TeamSettings.RestrictCreationToDomains, "@", " ", -1), ",", " ", -1))))
matched := false
for _, d := range domains {
if strings.HasSuffix(email, "@"+d) {
matched = true
break
}
}
if len(utils.Cfg.TeamSettings.RestrictCreationToDomains) > 0 && !matched {
c.Err = model.NewAppError("isTreamCreationAllowed", "Email must be from a specific domain (e.g. @example.com). Please ask your systems administrator for details.", "")
return false
}
return true
}
func sendPasswordReset(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.MapFromJson(r.Body)
email := props["email"]
if len(email) == 0 {
c.SetInvalidParam("sendPasswordReset", "email")
return
}
name := props["name"]
if len(name) == 0 {
c.SetInvalidParam("sendPasswordReset", "name")
return
}
var team *model.Team
if result := <-Srv.Store.Team().GetByName(name); result.Err != nil {
c.Err = result.Err
return
} else {
team = result.Data.(*model.Team)
}
var user *model.User
if result := <-Srv.Store.User().GetByEmail(team.Id, email); result.Err != nil {
c.Err = model.NewAppError("sendPasswordReset", "We couldn’t find an account with that address.", "email="+email+" team_id="+team.Id)
return
} else {
user = result.Data.(*model.User)
}
if len(user.AuthData) != 0 {
c.Err = model.NewAppError("sendPasswordReset", "Cannot reset password for SSO accounts", "userId="+user.Id+", teamId="+team.Id)
return
}
newProps := make(map[string]string)
newProps["user_id"] = user.Id
newProps["time"] = fmt.Sprintf("%v", model.GetMillis())
data := model.MapToJson(newProps)
hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.PasswordResetSalt))
link := fmt.Sprintf("%s/reset_password?d=%s&h=%s", c.GetTeamURLFromTeam(team), url.QueryEscape(data), url.QueryEscape(hash))
subjectPage := NewServerTemplatePage("reset_subject")
subjectPage.Props["SiteURL"] = c.GetSiteURL()
bodyPage := NewServerTemplatePage("reset_body")
bodyPage.Props["SiteURL"] = c.GetSiteURL()
bodyPage.Props["ResetUrl"] = link
if err := utils.SendMail(email, subjectPage.Render(), bodyPage.Render()); err != nil {
c.Err = model.NewAppError("sendPasswordReset", "Failed to send password reset email successfully", "err="+err.Message)
return
}
c.LogAuditWithUserId(user.Id, "sent="+email)
w.Write([]byte(model.MapToJson(props)))
}
func checkUserPassword(c *Context, user *model.User, password string) bool {
if user.FailedAttempts >= utils.Cfg.ServiceSettings.MaximumLoginAttempts {
c.LogAuditWithUserId(user.Id, "fail")
c.Err = model.NewAppError("checkUserPassword", "Your account is locked because of too many failed password attempts. Please reset your password.", "user_id="+user.Id)
c.Err.StatusCode = http.StatusForbidden
return false
}
if !model.ComparePassword(user.Password, password) {
c.LogAuditWithUserId(user.Id, "fail")
c.Err = model.NewAppError("checkUserPassword", "Login failed because of invalid password", "user_id="+user.Id)
c.Err.StatusCode = http.StatusForbidden
if result := <-Srv.Store.User().UpdateFailedPasswordAttempts(user.Id, user.FailedAttempts+1); result.Err != nil {
c.LogError(result.Err)
}
return false
} else {
if result := <-Srv.Store.User().UpdateFailedPasswordAttempts(user.Id, 0); result.Err != nil {
c.LogError(result.Err)
}
return true
}
}
func createChannel(c *Context, w http.ResponseWriter, r *http.Request) {
channel := model.ChannelFromJson(r.Body)
if channel == nil {
c.SetInvalidParam("createChannel", "channel")
return
}
if !c.HasPermissionsToTeam(channel.TeamId, "createChannel") {
return
}
if channel.Type == model.CHANNEL_DIRECT {
c.Err = model.NewAppError("createDirectChannel", "Must use createDirectChannel api service for direct message channel creation", "")
return
}
if strings.Index(channel.Name, "__") > 0 {
c.Err = model.NewAppError("createDirectChannel", "Invalid character '__' in channel name for non-direct channel", "")
return
}
channel.CreatorId = c.Session.UserId
if sc, err := CreateChannel(c, channel, true); err != nil {
c.Err = err
return
} else {
w.Write([]byte(sc.ToJson()))
}
}
func newSMTPClient(conn net.Conn, config *model.Config) (*smtp.Client, *model.AppError) {
c, err := smtp.NewClient(conn, config.EmailSettings.SMTPServer+":"+config.EmailSettings.SMTPPort)
if err != nil {
l4g.Error("Failed to open a connection to SMTP server %v", err)
return nil, model.NewAppError("SendMail", "Failed to open TLS connection", err.Error())
}
// GO does not support plain auth over a non encrypted connection.
