github.com/adacta-ru/mattermost-server/v6@v6.0.0/model/config.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package model 5 6 import ( 7 "crypto/tls" 8 "encoding/json" 9 "io" 10 "math" 11 "net" 12 "net/http" 13 "net/url" 14 "os" 15 "reflect" 16 "regexp" 17 "strconv" 18 "strings" 19 "time" 20 21 "github.com/mattermost/ldap" 22 "github.com/adacta-ru/mattermost-server/v6/mlog" 23 ) 24 25 const ( 26 CONN_SECURITY_NONE = "" 27 CONN_SECURITY_PLAIN = "PLAIN" 28 CONN_SECURITY_TLS = "TLS" 29 CONN_SECURITY_STARTTLS = "STARTTLS" 30 31 IMAGE_DRIVER_LOCAL = "local" 32 IMAGE_DRIVER_S3 = "amazons3" 33 34 DATABASE_DRIVER_SQLITE = "sqlite3" 35 DATABASE_DRIVER_MYSQL = "mysql" 36 DATABASE_DRIVER_POSTGRES = "postgres" 37 38 MINIO_ACCESS_KEY = "minioaccesskey" 39 MINIO_SECRET_KEY = "miniosecretkey" 40 MINIO_BUCKET = "mattermost-test" 41 42 PASSWORD_MAXIMUM_LENGTH = 64 43 PASSWORD_MINIMUM_LENGTH = 5 44 45 SERVICE_GITLAB = "gitlab" 46 SERVICE_GOOGLE = "google" 47 SERVICE_OFFICE365 = "office365" 48 SERVICE_OPENID = "openid" 49 50 GENERIC_NO_CHANNEL_NOTIFICATION = "generic_no_channel" 51 GENERIC_NOTIFICATION = "generic" 52 GENERIC_NOTIFICATION_SERVER = "https://push-test.mattermost.com" 53 MM_SUPPORT_ADVISOR_ADDRESS = "support-advisor@mattermost.com" 54 FULL_NOTIFICATION = "full" 55 ID_LOADED_NOTIFICATION = "id_loaded" 56 57 DIRECT_MESSAGE_ANY = "any" 58 DIRECT_MESSAGE_TEAM = "team" 59 60 SHOW_USERNAME = "username" 61 SHOW_NICKNAME_FULLNAME = "nickname_full_name" 62 SHOW_FULLNAME = "full_name" 63 64 PERMISSIONS_ALL = "all" 65 PERMISSIONS_CHANNEL_ADMIN = "channel_admin" 66 PERMISSIONS_TEAM_ADMIN = "team_admin" 67 PERMISSIONS_SYSTEM_ADMIN = "system_admin" 68 69 FAKE_SETTING = "********************************" 70 71 RESTRICT_EMOJI_CREATION_ALL = "all" 72 RESTRICT_EMOJI_CREATION_ADMIN = "admin" 73 RESTRICT_EMOJI_CREATION_SYSTEM_ADMIN = "system_admin" 74 75 PERMISSIONS_DELETE_POST_ALL = "all" 76 PERMISSIONS_DELETE_POST_TEAM_ADMIN = "team_admin" 77 PERMISSIONS_DELETE_POST_SYSTEM_ADMIN = "system_admin" 78 79 ALLOW_EDIT_POST_ALWAYS = "always" 80 ALLOW_EDIT_POST_NEVER = "never" 81 ALLOW_EDIT_POST_TIME_LIMIT = "time_limit" 82 83 GROUP_UNREAD_CHANNELS_DISABLED = "disabled" 84 GROUP_UNREAD_CHANNELS_DEFAULT_ON = "default_on" 85 GROUP_UNREAD_CHANNELS_DEFAULT_OFF = "default_off" 86 87 COLLAPSED_THREADS_DISABLED = "disabled" 88 COLLAPSED_THREADS_DEFAULT_ON = "default_on" 89 COLLAPSED_THREADS_DEFAULT_OFF = "default_off" 90 91 EMAIL_BATCHING_BUFFER_SIZE = 256 92 EMAIL_BATCHING_INTERVAL = 30 93 94 EMAIL_NOTIFICATION_CONTENTS_FULL = "full" 95 EMAIL_NOTIFICATION_CONTENTS_GENERIC = "generic" 96 97 SITENAME_MAX_LENGTH = 30 98 99 SERVICE_SETTINGS_DEFAULT_SITE_URL = "http://localhost:8065" 100 SERVICE_SETTINGS_DEFAULT_TLS_CERT_FILE = "" 101 SERVICE_SETTINGS_DEFAULT_TLS_KEY_FILE = "" 102 SERVICE_SETTINGS_DEFAULT_READ_TIMEOUT = 300 103 SERVICE_SETTINGS_DEFAULT_WRITE_TIMEOUT = 300 104 SERVICE_SETTINGS_DEFAULT_IDLE_TIMEOUT = 60 105 SERVICE_SETTINGS_DEFAULT_MAX_LOGIN_ATTEMPTS = 10 106 SERVICE_SETTINGS_DEFAULT_ALLOW_CORS_FROM = "" 107 SERVICE_SETTINGS_DEFAULT_LISTEN_AND_ADDRESS = ":8065" 108 SERVICE_SETTINGS_DEFAULT_GFYCAT_API_KEY = "2_KtH_W5" 109 SERVICE_SETTINGS_DEFAULT_GFYCAT_API_SECRET = "3wLVZPiswc3DnaiaFoLkDvB4X0IV6CpMkj4tf2inJRsBY6-FnkT08zGmppWFgeof" 110 111 TEAM_SETTINGS_DEFAULT_SITE_NAME = "Mattermost" 112 TEAM_SETTINGS_DEFAULT_MAX_USERS_PER_TEAM = 50 113 TEAM_SETTINGS_DEFAULT_CUSTOM_BRAND_TEXT = "" 114 TEAM_SETTINGS_DEFAULT_CUSTOM_DESCRIPTION_TEXT = "" 115 TEAM_SETTINGS_DEFAULT_USER_STATUS_AWAY_TIMEOUT = 300 116 117 SQL_SETTINGS_DEFAULT_DATA_SOURCE = "postgres://mmuser:mostest@localhost/mattermost_test?sslmode=disable&connect_timeout=10" 118 119 FILE_SETTINGS_DEFAULT_DIRECTORY = "./data/" 120 121 IMPORT_SETTINGS_DEFAULT_DIRECTORY = "./import" 122 IMPORT_SETTINGS_DEFAULT_RETENTION_DAYS = 30 123 124 EMAIL_SETTINGS_DEFAULT_FEEDBACK_ORGANIZATION = "" 125 126 SUPPORT_SETTINGS_DEFAULT_TERMS_OF_SERVICE_LINK = "https://about.mattermost.com/default-terms/" 127 SUPPORT_SETTINGS_DEFAULT_PRIVACY_POLICY_LINK = "https://about.mattermost.com/default-privacy-policy/" 128 SUPPORT_SETTINGS_DEFAULT_ABOUT_LINK = "https://about.mattermost.com/default-about/" 129 SUPPORT_SETTINGS_DEFAULT_HELP_LINK = "https://about.mattermost.com/default-help/" 130 SUPPORT_SETTINGS_DEFAULT_REPORT_A_PROBLEM_LINK = "https://about.mattermost.com/default-report-a-problem/" 131 SUPPORT_SETTINGS_DEFAULT_SUPPORT_EMAIL = "feedback@mattermost.com" 132 SUPPORT_SETTINGS_DEFAULT_RE_ACCEPTANCE_PERIOD = 365 133 134 LDAP_SETTINGS_DEFAULT_FIRST_NAME_ATTRIBUTE = "" 135 LDAP_SETTINGS_DEFAULT_LAST_NAME_ATTRIBUTE = "" 136 LDAP_SETTINGS_DEFAULT_EMAIL_ATTRIBUTE = "" 137 LDAP_SETTINGS_DEFAULT_USERNAME_ATTRIBUTE = "" 138 LDAP_SETTINGS_DEFAULT_NICKNAME_ATTRIBUTE = "" 139 LDAP_SETTINGS_DEFAULT_ID_ATTRIBUTE = "" 140 LDAP_SETTINGS_DEFAULT_POSITION_ATTRIBUTE = "" 141 LDAP_SETTINGS_DEFAULT_LOGIN_FIELD_NAME = "" 142 LDAP_SETTINGS_DEFAULT_GROUP_DISPLAY_NAME_ATTRIBUTE = "" 143 LDAP_SETTINGS_DEFAULT_GROUP_ID_ATTRIBUTE = "" 144 LDAP_SETTINGS_DEFAULT_PICTURE_ATTRIBUTE = "" 145 146 SAML_SETTINGS_DEFAULT_ID_ATTRIBUTE = "" 147 SAML_SETTINGS_DEFAULT_GUEST_ATTRIBUTE = "" 148 SAML_SETTINGS_DEFAULT_ADMIN_ATTRIBUTE = "" 149 SAML_SETTINGS_DEFAULT_FIRST_NAME_ATTRIBUTE = "" 150 SAML_SETTINGS_DEFAULT_LAST_NAME_ATTRIBUTE = "" 151 SAML_SETTINGS_DEFAULT_EMAIL_ATTRIBUTE = "" 152 SAML_SETTINGS_DEFAULT_USERNAME_ATTRIBUTE = "" 153 SAML_SETTINGS_DEFAULT_NICKNAME_ATTRIBUTE = "" 154 SAML_SETTINGS_DEFAULT_LOCALE_ATTRIBUTE = "" 155 SAML_SETTINGS_DEFAULT_POSITION_ATTRIBUTE = "" 156 157 SAML_SETTINGS_SIGNATURE_ALGORITHM_SHA1 = "RSAwithSHA1" 158 SAML_SETTINGS_SIGNATURE_ALGORITHM_SHA256 = "RSAwithSHA256" 159 SAML_SETTINGS_SIGNATURE_ALGORITHM_SHA512 = "RSAwithSHA512" 160 SAML_SETTINGS_DEFAULT_SIGNATURE_ALGORITHM = SAML_SETTINGS_SIGNATURE_ALGORITHM_SHA1 161 162 SAML_SETTINGS_CANONICAL_ALGORITHM_C14N = "Canonical1.0" 163 SAML_SETTINGS_CANONICAL_ALGORITHM_C14N11 = "Canonical1.1" 164 SAML_SETTINGS_DEFAULT_CANONICAL_ALGORITHM = SAML_SETTINGS_CANONICAL_ALGORITHM_C14N 165 166 NATIVEAPP_SETTINGS_DEFAULT_APP_DOWNLOAD_LINK = "https://mattermost.com/download/#mattermostApps" 167 NATIVEAPP_SETTINGS_DEFAULT_ANDROID_APP_DOWNLOAD_LINK = "https://about.mattermost.com/mattermost-android-app/" 168 NATIVEAPP_SETTINGS_DEFAULT_IOS_APP_DOWNLOAD_LINK = "https://about.mattermost.com/mattermost-ios-app/" 169 170 EXPERIMENTAL_SETTINGS_DEFAULT_LINK_METADATA_TIMEOUT_MILLISECONDS = 5000 171 172 ANALYTICS_SETTINGS_DEFAULT_MAX_USERS_FOR_STATISTICS = 2500 173 174 ANNOUNCEMENT_SETTINGS_DEFAULT_BANNER_COLOR = "#f2a93b" 175 ANNOUNCEMENT_SETTINGS_DEFAULT_BANNER_TEXT_COLOR = "#333333" 176 ANNOUNCEMENT_SETTINGS_DEFAULT_NOTICES_JSON_URL = "https://notices.mattermost.com/" 177 ANNOUNCEMENT_SETTINGS_DEFAULT_NOTICES_FETCH_FREQUENCY_SECONDS = 3600 178 179 TEAM_SETTINGS_DEFAULT_TEAM_TEXT = "default" 180 181 ELASTICSEARCH_SETTINGS_DEFAULT_CONNECTION_URL = "http://localhost:9200" 182 ELASTICSEARCH_SETTINGS_DEFAULT_USERNAME = "elastic" 183 ELASTICSEARCH_SETTINGS_DEFAULT_PASSWORD = "changeme" 184 ELASTICSEARCH_SETTINGS_DEFAULT_POST_INDEX_REPLICAS = 1 185 ELASTICSEARCH_SETTINGS_DEFAULT_POST_INDEX_SHARDS = 1 186 ELASTICSEARCH_SETTINGS_DEFAULT_CHANNEL_INDEX_REPLICAS = 1 187 ELASTICSEARCH_SETTINGS_DEFAULT_CHANNEL_INDEX_SHARDS = 1 188 ELASTICSEARCH_SETTINGS_DEFAULT_USER_INDEX_REPLICAS = 1 189 ELASTICSEARCH_SETTINGS_DEFAULT_USER_INDEX_SHARDS = 1 190 ELASTICSEARCH_SETTINGS_DEFAULT_AGGREGATE_POSTS_AFTER_DAYS = 365 191 ELASTICSEARCH_SETTINGS_DEFAULT_POSTS_AGGREGATOR_JOB_START_TIME = "03:00" 192 ELASTICSEARCH_SETTINGS_DEFAULT_INDEX_PREFIX = "" 193 ELASTICSEARCH_SETTINGS_DEFAULT_LIVE_INDEXING_BATCH_SIZE = 1 194 ELASTICSEARCH_SETTINGS_DEFAULT_BULK_INDEXING_TIME_WINDOW_SECONDS = 3600 195 ELASTICSEARCH_SETTINGS_DEFAULT_REQUEST_TIMEOUT_SECONDS = 30 196 197 BLEVE_SETTINGS_DEFAULT_INDEX_DIR = "" 198 BLEVE_SETTINGS_DEFAULT_BULK_INDEXING_TIME_WINDOW_SECONDS = 3600 199 200 DATA_RETENTION_SETTINGS_DEFAULT_MESSAGE_RETENTION_DAYS = 365 201 DATA_RETENTION_SETTINGS_DEFAULT_FILE_RETENTION_DAYS = 365 202 DATA_RETENTION_SETTINGS_DEFAULT_DELETION_JOB_START_TIME = "02:00" 203 204 PLUGIN_SETTINGS_DEFAULT_DIRECTORY = "./plugins" 205 PLUGIN_SETTINGS_DEFAULT_CLIENT_DIRECTORY = "./client/plugins" 206 PLUGIN_SETTINGS_DEFAULT_ENABLE_MARKETPLACE = true 207 PLUGIN_SETTINGS_DEFAULT_MARKETPLACE_URL = "https://api.integrations.mattermost.com" 208 PLUGIN_SETTINGS_OLD_MARKETPLACE_URL = "https://marketplace.integrations.mattermost.com" 209 210 COMPLIANCE_EXPORT_TYPE_CSV = "csv" 211 COMPLIANCE_EXPORT_TYPE_ACTIANCE = "actiance" 212 COMPLIANCE_EXPORT_TYPE_GLOBALRELAY = "globalrelay" 213 COMPLIANCE_EXPORT_TYPE_GLOBALRELAY_ZIP = "globalrelay-zip" 214 GLOBALRELAY_CUSTOMER_TYPE_A9 = "A9" 215 GLOBALRELAY_CUSTOMER_TYPE_A10 = "A10" 216 217 CLIENT_SIDE_CERT_CHECK_PRIMARY_AUTH = "primary" 218 CLIENT_SIDE_CERT_CHECK_SECONDARY_AUTH = "secondary" 219 220 IMAGE_PROXY_TYPE_LOCAL = "local" 221 IMAGE_PROXY_TYPE_ATMOS_CAMO = "atmos/camo" 222 223 GOOGLE_SETTINGS_DEFAULT_SCOPE = "profile email" 224 GOOGLE_SETTINGS_DEFAULT_AUTH_ENDPOINT = "https://accounts.google.com/o/oauth2/v2/auth" 225 GOOGLE_SETTINGS_DEFAULT_TOKEN_ENDPOINT = "https://www.googleapis.com/oauth2/v4/token" 226 GOOGLE_SETTINGS_DEFAULT_USER_API_ENDPOINT = "https://people.googleapis.com/v1/people/me?personFields=names,emailAddresses,nicknames,metadata" 227 228 OFFICE365_SETTINGS_DEFAULT_SCOPE = "User.Read" 229 OFFICE365_SETTINGS_DEFAULT_AUTH_ENDPOINT = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize" 230 OFFICE365_SETTINGS_DEFAULT_TOKEN_ENDPOINT = "https://login.microsoftonline.com/common/oauth2/v2.0/token" 231 OFFICE365_SETTINGS_DEFAULT_USER_API_ENDPOINT = "https://graph.microsoft.com/v1.0/me" 232 233 CLOUD_SETTINGS_DEFAULT_CWS_URL = "https://customers.mattermost.com" 234 OPENID_SETTINGS_DEFAULT_SCOPE = "profile openid email" 235 236 LOCAL_MODE_SOCKET_PATH = "/var/tmp/mattermost_local.socket" 237 ) 238 239 var ServerTLSSupportedCiphers = map[string]uint16{ 240 "TLS_RSA_WITH_RC4_128_SHA": tls.TLS_RSA_WITH_RC4_128_SHA, 241 "TLS_RSA_WITH_3DES_EDE_CBC_SHA": tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, 242 "TLS_RSA_WITH_AES_128_CBC_SHA": tls.TLS_RSA_WITH_AES_128_CBC_SHA, 243 "TLS_RSA_WITH_AES_256_CBC_SHA": tls.TLS_RSA_WITH_AES_256_CBC_SHA, 244 "TLS_RSA_WITH_AES_128_CBC_SHA256": tls.TLS_RSA_WITH_AES_128_CBC_SHA256, 245 "TLS_RSA_WITH_AES_128_GCM_SHA256": tls.TLS_RSA_WITH_AES_128_GCM_SHA256, 246 "TLS_RSA_WITH_AES_256_GCM_SHA384": tls.TLS_RSA_WITH_AES_256_GCM_SHA384, 247 "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA": tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 248 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 249 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA": tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 250 "TLS_ECDHE_RSA_WITH_RC4_128_SHA": tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, 251 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 252 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 253 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 254 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 255 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 256 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 257 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 258 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 259 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 260 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, 261 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 262 } 263 264 type ServiceSettings struct { 265 SiteURL *string `access:"environment,authentication,write_restrictable"` 266 WebsocketURL *string `access:"write_restrictable,cloud_restrictable"` 267 LicenseFileLocation *string `access:"write_restrictable,cloud_restrictable"` 268 ListenAddress *string `access:"environment,write_restrictable,cloud_restrictable"` 269 ConnectionSecurity *string `access:"environment,write_restrictable,cloud_restrictable"` 270 TLSCertFile *string `access:"environment,write_restrictable,cloud_restrictable"` 271 TLSKeyFile *string `access:"environment,write_restrictable,cloud_restrictable"` 272 TLSMinVer *string `access:"write_restrictable,cloud_restrictable"` 273 TLSStrictTransport *bool `access:"write_restrictable,cloud_restrictable"` 274 TLSStrictTransportMaxAge *int64 `access:"write_restrictable,cloud_restrictable"` 275 TLSOverwriteCiphers []string `access:"write_restrictable,cloud_restrictable"` 276 UseLetsEncrypt *bool `access:"environment,write_restrictable,cloud_restrictable"` 277 LetsEncryptCertificateCacheFile *string `access:"environment,write_restrictable,cloud_restrictable"` 278 Forward80To443 *bool `access:"environment,write_restrictable,cloud_restrictable"` 279 TrustedProxyIPHeader []string `access:"write_restrictable,cloud_restrictable"` 280 ReadTimeout *int `access:"environment,write_restrictable,cloud_restrictable"` 281 WriteTimeout *int `access:"environment,write_restrictable,cloud_restrictable"` 282 IdleTimeout *int `access:"write_restrictable,cloud_restrictable"` 283 MaximumLoginAttempts *int `access:"authentication,write_restrictable,cloud_restrictable"` 284 GoroutineHealthThreshold *int `access:"write_restrictable,cloud_restrictable"` 285 GoogleDeveloperKey *string `access:"site,write_restrictable,cloud_restrictable"` 286 EnableOAuthServiceProvider *bool `access:"integrations"` 287 EnableIncomingWebhooks *bool `access:"integrations"` 288 EnableOutgoingWebhooks *bool `access:"integrations"` 289 EnableCommands *bool `access:"integrations"` 290 DEPRECATED_DO_NOT_USE_EnableOnlyAdminIntegrations *bool `json:"EnableOnlyAdminIntegrations" mapstructure:"EnableOnlyAdminIntegrations"` // This field is deprecated and must not be used. 291 EnablePostUsernameOverride *bool `access:"integrations"` 292 EnablePostIconOverride *bool `access:"integrations"` 293 EnableLinkPreviews *bool `access:"site"` 294 EnableTesting *bool `access:"environment,write_restrictable,cloud_restrictable"` 295 EnableDeveloper *bool `access:"environment,write_restrictable,cloud_restrictable"` 296 EnableOpenTracing *bool `access:"write_restrictable,cloud_restrictable"` 297 EnableSecurityFixAlert *bool `access:"environment,write_restrictable,cloud_restrictable"` 298 EnableInsecureOutgoingConnections *bool `access:"environment,write_restrictable,cloud_restrictable"` 299 AllowedUntrustedInternalConnections *string `access:"environment,write_restrictable,cloud_restrictable"` 300 EnableMultifactorAuthentication *bool `access:"authentication"` 301 EnforceMultifactorAuthentication *bool `access:"authentication"` 302 EnableUserAccessTokens *bool `access:"integrations"` 303 AllowCorsFrom *string `access:"integrations,write_restrictable,cloud_restrictable"` 304 CorsExposedHeaders *string `access:"integrations,write_restrictable,cloud_restrictable"` 305 CorsAllowCredentials *bool `access:"integrations,write_restrictable,cloud_restrictable"` 306 CorsDebug *bool `access:"integrations,write_restrictable,cloud_restrictable"` 307 AllowCookiesForSubdomains *bool `access:"write_restrictable,cloud_restrictable"` 308 ExtendSessionLengthWithActivity *bool `access:"environment,write_restrictable,cloud_restrictable"` 309 SessionLengthWebInDays *int `access:"environment,write_restrictable,cloud_restrictable"` 310 SessionLengthMobileInDays *int `access:"environment,write_restrictable,cloud_restrictable"` 311 SessionLengthSSOInDays *int `access:"environment,write_restrictable,cloud_restrictable"` 312 SessionCacheInMinutes *int `access:"environment,write_restrictable,cloud_restrictable"` 313 SessionIdleTimeoutInMinutes *int `access:"environment,write_restrictable,cloud_restrictable"` 314 WebsocketSecurePort *int `access:"write_restrictable,cloud_restrictable"` 315 WebsocketPort *int `access:"write_restrictable,cloud_restrictable"` 316 WebserverMode *string `access:"environment,write_restrictable,cloud_restrictable"` 317 EnableCustomEmoji *bool `access:"site"` 318 EnableEmojiPicker *bool `access:"site"` 319 EnableGifPicker *bool `access:"integrations"` 320 GfycatApiKey *string `access:"integrations"` 321 GfycatApiSecret *string `access:"integrations"` 322 DEPRECATED_DO_NOT_USE_RestrictCustomEmojiCreation *string `json:"RestrictCustomEmojiCreation" mapstructure:"RestrictCustomEmojiCreation"` // This field is deprecated and must not be used. 323 DEPRECATED_DO_NOT_USE_RestrictPostDelete *string `json:"RestrictPostDelete" mapstructure:"RestrictPostDelete"` // This field is deprecated and must not be used. 324 DEPRECATED_DO_NOT_USE_AllowEditPost *string `json:"AllowEditPost" mapstructure:"AllowEditPost"` // This field is deprecated and must not be used. 325 PostEditTimeLimit *int `access:"user_management_permissions"` 326 TimeBetweenUserTypingUpdatesMilliseconds *int64 `access:"experimental,write_restrictable,cloud_restrictable"` 327 EnablePostSearch *bool `access:"write_restrictable,cloud_restrictable"` 328 MinimumHashtagLength *int `access:"environment,write_restrictable,cloud_restrictable"` 329 EnableUserTypingMessages *bool `access:"experimental,write_restrictable,cloud_restrictable"` 330 EnableChannelViewedMessages *bool `access:"experimental,write_restrictable,cloud_restrictable"` 331 EnableUserStatuses *bool `access:"write_restrictable,cloud_restrictable"` 332 ExperimentalEnableAuthenticationTransfer *bool `access:"experimental,write_restrictable,cloud_restrictable"` 333 ClusterLogTimeoutMilliseconds *int `access:"write_restrictable,cloud_restrictable"` 334 CloseUnusedDirectMessages *bool `access:"experimental"` 335 EnablePreviewFeatures *bool `access:"experimental"` 336 EnableTutorial *bool `access:"experimental"` 337 ExperimentalEnableDefaultChannelLeaveJoinMessages *bool `access:"experimental"` 338 ExperimentalGroupUnreadChannels *string `access:"experimental"` 339 ExperimentalChannelOrganization *bool `access:"experimental"` 340 ExperimentalChannelSidebarOrganization *string `access:"experimental"` 341 DEPRECATED_DO_NOT_USE_ImageProxyType *string `json:"ImageProxyType" mapstructure:"ImageProxyType"` // This field is deprecated and must not be used. 342 DEPRECATED_DO_NOT_USE_ImageProxyURL *string `json:"ImageProxyURL" mapstructure:"ImageProxyURL"` // This field is deprecated and must not be used. 343 DEPRECATED_DO_NOT_USE_ImageProxyOptions *string `json:"ImageProxyOptions" mapstructure:"ImageProxyOptions"` // This field is deprecated and must not be used. 344 EnableAPITeamDeletion *bool 345 EnableAPIUserDeletion *bool 346 ExperimentalEnableHardenedMode *bool `access:"experimental"` 347 DisableLegacyMFA *bool `access:"write_restrictable,cloud_restrictable"` 348 ExperimentalStrictCSRFEnforcement *bool `access:"experimental,write_restrictable,cloud_restrictable"` 349 EnableEmailInvitations *bool `access:"authentication"` 350 DisableBotsWhenOwnerIsDeactivated *bool `access:"integrations,write_restrictable,cloud_restrictable"` 351 EnableBotAccountCreation *bool `access:"integrations"` 352 EnableSVGs *bool `access:"site"` 353 EnableLatex *bool `access:"site"` 354 EnableAPIChannelDeletion *bool 355 EnableLocalMode *bool 356 LocalModeSocketLocation *string 357 EnableAWSMetering *bool 358 SplitKey *string `access:"environment,write_restrictable"` 359 FeatureFlagSyncIntervalSeconds *int `access:"environment,write_restrictable"` 360 DebugSplit *bool `access:"environment,write_restrictable"` 361 ThreadAutoFollow *bool `access:"experimental"` 362 CollapsedThreads *string `access:"experimental"` 363 ManagedResourcePaths *string `access:"environment,write_restrictable,cloud_restrictable"` 364 } 365 366 func (s *ServiceSettings) SetDefaults(isUpdate bool) { 367 if s.EnableEmailInvitations == nil { 368 // If the site URL is also not present then assume this is a clean install 369 if s.SiteURL == nil { 370 s.EnableEmailInvitations = NewBool(false) 371 } else { 372 s.EnableEmailInvitations = NewBool(true) 373 } 374 } 375 376 if s.SiteURL == nil { 377 if s.EnableDeveloper != nil && *s.EnableDeveloper { 378 s.SiteURL = NewString(SERVICE_SETTINGS_DEFAULT_SITE_URL) 379 } else { 380 s.SiteURL = NewString("") 381 } 382 } 383 384 if s.WebsocketURL == nil { 385 s.WebsocketURL = NewString("") 386 } 387 388 if s.LicenseFileLocation == nil { 389 s.LicenseFileLocation = NewString("") 390 } 391 392 if s.ListenAddress == nil { 393 s.ListenAddress = NewString(SERVICE_SETTINGS_DEFAULT_LISTEN_AND_ADDRESS) 394 } 395 396 if s.EnableLinkPreviews == nil { 397 s.EnableLinkPreviews = NewBool(true) 398 } 399 400 if s.EnableTesting == nil { 401 s.EnableTesting = NewBool(false) 402 } 403 404 if s.EnableDeveloper == nil { 405 s.EnableDeveloper = NewBool(false) 406 } 407 408 if s.EnableOpenTracing == nil { 409 s.EnableOpenTracing = NewBool(false) 410 } 411 412 if s.EnableSecurityFixAlert == nil { 413 s.EnableSecurityFixAlert = NewBool(true) 414 } 415 416 if s.EnableInsecureOutgoingConnections == nil { 417 s.EnableInsecureOutgoingConnections = NewBool(false) 418 } 419 420 if s.AllowedUntrustedInternalConnections == nil { 421 s.AllowedUntrustedInternalConnections = NewString("") 422 } 423 424 if s.EnableMultifactorAuthentication == nil { 425 s.EnableMultifactorAuthentication = NewBool(false) 426 } 427 428 if s.EnforceMultifactorAuthentication == nil { 429 s.EnforceMultifactorAuthentication = NewBool(false) 430 } 431 432 if s.EnableUserAccessTokens == nil { 433 s.EnableUserAccessTokens = NewBool(false) 434 } 435 436 if s.GoroutineHealthThreshold == nil { 437 s.GoroutineHealthThreshold = NewInt(-1) 438 } 439 440 if s.GoogleDeveloperKey == nil { 441 s.GoogleDeveloperKey = NewString("") 442 } 443 444 if s.EnableOAuthServiceProvider == nil { 445 s.EnableOAuthServiceProvider = NewBool(false) 446 } 447 448 if s.EnableIncomingWebhooks == nil { 449 s.EnableIncomingWebhooks = NewBool(true) 450 } 451 452 if s.EnableOutgoingWebhooks == nil { 453 s.EnableOutgoingWebhooks = NewBool(true) 454 } 455 456 if s.ConnectionSecurity == nil { 457 s.ConnectionSecurity = NewString("") 458 } 459 460 if s.TLSKeyFile == nil { 461 s.TLSKeyFile = NewString(SERVICE_SETTINGS_DEFAULT_TLS_KEY_FILE) 462 } 463 464 if s.TLSCertFile == nil { 465 s.TLSCertFile = NewString(SERVICE_SETTINGS_DEFAULT_TLS_CERT_FILE) 466 } 467 468 if s.TLSMinVer == nil { 469 s.TLSMinVer = NewString("1.2") 470 } 471 472 if s.TLSStrictTransport == nil { 473 s.TLSStrictTransport = NewBool(false) 474 } 475 476 if s.TLSStrictTransportMaxAge == nil { 477 s.TLSStrictTransportMaxAge = NewInt64(63072000) 478 } 479 480 if s.TLSOverwriteCiphers == nil { 481 s.TLSOverwriteCiphers = []string{} 482 } 483 484 if s.UseLetsEncrypt == nil { 485 s.UseLetsEncrypt = NewBool(false) 486 } 487 488 if s.LetsEncryptCertificateCacheFile == nil { 489 s.LetsEncryptCertificateCacheFile = NewString("./config/letsencrypt.cache") 490 } 491 492 if s.ReadTimeout == nil { 493 s.ReadTimeout = NewInt(SERVICE_SETTINGS_DEFAULT_READ_TIMEOUT) 494 } 495 496 if s.WriteTimeout == nil { 497 s.WriteTimeout = NewInt(SERVICE_SETTINGS_DEFAULT_WRITE_TIMEOUT) 498 } 499 500 if s.IdleTimeout == nil { 501 s.IdleTimeout = NewInt(SERVICE_SETTINGS_DEFAULT_IDLE_TIMEOUT) 502 } 503 504 if s.MaximumLoginAttempts == nil { 505 s.MaximumLoginAttempts = NewInt(SERVICE_SETTINGS_DEFAULT_MAX_LOGIN_ATTEMPTS) 506 } 507 508 if s.Forward80To443 == nil { 509 s.Forward80To443 = NewBool(false) 510 } 511 512 if isUpdate { 513 // When updating an existing configuration, ensure that defaults are set. 514 if s.TrustedProxyIPHeader == nil { 515 s.TrustedProxyIPHeader = []string{HEADER_FORWARDED, HEADER_REAL_IP} 516 } 517 } else { 518 // When generating a blank configuration, leave the list empty. 519 s.TrustedProxyIPHeader = []string{} 520 } 521 522 if s.TimeBetweenUserTypingUpdatesMilliseconds == nil { 523 s.TimeBetweenUserTypingUpdatesMilliseconds = NewInt64(5000) 524 } 525 526 if s.EnablePostSearch == nil { 527 s.EnablePostSearch = NewBool(true) 528 } 529 530 if s.MinimumHashtagLength == nil { 531 s.MinimumHashtagLength = NewInt(3) 532 } 533 534 if s.EnableUserTypingMessages == nil { 535 s.EnableUserTypingMessages = NewBool(true) 536 } 537 538 if s.EnableChannelViewedMessages == nil { 539 s.EnableChannelViewedMessages = NewBool(true) 540 } 541 542 if s.EnableUserStatuses == nil { 543 s.EnableUserStatuses = NewBool(true) 544 } 545 546 if s.ClusterLogTimeoutMilliseconds == nil { 547 s.ClusterLogTimeoutMilliseconds = NewInt(2000) 548 } 549 550 if s.CloseUnusedDirectMessages == nil { 551 s.CloseUnusedDirectMessages = NewBool(false) 552 } 553 554 if s.EnableTutorial == nil { 555 s.EnableTutorial = NewBool(true) 556 } 557 558 // Must be manually enabled for existing installations. 559 if s.ExtendSessionLengthWithActivity == nil { 560 s.ExtendSessionLengthWithActivity = NewBool(!isUpdate) 561 } 562 563 if s.SessionLengthWebInDays == nil { 564 if isUpdate { 565 s.SessionLengthWebInDays = NewInt(180) 566 } else { 567 s.SessionLengthWebInDays = NewInt(30) 568 } 569 } 570 571 if s.SessionLengthMobileInDays == nil { 572 if isUpdate { 573 s.SessionLengthMobileInDays = NewInt(180) 574 } else { 575 s.SessionLengthMobileInDays = NewInt(30) 576 } 577 } 578 579 if s.SessionLengthSSOInDays == nil { 580 s.SessionLengthSSOInDays = NewInt(30) 581 } 582 583 if s.SessionCacheInMinutes == nil { 584 s.SessionCacheInMinutes = NewInt(10) 585 } 586 587 if s.SessionIdleTimeoutInMinutes == nil { 588 s.SessionIdleTimeoutInMinutes = NewInt(43200) 589 } 590 591 if s.EnableCommands == nil { 592 s.EnableCommands = NewBool(true) 593 } 594 595 if s.DEPRECATED_DO_NOT_USE_EnableOnlyAdminIntegrations == nil { 596 s.DEPRECATED_DO_NOT_USE_EnableOnlyAdminIntegrations = NewBool(true) 597 } 598 599 if s.EnablePostUsernameOverride == nil { 600 s.EnablePostUsernameOverride = NewBool(false) 601 } 602 603 if s.EnablePostIconOverride == nil { 604 s.EnablePostIconOverride = NewBool(false) 605 } 606 607 if s.WebsocketPort == nil { 608 s.WebsocketPort = NewInt(80) 609 } 610 611 if s.WebsocketSecurePort == nil { 612 s.WebsocketSecurePort = NewInt(443) 613 } 614 615 if s.AllowCorsFrom == nil { 616 s.AllowCorsFrom = NewString(SERVICE_SETTINGS_DEFAULT_ALLOW_CORS_FROM) 617 } 618 619 if s.CorsExposedHeaders == nil { 620 s.CorsExposedHeaders = NewString("") 621 } 622 623 if s.CorsAllowCredentials == nil { 624 s.CorsAllowCredentials = NewBool(false) 625 } 626 627 if s.CorsDebug == nil { 628 s.CorsDebug = NewBool(false) 629 } 630 631 if s.AllowCookiesForSubdomains == nil { 632 s.AllowCookiesForSubdomains = NewBool(false) 633 } 634 635 if s.WebserverMode == nil { 636 s.WebserverMode = NewString("gzip") 637 } else if *s.WebserverMode == "regular" { 638 *s.WebserverMode = "gzip" 639 } 640 641 if s.EnableCustomEmoji == nil { 642 s.EnableCustomEmoji = NewBool(true) 643 } 644 645 if s.EnableEmojiPicker == nil { 646 s.EnableEmojiPicker = NewBool(true) 647 } 648 649 if s.EnableGifPicker == nil { 650 s.EnableGifPicker = NewBool(true) 651 } 652 653 if s.GfycatApiKey == nil || *s.GfycatApiKey == "" { 654 s.GfycatApiKey = NewString(SERVICE_SETTINGS_DEFAULT_GFYCAT_API_KEY) 655 } 656 657 if s.GfycatApiSecret == nil || *s.GfycatApiSecret == "" { 658 s.GfycatApiSecret = NewString(SERVICE_SETTINGS_DEFAULT_GFYCAT_API_SECRET) 659 } 660 661 if s.DEPRECATED_DO_NOT_USE_RestrictCustomEmojiCreation == nil { 662 s.DEPRECATED_DO_NOT_USE_RestrictCustomEmojiCreation = NewString(RESTRICT_EMOJI_CREATION_ALL) 663 } 664 665 if s.DEPRECATED_DO_NOT_USE_RestrictPostDelete == nil { 666 s.DEPRECATED_DO_NOT_USE_RestrictPostDelete = NewString(PERMISSIONS_DELETE_POST_ALL) 667 } 668 669 if s.DEPRECATED_DO_NOT_USE_AllowEditPost == nil { 670 s.DEPRECATED_DO_NOT_USE_AllowEditPost = NewString(ALLOW_EDIT_POST_ALWAYS) 671 } 672 673 if s.ExperimentalEnableAuthenticationTransfer == nil { 674 s.ExperimentalEnableAuthenticationTransfer = NewBool(true) 675 } 676 677 if s.PostEditTimeLimit == nil { 678 s.PostEditTimeLimit = NewInt(-1) 679 } 680 681 if s.EnablePreviewFeatures == nil { 682 s.EnablePreviewFeatures = NewBool(true) 683 } 684 685 if s.ExperimentalEnableDefaultChannelLeaveJoinMessages == nil { 686 s.ExperimentalEnableDefaultChannelLeaveJoinMessages = NewBool(true) 687 } 688 689 if s.ExperimentalGroupUnreadChannels == nil { 690 s.ExperimentalGroupUnreadChannels = NewString(GROUP_UNREAD_CHANNELS_DISABLED) 691 } else if *s.ExperimentalGroupUnreadChannels == "0" { 692 s.ExperimentalGroupUnreadChannels = NewString(GROUP_UNREAD_CHANNELS_DISABLED) 693 } else if *s.ExperimentalGroupUnreadChannels == "1" { 694 s.ExperimentalGroupUnreadChannels = NewString(GROUP_UNREAD_CHANNELS_DEFAULT_ON) 695 } 696 697 if s.ExperimentalChannelOrganization == nil { 698 experimentalUnreadEnabled := *s.ExperimentalGroupUnreadChannels != GROUP_UNREAD_CHANNELS_DISABLED 699 s.ExperimentalChannelOrganization = NewBool(experimentalUnreadEnabled) 700 } 701 702 if s.ExperimentalChannelSidebarOrganization == nil { 703 s.ExperimentalChannelSidebarOrganization = NewString("disabled") 704 } 705 706 if s.DEPRECATED_DO_NOT_USE_ImageProxyType == nil { 707 s.DEPRECATED_DO_NOT_USE_ImageProxyType = NewString("") 708 } 709 710 if s.DEPRECATED_DO_NOT_USE_ImageProxyURL == nil { 711 s.DEPRECATED_DO_NOT_USE_ImageProxyURL = NewString("") 712 } 713 714 if s.DEPRECATED_DO_NOT_USE_ImageProxyOptions == nil { 715 s.DEPRECATED_DO_NOT_USE_ImageProxyOptions = NewString("") 716 } 717 718 if s.EnableAPITeamDeletion == nil { 719 s.EnableAPITeamDeletion = NewBool(false) 720 } 721 722 if s.EnableAPIUserDeletion == nil { 723 s.EnableAPIUserDeletion = NewBool(false) 724 } 725 726 if s.EnableAPIChannelDeletion == nil { 727 s.EnableAPIChannelDeletion = NewBool(false) 728 } 729 730 if s.ExperimentalEnableHardenedMode == nil { 731 s.ExperimentalEnableHardenedMode = NewBool(false) 732 } 733 734 if s.DisableLegacyMFA == nil { 735 s.DisableLegacyMFA = NewBool(!isUpdate) 736 } 737 738 if s.ExperimentalStrictCSRFEnforcement == nil { 739 s.ExperimentalStrictCSRFEnforcement = NewBool(false) 740 } 741 742 if s.DisableBotsWhenOwnerIsDeactivated == nil { 743 s.DisableBotsWhenOwnerIsDeactivated = NewBool(true) 744 } 745 746 if s.EnableBotAccountCreation == nil { 747 s.EnableBotAccountCreation = NewBool(false) 748 } 749 750 if s.EnableSVGs == nil { 751 if isUpdate { 752 s.EnableSVGs = NewBool(true) 753 } else { 754 s.EnableSVGs = NewBool(false) 755 } 756 } 757 758 if s.EnableLatex == nil { 759 if isUpdate { 760 s.EnableLatex = NewBool(true) 761 } else { 762 s.EnableLatex = NewBool(false) 763 } 764 } 765 766 if s.EnableLocalMode == nil { 767 s.EnableLocalMode = NewBool(false) 768 } 769 770 if s.LocalModeSocketLocation == nil { 771 s.LocalModeSocketLocation = NewString(LOCAL_MODE_SOCKET_PATH) 772 } 773 774 if s.EnableAWSMetering == nil { 775 s.EnableAWSMetering = NewBool(false) 776 } 777 778 if s.SplitKey == nil { 779 s.SplitKey = NewString("") 780 } 781 782 if s.FeatureFlagSyncIntervalSeconds == nil { 783 s.FeatureFlagSyncIntervalSeconds = NewInt(30) 784 } 785 786 if s.DebugSplit == nil { 787 s.DebugSplit = NewBool(false) 788 } 789 790 if s.ThreadAutoFollow == nil { 791 s.ThreadAutoFollow = NewBool(true) 792 } 793 794 if s.CollapsedThreads == nil { 795 s.CollapsedThreads = NewString(COLLAPSED_THREADS_DISABLED) 796 } 797 798 if s.ManagedResourcePaths == nil { 799 s.ManagedResourcePaths = NewString("") 800 } 801 } 802 803 type ClusterSettings struct { 804 Enable *bool `access:"environment,write_restrictable"` 805 ClusterName *string `access:"environment,write_restrictable,cloud_restrictable"` 806 OverrideHostname *string `access:"environment,write_restrictable,cloud_restrictable"` 807 NetworkInterface *string `access:"environment,write_restrictable,cloud_restrictable"` 808 BindAddress *string `access:"environment,write_restrictable,cloud_restrictable"` 809 AdvertiseAddress *string `access:"environment,write_restrictable,cloud_restrictable"` 810 UseIpAddress *bool `access:"environment,write_restrictable,cloud_restrictable"` 811 UseExperimentalGossip *bool `access:"environment,write_restrictable,cloud_restrictable"` 812 EnableExperimentalGossipEncryption *bool `access:"environment,write_restrictable,cloud_restrictable"` 813 ReadOnlyConfig *bool `access:"environment,write_restrictable,cloud_restrictable"` 814 GossipPort *int `access:"environment,write_restrictable,cloud_restrictable"` 815 StreamingPort *int `access:"environment,write_restrictable,cloud_restrictable"` 816 MaxIdleConns *int `access:"environment,write_restrictable,cloud_restrictable"` 817 MaxIdleConnsPerHost *int `access:"environment,write_restrictable,cloud_restrictable"` 818 IdleConnTimeoutMilliseconds *int `access:"environment,write_restrictable,cloud_restrictable"` 819 } 820 821 func (s *ClusterSettings) SetDefaults() { 822 if s.Enable == nil { 823 s.Enable = NewBool(false) 824 } 825 826 if s.ClusterName == nil { 827 s.ClusterName = NewString("") 828 } 829 830 if s.OverrideHostname == nil { 831 s.OverrideHostname = NewString("") 832 } 833 834 if s.NetworkInterface == nil { 835 s.NetworkInterface = NewString("") 836 } 837 838 if s.BindAddress == nil { 839 s.BindAddress = NewString("") 840 } 841 842 if s.AdvertiseAddress == nil { 843 s.AdvertiseAddress = NewString("") 844 } 845 846 if s.UseIpAddress == nil { 847 s.UseIpAddress = NewBool(true) 848 } 849 850 if s.UseExperimentalGossip == nil { 851 s.UseExperimentalGossip = NewBool(false) 852 } 853 854 if s.EnableExperimentalGossipEncryption == nil { 855 s.EnableExperimentalGossipEncryption = NewBool(false) 856 } 857 858 if s.ReadOnlyConfig == nil { 859 s.ReadOnlyConfig = NewBool(true) 860 } 861 862 if s.GossipPort == nil { 863 s.GossipPort = NewInt(8074) 864 } 865 866 if s.StreamingPort == nil { 867 s.StreamingPort = NewInt(8075) 868 } 869 870 if s.MaxIdleConns == nil { 871 s.MaxIdleConns = NewInt(100) 872 } 873 874 if s.MaxIdleConnsPerHost == nil { 875 s.MaxIdleConnsPerHost = NewInt(128) 876 } 877 878 if s.IdleConnTimeoutMilliseconds == nil { 879 s.IdleConnTimeoutMilliseconds = NewInt(90000) 880 } 881 } 882 883 type MetricsSettings struct { 884 Enable *bool `access:"environment,write_restrictable,cloud_restrictable"` 885 BlockProfileRate *int `access:"environment,write_restrictable,cloud_restrictable"` 886 ListenAddress *string `access:"environment,write_restrictable,cloud_restrictable"` 887 } 888 889 func (s *MetricsSettings) SetDefaults() { 890 if s.ListenAddress == nil { 891 s.ListenAddress = NewString(":8067") 892 } 893 894 if s.Enable == nil { 895 s.Enable = NewBool(false) 896 } 897 898 if s.BlockProfileRate == nil { 899 s.BlockProfileRate = NewInt(0) 900 } 901 } 902 903 type ExperimentalSettings struct { 904 ClientSideCertEnable *bool `access:"experimental,cloud_restrictable"` 905 ClientSideCertCheck *string `access:"experimental,cloud_restrictable"` 906 EnableClickToReply *bool `access:"experimental,write_restrictable,cloud_restrictable"` 907 LinkMetadataTimeoutMilliseconds *int64 `access:"experimental,write_restrictable,cloud_restrictable"` 908 RestrictSystemAdmin *bool `access:"experimental,write_restrictable"` 