diff --git a/client/views/admin/admin.coffee b/client/views/admin/admin.coffee
index 6765518f2de..0450a3af66c 100644
--- a/client/views/admin/admin.coffee
+++ b/client/views/admin/admin.coffee
@@ -36,8 +36,11 @@ Template.admin.helpers
description = 'project:' + description
return TAPi18next.t description
+ sectionIsCustomOath: (section) ->
+ return /^Custom OAuth:\s.+/.test section
+
Template.admin.events
- "click .submit": (e, t) ->
+ "click .submit .save": (e, t) ->
group = FlowRouter.getParam('group')
settings = Settings.find({ group: group }).fetch()
console.log 'will save settings', JSON.stringify settings
@@ -61,7 +64,42 @@ Template.admin.events
return toastr.error TAPi18next.t 'project:Error_updating_settings' if err
toastr.success TAPi18next.t 'project:Settings_updated'
+ "click .submit .add-custom-oauth": (e, t) ->
+ config =
+ title: TAPi18next.t 'project:Add_custom_oauth'
+ text: TAPi18next.t 'project:Give_a_unique_name_for_the_custom_oauth'
+ type: "input",
+ showCancelButton: true,
+ closeOnConfirm: true,
+ inputPlaceholder: TAPi18next.t 'project:Custom_oauth_unique_name'
+
+ swal config, (inputValue) ->
+ if inputValue is false
+ return false
+
+ if inputValue is ""
+ swal.showInputError TAPi18next.t 'project:Name_cant_be_empty'
+ return false
+
+ Meteor.call 'addOAuthService', inputValue
+
+ "click .submit .remove-custom-oauth": (e, t) ->
+ name = this.section.replace('Custom OAuth: ', '')
+ config =
+ title: TAPi18next.t 'project:Are_you_sure'
+ type: "input",
+ type: 'warning'
+ showCancelButton: true
+ confirmButtonColor: '#DD6B55'
+ confirmButtonText: TAPi18next.t 'project:Yes_delete_it'
+ cancelButtonText: TAPi18next.t 'project:Cancel'
+ closeOnConfirm: true
+
+ swal config, ->
+ Meteor.call 'removeOAuthService', name
+
+
Template.admin.onRendered ->
Tracker.afterFlush ->
SideNav.setFlex "adminFlex"
- SideNav.openFlex()
\ No newline at end of file
+ SideNav.openFlex()
diff --git a/client/views/admin/admin.html b/client/views/admin/admin.html
index b559af0e10c..0303b9f8e09 100644
--- a/client/views/admin/admin.html
+++ b/client/views/admin/admin.html
@@ -63,15 +63,26 @@
{{/if}}
{{/each}}
+
+ {{#if section}}
+ {{#if sectionIsCustomOath section}}
+
+
+
+ {{/if}}
+ {{/if}}
{{/each}}
-
+ {{#if $eq group._id 'Accounts'}}
+
+ {{/if}}
+
{{/unless}}
-
\ No newline at end of file
+
diff --git a/i18n/en.i18n.json b/i18n/en.i18n.json
index 9c414f0a6c7..f1dbd0891f2 100644
--- a/i18n/en.i18n.json
+++ b/i18n/en.i18n.json
@@ -35,6 +35,7 @@
"Accounts_OAuth_Custom_Button_Label_Color" : "Button Text Color",
"Accounts_OAuth_Custom_Button_Color" : "Button Color",
"Activate" : "Activate",
+ "Add_custom_oauth" : "Add custom oauth",
"Add_Members" : "Add Members",
"Add_users" : "Add users",
"Administration" : "Administration",
@@ -79,6 +80,7 @@
"Create_new_private_group" : "Create a new private group",
"Create_new_public_channel" : "Create a new public channel",
"Created_at" : "Created at",
+ "Custom_oauth_unique_name" : "Custom oauth unique name",
"days" : "days",
"Deactivate" : "Deactivate",
"Delete_User_Warning" : "Deleting a user will delete all messages from that user as well. This cannot be undone.",
@@ -109,6 +111,7 @@
"General": "General",
"Get_to_know_the_team" : "Get to know the Rocket.Team",
"github_no_public_email" : "You don't have any email as public email in your GitHub account",
+ "Give_a_unique_name_for_the_custom_oauth" : "Give a unique name for the custom oauth",
"Have_your_own_chat" : "Have your own web chat. Developed with Meteor.com, the Rocket.Chat is a great solution for developers looking forward to build and evolve their own chat platform.",
"Has_more" : "Has more",
"Hide_room" : "Hide room",
@@ -193,6 +196,7 @@
"My_Account" : "My Account",
"n_messages" : "%s messages",
"Name" : "Name",
+ "Name_cant_be_empty" : "Name can't be empty",
"New_messages" : "New messages",
"New_password" : "New password",
"No_channels_yet" : "You aren't part of any channel yet.",
@@ -244,6 +248,7 @@
"Registration_Succeeded" : "Registration Succeeded",
"Remember_me" : "Remember me",
"Remove" : "Remove",
+ "Remove_custom_oauth" : "Remove custom oauth",
