5
0
mirror of https://github.com/cwinfo/matterbridge.git synced 2025-01-15 01:56:29 +00:00
matterbridge/vendor/github.com/mattermost/mattermost-server/v5/model/user.go

904 lines
22 KiB
Go
Raw Normal View History

2017-08-16 21:37:37 +00:00
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
2020-08-09 22:29:54 +00:00
// See LICENSE.txt for license information.
2016-04-10 21:39:38 +00:00
package model
import (
2020-08-09 22:29:54 +00:00
"crypto/sha256"
2016-04-10 21:39:38 +00:00
"encoding/json"
"fmt"
"io"
2020-08-09 22:29:54 +00:00
"io/ioutil"
"math/rand"
2017-03-25 20:04:10 +00:00
"net/http"
2016-04-10 21:39:38 +00:00
"regexp"
2020-08-09 22:29:54 +00:00
"sort"
2016-04-10 21:39:38 +00:00
"strings"
2020-08-09 22:29:54 +00:00
"time"
2016-04-10 21:39:38 +00:00
"unicode/utf8"
2020-08-09 22:29:54 +00:00
"github.com/mattermost/mattermost-server/v5/services/timezones"
2016-04-10 21:39:38 +00:00
"golang.org/x/crypto/bcrypt"
2020-08-09 22:29:54 +00:00
"golang.org/x/text/language"
2016-04-10 21:39:38 +00:00
)
const (
2020-08-09 22:29:54 +00:00
ME = "me"
USER_NOTIFY_ALL = "all"
USER_NOTIFY_HERE = "here"
USER_NOTIFY_MENTION = "mention"
USER_NOTIFY_NONE = "none"
DESKTOP_NOTIFY_PROP = "desktop"
DESKTOP_SOUND_NOTIFY_PROP = "desktop_sound"
MARK_UNREAD_NOTIFY_PROP = "mark_unread"
PUSH_NOTIFY_PROP = "push"
PUSH_STATUS_NOTIFY_PROP = "push_status"
EMAIL_NOTIFY_PROP = "email"
CHANNEL_MENTIONS_NOTIFY_PROP = "channel"
COMMENTS_NOTIFY_PROP = "comments"
MENTION_KEYS_NOTIFY_PROP = "mention_keys"
COMMENTS_NOTIFY_NEVER = "never"
COMMENTS_NOTIFY_ROOT = "root"
COMMENTS_NOTIFY_ANY = "any"
FIRST_NAME_NOTIFY_PROP = "first_name"
AUTO_RESPONDER_ACTIVE_NOTIFY_PROP = "auto_responder_active"
AUTO_RESPONDER_MESSAGE_NOTIFY_PROP = "auto_responder_message"
2017-08-16 21:37:37 +00:00
DEFAULT_LOCALE = "en"
USER_AUTH_SERVICE_EMAIL = "email"
2017-03-25 20:04:10 +00:00
USER_EMAIL_MAX_LENGTH = 128
USER_NICKNAME_MAX_RUNES = 64
USER_POSITION_MAX_RUNES = 128
2017-03-25 20:04:10 +00:00
USER_FIRST_NAME_MAX_RUNES = 64
USER_LAST_NAME_MAX_RUNES = 64
USER_AUTH_DATA_MAX_LENGTH = 128
USER_NAME_MAX_LENGTH = 64
USER_NAME_MIN_LENGTH = 1
2017-08-16 21:37:37 +00:00
USER_PASSWORD_MAX_LENGTH = 72
2020-08-09 22:29:54 +00:00
USER_LOCALE_MAX_LENGTH = 5
2016-04-10 21:39:38 +00:00
)
type User struct {
2020-08-09 22:29:54 +00:00
Id string `json:"id"`
CreateAt int64 `json:"create_at,omitempty"`
UpdateAt int64 `json:"update_at,omitempty"`
DeleteAt int64 `json:"delete_at"`
Username string `json:"username"`
Password string `json:"password,omitempty"`
AuthData *string `json:"auth_data,omitempty"`
AuthService string `json:"auth_service"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified,omitempty"`
Nickname string `json:"nickname"`
FirstName string `json:"first_name"`
LastName string `json:"last_name"`
Position string `json:"position"`
Roles string `json:"roles"`
AllowMarketing bool `json:"allow_marketing,omitempty"`
Props StringMap `json:"props,omitempty"`
NotifyProps StringMap `json:"notify_props,omitempty"`
LastPasswordUpdate int64 `json:"last_password_update,omitempty"`
LastPictureUpdate int64 `json:"last_picture_update,omitempty"`
FailedAttempts int `json:"failed_attempts,omitempty"`
Locale string `json:"locale"`
Timezone StringMap `json:"timezone"`
MfaActive bool `json:"mfa_active,omitempty"`
MfaSecret string `json:"mfa_secret,omitempty"`
LastActivityAt int64 `db:"-" json:"last_activity_at,omitempty"`
IsBot bool `db:"-" json:"is_bot,omitempty"`
