summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/mattermost/mattermost-server/v5/model/user.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/mattermost/mattermost-server/v5/model/user.go')
-rw-r--r--vendor/github.com/mattermost/mattermost-server/v5/model/user.go199
1 files changed, 143 insertions, 56 deletions
diff --git a/vendor/github.com/mattermost/mattermost-server/v5/model/user.go b/vendor/github.com/mattermost/mattermost-server/v5/model/user.go
index dd4e2ba8..1745d726 100644
--- a/vendor/github.com/mattermost/mattermost-server/v5/model/user.go
+++ b/vendor/github.com/mattermost/mattermost-server/v5/model/user.go
@@ -9,17 +9,17 @@ import (
"fmt"
"io"
"io/ioutil"
- "math/rand"
"net/http"
"regexp"
"sort"
"strings"
- "time"
"unicode/utf8"
- "github.com/mattermost/mattermost-server/v5/services/timezones"
"golang.org/x/crypto/bcrypt"
"golang.org/x/text/language"
+
+ "github.com/mattermost/mattermost-server/v5/services/timezones"
+ "github.com/mattermost/mattermost-server/v5/shared/mlog"
)
const (
@@ -57,6 +57,7 @@ const (
USER_NAME_MIN_LENGTH = 1
USER_PASSWORD_MAX_LENGTH = 72
USER_LOCALE_MAX_LENGTH = 5
+ USER_TIMEZONE_MAX_RUNES = 256
)
//msgp:tuple User
@@ -90,12 +91,14 @@ type User struct {
Timezone StringMap `json:"timezone"`
MfaActive bool `json:"mfa_active,omitempty"`
MfaSecret string `json:"mfa_secret,omitempty"`
+ RemoteId *string `json:"remote_id,omitempty"`
LastActivityAt int64 `db:"-" json:"last_activity_at,omitempty"`
IsBot bool `db:"-" json:"is_bot,omitempty"`
BotDescription string `db:"-" json:"bot_description,omitempty"`
BotLastIconUpdate int64 `db:"-" json:"bot_last_icon_update,omitempty"`
TermsOfServiceId string `db:"-" json:"terms_of_service_id,omitempty"`
TermsOfServiceCreateAt int64 `db:"-" json:"terms_of_service_create_at,omitempty"`
+ DisableWelcomeEmail bool `db:"-" json:"disable_welcome_email"`
}
//msgp UserMap
@@ -104,11 +107,13 @@ type User struct {
// It is used to generate methods which can be used for fast serialization/de-serialization.
type UserMap map[string]*User
+//msgp:ignore UserUpdate
type UserUpdate struct {
Old *User
New *User
}
+//msgp:ignore UserPatch
type UserPatch struct {
Username *string `json:"username"`
Password *string `json:"password,omitempty"`
@@ -121,14 +126,17 @@ type UserPatch struct {
NotifyProps StringMap `json:"notify_props,omitempty"`
Locale *string `json:"locale"`
Timezone StringMap `json:"timezone"`
+ RemoteId *string `json:"remote_id"`
}
+//msgp:ignore UserAuth
type UserAuth struct {
- Password string `json:"password,omitempty"`
+ Password string `json:"password,omitempty"` // DEPRECATED: It is not used.
