diff --git a/.dockerignore b/.dockerignore index 2435d360..4a89ff17 100644 --- a/.dockerignore +++ b/.dockerignore @@ -41,4 +41,4 @@ node_modules # typescript lib - +tsconfig.tsbuildinfo diff --git a/Dockerfile b/Dockerfile index 5ebbdad3..63e9da6c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,21 +1,21 @@ -FROM node:current-alpine AS BUILD -COPY . /tmp/src +FROM node:14-alpine AS BUILD +COPY . /src # git is needed to install Half-Shot/slackdown RUN apk add git -RUN cd /tmp/src \ - && npm install \ - && npm run build +WORKDIR /src +RUN npm install +RUN npm run build -FROM node:current-alpine +FROM node:14-alpine VOLUME /data/ /config/ COPY package.json /usr/src/app/ COPY package-lock.json /usr/src/app/ -COPY --from=BUILD /tmp/src/config /usr/src/app/config -COPY --from=BUILD /tmp/src/lib /usr/src/app/lib +COPY --from=BUILD /src/config /usr/src/app/config +COPY --from=BUILD /src/lib /usr/src/app/lib WORKDIR /usr/src/app diff --git a/changelog.d/403.bugfix b/changelog.d/403.bugfix new file mode 100644 index 00000000..87d38701 --- /dev/null +++ b/changelog.d/403.bugfix @@ -0,0 +1 @@ +Allow bridging to private channels via the provisioner \ No newline at end of file diff --git a/changelog.d/404.misc b/changelog.d/404.misc new file mode 100644 index 00000000..201d0529 --- /dev/null +++ b/changelog.d/404.misc @@ -0,0 +1 @@ +Fix exception on missing `error` in createTeamClient \ No newline at end of file diff --git a/changelog.d/405.bugfix b/changelog.d/405.bugfix new file mode 100644 index 00000000..e7e22d6d --- /dev/null +++ b/changelog.d/405.bugfix @@ -0,0 +1 @@ +Fix postgress configurations failing to start when using the offical docker image. \ No newline at end of file diff --git a/changelog.d/408.bugfix b/changelog.d/408.bugfix new file mode 100644 index 00000000..629534f6 --- /dev/null +++ b/changelog.d/408.bugfix @@ -0,0 +1 @@ +Bridge will no longer update user's displayname with a bots name when a bot is modified \ No newline at end of file diff --git a/config/config.sample.yaml b/config/config.sample.yaml index a4ea8716..27223c59 100644 --- a/config/config.sample.yaml +++ b/config/config.sample.yaml @@ -104,6 +104,8 @@ provisioning: enabled: true # Should the bridge deny users bridging channels to private rooms. require_public_room: true + # Should the bridge allow usesr to bridge private channels. + allow_private_channels: true limits: room_count: 20 team_count: 1 diff --git a/config/slack-config-schema.yaml b/config/slack-config-schema.yaml index c19b5c21..5f464ed4 100644 --- a/config/slack-config-schema.yaml +++ b/config/slack-config-schema.yaml @@ -112,6 +112,8 @@ properties: type: boolean require_public_room: type: boolean + allow_private_channels: + type: boolean limits: type: object properties: diff --git a/package-lock.json b/package-lock.json index ab40d292..6ac316be 100644 --- a/package-lock.json +++ b/package-lock.json @@ -397,9 +397,9 @@ } }, "assert-options": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/assert-options/-/assert-options-0.6.1.tgz", - "integrity": "sha512-jH2pNULN0t3uFLb7Fh0SAuMo/Ei5yWiRirvLez2g+sd16d0xKl+DGdGkD6sqkrZTnCZK5lWRjUa4X3sxHQkg9g==" + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/assert-options/-/assert-options-0.6.2.tgz", + "integrity": "sha512-KP9S549XptFAPGYmLRnIjQBL4/Ry8Jx5YNLQZ/l+eejqbTidBMnw4uZSAsUrzBq/lgyqDYqxcTF7cOxZb9gyEw==" }, "assert-plus": { "version": "1.0.0", @@ -2103,15 +2103,15 @@ "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" }, "pg": { - "version": "7.18.2", - "resolved": "https://registry.npmjs.org/pg/-/pg-7.18.2.tgz", - "integrity": "sha512-Mvt0dGYMwvEADNKy5PMQGlzPudKcKKzJds/VbOeZJpb6f/pI3mmoXX0JksPgI3l3JPP/2Apq7F36O63J7mgveA==", + "version": "8.0.3", + "resolved": "https://registry.npmjs.org/pg/-/pg-8.0.3.tgz", + "integrity": "sha512-fvcNXn4o/iq4jKq15Ix/e58q3jPSmzOp6/8C3CaHoSR/bsxdg+1FXfDRePdtE/zBb3++TytvOrS1hNef3WC/Kg==", "requires": { "buffer-writer": "2.0.0", "packet-reader": "1.0.0", "pg-connection-string": "0.1.3", - "pg-packet-stream": "^1.1.0", - "pg-pool": "^2.0.10", + "pg-pool": "^3.1.1", + "pg-protocol": "^1.2.2", "pg-types": "^2.1.0", "pgpass": "1.x", "semver": "4.3.2" @@ -2139,27 +2139,27 @@ "resolved": "https://registry.npmjs.org/pg-minify/-/pg-minify-1.5.2.tgz", "integrity": "sha512-uZn/gXkGmO5JBdopxNLSpFMS1lXr+KJqynI8Di1Qyr8ZVXt67ruh+XNfzLMVdLzYv+MQRdNYQdVwWPSs0qM7xQ==" }, - "pg-packet-stream": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/pg-packet-stream/-/pg-packet-stream-1.1.0.tgz", - "integrity": "sha512-kRBH0tDIW/8lfnnOyTwKD23ygJ/kexQVXZs7gEyBljw4FYqimZFxnMMx50ndZ8In77QgfGuItS5LLclC2TtjYg==" - }, "pg-pool": { - "version": "2.0.10", - "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-2.0.10.tgz", - "integrity": "sha512-qdwzY92bHf3nwzIUcj+zJ0Qo5lpG/YxchahxIN8+ZVmXqkahKXsnl2aiJPHLYN9o5mB/leG+Xh6XKxtP7e0sjg==" + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.1.1.tgz", + "integrity": "sha512-kYH6S0mcZF1TPg1F9boFee2JlCSm2oqnlR2Mz2Wgn1psQbEBNVeNTJCw2wCK48QsctwvGUzbxLMg/lYV6hL/3A==" }, "pg-promise": { - "version": "10.4.4", - "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-10.4.4.tgz", - "integrity": "sha512-N2NsOgKxrnNPwP0Q609ZmxmAZEo2TQ26SzSvlbZWQb8vteqUhOPpU/pHi9DGatJrPcXNoyr4xjRw42CNfEBg/w==", + "version": "10.5.3", + "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-10.5.3.tgz", + "integrity": "sha512-cfHgFpcqOc0IIRDABre//k1eda7s94Wys67P9r3q590nmvO0AzZucqWTVmgRUzNTIrDChUwY4hVOMBTIsU/ZiA==", "requires": { - "assert-options": "0.6.1", - "pg": "7.18.2", + "assert-options": "0.6.2", + "pg": "8.0.3", "pg-minify": "1.5.2", "spex": "3.0.1" } }, + "pg-protocol": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/pg-protocol/-/pg-protocol-1.2.2.tgz", + "integrity": "sha512-r8hGxHOk3ccMjjmhFJ/QOSVW5A+PP84TeRlEwB/cQ9Zu+bvtZg8Z59Cx3AMfVQc9S0Z+EG+HKhicF1W1GN5Eqg==" + }, "pg-types": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/pg-types/-/pg-types-2.2.0.tgz", @@ -2197,9 +2197,9 @@ "integrity": "sha1-AntTPAqokOJtFy1Hz5zOzFIazTU=" }, "postgres-date": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/postgres-date/-/postgres-date-1.0.4.tgz", - "integrity": "sha512-bESRvKVuTrjoBluEcpv2346+6kgB7UlnqWZsnbnCccTNq/pqfj1j6oBaN5+b/NrDXepYUT/HKadqv3iS9lJuVA==" + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/postgres-date/-/postgres-date-1.0.5.tgz", + "integrity": "sha512-pdau6GRPERdAYUQwkBnGKxEfPyhVZXG/JiS44iZWiNdSOWE09N2lUgN6yshuq6fVSon4Pm0VMXd1srUUkLe9iA==" }, "postgres-interval": { "version": "1.2.0", diff --git a/package.json b/package.json index 187282b9..763792e7 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,7 @@ "description": "A Matrix <--> Slack bridge", "main": "app.js", "scripts": { - "postinstall": "npm run build", + "prepare": "npm run build", "start": "node ./lib/app.js", "build": "tsc", "test": "npm run test:unit && npm run test:integration", @@ -40,7 +40,7 @@ "nedb": "^1.8.0", "node-emoji": "^1.10.0", "p-queue": "^6.3.0", - "pg-promise": "^10.4.4", + "pg-promise": "^10.5.3", "quick-lru": "^5.0.0", "randomstring": "^1", "request-promise-native": "^1.0.8", diff --git a/src/IConfig.ts b/src/IConfig.ts index b7faea2c..ab889cd7 100644 --- a/src/IConfig.ts +++ b/src/IConfig.ts @@ -83,6 +83,7 @@ export interface IConfig { provisioning?: { enable: boolean; require_public_room?: boolean; + allow_private_channels?: boolean; limits?: { team_count?: number; room_count?: number; diff --git a/src/Main.ts b/src/Main.ts index 19e8baa4..373d786d 100644 --- a/src/Main.ts +++ b/src/Main.ts @@ -798,7 +798,9 @@ export class Main { this.clientfactory = new SlackClientFactory(this.datastore, this.config, (method: string) => { this.incRemoteCallCounter(method); }, (teamId: string, delta: number) => { - this.metricPuppets.inc({ team_id: teamId }, delta); + if (this.metricPuppets) { + this.metricPuppets.inc({ team_id: teamId }, delta); + } }); let puppetsWaiting: Promise = Promise.resolve(); if (this.slackRtm) { diff --git a/src/Provisioning.ts b/src/Provisioning.ts index 40aba67d..f0da1196 100644 --- a/src/Provisioning.ts +++ b/src/Provisioning.ts @@ -87,6 +87,21 @@ export class Provisioner { return (currentCount >= this.main.config.provisioning?.limits?.room_count); } + private async determineSlackIdForRequest(matrixUserId, teamId) { + const matrixUser = await this.main.datastore.getMatrixUser(matrixUserId); + if (!matrixUser) { + // No Slack user entry found for MXID + return null; + } + const accounts: {[userId: string]: {team_id: string}} = matrixUser.get("accounts"); + for (const [key, value] of Object.entries(accounts)) { + if (value.team_id === teamId) { + return key; + } + } + return null; + } + @command() private async getconfig(_, res) { const hasRoomLimit = this.main.config.provisioning?.limits?.room_count; @@ -150,14 +165,9 @@ export class Provisioner { @command("user_id", "team_id") private async channels(req, res, userId, teamId) { log.debug(`${userId} for ${teamId} requested their channels`); - const matrixUser = await this.main.datastore.getMatrixUser(userId); - const isAllowed = matrixUser !== null && - Object.values(matrixUser.get("accounts") as {[key: string]: {team_id: string}}).find((acct) => - acct.team_id === teamId, - ); - if (!isAllowed) { - res.status(HTTP_CODES.CLIENT_ERROR).json({error: "User is not part of this team!"}); - throw undefined; + const slackUserId = await this.determineSlackIdForRequest(userId, teamId); + if (!slackUserId) { + return res.status(HTTP_CODES.CLIENT_ERROR).json({error: "User is not part of this team!"}); } const team = await this.main.datastore.getTeam(teamId); if (team === null) { @@ -165,10 +175,16 @@ export class Provisioner { } const cli = await this.main.clientFactory.getTeamClient(teamId); try { - const response = (await cli.conversations.list({ + let types = "public_channel"; + // Unless we *explicity* set this to false, allow it. + if (this.main.config.provisioning?.allow_private_channels !