Update dependencies (#1610)

* Update dependencies * Update module to go 1.17
author: Wim <wim@42.be> 2021-10-17 00:47:22 +0200
committer: GitHub <noreply@github.com> 2021-10-17 00:47:22 +0200
commit: 4dd8bae5c91fa4aef09d865d8fef1acd84f90925 (patch)
tree: ffad9b242daccaf8c86d1c1fbd59032302bd3be9 /vendor/github.com/mattermost/mattermost-server/v5/model/user.go
parent: 7ae45c42e712bd0e66c101f3f714c05aa1dc2104 (diff)
download: matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.tar.gz
matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.tar.bz2
matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.zip
1 files changed, 143 insertions, 56 deletions
diff --git a/vendor/github.com/mattermost/mattermost-server/v5/model/user.go b/vendor/github.com/mattermost/mattermost-server/v5/model/user.go
index dd4e2ba8..1745d726 100644
--- a/vendor/github.com/mattermost/mattermost-server/v5/model/user.go
+++ b/vendor/github.com/mattermost/mattermost-server/v5/model/user.go
@@ -9,17 +9,17 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
-	"math/rand"
 	"net/http"
 	"regexp"
 	"sort"
 	"strings"
-	"time"
 	"unicode/utf8"
 
-	"github.com/mattermost/mattermost-server/v5/services/timezones"
 	"golang.org/x/crypto/bcrypt"
 	"golang.org/x/text/language"
+
+	"github.com/mattermost/mattermost-server/v5/services/timezones"
+	"github.com/mattermost/mattermost-server/v5/shared/mlog"
 )
 
 const (
@@ -57,6 +57,7 @@ const (
 	USER_NAME_MIN_LENGTH      = 1
 	USER_PASSWORD_MAX_LENGTH  = 72
 	USER_LOCALE_MAX_LENGTH    = 5
+	USER_TIMEZONE_MAX_RUNES   = 256
 )
 
 //msgp:tuple User
@@ -90,12 +91,14 @@ type User struct {
 	Timezone               StringMap `json:"timezone"`
 	MfaActive              bool      `json:"mfa_active,omitempty"`
 	MfaSecret              string    `json:"mfa_secret,omitempty"`
+	RemoteId               *string   `json:"remote_id,omitempty"`
 	LastActivityAt         int64     `db:"-" json:"last_activity_at,omitempty"`
 	IsBot                  bool      `db:"-" json:"is_bot,omitempty"`
 	BotDescription         string    `db:"-" json:"bot_description,omitempty"`
 	BotLastIconUpdate      int64     `db:"-" json:"bot_last_icon_update,omitempty"`
 	TermsOfServiceId       string    `db:"-" json:"terms_of_service_id,omitempty"`
 	TermsOfServiceCreateAt int64     `db:"-" json:"terms_of_service_create_at,omitempty"`
+	DisableWelcomeEmail    bool      `db:"-" json:"disable_welcome_email"`
 }
 
 //msgp UserMap
@@ -104,11 +107,13 @@ type User struct {
 // It is used to generate methods which can be used for fast serialization/de-serialization.
 type UserMap map[string]*User
 
+//msgp:ignore UserUpdate
 type UserUpdate struct {
 	Old *User
 	New *User
 }
 
+//msgp:ignore UserPatch
 type UserPatch struct {
 	Username    *string   `json:"username"`
 	Password    *string   `json:"password,omitempty"`
@@ -121,14 +126,17 @@ type UserPatch struct {
 	NotifyProps StringMap `json:"notify_props,omitempty"`
 	Locale      *string   `json:"locale"`
 	Timezone    StringMap `json:"timezone"`
+	RemoteId    *string   `json:"remote_id"`
 }
 
+//msgp:ignore UserAuth
 type UserAuth struct {
-	Password    string  `json:"password,omitempty"`
+	Password    string  `json:"password,omitempty"` // DEPRECATED: It is not used.
 	AuthData    *string `json:"auth_data,omitempty"`
 	AuthService string  `json:"auth_service,omitempty"`
 }
 
+//msgp:ignore UserForIndexing
 type UserForIndexing struct {
 	Id          string   `json:"id"`
 	Username    string   `json:"username"`
@@ -142,6 +150,7 @@ type UserForIndexing struct {
 	ChannelsIds []string `json:"channel_id"`
 }
 
