Commit ad0e4dac authored by James Addison's avatar James Addison
Browse files

Merge remote-tracking branch 'upstream/release-5.35' into collabora-5.35

parents 66d5d774 9b2d042e
Pipeline #26895 passed with stage
in 9 minutes and 12 seconds
......@@ -890,6 +890,19 @@ func (a *App) getAddAuthenticationSubsectionPermissions() (permissionsMap, error
return transformations, nil
}
// This migration fixes https://github.com/mattermost/mattermost-server/issues/17642 where this particular ancillary permission was forgotten during the initial migrations
func (a *App) getAddTestEmailAncillaryPermission() (permissionsMap, error) {
transformations := []permissionTransformation{}
// Give these ancillary permissions to anyone with WRITE_ENVIRONMENT_SMTP
transformations = append(transformations, permissionTransformation{
On: permissionExists(model.PERMISSION_SYSCONSOLE_WRITE_ENVIRONMENT_SMTP.Id),
Add: []string{model.PERMISSION_TEST_EMAIL.Id},
})
return transformations, nil
}
// DoPermissionsMigrations execute all the permissions migrations need by the current version.
func (a *App) DoPermissionsMigrations() error {
PermissionsMigrations := []struct {
......@@ -922,6 +935,7 @@ func (a *App) DoPermissionsMigrations() error {
{Key: model.MIGRATION_KEY_ADD_ENVIRONMENT_SUBSECTION_PERMISSIONS, Migration: a.getAddEnvironmentSubsectionPermissions},
{Key: model.MIGRATION_KEY_ADD_ABOUT_SUBSECTION_PERMISSIONS, Migration: a.getAddAboutSubsectionPermissions},
{Key: model.MIGRATION_KEY_ADD_REPORTING_SUBSECTION_PERMISSIONS, Migration: a.getAddReportingSubsectionPermissions},
{Key: model.MIGRATION_KEY_ADD_TEST_EMAIL_ANCILLARY_PERMISSION, Migration: a.getAddTestEmailAncillaryPermission},
}
roles, err := a.GetAllRoles()
......
......@@ -32,6 +32,7 @@ const (
MIGRATION_KEY_ADD_SITE_SUBSECTION_PERMISSIONS = "site_subsection_permissions"
MIGRATION_KEY_ADD_ENVIRONMENT_SUBSECTION_PERMISSIONS = "environment_subsection_permissions"
MIGRATION_KEY_ADD_REPORTING_SUBSECTION_PERMISSIONS = "reporting_subsection_permissions"
MIGRATION_KEY_ADD_TEST_EMAIL_ANCILLARY_PERMISSION = "test_email_ancillary_permission"
MIGRATION_KEY_ADD_ABOUT_SUBSECTION_PERMISSIONS = "about_subsection_permissions"
MIGRATION_KEY_ADD_INTEGRATIONS_SUBSECTION_PERMISSIONS = "integrations_subsection_permissions"
)
......@@ -13,6 +13,10 @@ import (
// It should be maintained in chronological order with most current
// release at the front of the list.
var versions = []string{
"5.35.4",
"5.35.3",
"5.35.2",
"5.35.1",
"5.35.0",
"5.34.0",
"5.33.0",
......
......@@ -105,6 +105,14 @@ func TestExtract(t *testing.T) {
[]string{},
false,
},
{
"Odt file",
"sample-doc.odt",
ExtractSettings{},
[]string{"simple", "document", "contains"},
[]string{},
false,
},
{
"Pptx file",
"sample-doc.pptx",
......
......@@ -5,10 +5,7 @@ package docextractor
import (
"errors"
"fmt"
"io"
"io/ioutil"
"os"
"path"
"strings"
......@@ -41,19 +38,7 @@ func (de *documentExtractor) Extract(filename string, r io.ReadSeeker) (string,
return "", errors.New("unknown converter")
}
f, err := ioutil.TempFile(os.TempDir(), "docconv")
if err != nil {
return "", fmt.Errorf("error creating temporary file: %v", err)
}
defer f.Close()
defer os.Remove(f.Name())
_, err = io.Copy(f, r)
if err != nil {
return "", fmt.Errorf("error copying data into temporary file: %v", err)
}
text, _, err := converter(f)
text, _, err := converter(r)
if err != nil {
return "", err
}
......
......@@ -5,6 +5,7 @@ package docextractor
import (
"bytes"
"errors"
"fmt"
"io"
"io/ioutil"
......@@ -25,7 +26,13 @@ func (pe *pdfExtractor) Match(filename string) bool {
return supportedExtensions[extension]
}
func (pe *pdfExtractor) Extract(filename string, r io.ReadSeeker) (string, error) {
func (pe *pdfExtractor) Extract(filename string, r io.ReadSeeker) (out string, outErr error) {
defer func() {
if r := recover(); r != nil {
out = ""
outErr = errors.New("error extracting pdf text")
}
}()
f, err := ioutil.TempFile(os.TempDir(), "pdflib")
if err != nil {
return "", fmt.Errorf("error creating temporary file: %v", err)
......
