func (us SqlUserStore) Update(user *model.User, allowActiveUpdate bool) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
user.PreUpdate()
if result.Err = user.IsValid(); result.Err != nil {
storeChannel <- result
close(storeChannel)
return
}
if oldUserResult, err := us.GetMaster().Get(model.User{}, user.Id); err != nil {
result.Err = model.NewAppError("SqlUserStore.Update", "We encounted an error finding the account", "user_id="+user.Id+", "+err.Error())
} else if oldUserResult == nil {
result.Err = model.NewAppError("SqlUserStore.Update", "We couldn't find the existing account to update", "user_id="+user.Id)
} else {
oldUser := oldUserResult.(*model.User)
user.CreateAt = oldUser.CreateAt
user.AuthData = oldUser.AuthData
user.Password = oldUser.Password
user.LastPasswordUpdate = oldUser.LastPasswordUpdate
user.LastPictureUpdate = oldUser.LastPictureUpdate
user.TeamId = oldUser.TeamId
user.LastActivityAt = oldUser.LastActivityAt
user.LastPingAt = oldUser.LastPingAt
user.EmailVerified = oldUser.EmailVerified
if !allowActiveUpdate {
user.Roles = oldUser.Roles
user.DeleteAt = oldUser.DeleteAt
}
if user.Email != oldUser.Email {
user.EmailVerified = false
}
if count, err := us.GetMaster().Update(user); err != nil {
result.Err = model.NewAppError("SqlUserStore.Update", "We encounted an error updating the account", "user_id="+user.Id+", "+err.Error())
} else if count != 1 {
result.Err = model.NewAppError("SqlUserStore.Update", "We couldn't update the account", fmt.Sprintf("user_id=%v, count=%v", user.Id, count))
} else {
result.Data = [2]*model.User{user, oldUser}
}
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func UpdateActive(c *Context, user *model.User, active bool) *model.User {
if active {
user.DeleteAt = 0
} else {
user.DeleteAt = model.GetMillis()
}
if result := <-Srv.Store.User().Update(user, true); result.Err != nil {
c.Err = result.Err
return nil
} else {
c.LogAuditWithUserId(user.Id, fmt.Sprintf("active=%v", active))
if user.DeleteAt > 0 {
RevokeAllSession(c, user.Id)
}
ruser := result.Data.([2]*model.User)[0]
options := utils.SanitizeOptions
options["passwordupdate"] = false
ruser.Sanitize(options)
return ruser
}
}
func updateActive(c *Context, w http.ResponseWriter, r *http.Request) {
props := model.MapFromJson(r.Body)
user_id := props["user_id"]
if len(user_id) != 26 {
c.SetInvalidParam("updateActive", "user_id")
return
}
active := props["active"] == "true"
var user *model.User
if result := <-Srv.Store.User().Get(user_id); result.Err != nil {
c.Err = result.Err
return
} else {
user = result.Data.(*model.User)
}
if !c.HasPermissionsToTeam(user.TeamId, "updateActive") {
return
}
if !c.IsTeamAdmin() {
c.Err = model.NewAppError("updateActive", "You do not have the appropriate permissions", "userId="+user_id)
c.Err.StatusCode = http.StatusForbidden
return
}
// make sure there is at least 1 other active admin
if !active && model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) {
if result := <-Srv.Store.User().GetProfiles(user.TeamId); result.Err != nil {
c.Err = result.Err
return
} else {
activeAdmins := -1
profileUsers := result.Data.(map[string]*model.User)
for _, profileUser := range profileUsers {
if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_TEAM_ADMIN) {
activeAdmins = activeAdmins + 1
}
}
if activeAdmins <= 0 {
c.Err = model.NewAppError("updateRoles", "There must be at least one active admin", "userId="+user_id)
return
}
}
}
if active {
user.DeleteAt = 0
} else {
user.DeleteAt = model.GetMillis()
}
if result := <-Srv.Store.User().Update(user, true); result.Err != nil {
c.Err = result.Err
return
} else {
c.LogAuditWithUserId(user.Id, fmt.Sprintf("active=%v", active))
if user.DeleteAt > 0 {
RevokeAllSession(c, user.Id)
}
ruser := result.Data.([2]*model.User)[0]
options := utils.SanitizeOptions
options["passwordupdate"] = false
ruser.Sanitize(options)
w.Write([]byte(ruser.ToJson()))
}
}
func (us SqlUserStore) Update(user *model.User, allowActiveUpdate bool) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