BotDescription string `db:"-" json:"bot_description,omitempty"`
BotLastIconUpdate int64 `db:"-" json:"bot_last_icon_update,omitempty"`
TermsOfServiceId string `db:"-" json:"terms_of_service_id,omitempty"`
TermsOfServiceCreateAt int64 `db:"-" json:"terms_of_service_create_at,omitempty"`
}
type UserUpdate struct {
Old *User
New *User
2016-04-10 21:39:38 +00:00
}
2017-03-25 20:04:10 +00:00
type UserPatch struct {
2017-08-16 21:37:37 +00:00
Username *string `json:"username"`
2020-08-09 22:29:54 +00:00
Password *string `json:"password,omitempty"`
2017-08-16 21:37:37 +00:00
Nickname *string `json:"nickname"`
FirstName *string `json:"first_name"`
LastName *string `json:"last_name"`
Position *string `json:"position"`
Email *string `json:"email"`
Props StringMap `json:"props,omitempty"`
NotifyProps StringMap `json:"notify_props,omitempty"`
Locale *string `json:"locale"`
Timezone StringMap `json:"timezone"`
2017-03-25 20:04:10 +00:00
}
2018-02-08 23:11:04 +00:00
type UserAuth struct {
Password string `json:"password,omitempty"`
AuthData *string `json:"auth_data,omitempty"`
AuthService string `json:"auth_service,omitempty"`
}
2020-08-09 22:29:54 +00:00
type UserForIndexing struct {
Id string `json:"id"`
Username string `json:"username"`
Nickname string `json:"nickname"`
FirstName string `json:"first_name"`
LastName string `json:"last_name"`
CreateAt int64 `json:"create_at"`
DeleteAt int64 `json:"delete_at"`
TeamsIds []string `json:"team_id"`
ChannelsIds []string `json:"channel_id"`
}
type ViewUsersRestrictions struct {
Teams []string
Channels []string
}
func (r *ViewUsersRestrictions) Hash() string {
if r == nil {
return ""
}
ids := append(r.Teams, r.Channels...)
sort.Strings(ids)
hash := sha256.New()
hash.Write([]byte(strings.Join(ids, "")))
return fmt.Sprintf("%x", hash.Sum(nil))
}
type UserSlice []*User
func (u UserSlice) Usernames() []string {
usernames := []string{}
for _, user := range u {
usernames = append(usernames, user.Username)
}
sort.Strings(usernames)
return usernames
}
func (u UserSlice) IDs() []string {
ids := []string{}
for _, user := range u {
ids = append(ids, user.Id)
}
return ids
}
func (u UserSlice) FilterWithoutBots() UserSlice {
var matches []*User
for _, user := range u {
if !user.IsBot {
matches = append(matches, user)
}
}
return UserSlice(matches)
}
func (u UserSlice) FilterByActive(active bool) UserSlice {
var matches []*User
for _, user := range u {
if user.DeleteAt == 0 && active {
matches = append(matches, user)
} else if user.DeleteAt != 0 && !active {
matches = append(matches, user)
}
}
return UserSlice(matches)
}
func (u UserSlice) FilterByID(ids []string) UserSlice {
var matches []*User
for _, user := range u {
for _, id := range ids {
if id == user.Id {
matches = append(matches, user)
}
}
}
return UserSlice(matches)
}
func (u UserSlice) FilterWithoutID(ids []string) UserSlice {
var keep []*User
for _, user := range u {
present := false
for _, id := range ids {
if id == user.Id {
present = true
}
}
if !present {
keep = append(keep, user)
}
}
return UserSlice(keep)
}
func (u *User) DeepCopy() *User {
copyUser := *u
if u.AuthData != nil {
copyUser.AuthData = NewString(*u.AuthData)
}
if u.Props != nil {
copyUser.Props = CopyStringMap(u.Props)
}
if u.NotifyProps != nil {
copyUser.NotifyProps = CopyStringMap(u.NotifyProps)
}
if u.Timezone != nil {
copyUser.Timezone = CopyStringMap(u.Timezone)
}
return &copyUser
}
2016-04-10 21:39:38 +00:00
// IsValid validates the user and returns an error if it isn't configured
// correctly.
