2018-04-24 03:47:28 +02:00
|
|
|
from typing import Callable, Union, Optional, Dict, Any, List, Tuple
|
2017-01-06 18:56:36 +01:00
|
|
|
|
|
|
|
import os
|
2017-10-12 07:54:25 +02:00
|
|
|
import ujson
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2016-06-05 00:47:14 +02:00
|
|
|
from django.http import HttpRequest, HttpResponse
|
|
|
|
|
2016-05-25 15:02:02 +02:00
|
|
|
from django.utils.translation import ugettext as _
|
2017-03-17 06:32:36 +01:00
|
|
|
from django.shortcuts import redirect, render
|
2017-01-06 18:56:36 +01:00
|
|
|
from django.conf import settings
|
2018-03-05 20:19:07 +01:00
|
|
|
from django.core.exceptions import ValidationError
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2018-05-04 19:14:29 +02:00
|
|
|
from zerver.decorator import require_realm_admin, zulip_login_required, \
|
|
|
|
require_non_guest_human_user
|
2015-11-24 05:26:33 +01:00
|
|
|
from zerver.forms import CreateUserForm
|
2017-02-24 06:36:54 +01:00
|
|
|
from zerver.lib.actions import do_change_avatar_fields, do_change_bot_owner, \
|
|
|
|
do_change_is_admin, do_change_default_all_public_streams, \
|
2015-11-24 05:26:33 +01:00
|
|
|
do_change_default_events_register_stream, do_change_default_sending_stream, \
|
2017-11-16 02:29:53 +01:00
|
|
|
do_create_user, do_deactivate_user, do_reactivate_user, do_regenerate_api_key, \
|
2018-01-30 19:21:13 +01:00
|
|
|
check_change_full_name, notify_created_bot, do_update_outgoing_webhook_service, \
|
bots: Prevent bots from having duplicate full names.
Bots are not allowed to use the same name as
other users in the realm (either bot or human).
This is kind of a big commit, but I wanted to
combine the post/patch (aka add/edit) checks
into one commit, since it's a change in policy
that affects both codepaths.
A lot of the noise is in tests. We had good
coverage on the previous code, including some places
like event testing where we were expediently
not bothering to use different names for
different bots in some longer tests. And then
of course I test some new scenarios that are relevant
with the new policy.
There are two new functions:
check_bot_name_available:
very simple Django query
check_change_bot_full_name:
this diverges from the 3-line
check_change_full_name, where the latter
is still used for the "humans" use case
And then we just call those in appropriate places.
Note that there is still a loophole here
where you can get two bots with the same
name if you reactivate a bot named Fred
that was inactive when the second bot named
Fred was created. Also, we don't attempt
to fix historical data. So this commit
shouldn't be considered any kind of lockdown,
it's just meant to help people from
inadvertently creating two bots of the same
name where they don't intend to. For more
context, we are continuing to allow two
human users in the same realm to have the
same full name, and our code should generally
be tolerant of that possibility. (A good
example is our new mention syntax, which disambiguates
same-named people using ids.)
It's also worth noting that our web app client
doesn't try to scrub full_name from its payload in
situations where the user has actually only modified other
fields in the "Edit bot" UI. Starting here
we just handle this on the server, since it's
easy to fix there, and even if we fixed it in the web
app, there's no guarantee that other clients won't be
just as brute force. It wasn't exactly broken before,
but we'd needlessly write rows to audit tables.
Fixes #10509
2018-09-27 19:25:18 +02:00
|
|
|
do_update_bot_config_data, check_change_bot_full_name
|
2017-10-10 04:51:04 +02:00
|
|
|
from zerver.lib.avatar import avatar_url, get_gravatar_url, get_avatar_field
|
2018-01-07 19:24:14 +01:00
|
|
|
from zerver.lib.bot_config import set_bot_config
|
2017-10-28 00:07:31 +02:00
|
|
|
from zerver.lib.exceptions import JsonableError
|
2017-07-14 16:44:07 +02:00
|
|
|
from zerver.lib.integrations import EMBEDDED_BOTS
|
2017-10-28 00:07:31 +02:00
|
|
|
from zerver.lib.request import has_request_variables, REQ
|
2015-11-24 05:26:33 +01:00
|
|
|
from zerver.lib.response import json_error, json_success
|
2017-01-30 03:17:42 +01:00
|
|
|
from zerver.lib.streams import access_stream_by_name
|
2015-11-24 05:26:33 +01:00
|
|
|
from zerver.lib.upload import upload_avatar_image
|
2018-08-01 10:53:40 +02:00
|
|
|
from zerver.lib.users import get_api_key
|
2018-01-07 19:24:14 +01:00
|
|
|
from zerver.lib.validator import check_bool, check_string, check_int, check_url, check_dict
|
2018-01-29 16:10:54 +01:00
|
|
|
from zerver.lib.users import check_valid_bot_type, check_bot_creation_policy, \
|
2018-05-28 20:42:31 +02:00
|
|
|
check_full_name, check_short_name, check_valid_interface_type, check_valid_bot_config, \
|
bots: Prevent bots from having duplicate full names.
Bots are not allowed to use the same name as
other users in the realm (either bot or human).
This is kind of a big commit, but I wanted to
combine the post/patch (aka add/edit) checks
into one commit, since it's a change in policy
that affects both codepaths.