+//msgp:ignore ViewUsersRestrictions
 type ViewUsersRestrictions struct {
 	Teams    []string
 	Channels []string
@@ -158,6 +167,7 @@ func (r *ViewUsersRestrictions) Hash() string {
 	return fmt.Sprintf("%x", hash.Sum(nil))
 }
 
+//msgp:ignore UserSlice
 type UserSlice []*User
 
 func (u UserSlice) Usernames() []string {
@@ -262,11 +272,17 @@ func (u *User) IsValid() *AppError {
 		return InvalidUserError("update_at", u.Id)
 	}
 
-	if !IsValidUsername(u.Username) {
-		return InvalidUserError("username", u.Id)
+	if u.IsRemote() {
+		if !IsValidUsernameAllowRemote(u.Username) {
+			return InvalidUserError("username", u.Id)
+		}
+	} else {
+		if !IsValidUsername(u.Username) {
+			return InvalidUserError("username", u.Id)
+		}
 	}
 
-	if len(u.Email) > USER_EMAIL_MAX_LENGTH || len(u.Email) == 0 || !IsValidEmail(u.Email) {
+	if len(u.Email) > USER_EMAIL_MAX_LENGTH || u.Email == "" || !IsValidEmail(u.Email) {
 		return InvalidUserError("email", u.Id)
 	}
 
@@ -290,11 +306,11 @@ func (u *User) IsValid() *AppError {
 		return InvalidUserError("auth_data", u.Id)
 	}
 
-	if u.AuthData != nil && len(*u.AuthData) > 0 && len(u.AuthService) == 0 {
+	if u.AuthData != nil && *u.AuthData != "" && u.AuthService == "" {
 		return InvalidUserError("auth_data_type", u.Id)
 	}
 
-	if len(u.Password) > 0 && u.AuthData != nil && len(*u.AuthData) > 0 {
+	if u.Password != "" && u.AuthData != nil && *u.AuthData != "" {
 		return InvalidUserError("auth_data_pwd", u.Id)
 	}
 
@@ -306,6 +322,14 @@ func (u *User) IsValid() *AppError {
 		return InvalidUserError("locale", u.Id)
 	}
 
+	if len(u.Timezone) > 0 {
+		if tzJSON, err := json.Marshal(u.Timezone); err != nil {
+			return NewAppError("User.IsValid", "model.user.is_valid.marshal.app_error", nil, err.Error(), http.StatusInternalServerError)
+		} else if utf8.RuneCount(tzJSON) > USER_TIMEZONE_MAX_RUNES {
+			return InvalidUserError("timezone_limit", u.Id)
+		}
+	}
+
 	return nil
 }
 
@@ -373,7 +397,7 @@ func (u *User) PreSave() {
 		u.Timezone = timezones.DefaultUserTimezone()
 	}
 
-	if len(u.Password) > 0 {
+	if u.Password != "" {
 		u.Password = HashPassword(u.Password)
 	}
 }
@@ -406,7 +430,7 @@ func (u *User) PreUpdate() {
 		splitKeys := strings.Split(u.NotifyProps[MENTION_KEYS_NOTIFY_PROP], ",")
 		goodKeys := []string{}
 		for _, key := range splitKeys {
-			if len(key) > 0 {
+			if key != "" {
 				goodKeys = append(goodKeys, strings.ToLower(key))
 			}
 		}
@@ -497,6 +521,10 @@ func (u *User) Patch(patch *UserPatch) {
 	if patch.Timezone != nil {
 		u.Timezone = patch.Timezone
 	}
+
+	if patch.RemoteId != nil {
+		u.RemoteId = patch.RemoteId
+	}
 }
 
 // ToJson convert a User to a json string
@@ -553,6 +581,7 @@ func (u *User) SanitizeInput(isAdmin bool) {
 	u.FailedAttempts = 0
 	u.MfaActive = false
 	u.MfaSecret = ""
+	u.Email = strings.TrimSpace(u.Email)
 }
 
 func (u *User) ClearNonProfileFields() {
@@ -588,12 +617,22 @@ func (u *User) AddNotifyProp(key string, value string) {
 	u.NotifyProps[key] = value
 }
 