"Remove_Admin" : "Remove Admin",
"Reset_password" : "Reset password",
"Room" : "Room",
diff --git a/packages/rocketchat-authorization/client/hasPermission.coffee b/packages/rocketchat-authorization/client/hasPermission.coffee
index 5155bf54c48..8efa87d4977 100644
--- a/packages/rocketchat-authorization/client/hasPermission.coffee
+++ b/packages/rocketchat-authorization/client/hasPermission.coffee
@@ -9,7 +9,7 @@ all = (toFind, toSearch) ->
return _.isEmpty( _.difference( toFind, toSearch))
Template.registerHelper 'hasPermission', (permission, scope) ->
- unless _.isString( scope )
+ unless _.isString( scope )
scope = Roles.GLOBAL_GROUP
return hasPermission( permission, scope, atLeastOne)
@@ -31,7 +31,7 @@ hasPermission = (permissions, scope=Roles.GLOBAL_GROUP, strategy) ->
unless _.isArray(permissions)
permissions = [permissions]
- roleNames = Roles.getRolesForUser(userId, scope)
+ roleNames = Roles.getRolesForUser(userId, scope)
userPermissions = []
for roleName in roleNames
diff --git a/packages/rocketchat-authorization/server/startup.coffee b/packages/rocketchat-authorization/server/startup.coffee
index 9edeec2d975..c684bd25d86 100644
--- a/packages/rocketchat-authorization/server/startup.coffee
+++ b/packages/rocketchat-authorization/server/startup.coffee
@@ -6,70 +6,70 @@ Meteor.startup ->
# 2. admin, moderator, and user roles should not be deleted as they are referened in the code.
permissions = [
- { _id: 'view-statistics',
+ { _id: 'view-statistics',
roles : ['admin', 'temp-role']}
- { _id: 'view-privileged-setting',
+ { _id: 'view-privileged-setting',
roles : ['admin']}
- { _id: 'edit-privileged-setting',
+ { _id: 'edit-privileged-setting',
roles : ['admin']}
- { _id: 'view-room-administration',
+ { _id: 'view-room-administration',
roles : ['admin']}
- { _id: 'view-user-administration',
+ { _id: 'view-user-administration',
roles : ['admin']}
- { _id: 'view-full-other-user-info',
+ { _id: 'view-full-other-user-info',
roles : ['admin']}
- { _id: 'edit-other-user-info',
+ { _id: 'edit-other-user-info',
roles : ['admin']}
- { _id: 'assign-admin-role',
+ { _id: 'assign-admin-role',
roles : ['admin']}
- { _id: 'edit-other-user-active-status',
+ { _id: 'edit-other-user-active-status',
roles : ['admin', 'site-moderator']}
- { _id: 'delete-user',
+ { _id: 'delete-user',
roles : ['admin']}
- { _id: 'view-other-user-channels',
+ { _id: 'view-other-user-channels',
roles : ['admin']}
- { _id: 'add-oath-service',
+ { _id: 'add-oauth-service',
roles : ['admin']}
- { _id: 'run-migration',
+ { _id: 'run-migration',
roles : ['admin']}
- { _id: 'create-c',
+ { _id: 'create-c',
roles : ['admin', 'site-moderator', 'user']}
- { _id: 'delete-c',
+ { _id: 'delete-c',
roles : ['admin', 'site-moderator']}
- { _id: 'edit-room',
+ { _id: 'edit-room',
roles : ['admin', 'site-moderator', 'moderator']}
- { _id: 'edit-message',
+ { _id: 'edit-message',
roles : ['admin', 'site-moderator', 'moderator']}
- { _id: 'delete-message',
+ { _id: 'delete-message',
roles : ['admin', 'site-moderator', 'moderator']}
- { _id: 'ban-user',
+ { _id: 'ban-user',
roles : ['admin', 'site-moderator', 'moderator']}
- { _id: 'create-p',
+ { _id: 'create-p',
roles : ['admin', 'site-moderator', 'user']}
- { _id: 'delete-p',
+ { _id: 'delete-p',
roles : ['admin', 'site-moderator']}
- { _id: 'delete-d',
+ { _id: 'delete-d',
roles : ['admin', 'site-moderator']}
]
diff --git a/packages/rocketchat-lib/settings/server/addOAuthService.coffee b/packages/rocketchat-lib/settings/server/addOAuthService.coffee
index 8a42ff2df70..479877939ac 100644
--- a/packages/rocketchat-lib/settings/server/addOAuthService.coffee
+++ b/packages/rocketchat-lib/settings/server/addOAuthService.coffee
@@ -5,17 +5,38 @@ Meteor.methods
console.log '[methods] addOAuthService -> '.green, 'userId:', Meteor.userId(), 'arguments:', arguments
- unless RocketChat.authz.hasALeastOnePermission( Meteor.userId(), 'add-oath-service') is true
+ unless RocketChat.authz.hasPermission( Meteor.userId(), 'add-oauth-service') is true
throw new Meteor.Error 'not-authorized', '[methods] addOAuthService -> Not authorized'