user.PreUpdate()
if result.Err = user.IsValid(); result.Err != nil {
storeChannel <- result
close(storeChannel)
return
}
if oldUserResult, err := us.GetMaster().Get(model.User{}, user.Id); err != nil {
result.Err = model.NewAppError("SqlUserStore.Update", "We encounted an error finding the account", "user_id="+user.Id+", "+err.Error())
} else if oldUserResult == nil {
result.Err = model.NewAppError("SqlUserStore.Update", "We couldn't find the existing account to update", "user_id="+user.Id)
} else {
oldUser := oldUserResult.(*model.User)
user.CreateAt = oldUser.CreateAt
user.AuthData = oldUser.AuthData
user.Password = oldUser.Password
user.LastPasswordUpdate = oldUser.LastPasswordUpdate
user.LastPictureUpdate = oldUser.LastPictureUpdate
user.TeamId = oldUser.TeamId
user.LastActivityAt = oldUser.LastActivityAt
user.LastPingAt = oldUser.LastPingAt
user.EmailVerified = oldUser.EmailVerified
user.FailedAttempts = oldUser.FailedAttempts
if !allowActiveUpdate {
user.Roles = oldUser.Roles
user.DeleteAt = oldUser.DeleteAt
}
if user.Email != oldUser.Email {
user.EmailVerified = false
}
if user.Username != oldUser.Username {
nonUsernameKeys := []string{}
splitKeys := strings.Split(user.NotifyProps["mention_keys"], ",")
for _, key := range splitKeys {
if key != oldUser.Username && key != "@"+oldUser.Username {
nonUsernameKeys = append(nonUsernameKeys, key)
}
}
user.NotifyProps["mention_keys"] = strings.Join(nonUsernameKeys, ",") + user.Username + ",@" + user.Username
}
if count, err := us.GetMaster().Update(user); err != nil {
if IsUniqueConstraintError(err.Error(), "Email", "users_email_teamid_key") {
result.Err = model.NewAppError("SqlUserStore.Update", "This email is already taken. Please choose another", "user_id="+user.Id+", "+err.Error())
} else if IsUniqueConstraintError(err.Error(), "Username", "users_username_teamid_key") {
result.Err = model.NewAppError("SqlUserStore.Update", "This username is already taken. Please choose another.", "user_id="+user.Id+", "+err.Error())
} else {
result.Err = model.NewAppError("SqlUserStore.Update", "We encounted an error updating the account", "user_id="+user.Id+", "+err.Error())
}
} else if count != 1 {
result.Err = model.NewAppError("SqlUserStore.Update", "We couldn't update the account", fmt.Sprintf("user_id=%v, count=%v", user.Id, count))
} else {
result.Data = [2]*model.User{user, oldUser}
}
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func (us SqlUserStore) Update(user *model.User, trustedUpdateData bool) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
user.PreUpdate()
if result.Err = user.IsValid(); result.Err != nil {
storeChannel <- result
close(storeChannel)
return
}
if oldUserResult, err := us.GetMaster().Get(model.User{}, user.Id); err != nil {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.finding.app_error", nil, "user_id="+user.Id+", "+err.Error())
} else if oldUserResult == nil {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.find.app_error", nil, "user_id="+user.Id)
} else {
oldUser := oldUserResult.(*model.User)
user.CreateAt = oldUser.CreateAt
user.AuthData = oldUser.AuthData
user.AuthService = oldUser.AuthService
user.Password = oldUser.Password
user.LastPasswordUpdate = oldUser.LastPasswordUpdate
user.LastPictureUpdate = oldUser.LastPictureUpdate
user.LastActivityAt = oldUser.LastActivityAt
user.LastPingAt = oldUser.LastPingAt
user.EmailVerified = oldUser.EmailVerified
user.FailedAttempts = oldUser.FailedAttempts
user.MfaSecret = oldUser.MfaSecret
user.MfaActive = oldUser.MfaActive
if !trustedUpdateData {
user.Roles = oldUser.Roles
user.DeleteAt = oldUser.DeleteAt
}
if user.IsOAuthUser() {
user.Email = oldUser.Email
} else if user.IsLDAPUser() && !trustedUpdateData {
if user.Username != oldUser.Username ||
user.FirstName != oldUser.FirstName ||
user.LastName != oldUser.LastName ||
user.Email != oldUser.Email {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.can_not_change_ldap.app_error", nil, "user_id="+user.Id)
storeChannel <- result
close(storeChannel)