AuthData *string `json:"auth_data,omitempty"`
AuthService string `json:"auth_service,omitempty"`
}
+//msgp:ignore UserForIndexing
type UserForIndexing struct {
Id string `json:"id"`
Username string `json:"username"`
@@ -142,6 +150,7 @@ type UserForIndexing struct {
ChannelsIds []string `json:"channel_id"`
}
+//msgp:ignore ViewUsersRestrictions
type ViewUsersRestrictions struct {
Teams []string
Channels []string
@@ -158,6 +167,7 @@ func (r *ViewUsersRestrictions) Hash() string {
return fmt.Sprintf("%x", hash.Sum(nil))
}
+//msgp:ignore UserSlice
type UserSlice []*User
func (u UserSlice) Usernames() []string {
@@ -262,11 +272,17 @@ func (u *User) IsValid() *AppError {
return InvalidUserError("update_at", u.Id)
}
- if !IsValidUsername(u.Username) {
- return InvalidUserError("username", u.Id)
+ if u.IsRemote() {
+ if !IsValidUsernameAllowRemote(u.Username) {
+ return InvalidUserError("username", u.Id)
+ }
+ } else {
+ if !IsValidUsername(u.Username) {
+ return InvalidUserError("username", u.Id)
+ }
}
- if len(u.Email) > USER_EMAIL_MAX_LENGTH || len(u.Email) == 0 || !IsValidEmail(u.Email) {
+ if len(u.Email) > USER_EMAIL_MAX_LENGTH || u.Email == "" || !IsValidEmail(u.Email) {
return InvalidUserError("email", u.Id)
}
@@ -290,11 +306,11 @@ func (u *User) IsValid() *AppError {
return InvalidUserError("auth_data", u.Id)
}
- if u.AuthData != nil && len(*u.AuthData) > 0 && len(u.AuthService) == 0 {
+ if u.AuthData != nil && *u.AuthData != "" && u.AuthService == "" {
return InvalidUserError("auth_data_type", u.Id)
}
- if len(u.Password) > 0 && u.AuthData != nil && len(*u.AuthData) > 0 {
+ if u.Password != "" && u.AuthData != nil && *u.AuthData != "" {
return InvalidUserError("auth_data_pwd", u.Id)
}
@@ -306,6 +322,14 @@ func (u *User) IsValid() *AppError {
return InvalidUserError("locale", u.Id)
}
+ if len(u.Timezone) > 0 {
+ if tzJSON, err := json.Marshal(u.Timezone); err != nil {
+ return NewAppError("User.IsValid", "model.user.is_valid.marshal.app_error", nil, err.Error(), http.StatusInternalServerError)
+ } else if utf8.RuneCount(tzJSON) > USER_TIMEZONE_MAX_RUNES {
+ return InvalidUserError("timezone_limit", u.Id)
+ }
+ }
+
return nil
}
@@ -373,7 +397,7 @@ func (u *User) PreSave() {
u.Timezone = timezones.DefaultUserTimezone()
}
- if len(u.Password) > 0 {
+ if u.Password != "" {
u.Password = HashPassword(u.Password)
}
}
@@ -406,7 +430,7 @@ func (u *User) PreUpdate() {
splitKeys := strings.Split(u.NotifyProps[MENTION_KEYS_NOTIFY_PROP], ",")
goodKeys := []string{}
for _, key := range splitKeys {
- if len(key) > 0 {
+ if key != "" {
goodKeys = append(goodKeys, strings.ToLower(key))
}
}
@@ -497,6 +521,10 @@ func (u *User) Patch(patch *UserPatch) {
if patch.Timezone != nil {
u.Timezone = patch.Timezone
}
+
+ if patch.RemoteId != nil {
+ u.RemoteId = patch.RemoteId
+ }
}
// ToJson convert a User to a json string
@@ -553,6 +581,7 @@ func (u *User) SanitizeInput(isAdmin bool) {
u.FailedAttempts = 0
u.MfaActive = false
u.MfaSecret = ""
+ u.Email = strings.TrimSpace(u.Email)
}
func (u *User) ClearNonProfileFields() {
@@ -588,12 +617,22 @@ func (u *User) AddNotifyProp(key string, value string) {
u.NotifyProps[key] = value
}
+func (u *User) SetCustomStatus(cs *CustomStatus) {
+ u.MakeNonNil()
