[Upstream Catchup] Merge RC:master to develop_pwa (#415)

* [FIX] Omnichannel Current Chats open status filter not working (RocketChat#18795)

* [FIX][ENTERPRISE] Omnichannel service status switching to unavailable (RocketChat#18835)

* [FIX] File upload (Avatars, Emoji, Sounds) (RocketChat#18841)

* [FIX] IE11 support livechat widget  (RocketChat#18850)

* [FIX] Admin user blank page (RocketChat#18851)

* [FIX] User can't invite or join other Omnichannel rooms (RocketChat#18852)

* [FIX] Showing alerts during setup wizard (RocketChat#18862)

* Remember users' 2FA right after registration

* Change register server to false by default

* Bump version to 3.6.1

* [FIX] invite-all-from and invite-all-to commands don't work with multibyte room names (RocketChat#18919)

* [FIX] Create Custom OAuth services from environment variables (RocketChat#17377)

* [FIX] Read receipts showing blank names and not marking messages as read (RocketChat#18918)

* [FIX] Version update check cron job (RocketChat#18916)

* [FIX] Ignore User action from user card (RocketChat#18866)

* [FIX] Deactivate users that are the last owner of a room using REST API (RocketChat#18864)

* test: add e2e tests for REST API user deactivation

* fix(app): read confirmRelinquish from HTTP request

* chore(app): remove unnecessary console.log

* [FIX] Show custom fields of invalid type (RocketChat#18794)

* Bump version to 3.6.2

* [FIX] PDF not rendering (RocketChat#18956)

* [FIX] Errors in LDAP avatar sync preventing login (RocketChat#18948)

* [FIX] LDAP avatar upload (RocketChat#18994)

* [FIX] Federation issues (RocketChat#18978)

* fixed message sending, you should not filter the domains, specially filter by only the local origin/source

* Fixing callback registration

* Increased the rate limiting

* Obbey to settings properties (RocketChat#19020)

* Bump version to 3.6.3

* Update package-lock.json

Co-authored-by: Renato Becker <renato.augusto.becker@gmail.com>
Co-authored-by: Guilherme Gazzo <guilhermegazzo@gmail.com>
Co-authored-by: Diego Sampaio <chinello@gmail.com>
Co-authored-by: Felipe Parreira <felipeparreirafb@gmail.com>
Co-authored-by: Maarten <me@maartendewaard.nl>
Co-authored-by: William Reiske <wreiske@mieweb.com>
Co-authored-by: pierre-lehnen-rc <55164754+pierre-lehnen-rc@users.noreply.github.com>
Co-authored-by: gabriellsh <40830821+gabriellsh@users.noreply.github.com>
Co-authored-by: Alan Sikora <alansikora@gmail.com>
Co-authored-by: Shailesh Baldaniya <shaileshbaldaniya351@gmail.com>

.docker/Dockerfile.rhel

@@ -1,6 +1,6 @@
 FROM registry.access.redhat.com/rhscl/nodejs-8-rhel7
 
-ENV RC_VERSION 3.6.2
+ENV RC_VERSION 3.6.3
 
 MAINTAINER buildmaster@rocket.chat
 

.github/history.json

@@ -49343,6 +49343,64 @@
           ]
         }
       ]
+    },
+    "3.6.3": {
+      "node_version": "12.16.1",
+      "npm_version": "6.14.0",
+      "apps_engine_version": "1.17.0",
+      "mongo_versions": [
+        "3.4",
+        "3.6",
+        "4.0"
+      ],
+      "pull_requests": [
+        {
+          "pr": "19020",
+          "title": "Obey to settings properties",
+          "userLogin": "sampaiodiego",
+          "milestone": "3.6.3",
+          "contributors": [
+            "sampaiodiego"
+          ]
+        },
+        {
+          "pr": "18978",
+          "title": "[FIX] Federation issues",
+          "userLogin": "alansikora",
+          "milestone": "3.6.3",
+          "contributors": [
+            "alansikora"
+          ]
+        },
+        {
+          "pr": "18994",
+          "title": "[FIX] LDAP avatar upload",
+          "userLogin": "pierre-lehnen-rc",
+          "milestone": "3.6.3",
+          "contributors": [
+            "pierre-lehnen-rc"
+          ]
+        },
+        {
+          "pr": "18948",
+          "title": "[FIX] Errors in LDAP avatar sync preventing login",
+          "userLogin": "pierre-lehnen-rc",
+          "milestone": "3.6.3",
+          "contributors": [
+            "pierre-lehnen-rc"
+          ]
+        },
+        {
+          "pr": "18956",
+          "title": "[FIX] PDF not rendering",
+          "userLogin": "gabriellsh",
+          "milestone": "3.6.3",
+          "contributors": [
+            "gabriellsh",
+            "web-flow"
+          ]
+        }
+      ]
     }
   }
 }

