func checkSessionSwitch(c *api.Context, w http.ResponseWriter, r *http.Request, teamName string) *model.Team {
var team *model.Team
if result := <-api.Srv.Store.Team().GetByName(teamName); result.Err != nil {
c.Err = result.Err
return nil
} else {
team = result.Data.(*model.Team)
}
// We are logged into a different team. Lets see if we have another
// session in the cookie that will give us access.
if c.Session.TeamId != team.Id {
index, session := api.FindMultiSessionForTeamId(r, team.Id)
if session == nil {
// redirect to login
http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/?redirect="+url.QueryEscape(r.URL.Path), http.StatusTemporaryRedirect)
} else {
c.Session = *session
c.SessionTokenIndex = index
}
}
return team
}
func incomingWebhook(c *api.Context, w http.ResponseWriter, r *http.Request) {
if !utils.Cfg.ServiceSettings.EnableIncomingWebhooks {
c.Err = model.NewAppError("incomingWebhook", "Incoming webhooks have been disabled by the system admin.", "")
c.Err.StatusCode = http.StatusNotImplemented
return
}
params := mux.Vars(r)
id := params["id"]
hchan := api.Srv.Store.Webhook().GetIncoming(id)
r.ParseForm()
var props map[string]string
if r.Header.Get("Content-Type") == "application/json" {
props = model.MapFromJson(r.Body)
} else {
props = model.MapFromJson(strings.NewReader(r.FormValue("payload")))
}
text := props["text"]
if len(text) == 0 {
c.Err = model.NewAppError("incomingWebhook", "No text specified", "")
return
}
channelName := props["channel"]
var hook *model.IncomingWebhook
if result := <-hchan; result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Invalid webhook", "err="+result.Err.Message)
return
} else {
hook = result.Data.(*model.IncomingWebhook)
}
var channel *model.Channel
var cchan store.StoreChannel
if len(channelName) != 0 {
if channelName[0] == '@' {
if result := <-api.Srv.Store.User().GetByUsername(hook.TeamId, channelName[1:]); result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Couldn't find the user", "err="+result.Err.Message)
return
} else {
channelName = model.GetDMNameFromIds(result.Data.(*model.User).Id, hook.UserId)
}
} else if channelName[0] == '#' {
channelName = channelName[1:]
}
cchan = api.Srv.Store.Channel().GetByName(hook.TeamId, channelName)
} else {
cchan = api.Srv.Store.Channel().Get(hook.ChannelId)
}
overrideUsername := props["username"]
overrideIconUrl := props["icon_url"]
if result := <-cchan; result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Couldn't find the channel", "err="+result.Err.Message)
return
} else {
channel = result.Data.(*model.Channel)
}
pchan := api.Srv.Store.Channel().CheckPermissionsTo(hook.TeamId, channel.Id, hook.UserId)
// create a mock session
c.Session = model.Session{UserId: hook.UserId, TeamId: hook.TeamId, IsOAuth: false}
if !c.HasPermissionsToChannel(pchan, "createIncomingHook") && channel.Type != model.CHANNEL_OPEN {
c.Err = model.NewAppError("incomingWebhook", "Inappropriate channel permissions", "")
return
}
if _, err := api.CreateWebhookPost(c, channel.Id, text, overrideUsername, overrideIconUrl); err != nil {
c.Err = err
return
}
w.Header().Set("Content-Type", "text/plain")
w.Write([]byte("ok"))
}
func getChannel(c *api.Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
name := params["channelname"]
teamName := params["team"]
var team *model.Team
if result := <-api.Srv.Store.Team().GetByName(teamName); result.Err != nil {
c.Err = result.Err
return
} else {
team = result.Data.(*model.Team)
}
// We are logged into a different team. Lets see if we have another
// session in the cookie that will give us access.