func (u *User) IsValid() *AppError {
2020-08-09 22:29:54 +00:00
if !IsValidId(u.Id) {
2017-08-16 21:37:37 +00:00
return InvalidUserError("id", "")
2016-04-10 21:39:38 +00:00
}
if u.CreateAt == 0 {
2017-08-16 21:37:37 +00:00
return InvalidUserError("create_at", u.Id)
2016-04-10 21:39:38 +00:00
}
if u.UpdateAt == 0 {
2017-08-16 21:37:37 +00:00
return InvalidUserError("update_at", u.Id)
2016-04-10 21:39:38 +00:00
}
if !IsValidUsername(u.Username) {
2017-08-16 21:37:37 +00:00
return InvalidUserError("username", u.Id)
2016-04-10 21:39:38 +00:00
}
if len(u.Email) > USER_EMAIL_MAX_LENGTH || len(u.Email) == 0 || !IsValidEmail(u.Email) {
2017-08-16 21:37:37 +00:00
return InvalidUserError("email", u.Id)
2016-04-10 21:39:38 +00:00
}
2017-03-25 20:04:10 +00:00
if utf8.RuneCountInString(u.Nickname) > USER_NICKNAME_MAX_RUNES {
2017-08-16 21:37:37 +00:00
return InvalidUserError("nickname", u.Id)
2016-04-10 21:39:38 +00:00
}
2017-03-25 20:04:10 +00:00
if utf8.RuneCountInString(u.Position) > USER_POSITION_MAX_RUNES {
2017-08-16 21:37:37 +00:00
return InvalidUserError("position", u.Id)
2017-01-16 22:59:50 +00:00
}
2017-03-25 20:04:10 +00:00
if utf8.RuneCountInString(u.FirstName) > USER_FIRST_NAME_MAX_RUNES {
2017-08-16 21:37:37 +00:00
return InvalidUserError("first_name", u.Id)
2016-04-10 21:39:38 +00:00
}
2017-03-25 20:04:10 +00:00
if utf8.RuneCountInString(u.LastName) > USER_LAST_NAME_MAX_RUNES {
2017-08-16 21:37:37 +00:00
return InvalidUserError("last_name", u.Id)
2016-04-10 21:39:38 +00:00
}
2017-03-25 20:04:10 +00:00
if u.AuthData != nil && len(*u.AuthData) > USER_AUTH_DATA_MAX_LENGTH {
2017-08-16 21:37:37 +00:00
return InvalidUserError("auth_data", u.Id)
2016-04-10 21:39:38 +00:00
}
2016-05-15 21:02:30 +00:00
if u.AuthData != nil && len(*u.AuthData) > 0 && len(u.AuthService) == 0 {
2017-08-16 21:37:37 +00:00
return InvalidUserError("auth_data_type", u.Id)
2016-04-10 21:39:38 +00:00
}
2016-05-15 21:02:30 +00:00
if len(u.Password) > 0 && u.AuthData != nil && len(*u.AuthData) > 0 {
2017-08-16 21:37:37 +00:00
return InvalidUserError("auth_data_pwd", u.Id)
}
if len(u.Password) > USER_PASSWORD_MAX_LENGTH {
return InvalidUserError("password_limit", u.Id)
2016-04-10 21:39:38 +00:00
}
2020-08-09 22:29:54 +00:00
if !IsValidLocale(u.Locale) {
return InvalidUserError("locale", u.Id)
}
2016-04-10 21:39:38 +00:00
return nil
}
2017-08-16 21:37:37 +00:00
func InvalidUserError(fieldName string, userId string) *AppError {
id := fmt.Sprintf("model.user.is_valid.%s.app_error", fieldName)
details := ""
if userId != "" {
details = "user_id=" + userId
}
return NewAppError("User.IsValid", id, nil, details, http.StatusBadRequest)
}
func NormalizeUsername(username string) string {
return strings.ToLower(username)
}
func NormalizeEmail(email string) string {
return strings.ToLower(email)
}
2016-04-10 21:39:38 +00:00
// PreSave will set the Id and Username if missing. It will also fill
// in the CreateAt, UpdateAt times. It will also hash the password. It should
// be run before saving the user to the db.