+func (u *User) SetCustomStatus(cs *CustomStatus) {
+	u.MakeNonNil()
+	u.Props[UserPropsKeyCustomStatus] = cs.ToJson()
+}
+
+func (u *User) ClearCustomStatus() {
+	u.MakeNonNil()
+	u.Props[UserPropsKeyCustomStatus] = ""
+}
+
 func (u *User) GetFullName() string {
-	if len(u.FirstName) > 0 && len(u.LastName) > 0 {
+	if u.FirstName != "" && u.LastName != "" {
 		return u.FirstName + " " + u.LastName
-	} else if len(u.FirstName) > 0 {
+	} else if u.FirstName != "" {
 		return u.FirstName
-	} else if len(u.LastName) > 0 {
+	} else if u.LastName != "" {
 		return u.LastName
 	} else {
 		return ""
@@ -604,13 +643,13 @@ func (u *User) getDisplayName(baseName, nameFormat string) string {
 	displayName := baseName
 
 	if nameFormat == SHOW_NICKNAME_FULLNAME {
-		if len(u.Nickname) > 0 {
+		if u.Nickname != "" {
 			displayName = u.Nickname
-		} else if fullName := u.GetFullName(); len(fullName) > 0 {
+		} else if fullName := u.GetFullName(); fullName != "" {
 			displayName = fullName
 		}
 	} else if nameFormat == SHOW_FULLNAME {
-		if fullName := u.GetFullName(); len(fullName) > 0 {
+		if fullName := u.GetFullName(); fullName != "" {
 			displayName = fullName
 		}
 	}
@@ -691,7 +730,10 @@ func (u *User) IsSSOUser() bool {
 }
 
 func (u *User) IsOAuthUser() bool {
-	return u.AuthService == USER_AUTH_SERVICE_GITLAB
+	return u.AuthService == SERVICE_GITLAB ||
+		u.AuthService == SERVICE_GOOGLE ||
+		u.AuthService == SERVICE_OFFICE365 ||
+		u.AuthService == SERVICE_OPENID
 }
 
 func (u *User) IsLDAPUser() bool {
@@ -706,6 +748,61 @@ func (u *User) GetPreferredTimezone() string {
 	return GetPreferredTimezone(u.Timezone)
 }
 
+// IsRemote returns true if the user belongs to a remote cluster (has RemoteId).
+func (u *User) IsRemote() bool {
+	return u.RemoteId != nil && *u.RemoteId != ""
+}
+
+// GetRemoteID returns the remote id for this user or "" if not a remote user.
+func (u *User) GetRemoteID() string {
+	if u.RemoteId != nil {
+		return *u.RemoteId
+	}
+	return ""
+}
+
+// GetProp fetches a prop value by name.
+func (u *User) GetProp(name string) (string, bool) {
+	val, ok := u.Props[name]
+	return val, ok
+}
+
+// SetProp sets a prop value by name, creating the map if nil.
+// Not thread safe.
+func (u *User) SetProp(name string, value string) {
+	if u.Props == nil {
+		u.Props = make(map[string]string)
+	}
+	u.Props[name] = value
+}
+
+func (u *User) ToPatch() *UserPatch {
+	return &UserPatch{
+		Username: &u.Username, Password: &u.Password,
+		Nickname: &u.Nickname, FirstName: &u.FirstName, LastName: &u.LastName,
+		Position: &u.Position, Email: &u.Email,
+		Props: u.Props, NotifyProps: u.NotifyProps,
+		Locale: &u.Locale, Timezone: u.Timezone,
+	}
+}
+
+func (u *UserPatch) SetField(fieldName string, fieldValue string) {
+	switch fieldName {
+	case "FirstName":
+		u.FirstName = &fieldValue
+	case "LastName":
+		u.LastName = &fieldValue
+	case "Nickname":
+		u.Nickname = &fieldValue
+	case "Email":
+		u.Email = &fieldValue
+	case "Position":
+		u.Position = &fieldValue
+	case "Username":
+		u.Username = &fieldValue
+	}
+}
+
 // UserFromJson will decode the input and return a User
 func UserFromJson(data io.Reader) *User {
 	var user *User
@@ -758,9 +855,10 @@ func HashPassword(password string) string {
 }
 
 // ComparePassword compares the hash
+// This function is deprecated and will be removed in a future release.
 func ComparePassword(hash string, password string) bool {
 
-	if len(password) == 0 || len(hash) == 0 {
+	if password == "" || hash == "" {
 		return false
 	}
 
@@ -769,12 +867,13 @@ func ComparePassword(hash string, password string) bool {
 }
 
 var validUsernameChars = regexp.MustCompile(`^[a-z0-9\.\-_]+$`)
+var validUsernameCharsForRemote = regexp.MustCompile(`^[a-z0-9\.\-_:]+$`)
 
