github.com/vnforks/kid/v5@v5.22.1-0.20200408055009-b89d99c65676/app/migrations.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package app 5 6 import ( 7 "reflect" 8 9 "github.com/vnforks/kid/v5/mlog" 10 "github.com/vnforks/kid/v5/model" 11 "github.com/vnforks/kid/v5/utils" 12 ) 13 14 const ADVANCED_PERMISSIONS_MIGRATION_KEY = "AdvancedPermissionsMigrationComplete" 15 const EMOJIS_PERMISSIONS_MIGRATION_KEY = "EmojisPermissionsMigrationComplete" 16 const GUEST_ROLES_CREATION_MIGRATION_KEY = "GuestRolesCreationMigrationComplete" 17 18 // This function migrates the default built in roles from code/config to the database. 19 func (a *App) DoAdvancedPermissionsMigration() { 20 // If the migration is already marked as completed, don't do it again. 21 if _, err := a.Srv().Store.System().GetByName(ADVANCED_PERMISSIONS_MIGRATION_KEY); err == nil { 22 return 23 } 24 25 mlog.Info("Migrating roles to database.") 26 roles := model.MakeDefaultRoles() 27 roles = utils.SetRolePermissionsFromConfig(roles, a.Config(), a.License() != nil) 28 29 allSucceeded := true 30 31 for _, role := range roles { 32 _, err := a.Srv().Store.Role().Save(role) 33 if err == nil { 34 continue 35 } 36 37 // If this failed for reasons other than the role already existing, don't mark the migration as done. 38 fetchedRole, err := a.Srv().Store.Role().GetByName(role.Name) 39 if err != nil { 40 mlog.Critical("Failed to migrate role to database.", mlog.Err(err)) 41 allSucceeded = false 42 continue 43 } 44 45 // If the role already existed, check it is the same and update if not. 46 if !reflect.DeepEqual(fetchedRole.Permissions, role.Permissions) || 47 fetchedRole.DisplayName != role.DisplayName || 48 fetchedRole.Description != role.Description || 49 fetchedRole.SchemeManaged != role.SchemeManaged { 50 role.Id = fetchedRole.Id 51 if _, err = a.Srv().Store.Role().Save(role); err != nil { 52 // Role is not the same, but failed to update. 53 mlog.Critical("Failed to migrate role to database.", mlog.Err(err)) 54 allSucceeded = false 55 } 56 } 57 } 58 59 if !allSucceeded { 60 return 61 } 62 63 config := a.Config() 64 if *config.ServiceSettings.DEPRECATED_DO_NOT_USE_AllowEditPost == model.ALLOW_EDIT_POST_ALWAYS { 65 *config.ServiceSettings.PostEditTimeLimit = -1 66 if err := a.SaveConfig(config, true); err != nil { 67 mlog.Error("Failed to update config in Advanced Permissions Phase 1 Migration.", mlog.Err(err)) 68 } 69 } 70 71 system := model.System{ 72 Name: ADVANCED_PERMISSIONS_MIGRATION_KEY, 73 Value: "true", 74 } 75 76 if err := a.Srv().Store.System().Save(&system); err != nil { 77 mlog.Critical("Failed to mark advanced permissions migration as completed.", mlog.Err(err)) 78 } 79 } 80 81 func (a *App) SetPhase2PermissionsMigrationStatus(isComplete bool) error { 82 if !isComplete { 83 if _, err := a.Srv().Store.System().PermanentDeleteByName(model.MIGRATION_KEY_ADVANCED_PERMISSIONS_PHASE_2); err != nil { 84 return err 85 } 86 } 87 a.Srv().phase2PermissionsMigrationComplete = isComplete 88 return nil 89 } 90 91 func (a *App) DoEmojisPermissionsMigration() { 92 // If the migration is already marked as completed, don't do it again. 93 if _, err := a.Srv().Store.System().GetByName(EMOJIS_PERMISSIONS_MIGRATION_KEY); err == nil { 94 return 95 } 96 97 var role *model.Role 98 var systemAdminRole *model.Role 99 var err *model.AppError 100 101 mlog.Info("Migrating emojis config to database.") 102 switch *a.Config().ServiceSettings.DEPRECATED_DO_NOT_USE_RestrictCustomEmojiCreation { 103 case model.RESTRICT_EMOJI_CREATION_ALL: 104 role, err = a.GetRoleByName(model.SYSTEM_USER_ROLE_ID) 105 if err != nil { 106 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.", mlog.Err(err)) 107 return 108 } 109 case model.RESTRICT_EMOJI_CREATION_ADMIN: 110 role, err = a.GetRoleByName(model.BRANCH_ADMIN_ROLE_ID) 111 if err != nil { 112 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.", mlog.Err(err)) 113 return 114 } 115 case model.RESTRICT_EMOJI_CREATION_SYSTEM_ADMIN: 116 role = nil 117 default: 118 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config. Invalid restrict emoji creation setting") 119 return 120 } 121 122 if role != nil { 123 role.Permissions = append(role.Permissions, model.PERMISSION_CREATE_EMOJIS.Id, model.PERMISSION_DELETE_EMOJIS.Id) 124 if _, err = a.Srv().Store.Role().Save(role); err != nil { 125 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.", mlog.Err(err)) 126 return 127 } 128 } 129 130 systemAdminRole, err = a.GetRoleByName(model.SYSTEM_ADMIN_ROLE_ID) 131 if err != nil { 132 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.", mlog.Err(err)) 133 return 134 } 135 136 systemAdminRole.Permissions = append(systemAdminRole.Permissions, model.PERMISSION_CREATE_EMOJIS.Id, model.PERMISSION_DELETE_EMOJIS.Id) 137 systemAdminRole.Permissions = append(systemAdminRole.Permissions, model.PERMISSION_DELETE_OTHERS_EMOJIS.Id) 138 if _, err := a.Srv().Store.Role().Save(systemAdminRole); err != nil { 139 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.", mlog.Err(err)) 140 return 141 } 142 143 system := model.System{ 144 Name: EMOJIS_PERMISSIONS_MIGRATION_KEY, 145 Value: "true", 146 } 147 148 if err := a.Srv().Store.System().Save(&system); err != nil { 149 mlog.Critical("Failed to mark emojis permissions migration as completed.", mlog.Err(err)) 150 } 151 } 152 153 func (a *App) DoAppMigrations() { 154 a.DoAdvancedPermissionsMigration() 155 a.DoEmojisPermissionsMigration() 156 // This migration always must be the last, because can be based on previous 157 // migrations. For example, it needs the guest roles migration. 158 a.DoPermissionsMigrations() 159 }