if c.Session.TeamId != team.Id {
index, session := api.FindMultiSessionForTeamId(r, team.Id)
if session == nil {
// redirect to login
http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/?redirect="+url.QueryEscape(r.URL.Path), http.StatusTemporaryRedirect)
} else {
c.Session = *session
c.SessionTokenIndex = index
}
}
userChan := api.Srv.Store.User().Get(c.Session.UserId)
var channelId string
if result := <-api.Srv.Store.Channel().CheckPermissionsToByName(c.Session.TeamId, name, c.Session.UserId); result.Err != nil {
c.Err = result.Err
return
} else {
channelId = result.Data.(string)
}
var user *model.User
if ur := <-userChan; ur.Err != nil {
c.Err = ur.Err
c.RemoveSessionCookie(w, r)
l4g.Error("Error in getting users profile for id=%v forcing logout", c.Session.UserId)
return
} else {
user = ur.Data.(*model.User)
}
if len(channelId) == 0 {
if strings.Index(name, "__") > 0 {
// It's a direct message channel that doesn't exist yet so let's create it
ids := strings.Split(name, "__")
otherUserId := ""
if ids[0] == c.Session.UserId {
otherUserId = ids[1]
} else {
otherUserId = ids[0]
}
if sc, err := api.CreateDirectChannel(c, otherUserId); err != nil {
api.Handle404(w, r)
return
} else {
channelId = sc.Id
}
} else {
// We will attempt to auto-join open channels
if cr := <-api.Srv.Store.Channel().GetByName(c.Session.TeamId, name); cr.Err != nil {
http.Redirect(w, r, c.GetTeamURL()+"/channels/town-square", http.StatusFound)
} else {
channel := cr.Data.(*model.Channel)
if channel.Type == model.CHANNEL_OPEN {
api.JoinChannel(c, channel.Id, "")
if c.Err != nil {
return
}
channelId = channel.Id
} else {
http.Redirect(w, r, c.GetTeamURL()+"/channels/town-square", http.StatusFound)
}
}
}
}
page := NewHtmlTemplatePage("channel", "")
page.Props["Title"] = name + " - " + team.DisplayName + " " + page.ClientCfg["SiteName"]
page.Props["TeamDisplayName"] = team.DisplayName
page.Props["TeamName"] = team.Name
page.Props["TeamType"] = team.Type
page.Props["TeamId"] = team.Id
page.Props["ChannelName"] = name
page.Props["ChannelId"] = channelId
page.Props["UserId"] = c.Session.UserId
page.Team = team
page.User = user
page.Render(c, w)
}
func incomingWebhook(c *api.Context, w http.ResponseWriter, r *http.Request) {
if !utils.Cfg.ServiceSettings.EnableIncomingWebhooks {
c.Err = model.NewAppError("incomingWebhook", "Incoming webhooks have been disabled by the system admin.", "")
c.Err.StatusCode = http.StatusNotImplemented
return
}
params := mux.Vars(r)
id := params["id"]
hchan := api.Srv.Store.Webhook().GetIncoming(id)
r.ParseForm()
var parsedRequest *model.IncomingWebhookRequest
if r.Header.Get("Content-Type") == "application/json" {
parsedRequest = model.IncomingWebhookRequestFromJson(r.Body)
} else {
parsedRequest = model.IncomingWebhookRequestFromJson(strings.NewReader(r.FormValue("payload")))
}
if parsedRequest == nil {
c.Err = model.NewAppError("incomingWebhook", "Unable to parse incoming data", "")
return
}
text := parsedRequest.Text
if len(text) == 0 && parsedRequest.Attachments == nil {
c.Err = model.NewAppError("incomingWebhook", "No text specified", "")
return
}
channelName := parsedRequest.ChannelName
webhookType := parsedRequest.Type
//attachments is in here for slack compatibility
if parsedRequest.Attachments != nil {
if len(parsedRequest.Props) == 0 {
parsedRequest.Props = make(model.StringInterface)
}
parsedRequest.Props["attachments"] = parsedRequest.Attachments
webhookType = model.POST_SLACK_ATTACHMENT
}
var hook *model.IncomingWebhook
if result := <-hchan; result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Invalid webhook", "err="+result.Err.Message)