909 UseNewSAMLLibrary *bool `access:"experimental,cloud_restrictable"` 910 CloudUserLimit *int64 `access:"experimental,write_restrictable"` 911 CloudBilling *bool `access:"experimental,write_restrictable"` 912 EnableSharedChannels *bool `access:"experimental"` 913 } 914 915 func (s *ExperimentalSettings) SetDefaults() { 916 if s.ClientSideCertEnable == nil { 917 s.ClientSideCertEnable = NewBool(false) 918 } 919 920 if s.ClientSideCertCheck == nil { 921 s.ClientSideCertCheck = NewString(CLIENT_SIDE_CERT_CHECK_SECONDARY_AUTH) 922 } 923 924 if s.EnableClickToReply == nil { 925 s.EnableClickToReply = NewBool(false) 926 } 927 928 if s.LinkMetadataTimeoutMilliseconds == nil { 929 s.LinkMetadataTimeoutMilliseconds = NewInt64(EXPERIMENTAL_SETTINGS_DEFAULT_LINK_METADATA_TIMEOUT_MILLISECONDS) 930 } 931 932 if s.RestrictSystemAdmin == nil { 933 s.RestrictSystemAdmin = NewBool(false) 934 } 935 936 if s.CloudUserLimit == nil { 937 // User limit 0 is treated as no limit 938 s.CloudUserLimit = NewInt64(0) 939 } 940 941 if s.CloudBilling == nil { 942 s.CloudBilling = NewBool(false) 943 } 944 945 if s.UseNewSAMLLibrary == nil { 946 s.UseNewSAMLLibrary = NewBool(false) 947 } 948 949 if s.EnableSharedChannels == nil { 950 s.EnableSharedChannels = NewBool(false) 951 } 952 } 953 954 type AnalyticsSettings struct { 955 MaxUsersForStatistics *int `access:"write_restrictable,cloud_restrictable"` 956 } 957 958 func (s *AnalyticsSettings) SetDefaults() { 959 if s.MaxUsersForStatistics == nil { 960 s.MaxUsersForStatistics = NewInt(ANALYTICS_SETTINGS_DEFAULT_MAX_USERS_FOR_STATISTICS) 961 } 962 } 963 964 type SSOSettings struct { 965 Enable *bool `access:"authentication"` 966 Secret *string `access:"authentication"` 967 Id *string `access:"authentication"` 968 Scope *string `access:"authentication"` 969 AuthEndpoint *string `access:"authentication"` 970 TokenEndpoint *string `access:"authentication"` 971 UserApiEndpoint *string `access:"authentication"` 972 DiscoveryEndpoint *string `access:"authentication"` 973 ButtonText *string `access:"authentication"` 974 ButtonColor *string `access:"authentication"` 975 } 976 977 func (s *SSOSettings) setDefaults(scope, authEndpoint, tokenEndpoint, userApiEndpoint, buttonColor string) { 978 if s.Enable == nil { 979 s.Enable = NewBool(false) 980 } 981 982 if s.Secret == nil { 983 s.Secret = NewString("") 984 } 985 986 if s.Id == nil { 987 s.Id = NewString("") 988 } 989 990 if s.Scope == nil { 991 s.Scope = NewString(scope) 992 } 993 994 if s.DiscoveryEndpoint == nil { 995 s.DiscoveryEndpoint = NewString("") 996 } 997 998 if s.AuthEndpoint == nil { 999 s.AuthEndpoint = NewString(authEndpoint) 1000 } 1001 1002 if s.TokenEndpoint == nil { 1003 s.TokenEndpoint = NewString(tokenEndpoint) 1004 } 1005 1006 if s.UserApiEndpoint == nil { 1007 s.UserApiEndpoint = NewString(userApiEndpoint) 1008 } 1009 1010 if s.ButtonText == nil { 1011 s.ButtonText = NewString("") 1012 } 1013 1014 if s.ButtonColor == nil { 1015 s.ButtonColor = NewString(buttonColor) 1016 } 1017 } 1018 1019 type Office365Settings struct { 1020 Enable *bool `access:"authentication"` 1021 Secret *string `access:"authentication"` 1022 Id *string `access:"authentication"` 1023 Scope *string `access:"authentication"` 1024 AuthEndpoint *string `access:"authentication"` 1025 TokenEndpoint *string `access:"authentication"` 1026 UserApiEndpoint *string `access:"authentication"` 1027 DiscoveryEndpoint *string `access:"authentication"` 1028 DirectoryId *string `access:"authentication"` 1029 } 1030 1031 func (s *Office365Settings) setDefaults() { 1032 if s.Enable == nil { 1033 s.Enable = NewBool(false) 1034 } 1035 1036 if s.Id == nil { 1037 s.Id = NewString("") 1038 } 1039 1040 if s.Secret == nil { 1041 s.Secret = NewString("") 1042 } 1043 1044 if s.Scope == nil { 1045 s.Scope = NewString(OFFICE365_SETTINGS_DEFAULT_SCOPE) 1046 } 1047 1048 if s.DiscoveryEndpoint == nil { 1049 s.DiscoveryEndpoint = NewString("") 1050 } 1051 1052 if s.AuthEndpoint == nil { 1053 s.AuthEndpoint = NewString(OFFICE365_SETTINGS_DEFAULT_AUTH_ENDPOINT) 1054 } 1055 1056 if s.TokenEndpoint == nil { 1057 s.TokenEndpoint = NewString(OFFICE365_SETTINGS_DEFAULT_TOKEN_ENDPOINT) 1058 } 1059 1060 if s.UserApiEndpoint == nil { 1061 s.UserApiEndpoint = NewString(OFFICE365_SETTINGS_DEFAULT_USER_API_ENDPOINT) 1062 } 1063 1064 if s.DirectoryId == nil { 1065 s.DirectoryId = NewString("") 1066 } 1067 } 1068 1069 func (s *Office365Settings) SSOSettings() *SSOSettings { 1070 ssoSettings := SSOSettings{} 1071 ssoSettings.Enable = s.Enable 1072 ssoSettings.Secret = s.Secret 1073 ssoSettings.Id = s.Id 1074 ssoSettings.Scope = s.Scope 1075 ssoSettings.DiscoveryEndpoint = s.DiscoveryEndpoint 1076 ssoSettings.AuthEndpoint = s.AuthEndpoint 1077 ssoSettings.TokenEndpoint = s.TokenEndpoint 1078 ssoSettings.UserApiEndpoint = s.UserApiEndpoint 1079 return &ssoSettings 1080 } 1081 1082 type SqlSettings struct { 1083 DriverName *string `access:"environment,write_restrictable,cloud_restrictable"` 1084 DataSource *string `access:"environment,write_restrictable,cloud_restrictable"` 1085 DataSourceReplicas []string `access:"environment,write_restrictable,cloud_restrictable"` 1086 DataSourceSearchReplicas []string `access:"environment,write_restrictable,cloud_restrictable"` 1087 MaxIdleConns *int `access:"environment,write_restrictable,cloud_restrictable"` 1088 ConnMaxLifetimeMilliseconds *int `access:"environment,write_restrictable,cloud_restrictable"` 1089 MaxOpenConns *int `access:"environment,write_restrictable,cloud_restrictable"` 1090 Trace *bool `access:"environment,write_restrictable,cloud_restrictable"` 1091 AtRestEncryptKey *string `access:"environment,write_restrictable,cloud_restrictable"` 1092 QueryTimeout *int `access:"environment,write_restrictable,cloud_restrictable"` 1093 DisableDatabaseSearch *bool `access:"environment,write_restrictable,cloud_restrictable"` 1094 } 1095 1096 func (s *SqlSettings) SetDefaults(isUpdate bool) { 1097 if s.DriverName == nil { 1098 s.DriverName = NewString(DATABASE_DRIVER_POSTGRES) 1099 } 1100 1101 if s.DataSource == nil { 1102 s.DataSource = NewString(SQL_SETTINGS_DEFAULT_DATA_SOURCE) 1103 } 1104 1105 if s.DataSourceReplicas == nil { 1106 s.DataSourceReplicas = []string{} 1107 } 1108 1109 if s.DataSourceSearchReplicas == nil { 1110 s.DataSourceSearchReplicas = []string{} 1111 } 1112 1113 if isUpdate { 1114 // When updating an existing configuration, ensure an encryption key has been specified. 1115 if s.AtRestEncryptKey == nil || len(*s.AtRestEncryptKey) == 0 { 1116 s.AtRestEncryptKey = NewString(NewRandomString(32)) 1117 } 1118 } else { 1119 // When generating a blank configuration, leave this key empty to be generated on server start. 1120 s.AtRestEncryptKey = NewString("") 1121 } 1122 1123 if s.MaxIdleConns == nil { 1124 s.MaxIdleConns = NewInt(20) 1125 } 1126 1127 if s.MaxOpenConns == nil { 1128 s.MaxOpenConns = NewInt(300) 1129 } 1130 1131 if s.ConnMaxLifetimeMilliseconds == nil { 1132 s.ConnMaxLifetimeMilliseconds = NewInt(3600000) 1133 } 1134 1135 if s.Trace == nil { 1136 s.Trace = NewBool(false) 1137 } 1138 1139 if s.QueryTimeout == nil { 1140 s.QueryTimeout = NewInt(30) 1141 } 1142 1143 if s.DisableDatabaseSearch == nil { 1144 s.DisableDatabaseSearch = NewBool(false) 1145 } 1146 } 1147 1148 type LogSettings struct { 1149 EnableConsole *bool `access:"environment,write_restrictable,cloud_restrictable"` 1150 ConsoleLevel *string `access:"environment,write_restrictable,cloud_restrictable"` 1151 ConsoleJson *bool `access:"environment,write_restrictable,cloud_restrictable"` 1152 EnableFile *bool `access:"environment,write_restrictable,cloud_restrictable"` 1153 FileLevel *string `access:"environment,write_restrictable,cloud_restrictable"` 1154 FileJson *bool `access:"environment,write_restrictable,cloud_restrictable"` 1155 FileLocation *string `access:"environment,write_restrictable,cloud_restrictable"` 1156 EnableWebhookDebugging *bool `access:"environment,write_restrictable,cloud_restrictable"` 1157 EnableDiagnostics *bool `access:"environment,write_restrictable,cloud_restrictable"` 1158 EnableSentry *bool `access:"environment,write_restrictable,cloud_restrictable"` 1159 AdvancedLoggingConfig *string `access:"environment,write_restrictable,cloud_restrictable"` 1160 } 1161 1162 func (s *LogSettings) SetDefaults() { 1163 if s.EnableConsole == nil { 1164 s.EnableConsole = NewBool(true) 1165 } 1166 1167 if s.ConsoleLevel == nil { 1168 s.ConsoleLevel = NewString("DEBUG") 1169 } 1170 1171 if s.EnableFile == nil { 1172 s.EnableFile = NewBool(true) 1173 } 1174 1175 if s.FileLevel == nil { 1176 s.FileLevel = NewString("INFO") 1177 } 1178 1179 if s.FileLocation == nil { 1180 s.FileLocation = NewString("") 1181 } 1182 1183 if s.EnableWebhookDebugging == nil { 1184 s.EnableWebhookDebugging = NewBool(true) 1185 } 1186 1187 if s.EnableDiagnostics == nil { 1188 s.EnableDiagnostics = NewBool(true) 1189 } 1190 1191 if s.EnableSentry == nil { 1192 s.EnableSentry = NewBool(*s.EnableDiagnostics) 1193 } 1194 1195 if s.ConsoleJson == nil { 1196 s.ConsoleJson = NewBool(true) 1197 } 1198 1199 if s.FileJson == nil { 1200 s.FileJson = NewBool(true) 1201 } 1202 1203 if s.AdvancedLoggingConfig == nil { 1204 s.AdvancedLoggingConfig = NewString("") 1205 } 1206 } 1207 1208 type ExperimentalAuditSettings struct { 1209 FileEnabled *bool `access:"experimental,write_restrictable,cloud_restrictable"` 1210 FileName *string `access:"experimental,write_restrictable,cloud_restrictable"` 1211 FileMaxSizeMB *int `access:"experimental,write_restrictable,cloud_restrictable"` 1212 FileMaxAgeDays *int `access:"experimental,write_restrictable,cloud_restrictable"` 1213 FileMaxBackups *int `access:"experimental,write_restrictable,cloud_restrictable"` 1214 FileCompress *bool `access:"experimental,write_restrictable,cloud_restrictable"` 1215 FileMaxQueueSize *int `access:"experimental,write_restrictable,cloud_restrictable"` 1216 AdvancedLoggingConfig *string `access:"experimental,write_restrictable,cloud_restrictable"` 1217 } 1218 1219 func (s *ExperimentalAuditSettings) SetDefaults() { 1220 if s.FileEnabled == nil { 1221 s.FileEnabled = NewBool(false) 1222 } 1223 1224 if s.FileName == nil { 1225 s.FileName = NewString("") 1226 } 1227 1228 if s.FileMaxSizeMB == nil { 1229 s.FileMaxSizeMB = NewInt(100) 1230 } 1231 1232 if s.FileMaxAgeDays == nil { 1233 s.FileMaxAgeDays = NewInt(0) // no limit on age 1234 } 1235 1236 if s.FileMaxBackups == nil { // no limit on number of backups 1237 s.FileMaxBackups = NewInt(0) 1238 } 1239 1240 if s.FileCompress == nil { 1241 s.FileCompress = NewBool(false) 1242 } 1243 1244 if s.FileMaxQueueSize == nil { 1245 s.FileMaxQueueSize = NewInt(1000) 1246 } 1247 1248 if s.AdvancedLoggingConfig == nil { 1249 s.AdvancedLoggingConfig = NewString("") 1250 } 1251 } 1252 1253 type NotificationLogSettings struct { 1254 EnableConsole *bool `access:"write_restrictable,cloud_restrictable"` 1255 ConsoleLevel *string `access:"write_restrictable,cloud_restrictable"` 1256 ConsoleJson *bool `access:"write_restrictable,cloud_restrictable"` 1257 EnableFile *bool `access:"write_restrictable,cloud_restrictable"` 1258 FileLevel *string `access:"write_restrictable,cloud_restrictable"` 1259 FileJson *bool `access:"write_restrictable,cloud_restrictable"` 1260 FileLocation *string `access:"write_restrictable,cloud_restrictable"` 1261 AdvancedLoggingConfig *string `access:"write_restrictable,cloud_restrictable"` 1262 } 1263 1264 func (s *NotificationLogSettings) SetDefaults() { 1265 if s.EnableConsole == nil { 1266 s.EnableConsole = NewBool(true) 1267 } 1268 1269 if s.ConsoleLevel == nil { 1270 s.ConsoleLevel = NewString("DEBUG") 1271 } 1272 1273 if s.EnableFile == nil { 1274 s.EnableFile = NewBool(true) 1275 } 1276 1277 if s.FileLevel == nil { 1278 s.FileLevel = NewString("INFO") 1279 } 1280 1281 if s.FileLocation == nil { 1282 s.FileLocation = NewString("") 1283 } 1284 1285 if s.ConsoleJson == nil { 1286 s.ConsoleJson = NewBool(true) 1287 } 1288 1289 if s.FileJson == nil { 1290 s.FileJson = NewBool(true) 1291 } 1292 1293 if s.AdvancedLoggingConfig == nil { 1294 s.AdvancedLoggingConfig = NewString("") 1295 } 1296 } 1297 1298 type PasswordSettings struct { 1299 MinimumLength *int `access:"authentication"` 1300 Lowercase *bool `access:"authentication"` 1301 Number *bool `access:"authentication"` 1302 Uppercase *bool `access:"authentication"` 1303 Symbol *bool `access:"authentication"` 1304 } 1305 1306 func (s *PasswordSettings) SetDefaults() { 1307 if s.MinimumLength == nil { 1308 s.MinimumLength = NewInt(10) 1309 } 1310 1311 if s.Lowercase == nil { 1312 s.Lowercase = NewBool(true) 1313 } 1314 1315 if s.Number == nil { 1316 s.Number = NewBool(true) 1317 } 1318 1319 if s.Uppercase == nil { 1320 s.Uppercase = NewBool(true) 1321 } 1322 1323 if s.Symbol == nil { 1324 s.Symbol = NewBool(true) 1325 } 1326 } 1327 1328 type FileSettings struct { 1329 EnableFileAttachments *bool `access:"site,cloud_restrictable"` 1330 EnableMobileUpload *bool `access:"site,cloud_restrictable"` 1331 EnableMobileDownload *bool `access:"site,cloud_restrictable"` 1332 MaxFileSize *int64 `access:"environment,cloud_restrictable"` 1333 DriverName *string `access:"environment,write_restrictable,cloud_restrictable"` 1334 Directory *string `access:"environment,write_restrictable,cloud_restrictable"` 1335 EnablePublicLink *bool `access:"site,cloud_restrictable"` 1336 PublicLinkSalt *string `access:"site,cloud_restrictable"` 1337 InitialFont *string `access:"environment,cloud_restrictable"` 1338 AmazonS3AccessKeyId *string `access:"environment,write_restrictable,cloud_restrictable"` 1339 AmazonS3SecretAccessKey *string `access:"environment,write_restrictable,cloud_restrictable"` 1340 AmazonS3Bucket *string `access:"environment,write_restrictable,cloud_restrictable"` 1341 AmazonS3PathPrefix *string `access:"environment,write_restrictable,cloud_restrictable"` 1342 AmazonS3Region *string `access:"environment,write_restrictable,cloud_restrictable"` 1343 AmazonS3Endpoint *string `access:"environment,write_restrictable,cloud_restrictable"` 1344 AmazonS3SSL *bool `access:"environment,write_restrictable,cloud_restrictable"` 1345 AmazonS3SignV2 *bool `access:"environment,write_restrictable,cloud_restrictable"` 1346 AmazonS3SSE *bool `access:"environment,write_restrictable,cloud_restrictable"` 1347 AmazonS3Trace *bool `access:"environment,write_restrictable,cloud_restrictable"` 1348 } 1349 1350 func (s *FileSettings) SetDefaults(isUpdate bool) { 1351 if s.EnableFileAttachments == nil { 1352 s.EnableFileAttachments = NewBool(true) 1353 } 1354 1355 if s.EnableMobileUpload == nil { 1356 s.EnableMobileUpload = NewBool(true) 1357 } 1358 1359 if s.EnableMobileDownload == nil { 1360 s.EnableMobileDownload = NewBool(true) 1361 } 1362 1363 if s.MaxFileSize == nil { 1364 s.MaxFileSize = NewInt64(52428800) // 50 MB 1365 } 1366 1367 if s.DriverName == nil { 1368 s.DriverName = NewString(IMAGE_DRIVER_LOCAL) 1369 } 1370 1371 if s.Directory == nil || *s.Directory == "" { 1372 s.Directory = NewString(FILE_SETTINGS_DEFAULT_DIRECTORY) 1373 } 1374 1375 if s.EnablePublicLink == nil { 1376 s.EnablePublicLink = NewBool(false) 1377 } 1378 1379 if isUpdate { 1380 // When updating an existing configuration, ensure link salt has been specified. 1381 if s.PublicLinkSalt == nil || len(*s.PublicLinkSalt) == 0 { 1382 s.PublicLinkSalt = NewString(NewRandomString(32)) 1383 } 1384 } else { 1385 // When generating a blank configuration, leave link salt empty to be generated on server start. 1386 s.PublicLinkSalt = NewString("") 1387 } 1388 1389 if s.InitialFont == nil { 1390 // Defaults to "nunito-bold.ttf" 1391 s.InitialFont = NewString("nunito-bold.ttf") 1392 } 1393 1394 if s.AmazonS3AccessKeyId == nil { 1395 s.AmazonS3AccessKeyId = NewString("") 1396 } 1397 1398 if s.AmazonS3SecretAccessKey == nil { 1399 s.AmazonS3SecretAccessKey = NewString("") 1400 } 1401 1402 if s.AmazonS3Bucket == nil { 1403 s.AmazonS3Bucket = NewString("") 1404 } 1405 1406 if s.AmazonS3PathPrefix == nil { 1407 s.AmazonS3PathPrefix = NewString("") 1408 } 1409 1410 if s.AmazonS3Region == nil { 1411 s.AmazonS3Region = NewString("") 1412 } 1413 1414 if s.AmazonS3Endpoint == nil || len(*s.AmazonS3Endpoint) == 0 { 1415 // Defaults to "s3.amazonaws.com" 1416 s.AmazonS3Endpoint = NewString("s3.amazonaws.com") 1417 } 1418 1419 if s.AmazonS3SSL == nil { 1420 s.AmazonS3SSL = NewBool(true) // Secure by default. 1421 } 1422 1423 if s.AmazonS3SignV2 == nil { 1424 s.AmazonS3SignV2 = new(bool) 1425 // Signature v2 is not enabled by default. 1426 } 1427 1428 if s.AmazonS3SSE == nil { 1429 s.AmazonS3SSE = NewBool(false) // Not Encrypted by default. 