A lot of the noise is in tests. We had good
coverage on the previous code, including some places
like event testing where we were expediently
not bothering to use different names for
different bots in some longer tests. And then
of course I test some new scenarios that are relevant
with the new policy.
There are two new functions:
check_bot_name_available:
very simple Django query
check_change_bot_full_name:
this diverges from the 3-line
check_change_full_name, where the latter
is still used for the "humans" use case
And then we just call those in appropriate places.
Note that there is still a loophole here
where you can get two bots with the same
name if you reactivate a bot named Fred
that was inactive when the second bot named
Fred was created. Also, we don't attempt
to fix historical data. So this commit
shouldn't be considered any kind of lockdown,
it's just meant to help people from
inadvertently creating two bots of the same
name where they don't intend to. For more
context, we are continuing to allow two
human users in the same realm to have the
same full name, and our code should generally
be tolerant of that possibility. (A good
example is our new mention syntax, which disambiguates
same-named people using ids.)
It's also worth noting that our web app client
doesn't try to scrub full_name from its payload in
situations where the user has actually only modified other
fields in the "Edit bot" UI. Starting here
we just handle this on the server, since it's
easy to fix there, and even if we fixed it in the web
app, there's no guarantee that other clients won't be
just as brute force. It wasn't exactly broken before,
but we'd needlessly write rows to audit tables.
Fixes #10509
2018-09-27 19:25:18 +02:00
|
|
|
access_bot_by_id, add_service, access_user_by_id, check_bot_name_available
|
2018-08-01 11:18:37 +02:00
|
|
|
from zerver.lib.utils import generate_api_key, generate_random_token
|
2017-07-17 21:02:09 +02:00
|
|
|
from zerver.models import UserProfile, Stream, Message, email_allowed_for_realm, \
|
2018-08-13 19:09:09 +02:00
|
|
|
get_user, Service, get_user_including_cross_realm, \
|
2018-06-20 13:08:07 +02:00
|
|
|
DomainNotAllowedForRealmError, DisposableEmailError, get_user_profile_by_id_in_realm, \
|
2018-08-13 19:09:09 +02:00
|
|
|
EmailContainsPlusError, get_user_by_id_in_realm_including_cross_realm
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def deactivate_user_backend(request: HttpRequest, user_profile: UserProfile,
|
2018-05-17 19:36:33 +02:00
|
|
|
user_id: int) -> HttpResponse:
|
2018-06-04 07:04:19 +02:00
|
|
|
target = access_user_by_id(user_profile, user_id)
|
2016-12-05 06:40:00 +01:00
|
|
|
if check_last_admin(target):
|
|
|
|
return json_error(_('Cannot deactivate the only organization administrator'))
|
2015-11-24 05:26:33 +01:00
|
|
|
return _deactivate_user_profile_backend(request, user_profile, target)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def deactivate_user_own_backend(request: HttpRequest, user_profile: UserProfile) -> HttpResponse:
|
2016-10-13 20:09:32 +02:00
|
|
|
|
2016-12-05 06:40:00 +01:00
|
|
|
if user_profile.is_realm_admin and check_last_admin(user_profile):
|
|
|
|
return json_error(_('Cannot deactivate the only organization administrator'))
|
2017-08-17 01:20:23 +02:00
|
|
|
do_deactivate_user(user_profile, acting_user=user_profile)
|
2016-10-21 07:34:04 +02:00
|
|
|
return json_success()
|
2016-10-13 20:09:32 +02:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def check_last_admin(user_profile: UserProfile) -> bool:
|
2016-12-05 06:40:00 +01:00
|
|
|
admins = set(user_profile.realm.get_admin_users())
|
|
|
|
return user_profile.is_realm_admin and len(admins) == 1
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def deactivate_bot_backend(request: HttpRequest, user_profile: UserProfile,
|
2018-05-15 15:26:04 +02:00
|
|
|
bot_id: int) -> HttpResponse:
|
2018-05-28 20:42:31 +02:00
|
|
|
target = access_bot_by_id(user_profile, bot_id)
|
2015-11-24 05:26:33 +01:00
|
|
|
return _deactivate_user_profile_backend(request, user_profile, target)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def _deactivate_user_profile_backend(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
target: UserProfile) -> HttpResponse:
|
2017-08-17 01:20:23 +02:00
|
|
|
do_deactivate_user(target, acting_user=user_profile)
|
2016-10-21 07:34:04 +02:00
|
|
|
return json_success()
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def reactivate_user_backend(request: HttpRequest, user_profile: UserProfile,
|
2018-05-17 19:45:13 +02:00
|
|
|
user_id: int) -> HttpResponse:
|
2018-06-04 07:04:19 +02:00
|
|
|
target = access_user_by_id(user_profile, user_id, allow_deactivated=True, allow_bots=True)
|
2018-07-27 18:18:33 +02:00
|
|
|
if target.is_bot:
|
2018-07-27 19:58:08 +02:00
|
|
|
assert target.bot_type is not None
|
2018-07-27 18:18:33 +02:00
|
|
|
check_bot_creation_policy(user_profile, target.bot_type)
|
2017-09-22 16:18:05 +02:00
|
|
|
do_reactivate_user(target, acting_user=user_profile)
|
2016-10-21 07:34:04 +02:00
|
|
|
return json_success()
|
2015-11-24 05:26:33 +01:00
|
|
|
|
|
|
|
@has_request_variables
|
2018-05-17 19:36:33 +02:00
|
|
|
def update_user_backend(request: HttpRequest, user_profile: UserProfile, user_id: int,
|
2018-04-24 03:47:28 +02:00
|
|
|
full_name: Optional[str]=REQ(default="", validator=check_string),
|
2017-12-25 12:02:23 +01:00
|
|
|
is_admin: Optional[bool]=REQ(default=None, validator=check_bool)) -> HttpResponse:
|
2018-06-04 07:04:19 +02:00
|
|
|
target = access_user_by_id(user_profile, user_id, allow_deactivated=True, allow_bots=True)
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2018-10-17 15:04:58 +02:00
|
|
|
if is_admin is not None and target.is_realm_admin != is_admin:
|
2016-12-05 06:40:00 +01:00
|
|
|
if not is_admin and check_last_admin(user_profile):
|
|
|
|
return json_error(_('Cannot remove the only organization administrator'))
|
2015-11-24 05:26:33 +01:00
|
|
|
do_change_is_admin(target, is_admin)
|
2016-09-27 14:25:52 +02:00
|
|
|
|
|
|
|
if (full_name is not None and target.full_name != full_name and
|
|
|
|
full_name.strip() != ""):