return
} else {
hook = result.Data.(*model.IncomingWebhook)
}
var channel *model.Channel
var cchan store.StoreChannel
if len(channelName) != 0 {
if channelName[0] == '@' {
if result := <-api.Srv.Store.User().GetByUsername(hook.TeamId, channelName[1:]); result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Couldn't find the user", "err="+result.Err.Message)
return
} else {
channelName = model.GetDMNameFromIds(result.Data.(*model.User).Id, hook.UserId)
}
} else if channelName[0] == '#' {
channelName = channelName[1:]
}
cchan = api.Srv.Store.Channel().GetByName(hook.TeamId, channelName)
} else {
cchan = api.Srv.Store.Channel().Get(hook.ChannelId)
}
overrideUsername := parsedRequest.Username
overrideIconUrl := parsedRequest.IconURL
if result := <-cchan; result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Couldn't find the channel", "err="+result.Err.Message)
return
} else {
channel = result.Data.(*model.Channel)
}
pchan := api.Srv.Store.Channel().CheckPermissionsTo(hook.TeamId, channel.Id, hook.UserId)
// create a mock session
c.Session = model.Session{UserId: hook.UserId, TeamId: hook.TeamId, IsOAuth: false}
if !c.HasPermissionsToChannel(pchan, "createIncomingHook") && channel.Type != model.CHANNEL_OPEN {
c.Err = model.NewAppError("incomingWebhook", "Inappropriate channel permissions", "")
return
}
if _, err := api.CreateWebhookPost(c, channel.Id, text, overrideUsername, overrideIconUrl, parsedRequest.Props, webhookType); err != nil {
c.Err = err
return
}
w.Header().Set("Content-Type", "text/plain")
w.Write([]byte("ok"))
}
func incomingWebhook(c *api.Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
id := params["id"]
hchan := api.Srv.Store.Webhook().GetIncoming(id)
r.ParseForm()
props := model.MapFromJson(strings.NewReader(r.FormValue("payload")))
text := props["text"]
if len(text) == 0 {
c.Err = model.NewAppError("incomingWebhook", "No text specified", "")
return
}
channelName := props["channel"]
var hook *model.IncomingWebhook
if result := <-hchan; result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Invalid webhook", "err="+result.Err.Message)
return
} else {
hook = result.Data.(*model.IncomingWebhook)
}
var channel *model.Channel
var cchan store.StoreChannel
if len(channelName) != 0 {
if channelName[0] == '@' {
if result := <-api.Srv.Store.User().GetByUsername(hook.TeamId, channelName[1:]); result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Couldn't find the user", "err="+result.Err.Message)
return
} else {
channelName = model.GetDMNameFromIds(result.Data.(*model.User).Id, hook.UserId)
}
} else if channelName[0] == '#' {
channelName = channelName[1:]
}
cchan = api.Srv.Store.Channel().GetByName(hook.TeamId, channelName)
} else {
cchan = api.Srv.Store.Channel().Get(hook.ChannelId)
}
// parse links into Markdown format
linkWithTextRegex := regexp.MustCompile(`<([^<\|]+)\|([^>]+)>`)
text = linkWithTextRegex.ReplaceAllString(text, "[${2}](${1})")
linkRegex := regexp.MustCompile(`<\s*(\S*)\s*>`)
text = linkRegex.ReplaceAllString(text, "${1}")
if result := <-cchan; result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Couldn't find the channel", "err="+result.Err.Message)
return
} else {
channel = result.Data.(*model.Channel)
}
pchan := api.Srv.Store.Channel().CheckPermissionsTo(hook.TeamId, channel.Id, hook.UserId)
post := &model.Post{UserId: hook.UserId, ChannelId: channel.Id, Message: text}
if !c.HasPermissionsToChannel(pchan, "createIncomingHook") && channel.Type != model.CHANNEL_OPEN {
c.Err = model.NewAppError("incomingWebhook", "Inappropriate channel permissions", "")
return
}