func (u *User) PreSave() {
if u.Id == "" {
u.Id = NewId()
}
if u.Username == "" {
2017-08-16 21:37:37 +00:00
u.Username = NewId()
2016-04-10 21:39:38 +00:00
}
2016-05-15 21:02:30 +00:00
if u.AuthData != nil && *u.AuthData == "" {
u.AuthData = nil
}
2020-08-09 22:29:54 +00:00
u.Username = SanitizeUnicode(u.Username)
u.FirstName = SanitizeUnicode(u.FirstName)
u.LastName = SanitizeUnicode(u.LastName)
u.Nickname = SanitizeUnicode(u.Nickname)
u.Username = NormalizeUsername(u.Username)
u.Email = NormalizeEmail(u.Email)
2016-04-10 21:39:38 +00:00
u.CreateAt = GetMillis()
u.UpdateAt = u.CreateAt
u.LastPasswordUpdate = u.CreateAt
2016-05-15 21:02:30 +00:00
u.MfaActive = false
2016-04-10 21:39:38 +00:00
if u.Locale == "" {
u.Locale = DEFAULT_LOCALE
}
if u.Props == nil {
u.Props = make(map[string]string)
}
if u.NotifyProps == nil || len(u.NotifyProps) == 0 {
u.SetDefaultNotifications()
}
if u.Timezone == nil {
2020-08-09 22:29:54 +00:00
u.Timezone = timezones.DefaultUserTimezone()
}
2016-04-10 21:39:38 +00:00
if len(u.Password) > 0 {
u.Password = HashPassword(u.Password)
}
}
// PreUpdate should be run before updating the user in the db.
func (u *User) PreUpdate() {
2020-08-09 22:29:54 +00:00
u.Username = SanitizeUnicode(u.Username)
u.FirstName = SanitizeUnicode(u.FirstName)
u.LastName = SanitizeUnicode(u.LastName)
u.Nickname = SanitizeUnicode(u.Nickname)
u.BotDescription = SanitizeUnicode(u.BotDescription)
u.Username = NormalizeUsername(u.Username)
u.Email = NormalizeEmail(u.Email)
2016-04-10 21:39:38 +00:00
u.UpdateAt = GetMillis()
2020-08-09 22:29:54 +00:00
u.FirstName = SanitizeUnicode(u.FirstName)
u.LastName = SanitizeUnicode(u.LastName)
u.Nickname = SanitizeUnicode(u.Nickname)
u.BotDescription = SanitizeUnicode(u.BotDescription)
2016-05-15 21:02:30 +00:00
if u.AuthData != nil && *u.AuthData == "" {
u.AuthData = nil
}
2016-04-10 21:39:38 +00:00
if u.NotifyProps == nil || len(u.NotifyProps) == 0 {
u.SetDefaultNotifications()
2020-08-09 22:29:54 +00:00
} else if _, ok := u.NotifyProps[MENTION_KEYS_NOTIFY_PROP]; ok {
2016-04-10 21:39:38 +00:00
// Remove any blank mention keys
2020-08-09 22:29:54 +00:00
splitKeys := strings.Split(u.NotifyProps[MENTION_KEYS_NOTIFY_PROP], ",")
2016-04-10 21:39:38 +00:00
goodKeys := []string{}
for _, key := range splitKeys {
if len(key) > 0 {
goodKeys = append(goodKeys, strings.ToLower(key))
}
}
2020-08-09 22:29:54 +00:00
u.NotifyProps[MENTION_KEYS_NOTIFY_PROP] = strings.Join(goodKeys, ",")
2016-04-10 21:39:38 +00:00
}
}
func (u *User) SetDefaultNotifications() {
u.NotifyProps = make(map[string]string)
2020-08-09 22:29:54 +00:00
u.NotifyProps[EMAIL_NOTIFY_PROP] = "true"
u.NotifyProps[PUSH_NOTIFY_PROP] = USER_NOTIFY_MENTION
u.NotifyProps[DESKTOP_NOTIFY_PROP] = USER_NOTIFY_MENTION
u.NotifyProps[DESKTOP_SOUND_NOTIFY_PROP] = "true"
u.NotifyProps[MENTION_KEYS_NOTIFY_PROP] = ""
u.NotifyProps[CHANNEL_MENTIONS_NOTIFY_PROP] = "true"
u.NotifyProps[PUSH_STATUS_NOTIFY_PROP] = STATUS_AWAY
u.NotifyProps[COMMENTS_NOTIFY_PROP] = COMMENTS_NOTIFY_NEVER
u.NotifyProps[FIRST_NAME_NOTIFY_PROP] = "false"
}
func (u *User) UpdateMentionKeysFromUsername(oldUsername string) {
