diff options
Diffstat (limited to 'vendor/github.com/mattermost/mattermost-server/v5/model/user.go')
-rw-r--r-- | vendor/github.com/mattermost/mattermost-server/v5/model/user.go | 199 |
1 files changed, 143 insertions, 56 deletions
diff --git a/vendor/github.com/mattermost/mattermost-server/v5/model/user.go b/vendor/github.com/mattermost/mattermost-server/v5/model/user.go index dd4e2ba8..1745d726 100644 --- a/vendor/github.com/mattermost/mattermost-server/v5/model/user.go +++ b/vendor/github.com/mattermost/mattermost-server/v5/model/user.go @@ -9,17 +9,17 @@ import ( "fmt" "io" "io/ioutil" - "math/rand" "net/http" "regexp" "sort" "strings" - "time" "unicode/utf8" - "github.com/mattermost/mattermost-server/v5/services/timezones" "golang.org/x/crypto/bcrypt" "golang.org/x/text/language" + + "github.com/mattermost/mattermost-server/v5/services/timezones" + "github.com/mattermost/mattermost-server/v5/shared/mlog" ) const ( @@ -57,6 +57,7 @@ const ( USER_NAME_MIN_LENGTH = 1 USER_PASSWORD_MAX_LENGTH = 72 USER_LOCALE_MAX_LENGTH = 5 + USER_TIMEZONE_MAX_RUNES = 256 ) //msgp:tuple User @@ -90,12 +91,14 @@ type User struct { Timezone StringMap `json:"timezone"` MfaActive bool `json:"mfa_active,omitempty"` MfaSecret string `json:"mfa_secret,omitempty"` + RemoteId *string `json:"remote_id,omitempty"` LastActivityAt int64 `db:"-" json:"last_activity_at,omitempty"` IsBot bool `db:"-" json:"is_bot,omitempty"` BotDescription string `db:"-" json:"bot_description,omitempty"` BotLastIconUpdate int64 `db:"-" json:"bot_last_icon_update,omitempty"` TermsOfServiceId string `db:"-" json:"terms_of_service_id,omitempty"` TermsOfServiceCreateAt int64 `db:"-" json:"terms_of_service_create_at,omitempty"` + DisableWelcomeEmail bool `db:"-" json:"disable_welcome_email"` } //msgp UserMap @@ -104,11 +107,13 @@ type User struct { // It is used to generate methods which can be used for fast serialization/de-serialization. type UserMap map[string]*User +//msgp:ignore UserUpdate type UserUpdate struct { Old *User New *User } +//msgp:ignore UserPatch type UserPatch struct { Username *string `json:"username"` Password *string `json:"password,omitempty"` @@ -121,14 +126,17 @@ type UserPatch struct { NotifyProps StringMap `json:"notify_props,omitempty"` Locale *string `json:"locale"` Timezone StringMap `json:"timezone"` + RemoteId *string `json:"remote_id"` } +//msgp:ignore UserAuth type UserAuth struct { - Password string `json:"password,omitempty"` + Password string `json:"password,omitempty"` // DEPRECATED: It is not used. AuthData *string `json:"auth_data,omitempty"` AuthService string `json:"auth_service,omitempty"` } +//msgp:ignore UserForIndexing type UserForIndexing struct { Id string `json:"id"` Username string `json:"username"` @@ -142,6 +150,7 @@ type UserForIndexing struct { ChannelsIds []string `json:"channel_id"` } +//msgp:ignore ViewUsersRestrictions type ViewUsersRestrictions struct { Teams []string Channels []string @@ -158,6 +167,7 @@ func (r *ViewUsersRestrictions) Hash() string { return fmt.Sprintf("%x", hash.Sum(nil)) } +//msgp:ignore UserSlice type UserSlice []*User func (u UserSlice) Usernames() []string { @@ -262,11 +272,17 @@ func (u *User) IsValid() *AppError { return InvalidUserError("update_at", u.Id) } - if !IsValidUsername(u.Username) { - return InvalidUserError("username", u.Id) + if u.IsRemote() { + if !IsValidUsernameAllowRemote(u.Username) { + return InvalidUserError("username", u.Id) + } + } else { + if !IsValidUsername(u.Username) { + return InvalidUserError("username", u.Id) + } } - if len(u.Email) > USER_EMAIL_MAX_LENGTH || len(u.Email) == 0 || !IsValidEmail(u.Email) { + if len(u.Email) > USER_EMAIL_MAX_LENGTH || u.Email == "" || !IsValidEmail(u.Email) { return InvalidUserError("email", u.Id) } @@ -290,11 +306,11 @@ func (u *User) IsValid() *AppError { return InvalidUserError("auth_data", u.Id) } - if u.AuthData != nil && len(*u.AuthData) > 0 && len(u.AuthService) == 0 { + if u.AuthData != nil && *u.AuthData != "" && u.AuthService == "" { return InvalidUserError("auth_data_type", u.Id) } - if len(u.Password) > 0 && u.AuthData != nil && len(*u.AuthData) > 0 { + if