// create a mock session
c.Session = model.Session{UserId: hook.UserId, TeamId: hook.TeamId, IsOAuth: false}
if _, err := api.CreatePost(c, post, false); err != nil {
c.Err = model.NewAppError("incomingWebhook", "Error creating post", "err="+err.Message)
return
}
w.Header().Set("Content-Type", "text/plain")
w.Write([]byte("ok"))
}
func incomingWebhook(c *api.Context, w http.ResponseWriter, r *http.Request) {
if !utils.Cfg.ServiceSettings.EnableIncomingWebhooks {
c.Err = model.NewAppError("incomingWebhook", "Incoming webhooks have been disabled by the system admin.", "")
c.Err.StatusCode = http.StatusNotImplemented
return
}
params := mux.Vars(r)
id := params["id"]
hchan := api.Srv.Store.Webhook().GetIncoming(id)
r.ParseForm()
var props map[string]string
if r.Header.Get("Content-Type") == "application/json" {
props = model.MapFromJson(r.Body)
} else {
props = model.MapFromJson(strings.NewReader(r.FormValue("payload")))
}
text := props["text"]
if len(text) == 0 {
c.Err = model.NewAppError("incomingWebhook", "No text specified", "")
return
}
channelName := props["channel"]
overrideUsername := props["username"]
overrideIconUrl := props["icon_url"]
var hook *model.IncomingWebhook
if result := <-hchan; result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Invalid webhook", "err="+result.Err.Message)
return
} else {
hook = result.Data.(*model.IncomingWebhook)
}
var channel *model.Channel
var cchan store.StoreChannel
if len(channelName) != 0 {
if channelName[0] == '@' {
if result := <-api.Srv.Store.User().GetByUsername(hook.TeamId, channelName[1:]); result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Couldn't find the user", "err="+result.Err.Message)
return
} else {
channelName = model.GetDMNameFromIds(result.Data.(*model.User).Id, hook.UserId)
}
} else if channelName[0] == '#' {
channelName = channelName[1:]
}
cchan = api.Srv.Store.Channel().GetByName(hook.TeamId, channelName)
} else {
cchan = api.Srv.Store.Channel().Get(hook.ChannelId)
}
// parse links into Markdown format
linkWithTextRegex := regexp.MustCompile(`<([^<\|]+)\|([^>]+)>`)
text = linkWithTextRegex.ReplaceAllString(text, "[${2}](${1})")
linkRegex := regexp.MustCompile(`<\s*(\S*)\s*>`)
text = linkRegex.ReplaceAllString(text, "${1}")
if result := <-cchan; result.Err != nil {
c.Err = model.NewAppError("incomingWebhook", "Couldn't find the channel", "err="+result.Err.Message)
return
} else {
channel = result.Data.(*model.Channel)
}
pchan := api.Srv.Store.Channel().CheckPermissionsTo(hook.TeamId, channel.Id, hook.UserId)
post := &model.Post{UserId: hook.UserId, ChannelId: channel.Id, Message: text}
post.AddProp("from_webhook", "true")
if utils.Cfg.ServiceSettings.EnablePostUsernameOverride {
if len(overrideUsername) != 0 {
post.AddProp("override_username", overrideUsername)
} else {
post.AddProp("override_username", model.DEFAULT_WEBHOOK_USERNAME)
}
}
if utils.Cfg.ServiceSettings.EnablePostIconOverride {
if len(overrideIconUrl) != 0 {
post.AddProp("override_icon_url", overrideIconUrl)
} else {
post.AddProp("override_icon_url", model.DEFAULT_WEBHOOK_ICON)
}
}
if !c.HasPermissionsToChannel(pchan, "createIncomingHook") && channel.Type != model.CHANNEL_OPEN {
c.Err = model.NewAppError("incomingWebhook", "Inappropriate channel permissions", "")
return
}
// create a mock session
c.Session = model.Session{UserId: hook.UserId, TeamId: hook.TeamId, IsOAuth: false}
if _, err := api.CreatePost(c, post, false); err != nil {
c.Err = model.NewAppError("incomingWebhook", "Error creating post", "err="+err.Message)
return
}
w.Header().Set("Content-Type", "text/plain")
w.Write([]byte("ok"))
}