1430 } 1431 1432 if s.AmazonS3Trace == nil { 1433 s.AmazonS3Trace = NewBool(false) 1434 } 1435 } 1436 1437 type EmailSettings struct { 1438 EnableSignUpWithEmail *bool `access:"authentication"` 1439 EnableSignInWithEmail *bool `access:"authentication"` 1440 EnableSignInWithUsername *bool `access:"authentication"` 1441 SendEmailNotifications *bool `access:"site"` 1442 UseChannelInEmailNotifications *bool `access:"experimental"` 1443 RequireEmailVerification *bool `access:"authentication"` 1444 FeedbackName *string `access:"site"` 1445 FeedbackEmail *string `access:"site,cloud_restrictable"` 1446 ReplyToAddress *string `access:"site,cloud_restrictable"` 1447 FeedbackOrganization *string `access:"site"` 1448 EnableSMTPAuth *bool `access:"environment,write_restrictable,cloud_restrictable"` 1449 SMTPUsername *string `access:"environment,write_restrictable,cloud_restrictable"` 1450 SMTPPassword *string `access:"environment,write_restrictable,cloud_restrictable"` 1451 SMTPServer *string `access:"environment,write_restrictable,cloud_restrictable"` 1452 SMTPPort *string `access:"environment,write_restrictable,cloud_restrictable"` 1453 SMTPServerTimeout *int `access:"cloud_restrictable"` 1454 ConnectionSecurity *string `access:"environment,write_restrictable,cloud_restrictable"` 1455 SendPushNotifications *bool `access:"environment"` 1456 PushNotificationServer *string `access:"environment"` 1457 PushNotificationContents *string `access:"site"` 1458 PushNotificationBuffer *int 1459 EnableEmailBatching *bool `access:"site"` 1460 EmailBatchingBufferSize *int `access:"experimental"` 1461 EmailBatchingInterval *int `access:"experimental"` 1462 EnablePreviewModeBanner *bool `access:"site"` 1463 SkipServerCertificateVerification *bool `access:"environment,write_restrictable,cloud_restrictable"` 1464 EmailNotificationContentsType *string `access:"site"` 1465 LoginButtonColor *string `access:"experimental"` 1466 LoginButtonBorderColor *string `access:"experimental"` 1467 LoginButtonTextColor *string `access:"experimental"` 1468 } 1469 1470 func (s *EmailSettings) SetDefaults(isUpdate bool) { 1471 if s.EnableSignUpWithEmail == nil { 1472 s.EnableSignUpWithEmail = NewBool(true) 1473 } 1474 1475 if s.EnableSignInWithEmail == nil { 1476 s.EnableSignInWithEmail = NewBool(*s.EnableSignUpWithEmail) 1477 } 1478 1479 if s.EnableSignInWithUsername == nil { 1480 s.EnableSignInWithUsername = NewBool(true) 1481 } 1482 1483 if s.SendEmailNotifications == nil { 1484 s.SendEmailNotifications = NewBool(true) 1485 } 1486 1487 if s.UseChannelInEmailNotifications == nil { 1488 s.UseChannelInEmailNotifications = NewBool(false) 1489 } 1490 1491 if s.RequireEmailVerification == nil { 1492 s.RequireEmailVerification = NewBool(false) 1493 } 1494 1495 if s.FeedbackName == nil { 1496 s.FeedbackName = NewString("") 1497 } 1498 1499 if s.FeedbackEmail == nil { 1500 s.FeedbackEmail = NewString("test@example.com") 1501 } 1502 1503 if s.ReplyToAddress == nil { 1504 s.ReplyToAddress = NewString("test@example.com") 1505 } 1506 1507 if s.FeedbackOrganization == nil { 1508 s.FeedbackOrganization = NewString(EMAIL_SETTINGS_DEFAULT_FEEDBACK_ORGANIZATION) 1509 } 1510 1511 if s.EnableSMTPAuth == nil { 1512 if s.ConnectionSecurity == nil || *s.ConnectionSecurity == CONN_SECURITY_NONE { 1513 s.EnableSMTPAuth = NewBool(false) 1514 } else { 1515 s.EnableSMTPAuth = NewBool(true) 1516 } 1517 } 1518 1519 if s.SMTPUsername == nil { 1520 s.SMTPUsername = NewString("") 1521 } 1522 1523 if s.SMTPPassword == nil { 1524 s.SMTPPassword = NewString("") 1525 } 1526 1527 if s.SMTPServer == nil || len(*s.SMTPServer) == 0 { 1528 s.SMTPServer = NewString("localhost") 1529 } 1530 1531 if s.SMTPPort == nil || len(*s.SMTPPort) == 0 { 1532 s.SMTPPort = NewString("10025") 1533 } 1534 1535 if s.SMTPServerTimeout == nil || *s.SMTPServerTimeout == 0 { 1536 s.SMTPServerTimeout = NewInt(10) 1537 } 1538 1539 if s.ConnectionSecurity == nil || *s.ConnectionSecurity == CONN_SECURITY_PLAIN { 1540 s.ConnectionSecurity = NewString(CONN_SECURITY_NONE) 1541 } 1542 1543 if s.SendPushNotifications == nil { 1544 s.SendPushNotifications = NewBool(!isUpdate) 1545 } 1546 1547 if s.PushNotificationServer == nil { 1548 if isUpdate { 1549 s.PushNotificationServer = NewString("") 1550 } else { 1551 s.PushNotificationServer = NewString(GENERIC_NOTIFICATION_SERVER) 1552 } 1553 } 1554 1555 if s.PushNotificationContents == nil { 1556 s.PushNotificationContents = NewString(FULL_NOTIFICATION) 1557 } 1558 1559 if s.PushNotificationBuffer == nil { 1560 s.PushNotificationBuffer = NewInt(1000) 1561 } 1562 1563 if s.EnableEmailBatching == nil { 1564 s.EnableEmailBatching = NewBool(false) 1565 } 1566 1567 if s.EmailBatchingBufferSize == nil { 1568 s.EmailBatchingBufferSize = NewInt(EMAIL_BATCHING_BUFFER_SIZE) 1569 } 1570 1571 if s.EmailBatchingInterval == nil { 1572 s.EmailBatchingInterval = NewInt(EMAIL_BATCHING_INTERVAL) 1573 } 1574 1575 if s.EnablePreviewModeBanner == nil { 1576 s.EnablePreviewModeBanner = NewBool(true) 1577 } 1578 1579 if s.EnableSMTPAuth == nil { 1580 if *s.ConnectionSecurity == CONN_SECURITY_NONE { 1581 s.EnableSMTPAuth = NewBool(false) 1582 } else { 1583 s.EnableSMTPAuth = NewBool(true) 1584 } 1585 } 1586 1587 if *s.ConnectionSecurity == CONN_SECURITY_PLAIN { 1588 *s.ConnectionSecurity = CONN_SECURITY_NONE 1589 } 1590 1591 if s.SkipServerCertificateVerification == nil { 1592 s.SkipServerCertificateVerification = NewBool(false) 1593 } 1594 1595 if s.EmailNotificationContentsType == nil { 1596 s.EmailNotificationContentsType = NewString(EMAIL_NOTIFICATION_CONTENTS_FULL) 1597 } 1598 1599 if s.LoginButtonColor == nil { 1600 s.LoginButtonColor = NewString("#0000") 1601 } 1602 1603 if s.LoginButtonBorderColor == nil { 1604 s.LoginButtonBorderColor = NewString("#2389D7") 1605 } 1606 1607 if s.LoginButtonTextColor == nil { 1608 s.LoginButtonTextColor = NewString("#2389D7") 1609 } 1610 } 1611 1612 type RateLimitSettings struct { 1613 Enable *bool `access:"environment,write_restrictable,cloud_restrictable"` 1614 PerSec *int `access:"environment,write_restrictable,cloud_restrictable"` 1615 MaxBurst *int `access:"environment,write_restrictable,cloud_restrictable"` 1616 MemoryStoreSize *int `access:"environment,write_restrictable,cloud_restrictable"` 1617 VaryByRemoteAddr *bool `access:"environment,write_restrictable,cloud_restrictable"` 1618 VaryByUser *bool `access:"environment,write_restrictable,cloud_restrictable"` 1619 VaryByHeader string `access:"environment,write_restrictable,cloud_restrictable"` 1620 } 1621 1622 func (s *RateLimitSettings) SetDefaults() { 1623 if s.Enable == nil { 1624 s.Enable = NewBool(false) 1625 } 1626 1627 if s.PerSec == nil { 1628 s.PerSec = NewInt(10) 1629 } 1630 1631 if s.MaxBurst == nil { 1632 s.MaxBurst = NewInt(100) 1633 } 1634 1635 if s.MemoryStoreSize == nil { 1636 s.MemoryStoreSize = NewInt(10000) 1637 } 1638 1639 if s.VaryByRemoteAddr == nil { 1640 s.VaryByRemoteAddr = NewBool(true) 1641 } 1642 1643 if s.VaryByUser == nil { 1644 s.VaryByUser = NewBool(false) 1645 } 1646 } 1647 1648 type PrivacySettings struct { 1649 ShowEmailAddress *bool `access:"site"` 1650 ShowFullName *bool `access:"site"` 1651 } 1652 1653 func (s *PrivacySettings) setDefaults() { 1654 if s.ShowEmailAddress == nil { 1655 s.ShowEmailAddress = NewBool(true) 1656 } 1657 1658 if s.ShowFullName == nil { 1659 s.ShowFullName = NewBool(true) 1660 } 1661 } 1662 1663 type SupportSettings struct { 1664 TermsOfServiceLink *string `access:"site,write_restrictable,cloud_restrictable"` 1665 PrivacyPolicyLink *string `access:"site,write_restrictable,cloud_restrictable"` 1666 AboutLink *string `access:"site,write_restrictable,cloud_restrictable"` 1667 HelpLink *string `access:"site,write_restrictable,cloud_restrictable"` 1668 ReportAProblemLink *string `access:"site,write_restrictable,cloud_restrictable"` 1669 SupportEmail *string `access:"site"` 1670 CustomTermsOfServiceEnabled *bool `access:"compliance"` 1671 CustomTermsOfServiceReAcceptancePeriod *int `access:"compliance"` 1672 EnableAskCommunityLink *bool `access:"site"` 1673 } 1674 1675 func (s *SupportSettings) SetDefaults() { 1676 if !IsSafeLink(s.TermsOfServiceLink) { 1677 *s.TermsOfServiceLink = SUPPORT_SETTINGS_DEFAULT_TERMS_OF_SERVICE_LINK 1678 } 1679 1680 if s.TermsOfServiceLink == nil { 1681 s.TermsOfServiceLink = NewString(SUPPORT_SETTINGS_DEFAULT_TERMS_OF_SERVICE_LINK) 1682 } 1683 1684 if !IsSafeLink(s.PrivacyPolicyLink) { 1685 *s.PrivacyPolicyLink = "" 1686 } 1687 1688 if s.PrivacyPolicyLink == nil { 1689 s.PrivacyPolicyLink = NewString(SUPPORT_SETTINGS_DEFAULT_PRIVACY_POLICY_LINK) 1690 } 1691 1692 if !IsSafeLink(s.AboutLink) { 1693 *s.AboutLink = "" 1694 } 1695 1696 if s.AboutLink == nil { 1697 s.AboutLink = NewString(SUPPORT_SETTINGS_DEFAULT_ABOUT_LINK) 1698 } 1699 1700 if !IsSafeLink(s.HelpLink) { 1701 *s.HelpLink = "" 1702 } 1703 1704 if s.HelpLink == nil { 1705 s.HelpLink = NewString(SUPPORT_SETTINGS_DEFAULT_HELP_LINK) 1706 } 1707 1708 if !IsSafeLink(s.ReportAProblemLink) { 1709 *s.ReportAProblemLink = "" 1710 } 1711 1712 if s.ReportAProblemLink == nil { 1713 s.ReportAProblemLink = NewString(SUPPORT_SETTINGS_DEFAULT_REPORT_A_PROBLEM_LINK) 1714 } 1715 1716 if s.SupportEmail == nil { 1717 s.SupportEmail = NewString(SUPPORT_SETTINGS_DEFAULT_SUPPORT_EMAIL) 1718 } 1719 1720 if s.CustomTermsOfServiceEnabled == nil { 1721 s.CustomTermsOfServiceEnabled = NewBool(false) 1722 } 1723 1724 if s.CustomTermsOfServiceReAcceptancePeriod == nil { 1725 s.CustomTermsOfServiceReAcceptancePeriod = NewInt(SUPPORT_SETTINGS_DEFAULT_RE_ACCEPTANCE_PERIOD) 1726 } 1727 1728 if s.EnableAskCommunityLink == nil { 1729 s.EnableAskCommunityLink = NewBool(true) 1730 } 1731 } 1732 1733 type AnnouncementSettings struct { 1734 EnableBanner *bool `access:"site"` 1735 BannerText *string `access:"site"` 1736 BannerColor *string `access:"site"` 1737 BannerTextColor *string `access:"site"` 1738 AllowBannerDismissal *bool `access:"site"` 1739 AdminNoticesEnabled *bool `access:"site"` 1740 UserNoticesEnabled *bool `access:"site"` 1741 NoticesURL *string `access:"site,write_restrictable"` 1742 NoticesFetchFrequency *int `access:"site,write_restrictable"` 1743 NoticesSkipCache *bool `access:"site,write_restrictable"` 1744 } 1745 1746 func (s *AnnouncementSettings) SetDefaults() { 1747 if s.EnableBanner == nil { 1748 s.EnableBanner = NewBool(false) 1749 } 1750 1751 if s.BannerText == nil { 1752 s.BannerText = NewString("") 1753 } 1754 1755 if s.BannerColor == nil { 1756 s.BannerColor = NewString(ANNOUNCEMENT_SETTINGS_DEFAULT_BANNER_COLOR) 1757 } 1758 1759 if s.BannerTextColor == nil { 1760 s.BannerTextColor = NewString(ANNOUNCEMENT_SETTINGS_DEFAULT_BANNER_TEXT_COLOR) 1761 } 1762 1763 if s.AllowBannerDismissal == nil { 1764 s.AllowBannerDismissal = NewBool(true) 1765 } 1766 1767 if s.AdminNoticesEnabled == nil { 1768 s.AdminNoticesEnabled = NewBool(true) 1769 } 1770 1771 if s.UserNoticesEnabled == nil { 1772 s.UserNoticesEnabled = NewBool(true) 1773 } 1774 if s.NoticesURL == nil { 1775 s.NoticesURL = NewString(ANNOUNCEMENT_SETTINGS_DEFAULT_NOTICES_JSON_URL) 1776 } 1777 if s.NoticesSkipCache == nil { 1778 s.NoticesSkipCache = NewBool(false) 1779 } 1780 if s.NoticesFetchFrequency == nil { 1781 s.NoticesFetchFrequency = NewInt(ANNOUNCEMENT_SETTINGS_DEFAULT_NOTICES_FETCH_FREQUENCY_SECONDS) 1782 } 1783 1784 } 1785 1786 type ThemeSettings struct { 1787 EnableThemeSelection *bool `access:"experimental"` 1788 DefaultTheme *string `access:"experimental"` 1789 AllowCustomThemes *bool `access:"experimental"` 1790 AllowedThemes []string 1791 } 1792 1793 func (s *ThemeSettings) SetDefaults() { 1794 if s.EnableThemeSelection == nil { 1795 s.EnableThemeSelection = NewBool(true) 1796 } 1797 1798 if s.DefaultTheme == nil { 1799 s.DefaultTheme = NewString(TEAM_SETTINGS_DEFAULT_TEAM_TEXT) 1800 } 1801 1802 if s.AllowCustomThemes == nil { 1803 s.AllowCustomThemes = NewBool(true) 1804 } 1805 1806 if s.AllowedThemes == nil { 1807 s.AllowedThemes = []string{} 1808 } 1809 } 1810 1811 type TeamSettings struct { 1812 SiteName *string `access:"site"` 1813 MaxUsersPerTeam *int `access:"site"` 1814 DEPRECATED_DO_NOT_USE_EnableTeamCreation *bool `json:"EnableTeamCreation" mapstructure:"EnableTeamCreation"` // This field is deprecated and must not be used. 1815 EnableUserCreation *bool `access:"authentication"` 1816 EnableOpenServer *bool `access:"authentication"` 1817 EnableUserDeactivation *bool `access:"experimental"` 1818 RestrictCreationToDomains *string `access:"authentication"` 1819 EnableCustomBrand *bool `access:"site"` 1820 CustomBrandText *string `access:"site"` 1821 CustomDescriptionText *string `access:"site"` 1822 RestrictDirectMessage *string `access:"site"` 1823 DEPRECATED_DO_NOT_USE_RestrictTeamInvite *string `json:"RestrictTeamInvite" mapstructure:"RestrictTeamInvite"` // This field is deprecated and must not be used. 1824 DEPRECATED_DO_NOT_USE_RestrictPublicChannelManagement *string `json:"RestrictPublicChannelManagement" mapstructure:"RestrictPublicChannelManagement"` // This field is deprecated and must not be used. 1825 DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManagement *string `json:"RestrictPrivateChannelManagement" mapstructure:"RestrictPrivateChannelManagement"` // This field is deprecated and must not be used. 1826 DEPRECATED_DO_NOT_USE_RestrictPublicChannelCreation *string `json:"RestrictPublicChannelCreation" mapstructure:"RestrictPublicChannelCreation"` // This field is deprecated and must not be used. 1827 DEPRECATED_DO_NOT_USE_RestrictPrivateChannelCreation *string `json:"RestrictPrivateChannelCreation" mapstructure:"RestrictPrivateChannelCreation"` // This field is deprecated and must not be used. 1828 DEPRECATED_DO_NOT_USE_RestrictPublicChannelDeletion *string `json:"RestrictPublicChannelDeletion" mapstructure:"RestrictPublicChannelDeletion"` // This field is deprecated and must not be used. 1829 DEPRECATED_DO_NOT_USE_RestrictPrivateChannelDeletion *string `json:"RestrictPrivateChannelDeletion" mapstructure:"RestrictPrivateChannelDeletion"` // This field is deprecated and must not be used. 1830 DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManageMembers *string `json:"RestrictPrivateChannelManageMembers" mapstructure:"RestrictPrivateChannelManageMembers"` // This field is deprecated and must not be used. 1831 EnableXToLeaveChannelsFromLHS *bool `access:"experimental"` 1832 UserStatusAwayTimeout *int64 `access:"experimental"` 1833 MaxChannelsPerTeam *int64 `access:"site"` 1834 MaxNotificationsPerChannel *int64 `access:"environment"` 1835 EnableConfirmNotificationsToChannel *bool `access:"site"` 1836 TeammateNameDisplay *string `access:"site"` 1837 ExperimentalViewArchivedChannels *bool `access:"experimental,site"` 1838 ExperimentalEnableAutomaticReplies *bool `access:"experimental"` 1839 ExperimentalHideTownSquareinLHS *bool `access:"experimental"` 1840 ExperimentalTownSquareIsReadOnly *bool `access:"experimental"` 1841 LockTeammateNameDisplay *bool `access:"site"` 1842 ExperimentalPrimaryTeam *string `access:"experimental"` 1843 ExperimentalDefaultChannels []string `access:"experimental"` 1844 } 1845 1846 func (s *TeamSettings) SetDefaults() { 1847 1848 if s.SiteName == nil || *s.SiteName == "" { 1849 s.SiteName = NewString(TEAM_SETTINGS_DEFAULT_SITE_NAME) 1850 } 1851 1852 if s.MaxUsersPerTeam == nil { 1853 s.MaxUsersPerTeam = NewInt(TEAM_SETTINGS_DEFAULT_MAX_USERS_PER_TEAM) 1854 } 1855 1856 if s.DEPRECATED_DO_NOT_USE_EnableTeamCreation == nil { 1857 s.DEPRECATED_DO_NOT_USE_EnableTeamCreation = NewBool(true) 1858 } 1859 1860 if s.EnableUserCreation == nil { 1861 s.EnableUserCreation = NewBool(true) 1862 } 1863 1864 if s.EnableOpenServer == nil { 1865 s.EnableOpenServer = NewBool(false) 1866 } 1867 1868 if s.RestrictCreationToDomains == nil { 1869 s.RestrictCreationToDomains = NewString("") 1870 } 1871 1872 if s.EnableCustomBrand == nil { 1873 s.EnableCustomBrand = NewBool(false) 1874 } 1875 1876 if s.EnableUserDeactivation == nil { 1877 s.EnableUserDeactivation = NewBool(false) 1878 } 1879 1880 if s.CustomBrandText == nil { 1881 s.CustomBrandText = NewString(TEAM_SETTINGS_DEFAULT_CUSTOM_BRAND_TEXT) 1882 } 1883 1884 if s.CustomDescriptionText == nil { 1885 s.CustomDescriptionText = NewString(TEAM_SETTINGS_DEFAULT_CUSTOM_DESCRIPTION_TEXT) 1886 } 1887 1888 if s.RestrictDirectMessage == nil { 1889 s.RestrictDirectMessage = NewString(DIRECT_MESSAGE_ANY) 1890 } 1891 1892 if s.DEPRECATED_DO_NOT_USE_RestrictTeamInvite == nil { 1893 s.DEPRECATED_DO_NOT_USE_RestrictTeamInvite = NewString(PERMISSIONS_ALL) 1894 } 1895 1896 if s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelManagement == nil { 1897 s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelManagement = NewString(PERMISSIONS_ALL) 1898 } 1899 1900 if s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManagement == nil { 1901 s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManagement = NewString(PERMISSIONS_ALL) 1902 } 1903 1904 if s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelCreation == nil { 1905 s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelCreation = new(string) 1906 // If this setting does not exist, assume migration from <3.6, so use management setting as default. 1907 if *s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelManagement == PERMISSIONS_CHANNEL_ADMIN { 1908 *s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelCreation = PERMISSIONS_TEAM_ADMIN 1909 } else { 1910 *s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelCreation = *s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelManagement 1911 } 1912 } 1913 1914 if s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelCreation == nil { 1915 // If this setting does not exist, assume migration from <3.6, so use management setting as default. 1916 if *s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManagement == PERMISSIONS_CHANNEL_ADMIN { 1917 s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelCreation = NewString(PERMISSIONS_TEAM_ADMIN) 1918 } else { 1919 s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelCreation = NewString(*s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManagement) 1920 } 1921 } 1922 1923 if s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelDeletion == nil { 1924 // If this setting does not exist, assume migration from <3.6, so use management setting as default. 