func SlackAddUsers(teamId string, slackusers []SlackUser, log *bytes.Buffer) map[string]*model.User { // Log header log.WriteString(utils.T("api.slackimport.slack_add_users.created")) log.WriteString("===============\r\n\r\n") addedUsers := make(map[string]*model.User) // Need the team var team *model.Team if result := <-app.Srv.Store.Team().Get(teamId); result.Err != nil { log.WriteString(utils.T("api.slackimport.slack_import.team_fail")) return addedUsers } else { team = result.Data.(*model.Team) } for _, sUser := range slackusers { firstName := "" lastName := "" if name, ok := sUser.Profile["first_name"]; ok { firstName = name } if name, ok := sUser.Profile["last_name"]; ok { lastName = name } email := sUser.Profile["email"] password := model.NewId() // Check for email conflict and use existing user if found if result := <-app.Srv.Store.User().GetByEmail(email); result.Err == nil { existingUser := result.Data.(*model.User) addedUsers[sUser.Id] = existingUser if err := app.JoinUserToTeam(team, addedUsers[sUser.Id]); err != nil { log.WriteString(utils.T("api.slackimport.slack_add_users.merge_existing_failed", map[string]interface{}{"Email": existingUser.Email, "Username": existingUser.Username})) } else { log.WriteString(utils.T("api.slackimport.slack_add_users.merge_existing", map[string]interface{}{"Email": existingUser.Email, "Username": existingUser.Username})) } continue } newUser := model.User{ Username: sUser.Username, FirstName: firstName, LastName: lastName, Email: email, Password: password, } if mUser := ImportUser(team, &newUser); mUser != nil { addedUsers[sUser.Id] = mUser log.WriteString(utils.T("api.slackimport.slack_add_users.email_pwd", map[string]interface{}{"Email": newUser.Email, "Password": password})) } else { log.WriteString(utils.T("api.slackimport.slack_add_users.unable_import", map[string]interface{}{"Username": sUser.Username})) } } return addedUsers }
func addUserToTeam(team *model.Team, user *model.User, userArg string) { if user == nil { CommandPrintErrorln("Can't find user '" + userArg + "'") return } if err := app.JoinUserToTeam(team, user); err != nil { CommandPrintErrorln("Unable to add '" + userArg + "' to " + team.Name) } }
func cmdCreateUser() { if flagCmdCreateUser { if len(flagEmail) == 0 { fmt.Fprintln(os.Stderr, "flag needs an argument: -email") os.Exit(1) } if len(flagPassword) == 0 { fmt.Fprintln(os.Stderr, "flag needs an argument: -password") os.Exit(1) } var team *model.Team user := &model.User{} user.Email = flagEmail user.Password = flagPassword if len(flagUsername) == 0 { splits := strings.Split(strings.Replace(flagEmail, "@", " ", -1), " ") user.Username = splits[0] } else { user.Username = flagUsername } if len(flagTeamName) > 0 { if result := <-app.Srv.Store.Team().GetByName(flagTeamName); result.Err != nil { l4g.Error("%v", result.Err) flushLogAndExit(1) } else { team = result.Data.(*model.Team) } } ruser, err := app.CreateUser(user) if err != nil { if err.Id != "store.sql_user.save.email_exists.app_error" { l4g.Error("%v", err) flushLogAndExit(1) } } if team != nil { err = app.JoinUserToTeam(team, ruser) if err != nil { l4g.Error("%v", err) flushLogAndExit(1) } } os.Exit(0) } }
func LinkUserToTeam(user *model.User, team *model.Team) { utils.DisableDebugLogForTest() err := app.JoinUserToTeam(team, user) if err != nil { l4g.Error(err.Error()) l4g.Close() time.Sleep(time.Second) panic(err) } utils.EnableDebugLogForTest() }
func TestIncomingWebhook(t *testing.T) { Setup() team := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "*****@*****.**", Type: model.TEAM_OPEN} team = ApiClient.Must(ApiClient.CreateTeam(team)).Data.(*model.Team) user := &model.User{Email: model.NewId() + "*****@*****.**", Nickname: "Corey Hulen", Password: "******"} user = ApiClient.Must(ApiClient.CreateUser(user, "")).Data.(*model.User) store.Must(app.Srv.Store.User().VerifyEmail(user.Id)) app.JoinUserToTeam(team, user) api.UpdateUserRoles(user, model.ROLE_SYSTEM_ADMIN.Id) ApiClient.Login(user.Email, "passwd1") ApiClient.SetTeamId(team.Id) channel1 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} channel1 = ApiClient.Must(ApiClient.CreateChannel(channel1)).Data.(*model.Channel) if utils.Cfg.ServiceSettings.EnableIncomingWebhooks { hook1 := &model.IncomingWebhook{ChannelId: channel1.Id} hook1 = ApiClient.Must(ApiClient.CreateIncomingWebhook(hook1)).Data.(*model.IncomingWebhook) payload := "payload={\"text\": \"test text\"}" if _, err := ApiClient.PostToWebhook(hook1.Id, payload); err != nil { t.Fatal(err) } payload = "payload={\"text\": \"\"}" if _, err := ApiClient.PostToWebhook(hook1.Id, payload); err == nil { t.Fatal("should have errored - no text to post") } payload = "payload={\"text\": \"test text\", \"channel\": \"junk\"}" if _, err := ApiClient.PostToWebhook(hook1.Id, payload); err == nil { t.Fatal("should have errored - bad channel") } payload = "payload={\"text\": \"test text\"}" if _, err := ApiClient.PostToWebhook("abc123", payload); err == nil { t.Fatal("should have errored - bad hook") } } else { if _, err := ApiClient.PostToWebhook("123", "123"); err == nil { t.Fatal("should have failed - webhooks turned off") } } }
