* Revert "MM-13657: Set ExperimentalStrictCSRFEnforcement to true by default (#33444)"
This reverts commit 257eec43ed.
* Fix call to checkCSRFToken
* Adapt test that relied on strict CSRF enforcement
This test was added after
https://github.com/mattermost/mattermost/pull/33444, so it assumed
strict CSRF enforcement to be enabled. When reverting that PR, we need
to adapt the test to account for both cases.
* Fix newer tests to use older setting
(cherry picked from commit d3eb6cbf1c)
Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
* Updates buildFieldAttrs to preseve existing attrs when editing a field
* Fix preserve option issue for select/multiselect type fields
* Fix linter
---------
(cherry picked from commit 3f675734bb)
Co-authored-by: Miguel de la Cruz <miguel@mcrx.me>
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
* Improves `mmctl cpa` subcommands' output to show human readable values instead of IDs
* Adds mmctl docs updates
* Fixed linter
---------
(cherry picked from commit cd3f4483ee)
Co-authored-by: Miguel de la Cruz <miguel@mcrx.me>
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
Updated mattermost-plugin-playbooks from v2.4.1 to v2.4.2 in the Makefile plugin packages list.
(cherry picked from commit 3f5665f324)
Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com>
* pin to ubuntu-24.04
* always use FIPS compatible Postgres settings
* use sha256 for remote cluster IDs
* use sha256 for client config hash
* rework S3 backend to be FIPS compatible
* skip setup-node during build, since already in container
* support FIPS builds
* Dockerfile for FIPS image, using glibc-openssl-fips
* workaround entrypoint inconsistencies
* authenticate to DockerHub
* fix FIPS_ENABLED, add test-mmctl-fips
* decouple check-mattermost-vet from test/build steps
* fixup! decouple check-mattermost-vet from test/build steps
* only build-linux-amd64 for fips
* rm entrypoint workaround
* tweak comment grammar
* rm unused Dockerfile.fips (for now)
* ignore gpg import errors, since would fail later anyway
* for fips, only make package-linux-amd64
* set FIPS_ENABLED for build step
* Add a FIPS-specific list of prepackaged plugins
Note that the names are still temporary, since they are not uploaded to
S3 yet. We may need to tweak them when that happens.
* s/golangci-lint/check-style/
This ensures we run all the `check-style` checks: previously,
`modernize` was missing.
* pin go-vet to @v2, remove annoying comment
* add -fips to linux-amd64.tz.gz package
* rm unused setup-chainctl
* use BUILD_TYPE_NAME instead
* mv fips build to enterprise-only
* fixup! use BUILD_TYPE_NAME instead
* temporarily pre-package no plugins for FIPS
* split package-cleanup
* undo package-cleanup, just skip ARM, also test
* skip arm for FIPS in second target too
* fmt Makefile
* Revert "rm unused Dockerfile.fips (for now)"
This reverts commit 601e37e0ff.
* reintroduce Dockerfile.fips and align with existing Dockerfile
* s/IMAGE/BUILD_IMAGE/
* bump the glibc-openssl-fips version
* rm redundant comment
* fix FIPS checks
* set PLUGIN_PACKAGES empty until prepackaged plugins ready
* upgrade glibc-openssl-fips, use non-dev version for final stage
* another BUILD_IMAGE case
* Prepackage the FIPS versions of plugins
* relocate FIPS_ENABLED initialization before use
* s/Config File MD5/Config File Hash/
* Update the FIPS plugin names and encode the + sign
* add /var/tmp for local socket manipulation
---------
(cherry picked from commit 06b1bf3a51)
Co-authored-by: Jesse Hallam <jesse.hallam@gmail.com>
Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
* Implement property field limit enforcement and counting functionality in Plugin API
- Added a limit of 20 property fields per group in the CreatePropertyField method.
- Introduced CountPropertyFields method to count active and all property fields, including deleted ones.
- Enhanced tests to validate the new property field limit and counting behavior.
- Updated related API and service methods to support the new functionality.
* Update server/channels/app/properties/property_field.go
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* fix vet
* fix lint error
* fix test
* fix tests
* fix test
* count properties + targets
* Update server/channels/app/plugin_api.go
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* remove test for limit
* fix more tests
* improve testing messages now that the limit is removed
* Apply suggestion from @calebroseland
Co-authored-by: Caleb Roseland <caleb@calebroseland.com>
* Apply suggestion from @calebroseland
Co-authored-by: Caleb Roseland <caleb@calebroseland.com>
* Apply suggestion from @calebroseland
Co-authored-by: Caleb Roseland <caleb@calebroseland.com>
* Apply suggestion from @calebroseland
Co-authored-by: Caleb Roseland <caleb@calebroseland.com>
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com>
Co-authored-by: Caleb Roseland <caleb@calebroseland.com>
* Adds Custom Profile Attribute field commands to mmctl
* Fix linter
* Refactor buildFieldAttrs
* Reverse test to match implementation
* Adds a confirmation prompt
* Refactor the tests
---------
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
Co-authored-by: Mattermost Build <build@mattermost.com>
* MM-65182 - auto disable toggle on rules deleted and channel admin permissions update
* fix types and fix unit test
* adjust the useEffect hook and fix auto-save issue
* MM-65183 - rename access rules tab to access control (#33812)
* fix infinite loop issue and fix channel admin permissions issue
* fix linter and fix snapshots
* allow non-sysadmin users to see the system policy information banner
* stack modals backdrops
* address pr feedback; reorganize function and add unit tests
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* Add parser and hasher packages
The new `password` module includes two packages:
- `hashers` provides a structure allowing for seamless migrations
between password hashing methods. It also implements two password
hashers: bcrypt, which was the current hashing method, and PBKDF2, which
is the one we are migrating to.
- `parser` provides types and primitives to parse PHC[0] strings,
serving as the foundation of the `PasswordHasher` interface and
implementations, which are all PHC-based.
[0] https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md
* Use latest hasher to hash new passwords
The previous commit added a LatestHasher variable, that contains the
`PasswordHasher` currently in use. Here, we make sure we use it for
hashing new passwords, instead of the currently hardcoded bcrypt.
* Use errors from hashers' package
Some chore work to unify errors defined in `hashers`, not from external
packages like `bcrypt`.
* Implement password migration logic
This commit implements the actual logic to migrate passwords, which
can be summarized as:
0. When the user enters their password (either for login in
`App.CheckPasswordAndAllCriteria` or for double-checking the password
when the app needs additional confirmation for anything in
`App.DoubleCheckPassword`), this process is started.
1. The new `App.checkUserPassword` is called. In
`users.CheckUserPassword`, we parse the stored hashed password with the
new PHC parser and identify whether it was generated with the current
hashing method (PBKDF2). If it is, just verify the password as usual and
continue normally.
2. If not, start the migration calling `App.migratePassword`:
a. First, we call `Users.MigratePassword`, which validates that the
stored hash and the provided password match, using the hasher that
generated the old hash.
b. If the user-provided password matches the old hash, then we simply
re-hash that password with our current hasher, the one in
`hashers.LatestHasher`. If not, we fail.
c. Back in `App.migratePassword`, if the migration was successful,
then we update the user in the database with the newly generated hash.
* make i18n-extract
* Rename getDefaultHasher to getOriginalHasher
* Refactor App checkUserPsasword and migratePassword
Simplify the flow in these two methods, removing the similarly named
users.CheckUserPassword and users.MigratePassword, inlining the logic
needed in the App layer and at the same time removing the need to parse
the stored hash twice.
This implements a package-level function, CompareHashAndPassword: the
first step to unexport LatestHasher.
* Add a package level Hash method
This completely removes the need to expose LatestHasher, and lets us
also remove model.HashPassword, in favour of the new hashers.Hash
* Unexport LatestHasher
* Remove tests for removed functions
* Make the linter happy
* Remove error no longer used
* Allow for parameter migrations on the same hasher
Before this, we were only checking that the function ID of the stored
hash was the ID of the latest hashing method. Here, we no longer ignore
the parameters, so that if in the future we need to migrate to the same
hashing method with a different parameter (let's say PBKDF2 with work
factor 120,000 instead of work factor 60,000), we can do it by updating
the latestHasher variable. IsPHCValid will detect this change and force
a migration if needed.
* Document new functions
* make i18n-extract
* Fix typo in comment
Co-authored-by: Ben Cooke <benkcooke@gmail.com>
* Rename parser package to phcparser
* Simplify phcparser.New documentation
* Rename scanSymbol to scanSeparator
Redefine the list of separator tokens, including EOF as one.
* Document undocumented functions that are unexported
* Reorder error block in checkUserPassword
* Add unit tests for IsLatestHasher
* Reorder code in parser.go
* Enforce SHA256 as internal function for PBKDF2
* Fix typo in comment
Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com>
---------
Co-authored-by: Ben Cooke <benkcooke@gmail.com>
Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
* Standardize request.CTX parameter naming to rctx
- Migrate 886 request.CTX parameters across 147 files to use consistent 'rctx' naming
- Updated function signatures from 'c', 'ctx', and 'cancelContext' to 'rctx'
- Updated function bodies to reference the new parameter names
- Preserved underscore parameters unchanged as they are unused
- Fixed method receiver context issue in store.go
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Use request.CTX interface in batch worker
* Manual fixes
* Fix parameter naming
* Add linter check
---------
Co-authored-by: Claude <noreply@anthropic.com>