github.com/vnforks/kid@v5.11.1+incompatible/app/migrations.go (about) 1 // Copyright (c) 2016-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package app 5 6 import ( 7 "fmt" 8 "reflect" 9 10 "github.com/mattermost/mattermost-server/mlog" 11 "github.com/mattermost/mattermost-server/model" 12 "github.com/mattermost/mattermost-server/utils" 13 ) 14 15 const ADVANCED_PERMISSIONS_MIGRATION_KEY = "AdvancedPermissionsMigrationComplete" 16 const EMOJIS_PERMISSIONS_MIGRATION_KEY = "EmojisPermissionsMigrationComplete" 17 18 // This function migrates the default built in roles from code/config to the database. 19 func (a *App) DoAdvancedPermissionsMigration() { 20 // If the migration is already marked as completed, don't do it again. 21 if result := <-a.Srv.Store.System().GetByName(ADVANCED_PERMISSIONS_MIGRATION_KEY); result.Err == nil { 22 return 23 } 24 25 mlog.Info("Migrating roles to database.") 26 roles := model.MakeDefaultRoles() 27 roles = utils.SetRolePermissionsFromConfig(roles, a.Config(), a.License() != nil) 28 29 allSucceeded := true 30 31 for _, role := range roles { 32 if result := <-a.Srv.Store.Role().Save(role); result.Err != nil { 33 // If this failed for reasons other than the role already existing, don't mark the migration as done. 34 if result2 := <-a.Srv.Store.Role().GetByName(role.Name); result2.Err != nil { 35 mlog.Critical("Failed to migrate role to database.") 36 mlog.Critical(fmt.Sprint(result.Err)) 37 allSucceeded = false 38 } else { 39 // If the role already existed, check it is the same and update if not. 40 fetchedRole := result.Data.(*model.Role) 41 if !reflect.DeepEqual(fetchedRole.Permissions, role.Permissions) || 42 fetchedRole.DisplayName != role.DisplayName || 43 fetchedRole.Description != role.Description || 44 fetchedRole.SchemeManaged != role.SchemeManaged { 45 role.Id = fetchedRole.Id 46 if result := <-a.Srv.Store.Role().Save(role); result.Err != nil { 47 // Role is not the same, but failed to update. 48 mlog.Critical("Failed to migrate role to database.") 49 mlog.Critical(fmt.Sprint(result.Err)) 50 allSucceeded = false 51 } 52 } 53 } 54 } 55 } 56 57 if !allSucceeded { 58 return 59 } 60 61 config := a.Config() 62 if *config.ServiceSettings.DEPRECATED_DO_NOT_USE_AllowEditPost == model.ALLOW_EDIT_POST_ALWAYS { 63 *config.ServiceSettings.PostEditTimeLimit = -1 64 if err := a.SaveConfig(config, true); err != nil { 65 mlog.Error("Failed to update config in Advanced Permissions Phase 1 Migration.", mlog.String("error", err.Error())) 66 } 67 } 68 69 system := model.System{ 70 Name: ADVANCED_PERMISSIONS_MIGRATION_KEY, 71 Value: "true", 72 } 73 74 if result := <-a.Srv.Store.System().Save(&system); result.Err != nil { 75 mlog.Critical("Failed to mark advanced permissions migration as completed.") 76 mlog.Critical(fmt.Sprint(result.Err)) 77 } 78 } 79 80 func (a *App) SetPhase2PermissionsMigrationStatus(isComplete bool) error { 81 if !isComplete { 82 res := <-a.Srv.Store.System().PermanentDeleteByName(model.MIGRATION_KEY_ADVANCED_PERMISSIONS_PHASE_2) 83 if res.Err != nil { 84 return res.Err 85 } 86 } 87 a.Srv.phase2PermissionsMigrationComplete = isComplete 88 return nil 89 } 90 91 func (a *App) DoEmojisPermissionsMigration() { 92 // If the migration is already marked as completed, don't do it again. 93 if result := <-a.Srv.Store.System().GetByName(EMOJIS_PERMISSIONS_MIGRATION_KEY); result.Err == nil { 94 return 95 } 96 97 var role *model.Role = nil 98 var systemAdminRole *model.Role = nil 99 var err *model.AppError = nil 100 101 mlog.Info("Migrating emojis config to database.") 102 switch *a.Config().ServiceSettings.DEPRECATED_DO_NOT_USE_RestrictCustomEmojiCreation { 103 case model.RESTRICT_EMOJI_CREATION_ALL: 104 role, err = a.GetRoleByName(model.SYSTEM_USER_ROLE_ID) 105 if err != nil { 106 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.") 107 mlog.Critical(err.Error()) 108 return 109 } 110 case model.RESTRICT_EMOJI_CREATION_ADMIN: 111 role, err = a.GetRoleByName(model.TEAM_ADMIN_ROLE_ID) 112 if err != nil { 113 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.") 114 mlog.Critical(err.Error()) 115 return 116 } 117 case model.RESTRICT_EMOJI_CREATION_SYSTEM_ADMIN: 118 role = nil 119 default: 120 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.") 121 mlog.Critical("Invalid restrict emoji creation setting") 122 return 123 } 124 125 if role != nil { 126 role.Permissions = append(role.Permissions, model.PERMISSION_CREATE_EMOJIS.Id, model.PERMISSION_DELETE_EMOJIS.Id) 127 if result := <-a.Srv.Store.Role().Save(role); result.Err != nil { 128 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.") 129 mlog.Critical(result.Err.Error()) 130 return 131 } 132 } 133 134 systemAdminRole, err = a.GetRoleByName(model.SYSTEM_ADMIN_ROLE_ID) 135 if err != nil { 136 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.") 137 mlog.Critical(err.Error()) 138 return 139 } 140 141 systemAdminRole.Permissions = append(systemAdminRole.Permissions, model.PERMISSION_CREATE_EMOJIS.Id, model.PERMISSION_DELETE_EMOJIS.Id) 142 systemAdminRole.Permissions = append(systemAdminRole.Permissions, model.PERMISSION_DELETE_OTHERS_EMOJIS.Id) 143 if result := <-a.Srv.Store.Role().Save(systemAdminRole); result.Err != nil { 144 mlog.Critical("Failed to migrate emojis creation permissions from mattermost config.") 145 mlog.Critical(result.Err.Error()) 146 return 147 } 148 149 system := model.System{ 150 Name: EMOJIS_PERMISSIONS_MIGRATION_KEY, 151 Value: "true", 152 } 153 154 if result := <-a.Srv.Store.System().Save(&system); result.Err != nil { 155 mlog.Critical("Failed to mark emojis permissions migration as completed.") 156 mlog.Critical(fmt.Sprint(result.Err)) 157 } 158 }