|
|
|
|
# We don't respect `name_changes_disabled` here because the request
|
|
|
|
# is on behalf of the administrator.
|
2017-04-07 07:28:28 +02:00
|
|
|
check_change_full_name(target, full_name, user_profile)
|
2016-09-27 14:25:52 +02:00
|
|
|
|
2016-10-21 07:34:04 +02:00
|
|
|
return json_success()
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2018-08-13 19:09:09 +02:00
|
|
|
def avatar(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
email_or_id: str, medium: bool=False) -> HttpResponse:
|
2016-10-24 16:42:43 +02:00
|
|
|
"""Accepts an email address or user ID and returns the avatar"""
|
2017-07-17 21:02:09 +02:00
|
|
|
is_email = False
|
2015-11-24 05:26:33 +01:00
|
|
|
try:
|
2016-10-24 16:42:43 +02:00
|
|
|
int(email_or_id)
|
|
|
|
except ValueError:
|
2017-07-17 21:02:09 +02:00
|
|
|
is_email = True
|
2016-10-24 16:42:43 +02:00
|
|
|
|
|
|
|
try:
|
2018-08-13 19:09:09 +02:00
|
|
|
realm = user_profile.realm
|
2017-07-17 21:02:09 +02:00
|
|
|
if is_email:
|
2018-08-18 14:18:58 +02:00
|
|
|
avatar_user_profile = get_user_including_cross_realm(email_or_id, realm)
|
2017-07-17 21:02:09 +02:00
|
|
|
else:
|
2018-08-13 19:09:09 +02:00
|
|
|
avatar_user_profile = get_user_by_id_in_realm_including_cross_realm(int(email_or_id), realm)
|
2016-10-24 16:42:43 +02:00
|
|
|
# If there is a valid user account passed in, use its avatar
|
2018-08-18 14:18:58 +02:00
|
|
|
url = avatar_url(avatar_user_profile, medium=medium)
|
2015-11-24 05:26:33 +01:00
|
|
|
except UserProfile.DoesNotExist:
|
2016-10-24 16:42:43 +02:00
|
|
|
# If there is no such user, treat it as a new gravatar
|
|
|
|
email = email_or_id
|
2017-02-16 22:35:57 +01:00
|
|
|
avatar_version = 1
|
2017-07-17 18:04:36 +02:00
|
|
|
url = get_gravatar_url(email, avatar_version, medium)
|
2016-07-13 02:19:26 +02:00
|
|
|
|
|
|
|
# We can rely on the url already having query parameters. Because
|
|
|
|
# our templates depend on being able to use the ampersand to
|
|
|
|
# add query parameters to our url, get_avatar_url does '?x=x'
|
|
|
|
# hacks to prevent us from having to jump through decode/encode hoops.
|
2018-06-01 17:47:50 +02:00
|
|
|
assert url is not None
|
2016-07-13 02:19:26 +02:00
|
|
|
assert '?' in url
|
|
|
|
url += '&' + request.META['QUERY_STRING']
|
2015-11-24 05:26:33 +01:00
|
|
|
return redirect(url)
|
|
|
|
|
2018-04-24 03:47:28 +02:00
|
|
|
def get_stream_name(stream: Optional[Stream]) -> Optional[str]:
|
2015-11-24 05:26:33 +01:00
|
|
|
if stream:
|
2017-02-11 05:44:37 +01:00
|
|
|
return stream.name
|
|
|
|
return None
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2018-05-04 19:14:29 +02:00
|
|
|
@require_non_guest_human_user
|
2015-11-24 05:26:33 +01:00
|
|
|
@has_request_variables
|
2017-12-25 12:02:23 +01:00
|
|
|
def patch_bot_backend(
|
2018-05-15 15:26:04 +02:00
|
|
|
request: HttpRequest, user_profile: UserProfile, bot_id: int,
|
2018-04-24 03:47:28 +02:00
|
|
|
full_name: Optional[str]=REQ(default=None),
|
2018-06-19 07:42:04 +02:00
|
|
|
bot_owner_id: Optional[int]=REQ(default=None),
|
2018-04-24 03:47:28 +02:00
|
|
|
config_data: Optional[Dict[str, str]]=REQ(default=None,
|
|
|
|
validator=check_dict(value_validator=check_string)),
|
|
|
|
service_payload_url: Optional[str]=REQ(validator=check_url, default=None),
|
2018-01-16 20:34:12 +01:00
|
|
|
service_interface: Optional[int]=REQ(validator=check_int, default=1),
|
2018-04-24 03:47:28 +02:00
|
|
|
default_sending_stream: Optional[str]=REQ(default=None),
|
|
|
|
default_events_register_stream: Optional[str]=REQ(default=None),
|
2017-12-25 12:02:23 +01:00
|
|
|
default_all_public_streams: Optional[bool]=REQ(default=None, validator=check_bool)
|
|
|
|
) -> HttpResponse:
|
2018-05-28 20:42:31 +02:00
|
|
|
bot = access_bot_by_id(user_profile, bot_id)
|
2015-11-24 05:26:33 +01:00
|
|
|
|
|
|
|
if full_name is not None:
|
bots: Prevent bots from having duplicate full names.