+ u.Props[UserPropsKeyCustomStatus] = cs.ToJson()
+}
+
+func (u *User) ClearCustomStatus() {
+ u.MakeNonNil()
+ u.Props[UserPropsKeyCustomStatus] = ""
+}
+
func (u *User) GetFullName() string {
- if len(u.FirstName) > 0 && len(u.LastName) > 0 {
+ if u.FirstName != "" && u.LastName != "" {
return u.FirstName + " " + u.LastName
- } else if len(u.FirstName) > 0 {
+ } else if u.FirstName != "" {
return u.FirstName
- } else if len(u.LastName) > 0 {
+ } else if u.LastName != "" {
return u.LastName
} else {
return ""
@@ -604,13 +643,13 @@ func (u *User) getDisplayName(baseName, nameFormat string) string {
displayName := baseName
if nameFormat == SHOW_NICKNAME_FULLNAME {
- if len(u.Nickname) > 0 {
+ if u.Nickname != "" {
displayName = u.Nickname
- } else if fullName := u.GetFullName(); len(fullName) > 0 {
+ } else if fullName := u.GetFullName(); fullName != "" {
displayName = fullName
}
} else if nameFormat == SHOW_FULLNAME {
- if fullName := u.GetFullName(); len(fullName) > 0 {
+ if fullName := u.GetFullName(); fullName != "" {
displayName = fullName
}
}
@@ -691,7 +730,10 @@ func (u *User) IsSSOUser() bool {
}
func (u *User) IsOAuthUser() bool {
- return u.AuthService == USER_AUTH_SERVICE_GITLAB
+ return u.AuthService == SERVICE_GITLAB ||
+ u.AuthService == SERVICE_GOOGLE ||
+ u.AuthService == SERVICE_OFFICE365 ||
+ u.AuthService == SERVICE_OPENID
}
func (u *User) IsLDAPUser() bool {
@@ -706,6 +748,61 @@ func (u *User) GetPreferredTimezone() string {
return GetPreferredTimezone(u.Timezone)
}
+// IsRemote returns true if the user belongs to a remote cluster (has RemoteId).
+func (u *User) IsRemote() bool {
+ return u.RemoteId != nil && *u.RemoteId != ""
+}
+
+// GetRemoteID returns the remote id for this user or "" if not a remote user.
+func (u *User) GetRemoteID() string {
+ if u.RemoteId != nil {
+ return *u.RemoteId
+ }
+ return ""
+}
+
+// GetProp fetches a prop value by name.
+func (u *User) GetProp(name string) (string, bool) {
+ val, ok := u.Props[name]
+ return val, ok
+}
+
+// SetProp sets a prop value by name, creating the map if nil.
+// Not thread safe.
+func (u *User) SetProp(name string, value string) {
+ if u.Props == nil {
+ u.Props = make(map[string]string)
+ }
+ u.Props[name] = value
+}
+
+func (u *User) ToPatch() *UserPatch {
+ return &UserPatch{
+ Username: &u.Username, Password: &u.Password,
+ Nickname: &u.Nickname, FirstName: &u.FirstName, LastName: &u.LastName,
+ Position: &u.Position, Email: &u.Email,
+ Props: u.Props, NotifyProps: u.NotifyProps,
+ Locale: &u.Locale, Timezone: u.Timezone,
+ }
+}
+
+func (u *UserPatch) SetField(fieldName string, fieldValue string) {
+ switch fieldName {
+ case "FirstName":
+ u.FirstName = &fieldValue
+ case "LastName":
+ u.LastName = &fieldValue
+ case "Nickname":
+ u.Nickname = &fieldValue
+ case "Email":
+ u.Email = &fieldValue
+ case "Position":
+ u.Position = &fieldValue
+ case "Username":
+ u.Username = &fieldValue
+ }
+}
+
// UserFromJson will decode the input and return a User
func UserFromJson(data io.Reader) *User {
var user *User
@@ -758,9 +855,10 @@ func HashPassword(password string) string {
}
// ComparePassword compares the hash
+// This function is deprecated and will be removed in a future release.