== false) { + types = `public_channel,private_channel`; + } + const response = (await cli.users.list({ exclude_archived: true, limit: 1000, // TODO: Pagination - types: "public_channel", // TODO: In order to show private channels, we need the identity of the caller. + user: slackUserId, // In order to show private channels, we need the identity of the caller. + types, })) as ConversationsListResponse; if (!response.ok) { throw Error(response.error); diff --git a/src/SlackClientFactory.ts b/src/SlackClientFactory.ts index 0a7b583d..394fb045 100644 --- a/src/SlackClientFactory.ts +++ b/src/SlackClientFactory.ts @@ -234,7 +234,8 @@ export class SlackClientFactory { } return { slackClient, team: teamInfo.team, auth, user }; } catch (ex) { - throw Error("Could not create team client: " + ex.data.error); + log.error("Could not create team client: " + (ex.data?.error || ex)); + throw Error("Could not create team client"); } } } diff --git a/src/SlackGhost.ts b/src/SlackGhost.ts index 8880cb62..3f095e1d 100644 --- a/src/SlackGhost.ts +++ b/src/SlackGhost.ts @@ -155,7 +155,11 @@ export class SlackGhost { let displayName = message.username || message.user_name; if (room.SlackClient) { // We can be smarter if we have the bot. - if (message.bot_id) { + if (message.bot_id && message.user_id) { + // In the case of operations on bots, we will have both a bot_id and a user_id. + // Ignore updating the displayname in this case. + return; + } else if (message.bot_id) { displayName = await this.getBotName(message.bot_id, room.SlackClient); } else if (message.user_id) { displayName = await this.getDisplayname(room.SlackClient); @@ -245,7 +249,11 @@ export class SlackGhost { } let avatarUrl; let hash: string|undefined; - if (message.bot_id) { + if (message.bot_id && message.user_id) { + // In the case of operations on bots, we will have both a bot_id and a user_id. + // Ignore updating the displayname in this case. + return; + } else if (message.bot_id) { avatarUrl = await this.getBotAvatarUrl(message.bot_id, room.SlackClient); hash = avatarUrl; } else if (message.user_id) { diff --git a/src/datastore/postgres/PgDatastore.ts b/src/datastore/postgres/PgDatastore.ts index f4a8a5d2..7f8fd5b8 100644 --- a/src/datastore/postgres/PgDatastore.ts +++ b/src/datastore/postgres/PgDatastore.ts @@ -47,7 +47,7 @@ export class PgDatastore implements Datastore { }); } - public async getUser(id: string): Promise { + public async getUser(id: string): Promise { const dbEntry = await this.postgresDb.oneOrNone("SELECT * FROM users WHERE userId = ${id}", { id }); if (!dbEntry) { return null; @@ -55,7 +55,7 @@ export class PgDatastore implements Datastore { return JSON.parse(dbEntry.json); } - public async getMatrixUser(userId: string): Promise { + public async getMatrixUser(userId: string): Promise { userId = new MatrixUser(userId).getId(); // Ensure ID correctness const userData = await this.getUser(userId); return userData !== null ? new MatrixUser(userId, userData) : null; diff --git a/src/tests/unit/SlackClientFactory.ts b/src/tests/unit/SlackClientFactory.ts index 3f2c5f19..22a1277e 100644 --- a/src/tests/unit/SlackClientFactory.ts +++ b/src/tests/unit/SlackClientFactory.ts @@ -125,7 +125,7 @@ describe("SlackClientFactory", () => { await factory.getTeamClient("faketeam"); throw Error("Call didn't throw as expected"); } catch (ex) { - expect(ex.message).to.equal("Could not create team client: Team not allowed for test"); + expect(ex.message).to.equal("Could not create team client"); expect(ds.teams[0].status).to.equal("bad_auth"); } }); @@ -146,7 +146,7 @@ describe("SlackClientFactory", () => { await factory.getTeamClient("faketeam"); throw Error("Call didn't throw as expected"); } catch (ex) { - expect(ex.message).to.equal("Could not create team client: Team not allowed for test"); + expect(ex.message).to.equal("Could not create team client"); expect(ds.teams[0].status).to.equal("bad_auth"); } });