Bots are not allowed to use the same name as
other users in the realm (either bot or human).
This is kind of a big commit, but I wanted to
combine the post/patch (aka add/edit) checks
into one commit, since it's a change in policy
that affects both codepaths.
A lot of the noise is in tests. We had good
coverage on the previous code, including some places
like event testing where we were expediently
not bothering to use different names for
different bots in some longer tests. And then
of course I test some new scenarios that are relevant
with the new policy.
There are two new functions:
check_bot_name_available:
very simple Django query
check_change_bot_full_name:
this diverges from the 3-line
check_change_full_name, where the latter
is still used for the "humans" use case
And then we just call those in appropriate places.
Note that there is still a loophole here
where you can get two bots with the same
name if you reactivate a bot named Fred
that was inactive when the second bot named
Fred was created. Also, we don't attempt
to fix historical data. So this commit
shouldn't be considered any kind of lockdown,
it's just meant to help people from
inadvertently creating two bots of the same
name where they don't intend to. For more
context, we are continuing to allow two
human users in the same realm to have the
same full name, and our code should generally
be tolerant of that possibility. (A good
example is our new mention syntax, which disambiguates
same-named people using ids.)
It's also worth noting that our web app client
doesn't try to scrub full_name from its payload in
situations where the user has actually only modified other
fields in the "Edit bot" UI. Starting here
we just handle this on the server, since it's
easy to fix there, and even if we fixed it in the web
app, there's no guarantee that other clients won't be
just as brute force. It wasn't exactly broken before,
but we'd needlessly write rows to audit tables.
Fixes #10509
2018-09-27 19:25:18 +02:00
|
|
|
check_change_bot_full_name(bot, full_name, user_profile)
|
2018-06-19 07:42:04 +02:00
|
|
|
if bot_owner_id is not None:
|
2018-02-10 14:17:04 +01:00
|
|
|
try:
|
2018-06-19 07:42:04 +02:00
|
|
|
owner = get_user_profile_by_id_in_realm(bot_owner_id, user_profile.realm)
|
2018-02-10 14:17:04 +01:00
|
|
|
except UserProfile.DoesNotExist:
|
|
|
|
return json_error(_('Failed to change owner, no such user'))
|
2018-02-13 11:54:16 +01:00
|
|
|
if not owner.is_active:
|
|
|
|
return json_error(_('Failed to change owner, user is deactivated'))
|
|
|
|
if owner.is_bot:
|
|
|
|
return json_error(_("Failed to change owner, bots can't own other bots"))
|
2018-06-19 07:42:04 +02:00
|
|
|
|
|
|
|
previous_owner = bot.bot_owner
|
|
|
|
if previous_owner != owner:
|
|
|
|
do_change_bot_owner(bot, owner, user_profile)
|
2018-02-10 14:17:04 +01:00
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
if default_sending_stream is not None:
|
2017-01-30 03:17:42 +01:00
|
|
|
if default_sending_stream == "":
|
2017-02-11 05:45:39 +01:00
|
|
|
stream = None # type: Optional[Stream]
|
2017-01-30 03:17:42 +01:00
|
|
|
else:
|
|
|
|
(stream, recipient, sub) = access_stream_by_name(
|
|
|
|
user_profile, default_sending_stream)
|
2015-11-24 05:26:33 +01:00
|
|
|
do_change_default_sending_stream(bot, stream)
|
|
|
|
if default_events_register_stream is not None:
|
2017-01-30 03:17:42 +01:00
|
|
|
if default_events_register_stream == "":
|
|
|
|
stream = None
|
|
|
|
else:
|
|
|
|
(stream, recipient, sub) = access_stream_by_name(
|
|
|
|
user_profile, default_events_register_stream)
|
2015-11-24 05:26:33 +01:00
|
|
|
do_change_default_events_register_stream(bot, stream)
|
|
|
|
if default_all_public_streams is not None:
|
|
|
|
do_change_default_all_public_streams(bot, default_all_public_streams)
|
|
|
|
|
2018-01-16 20:34:12 +01:00
|
|
|
if service_payload_url is not None:
|
|
|
|
check_valid_interface_type(service_interface)
|
2018-06-01 17:47:50 +02:00
|
|
|
assert service_interface is not None
|
2018-01-16 20:34:12 +01:00
|
|
|
do_update_outgoing_webhook_service(bot, service_interface, service_payload_url)
|
|
|
|
|
2018-01-30 19:21:13 +01:00
|
|
|
if config_data is not None:
|
|
|
|
do_update_bot_config_data(bot, config_data)
|
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
if len(request.FILES) == 0:
|
|
|
|
pass
|
|
|
|
elif len(request.FILES) == 1:
|
2016-01-25 01:27:18 +01:00
|
|
|
user_file = list(request.FILES.values())[0]
|
2017-03-02 16:21:46 +01:00
|
|
|
upload_avatar_image(user_file, user_profile, bot)
|
2015-11-24 05:26:33 +01:00
|
|
|
avatar_source = UserProfile.AVATAR_FROM_USER
|
2017-01-28 19:05:20 +01:00
|
|
|
do_change_avatar_fields(bot, avatar_source)
|
2015-11-24 05:26:33 +01:00
|
|
|
else:
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("You may only upload one file at a time"))
|
2015-11-24 05:26:33 +01:00
|
|
|
|
|
|
|
json_result = dict(
|
|
|
|
full_name=bot.full_name,
|
|
|
|
avatar_url=avatar_url(bot),
|
2018-01-16 20:34:12 +01:00
|
|
|
service_interface = service_interface,
|
|
|
|
service_payload_url = service_payload_url,
|
2018-01-30 19:21:13 +01:00
|
|
|
config_data = config_data,
|
2015-11-24 05:26:33 +01:00
|
|
|
default_sending_stream=get_stream_name(bot.default_sending_stream),
|
|
|
|
default_events_register_stream=get_stream_name(bot.default_events_register_stream),
|
|
|
|
default_all_public_streams=bot.default_all_public_streams,
|
|
|
|
)