1925 s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelDeletion = NewString(*s.DEPRECATED_DO_NOT_USE_RestrictPublicChannelManagement) 1926 } 1927 1928 if s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelDeletion == nil { 1929 // If this setting does not exist, assume migration from <3.6, so use management setting as default. 1930 s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelDeletion = NewString(*s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManagement) 1931 } 1932 1933 if s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManageMembers == nil { 1934 s.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManageMembers = NewString(PERMISSIONS_ALL) 1935 } 1936 1937 if s.EnableXToLeaveChannelsFromLHS == nil { 1938 s.EnableXToLeaveChannelsFromLHS = NewBool(false) 1939 } 1940 1941 if s.UserStatusAwayTimeout == nil { 1942 s.UserStatusAwayTimeout = NewInt64(TEAM_SETTINGS_DEFAULT_USER_STATUS_AWAY_TIMEOUT) 1943 } 1944 1945 if s.MaxChannelsPerTeam == nil { 1946 s.MaxChannelsPerTeam = NewInt64(2000) 1947 } 1948 1949 if s.MaxNotificationsPerChannel == nil { 1950 s.MaxNotificationsPerChannel = NewInt64(1000) 1951 } 1952 1953 if s.EnableConfirmNotificationsToChannel == nil { 1954 s.EnableConfirmNotificationsToChannel = NewBool(true) 1955 } 1956 1957 if s.ExperimentalEnableAutomaticReplies == nil { 1958 s.ExperimentalEnableAutomaticReplies = NewBool(false) 1959 } 1960 1961 if s.ExperimentalHideTownSquareinLHS == nil { 1962 s.ExperimentalHideTownSquareinLHS = NewBool(false) 1963 } 1964 1965 if s.ExperimentalTownSquareIsReadOnly == nil { 1966 s.ExperimentalTownSquareIsReadOnly = NewBool(false) 1967 } 1968 1969 if s.ExperimentalPrimaryTeam == nil { 1970 s.ExperimentalPrimaryTeam = NewString("") 1971 } 1972 1973 if s.ExperimentalDefaultChannels == nil { 1974 s.ExperimentalDefaultChannels = []string{} 1975 } 1976 1977 if s.DEPRECATED_DO_NOT_USE_EnableTeamCreation == nil { 1978 s.DEPRECATED_DO_NOT_USE_EnableTeamCreation = NewBool(true) 1979 } 1980 1981 if s.EnableUserCreation == nil { 1982 s.EnableUserCreation = NewBool(true) 1983 } 1984 1985 if s.ExperimentalViewArchivedChannels == nil { 1986 s.ExperimentalViewArchivedChannels = NewBool(true) 1987 } 1988 1989 if s.LockTeammateNameDisplay == nil { 1990 s.LockTeammateNameDisplay = NewBool(false) 1991 } 1992 } 1993 1994 type ClientRequirements struct { 1995 AndroidLatestVersion string `access:"write_restrictable,cloud_restrictable"` 1996 AndroidMinVersion string `access:"write_restrictable,cloud_restrictable"` 1997 DesktopLatestVersion string `access:"write_restrictable,cloud_restrictable"` 1998 DesktopMinVersion string `access:"write_restrictable,cloud_restrictable"` 1999 IosLatestVersion string `access:"write_restrictable,cloud_restrictable"` 2000 IosMinVersion string `access:"write_restrictable,cloud_restrictable"` 2001 } 2002 2003 type LdapSettings struct { 2004 // Basic 2005 Enable *bool `access:"authentication"` 2006 EnableSync *bool `access:"authentication"` 2007 LdapServer *string `access:"authentication"` 2008 LdapPort *int `access:"authentication"` 2009 ConnectionSecurity *string `access:"authentication"` 2010 BaseDN *string `access:"authentication"` 2011 BindUsername *string `access:"authentication"` 2012 BindPassword *string `access:"authentication"` 2013 2014 // Filtering 2015 UserFilter *string `access:"authentication"` 2016 GroupFilter *string `access:"authentication"` 2017 GuestFilter *string `access:"authentication"` 2018 EnableAdminFilter *bool 2019 AdminFilter *string 2020 2021 // Group Mapping 2022 GroupDisplayNameAttribute *string `access:"authentication"` 2023 GroupIdAttribute *string `access:"authentication"` 2024 2025 // User Mapping 2026 FirstNameAttribute *string `access:"authentication"` 2027 LastNameAttribute *string `access:"authentication"` 2028 EmailAttribute *string `access:"authentication"` 2029 UsernameAttribute *string `access:"authentication"` 2030 NicknameAttribute *string `access:"authentication"` 2031 IdAttribute *string `access:"authentication"` 2032 PositionAttribute *string `access:"authentication"` 2033 LoginIdAttribute *string `access:"authentication"` 2034 PictureAttribute *string `access:"authentication"` 2035 2036 // Synchronization 2037 SyncIntervalMinutes *int `access:"authentication"` 2038 2039 // Advanced 2040 SkipCertificateVerification *bool `access:"authentication"` 2041 PublicCertificateFile *string `access:"authentication"` 2042 PrivateKeyFile *string `access:"authentication"` 2043 QueryTimeout *int `access:"authentication"` 2044 MaxPageSize *int `access:"authentication"` 2045 2046 // Customization 2047 LoginFieldName *string `access:"authentication"` 2048 2049 LoginButtonColor *string `access:"authentication"` 2050 LoginButtonBorderColor *string `access:"authentication"` 2051 LoginButtonTextColor *string `access:"authentication"` 2052 2053 Trace *bool `access:"authentication"` 2054 } 2055 2056 func (s *LdapSettings) SetDefaults() { 2057 if s.Enable == nil { 2058 s.Enable = NewBool(false) 2059 } 2060 2061 // When unset should default to LDAP Enabled 2062 if s.EnableSync == nil { 2063 s.EnableSync = NewBool(*s.Enable) 2064 } 2065 2066 if s.EnableAdminFilter == nil { 2067 s.EnableAdminFilter = NewBool(false) 2068 } 2069 2070 if s.LdapServer == nil { 2071 s.LdapServer = NewString("") 2072 } 2073 2074 if s.LdapPort == nil { 2075 s.LdapPort = NewInt(389) 2076 } 2077 2078 if s.ConnectionSecurity == nil { 2079 s.ConnectionSecurity = NewString("") 2080 } 2081 2082 if s.PublicCertificateFile == nil { 2083 s.PublicCertificateFile = NewString("") 2084 } 2085 2086 if s.PrivateKeyFile == nil { 2087 s.PrivateKeyFile = NewString("") 2088 } 2089 2090 if s.BaseDN == nil { 2091 s.BaseDN = NewString("") 2092 } 2093 2094 if s.BindUsername == nil { 2095 s.BindUsername = NewString("") 2096 } 2097 2098 if s.BindPassword == nil { 2099 s.BindPassword = NewString("") 2100 } 2101 2102 if s.UserFilter == nil { 2103 s.UserFilter = NewString("") 2104 } 2105 2106 if s.GuestFilter == nil { 2107 s.GuestFilter = NewString("") 2108 } 2109 2110 if s.AdminFilter == nil { 2111 s.AdminFilter = NewString("") 2112 } 2113 2114 if s.GroupFilter == nil { 2115 s.GroupFilter = NewString("") 2116 } 2117 2118 if s.GroupDisplayNameAttribute == nil { 2119 s.GroupDisplayNameAttribute = NewString(LDAP_SETTINGS_DEFAULT_GROUP_DISPLAY_NAME_ATTRIBUTE) 2120 } 2121 2122 if s.GroupIdAttribute == nil { 2123 s.GroupIdAttribute = NewString(LDAP_SETTINGS_DEFAULT_GROUP_ID_ATTRIBUTE) 2124 } 2125 2126 if s.FirstNameAttribute == nil { 2127 s.FirstNameAttribute = NewString(LDAP_SETTINGS_DEFAULT_FIRST_NAME_ATTRIBUTE) 2128 } 2129 2130 if s.LastNameAttribute == nil { 2131 s.LastNameAttribute = NewString(LDAP_SETTINGS_DEFAULT_LAST_NAME_ATTRIBUTE) 2132 } 2133 2134 if s.EmailAttribute == nil { 2135 s.EmailAttribute = NewString(LDAP_SETTINGS_DEFAULT_EMAIL_ATTRIBUTE) 2136 } 2137 2138 if s.UsernameAttribute == nil { 2139 s.UsernameAttribute = NewString(LDAP_SETTINGS_DEFAULT_USERNAME_ATTRIBUTE) 2140 } 2141 2142 if s.NicknameAttribute == nil { 2143 s.NicknameAttribute = NewString(LDAP_SETTINGS_DEFAULT_NICKNAME_ATTRIBUTE) 2144 } 2145 2146 if s.IdAttribute == nil { 2147 s.IdAttribute = NewString(LDAP_SETTINGS_DEFAULT_ID_ATTRIBUTE) 2148 } 2149 2150 if s.PositionAttribute == nil { 2151 s.PositionAttribute = NewString(LDAP_SETTINGS_DEFAULT_POSITION_ATTRIBUTE) 2152 } 2153 2154 if s.PictureAttribute == nil { 2155 s.PictureAttribute = NewString(LDAP_SETTINGS_DEFAULT_PICTURE_ATTRIBUTE) 2156 } 2157 2158 // For those upgrading to the version when LoginIdAttribute was added 2159 // they need IdAttribute == LoginIdAttribute not to break 2160 if s.LoginIdAttribute == nil { 2161 s.LoginIdAttribute = s.IdAttribute 2162 } 2163 2164 if s.SyncIntervalMinutes == nil { 2165 s.SyncIntervalMinutes = NewInt(60) 2166 } 2167 2168 if s.SkipCertificateVerification == nil { 2169 s.SkipCertificateVerification = NewBool(false) 2170 } 2171 2172 if s.QueryTimeout == nil { 2173 s.QueryTimeout = NewInt(60) 2174 } 2175 2176 if s.MaxPageSize == nil { 2177 s.MaxPageSize = NewInt(0) 2178 } 2179 2180 if s.LoginFieldName == nil { 2181 s.LoginFieldName = NewString(LDAP_SETTINGS_DEFAULT_LOGIN_FIELD_NAME) 2182 } 2183 2184 if s.LoginButtonColor == nil { 2185 s.LoginButtonColor = NewString("#0000") 2186 } 2187 2188 if s.LoginButtonBorderColor == nil { 2189 s.LoginButtonBorderColor = NewString("#2389D7") 2190 } 2191 2192 if s.LoginButtonTextColor == nil { 2193 s.LoginButtonTextColor = NewString("#2389D7") 2194 } 2195 2196 if s.Trace == nil { 2197 s.Trace = NewBool(false) 2198 } 2199 } 2200 2201 type ComplianceSettings struct { 2202 Enable *bool `access:"compliance"` 2203 Directory *string `access:"compliance"` 2204 EnableDaily *bool `access:"compliance"` 2205 } 2206 2207 func (s *ComplianceSettings) SetDefaults() { 2208 if s.Enable == nil { 2209 s.Enable = NewBool(false) 2210 } 2211 2212 if s.Directory == nil { 2213 s.Directory = NewString("./data/") 2214 } 2215 2216 if s.EnableDaily == nil { 2217 s.EnableDaily = NewBool(false) 2218 } 2219 } 2220 2221 type LocalizationSettings struct { 2222 DefaultServerLocale *string `access:"site"` 2223 DefaultClientLocale *string `access:"site"` 2224 AvailableLocales *string `access:"site"` 2225 } 2226 2227 func (s *LocalizationSettings) SetDefaults() { 2228 if s.DefaultServerLocale == nil { 2229 s.DefaultServerLocale = NewString(DEFAULT_LOCALE) 2230 } 2231 2232 if s.DefaultClientLocale == nil { 2233 s.DefaultClientLocale = NewString(DEFAULT_LOCALE) 2234 } 2235 2236 if s.AvailableLocales == nil { 2237 s.AvailableLocales = NewString("") 2238 } 2239 } 2240 2241 type SamlSettings struct { 2242 // Basic 2243 Enable *bool `access:"authentication"` 2244 EnableSyncWithLdap *bool `access:"authentication"` 2245 EnableSyncWithLdapIncludeAuth *bool `access:"authentication"` 2246 IgnoreGuestsLdapSync *bool `access:"authentication"` 2247 2248 Verify *bool `access:"authentication"` 2249 Encrypt *bool `access:"authentication"` 2250 SignRequest *bool `access:"authentication"` 2251 2252 IdpUrl *string `access:"authentication"` 2253 IdpDescriptorUrl *string `access:"authentication"` 2254 IdpMetadataUrl *string `access:"authentication"` 2255 ServiceProviderIdentifier *string `access:"authentication"` 2256 AssertionConsumerServiceURL *string `access:"authentication"` 2257 2258 SignatureAlgorithm *string `access:"authentication"` 2259 CanonicalAlgorithm *string `access:"authentication"` 2260 2261 ScopingIDPProviderId *string `access:"authentication"` 2262 ScopingIDPName *string `access:"authentication"` 2263 2264 IdpCertificateFile *string `access:"authentication"` 2265 PublicCertificateFile *string `access:"authentication"` 2266 PrivateKeyFile *string `access:"authentication"` 2267 2268 // User Mapping 2269 IdAttribute *string `access:"authentication"` 2270 GuestAttribute *string `access:"authentication"` 2271 EnableAdminAttribute *bool 2272 AdminAttribute *string 2273 FirstNameAttribute *string `access:"authentication"` 2274 LastNameAttribute *string `access:"authentication"` 2275 EmailAttribute *string `access:"authentication"` 2276 UsernameAttribute *string `access:"authentication"` 2277 NicknameAttribute *string `access:"authentication"` 2278 LocaleAttribute *string `access:"authentication"` 2279 PositionAttribute *string `access:"authentication"` 2280 2281 LoginButtonText *string `access:"authentication"` 2282 2283 LoginButtonColor *string `access:"authentication"` 2284 LoginButtonBorderColor *string `access:"authentication"` 2285 LoginButtonTextColor *string `access:"authentication"` 2286 } 2287 2288 func (s *SamlSettings) SetDefaults() { 2289 if s.Enable == nil { 2290 s.Enable = NewBool(false) 2291 } 2292 2293 if s.EnableSyncWithLdap == nil { 2294 s.EnableSyncWithLdap = NewBool(false) 2295 } 2296 2297 if s.EnableSyncWithLdapIncludeAuth == nil { 2298 s.EnableSyncWithLdapIncludeAuth = NewBool(false) 2299 } 2300 2301 if s.IgnoreGuestsLdapSync == nil { 2302 s.IgnoreGuestsLdapSync = NewBool(false) 2303 } 2304 2305 if s.EnableAdminAttribute == nil { 2306 s.EnableAdminAttribute = NewBool(false) 2307 } 2308 2309 if s.Verify == nil { 2310 s.Verify = NewBool(true) 2311 } 2312 2313 if s.Encrypt == nil { 2314 s.Encrypt = NewBool(true) 2315 } 2316 2317 if s.SignRequest == nil { 2318 s.SignRequest = NewBool(false) 2319 } 2320 2321 if s.SignatureAlgorithm == nil { 2322 s.SignatureAlgorithm = NewString(SAML_SETTINGS_DEFAULT_SIGNATURE_ALGORITHM) 2323 } 2324 2325 if s.CanonicalAlgorithm == nil { 2326 s.CanonicalAlgorithm = NewString(SAML_SETTINGS_DEFAULT_CANONICAL_ALGORITHM) 2327 } 2328 2329 if s.IdpUrl == nil { 2330 s.IdpUrl = NewString("") 2331 } 2332 2333 if s.IdpDescriptorUrl == nil { 2334 s.IdpDescriptorUrl = NewString("") 2335 } 2336 2337 if s.ServiceProviderIdentifier == nil { 2338 if s.IdpDescriptorUrl != nil { 2339 s.ServiceProviderIdentifier = NewString(*s.IdpDescriptorUrl) 2340 } else { 2341 s.ServiceProviderIdentifier = NewString("") 2342 } 2343 } 2344 2345 if s.IdpMetadataUrl == nil { 2346 s.IdpMetadataUrl = NewString("") 2347 } 2348 2349 if s.IdpCertificateFile == nil { 2350 s.IdpCertificateFile = NewString("") 2351 } 2352 2353 if s.PublicCertificateFile == nil { 2354 s.PublicCertificateFile = NewString("") 2355 } 2356 2357 if s.PrivateKeyFile == nil { 2358 s.PrivateKeyFile = NewString("") 2359 } 2360 2361 if s.AssertionConsumerServiceURL == nil { 2362 s.AssertionConsumerServiceURL = NewString("") 2363 } 2364 2365 if s.ScopingIDPProviderId == nil { 2366 s.ScopingIDPProviderId = NewString("") 2367 } 2368 2369 if s.ScopingIDPName == nil { 2370 s.ScopingIDPName = NewString("") 2371 } 2372 2373 if s.LoginButtonText == nil || *s.LoginButtonText == "" { 2374 s.LoginButtonText = NewString(USER_AUTH_SERVICE_SAML_TEXT) 2375 } 2376 2377 if s.IdAttribute == nil { 2378 s.IdAttribute = NewString(SAML_SETTINGS_DEFAULT_ID_ATTRIBUTE) 2379 } 2380 2381 if s.GuestAttribute == nil { 2382 s.GuestAttribute = NewString(SAML_SETTINGS_DEFAULT_GUEST_ATTRIBUTE) 2383 } 2384 if s.AdminAttribute == nil { 2385 s.AdminAttribute = NewString(SAML_SETTINGS_DEFAULT_ADMIN_ATTRIBUTE) 2386 } 2387 if s.FirstNameAttribute == nil { 2388 s.FirstNameAttribute = NewString(SAML_SETTINGS_DEFAULT_FIRST_NAME_ATTRIBUTE) 2389 } 2390 2391 if s.LastNameAttribute == nil { 2392 s.LastNameAttribute = NewString(SAML_SETTINGS_DEFAULT_LAST_NAME_ATTRIBUTE) 2393 } 2394 2395 if s.EmailAttribute == nil { 2396 s.EmailAttribute = NewString(SAML_SETTINGS_DEFAULT_EMAIL_ATTRIBUTE) 2397 } 2398 2399 if s.UsernameAttribute == nil { 2400 s.UsernameAttribute = NewString(SAML_SETTINGS_DEFAULT_USERNAME_ATTRIBUTE) 2401 } 2402 2403 if s.NicknameAttribute == nil { 2404 s.NicknameAttribute = NewString(SAML_SETTINGS_DEFAULT_NICKNAME_ATTRIBUTE) 2405 } 2406 2407 if s.PositionAttribute == nil { 2408 s.PositionAttribute = NewString(SAML_SETTINGS_DEFAULT_POSITION_ATTRIBUTE) 2409 } 2410 2411 if s.LocaleAttribute == nil { 2412 s.LocaleAttribute = NewString(SAML_SETTINGS_DEFAULT_LOCALE_ATTRIBUTE) 2413 } 2414 2415 if s.LoginButtonColor == nil { 2416 s.LoginButtonColor = NewString("#34a28b") 2417 } 2418 2419 if s.LoginButtonBorderColor == nil { 2420 s.LoginButtonBorderColor = NewString("#2389D7") 2421 } 2422 2423 if s.LoginButtonTextColor == nil { 2424 s.LoginButtonTextColor = NewString("#ffffff") 2425 } 2426 } 2427 2428 type NativeAppSettings struct { 2429 AppDownloadLink *string `access:"site,write_restrictable,cloud_restrictable"` 2430 AndroidAppDownloadLink *string `access:"site,write_restrictable,cloud_restrictable"` 2431 IosAppDownloadLink *string `access:"site,write_restrictable,cloud_restrictable"` 2432 } 2433 2434 func (s *NativeAppSettings) SetDefaults() { 2435 if s.AppDownloadLink == nil { 2436 s.AppDownloadLink = NewString(NATIVEAPP_SETTINGS_DEFAULT_APP_DOWNLOAD_LINK) 2437 } 2438 2439 if s.AndroidAppDownloadLink == nil { 2440 s.AndroidAppDownloadLink = NewString(NATIVEAPP_SETTINGS_DEFAULT_ANDROID_APP_DOWNLOAD_LINK) 2441 } 2442 2443 if s.IosAppDownloadLink == nil { 2444 s.IosAppDownloadLink = NewString(NATIVEAPP_SETTINGS_DEFAULT_IOS_APP_DOWNLOAD_LINK) 2445 } 2446 } 2447 2448 type ElasticsearchSettings struct { 2449 ConnectionUrl *string `access:"environment,write_restrictable,cloud_restrictable"` 2450 Username *string `access:"environment,write_restrictable,cloud_restrictable"` 2451 Password *string `access:"environment,write_restrictable,cloud_restrictable"` 2452 EnableIndexing *bool `access:"environment,write_restrictable,cloud_restrictable"` 2453 EnableSearching *bool `access:"environment,write_restrictable,cloud_restrictable"` 2454 EnableAutocomplete *bool `access:"environment,write_restrictable,cloud_restrictable"` 2455 Sniff *bool `access:"environment,write_restrictable,cloud_restrictable"` 2456 PostIndexReplicas *int `access:"environment,write_restrictable,cloud_restrictable"` 2457 PostIndexShards *int `access:"environment,write_restrictable,cloud_restrictable"` 2458 ChannelIndexReplicas *int `access:"environment,write_restrictable,cloud_restrictable"` 2459 ChannelIndexShards *int `access:"environment,write_restrictable,cloud_restrictable"` 2460 UserIndexReplicas *int `access:"environment,write_restrictable,cloud_restrictable"` 2461 UserIndexShards *int `access:"environment,write_restrictable,cloud_restrictable"` 