2016-05-15 21:02:30 +00:00
nonUsernameKeys := []string{}
2020-08-09 22:29:54 +00:00
for _, key := range u.GetMentionKeys() {
2016-05-15 21:02:30 +00:00
if key != oldUsername && key != "@"+oldUsername {
nonUsernameKeys = append(nonUsernameKeys, key)
}
}
2020-08-09 22:29:54 +00:00
u.NotifyProps[MENTION_KEYS_NOTIFY_PROP] = ""
2016-05-15 21:02:30 +00:00
if len(nonUsernameKeys) > 0 {
2020-08-09 22:29:54 +00:00
u.NotifyProps[MENTION_KEYS_NOTIFY_PROP] += "," + strings.Join(nonUsernameKeys, ",")
2016-04-10 21:39:38 +00:00
}
}
2020-08-09 22:29:54 +00:00
func (u *User) GetMentionKeys() []string {
var keys []string
for _, key := range strings.Split(u.NotifyProps[MENTION_KEYS_NOTIFY_PROP], ",") {
trimmedKey := strings.TrimSpace(key)
if trimmedKey == "" {
continue
}
keys = append(keys, trimmedKey)
}
return keys
}
2017-03-25 20:04:10 +00:00
func (u *User) Patch(patch *UserPatch) {
if patch.Username != nil {
u.Username = *patch.Username
}
if patch.Nickname != nil {
u.Nickname = *patch.Nickname
}
if patch.FirstName != nil {
u.FirstName = *patch.FirstName
}
if patch.LastName != nil {
u.LastName = *patch.LastName
}
if patch.Position != nil {
u.Position = *patch.Position
}
if patch.Email != nil {
u.Email = *patch.Email
}
if patch.Props != nil {
2017-08-16 21:37:37 +00:00
u.Props = patch.Props
2017-03-25 20:04:10 +00:00
}
if patch.NotifyProps != nil {
2017-08-16 21:37:37 +00:00
u.NotifyProps = patch.NotifyProps
2017-03-25 20:04:10 +00:00
}
if patch.Locale != nil {
u.Locale = *patch.Locale
}
if patch.Timezone != nil {
u.Timezone = patch.Timezone
}
2017-03-25 20:04:10 +00:00
}
2016-04-10 21:39:38 +00:00
// ToJson convert a User to a json string
func (u *User) ToJson() string {
b, _ := json.Marshal(u)
return string(b)
2016-04-10 21:39:38 +00:00
}
2017-03-25 20:04:10 +00:00
func (u *UserPatch) ToJson() string {
b, _ := json.Marshal(u)
return string(b)
2017-03-25 20:04:10 +00:00
}
2018-02-08 23:11:04 +00:00
func (u *UserAuth) ToJson() string {
b, _ := json.Marshal(u)
return string(b)
2018-02-08 23:11:04 +00:00
}
2016-04-10 21:39:38 +00:00
// Generate a valid strong etag so the browser can cache the results
2016-07-22 21:14:13 +00:00
func (u *User) Etag(showFullName, showEmail bool) string {
2020-08-09 22:29:54 +00:00
return Etag(u.Id, u.UpdateAt, u.TermsOfServiceId, u.TermsOfServiceCreateAt, showFullName, showEmail, u.BotLastIconUpdate)
2016-04-10 21:39:38 +00:00
}
// Remove any private data from the user object
func (u *User) Sanitize(options map[string]bool) {
u.Password = ""
2018-02-08 23:11:04 +00:00
u.AuthData = NewString("")
2016-05-15 21:02:30 +00:00
u.MfaSecret = ""
2016-04-10 21:39:38 +00:00
if len(options) != 0 && !options["email"] {
u.Email = ""
}
if len(options) != 0 && !options["fullname"] {
u.FirstName = ""
u.LastName = ""
}
if len(options) != 0 && !options["passwordupdate"] {
u.LastPasswordUpdate = 0
}
2016-11-12 21:00:53 +00:00
if len(options) != 0 && !options["authservice"] {
u.AuthService = ""
}
2016-04-10 21:39:38 +00:00
}
2020-08-09 22:29:54 +00:00
// Remove any input data from the user object that is not user controlled