|
2017-02-24 06:36:54 +01:00
|
|
|
|
|
|
|
# Don't include the bot owner in case it is not set.
|
|
|
|
# Default bots have no owner.
|
|
|
|
if bot.bot_owner is not None:
|
|
|
|
json_result['bot_owner'] = bot.bot_owner.email
|
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
return json_success(json_result)
|
|
|
|
|
2018-05-04 19:14:29 +02:00
|
|
|
@require_non_guest_human_user
|
2015-11-24 05:26:33 +01:00
|
|
|
@has_request_variables
|
2018-05-15 18:13:07 +02:00
|
|
|
def regenerate_bot_api_key(request: HttpRequest, user_profile: UserProfile, bot_id: int) -> HttpResponse:
|
2018-05-28 20:42:31 +02:00
|
|
|
bot = access_bot_by_id(user_profile, bot_id)
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2017-04-06 12:27:58 +02:00
|
|
|
do_regenerate_api_key(bot, user_profile)
|
2015-11-24 05:26:33 +01:00
|
|
|
json_result = dict(
|
|
|
|
api_key = bot.api_key
|
|
|
|
)
|
|
|
|
return json_success(json_result)
|
|
|
|
|
2018-05-04 19:14:29 +02:00
|
|
|
@require_non_guest_human_user
|
2015-11-24 05:26:33 +01:00
|
|
|
@has_request_variables
|
2017-12-25 12:02:23 +01:00
|
|
|
def add_bot_backend(
|
|
|
|
request: HttpRequest, user_profile: UserProfile,
|
2018-04-24 03:47:28 +02:00
|
|
|
full_name_raw: str=REQ("full_name"), short_name_raw: str=REQ("short_name"),
|
2017-12-25 12:02:23 +01:00
|
|
|
bot_type: int=REQ(validator=check_int, default=UserProfile.DEFAULT_BOT),
|
2018-04-24 03:47:28 +02:00
|
|
|
payload_url: Optional[str]=REQ(validator=check_url, default=""),
|
|
|
|
service_name: Optional[str]=REQ(default=None),
|
|
|
|
config_data: Dict[str, str]=REQ(default={},
|
|
|
|
validator=check_dict(value_validator=check_string)),
|
2017-12-25 12:02:23 +01:00
|
|
|
interface_type: int=REQ(validator=check_int, default=Service.GENERIC),
|
2018-04-24 03:47:28 +02:00
|
|
|
default_sending_stream_name: Optional[str]=REQ('default_sending_stream', default=None),
|
|
|
|
default_events_register_stream_name: Optional[str]=REQ('default_events_register_stream',
|
|
|
|
default=None),
|
2017-12-25 12:02:23 +01:00
|
|
|
default_all_public_streams: Optional[bool]=REQ(validator=check_bool, default=None)
|
|
|
|
) -> HttpResponse:
|
2017-06-21 13:46:58 +02:00
|
|
|
short_name = check_short_name(short_name_raw)
|
2017-07-14 16:44:07 +02:00
|
|
|
service_name = service_name or short_name
|
2015-11-24 05:26:33 +01:00
|
|
|
short_name += "-bot"
|
2017-02-08 04:51:01 +01:00
|
|
|
full_name = check_full_name(full_name_raw)
|
2017-03-05 04:17:12 +01:00
|
|
|
email = '%s@%s' % (short_name, user_profile.realm.get_bot_domain())
|
2015-11-24 05:26:33 +01:00
|
|
|
form = CreateUserForm({'full_name': full_name, 'email': email})
|
2017-07-14 16:44:07 +02:00
|
|
|
|
|
|
|
if bot_type == UserProfile.EMBEDDED_BOT:
|
|
|
|
if not settings.EMBEDDED_BOTS_ENABLED:
|
|
|
|
return json_error(_("Embedded bots are not enabled."))
|
|
|
|
if service_name not in [bot.name for bot in EMBEDDED_BOTS]:
|
|
|
|
return json_error(_("Invalid embedded bot name."))
|
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
if not form.is_valid():
|
|
|
|
# We validate client-side as well
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_('Bad name or username'))
|
2015-11-24 05:26:33 +01:00
|
|
|
try:
|
2017-05-23 01:33:15 +02:00
|
|
|
get_user(email, user_profile.realm)
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("Username already in use"))
|
2015-11-24 05:26:33 +01:00
|
|
|
except UserProfile.DoesNotExist:
|
|
|
|
pass
|
bots: Prevent bots from having duplicate full names.