2462 AggregatePostsAfterDays *int `access:"environment,write_restrictable,cloud_restrictable"` 2463 PostsAggregatorJobStartTime *string `access:"environment,write_restrictable,cloud_restrictable"` 2464 IndexPrefix *string `access:"environment,write_restrictable,cloud_restrictable"` 2465 LiveIndexingBatchSize *int `access:"environment,write_restrictable,cloud_restrictable"` 2466 BulkIndexingTimeWindowSeconds *int `access:"environment,write_restrictable,cloud_restrictable"` 2467 RequestTimeoutSeconds *int `access:"environment,write_restrictable,cloud_restrictable"` 2468 SkipTLSVerification *bool `access:"environment,write_restrictable,cloud_restrictable"` 2469 Trace *string `access:"environment,write_restrictable,cloud_restrictable"` 2470 } 2471 2472 func (s *ElasticsearchSettings) SetDefaults() { 2473 if s.ConnectionUrl == nil { 2474 s.ConnectionUrl = NewString(ELASTICSEARCH_SETTINGS_DEFAULT_CONNECTION_URL) 2475 } 2476 2477 if s.Username == nil { 2478 s.Username = NewString(ELASTICSEARCH_SETTINGS_DEFAULT_USERNAME) 2479 } 2480 2481 if s.Password == nil { 2482 s.Password = NewString(ELASTICSEARCH_SETTINGS_DEFAULT_PASSWORD) 2483 } 2484 2485 if s.EnableIndexing == nil { 2486 s.EnableIndexing = NewBool(false) 2487 } 2488 2489 if s.EnableSearching == nil { 2490 s.EnableSearching = NewBool(false) 2491 } 2492 2493 if s.EnableAutocomplete == nil { 2494 s.EnableAutocomplete = NewBool(false) 2495 } 2496 2497 if s.Sniff == nil { 2498 s.Sniff = NewBool(true) 2499 } 2500 2501 if s.PostIndexReplicas == nil { 2502 s.PostIndexReplicas = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_POST_INDEX_REPLICAS) 2503 } 2504 2505 if s.PostIndexShards == nil { 2506 s.PostIndexShards = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_POST_INDEX_SHARDS) 2507 } 2508 2509 if s.ChannelIndexReplicas == nil { 2510 s.ChannelIndexReplicas = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_CHANNEL_INDEX_REPLICAS) 2511 } 2512 2513 if s.ChannelIndexShards == nil { 2514 s.ChannelIndexShards = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_CHANNEL_INDEX_SHARDS) 2515 } 2516 2517 if s.UserIndexReplicas == nil { 2518 s.UserIndexReplicas = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_USER_INDEX_REPLICAS) 2519 } 2520 2521 if s.UserIndexShards == nil { 2522 s.UserIndexShards = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_USER_INDEX_SHARDS) 2523 } 2524 2525 if s.AggregatePostsAfterDays == nil { 2526 s.AggregatePostsAfterDays = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_AGGREGATE_POSTS_AFTER_DAYS) 2527 } 2528 2529 if s.PostsAggregatorJobStartTime == nil { 2530 s.PostsAggregatorJobStartTime = NewString(ELASTICSEARCH_SETTINGS_DEFAULT_POSTS_AGGREGATOR_JOB_START_TIME) 2531 } 2532 2533 if s.IndexPrefix == nil { 2534 s.IndexPrefix = NewString(ELASTICSEARCH_SETTINGS_DEFAULT_INDEX_PREFIX) 2535 } 2536 2537 if s.LiveIndexingBatchSize == nil { 2538 s.LiveIndexingBatchSize = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_LIVE_INDEXING_BATCH_SIZE) 2539 } 2540 2541 if s.BulkIndexingTimeWindowSeconds == nil { 2542 s.BulkIndexingTimeWindowSeconds = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_BULK_INDEXING_TIME_WINDOW_SECONDS) 2543 } 2544 2545 if s.RequestTimeoutSeconds == nil { 2546 s.RequestTimeoutSeconds = NewInt(ELASTICSEARCH_SETTINGS_DEFAULT_REQUEST_TIMEOUT_SECONDS) 2547 } 2548 2549 if s.SkipTLSVerification == nil { 2550 s.SkipTLSVerification = NewBool(false) 2551 } 2552 2553 if s.Trace == nil { 2554 s.Trace = NewString("") 2555 } 2556 } 2557 2558 type BleveSettings struct { 2559 IndexDir *string `access:"experimental"` 2560 EnableIndexing *bool `access:"experimental"` 2561 EnableSearching *bool `access:"experimental"` 2562 EnableAutocomplete *bool `access:"experimental"` 2563 BulkIndexingTimeWindowSeconds *int `access:"experimental"` 2564 } 2565 2566 func (bs *BleveSettings) SetDefaults() { 2567 if bs.IndexDir == nil { 2568 bs.IndexDir = NewString(BLEVE_SETTINGS_DEFAULT_INDEX_DIR) 2569 } 2570 2571 if bs.EnableIndexing == nil { 2572 bs.EnableIndexing = NewBool(false) 2573 } 2574 2575 if bs.EnableSearching == nil { 2576 bs.EnableSearching = NewBool(false) 2577 } 2578 2579 if bs.EnableAutocomplete == nil { 2580 bs.EnableAutocomplete = NewBool(false) 2581 } 2582 2583 if bs.BulkIndexingTimeWindowSeconds == nil { 2584 bs.BulkIndexingTimeWindowSeconds = NewInt(BLEVE_SETTINGS_DEFAULT_BULK_INDEXING_TIME_WINDOW_SECONDS) 2585 } 2586 } 2587 2588 type DataRetentionSettings struct { 2589 EnableMessageDeletion *bool `access:"compliance"` 2590 EnableFileDeletion *bool `access:"compliance"` 2591 MessageRetentionDays *int `access:"compliance"` 2592 FileRetentionDays *int `access:"compliance"` 2593 DeletionJobStartTime *string `access:"compliance"` 2594 } 2595 2596 func (s *DataRetentionSettings) SetDefaults() { 2597 if s.EnableMessageDeletion == nil { 2598 s.EnableMessageDeletion = NewBool(false) 2599 } 2600 2601 if s.EnableFileDeletion == nil { 2602 s.EnableFileDeletion = NewBool(false) 2603 } 2604 2605 if s.MessageRetentionDays == nil { 2606 s.MessageRetentionDays = NewInt(DATA_RETENTION_SETTINGS_DEFAULT_MESSAGE_RETENTION_DAYS) 2607 } 2608 2609 if s.FileRetentionDays == nil { 2610 s.FileRetentionDays = NewInt(DATA_RETENTION_SETTINGS_DEFAULT_FILE_RETENTION_DAYS) 2611 } 2612 2613 if s.DeletionJobStartTime == nil { 2614 s.DeletionJobStartTime = NewString(DATA_RETENTION_SETTINGS_DEFAULT_DELETION_JOB_START_TIME) 2615 } 2616 } 2617 2618 type JobSettings struct { 2619 RunJobs *bool `access:"write_restrictable,cloud_restrictable"` 2620 RunScheduler *bool `access:"write_restrictable,cloud_restrictable"` 2621 } 2622 2623 func (s *JobSettings) SetDefaults() { 2624 if s.RunJobs == nil { 2625 s.RunJobs = NewBool(true) 2626 } 2627 2628 if s.RunScheduler == nil { 2629 s.RunScheduler = NewBool(true) 2630 } 2631 } 2632 2633 type CloudSettings struct { 2634 CWSUrl *string `access:"environment,write_restrictable"` 2635 } 2636 2637 func (s *CloudSettings) SetDefaults() { 2638 if s.CWSUrl == nil { 2639 s.CWSUrl = NewString(CLOUD_SETTINGS_DEFAULT_CWS_URL) 2640 } 2641 } 2642 2643 type PluginState struct { 2644 Enable bool 2645 } 2646 2647 type PluginSettings struct { 2648 Enable *bool `access:"plugins,write_restrictable"` 2649 EnableUploads *bool `access:"plugins,write_restrictable,cloud_restrictable"` 2650 AllowInsecureDownloadUrl *bool `access:"plugins,write_restrictable,cloud_restrictable"` 2651 EnableHealthCheck *bool `access:"plugins,write_restrictable,cloud_restrictable"` 2652 Directory *string `access:"plugins,write_restrictable,cloud_restrictable"` 2653 ClientDirectory *string `access:"plugins,write_restrictable,cloud_restrictable"` 2654 Plugins map[string]map[string]interface{} `access:"plugins"` 2655 PluginStates map[string]*PluginState `access:"plugins"` 2656 EnableMarketplace *bool `access:"plugins,write_restrictable,cloud_restrictable"` 2657 EnableRemoteMarketplace *bool `access:"plugins,write_restrictable,cloud_restrictable"` 2658 AutomaticPrepackagedPlugins *bool `access:"plugins,write_restrictable,cloud_restrictable"` 2659 RequirePluginSignature *bool `access:"plugins,write_restrictable,cloud_restrictable"` 2660 MarketplaceUrl *string `access:"plugins,write_restrictable,cloud_restrictable"` 2661 SignaturePublicKeyFiles []string `access:"plugins,write_restrictable,cloud_restrictable"` 2662 } 2663 2664 func (s *PluginSettings) SetDefaults(ls LogSettings) { 2665 if s.Enable == nil { 2666 s.Enable = NewBool(true) 2667 } 2668 2669 if s.EnableUploads == nil { 2670 s.EnableUploads = NewBool(false) 2671 } 2672 2673 if s.AllowInsecureDownloadUrl == nil { 2674 s.AllowInsecureDownloadUrl = NewBool(false) 2675 } 2676 2677 if s.EnableHealthCheck == nil { 2678 s.EnableHealthCheck = NewBool(true) 2679 } 2680 2681 if s.Directory == nil || *s.Directory == "" { 2682 s.Directory = NewString(PLUGIN_SETTINGS_DEFAULT_DIRECTORY) 2683 } 2684 2685 if s.ClientDirectory == nil || *s.ClientDirectory == "" { 2686 s.ClientDirectory = NewString(PLUGIN_SETTINGS_DEFAULT_CLIENT_DIRECTORY) 2687 } 2688 2689 if s.Plugins == nil { 2690 s.Plugins = make(map[string]map[string]interface{}) 2691 } 2692 2693 if s.PluginStates == nil { 2694 s.PluginStates = make(map[string]*PluginState) 2695 } 2696 2697 if s.PluginStates["com.mattermost.nps"] == nil { 2698 // Enable the NPS plugin by default if diagnostics are enabled 2699 s.PluginStates["com.mattermost.nps"] = &PluginState{Enable: ls.EnableDiagnostics == nil || *ls.EnableDiagnostics} 2700 } 2701 2702 if s.PluginStates["com.mattermost.plugin-incident-management"] == nil && BuildEnterpriseReady == "true" { 2703 // Enable the incident management plugin by default 2704 s.PluginStates["com.mattermost.plugin-incident-management"] = &PluginState{Enable: true} 2705 } 2706 2707 if s.PluginStates["com.mattermost.plugin-channel-export"] == nil && BuildEnterpriseReady == "true" { 2708 // Enable the channel export plugin by default 2709 s.PluginStates["com.mattermost.plugin-channel-export"] = &PluginState{Enable: true} 2710 } 2711 2712 if s.EnableMarketplace == nil { 2713 s.EnableMarketplace = NewBool(PLUGIN_SETTINGS_DEFAULT_ENABLE_MARKETPLACE) 2714 } 2715 2716 if s.EnableRemoteMarketplace == nil { 2717 s.EnableRemoteMarketplace = NewBool(true) 2718 } 2719 2720 if s.AutomaticPrepackagedPlugins == nil { 2721 s.AutomaticPrepackagedPlugins = NewBool(true) 2722 } 2723 2724 if s.MarketplaceUrl == nil || *s.MarketplaceUrl == "" || *s.MarketplaceUrl == PLUGIN_SETTINGS_OLD_MARKETPLACE_URL { 2725 s.MarketplaceUrl = NewString(PLUGIN_SETTINGS_DEFAULT_MARKETPLACE_URL) 2726 } 2727 2728 if s.RequirePluginSignature == nil { 2729 s.RequirePluginSignature = NewBool(false) 2730 } 2731 2732 if s.SignaturePublicKeyFiles == nil { 2733 s.SignaturePublicKeyFiles = []string{} 2734 } 2735 } 2736 2737 type GlobalRelayMessageExportSettings struct { 2738 CustomerType *string `access:"compliance"` // must be either A9 or A10, dictates SMTP server url 2739 SmtpUsername *string `access:"compliance"` 2740 SmtpPassword *string `access:"compliance"` 2741 EmailAddress *string `access:"compliance"` // the address to send messages to 2742 SMTPServerTimeout *int `access:"compliance"` 2743 } 2744 2745 func (s *GlobalRelayMessageExportSettings) SetDefaults() { 2746 if s.CustomerType == nil { 2747 s.CustomerType = NewString(GLOBALRELAY_CUSTOMER_TYPE_A9) 2748 } 2749 if s.SmtpUsername == nil { 2750 s.SmtpUsername = NewString("") 2751 } 2752 if s.SmtpPassword == nil { 2753 s.SmtpPassword = NewString("") 2754 } 2755 if s.EmailAddress == nil { 2756 s.EmailAddress = NewString("") 2757 } 2758 if s.SMTPServerTimeout == nil || *s.SMTPServerTimeout == 0 { 2759 s.SMTPServerTimeout = NewInt(1800) 2760 } 2761 } 2762 2763 type MessageExportSettings struct { 2764 EnableExport *bool `access:"compliance"` 2765 ExportFormat *string `access:"compliance"` 2766 DailyRunTime *string `access:"compliance"` 2767 ExportFromTimestamp *int64 `access:"compliance"` 2768 BatchSize *int `access:"compliance"` 2769 DownloadExportResults *bool `access:"compliance"` 2770 2771 // formatter-specific settings - these are only expected to be non-nil if ExportFormat is set to the associated format 2772 GlobalRelaySettings *GlobalRelayMessageExportSettings `access:"compliance"` 2773 } 2774 2775 func (s *MessageExportSettings) SetDefaults() { 2776 if s.EnableExport == nil { 2777 s.EnableExport = NewBool(false) 2778 } 2779 2780 if s.DownloadExportResults == nil { 2781 s.DownloadExportResults = NewBool(false) 2782 } 2783 2784 if s.ExportFormat == nil { 2785 s.ExportFormat = NewString(COMPLIANCE_EXPORT_TYPE_ACTIANCE) 2786 } 2787 2788 if s.DailyRunTime == nil { 2789 s.DailyRunTime = NewString("01:00") 2790 } 2791 2792 if s.ExportFromTimestamp == nil { 2793 s.ExportFromTimestamp = NewInt64(0) 2794 } 2795 2796 if s.BatchSize == nil { 2797 s.BatchSize = NewInt(10000) 2798 } 2799 2800 if s.GlobalRelaySettings == nil { 2801 s.GlobalRelaySettings = &GlobalRelayMessageExportSettings{} 2802 } 2803 s.GlobalRelaySettings.SetDefaults() 2804 } 2805 2806 type DisplaySettings struct { 2807 CustomUrlSchemes []string `access:"site"` 2808 ExperimentalTimezone *bool `access:"experimental"` 2809 } 2810 2811 func (s *DisplaySettings) SetDefaults() { 2812 if s.CustomUrlSchemes == nil { 2813 customUrlSchemes := []string{} 2814 s.CustomUrlSchemes = customUrlSchemes 2815 } 2816 2817 if s.ExperimentalTimezone == nil { 2818 s.ExperimentalTimezone = NewBool(true) 2819 } 2820 } 2821 2822 type GuestAccountsSettings struct { 2823 Enable *bool `access:"authentication"` 2824 AllowEmailAccounts *bool `access:"authentication"` 2825 EnforceMultifactorAuthentication *bool `access:"authentication"` 2826 RestrictCreationToDomains *string `access:"authentication"` 2827 } 2828 2829 func (s *GuestAccountsSettings) SetDefaults() { 2830 if s.Enable == nil { 2831 s.Enable = NewBool(false) 2832 } 2833 2834 if s.AllowEmailAccounts == nil { 2835 s.AllowEmailAccounts = NewBool(true) 2836 } 2837 2838 if s.EnforceMultifactorAuthentication == nil { 2839 s.EnforceMultifactorAuthentication = NewBool(false) 2840 } 2841 2842 if s.RestrictCreationToDomains == nil { 2843 s.RestrictCreationToDomains = NewString("") 2844 } 2845 } 2846 2847 type ImageProxySettings struct { 2848 Enable *bool `access:"environment"` 2849 ImageProxyType *string `access:"environment"` 2850 RemoteImageProxyURL *string `access:"environment"` 2851 RemoteImageProxyOptions *string `access:"environment"` 2852 } 2853 2854 func (s *ImageProxySettings) SetDefaults(ss ServiceSettings) { 2855 if s.Enable == nil { 2856 if ss.DEPRECATED_DO_NOT_USE_ImageProxyType == nil || *ss.DEPRECATED_DO_NOT_USE_ImageProxyType == "" { 2857 s.Enable = NewBool(false) 2858 } else { 2859 s.Enable = NewBool(true) 2860 } 2861 } 2862 2863 if s.ImageProxyType == nil { 2864 if ss.DEPRECATED_DO_NOT_USE_ImageProxyType == nil || *ss.DEPRECATED_DO_NOT_USE_ImageProxyType == "" { 2865 s.ImageProxyType = NewString(IMAGE_PROXY_TYPE_LOCAL) 2866 } else { 2867 s.ImageProxyType = ss.DEPRECATED_DO_NOT_USE_ImageProxyType 2868 } 2869 } 2870 2871 if s.RemoteImageProxyURL == nil { 2872 if ss.DEPRECATED_DO_NOT_USE_ImageProxyURL == nil { 2873 s.RemoteImageProxyURL = NewString("") 2874 } else { 2875 s.RemoteImageProxyURL = ss.DEPRECATED_DO_NOT_USE_ImageProxyURL 2876 } 2877 } 2878 2879 if s.RemoteImageProxyOptions == nil { 2880 if ss.DEPRECATED_DO_NOT_USE_ImageProxyOptions == nil { 2881 s.RemoteImageProxyOptions = NewString("") 2882 } else { 2883 s.RemoteImageProxyOptions = ss.DEPRECATED_DO_NOT_USE_ImageProxyOptions 2884 } 2885 } 2886 } 2887 2888 // ImportSettings defines configuration settings for file imports. 2889 type ImportSettings struct { 2890 // The directory where to store the imported files. 2891 Directory *string 2892 // The number of days to retain the imported files before deleting them. 2893 RetentionDays *int 2894 } 2895 2896 func (s *ImportSettings) isValid() *AppError { 2897 if *s.Directory == "" { 2898 return NewAppError("Config.IsValid", "model.config.is_valid.import.directory.app_error", nil, "", http.StatusBadRequest) 2899 } 2900 2901 if *s.RetentionDays <= 0 { 2902 return NewAppError("Config.IsValid", "model.config.is_valid.import.retention_days_too_low.app_error", nil, "", http.StatusBadRequest) 2903 } 2904 2905 return nil 2906 } 2907 2908 // SetDefaults applies the default settings to the struct. 2909 func (s *ImportSettings) SetDefaults() { 2910 if s.Directory == nil || *s.Directory == "" { 2911 s.Directory = NewString(IMPORT_SETTINGS_DEFAULT_DIRECTORY) 2912 } 2913 2914 if s.RetentionDays == nil { 2915 s.RetentionDays = NewInt(IMPORT_SETTINGS_DEFAULT_RETENTION_DAYS) 2916 } 2917 } 2918 2919 type ConfigFunc func() *Config 2920 2921 const ConfigAccessTagType = "access" 2922 const ConfigAccessTagWriteRestrictable = "write_restrictable" 2923 const ConfigAccessTagCloudRestrictable = "cloud_restrictable" 2924 2925 // Config fields support the 'access' tag with the following values corresponding to the suffix of the associated 2926 // PERMISSION_SYSCONSOLE_*_* permission Id: 'about', 'reporting', 'user_management_users', 2927 // 'user_management_groups', 'user_management_teams', 'user_management_channels', 2928 // 'user_management_permissions', 'environment', 'site', 'authentication', 'plugins', 2929 // 'integrations', 'compliance', 'plugins', and 'experimental'. They grant read and/or write access to the config field 2930 // to roles without PERMISSION_MANAGE_SYSTEM. 2931 // 2932 // By default config values can be written with PERMISSION_MANAGE_SYSTEM, but if ExperimentalSettings.RestrictSystemAdmin is true 2933 // and the access tag contains the value 'write_restrictable', then even PERMISSION_MANAGE_SYSTEM does not grant write access. 2934 // 2935 // PERMISSION_MANAGE_SYSTEM always grants read access. 2936 // 2937 // Config values with the access tag 'cloud_restrictable' mean that are marked to be filtered when it's used in a cloud licensed 2938 // environment with ExperimentalSettings.RestrictedSystemAdmin set to true. 2939 // 2940 // Example: 2941 // type HairSettings struct { 2942 // // Colour is writeable with either PERMISSION_SYSCONSOLE_WRITE_REPORTING or PERMISSION_SYSCONSOLE_WRITE_USER_MANAGEMENT_GROUPS. 2943 // // It is readable by PERMISSION_SYSCONSOLE_READ_REPORTING and PERMISSION_SYSCONSOLE_READ_USER_MANAGEMENT_GROUPS permissions. 2944 // // PERMISSION_MANAGE_SYSTEM grants read and write access. 