func (u *User) SanitizeInput(isAdmin bool) {
if !isAdmin {
u.AuthData = NewString("")
u.AuthService = ""
}
u.LastPasswordUpdate = 0
u.LastPictureUpdate = 0
u.FailedAttempts = 0
u.EmailVerified = false
u.MfaActive = false
u.MfaSecret = ""
}
2016-04-10 21:39:38 +00:00
func (u *User) ClearNonProfileFields() {
u.Password = ""
2018-02-08 23:11:04 +00:00
u.AuthData = NewString("")
2016-05-15 21:02:30 +00:00
u.MfaSecret = ""
2016-04-10 21:39:38 +00:00
u.EmailVerified = false
u.AllowMarketing = false
u.NotifyProps = StringMap{}
u.LastPasswordUpdate = 0
u.FailedAttempts = 0
}
2016-09-17 13:19:18 +00:00
func (u *User) SanitizeProfile(options map[string]bool) {
u.ClearNonProfileFields()
u.Sanitize(options)
}
2016-04-10 21:39:38 +00:00
func (u *User) MakeNonNil() {
if u.Props == nil {
u.Props = make(map[string]string)
}
if u.NotifyProps == nil {
u.NotifyProps = make(map[string]string)
}
}
func (u *User) AddNotifyProp(key string, value string) {
u.MakeNonNil()
u.NotifyProps[key] = value
}
func (u *User) GetFullName() string {
if len(u.FirstName) > 0 && len(u.LastName) > 0 {
2016-04-10 21:39:38 +00:00
return u.FirstName + " " + u.LastName
} else if len(u.FirstName) > 0 {
2016-04-10 21:39:38 +00:00
return u.FirstName
} else if len(u.LastName) > 0 {
2016-04-10 21:39:38 +00:00
return u.LastName
} else {
return ""
}
}
2020-08-09 22:29:54 +00:00
func (u *User) getDisplayName(baseName, nameFormat string) string {
displayName := baseName
2016-09-17 13:19:18 +00:00
2017-08-16 21:37:37 +00:00
if nameFormat == SHOW_NICKNAME_FULLNAME {
if len(u.Nickname) > 0 {
2016-09-17 13:19:18 +00:00
displayName = u.Nickname
} else if fullName := u.GetFullName(); len(fullName) > 0 {
2016-09-17 13:19:18 +00:00
displayName = fullName
}
2017-08-16 21:37:37 +00:00
} else if nameFormat == SHOW_FULLNAME {
if fullName := u.GetFullName(); len(fullName) > 0 {
2016-09-17 13:19:18 +00:00
displayName = fullName
}
}
return displayName
}
2020-08-09 22:29:54 +00:00
func (u *User) GetDisplayName(nameFormat string) string {
displayName := u.Username
return u.getDisplayName(displayName, nameFormat)
}
func (u *User) GetDisplayNameWithPrefix(nameFormat, prefix string) string {
displayName := prefix + u.Username
return u.getDisplayName(displayName, nameFormat)
}
2016-11-12 21:00:53 +00:00
func (u *User) GetRoles() []string {
return strings.Fields(u.Roles)
}
func (u *User) GetRawRoles() string {
return u.Roles
}
2016-05-15 21:02:30 +00:00
func IsValidUserRoles(userRoles string) bool {
2016-04-10 21:39:38 +00:00
2016-11-12 21:00:53 +00:00
roles := strings.Fields(userRoles)
2016-04-10 21:39:38 +00:00
for _, r := range roles {
if !IsValidRoleName(r) {
2016-04-10 21:39:38 +00:00
return false
}
}
2016-11-12 21:00:53 +00:00
// Exclude just the system_admin role explicitly to prevent mistakes
if len(roles) == 1 && roles[0] == "system_admin" {
return false
2016-04-10 21:39:38 +00:00
}
2016-11-12 21:00:53 +00:00
return true
}
2016-04-10 21:39:38 +00:00
2020-08-09 22:29:54 +00:00
// Make sure you acually want to use this function. In context.go there are functions to check permissions
// This function should not be used to check permissions.