Bots are not allowed to use the same name as
other users in the realm (either bot or human).
This is kind of a big commit, but I wanted to
combine the post/patch (aka add/edit) checks
into one commit, since it's a change in policy
that affects both codepaths.
A lot of the noise is in tests. We had good
coverage on the previous code, including some places
like event testing where we were expediently
not bothering to use different names for
different bots in some longer tests. And then
of course I test some new scenarios that are relevant
with the new policy.
There are two new functions:
check_bot_name_available:
very simple Django query
check_change_bot_full_name:
this diverges from the 3-line
check_change_full_name, where the latter
is still used for the "humans" use case
And then we just call those in appropriate places.
Note that there is still a loophole here
where you can get two bots with the same
name if you reactivate a bot named Fred
that was inactive when the second bot named
Fred was created. Also, we don't attempt
to fix historical data. So this commit
shouldn't be considered any kind of lockdown,
it's just meant to help people from
inadvertently creating two bots of the same
name where they don't intend to. For more
context, we are continuing to allow two
human users in the same realm to have the
same full name, and our code should generally
be tolerant of that possibility. (A good
example is our new mention syntax, which disambiguates
same-named people using ids.)
It's also worth noting that our web app client
doesn't try to scrub full_name from its payload in
situations where the user has actually only modified other
fields in the "Edit bot" UI. Starting here
we just handle this on the server, since it's
easy to fix there, and even if we fixed it in the web
app, there's no guarantee that other clients won't be
just as brute force. It wasn't exactly broken before,
but we'd needlessly write rows to audit tables.
Fixes #10509
2018-09-27 19:25:18 +02:00
|
|
|
|
|
|
|
check_bot_name_available(
|
|
|
|
realm_id=user_profile.realm_id,
|
|
|
|
full_name=full_name,
|
|
|
|
)
|
|
|
|
|
2018-01-29 16:10:54 +01:00
|
|
|
check_bot_creation_policy(user_profile, bot_type)
|
2017-11-24 16:24:24 +01:00
|
|
|
check_valid_bot_type(user_profile, bot_type)
|
2017-07-03 18:35:12 +02:00
|
|
|
check_valid_interface_type(interface_type)
|
2015-11-24 05:26:33 +01:00
|
|
|
|
|
|
|
if len(request.FILES) == 0:
|
|
|
|
avatar_source = UserProfile.AVATAR_FROM_GRAVATAR
|
|
|
|
elif len(request.FILES) != 1:
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("You may only upload one file at a time"))
|
2015-11-24 05:26:33 +01:00
|
|
|
else:
|
|
|
|
avatar_source = UserProfile.AVATAR_FROM_USER
|
|
|
|
|
2016-06-05 00:47:14 +02:00
|
|
|
default_sending_stream = None
|
|
|
|
if default_sending_stream_name is not None:
|
2017-01-30 03:17:42 +01:00
|
|
|
(default_sending_stream, ignored_rec, ignored_sub) = access_stream_by_name(
|
|
|
|
user_profile, default_sending_stream_name)
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2016-06-05 00:47:14 +02:00
|
|
|
default_events_register_stream = None
|
|
|
|
if default_events_register_stream_name is not None:
|
2017-01-30 03:17:42 +01:00
|
|
|
(default_events_register_stream, ignored_rec, ignored_sub) = access_stream_by_name(
|
|
|
|
user_profile, default_events_register_stream_name)
|
2015-11-24 05:26:33 +01:00
|
|
|
|
2018-02-13 11:47:40 +01:00
|
|
|
if bot_type == UserProfile.EMBEDDED_BOT:
|
|
|
|
check_valid_bot_config(service_name, config_data)
|
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
bot_profile = do_create_user(email=email, password='',
|
|
|
|
realm=user_profile.realm, full_name=full_name,
|
2017-10-28 19:22:02 +02:00
|
|
|
short_name=short_name,
|
2017-05-30 19:19:48 +02:00
|
|
|
bot_type=bot_type,
|
2015-11-24 05:26:33 +01:00
|
|
|
bot_owner=user_profile,
|
|