2945 // Colour string `access:"reporting,user_management_groups"` 2946 // 2947 // 2948 // // Length is only readable and writable via PERMISSION_MANAGE_SYSTEM. 2949 // Length string 2950 // 2951 // // Product is only writeable by PERMISSION_MANAGE_SYSTEM if ExperimentalSettings.RestrictSystemAdmin is false. 2952 // // PERMISSION_MANAGE_SYSTEM can always read the value. 2953 // Product bool `access:write_restrictable` 2954 // } 2955 type Config struct { 2956 ServiceSettings ServiceSettings 2957 TeamSettings TeamSettings 2958 ClientRequirements ClientRequirements 2959 SqlSettings SqlSettings 2960 LogSettings LogSettings 2961 ExperimentalAuditSettings ExperimentalAuditSettings 2962 NotificationLogSettings NotificationLogSettings 2963 PasswordSettings PasswordSettings 2964 FileSettings FileSettings 2965 EmailSettings EmailSettings 2966 RateLimitSettings RateLimitSettings 2967 PrivacySettings PrivacySettings 2968 SupportSettings SupportSettings 2969 AnnouncementSettings AnnouncementSettings 2970 ThemeSettings ThemeSettings 2971 GitLabSettings SSOSettings 2972 GoogleSettings SSOSettings 2973 Office365Settings Office365Settings 2974 OpenIdSettings SSOSettings 2975 LdapSettings LdapSettings 2976 ComplianceSettings ComplianceSettings 2977 LocalizationSettings LocalizationSettings 2978 SamlSettings SamlSettings 2979 NativeAppSettings NativeAppSettings 2980 ClusterSettings ClusterSettings 2981 MetricsSettings MetricsSettings 2982 ExperimentalSettings ExperimentalSettings 2983 AnalyticsSettings AnalyticsSettings 2984 ElasticsearchSettings ElasticsearchSettings 2985 BleveSettings BleveSettings 2986 DataRetentionSettings DataRetentionSettings 2987 MessageExportSettings MessageExportSettings 2988 JobSettings JobSettings 2989 PluginSettings PluginSettings 2990 DisplaySettings DisplaySettings 2991 GuestAccountsSettings GuestAccountsSettings 2992 ImageProxySettings ImageProxySettings 2993 CloudSettings CloudSettings 2994 FeatureFlags *FeatureFlags `json:",omitempty"` 2995 ImportSettings ImportSettings 2996 } 2997 2998 func (o *Config) Clone() *Config { 2999 var ret Config 3000 if err := json.Unmarshal([]byte(o.ToJson()), &ret); err != nil { 3001 panic(err) 3002 } 3003 return &ret 3004 } 3005 3006 func (o *Config) ToJson() string { 3007 b, _ := json.Marshal(o) 3008 return string(b) 3009 } 3010 3011 func (o *Config) ToJsonFiltered(tagType, tagValue string) string { 3012 filteredConfigMap := structToMapFilteredByTag(*o, tagType, tagValue) 3013 for key, value := range filteredConfigMap { 3014 v, ok := value.(map[string]interface{}) 3015 if ok && len(v) == 0 { 3016 delete(filteredConfigMap, key) 3017 } 3018 } 3019 b, _ := json.Marshal(filteredConfigMap) 3020 return string(b) 3021 } 3022 3023 func (o *Config) GetSSOService(service string) *SSOSettings { 3024 switch service { 3025 case SERVICE_GITLAB: 3026 return &o.GitLabSettings 3027 case SERVICE_GOOGLE: 3028 return &o.GoogleSettings 3029 case SERVICE_OFFICE365: 3030 return o.Office365Settings.SSOSettings() 3031 case SERVICE_OPENID: 3032 return &o.OpenIdSettings 3033 } 3034 3035 return nil 3036 } 3037 3038 func ConfigFromJson(data io.Reader) *Config { 3039 var o *Config 3040 json.NewDecoder(data).Decode(&o) 3041 return o 3042 } 3043 3044 // isUpdate detects a pre-existing config based on whether SiteURL has been changed 3045 func (o *Config) isUpdate() bool { 3046 return o.ServiceSettings.SiteURL != nil 3047 } 3048 3049 func (o *Config) SetDefaults() { 3050 isUpdate := o.isUpdate() 3051 3052 o.LdapSettings.SetDefaults() 3053 o.SamlSettings.SetDefaults() 3054 3055 if o.TeamSettings.TeammateNameDisplay == nil { 3056 o.TeamSettings.TeammateNameDisplay = NewString(SHOW_USERNAME) 3057 3058 if *o.SamlSettings.Enable || *o.LdapSettings.Enable { 3059 *o.TeamSettings.TeammateNameDisplay = SHOW_FULLNAME 3060 } 3061 } 3062 3063 o.SqlSettings.SetDefaults(isUpdate) 3064 o.FileSettings.SetDefaults(isUpdate) 3065 o.EmailSettings.SetDefaults(isUpdate) 3066 o.PrivacySettings.setDefaults() 3067 o.Office365Settings.setDefaults() 3068 o.Office365Settings.setDefaults() 3069 o.GitLabSettings.setDefaults("", "", "", "", "") 3070 o.GoogleSettings.setDefaults(GOOGLE_SETTINGS_DEFAULT_SCOPE, GOOGLE_SETTINGS_DEFAULT_AUTH_ENDPOINT, GOOGLE_SETTINGS_DEFAULT_TOKEN_ENDPOINT, GOOGLE_SETTINGS_DEFAULT_USER_API_ENDPOINT, "") 3071 o.OpenIdSettings.setDefaults(OPENID_SETTINGS_DEFAULT_SCOPE, "", "", "", "#145DBF") 3072 o.ServiceSettings.SetDefaults(isUpdate) 3073 o.PasswordSettings.SetDefaults() 3074 o.TeamSettings.SetDefaults() 3075 o.MetricsSettings.SetDefaults() 3076 o.ExperimentalSettings.SetDefaults() 3077 o.SupportSettings.SetDefaults() 3078 o.AnnouncementSettings.SetDefaults() 3079 o.ThemeSettings.SetDefaults() 3080 o.ClusterSettings.SetDefaults() 3081 o.PluginSettings.SetDefaults(o.LogSettings) 3082 o.AnalyticsSettings.SetDefaults() 3083 o.ComplianceSettings.SetDefaults() 3084 o.LocalizationSettings.SetDefaults() 3085 o.ElasticsearchSettings.SetDefaults() 3086 o.BleveSettings.SetDefaults() 3087 o.NativeAppSettings.SetDefaults() 3088 o.DataRetentionSettings.SetDefaults() 3089 o.RateLimitSettings.SetDefaults() 3090 o.LogSettings.SetDefaults() 3091 o.ExperimentalAuditSettings.SetDefaults() 3092 o.NotificationLogSettings.SetDefaults() 3093 o.JobSettings.SetDefaults() 3094 o.MessageExportSettings.SetDefaults() 3095 o.DisplaySettings.SetDefaults() 3096 o.GuestAccountsSettings.SetDefaults() 3097 o.ImageProxySettings.SetDefaults(o.ServiceSettings) 3098 o.CloudSettings.SetDefaults() 3099 if o.FeatureFlags == nil { 3100 o.FeatureFlags = &FeatureFlags{} 3101 o.FeatureFlags.SetDefaults() 3102 } 3103 o.ImportSettings.SetDefaults() 3104 } 3105 3106 func (o *Config) IsValid() *AppError { 3107 if len(*o.ServiceSettings.SiteURL) == 0 && *o.EmailSettings.EnableEmailBatching { 3108 return NewAppError("Config.IsValid", "model.config.is_valid.site_url_email_batching.app_error", nil, "", http.StatusBadRequest) 3109 } 3110 3111 if *o.ClusterSettings.Enable && *o.EmailSettings.EnableEmailBatching { 3112 return NewAppError("Config.IsValid", "model.config.is_valid.cluster_email_batching.app_error", nil, "", http.StatusBadRequest) 3113 } 3114 3115 if len(*o.ServiceSettings.SiteURL) == 0 && *o.ServiceSettings.AllowCookiesForSubdomains { 3116 return NewAppError("Config.IsValid", "model.config.is_valid.allow_cookies_for_subdomains.app_error", nil, "", http.StatusBadRequest) 3117 } 3118 3119 if err := o.TeamSettings.isValid(); err != nil { 3120 return err 3121 } 3122 3123 if err := o.SqlSettings.isValid(); err != nil { 3124 return err 3125 } 3126 3127 if err := o.FileSettings.isValid(); err != nil { 3128 return err 3129 } 3130 3131 if err := o.EmailSettings.isValid(); err != nil { 3132 return err 3133 } 3134 3135 if err := o.LdapSettings.isValid(); err != nil { 3136 return err 3137 } 3138 3139 if err := o.SamlSettings.isValid(); err != nil { 3140 return err 3141 } 3142 3143 if *o.PasswordSettings.MinimumLength < PASSWORD_MINIMUM_LENGTH || *o.PasswordSettings.MinimumLength > PASSWORD_MAXIMUM_LENGTH { 3144 return NewAppError("Config.IsValid", "model.config.is_valid.password_length.app_error", map[string]interface{}{"MinLength": PASSWORD_MINIMUM_LENGTH, "MaxLength": PASSWORD_MAXIMUM_LENGTH}, "", http.StatusBadRequest) 3145 } 3146 3147 if err := o.RateLimitSettings.isValid(); err != nil { 3148 return err 3149 } 3150 3151 if err := o.ServiceSettings.isValid(); err != nil { 3152 return err 3153 } 3154 3155 if err := o.ElasticsearchSettings.isValid(); err != nil { 3156 return err 3157 } 3158 3159 if err := o.BleveSettings.isValid(); err != nil { 3160 return err 3161 } 3162 3163 if err := o.DataRetentionSettings.isValid(); err != nil { 3164 return err 3165 } 3166 3167 if err := o.LocalizationSettings.isValid(); err != nil { 3168 return err 3169 } 3170 3171 if err := o.MessageExportSettings.isValid(o.FileSettings); err != nil { 3172 return err 3173 } 3174 3175 if err := o.DisplaySettings.isValid(); err != nil { 3176 return err 3177 } 3178 3179 if err := o.ImageProxySettings.isValid(); err != nil { 3180 return err 3181 } 3182 3183 if err := o.ImportSettings.isValid(); err != nil { 3184 return err 3185 } 3186 return nil 3187 } 3188 3189 func (s *TeamSettings) isValid() *AppError { 3190 if *s.MaxUsersPerTeam <= 0 { 3191 return NewAppError("Config.IsValid", "model.config.is_valid.max_users.app_error", nil, "", http.StatusBadRequest) 3192 } 3193 3194 if *s.MaxChannelsPerTeam <= 0 { 3195 return NewAppError("Config.IsValid", "model.config.is_valid.max_channels.app_error", nil, "", http.StatusBadRequest) 3196 } 3197 3198 if *s.MaxNotificationsPerChannel <= 0 { 3199 return NewAppError("Config.IsValid", "model.config.is_valid.max_notify_per_channel.app_error", nil, "", http.StatusBadRequest) 3200 } 3201 3202 if !(*s.RestrictDirectMessage == DIRECT_MESSAGE_ANY || *s.RestrictDirectMessage == DIRECT_MESSAGE_TEAM) { 3203 return NewAppError("Config.IsValid", "model.config.is_valid.restrict_direct_message.app_error", nil, "", http.StatusBadRequest) 3204 } 3205 3206 if !(*s.TeammateNameDisplay == SHOW_FULLNAME || *s.TeammateNameDisplay == SHOW_NICKNAME_FULLNAME || *s.TeammateNameDisplay == SHOW_USERNAME) { 3207 return NewAppError("Config.IsValid", "model.config.is_valid.teammate_name_display.app_error", nil, "", http.StatusBadRequest) 3208 } 3209 3210 if len(*s.SiteName) > SITENAME_MAX_LENGTH { 3211 return NewAppError("Config.IsValid", "model.config.is_valid.sitename_length.app_error", map[string]interface{}{"MaxLength": SITENAME_MAX_LENGTH}, "", http.StatusBadRequest) 3212 } 3213 3214 return nil 3215 } 3216 3217 func (s *SqlSettings) isValid() *AppError { 3218 if *s.AtRestEncryptKey != "" && len(*s.AtRestEncryptKey) < 32 { 3219 return NewAppError("Config.IsValid", "model.config.is_valid.encrypt_sql.app_error", nil, "", http.StatusBadRequest) 3220 } 3221 3222 if !(*s.DriverName == DATABASE_DRIVER_MYSQL || *s.DriverName == DATABASE_DRIVER_POSTGRES) { 3223 return NewAppError("Config.IsValid", "model.config.is_valid.sql_driver.app_error", nil, "", http.StatusBadRequest) 3224 } 3225 3226 if *s.MaxIdleConns <= 0 { 3227 return NewAppError("Config.IsValid", "model.config.is_valid.sql_idle.app_error", nil, "", http.StatusBadRequest) 3228 } 3229 3230 if *s.ConnMaxLifetimeMilliseconds < 0 { 3231 return NewAppError("Config.IsValid", "model.config.is_valid.sql_conn_max_lifetime_milliseconds.app_error", nil, "", http.StatusBadRequest) 3232 } 3233 3234 if *s.QueryTimeout <= 0 { 3235 return NewAppError("Config.IsValid", "model.config.is_valid.sql_query_timeout.app_error", nil, "", http.StatusBadRequest) 3236 } 3237 3238 if len(*s.DataSource) == 0 { 3239 return NewAppError("Config.IsValid", "model.config.is_valid.sql_data_src.app_error", nil, "", http.StatusBadRequest) 3240 } 3241 3242 if *s.MaxOpenConns <= 0 { 3243 return NewAppError("Config.IsValid", "model.config.is_valid.sql_max_conn.app_error", nil, "", http.StatusBadRequest) 3244 } 3245 3246 return nil 3247 } 3248 3249 func (s *FileSettings) isValid() *AppError { 3250 if *s.MaxFileSize <= 0 { 3251 return NewAppError("Config.IsValid", "model.config.is_valid.max_file_size.app_error", nil, "", http.StatusBadRequest) 3252 } 3253 3254 if !(*s.DriverName == IMAGE_DRIVER_LOCAL || *s.DriverName == IMAGE_DRIVER_S3) { 3255 return NewAppError("Config.IsValid", "model.config.is_valid.file_driver.app_error", nil, "", http.StatusBadRequest) 3256 } 3257 3258 if *s.PublicLinkSalt != "" && len(*s.PublicLinkSalt) < 32 { 3259 return NewAppError("Config.IsValid", "model.config.is_valid.file_salt.app_error", nil, "", http.StatusBadRequest) 3260 } 3261 3262 if *s.Directory == "" { 3263 return NewAppError("Config.IsValid", "model.config.is_valid.directory.app_error", nil, "", http.StatusBadRequest) 3264 } 3265 3266 return nil 3267 } 3268 3269 func (s *EmailSettings) isValid() *AppError { 3270 if !(*s.ConnectionSecurity == CONN_SECURITY_NONE || *s.ConnectionSecurity == CONN_SECURITY_TLS || *s.ConnectionSecurity == CONN_SECURITY_STARTTLS || *s.ConnectionSecurity == CONN_SECURITY_PLAIN) { 3271 return NewAppError("Config.IsValid", "model.config.is_valid.email_security.app_error", nil, "", http.StatusBadRequest) 3272 } 3273 3274 if *s.EmailBatchingBufferSize <= 0 { 3275 return NewAppError("Config.IsValid", "model.config.is_valid.email_batching_buffer_size.app_error", nil, "", http.StatusBadRequest) 3276 } 3277 3278 if *s.EmailBatchingInterval < 30 { 3279 return NewAppError("Config.IsValid", "model.config.is_valid.email_batching_interval.app_error", nil, "", http.StatusBadRequest) 3280 } 3281 3282 if !(*s.EmailNotificationContentsType == EMAIL_NOTIFICATION_CONTENTS_FULL || *s.EmailNotificationContentsType == EMAIL_NOTIFICATION_CONTENTS_GENERIC) { 3283 return NewAppError("Config.IsValid", "model.config.is_valid.email_notification_contents_type.app_error", nil, "", http.StatusBadRequest) 3284 } 3285 3286 return nil 3287 } 3288 3289 func (s *RateLimitSettings) isValid() *AppError { 3290 if *s.MemoryStoreSize <= 0 { 3291 return NewAppError("Config.IsValid", "model.config.is_valid.rate_mem.app_error", nil, "", http.StatusBadRequest) 3292 } 3293 3294 if *s.PerSec <= 0 { 3295 return NewAppError("Config.IsValid", "model.config.is_valid.rate_sec.app_error", nil, "", http.StatusBadRequest) 3296 } 3297 3298 if *s.MaxBurst <= 0 { 3299 return NewAppError("Config.IsValid", "model.config.is_valid.max_burst.app_error", nil, "", http.StatusBadRequest) 3300 } 3301 3302 return nil 3303 } 3304 3305 func (s *LdapSettings) isValid() *AppError { 3306 if !(*s.ConnectionSecurity == CONN_SECURITY_NONE || *s.ConnectionSecurity == CONN_SECURITY_TLS || *s.ConnectionSecurity == CONN_SECURITY_STARTTLS) { 3307 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_security.app_error", nil, "", http.StatusBadRequest) 3308 } 3309 3310 if *s.SyncIntervalMinutes <= 0 { 3311 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_sync_interval.app_error", nil, "", http.StatusBadRequest) 3312 } 3313 3314 if *s.MaxPageSize < 0 { 3315 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_max_page_size.app_error", nil, "", http.StatusBadRequest) 3316 } 3317 3318 if *s.Enable { 3319 if *s.LdapServer == "" { 3320 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_server", nil, "", http.StatusBadRequest) 3321 } 3322 3323 if *s.BaseDN == "" { 3324 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_basedn", nil, "", http.StatusBadRequest) 3325 } 3326 3327 if *s.EmailAttribute == "" { 3328 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_email", nil, "", http.StatusBadRequest) 3329 } 3330 3331 if *s.UsernameAttribute == "" { 3332 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_username", nil, "", http.StatusBadRequest) 3333 } 3334 3335 if *s.IdAttribute == "" { 3336 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_id", nil, "", http.StatusBadRequest) 3337 } 3338 3339 if *s.LoginIdAttribute == "" { 3340 return NewAppError("Config.IsValid", "model.config.is_valid.ldap_login_id", nil, "", http.StatusBadRequest) 3341 } 3342 3343 if *s.UserFilter != "" { 3344 if _, err := ldap.CompileFilter(*s.UserFilter); err != nil { 3345 return NewAppError("ValidateFilter", "ent.ldap.validate_filter.app_error", nil, err.Error(), http.StatusBadRequest) 3346 } 3347 } 3348 3349 if *s.GuestFilter != "" { 3350 if _, err := ldap.CompileFilter(*s.GuestFilter); err != nil { 3351 return NewAppError("LdapSettings.isValid", "ent.ldap.validate_guest_filter.app_error", nil, err.Error(), http.StatusBadRequest) 3352 } 3353 } 3354 3355 if *s.AdminFilter != "" { 3356 if _, err := ldap.CompileFilter(*s.AdminFilter); err != nil { 3357 return NewAppError("LdapSettings.isValid", "ent.ldap.validate_admin_filter.app_error", nil, err.Error(), http.StatusBadRequest) 3358 } 3359 } 3360 } 3361 3362 return nil 3363 } 3364 3365 func (s *SamlSettings) isValid() *AppError { 3366 if *s.Enable { 3367 if len(*s.IdpUrl) == 0 || !IsValidHttpUrl(*s.IdpUrl) { 3368 return NewAppError("Config.IsValid", "model.config.is_valid.saml_idp_url.app_error", nil, "", http.StatusBadRequest) 3369 } 3370 3371 if len(*s.IdpDescriptorUrl) == 0 || !IsValidHttpUrl(*s.IdpDescriptorUrl) { 3372 return NewAppError("Config.IsValid", "model.config.is_valid.saml_idp_descriptor_url.app_error", nil, "", http.StatusBadRequest) 3373 } 3374 3375 if len(*s.IdpCertificateFile) == 0 { 3376 return NewAppError("Config.IsValid", "model.config.is_valid.saml_idp_cert.app_error", nil, "", http.StatusBadRequest) 3377 } 3378 3379 if len(*s.EmailAttribute) == 0 { 3380 return NewAppError("Config.IsValid", "model.config.is_valid.saml_email_attribute.app_error", nil, "", http.StatusBadRequest) 3381 } 3382 3383 if len(*s.UsernameAttribute) == 0 { 3384 return NewAppError("Config.IsValid", "model.config.is_valid.saml_username_attribute.app_error", nil, "", http.StatusBadRequest) 3385 } 3386 3387 if len(*s.ServiceProviderIdentifier) == 0 { 3388 return NewAppError("Config.IsValid", "model.config.is_valid.saml_spidentifier_attribute.app_error", nil, "", http.StatusBadRequest) 3389 } 3390 3391 if *s.Verify { 3392 if len(*s.AssertionConsumerServiceURL) == 0 || !IsValidHttpUrl(*s.AssertionConsumerServiceURL) { 3393 return NewAppError("Config.IsValid", "model.config.is_valid.saml_assertion_consumer_service_url.app_error", nil, "", http.StatusBadRequest) 3394 } 3395 } 3396 3397 if *s.Encrypt { 3398 if len(*s.PrivateKeyFile) == 0 { 3399 return NewAppError("Config.IsValid", "model.config.is_valid.saml_private_key.app_error", nil, "", http.StatusBadRequest) 3400 } 3401 3402 if len(*s.PublicCertificateFile) == 0 { 3403 return NewAppError("Config.IsValid", "model.config.is_valid.saml_public_cert.app_error", nil, "", http.StatusBadRequest) 3404 } 3405 } 3406 3407 if len(*s.EmailAttribute) == 0 { 3408 return NewAppError("Config.IsValid", "model.config.is_valid.saml_email_attribute.app_error", nil, "", http.StatusBadRequest) 3409 } 3410 3411 if !