func (u *User) IsGuest() bool {
return IsInRole(u.Roles, SYSTEM_GUEST_ROLE_ID)
}
func (u *User) IsSystemAdmin() bool {
return IsInRole(u.Roles, SYSTEM_ADMIN_ROLE_ID)
}
2016-07-22 21:14:13 +00:00
// Make sure you acually want to use this function. In context.go there are functions to check permissions
2016-04-10 21:39:38 +00:00
// This function should not be used to check permissions.
func (u *User) IsInRole(inRole string) bool {
return IsInRole(u.Roles, inRole)
}
2016-07-22 21:14:13 +00:00
// Make sure you acually want to use this function. In context.go there are functions to check permissions
2016-04-10 21:39:38 +00:00
// This function should not be used to check permissions.
func IsInRole(userRoles string, inRole string) bool {
roles := strings.Split(userRoles, " ")
for _, r := range roles {
if r == inRole {
return true
}
}
return false
}
2017-03-25 20:04:10 +00:00
func (u *User) IsSSOUser() bool {
2017-08-16 21:37:37 +00:00
return u.AuthService != "" && u.AuthService != USER_AUTH_SERVICE_EMAIL
2017-03-25 20:04:10 +00:00
}
2016-05-15 21:02:30 +00:00
func (u *User) IsOAuthUser() bool {
2017-08-16 21:37:37 +00:00
return u.AuthService == USER_AUTH_SERVICE_GITLAB
2016-05-15 21:02:30 +00:00
}
func (u *User) IsLDAPUser() bool {
2017-08-16 21:37:37 +00:00
return u.AuthService == USER_AUTH_SERVICE_LDAP
}
func (u *User) IsSAMLUser() bool {
return u.AuthService == USER_AUTH_SERVICE_SAML
2016-04-10 21:39:38 +00:00
}
func (u *User) GetPreferredTimezone() string {
2020-08-09 22:29:54 +00:00
return GetPreferredTimezone(u.Timezone)
}
2016-04-10 21:39:38 +00:00
// UserFromJson will decode the input and return a User
func UserFromJson(data io.Reader) *User {
var user *User
json.NewDecoder(data).Decode(&user)
return user
2016-04-10 21:39:38 +00:00
}
2017-03-25 20:04:10 +00:00
func UserPatchFromJson(data io.Reader) *UserPatch {
var user *UserPatch
json.NewDecoder(data).Decode(&user)
return user
2017-03-25 20:04:10 +00:00
}
2018-02-08 23:11:04 +00:00
func UserAuthFromJson(data io.Reader) *UserAuth {
var user *UserAuth
json.NewDecoder(data).Decode(&user)
return user
2018-02-08 23:11:04 +00:00
}
2016-04-10 21:39:38 +00:00
func UserMapToJson(u map[string]*User) string {
b, _ := json.Marshal(u)
return string(b)
2016-04-10 21:39:38 +00:00
}
func UserMapFromJson(data io.Reader) map[string]*User {
var users map[string]*User
json.NewDecoder(data).Decode(&users)
return users
2016-04-10 21:39:38 +00:00
}
2016-11-12 21:00:53 +00:00
func UserListToJson(u []*User) string {
b, _ := json.Marshal(u)
return string(b)
2016-11-12 21:00:53 +00:00
}
func UserListFromJson(data io.Reader) []*User {
var users []*User
json.NewDecoder(data).Decode(&users)
return users
2016-11-12 21:00:53 +00:00
}
2016-04-10 21:39:38 +00:00
// HashPassword generates a hash using the bcrypt.GenerateFromPassword
func HashPassword(password string) string {
hash, err := bcrypt.GenerateFromPassword([]byte(password), 10)
if err != nil {
panic(err)
}
return string(hash)
}
// ComparePassword compares the hash
func ComparePassword(hash string, password string) bool {
2016-05-15 21:02:30 +00:00
if len(password) == 0 || len(hash) == 0 {
2016-04-10 21:39:38 +00:00
return false
}
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
}
var validUsernameChars = regexp.MustCompile(`^[a-z0-9\.\-_]+$`)
var restrictedUsernames = []string{
"all",
"channel",
2016-08-15 16:47:31 +00:00
"matterbot",
"system",
2016-04-10 21:39:38 +00:00
}
func IsValidUsername(s string) bool {
2017-03-25 20:04:10 +00:00