.snapcraft/resources/prepareRocketChat

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-curl -SLf "https://releases.rocket.chat/3.6.2/download/" -o rocket.chat.tgz
+curl -SLf "https://releases.rocket.chat/3.6.3/download/" -o rocket.chat.tgz
 
 tar xf rocket.chat.tgz --strip 1
 

.snapcraft/snap/snapcraft.yaml

@@ -7,7 +7,7 @@
 # 5.  `snapcraft snap`
 
 name: rocketchat-server
-version: 3.6.2
+version: 3.6.3
 summary: Rocket.Chat server
 description: Have your own Slack like online chat, built with Meteor. https://rocket.chat/
 confinement: strict

HISTORY.md

@@ -1,6 +1,41 @@
 
+# 3.6.3
+`2020-09-25  ·  4 🐛  ·  1 🔍  ·  4 👩‍💻👨‍💻`
+
+### Engine versions
+- Node: `12.16.1`
+- NPM: `6.14.0`
+- MongoDB: `3.4, 3.6, 4.0`
+- Apps-Engine: `1.17.0`
+
+### 🐛 Bug fixes
+
+
+- Errors in LDAP avatar sync preventing login ([#18948](https://github.com/RocketChat/Rocket.Chat/pull/18948))
+
+- Federation issues ([#18978](https://github.com/RocketChat/Rocket.Chat/pull/18978))
+
+- LDAP avatar upload ([#18994](https://github.com/RocketChat/Rocket.Chat/pull/18994))
+
+- PDF not rendering ([#18956](https://github.com/RocketChat/Rocket.Chat/pull/18956))
+
+<details>
+<summary>🔍 Minor changes</summary>
+
+
+- Obey to settings properties ([#19020](https://github.com/RocketChat/Rocket.Chat/pull/19020))
+
+</details>
+
+### 👩‍💻👨‍💻 Core Team 🤓
+
+- [@alansikora](https://github.com/alansikora)
+- [@gabriellsh](https://github.com/gabriellsh)
+- [@pierre-lehnen-rc](https://github.com/pierre-lehnen-rc)
+- [@sampaiodiego](https://github.com/sampaiodiego)
+
 # 3.6.2
-`2020-09-17  ·  7 🐛  ·  6 👩‍💻👨‍💻`
+`2020-09-18  ·  7 🐛  ·  6 👩‍💻👨‍💻`
 
 ### Engine versions
 - Node: `12.16.1`
@@ -13,13 +48,13 @@
 
 - Create Custom OAuth services from environment variables ([#17377](https://github.com/RocketChat/Rocket.Chat/pull/17377) by [@mrtndwrd](https://github.com/mrtndwrd))
 
-- Deactivate users that are the last owner of a room using REST API ([#18864](https://github.com/RocketChat/Rocket.Chat/pull/18864))
+- Deactivate users that are the last owner of a room using REST API ([#18864](https://github.com/RocketChat/Rocket.Chat/pull/18864) by [@FelipeParreira](https://github.com/FelipeParreira))
 
   Allow for user deactivation through REST API (even if user is the last owner of a room)
 
 - Ignore User action from user card ([#18866](https://github.com/RocketChat/Rocket.Chat/pull/18866))
 
-- invite-all-from and invite-all-to commands don't work with multibyte room names ([#18919](https://github.com/RocketChat/Rocket.Chat/pull/18919))
+- invite-all-from and invite-all-to commands don't work with multibyte room names ([#18919](https://github.com/RocketChat/Rocket.Chat/pull/18919) by [@FelipeParreira](https://github.com/FelipeParreira))
 
   Fix slash commands (invite-all-from and invite-all-to) to accept  multi-byte room names.
 
@@ -31,12 +66,12 @@
 
 ### 👩‍💻👨‍💻 Contributors 😍
 
+- [@FelipeParreira](https://github.com/FelipeParreira)
 - [@mrtndwrd](https://github.com/mrtndwrd)
 - [@wreiske](https://github.com/wreiske)
 
 ### 👩‍💻👨‍💻 Core Team 🤓
 
-- [@FelipeParreira](https://github.com/FelipeParreira)
 - [@gabriellsh](https://github.com/gabriellsh)
 - [@pierre-lehnen-rc](https://github.com/pierre-lehnen-rc)
 - [@sampaiodiego](https://github.com/sampaiodiego)
@@ -113,9 +148,9 @@
 - **2FA:** Password enforcement setting and 2FA protection when saving settings or resetting E2E encryption ([#18640](https://github.com/RocketChat/Rocket.Chat/pull/18640))
 