func createTeam(c *Context, w http.ResponseWriter, r *http.Request) { team := model.TeamFromJson(r.Body) if team == nil { c.SetInvalidParam("createTeam", "team") return } var user *model.User if len(c.Session.UserId) > 0 { uchan := app.Srv.Store.User().Get(c.Session.UserId) if result := <-uchan; result.Err != nil { c.Err = result.Err return } else { user = result.Data.(*model.User) team.Email = user.Email } } if !isTeamCreationAllowed(c, team.Email) { return } rteam, err := app.CreateTeam(team) if err != nil { c.Err = err return } if user != nil { err := app.JoinUserToTeam(team, user) if err != nil { c.Err = err return } } w.Write([]byte(rteam.ToJson())) }
func addUserToTeam(c *Context, w http.ResponseWriter, r *http.Request) { params := model.MapFromJson(r.Body) userId := params["user_id"] if len(userId) != 26 { c.SetInvalidParam("addUserToTeam", "user_id") return } tchan := app.Srv.Store.Team().Get(c.TeamId) uchan := app.Srv.Store.User().Get(userId) var team *model.Team if result := <-tchan; result.Err != nil { c.Err = result.Err return } else { team = result.Data.(*model.Team) } var user *model.User if result := <-uchan; result.Err != nil { c.Err = result.Err return } else { user = result.Data.(*model.User) } if !HasPermissionToTeamContext(c, team.Id, model.PERMISSION_ADD_USER_TO_TEAM) { return } err := app.JoinUserToTeam(team, user) if err != nil { c.Err = err return } w.Write([]byte(model.MapToJson(params))) }
func ImportUser(team *model.Team, user *model.User) *model.User { user.MakeNonNil() user.Roles = model.ROLE_SYSTEM_USER.Id if result := <-app.Srv.Store.User().Save(user); result.Err != nil { l4g.Error(utils.T("api.import.import_user.saving.error"), result.Err) return nil } else { ruser := result.Data.(*model.User) if cresult := <-app.Srv.Store.User().VerifyEmail(ruser.Id); cresult.Err != nil { l4g.Error(utils.T("api.import.import_user.set_email.error"), cresult.Err) } if err := app.JoinUserToTeam(team, user); err != nil { l4g.Error(utils.T("api.import.import_user.join_team.error"), err) } return ruser } }
func cmdJoinTeam() { if flagCmdJoinTeam { if len(flagTeamName) == 0 { fmt.Fprintln(os.Stderr, "flag needs an argument: -team_name") os.Exit(1) } if len(flagEmail) == 0 { fmt.Fprintln(os.Stderr, "flag needs an argument: -email") os.Exit(1) } var team *model.Team if result := <-app.Srv.Store.Team().GetByName(flagTeamName); result.Err != nil { l4g.Error("%v", result.Err) flushLogAndExit(1) } else { team = result.Data.(*model.Team) } var user *model.User if result := <-app.Srv.Store.User().GetByEmail(flagEmail); result.Err != nil { l4g.Error("%v", result.Err) flushLogAndExit(1) } else { user = result.Data.(*model.User) } err := app.JoinUserToTeam(team, user) if err != nil { l4g.Error("%v", err) flushLogAndExit(1) } os.Exit(0) } }
func addUserToTeamFromInvite(c *Context, w http.ResponseWriter, r *http.Request) { params := model.MapFromJson(r.Body) hash := params["hash"] data := params["data"] inviteId := params["invite_id"] teamId := "" var team *model.Team if len(hash) > 0 { props := model.MapFromJson(strings.NewReader(data)) if !model.ComparePassword(hash, fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.InviteSalt)) { c.Err = model.NewLocAppError("addUserToTeamFromInvite", "api.user.create_user.signup_link_invalid.app_error", nil, "") return } t, err := strconv.ParseInt(props["time"], 10, 64) if err != nil || model.GetMillis()-t > 1000*60*60*48 { // 48 hours c.Err = model.NewLocAppError("addUserToTeamFromInvite", "api.user.create_user.signup_link_expired.app_error", nil, "") return } teamId = props["id"] // try to load the team to make sure it exists if result := <-app.Srv.Store.Team().Get(teamId); result.Err != nil { c.Err = result.Err return } else { team = result.Data.(*model.Team) } } if len(inviteId) > 0 { if result := <-app.Srv.Store.Team().GetByInviteId(inviteId); result.Err != nil { c.Err = result.Err return } else { team = result.Data.(*model.Team) teamId = team.Id } } if len(teamId) == 0 { c.Err = model.NewLocAppError("addUserToTeamFromInvite", "api.user.create_user.signup_link_invalid.app_error", nil, "") return } uchan := app.Srv.Store.User().Get(c.Session.UserId) var user *model.User if result := <-uchan; result.Err != nil { c.Err = result.Err return } else { user = result.Data.(*model.User) } tm := c.Session.GetTeamByTeamId(teamId) if tm == nil { err := app.JoinUserToTeam(team, user) if err != nil { c.Err = err return } } team.Sanitize() w.Write([]byte(team.ToJson())) }