return
}
} else if user.Email != oldUser.Email {
user.EmailVerified = false
}
if user.Username != oldUser.Username {
user.UpdateMentionKeysFromUsername(oldUser.Username)
}
if count, err := us.GetMaster().Update(user); err != nil {
if IsUniqueConstraintError(err.Error(), []string{"Email", "users_email_key", "idx_users_email_unique"}) {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.email_taken.app_error", nil, "user_id="+user.Id+", "+err.Error())
} else if IsUniqueConstraintError(err.Error(), []string{"Username", "users_username_key", "idx_users_username_unique"}) {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.username_taken.app_error", nil, "user_id="+user.Id+", "+err.Error())
} else {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.updating.app_error", nil, "user_id="+user.Id+", "+err.Error())
}
} else if count != 1 {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.app_error", nil, fmt.Sprintf("user_id=%v, count=%v", user.Id, count))
} else {
result.Data = [2]*model.User{user, oldUser}
}
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func TestChannelMemberStore(t *testing.T) {
Setup()
c1 := model.Channel{}
c1.TeamId = model.NewId()
c1.DisplayName = "NameName"
c1.Name = "a" + model.NewId() + "b"
c1.Type = model.CHANNEL_OPEN
c1 = *Must(store.Channel().Save(&c1)).(*model.Channel)
c1t1 := (<-store.Channel().Get(c1.Id)).Data.(*model.Channel)
t1 := c1t1.ExtraUpdateAt
u1 := model.User{}
u1.Email = model.NewId()
u1.Nickname = model.NewId()
Must(store.User().Save(&u1))
Must(store.Team().SaveMember(&model.TeamMember{TeamId: model.NewId(), UserId: u1.Id}))
u2 := model.User{}
u2.Email = model.NewId()
u2.Nickname = model.NewId()
Must(store.User().Save(&u2))
Must(store.Team().SaveMember(&model.TeamMember{TeamId: model.NewId(), UserId: u2.Id}))
o1 := model.ChannelMember{}
o1.ChannelId = c1.Id
o1.UserId = u1.Id
o1.NotifyProps = model.GetDefaultChannelNotifyProps()
Must(store.Channel().SaveMember(&o1))
o2 := model.ChannelMember{}
o2.ChannelId = c1.Id
o2.UserId = u2.Id
o2.NotifyProps = model.GetDefaultChannelNotifyProps()
Must(store.Channel().SaveMember(&o2))
c1t2 := (<-store.Channel().Get(c1.Id)).Data.(*model.Channel)
t2 := c1t2.ExtraUpdateAt
if t2 <= t1 {
t.Fatal("Member update time incorrect")
}
count := (<-store.Channel().GetMemberCount(o1.ChannelId)).Data.(int64)
if count != 2 {
t.Fatal("should have saved 2 members")
}
Must(store.Channel().RemoveMember(o2.ChannelId, o2.UserId))
count = (<-store.Channel().GetMemberCount(o1.ChannelId)).Data.(int64)
if count != 1 {
t.Fatal("should have removed 1 member")
}
c1t3 := (<-store.Channel().Get(c1.Id)).Data.(*model.Channel)
t3 := c1t3.ExtraUpdateAt
if t3 <= t2 || t3 <= t1 {
t.Fatal("Member update time incorrect on delete")
}
member := (<-store.Channel().GetMember(o1.ChannelId, o1.UserId)).Data.(model.ChannelMember)
if member.ChannelId != o1.ChannelId {
t.Fatal("should have go member")
}
extraMembers := (<-store.Channel().GetExtraMembers(o1.ChannelId, 20)).Data.([]model.ExtraMember)
if len(extraMembers) != 1 {
t.Fatal("should have 1 extra members")
}
if err := (<-store.Channel().SaveMember(&o1)).Err; err == nil {
t.Fatal("Should have been a duplicate")
}
c1t4 := (<-store.Channel().Get(c1.Id)).Data.(*model.Channel)
t4 := c1t4.ExtraUpdateAt
if t4 != t3 {
t.Fatal("Should not update time upon failure")
}
// rejoin the channel and make sure that an inactive user isn't returned by GetExtraMambers
Must(store.Channel().SaveMember(&o2))
u2.DeleteAt = 1000
Must(store.User().Update(&u2, true))
if result := <-store.Channel().GetExtraMembers(o1.ChannelId, 20); result.Err != nil {
t.Fatal(result.Err)
} else if extraMembers := result.Data.([]model.ExtraMember); len(extraMembers) != 1 {
t.Fatal("should have 1 extra members")
}
}
func (us SqlUserStore) Update(user *model.User, allowActiveUpdate bool) StoreChannel {
storeChannel := make(StoreChannel)
go func() {
result := StoreResult{}
user.PreUpdate()
if result.Err = user.IsValid(); result.Err != nil {
storeChannel <- result
close(storeChannel)