-var restrictedUsernames = []string{
-	"all",
-	"channel",
-	"matterbot",
-	"system",
+var restrictedUsernames = map[string]struct{}{
+	"all":       {},
+	"channel":   {},
+	"matterbot": {},
+	"system":    {},
 }
 
 func IsValidUsername(s string) bool {
@@ -786,17 +885,25 @@ func IsValidUsername(s string) bool {
 		return false
 	}
 
-	for _, restrictedUsername := range restrictedUsernames {
-		if s == restrictedUsername {
-			return false
-		}
+	_, found := restrictedUsernames[s]
+	return !found
+}
+
+func IsValidUsernameAllowRemote(s string) bool {
+	if len(s) < USER_NAME_MIN_LENGTH || len(s) > USER_NAME_MAX_LENGTH {
+		return false
 	}
 
-	return true
+	if !validUsernameCharsForRemote.MatchString(s) {
+		return false
+	}
+
+	_, found := restrictedUsernames[s]
+	return !found
 }
 
-func CleanUsername(s string) string {
-	s = NormalizeUsername(strings.Replace(s, " ", "-", -1))
+func CleanUsername(username string) string {
+	s := NormalizeUsername(strings.Replace(username, " ", "-", -1))
 
 	for _, value := range reservedName {
 		if s == value {
@@ -817,6 +924,8 @@ func CleanUsername(s string) string {
 
 	if !IsValidUsername(s) {
 		s = "a" + NewId()
+		mlog.Warn("Generating new username since provided username was invalid",
+			mlog.String("provided_username", username), mlog.String("new_username", s))
 	}
 
 	return s
@@ -858,6 +967,7 @@ func IsValidLocale(locale string) bool {
 	return true
 }
 
+//msgp:ignore UserWithGroups
 type UserWithGroups struct {
 	User
 	GroupIDs    *string  `json:"-"`
@@ -872,12 +982,13 @@ func (u *UserWithGroups) GetGroupIDs() []string {
 		return nil
 	}
 	trimmed := strings.TrimSpace(*u.GroupIDs)
-	if len(trimmed) == 0 {
+	if trimmed == "" {
 		return nil
 	}
 	return strings.Split(trimmed, ",")
 }
 
+//msgp:ignore UsersWithGroupsAndCount
 type UsersWithGroupsAndCount struct {
 	Users []*UserWithGroups `json:"users"`
 	Count int64             `json:"total_count"`
@@ -889,27 +1000,3 @@ func UsersWithGroupsAndCountFromJson(data io.Reader) *UsersWithGroupsAndCount {
 	json.Unmarshal(bodyBytes, uwg)
 	return uwg
 }
-
-var passwordRandomSource = rand.NewSource(time.Now().Unix())
-var passwordSpecialChars = "!$%^&*(),."
-var passwordNumbers = "0123456789"
-var passwordUpperCaseLetters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-var passwordLowerCaseLetters = "abcdefghijklmnopqrstuvwxyz"
-var passwordAllChars = passwordSpecialChars + passwordNumbers + passwordUpperCaseLetters + passwordLowerCaseLetters
-
-func GeneratePassword(minimumLength int) string {
-	r := rand.New(passwordRandomSource)
-
-	// Make sure we are guaranteed at least one of each type to meet any possible password complexity requirements.
-	password := string([]rune(passwordUpperCaseLetters)[r.Intn(len(passwordUpperCaseLetters))]) +
-		string([]rune(passwordNumbers)[r.Intn(len(passwordNumbers))]) +
-		string([]rune(passwordLowerCaseLetters)[r.Intn(len(passwordLowerCaseLetters))]) +
-		string([]rune(passwordSpecialChars)[r.Intn(len(passwordSpecialChars))])
-
-	for len(password) < minimumLength {
-		i := r.Intn(len(passwordAllChars))
-		password = password + string([]rune(passwordAllChars)[i])
-	}
-
-	return password
-}
author	Wim <wim@42.be>	2021-10-17 00:47:22 +0200
committer	GitHub <noreply@github.com>	2021-10-17 00:47:22 +0200
commit	4dd8bae5c91fa4aef09d865d8fef1acd84f90925 (patch)
tree	ffad9b242daccaf8c86d1c1fbd59032302bd3be9 /vendor/github.com/mattermost/mattermost-server/v5/model/user.go
parent	7ae45c42e712bd0e66c101f3f714c05aa1dc2104 (diff)
download	matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.tar.gz matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.tar.bz2 matterbridge-msglm-4dd8bae5c91fa4aef09d865d8fef1acd84f90925.zip