   - Increase the 2FA remembering time from 5min to 30min
-  
+
   - Add new setting to enforce 2FA password fallback (enabled only for new installations)
-  
+
   - Require 2FA to save settings and reset E2E Encryption keys
 
 - **Omnichannel:** Allow set other agent status via method `livechat:changeLivechatStatus ` ([#18571](https://github.com/RocketChat/Rocket.Chat/pull/18571))
@@ -484,11 +519,11 @@
 - Mention autocomplete UI and performance improvements  ([#18309](https://github.com/RocketChat/Rocket.Chat/pull/18309))
 
   * New setting to configure the number of suggestions `Admin > Layout > User Interface > Number of users' autocomplete suggestions` (default 5)
-  
+
   * The UI shows whenever the user is not a member of the room
-  
+
   * The UI shows when the suggestion came from the last messages for quick selection/reply
-  
+
   * The suggestions follow this order:
     * The user with the exact username and member of the room
     * The user with the exact username but not a member of the room (if allowed to list non-members)
@@ -1347,11 +1382,11 @@
 - Notification sounds ([#17616](https://github.com/RocketChat/Rocket.Chat/pull/17616))
 
   * Global CDN config was ignored when loading the sound files
-  
+
   * Upload of custom sounds wasn't getting the file extension correctly
-  
+
   * Some translations were missing
-  
+
   * Edit and delete of custom sounds were not working correctly
 
 - Omnichannel departments are not saved when the offline channel name is not defined ([#17553](https://github.com/RocketChat/Rocket.Chat/pull/17553))
@@ -1641,15 +1676,15 @@
 
   We are still using the same logic to define which notifications every new message will generate, it takes some servers' settings, users's preferences and subscriptions' settings in consideration to determine who will receive each notification type (desktop, audio, email and mobile push), but now it doesn't check the user's status (online, away, offline) for email and mobile push notifications but send those notifications to a new queue with the following rules:
 
-  
+
   - When the user is online the notification is scheduled to be sent in 120 seconds
-  
+
   - When the user is away the notification is scheduled to be sent in 120 seconds minus the amount of time he is away
-  
+
   - When the user is offline the notification is scheduled to be sent right away
-  
+
   - When the user reads a channel all the notifications for that user are removed (clear queue)
-  
+
   - When a notification is processed to be sent to a user and there are other scheduled notifications:
     - All the scheduled notifications for that user are rescheduled to now
     - The current notification goes back to the queue to be processed ordered by creation date
@@ -13514,4 +13549,4 @@
 - [@graywolf336](https://github.com/graywolf336)
 - [@marceloschmidt](https://github.com/marceloschmidt)
 - [@rodrigok](https://github.com/rodrigok)
-- [@sampaiodiego](https://github.com/sampaiodiego)
+- [@sampaiodiego](https://github.com/sampaiodiego)

app/authorization/server/streamer/permissions/emitter.js

@@ -32,7 +32,10 @@ Permissions.on('change', ({ clientAction, id, data, diff }) => {
 		// if the permission changes, the effect on the visible settings depends on the role affected.
 		// The selected-settings-based consumers have to react accordingly and either add or remove the
 		// setting from the user's collection
-		const setting = Settings.findOneById(data.settingId);
+		const setting = Settings.findOneNotHiddenById(data.settingId);
+		if (!setting) {
+			return;
+		}
 		Notifications.notifyLoggedInThisInstance(
 			'private-settings-changed',
 			'updated',

app/federation/server/endpoints/dispatch.js

@@ -444,7 +444,7 @@ const eventHandlers = {
 	},
 };
 
-API.v1.addRoute('federation.events.dispatch', { authRequired: false }, {
+API.v1.addRoute('federation.events.dispatch', { authRequired: false, rateLimiterOptions: { numRequestsAllowed: 30, intervalTimeInMS: 1000 } }, {
 	async post() {
 		if (!isFederationEnabled()) {
 			return API.v1.failure('Federation not enabled');

app/federation/server/handler/index.js

@@ -67,10 +67,7 @@ export function dispatchEvents(domains, events) {
 }
 
 export function dispatchEvent(domains, event) {
-	// Ensure the domain list is distinct to avoid excessive events
-	const distinctDomains = [...new Set(domains)].filter((domain) => domain === event.origin);
-
-	dispatchEvents(distinctDomains, [event]);
+	dispatchEvents([...new Set(domains)], [event]);
 }
 
 export function getUpload(domain, fileId) {

app/federation/server/lib/callbacks.js

@@ -1,14 +1,23 @@
 import { callbacks } from '../../../callbacks/server';
+import { settings } from '../../../settings/server';
 
 const callbackDefinitions = [];
 