func TestGetAccessToken(t *testing.T) { Setup() team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "*****@*****.**", Type: model.TEAM_OPEN} rteam, _ := ApiClient.CreateTeam(&team) user := model.User{Email: strings.ToLower(model.NewId()) + "*****@*****.**", Password: "******"} ruser := ApiClient.Must(ApiClient.CreateUser(&user, "")).Data.(*model.User) app.JoinUserToTeam(rteam.Data.(*model.Team), ruser) store.Must(app.Srv.Store.User().VerifyEmail(ruser.Id)) oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = false data := url.Values{"grant_type": []string{"junk"}, "client_id": []string{"12345678901234567890123456"}, "client_secret": []string{"12345678901234567890123456"}, "code": []string{"junk"}, "redirect_uri": []string{oauthApp.CallbackUrls[0]}} if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - oauth providing turned off") } utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = true ApiClient.Must(ApiClient.LoginById(ruser.Id, "passwd1")) ApiClient.SetTeamId(rteam.Data.(*model.Team).Id) *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false utils.SetDefaultRolesBasedOnConfig() oauthApp = ApiClient.Must(ApiClient.RegisterApp(oauthApp)).Data.(*model.OAuthApp) *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true utils.SetDefaultRolesBasedOnConfig() redirect := ApiClient.Must(ApiClient.AllowOAuth(model.AUTHCODE_RESPONSE_TYPE, oauthApp.Id, oauthApp.CallbackUrls[0], "all", "123")).Data.(map[string]string)["redirect"] rurl, _ := url.Parse(redirect) teamId := rteam.Data.(*model.Team).Id ApiClient.Logout() data = url.Values{"grant_type": []string{"junk"}, "client_id": []string{oauthApp.Id}, "client_secret": []string{oauthApp.ClientSecret}, "code": []string{rurl.Query().Get("code")}, "redirect_uri": []string{oauthApp.CallbackUrls[0]}} if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - bad grant type") } data.Set("grant_type", model.ACCESS_TOKEN_GRANT_TYPE) data.Set("client_id", "") if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - missing client id") } data.Set("client_id", "junk") if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - bad client id") } data.Set("client_id", oauthApp.Id) data.Set("client_secret", "") if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - missing client secret") } data.Set("client_secret", "junk") if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - bad client secret") } data.Set("client_secret", oauthApp.ClientSecret) data.Set("code", "") if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - missing code") } data.Set("code", "junk") if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - bad code") } data.Set("code", rurl.Query().Get("code")) data.Set("redirect_uri", "junk") if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - non-matching redirect uri") } // reset data for successful request data.Set("grant_type", model.ACCESS_TOKEN_GRANT_TYPE) data.Set("client_id", oauthApp.Id) data.Set("client_secret", oauthApp.ClientSecret) data.Set("code", rurl.Query().Get("code")) data.Set("redirect_uri", oauthApp.CallbackUrls[0]) token := "" if result, err := ApiClient.GetAccessToken(data); err != nil { t.Fatal(err) } else { rsp := result.Data.(*model.AccessResponse) if len(rsp.AccessToken) == 0 { t.Fatal("access token not returned") } else { token = rsp.AccessToken } if rsp.TokenType != model.ACCESS_TOKEN_TYPE { t.Fatal("access token type incorrect") } } if result, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100?access_token="+token, "", ""); err != nil { t.Fatal(err) } else { userMap := model.UserMapFromJson(result.Body) if len(userMap) == 0 { t.Fatal("user map empty - did not get results correctly") } } if _, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100", "", ""); err == nil { t.Fatal("should have failed - no access token provided") } if _, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100?access_token=junk", "", ""); err == nil { t.Fatal("should have failed - bad access token provided") } ApiClient.SetOAuthToken(token) if result, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100", "", ""); err != nil { t.Fatal(err) } else { userMap := model.UserMapFromJson(result.Body) if len(userMap) == 0 { t.Fatal("user map empty - did not get results correctly") } } if _, err := ApiClient.GetAccessToken(data); err == nil { t.Fatal("should have failed - tried to reuse auth code") } ApiClient.ClearOAuthToken() }