return
}
if oldUserResult, err := us.GetMaster().Get(model.User{}, user.Id); err != nil {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.finding.app_error", nil, "user_id="+user.Id+", "+err.Error())
} else if oldUserResult == nil {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.find.app_error", nil, "user_id="+user.Id)
} else {
oldUser := oldUserResult.(*model.User)
user.CreateAt = oldUser.CreateAt
user.AuthData = oldUser.AuthData
user.AuthService = oldUser.AuthService
user.Password = oldUser.Password
user.LastPasswordUpdate = oldUser.LastPasswordUpdate
user.LastPictureUpdate = oldUser.LastPictureUpdate
user.TeamId = oldUser.TeamId
user.LastActivityAt = oldUser.LastActivityAt
user.LastPingAt = oldUser.LastPingAt
user.EmailVerified = oldUser.EmailVerified
user.FailedAttempts = oldUser.FailedAttempts
user.MfaSecret = oldUser.MfaSecret
user.MfaActive = oldUser.MfaActive
if !allowActiveUpdate {
user.Roles = oldUser.Roles
user.DeleteAt = oldUser.DeleteAt
}
if user.IsSSOUser() {
user.Email = oldUser.Email
} else if !user.IsLDAPUser() && user.Email != oldUser.Email {
user.EmailVerified = false
}
if user.Username != oldUser.Username {
nonUsernameKeys := []string{}
splitKeys := strings.Split(user.NotifyProps["mention_keys"], ",")
for _, key := range splitKeys {
if key != oldUser.Username && key != "@"+oldUser.Username {
nonUsernameKeys = append(nonUsernameKeys, key)
}
}
user.NotifyProps["mention_keys"] = strings.Join(nonUsernameKeys, ",") + "," + user.Username + ",@" + user.Username
}
if count, err := us.GetMaster().Update(user); err != nil {
if IsUniqueConstraintError(err.Error(), "Email", "users_email_teamid_key") {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.email_taken.app_error", nil, "user_id="+user.Id+", "+err.Error())
} else if IsUniqueConstraintError(err.Error(), "Username", "users_username_teamid_key") {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.username_taken.app_error", nil, "user_id="+user.Id+", "+err.Error())
} else {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.updating.app_error", nil, "user_id="+user.Id+", "+err.Error())
}
} else if count != 1 {
result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.app_error", nil, fmt.Sprintf("user_id=%v, count=%v", user.Id, count))
} else {
result.Data = [2]*model.User{user, oldUser}
}
}
storeChannel <- result
close(storeChannel)
}()
return storeChannel
}
func TestUpdateExtrasByUser(t *testing.T) {
Setup()
teamId := model.NewId()
c1 := model.Channel{
TeamId: teamId,
DisplayName: "Channel1",
Name: "a" + model.NewId() + "b",
Type: model.CHANNEL_OPEN,
}
Must(store.Channel().Save(&c1))
c2 := model.Channel{
TeamId: teamId,
DisplayName: "Channel2",
Name: "a" + model.NewId() + "b",
Type: model.CHANNEL_OPEN,
}
Must(store.Channel().Save(&c2))
t.Logf("c1.Id = %v", c1.Id)
u1 := model.User{
TeamId: teamId,
Email: model.NewId(),
DeleteAt: 0,
}
Must(store.User().Save(&u1))
m1 := model.ChannelMember{
ChannelId: c1.Id,
UserId: u1.Id,
NotifyProps: model.GetDefaultChannelNotifyProps(),
}
Must(store.Channel().SaveMember(&m1))
u1.DeleteAt = model.GetMillis()
Must(store.User().Update(&u1, true))
if result := <-store.Channel().ExtraUpdateByUser(u1.Id, u1.DeleteAt); result.Err != nil {
t.Fatal("failed to update extras by user: %v", result.Err)
}
if result := <-store.Channel().GetExtraMembers(c1.Id, -1); result.Err != nil {
t.Fatal("failed to get extras: %v", result.Err)
} else if len(result.Data.([]model.ExtraMember)) != 0 {
t.Fatal("got incorrect member count %v", len(result.Data.([]model.ExtraMember)))
}
u1.DeleteAt = 0
Must(store.User().Update(&u1, true))
if result := <-store.Channel().ExtraUpdateByUser(u1.Id, u1.DeleteAt); result.Err != nil {
t.Fatal("failed to update extras by user: %v", result.Err)
}
if result := <-store.Channel().GetExtraMembers(c1.Id, -1); result.Err != nil {
t.Fatal("failed to get extras: %v", result.Err)
} else if len(result.Data.([]model.ExtraMember)) != 1 {
t.Fatal("got incorrect member count %v", len(result.Data.([]model.ExtraMember)))
}
}