if len(s) < USER_NAME_MIN_LENGTH || len(s) > USER_NAME_MAX_LENGTH {
2016-04-10 21:39:38 +00:00
return false
}
if !validUsernameChars.MatchString(s) {
return false
}
for _, restrictedUsername := range restrictedUsernames {
if s == restrictedUsername {
return false
}
}
return true
}
func CleanUsername(s string) string {
s = NormalizeUsername(strings.Replace(s, " ", "-", -1))
2016-04-10 21:39:38 +00:00
for _, value := range reservedName {
if s == value {
s = strings.Replace(s, value, "", -1)
}
}
s = strings.TrimSpace(s)
for _, c := range s {
char := fmt.Sprintf("%c", c)
if !validUsernameChars.MatchString(char) {
s = strings.Replace(s, char, "-", -1)
}
}
s = strings.Trim(s, "-")
if !IsValidUsername(s) {
s = "a" + NewId()
}
return s
}
2017-08-16 21:37:37 +00:00
func IsValidUserNotifyLevel(notifyLevel string) bool {
return notifyLevel == CHANNEL_NOTIFY_ALL ||
notifyLevel == CHANNEL_NOTIFY_MENTION ||
notifyLevel == CHANNEL_NOTIFY_NONE
}
func IsValidPushStatusNotifyLevel(notifyLevel string) bool {
return notifyLevel == STATUS_ONLINE ||
notifyLevel == STATUS_AWAY ||
notifyLevel == STATUS_OFFLINE
}
func IsValidCommentsNotifyLevel(notifyLevel string) bool {
return notifyLevel == COMMENTS_NOTIFY_ANY ||
notifyLevel == COMMENTS_NOTIFY_ROOT ||
notifyLevel == COMMENTS_NOTIFY_NEVER
}
2020-08-09 22:29:54 +00:00
func IsValidEmailBatchingInterval(emailInterval string) bool {
return emailInterval == PREFERENCE_EMAIL_INTERVAL_IMMEDIATELY ||
emailInterval == PREFERENCE_EMAIL_INTERVAL_FIFTEEN ||
emailInterval == PREFERENCE_EMAIL_INTERVAL_HOUR
}
func IsValidLocale(locale string) bool {
if locale != "" {
if len(locale) > USER_LOCALE_MAX_LENGTH {
return false
} else if _, err := language.Parse(locale); err != nil {
return false
}
}
return true
}
type UserWithGroups struct {
User
GroupIDs *string `json:"-"`
Groups []*Group `json:"groups"`
SchemeGuest bool `json:"scheme_guest"`
SchemeUser bool `json:"scheme_user"`
SchemeAdmin bool `json:"scheme_admin"`
}
func (u *UserWithGroups) GetGroupIDs() []string {
if u.GroupIDs == nil {
return nil
}
trimmed := strings.TrimSpace(*u.GroupIDs)
if len(trimmed) == 0 {
return nil
}
return strings.Split(trimmed, ",")
}
type UsersWithGroupsAndCount struct {
Users []*UserWithGroups `json:"users"`
Count int64 `json:"total_count"`
}
func UsersWithGroupsAndCountFromJson(data io.Reader) *UsersWithGroupsAndCount {
uwg := &UsersWithGroupsAndCount{}
bodyBytes, _ := ioutil.ReadAll(data)
json.Unmarshal(bodyBytes, uwg)
return uwg
}
var passwordRandomSource = rand.NewSource(time.Now().Unix())
var passwordSpecialChars = "!$%^&*(),."
var passwordNumbers = "0123456789"
var passwordUpperCaseLetters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
var passwordLowerCaseLetters = "abcdefghijklmnopqrstuvwxyz"
var passwordAllChars = passwordSpecialChars + passwordNumbers + passwordUpperCaseLetters + passwordLowerCaseLetters
func GeneratePassword(minimumLength int) string {
r := rand.New(passwordRandomSource)
// Make sure we are guaranteed at least one of each type to meet any possible password complexity requirements.
password := string([]rune(passwordUpperCaseLetters)[r.Intn(len(passwordUpperCaseLetters))]) +
string([]rune(passwordNumbers)[r.Intn(len(passwordNumbers))]) +
string([]rune(passwordLowerCaseLetters)[r.Intn(len(passwordLowerCaseLetters))]) +
string([]rune(passwordSpecialChars)[r.Intn(len(passwordSpecialChars))])
for len(password) < minimumLength {
i := r.Intn(len(passwordAllChars))
password = password + string([]rune(passwordAllChars)[i])
}
return password
}