u.Password != "" && u.AuthData != nil && *u.AuthData != "" { return InvalidUserError("auth_data_pwd", u.Id) } @@ -306,6 +322,14 @@ func (u *User) IsValid() *AppError { return InvalidUserError("locale", u.Id) } + if len(u.Timezone) > 0 { + if tzJSON, err := json.Marshal(u.Timezone); err != nil { + return NewAppError("User.IsValid", "model.user.is_valid.marshal.app_error", nil, err.Error(), http.StatusInternalServerError) + } else if utf8.RuneCount(tzJSON) > USER_TIMEZONE_MAX_RUNES { + return InvalidUserError("timezone_limit", u.Id) + } + } + return nil } @@ -373,7 +397,7 @@ func (u *User) PreSave() { u.Timezone = timezones.DefaultUserTimezone() } - if len(u.Password) > 0 { + if u.Password != "" { u.Password = HashPassword(u.Password) } } @@ -406,7 +430,7 @@ func (u *User) PreUpdate() { splitKeys := strings.Split(u.NotifyProps[MENTION_KEYS_NOTIFY_PROP], ",") goodKeys := []string{} for _, key := range splitKeys { - if len(key) > 0 { + if key != "" { goodKeys = append(goodKeys, strings.ToLower(key)) } } @@ -497,6 +521,10 @@ func (u *User) Patch(patch *UserPatch) { if patch.Timezone != nil { u.Timezone = patch.Timezone } + + if patch.RemoteId != nil { + u.RemoteId = patch.RemoteId + } } // ToJson convert a User to a json string @@ -553,6 +581,7 @@ func (u *User) SanitizeInput(isAdmin bool) { u.FailedAttempts = 0 u.MfaActive = false u.MfaSecret = "" + u.Email = strings.TrimSpace(u.Email) } func (u *User) ClearNonProfileFields() { @@ -588,12 +617,22 @@ func (u *User) AddNotifyProp(key string, value string) { u.NotifyProps[key] = value } +func (u *User) SetCustomStatus(cs *CustomStatus) { + u.MakeNonNil() + u.Props[UserPropsKeyCustomStatus] = cs.ToJson() +} + +func (u *User) ClearCustomStatus() { + u.MakeNonNil() + u.Props[UserPropsKeyCustomStatus] = "" +} + func (u *User) GetFullName() string { - if len(u.FirstName) > 0 && len(u.LastName) > 0 { + if u.FirstName != "" && u.LastName != "" { return u.FirstName + " " + u.LastName - } else if len(u.FirstName) > 0 { + } else if u.FirstName != "" { return u.FirstName - } else if len(u.LastName) > 0 { + } else if u.LastName != "" { return u.LastName } else { return "" @@ -604,13 +643,13 @@ func (u *User) getDisplayName(baseName, nameFormat string) string { displayName := baseName if nameFormat == SHOW_NICKNAME_FULLNAME { - if len(u.Nickname) > 0 { + if u.Nickname != "" { displayName = u.Nickname - } else if fullName := u.GetFullName(); len(fullName) > 0 { + } else if fullName := u.GetFullName(); fullName != "" { displayName = fullName } } else if nameFormat == SHOW_FULLNAME { - if fullName := u.GetFullName(); len(fullName) > 0 { + if fullName := u.GetFullName(); fullName != "" { displayName = fullName } } @@ -691,7 +730,10 @@ func (u *User) IsSSOUser() bool { } func (u *User) IsOAuthUser() bool { - return u.AuthService == USER_AUTH_SERVICE_GITLAB + return u.AuthService == SERVICE_GITLAB || + u.AuthService == SERVICE_GOOGLE || + u.AuthService == SERVICE_OFFICE365 || + u.AuthService == SERVICE_OPENID } func (u *User) IsLDAPUser() bool { @@ -706,6 +748,61 @@ func (u *User) GetPreferredTimezone() string { return GetPreferredTimezone(u.Timezone) } +// IsRemote returns true if the user belongs to a remote cluster (has RemoteId). +func (u *User) IsRemote() bool { + return u.RemoteId != nil && *u.RemoteId != "" +} + +// GetRemoteID returns the remote id for this user or "" if not a remote user. +func (u *User) GetRemoteID() string { + if u.RemoteId != nil { + return *u.RemoteId + } + return "" +} + +// GetProp fetches a prop value by name. +func (u *User) GetProp(name string) (string, bool) { + val, ok := u.Props[name] + return val, ok +} + +// SetProp sets a prop value by name, creating the map if nil. +// Not thread safe. +func (u *User) SetProp(name string, value string) { + if u.Props == nil { + u.Props = make(map[string]string) + } + u.Props[name] = value +} + +func (u *User) ToPatch() *UserPatch { + return &UserPatch{ + Username: &u.Username, Password: &u.Password, + Nickname: &u.Nickname, FirstName: &u.FirstName, LastName: &u.LastName, + Position: &u.Position, Email: &u.Email, + Props: u.Props, NotifyProps: u.NotifyProps, + Locale: &u.Locale, Timezone: u.Timezone, + } +} + +func (u *UserPatch) SetField(fieldName string, fieldValue string) { + switch fieldName { + case "FirstName": + u.FirstName = &fieldValue + case "LastName": + u.LastName = &fieldValue + case "Nickname": + u.Nickname = &fieldValue + case "Email": + u.Email = &fieldValue + case "Position": + u.Position = &fieldValue + case "Username": + u.Username = &fieldValue + } +} + // UserFromJson will decode the input and return a User func UserFromJson(data io.Reader) *User { var user *User @@ -758,9 +855,10 @@ func HashPassword(password string) string { } // ComparePassword compares the hash +// This function is deprecated and will be removed in a future release. func ComparePassword(hash string, password string) bool { - if len(password) == 0 || len(hash) == 0 { + if password == "" || hash == "" { return false } @@ -769,12 +867,13 @@ func ComparePassword(hash string, password string) bool { } var validUsernameChars = regexp.MustCompile(`^[a-z0-9\.\-_]+$`) +var validUsernameCharsForRemote = regexp.MustCompile(`^[a-z0-9\.\-_:]+$`) -var restrictedUsernames = []string{ - "all", - "channel", - "matterbot", - "system", +var restrictedUsernames = map[string]struct{}{ + "all": {}, + "channel": {}, + "matterbot": {}, + "system": {}, } func IsValidUsername(s string) bool { @@ -786,17 +885,25 @@ func IsValidUsername(s string) bool { return false } - for _, restrictedUsername := range restrictedUsernames { - if s == restrictedUsername { - return false - } + _, found := restrictedUsernames[s] + return !found +} + +func IsValidUsernameAllowRemote(s string) bool { + if len(s) < USER_NAME_MIN_LENGTH || len(s) > USER_NAME_MAX_LENGTH { + return false } - return true + if !validUsernameCharsForRemote.MatchString(s) { + return false + } + + _, found := restrictedUsernames[s] + return !found } -func CleanUsername(s string) string { - s = NormalizeUsername(strings.Replace(s, " ", "-", -1)) +func CleanUsername(username string) string { + s := NormalizeUsername(strings.Replace(username, " ", "-", -1)) for _, value := range reservedName { if s == value { @@ -817,6 +924,8 @@ func CleanUsername(s string) string { if !IsValidUsername(s) { s = "a" + NewId() + mlog.Warn("Generating new username since provided username was invalid", + mlog.String("provided_username", username), mlog.String("new_username", s)) } return s @@ -858,6 +967,7 @@ func IsValidLocale(locale string) bool { return true } +//msgp:ignore UserWithGroups type UserWithGroups struct { User GroupIDs *string `json:"-"` @@ -872,12 +982,13 @@ func (u *UserWithGroups) GetGroupIDs() []string { return nil } trimmed := strings.TrimSpace(*u.GroupIDs) - if len(trimmed) == 0 { + if trimmed == "" { return nil } return strings.Split(trimmed, ",") } +//msgp:ignore UsersWithGroupsAndCount type UsersWithGroupsAndCount struct { Users []*UserWithGroups `json:"users"` Count int64 `json:"total_count"` @@ -889,27 +1000,3 @@ func UsersWithGroupsAndCountFromJson(data io.Reader) *UsersWithGroupsAndCount { json.Unmarshal(bodyBytes, uwg) return uwg } - -var passwordRandomSource = rand.NewSource(time.Now().Unix()) -var passwordSpecialChars = "!$%^&*(),." -var passwordNumbers = "0123456789" -var passwordUpperCaseLetters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" -var passwordLowerCaseLetters = "abcdefghijklmnopqrstuvwxyz" -var passwordAllChars = passwordSpecialChars + passwordNumbers + passwordUpperCaseLetters + passwordLowerCaseLetters - -func GeneratePassword(minimumLength int) string { - r := rand.New(passwordRandomSource) - - // Make sure we are guaranteed at least one of each type to meet any possible password complexity requirements. - password := string([]rune(passwordUpperCaseLetters)[r.Intn(len(passwordUpperCaseLetters))]) + - string([]rune(passwordNumbers)[r.Intn(len(passwordNumbers))]) + - string([]rune(passwordLowerCaseLetters)[r.Intn(len(passwordLowerCaseLetters))]) + - string([]rune(passwordSpecialChars)[r.Intn(len(passwordSpecialChars))]) - - for len(password) < minimumLength { - i := r.Intn(len(passwordAllChars)) - password = password + string([]rune(passwordAllChars)[i]) - } - - return password -} |