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See LICENSE.txt for license information.
package docextractor
import (
"bytes"
"testing"
"github.com/mattermost/mattermost-server/v5/utils/testutils"
"github.com/stretchr/testify/require"
)
func TestPdfEmptyFile(t *testing.T) {
extractor := pdfExtractor{}
_, err := extractor.Extract("test.pdf", bytes.NewReader([]byte{}))
require.Error(t, err)
}
func TestPdfFile(t *testing.T) {
extractor := pdfExtractor{}
contentText := "This is a simple document that contains some text."
content, err := testutils.ReadTestFile("sample-doc.pdf")
require.NoError(t, err)
extractedText, err := extractor.Extract("sample-doc.pdf", bytes.NewReader(content))
require.NoError(t, err)
require.Equal(t, contentText, extractedText)
}
func TestWrongPdfFile(t *testing.T) {
extractor := pdfExtractor{}
content, err := testutils.ReadTestFile("sample-doc.docx")
require.NoError(t, err)
_, err = extractor.Extract("sample-doc.pdf", bytes.NewReader(content))
require.Error(t, err)
}
......@@ -1446,6 +1446,10 @@ func (ss *SqlStore) appendMultipleStatementsFlag(dataSource string) (string, err
return "", err
}
if config.Params == nil {
config.Params = map[string]string{}
}
config.Params["multiStatements"] = "true"
return config.FormatDSN(), nil
}
......
......@@ -637,7 +637,6 @@ func TestAppendMultipleStatementsFlagMysql(t *testing.T) {
for _, tc := range testCases {
t.Run(tc.Scenario, func(t *testing.T) {
t.Parallel()
store := &SqlStore{settings: &model.SqlSettings{DriverName: &tc.Driver, DataSource: &tc.DSN}}
res, err := store.appendMultipleStatementsFlag(*store.settings.DataSource)
require.NoError(t, err)
......
......@@ -221,9 +221,23 @@ func saveSchemaVersion(sqlStore *SqlStore, version string) {
}
func shouldPerformUpgrade(sqlStore *SqlStore, currentSchemaVersion string, expectedSchemaVersion string) bool {
if sqlStore.GetCurrentSchemaVersion() == currentSchemaVersion {
mlog.Warn("Attempting to upgrade the database schema version", mlog.String("current_version", currentSchemaVersion), mlog.String("new_version", expectedSchemaVersion))
storedSchemaVersion := sqlStore.GetCurrentSchemaVersion()
storedVersion, err := semver.Parse(storedSchemaVersion)
if err != nil {
mlog.Error("Error parsing stored schema version", mlog.Err(err))
return false
}
currentVersion, err := semver.Parse(currentSchemaVersion)
if err != nil {
mlog.Error("Error parsing current schema version", mlog.Err(err))
return false
}
if storedVersion.Major == currentVersion.Major && storedVersion.Minor == currentVersion.Minor {
mlog.Warn("Attempting to upgrade the database schema version",
mlog.String("stored_version", storedSchemaVersion), mlog.String("current_version", currentSchemaVersion), mlog.String("new_version", expectedSchemaVersion))
return true
}
......
......@@ -11,6 +11,16 @@ import (
"github.com/mattermost/mattermost-server/v5/store"
)
func TestStoreUpgradeDotRelease(t *testing.T) {
StoreTest(t, func(t *testing.T, ss store.Store) {
sqlStore := ss.(*SqlStore)
saveSchemaVersion(sqlStore, "5.33.1")
err := upgradeDatabase(sqlStore, CurrentSchemaVersion)
require.NoError(t, err)
require.Equal(t, CurrentSchemaVersion, sqlStore.GetCurrentSchemaVersion())
})
}
func TestStoreUpgrade(t *testing.T) {
StoreTest(t, func(t *testing.T, ss store.Store) {
sqlStore := ss.(*SqlStore)
......
......@@ -57,6 +57,7 @@ func GetMockStoreForSetupFunctions() *mocks.Store {
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_COMPLIANCE_SUBSECTION_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_EXPERIMENTAL_SUBSECTION_PERMISSIONS, Value: "true"}, nil)
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_ENVIRONMENT_SUBSECTION_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_ENVIRONMENT_SUBSECTION_PERMISSIONS, Value: "true"}, nil)
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_REPORTING_SUBSECTION_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_REPORTING_SUBSECTION_PERMISSIONS, Value: "true"}, nil)
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_TEST_EMAIL_ANCILLARY_PERMISSION).Return(&model.System{Name: model.MIGRATION_KEY_ADD_TEST_EMAIL_ANCILLARY_PERMISSION, Value: "true"}, nil)
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_ABOUT_SUBSECTION_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_ABOUT_SUBSECTION_PERMISSIONS, Value: "true"}, nil)
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_INTEGRATIONS_SUBSECTION_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_INTEGRATIONS_SUBSECTION_PERMISSIONS, Value: "true"}, nil)
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_MANAGE_SHARED_CHANNEL_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_MANAGE_SHARED_CHANNEL_PERMISSIONS, Value: "true"}, nil)
......
......@@ -4,6 +4,7 @@
package web
import (
"html"
"net/http"
"net/url"
"path/filepath"
......@@ -384,7 +385,7 @@ func mobileLoginWithOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
redirectURL := r.URL.Query().Get("redirect_to")
redirectURL := html.EscapeString(r.URL.Query().Get("redirect_to"))
if redirectURL != "" && !utils.IsValidMobileAuthRedirectURL(c.App.Config(), redirectURL) {
err := model.NewAppError("mobileLoginWithOAuth", "api.invalid_custom_url_scheme", nil, "", http.StatusBadRequest)
......
......@@ -5,6 +5,7 @@ package web
import (
b64 "encoding/base64"
"html"
"net/http"
"strconv"
"strings"
......@@ -35,7 +36,7 @@ func loginWithSaml(c *Context, w http.ResponseWriter, r *http.Request) {
}
action := r.URL.Query().Get("action")
isMobile := action == model.OAUTH_ACTION_MOBILE
redirectURL := r.URL.Query().Get("redirect_to")
redirectURL := html.EscapeString(r.URL.Query().Get("redirect_to"))
relayProps := map[string]string{}
relayState := ""
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment