From 6d243e1c0ea9176ae5b0aba1e671f45d731304f7 Mon Sep 17 00:00:00 2001 From: Harshil Sharma <18575143+harshilsharma63@users.noreply.github.com> Date: Thu, 16 Jun 2022 16:16:35 +0530 Subject: [PATCH] Registered personal-server specific APIs only when running as personal server (#3228) --- mattermost-plugin/server/plugin.go | 1 + server/api/api.go | 25 +++++++++++++++++++------ server/server/params.go | 1 + server/server/server.go | 2 +- 4 files changed, 22 insertions(+), 7 deletions(-) diff --git a/mattermost-plugin/server/plugin.go b/mattermost-plugin/server/plugin.go index 13e9a3922..932ee62b5 100644 --- a/mattermost-plugin/server/plugin.go +++ b/mattermost-plugin/server/plugin.go @@ -155,6 +155,7 @@ func (p *Plugin) OnActivate() error { PermissionsService: permissionsService, PluginAPI: p.API, Client: client, + IsPlugin: true, } server, err := server.New(params) diff --git a/server/api/api.go b/server/api/api.go index c730fa479..63b7d59cf 100644 --- a/server/api/api.go +++ b/server/api/api.go @@ -53,10 +53,18 @@ type API struct { MattermostAuth bool logger *mlog.Logger audit *audit.Audit + isPlugin bool } -func NewAPI(app *app.App, singleUserToken string, authService string, permissions permissions.PermissionsService, - logger *mlog.Logger, audit *audit.Audit) *API { +func NewAPI( + app *app.App, + singleUserToken string, + authService string, + permissions permissions.PermissionsService, + logger *mlog.Logger, + audit *audit.Audit, + isPlugin bool, +) *API { return &API{ app: app, singleUserToken: singleUserToken, @@ -64,6 +72,7 @@ func NewAPI(app *app.App, singleUserToken string, authService string, permission permissions: permissions, logger: logger, audit: audit, + isPlugin: isPlugin, } } @@ -72,6 +81,14 @@ func (a *API) RegisterRoutes(r *mux.Router) { apiv2.Use(a.panicHandler) apiv2.Use(a.requireCSRFToken) + // personal-server specific routes. These are not needed in plugin mode. + if !a.isPlugin { + apiv2.HandleFunc("/login", a.handleLogin).Methods("POST") + apiv2.HandleFunc("/logout", a.sessionRequired(a.handleLogout)).Methods("POST") + apiv2.HandleFunc("/register", a.handleRegister).Methods("POST") + apiv2.HandleFunc("/teams/{teamID}/regenerate_signup_token", a.sessionRequired(a.handlePostTeamRegenerateSignupToken)).Methods("POST") + } + // Board APIs apiv2.HandleFunc("/teams/{teamID}/boards", a.sessionRequired(a.handleGetBoards)).Methods("GET") apiv2.HandleFunc("/teams/{teamID}/boards/search", a.sessionRequired(a.handleSearchBoards)).Methods("GET") @@ -106,7 +123,6 @@ func (a *API) RegisterRoutes(r *mux.Router) { // Team APIs apiv2.HandleFunc("/teams", a.sessionRequired(a.handleGetTeams)).Methods("GET") apiv2.HandleFunc("/teams/{teamID}", a.sessionRequired(a.handleGetTeam)).Methods("GET") - apiv2.HandleFunc("/teams/{teamID}/regenerate_signup_token", a.sessionRequired(a.handlePostTeamRegenerateSignupToken)).Methods("POST") apiv2.HandleFunc("/teams/{teamID}/users", a.sessionRequired(a.handleGetTeamUsers)).Methods("GET") apiv2.HandleFunc("/teams/{teamID}/archive/export", a.sessionRequired(a.handleArchiveExportTeam)).Methods("GET") apiv2.HandleFunc("/teams/{teamID}/{boardID}/files", a.sessionRequired(a.handleUploadFile)).Methods("POST") @@ -124,9 +140,6 @@ func (a *API) RegisterRoutes(r *mux.Router) { apiv2.HandleFunc("/boards-and-blocks", a.sessionRequired(a.handleDeleteBoardsAndBlocks)).Methods("DELETE") // Auth APIs - apiv2.HandleFunc("/login", a.handleLogin).Methods("POST") - apiv2.HandleFunc("/logout", a.sessionRequired(a.handleLogout)).Methods("POST") - apiv2.HandleFunc("/register", a.handleRegister).Methods("POST") apiv2.HandleFunc("/clientConfig", a.getClientConfig).Methods("GET") // Category APIs diff --git a/server/server/params.go b/server/server/params.go index 7a002223e..230575ff7 100644 --- a/server/server/params.go +++ b/server/server/params.go @@ -26,6 +26,7 @@ type Params struct { PermissionsService permissions.PermissionsService PluginAPI plugin.API Client *pluginapi.Client + IsPlugin bool } func (p Params) CheckValid() error { diff --git a/server/server/server.go b/server/server/server.go index fbd59fd91..9691cd038 100644 --- a/server/server/server.go +++ b/server/server/server.go @@ -142,7 +142,7 @@ func New(params Params) (*Server, error) { } app := app.New(params.Cfg, wsAdapter, appServices) - focalboardAPI := api.NewAPI(app, params.SingleUserToken, params.Cfg.AuthMode, params.PermissionsService, params.Logger, auditService) + focalboardAPI := api.NewAPI(app, params.SingleUserToken, params.Cfg.AuthMode, params.PermissionsService, params.Logger, auditService, params.IsPlugin) // Local router for admin APIs localRouter := mux.NewRouter()