|
|
avatar_source=avatar_source,
|
|
|
|
default_sending_stream=default_sending_stream,
|
|
|
|
default_events_register_stream=default_events_register_stream,
|
|
|
|
default_all_public_streams=default_all_public_streams)
|
2017-03-02 16:21:46 +01:00
|
|
|
if len(request.FILES) == 1:
|
|
|
|
user_file = list(request.FILES.values())[0]
|
|
|
|
upload_avatar_image(user_file, user_profile, bot_profile)
|
2017-06-10 18:43:31 +02:00
|
|
|
|
2017-07-14 16:44:07 +02:00
|
|
|
if bot_type in (UserProfile.OUTGOING_WEBHOOK_BOT, UserProfile.EMBEDDED_BOT):
|
2017-10-25 20:13:11 +02:00
|
|
|
add_service(name=service_name,
|
|
|
|
user_profile=bot_profile,
|
|
|
|
base_url=payload_url,
|
|
|
|
interface=interface_type,
|
2018-08-01 11:18:37 +02:00
|
|
|
token=generate_api_key())
|
2017-06-10 18:43:31 +02:00
|
|
|
|
2018-01-07 19:24:14 +01:00
|
|
|
if bot_type == UserProfile.EMBEDDED_BOT:
|
|
|
|
for key, value in config_data.items():
|
|
|
|
set_bot_config(bot_profile, key, value)
|
|
|
|
|
2018-01-16 20:19:57 +01:00
|
|
|
notify_created_bot(bot_profile)
|
|
|
|
|
2018-08-01 10:53:40 +02:00
|
|
|
api_key = get_api_key(bot_profile)
|
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
json_result = dict(
|
2018-08-01 10:53:40 +02:00
|
|
|
api_key=api_key,
|
2017-01-24 07:06:13 +01:00
|
|
|
avatar_url=avatar_url(bot_profile),
|
|
|
|
default_sending_stream=get_stream_name(bot_profile.default_sending_stream),
|
|
|
|
default_events_register_stream=get_stream_name(bot_profile.default_events_register_stream),
|
|
|
|
default_all_public_streams=bot_profile.default_all_public_streams,
|
2015-11-24 05:26:33 +01:00
|
|
|
)
|
|
|
|
return json_success(json_result)
|
|
|
|
|
2018-05-04 19:14:29 +02:00
|
|
|
@require_non_guest_human_user
|
2017-11-27 09:28:57 +01:00
|
|
|
def get_bots_backend(request: HttpRequest, user_profile: UserProfile) -> HttpResponse:
|
2015-11-24 05:26:33 +01:00
|
|
|
bot_profiles = UserProfile.objects.filter(is_bot=True, is_active=True,
|
|
|
|
bot_owner=user_profile)
|
|
|
|
bot_profiles = bot_profiles.select_related('default_sending_stream', 'default_events_register_stream')
|
|
|
|
bot_profiles = bot_profiles.order_by('date_joined')
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def bot_info(bot_profile: UserProfile) -> Dict[str, Any]:
|
2015-11-24 05:26:33 +01:00
|
|
|
default_sending_stream = get_stream_name(bot_profile.default_sending_stream)
|
|
|
|
default_events_register_stream = get_stream_name(bot_profile.default_events_register_stream)
|
|
|
|
|
2018-08-01 10:53:40 +02:00
|
|
|
# Bots are supposed to have only one API key, at least for now.
|
|
|
|
# Therefore we can safely asume that one and only valid API key will be
|
|
|
|
# the first one.
|
|
|
|
api_key = get_api_key(bot_profile)
|
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
return dict(
|
|
|
|
username=bot_profile.email,
|
|
|
|
full_name=bot_profile.full_name,
|
2018-08-01 10:53:40 +02:00
|
|
|
api_key=api_key,
|
2015-11-24 05:26:33 +01:00
|
|
|
avatar_url=avatar_url(bot_profile),
|
|
|
|
default_sending_stream=default_sending_stream,
|
|
|
|
default_events_register_stream=default_events_register_stream,
|
|
|
|
default_all_public_streams=bot_profile.default_all_public_streams,
|
|
|
|
)
|
|
|
|
|
|
|
|
return json_success({'bots': list(map(bot_info, bot_profiles))})
|
|
|
|
|
2017-10-10 04:51:04 +02:00
|
|
|
@has_request_variables
|
2017-12-25 12:02:23 +01:00
|
|
|
def get_members_backend(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
client_gravatar: bool=REQ(validator=check_bool, default=False)) -> HttpResponse:
|
2017-10-10 04:51:04 +02:00
|
|
|
'''
|
|
|
|
The client_gravatar field here is set to True if clients can compute
|
|
|
|
their own gravatars, which saves us bandwidth. We want to eventually
|
|
|
|
make this the default behavior, but we have old clients that expect
|
|
|
|
the server to compute this for us.