// so if not tls then no auth
auth := smtp.PlainAuth("", config.EmailSettings.SMTPUsername, config.EmailSettings.SMTPPassword, config.EmailSettings.SMTPServer+":"+config.EmailSettings.SMTPPort)
if config.EmailSettings.ConnectionSecurity == model.CONN_SECURITY_TLS {
if err = c.Auth(auth); err != nil {
return nil, model.NewAppError("SendMail", "Failed to authenticate on SMTP server", err.Error())
}
} else if config.EmailSettings.ConnectionSecurity == model.CONN_SECURITY_STARTTLS {
tlsconfig := &tls.Config{
InsecureSkipVerify: true,
ServerName: config.EmailSettings.SMTPServer,
}
c.StartTLS(tlsconfig)
if err = c.Auth(auth); err != nil {
return nil, model.NewAppError("SendMail", "Failed to authenticate on SMTP server", err.Error())
}
}
return c, nil
}
func (me SqlSessionStore) Save(session *model.Session) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
if len(session.Id) > 0 {
result.Err = model.NewAppError("SqlSessionStore.Save", "Cannot update existing session", "id="+session.Id)
storeChannel <- result
close(storeChannel)
return
}
session.PreSave()
if cur := <-me.CleanUpExpiredSessions(session.UserId); cur.Err != nil {
l4g.Error("Failed to cleanup sessions in Save err=%v", cur.Err)
}
if err := me.GetMaster().Insert(session); err != nil {
result.Err = model.NewAppError("SqlSessionStore.Save", "We couldn't save the session", "id="+session.Id+", "+err.Error())
} else {
result.Data = session
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func copyDirToExportWriter(writer ExportWriter, inPath string, outPath string) *model.AppError {
dir, err := os.Open(inPath)
if err != nil {
return model.NewAppError("copyDirToExportWriter", "Unable to open directory", err.Error())
}
fileInfoList, err := dir.Readdir(0)
if err != nil {
return model.NewAppError("copyDirToExportWriter", "Unable to read directory", err.Error())
}
for _, fileInfo := range fileInfoList {
if fileInfo.IsDir() {
copyDirToExportWriter(writer, inPath+"/"+fileInfo.Name(), outPath+"/"+fileInfo.Name())
} else {
if toFile, err := writer.Create(outPath + "/" + fileInfo.Name()); err != nil {
return model.NewAppError("copyDirToExportWriter", "Unable to open file for export", err.Error())
} else {
fromFile, err := os.Open(inPath + "/" + fileInfo.Name())
if err != nil {
return model.NewAppError("copyDirToExportWriter", "Unable to open file", err.Error())
}
io.Copy(toFile, fromFile)
}
}
}
return nil
}
func leaveChannel(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
id := params["id"]
sc := Srv.Store.Channel().Get(id)
uc := Srv.Store.User().Get(c.Session.UserId)
if cresult := <-sc; cresult.Err != nil {
c.Err = cresult.Err
return
} else if uresult := <-uc; uresult.Err != nil {
c.Err = cresult.Err
return
} else {
channel := cresult.Data.(*model.Channel)
user := uresult.Data.(*model.User)
if !c.HasPermissionsToTeam(channel.TeamId, "leaveChannel") {
return
}
if channel.DeleteAt > 0 {
c.Err = model.NewAppError("leaveChannel", "The channel has been archived or deleted", "")
c.Err.StatusCode = http.StatusBadRequest
return
}
if channel.Type == model.CHANNEL_DIRECT {
c.Err = model.NewAppError("leaveChannel", "Cannot leave a direct message channel", "")
c.Err.StatusCode = http.StatusForbidden
return
}
if channel.Name == model.DEFAULT_CHANNEL {
c.Err = model.NewAppError("leaveChannel", "Cannot leave the default channel "+model.DEFAULT_CHANNEL, "")
c.Err.StatusCode = http.StatusForbidden
return
}
if cmresult := <-Srv.Store.Channel().RemoveMember(channel.Id, c.Session.UserId); cmresult.Err != nil {
c.Err = cmresult.Err
return
}
post := &model.Post{ChannelId: channel.Id, Message: fmt.Sprintf(
`%v has left the channel.`,
user.Username)}
if _, err := CreatePost(c, post, false); err != nil {
l4g.Error("Failed to post leave message %v", err)
c.Err = model.NewAppError("leaveChannel", "Failed to send leave message", "")
return
}
result := make(map[string]string)
result["id"] = channel.Id
w.Write([]byte(model.MapToJson(result)))
}
}