-export function registerCallback(callbackDefition) {
-	callbackDefinitions.push(callbackDefition);
+function enableCallback(definition) {
+	callbacks.add(definition.hook, definition.callback, callbacks.priority.LOW, definition.id);
+}
+
+export function registerCallback(callbackDefinition) {
+	callbackDefinitions.push(callbackDefinition);
+
+	if (settings.get('FEDERATION_Enabled')) {
+		enableCallback(callbackDefinition);
+	}
 }
 
 export function enableCallbacks() {
 	for (const definition of callbackDefinitions) {
-		callbacks.add(definition.hook, definition.callback, callbacks.priority.LOW, definition.id);
+		enableCallback(definition);
 	}
 }
 

app/ldap/server/sync.js

@@ -337,6 +337,41 @@ export function mapLDAPGroupsToChannels(ldap, ldapUser, user) {
 	return userChannels;
 }
 
+function syncUserAvatar(user, ldapUser) {
+	if (!user?._id || settings.get('LDAP_Sync_User_Avatar') !== true) {
+		return;
+	}
+
+	const avatarField = (settings.get('LDAP_Avatar_Field') || 'thumbnailPhoto').trim();
+	const avatar = ldapUser._raw[avatarField] || ldapUser._raw.thumbnailPhoto || ldapUser._raw.jpegPhoto;
+	if (!avatar) {
+		return;
+	}
+
+	logger.info('Syncing user avatar');
+
+	Meteor.defer(() => {
+		const rs = RocketChatFile.bufferToStream(avatar);
+		const fileStore = FileUpload.getStore('Avatars');
+		fileStore.deleteByName(user.username);
+
+		const file = {
+			userId: user._id,
+			type: 'image/jpeg',
+			size: avatar.length,
+		};
+
+		Meteor.runAsUser(user._id, () => {
+			fileStore.insert(file, rs, (err, result) => {
+				Meteor.setTimeout(function() {
+					Users.setAvatarData(user._id, 'ldap', result.etag);
+					Notifications.notifyLogged('updateAvatar', { username: user.username, etag: result.etag });
+				}, 500);
+			});
+		});
+	});
+}
+
 export function syncUserData(user, ldapUser, ldap) {
 	logger.info('Syncing user data');
 	logger.debug('user', { email: user.email, _id: user._id });
@@ -397,33 +432,7 @@ export function syncUserData(user, ldapUser, ldap) {
 		}
 	}
 
-	const avatarField = (settings.get('LDAP_Avatar_Field') || 'thumbnailPhoto').trim();
-
-	if (user && user._id && settings.get('LDAP_Sync_User_Avatar') === true) {
-		const avatar = ldapUser._raw[avatarField] || ldapUser._raw.thumbnailPhoto || ldapUser._raw.jpegPhoto;
-
-		if (avatar) {
-			logger.info('Syncing user avatar');
-
-			const rs = RocketChatFile.bufferToStream(avatar);
-			const fileStore = FileUpload.getStore('Avatars');
-			fileStore.deleteByName(user.username);
-
-			const file = {
-				userId: user._id,
-				type: 'image/jpeg',
-			};
-
-			Meteor.runAsUser(user._id, () => {
-				fileStore.insert(file, rs, (err, result) => {
-					Meteor.setTimeout(function() {
-						Users.setAvatarData(user._id, 'ldap', result.etag);
-						Notifications.notifyLogged('updateAvatar', { username: user.username, etag: result.etag });
-					}, 500);
-				});
-			});
-		}
-	}
+	syncUserAvatar(user, ldapUser);
 }
 
 export function addLdapUser(ldapUser, username, password, ldap) {

app/message-attachments/client/messageAttachment.js

@@ -42,10 +42,10 @@ async function renderPdfToCanvas(canvasId, pdfLink) {
 		loader.style.display = 'block';
 	}
 
-	const pdf = await pdfjsLib.getDocument(pdfLink);
+	const pdf = await pdfjsLib.getDocument(pdfLink).promise;
 	const page = await pdf.getPage(1);
 	const scale = 0.5;
-	const viewport = page.getViewport(scale);
+	const viewport = page.getViewport({ scale });
 	const context = canvas.getContext('2d');
 	canvas.height = viewport.height;
 	canvas.width = viewport.width;

app/utils/rocketchat.info

@@ -1,3 +1,3 @@
 {
-	"version": "3.6.2"
+	"version": "3.6.3"
 }