|
|
|
|
'''
|
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
realm = user_profile.realm
|
2017-10-09 20:56:09 +02:00
|
|
|
|
|
|
|
query = UserProfile.objects.filter(
|
|
|
|
realm_id=realm.id
|
|
|
|
).values(
|
|
|
|
'id',
|
|
|
|
'email',
|
|
|
|
'realm_id',
|
|
|
|
'full_name',
|
|
|
|
'is_bot',
|
2018-10-19 10:00:38 +02:00
|
|
|
'is_realm_admin',
|
2017-10-09 20:56:09 +02:00
|
|
|
'is_active',
|
|
|
|
'bot_type',
|
|
|
|
'avatar_source',
|
|
|
|
'avatar_version',
|
|
|
|
'bot_owner__email',
|
|
|
|
)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def get_member(row: Dict[str, Any]) -> Dict[str, Any]:
|
2017-10-09 20:56:09 +02:00
|
|
|
email = row['email']
|
|
|
|
user_id = row['id']
|
|
|
|
|
|
|
|
result = dict(
|
|
|
|
user_id=user_id,
|
|
|
|
email=email,
|
|
|
|
full_name=row['full_name'],
|
|
|
|
is_bot=row['is_bot'],
|
|
|
|
is_active=row['is_active'],
|
2018-10-19 10:00:38 +02:00
|
|
|
is_admin=row['is_realm_admin'],
|
2017-10-09 20:56:09 +02:00
|
|
|
bot_type=row['bot_type'],
|
|
|
|
)
|
|
|
|
|
2017-10-10 04:51:04 +02:00
|
|
|
result['avatar_url'] = get_avatar_field(
|
|
|
|
user_id=user_id,
|
|
|
|
email=email,
|
2017-10-09 20:56:09 +02:00
|
|
|
avatar_source=row['avatar_source'],
|
|
|
|
avatar_version=row['avatar_version'],
|
|
|
|
realm_id=row['realm_id'],
|
2017-10-10 04:51:04 +02:00
|
|
|
medium=False,
|
|
|
|
client_gravatar=client_gravatar,
|
2017-10-09 20:56:09 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
if row['bot_owner__email']:
|
|
|
|
result['bot_owner'] = row['bot_owner__email']
|
|
|
|
|
|
|
|
return result
|
|
|
|
|
|
|
|
members = [get_member(row) for row in query]
|
|
|
|
|
2015-11-24 05:26:33 +01:00
|
|
|
return json_success({'members': members})
|
2016-01-12 15:40:40 +01:00
|
|
|
|
|
|
|
@require_realm_admin
|
|
|
|
@has_request_variables
|
2017-12-25 12:02:23 +01:00
|
|
|
def create_user_backend(request: HttpRequest, user_profile: UserProfile,
|
2018-04-24 03:47:28 +02:00
|
|
|
email: str=REQ(), password: str=REQ(), full_name_raw: str=REQ("full_name"),
|
|
|
|
short_name: str=REQ()) -> HttpResponse:
|
2017-02-08 04:51:01 +01:00
|
|
|
full_name = check_full_name(full_name_raw)
|
2016-01-12 15:40:40 +01:00
|
|
|
form = CreateUserForm({'full_name': full_name, 'email': email})
|
|
|
|
if not form.is_valid():
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_('Bad name or username'))
|
2016-01-12 15:40:40 +01:00
|
|
|
|
|
|
|
# Check that the new user's email address belongs to the admin's realm
|
|
|
|
# (Since this is an admin API, we don't require the user to have been
|
|
|
|
# invited first.)
|
|
|
|
realm = user_profile.realm
|
2018-03-14 12:54:05 +01:00
|
|
|
try:
|
|
|
|
email_allowed_for_realm(email, user_profile.realm)
|
|
|
|
except DomainNotAllowedForRealmError:
|
2018-03-08 02:05:50 +01:00
|
|
|
return json_error(_("Email '%(email)s' not allowed in this organization") %
|
|
|
|
{'email': email})
|
2018-03-14 13:25:26 +01:00
|
|
|
except DisposableEmailError:
|
2018-03-17 00:49:29 +01:00
|
|
|
return json_error(_("Disposable email addresses are not allowed in this organization"))
|
2018-06-20 13:08:07 +02:00
|
|
|
except EmailContainsPlusError:
|
|
|
|
return json_error(_("Email addresses containing + are not allowed."))
|
2018-03-05 20:19:07 +01:00
|
|
|
|
2016-01-12 15:40:40 +01:00
|
|
|
try:
|
2017-05-23 01:33:15 +02:00
|
|
|
get_user(email, user_profile.realm)
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("Email '%s' already in use") % (email,))
|
2016-01-12 15:40:40 +01:00
|
|
|
except UserProfile.DoesNotExist:
|
|
|
|
pass
|
|
|
|
|
2017-10-25 21:48:37 +02:00
|
|
|
do_create_user(email, password, realm, full_name, short_name)
|
2016-01-12 15:40:40 +01:00
|
|
|
return json_success()
|
2016-12-15 12:22:24 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def generate_client_id() -> str:
|
2016-12-15 12:22:24 +01:00
|
|
|
return generate_random_token(32)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def get_profile_backend(request: HttpRequest, user_profile: UserProfile) -> HttpResponse:
|
2016-12-15 12:22:24 +01:00
|
|
|
result = dict(pointer = user_profile.pointer,
|
|
|
|
client_id = generate_client_id(),
|
|
|
|
max_message_id = -1,
|
|
|
|
user_id = user_profile.id,
|
|
|
|
full_name = user_profile.full_name,
|
|
|
|
email = user_profile.email,
|
|
|
|
is_bot = user_profile.is_bot,
|
|
|
|
is_admin = user_profile.is_realm_admin,
|
|
|
|
short_name = user_profile.short_name)
|
|
|
|
|
|
|
|
messages = Message.objects.filter(usermessage__user_profile=user_profile).order_by('-id')[:1]
|
|
|
|
if messages:
|
|
|
|
result['max_message_id'] = messages[0].id
|
|
|
|
|
|
|
|
return json_success(result)
|
2017-01-06 18:56:36 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def team_view(request: HttpRequest) -> HttpResponse:
|
2017-01-06 18:56:36 +01:00
|
|
|
with open(settings.CONTRIBUTORS_DATA) as f:
|
2017-10-12 07:54:25 +02:00
|
|
|
data = ujson.load(f)
|
2017-01-06 18:56:36 +01:00
|
|
|
|
2017-03-17 06:32:36 +01:00
|
|
|
return render(
|
|
|
|
request,
|
2017-10-31 19:03:08 +01:00
|
|
|
'zerver/team.html',
|
2017-03-17 06:32:36 +01:00
|
|
|
context=data,
|
2017-01-06 18:56:36 +01:00
|
|
|
)
|