func ComparePassword(hash string, password string) bool {
- if len(password) == 0 || len(hash) == 0 {
+ if password == "" || hash == "" {
return false
}
@@ -769,12 +867,13 @@ func ComparePassword(hash string, password string) bool {
}
var validUsernameChars = regexp.MustCompile(`^[a-z0-9\.\-_]+$`)
+var validUsernameCharsForRemote = regexp.MustCompile(`^[a-z0-9\.\-_:]+$`)
-var restrictedUsernames = []string{
- "all",
- "channel",
- "matterbot",
- "system",
+var restrictedUsernames = map[string]struct{}{
+ "all": {},
+ "channel": {},
+ "matterbot": {},
+ "system": {},
}
func IsValidUsername(s string) bool {
@@ -786,17 +885,25 @@ func IsValidUsername(s string) bool {
return false
}
- for _, restrictedUsername := range restrictedUsernames {
- if s == restrictedUsername {
- return false
- }
+ _, found := restrictedUsernames[s]
+ return !found
+}
+
+func IsValidUsernameAllowRemote(s string) bool {
+ if len(s) < USER_NAME_MIN_LENGTH || len(s) > USER_NAME_MAX_LENGTH {
+ return false
}
- return true
+ if !validUsernameCharsForRemote.MatchString(s) {
+ return false
+ }
+
+ _, found := restrictedUsernames[s]
+ return !found
}
-func CleanUsername(s string) string {
- s = NormalizeUsername(strings.Replace(s, " ", "-", -1))
+func CleanUsername(username string) string {
+ s := NormalizeUsername(strings.Replace(username, " ", "-", -1))
for _, value := range reservedName {
if s == value {
@@ -817,6 +924,8 @@ func CleanUsername(s string) string {
if !IsValidUsername(s) {
s = "a" + NewId()
+ mlog.Warn("Generating new username since provided username was invalid",
+ mlog.String("provided_username", username), mlog.String("new_username", s))
}
return s
@@ -858,6 +967,7 @@ func IsValidLocale(locale string) bool {
return true
}
+//msgp:ignore UserWithGroups
type UserWithGroups struct {
User
GroupIDs *string `json:"-"`
@@ -872,12 +982,13 @@ func (u *UserWithGroups) GetGroupIDs() []string {
return nil
}
trimmed := strings.TrimSpace(*u.GroupIDs)
- if len(trimmed) == 0 {
+ if trimmed == "" {
return nil
}
return strings.Split(trimmed, ",")
}
+//msgp:ignore UsersWithGroupsAndCount
type UsersWithGroupsAndCount struct {
Users []*UserWithGroups `json:"users"`
Count int64 `json:"total_count"`
@@ -889,27 +1000,3 @@ func UsersWithGroupsAndCountFromJson(data io.Reader) *UsersWithGroupsAndCount {
json.Unmarshal(bodyBytes, uwg)
return uwg
}
-
-var passwordRandomSource = rand.NewSource(time.Now().Unix())
-var passwordSpecialChars = "!$%^&*(),."
-var passwordNumbers = "0123456789"
-var passwordUpperCaseLetters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-var passwordLowerCaseLetters = "abcdefghijklmnopqrstuvwxyz"
-var passwordAllChars = passwordSpecialChars + passwordNumbers + passwordUpperCaseLetters + passwordLowerCaseLetters
-
-func GeneratePassword(minimumLength int) string {
- r := rand.New(passwordRandomSource)
-
- // Make sure we are guaranteed at least one of each type to meet any possible password complexity requirements.
- password := string([]rune(passwordUpperCaseLetters)[r.Intn(len(passwordUpperCaseLetters))]) +
- string([]rune(passwordNumbers)[r.Intn(len(passwordNumbers))]) +
- string([]rune(passwordLowerCaseLetters)[r.Intn(len(passwordLowerCaseLetters))]) +
- string([]rune(passwordSpecialChars)[r.Intn(len(passwordSpecialChars))])
-
- for len(password) < minimumLength {
- i := r.Intn(len(passwordAllChars))
- password = password + string([]rune(passwordAllChars)[i])
- }
-
- return password
-}