name = s.capitalize(name)
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}" , false , { type: 'boolean', group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_Enable'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_url" , '' , { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_URL'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_token_path" , '/oauth/token' , { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_Token_Path'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_identity_path" , '/me' , { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_Identity_Path'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_authorize_path" , '/oauth/authorize', { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_Authorize_Path'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_id" , '' , { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_ID'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_secret" , '' , { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_Secret'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_button_label_text" , '' , { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_Button_Label_Text'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_button_label_color", '#FFFFFF' , { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_Button_Label_Color'}
- RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_button_color" , '#13679A' , { type: 'string' , group: 'Accounts', section: name, i18nLabel: 'Accounts_OAuth_Custom_Button_Color'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}" , false , { type: 'boolean', group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_Enable'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_url" , '' , { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_URL'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_token_path" , '/oauth/token' , { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_Token_Path'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_identity_path" , '/me' , { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_Identity_Path'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_authorize_path" , '/oauth/authorize', { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_Authorize_Path'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_id" , '' , { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_ID'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_secret" , '' , { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_Secret'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_button_label_text" , '' , { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_Button_Label_Text'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_button_label_color", '#FFFFFF' , { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_Button_Label_Color'}
+ RocketChat.settings.add "Accounts_OAuth_Custom_#{name}_button_color" , '#13679A' , { type: 'string' , group: 'Accounts', section: "Custom OAuth: #{name}", i18nLabel: 'Accounts_OAuth_Custom_Button_Color'}
+
+ removeOAuthService: (name) ->
+ if not Meteor.userId()
+ throw new Meteor.Error('invalid-user', "[methods] addOAuthService -> Invalid user")
+
+ console.log '[methods] addOAuthService -> '.green, 'userId:', Meteor.userId(), 'arguments:', arguments
+
+ unless RocketChat.authz.hasPermission( Meteor.userId(), 'add-oauth-service') is true
+ throw new Meteor.Error 'not-authorized', '[methods] addOAuthService -> Not authorized'
+
+ name = s.capitalize(name)
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_url"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_token_path"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_identity_path"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_authorize_path"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_id"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_secret"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_button_label_text"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_button_label_color"
+ Settings.remove _id: "Accounts_OAuth_Custom_#{name}_button_color"