(*s.SignatureAlgorithm == SAML_SETTINGS_SIGNATURE_ALGORITHM_SHA1 || *s.SignatureAlgorithm == SAML_SETTINGS_SIGNATURE_ALGORITHM_SHA256 || *s.SignatureAlgorithm == SAML_SETTINGS_SIGNATURE_ALGORITHM_SHA512) { 3412 return NewAppError("Config.IsValid", "model.config.is_valid.saml_signature_algorithm.app_error", nil, "", http.StatusBadRequest) 3413 } 3414 if !(*s.CanonicalAlgorithm == SAML_SETTINGS_CANONICAL_ALGORITHM_C14N || *s.CanonicalAlgorithm == SAML_SETTINGS_CANONICAL_ALGORITHM_C14N11) { 3415 return NewAppError("Config.IsValid", "model.config.is_valid.saml_canonical_algorithm.app_error", nil, "", http.StatusBadRequest) 3416 } 3417 3418 if len(*s.GuestAttribute) > 0 { 3419 if !(strings.Contains(*s.GuestAttribute, "=")) { 3420 return NewAppError("Config.IsValid", "model.config.is_valid.saml_guest_attribute.app_error", nil, "", http.StatusBadRequest) 3421 } 3422 if len(strings.Split(*s.GuestAttribute, "=")) != 2 { 3423 return NewAppError("Config.IsValid", "model.config.is_valid.saml_guest_attribute.app_error", nil, "", http.StatusBadRequest) 3424 } 3425 } 3426 3427 if len(*s.AdminAttribute) > 0 { 3428 if !(strings.Contains(*s.AdminAttribute, "=")) { 3429 return NewAppError("Config.IsValid", "model.config.is_valid.saml_admin_attribute.app_error", nil, "", http.StatusBadRequest) 3430 } 3431 if len(strings.Split(*s.AdminAttribute, "=")) != 2 { 3432 return NewAppError("Config.IsValid", "model.config.is_valid.saml_admin_attribute.app_error", nil, "", http.StatusBadRequest) 3433 } 3434 } 3435 } 3436 3437 return nil 3438 } 3439 3440 func (s *ServiceSettings) isValid() *AppError { 3441 if !(*s.ConnectionSecurity == CONN_SECURITY_NONE || *s.ConnectionSecurity == CONN_SECURITY_TLS) { 3442 return NewAppError("Config.IsValid", "model.config.is_valid.webserver_security.app_error", nil, "", http.StatusBadRequest) 3443 } 3444 3445 if *s.ConnectionSecurity == CONN_SECURITY_TLS && !*s.UseLetsEncrypt { 3446 appErr := NewAppError("Config.IsValid", "model.config.is_valid.tls_cert_file.app_error", nil, "", http.StatusBadRequest) 3447 3448 if *s.TLSCertFile == "" { 3449 return appErr 3450 } else if _, err := os.Stat(*s.TLSCertFile); os.IsNotExist(err) { 3451 return appErr 3452 } 3453 3454 appErr = NewAppError("Config.IsValid", "model.config.is_valid.tls_key_file.app_error", nil, "", http.StatusBadRequest) 3455 3456 if *s.TLSKeyFile == "" { 3457 return appErr 3458 } else if _, err := os.Stat(*s.TLSKeyFile); os.IsNotExist(err) { 3459 return appErr 3460 } 3461 } 3462 3463 if len(s.TLSOverwriteCiphers) > 0 { 3464 for _, cipher := range s.TLSOverwriteCiphers { 3465 if _, ok := ServerTLSSupportedCiphers[cipher]; !ok { 3466 return NewAppError("Config.IsValid", "model.config.is_valid.tls_overwrite_cipher.app_error", map[string]interface{}{"name": cipher}, "", http.StatusBadRequest) 3467 } 3468 } 3469 } 3470 3471 if *s.ReadTimeout <= 0 { 3472 return NewAppError("Config.IsValid", "model.config.is_valid.read_timeout.app_error", nil, "", http.StatusBadRequest) 3473 } 3474 3475 if *s.WriteTimeout <= 0 { 3476 return NewAppError("Config.IsValid", "model.config.is_valid.write_timeout.app_error", nil, "", http.StatusBadRequest) 3477 } 3478 3479 if *s.TimeBetweenUserTypingUpdatesMilliseconds < 1000 { 3480 return NewAppError("Config.IsValid", "model.config.is_valid.time_between_user_typing.app_error", nil, "", http.StatusBadRequest) 3481 } 3482 3483 if *s.MaximumLoginAttempts <= 0 { 3484 return NewAppError("Config.IsValid", "model.config.is_valid.login_attempts.app_error", nil, "", http.StatusBadRequest) 3485 } 3486 3487 if *s.SiteURL != "" { 3488 if _, err := url.ParseRequestURI(*s.SiteURL); err != nil { 3489 return NewAppError("Config.IsValid", "model.config.is_valid.site_url.app_error", nil, "", http.StatusBadRequest) 3490 } 3491 } 3492 3493 if *s.WebsocketURL != "" { 3494 if _, err := url.ParseRequestURI(*s.WebsocketURL); err != nil { 3495 return NewAppError("Config.IsValid", "model.config.is_valid.websocket_url.app_error", nil, "", http.StatusBadRequest) 3496 } 3497 } 3498 3499 host, port, _ := net.SplitHostPort(*s.ListenAddress) 3500 var isValidHost bool 3501 if host == "" { 3502 isValidHost = true 3503 } else { 3504 isValidHost = (net.ParseIP(host) != nil) || IsDomainName(host) 3505 } 3506 portInt, err := strconv.Atoi(port) 3507 if err != nil || !isValidHost || portInt < 0 || portInt > math.MaxUint16 { 3508 return NewAppError("Config.IsValid", "model.config.is_valid.listen_address.app_error", nil, "", http.StatusBadRequest) 3509 } 3510 3511 if *s.ExperimentalGroupUnreadChannels != GROUP_UNREAD_CHANNELS_DISABLED && 3512 *s.ExperimentalGroupUnreadChannels != GROUP_UNREAD_CHANNELS_DEFAULT_ON && 3513 *s.ExperimentalGroupUnreadChannels != GROUP_UNREAD_CHANNELS_DEFAULT_OFF { 3514 return NewAppError("Config.IsValid", "model.config.is_valid.group_unread_channels.app_error", nil, "", http.StatusBadRequest) 3515 } 3516 3517 if *s.CollapsedThreads != COLLAPSED_THREADS_DISABLED && 3518 *s.CollapsedThreads != COLLAPSED_THREADS_DEFAULT_ON && 3519 *s.CollapsedThreads != COLLAPSED_THREADS_DEFAULT_OFF { 3520 return NewAppError("Config.IsValid", "model.config.is_valid.collapsed_threads.app_error", nil, "", http.StatusBadRequest) 3521 } 3522 3523 return nil 3524 } 3525 3526 func (s *ElasticsearchSettings) isValid() *AppError { 3527 if *s.EnableIndexing { 3528 if len(*s.ConnectionUrl) == 0 { 3529 return NewAppError("Config.IsValid", "model.config.is_valid.elastic_search.connection_url.app_error", nil, "", http.StatusBadRequest) 3530 } 3531 } 3532 3533 if *s.EnableSearching && !*s.EnableIndexing { 3534 return NewAppError("Config.IsValid", "model.config.is_valid.elastic_search.enable_searching.app_error", nil, "", http.StatusBadRequest) 3535 } 3536 3537 if *s.EnableAutocomplete && !*s.EnableIndexing { 3538 return NewAppError("Config.IsValid", "model.config.is_valid.elastic_search.enable_autocomplete.app_error", nil, "", http.StatusBadRequest) 3539 } 3540 3541 if *s.AggregatePostsAfterDays < 1 { 3542 return NewAppError("Config.IsValid", "model.config.is_valid.elastic_search.aggregate_posts_after_days.app_error", nil, "", http.StatusBadRequest) 3543 } 3544 3545 if _, err := time.Parse("15:04", *s.PostsAggregatorJobStartTime); err != nil { 3546 return NewAppError("Config.IsValid", "model.config.is_valid.elastic_search.posts_aggregator_job_start_time.app_error", nil, err.Error(), http.StatusBadRequest) 3547 } 3548 3549 if *s.LiveIndexingBatchSize < 1 { 3550 return NewAppError("Config.IsValid", "model.config.is_valid.elastic_search.live_indexing_batch_size.app_error", nil, "", http.StatusBadRequest) 3551 } 3552 3553 if *s.BulkIndexingTimeWindowSeconds < 1 { 3554 return NewAppError("Config.IsValid", "model.config.is_valid.elastic_search.bulk_indexing_time_window_seconds.app_error", nil, "", http.StatusBadRequest) 3555 } 3556 3557 if *s.RequestTimeoutSeconds < 1 { 3558 return NewAppError("Config.IsValid", "model.config.is_valid.elastic_search.request_timeout_seconds.app_error", nil, "", http.StatusBadRequest) 3559 } 3560 3561 return nil 3562 } 3563 3564 func (bs *BleveSettings) isValid() *AppError { 3565 if *bs.EnableIndexing { 3566 if len(*bs.IndexDir) == 0 { 3567 return NewAppError("Config.IsValid", "model.config.is_valid.bleve_search.filename.app_error", nil, "", http.StatusBadRequest) 3568 } 3569 } else { 3570 if *bs.EnableSearching { 3571 return NewAppError("Config.IsValid", "model.config.is_valid.bleve_search.enable_searching.app_error", nil, "", http.StatusBadRequest) 3572 } 3573 if *bs.EnableAutocomplete { 3574 return NewAppError("Config.IsValid", "model.config.is_valid.bleve_search.enable_autocomplete.app_error", nil, "", http.StatusBadRequest) 3575 } 3576 } 3577 if *bs.BulkIndexingTimeWindowSeconds < 1 { 3578 return NewAppError("Config.IsValid", "model.config.is_valid.bleve_search.bulk_indexing_time_window_seconds.app_error", nil, "", http.StatusBadRequest) 3579 } 3580 3581 return nil 3582 } 3583 3584 func (s *DataRetentionSettings) isValid() *AppError { 3585 if *s.MessageRetentionDays <= 0 { 3586 return NewAppError("Config.IsValid", "model.config.is_valid.data_retention.message_retention_days_too_low.app_error", nil, "", http.StatusBadRequest) 3587 } 3588 3589 if *s.FileRetentionDays <= 0 { 3590 return NewAppError("Config.IsValid", "model.config.is_valid.data_retention.file_retention_days_too_low.app_error", nil, "", http.StatusBadRequest) 3591 } 3592 3593 if _, err := time.Parse("15:04", *s.DeletionJobStartTime); err != nil { 3594 return NewAppError("Config.IsValid", "model.config.is_valid.data_retention.deletion_job_start_time.app_error", nil, err.Error(), http.StatusBadRequest) 3595 } 3596 3597 return nil 3598 } 3599 3600 func (s *LocalizationSettings) isValid() *AppError { 3601 if len(*s.AvailableLocales) > 0 { 3602 if !strings.Contains(*s.AvailableLocales, *s.DefaultClientLocale) { 3603 return NewAppError("Config.IsValid", "model.config.is_valid.localization.available_locales.app_error", nil, "", http.StatusBadRequest) 3604 } 3605 } 3606 3607 return nil 3608 } 3609 3610 func (s *MessageExportSettings) isValid(fs FileSettings) *AppError { 3611 if s.EnableExport == nil { 3612 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.enable.app_error", nil, "", http.StatusBadRequest) 3613 } 3614 if *s.EnableExport { 3615 if s.ExportFromTimestamp == nil || *s.ExportFromTimestamp < 0 || *s.ExportFromTimestamp > GetMillis() { 3616 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.export_from.app_error", nil, "", http.StatusBadRequest) 3617 } else if s.DailyRunTime == nil { 3618 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.daily_runtime.app_error", nil, "", http.StatusBadRequest) 3619 } else if _, err := time.Parse("15:04", *s.DailyRunTime); err != nil { 3620 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.daily_runtime.app_error", nil, err.Error(), http.StatusBadRequest) 3621 } else if s.BatchSize == nil || *s.BatchSize < 0 { 3622 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.batch_size.app_error", nil, "", http.StatusBadRequest) 3623 } else if s.ExportFormat == nil || (*s.ExportFormat != COMPLIANCE_EXPORT_TYPE_ACTIANCE && *s.ExportFormat != COMPLIANCE_EXPORT_TYPE_GLOBALRELAY && *s.ExportFormat != COMPLIANCE_EXPORT_TYPE_CSV) { 3624 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.export_type.app_error", nil, "", http.StatusBadRequest) 3625 } 3626 3627 if *s.ExportFormat == COMPLIANCE_EXPORT_TYPE_GLOBALRELAY { 3628 if s.GlobalRelaySettings == nil { 3629 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.global_relay.config_missing.app_error", nil, "", http.StatusBadRequest) 3630 } else if s.GlobalRelaySettings.CustomerType == nil || (*s.GlobalRelaySettings.CustomerType != GLOBALRELAY_CUSTOMER_TYPE_A9 && *s.GlobalRelaySettings.CustomerType != GLOBALRELAY_CUSTOMER_TYPE_A10) { 3631 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.global_relay.customer_type.app_error", nil, "", http.StatusBadRequest) 3632 } else if s.GlobalRelaySettings.EmailAddress == nil || !strings.Contains(*s.GlobalRelaySettings.EmailAddress, "@") { 3633 // validating email addresses is hard - just make sure it contains an '@' sign 3634 // see https://stackoverflow.com/questions/201323/using-a-regular-expression-to-validate-an-email-address 3635 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.global_relay.email_address.app_error", nil, "", http.StatusBadRequest) 3636 } else if s.GlobalRelaySettings.SmtpUsername == nil || *s.GlobalRelaySettings.SmtpUsername == "" { 3637 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.global_relay.smtp_username.app_error", nil, "", http.StatusBadRequest) 3638 } else if s.GlobalRelaySettings.SmtpPassword == nil || *s.GlobalRelaySettings.SmtpPassword == "" { 3639 return NewAppError("Config.IsValid", "model.config.is_valid.message_export.global_relay.smtp_password.app_error", nil, "", http.StatusBadRequest) 3640 } 3641 } 3642 } 3643 return nil 3644 } 3645 3646 func (s *DisplaySettings) isValid() *AppError { 3647 if len(s.CustomUrlSchemes) != 0 { 3648 validProtocolPattern := regexp.MustCompile(`(?i)^\s*[A-Za-z][A-Za-z0-9.+-]*\s*$`) 3649 3650 for _, scheme := range s.CustomUrlSchemes { 3651 if !validProtocolPattern.MatchString(scheme) { 3652 return NewAppError( 3653 "Config.IsValid", 3654 "model.config.is_valid.display.custom_url_schemes.app_error", 3655 map[string]interface{}{"Scheme": scheme}, 3656 "", 3657 http.StatusBadRequest, 3658 ) 3659 } 3660 } 3661 } 3662 3663 return nil 3664 } 3665 3666 func (s *ImageProxySettings) isValid() *AppError { 3667 if *s.Enable { 3668 switch *s.ImageProxyType { 3669 case IMAGE_PROXY_TYPE_LOCAL: 3670 // No other settings to validate 3671 case IMAGE_PROXY_TYPE_ATMOS_CAMO: 3672 if *s.RemoteImageProxyURL == "" { 3673 return NewAppError("Config.IsValid", "model.config.is_valid.atmos_camo_image_proxy_url.app_error", nil, "", http.StatusBadRequest) 3674 } 3675 3676 if *s.RemoteImageProxyOptions == "" { 3677 return NewAppError("Config.IsValid", "model.config.is_valid.atmos_camo_image_proxy_options.app_error", nil, "", http.StatusBadRequest) 3678 } 3679 default: 3680 return NewAppError("Config.IsValid", "model.config.is_valid.image_proxy_type.app_error", nil, "", http.StatusBadRequest) 3681 } 3682 } 3683 3684 return nil 3685 } 3686 3687 func (o *Config) GetSanitizeOptions() map[string]bool { 3688 options := map[string]bool{} 3689 options["fullname"] = *o.PrivacySettings.ShowFullName 3690 options["email"] = *o.PrivacySettings.ShowEmailAddress 3691 3692 return options 3693 } 3694 3695 func (o *Config) Sanitize() { 3696 if o.LdapSettings.BindPassword != nil && len(*o.LdapSettings.BindPassword) > 0 { 3697 *o.LdapSettings.BindPassword = FAKE_SETTING 3698 } 3699 3700 *o.FileSettings.PublicLinkSalt = FAKE_SETTING 3701 3702 if len(*o.FileSettings.AmazonS3SecretAccessKey) > 0 { 3703 *o.FileSettings.AmazonS3SecretAccessKey = FAKE_SETTING 3704 } 3705 3706 if o.EmailSettings.SMTPPassword != nil && len(*o.EmailSettings.SMTPPassword) > 0 { 3707 *o.EmailSettings.SMTPPassword = FAKE_SETTING 3708 } 3709 3710 if len(*o.GitLabSettings.Secret) > 0 { 3711 *o.GitLabSettings.Secret = FAKE_SETTING 3712 } 3713 3714 if o.GoogleSettings.Secret != nil && len(*o.GoogleSettings.Secret) > 0 { 3715 *o.GoogleSettings.Secret = FAKE_SETTING 3716 } 3717 3718 if o.Office365Settings.Secret != nil && len(*o.Office365Settings.Secret) > 0 { 3719 *o.Office365Settings.Secret = FAKE_SETTING 3720 } 3721 3722 if o.OpenIdSettings.Secret != nil && len(*o.OpenIdSettings.Secret) > 0 { 3723 *o.OpenIdSettings.Secret = FAKE_SETTING 3724 } 3725 3726 *o.SqlSettings.DataSource = FAKE_SETTING 3727 *o.SqlSettings.AtRestEncryptKey = FAKE_SETTING 3728 3729 *o.ElasticsearchSettings.Password = FAKE_SETTING 3730 3731 for i := range o.SqlSettings.DataSourceReplicas { 3732 o.SqlSettings.DataSourceReplicas[i] = FAKE_SETTING 3733 } 3734 3735 for i := range o.SqlSettings.DataSourceSearchReplicas { 3736 o.SqlSettings.DataSourceSearchReplicas[i] = FAKE_SETTING 3737 } 3738 3739 if o.MessageExportSettings.GlobalRelaySettings.SmtpPassword != nil && len(*o.MessageExportSettings.GlobalRelaySettings.SmtpPassword) > 0 { 3740 *o.MessageExportSettings.GlobalRelaySettings.SmtpPassword = FAKE_SETTING 3741 } 3742 3743 if o.ServiceSettings.GfycatApiSecret != nil && len(*o.ServiceSettings.GfycatApiSecret) > 0 { 3744 *o.ServiceSettings.GfycatApiSecret = FAKE_SETTING 3745 } 3746 3747 *o.ServiceSettings.SplitKey = FAKE_SETTING 3748 } 3749 3750 // structToMapFilteredByTag converts a struct into a map removing those fields that has the tag passed 3751 // as argument 3752 func structToMapFilteredByTag(t interface{}, typeOfTag, filterTag string) map[string]interface{} { 3753 defer func() { 3754 if r := recover(); r != nil { 3755 mlog.Error("Panicked in structToMapFilteredByTag. This should never happen.", mlog.Any("recover", r)) 3756 } 3757 }() 3758 3759 val := reflect.ValueOf(t) 3760 elemField := reflect.TypeOf(t) 3761 3762 if val.Kind() != reflect.Struct { 3763 return nil 3764 } 3765 3766 out := map[string]interface{}{} 3767 3768 for i := 0; i < val.NumField(); i++ { 3769 field := val.Field(i) 3770 3771 structField := elemField.Field(i) 3772 tagPermissions := strings.Split(structField.Tag.Get(typeOfTag), ",") 3773 if isTagPresent(filterTag, tagPermissions) { 3774 continue 3775 } 3776 3777 var value interface{} 3778 3779 switch field.Kind() { 3780 case reflect.Struct: 3781 value = structToMapFilteredByTag(field.Interface(), typeOfTag, filterTag) 3782 case reflect.Ptr: 3783 indirectType := field.Elem() 3784 if indirectType.Kind() == reflect.Struct { 3785 value = structToMapFilteredByTag(indirectType.Interface(), typeOfTag, filterTag) 3786 } else if indirectType.Kind() != reflect.Invalid { 3787 value = indirectType.Interface() 3788 } 3789 default: 3790 value = field.Interface() 3791 } 3792 3793 out[val.Type().Field(i).Name] = value 3794 } 3795 3796 return out 3797 } 3798 3799 func isTagPresent(tag string, tags []string) bool { 3800 for _, val := range tags { 3801 tagValue := strings.TrimSpace(val) 3802 if tagValue != "" && tagValue == tag { 3803 return true 3804 } 3805 } 3806 3807 return false 3808 }