Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RFC] Restrict who is able to join a team #6943

Closed
Ppjet6 opened this issue Jul 14, 2017 · 3 comments
Closed

[RFC] Restrict who is able to join a team #6943

Ppjet6 opened this issue Jul 14, 2017 · 3 comments

Comments

@Ppjet6
Copy link
Contributor

Ppjet6 commented Jul 14, 2017

Summary

This is a feature request.

Anybody who gets an invite link to a team can join the team. That means a link could get leaked and anybody would be able to access that team.

For the context, we use Mattermost in combination with Phabricator as the oauthserver, so people already need an account on our Phabricator instance to be able to login. This also enables us to invite customers that already have access there to join the Mattermost instance. Any customer that has access to an invite link though, (however they get it), will be able to join a team even if they're not supposed to.

Steps to reproduce

On version 4.0

  • Get an invite link for your team through the hamburger menu
  • Give it (accidentally/however) to somebody who is not supposed to have access to this team. Say user@customer.com

Expected behavior

The administrator or the team creator should be able to control who can join the team.

Observed behavior

Joining a team is not restricted.

Possible fixes

Apparently there is already an AllowedDomains property on the team model. I suppose this is what it was going to be used for, but I don't see much code for it. That could probably be used in app/team.go in joinUserToTeam.

I am not sure though what should be the behaviour wrt. the restrictCreationToDomains option.

Is there anything I should be aware of before implementing this? Any tips?
@lfbrock
Copy link
Contributor

lfbrock commented Jul 14, 2017

Hi @Ppjet6 - I think we used to have this on the teams and some of the old code is still there.

We moved it to be a server wide setting, so if we want to add it back for teams as well I think the things to think about would be the things you already mentioned:

  1. How this works with the server wide setting
  2. Improving the setting for restricting DMs across teams (right now it only restricts it in the UI for opening DMs)

Sounds like you're already discussing some of it with @jasonblais, so I think this would be a good one to work closely with him on to figure out what the behaviour should be.

@jmallach
Copy link

jmallach commented Jul 17, 2017
edited

Is it reasonable to make it so if the global configuration exist, it is enforced and it works as it works now, but if the per-team alloweddomains setting exists, it overrides the global setting?

@Ppjet6 Ppjet6 mentioned this issue Jul 17, 2017
Closed
7 tasks
@lindy65
Copy link
Contributor

lindy65 commented Aug 14, 2017

Thanks, we can track via the PR so I'll close this off here for now.

@lindy65 lindy65 closed this as completed Aug 14, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Ppjet6 @jmallach @lfbrock @lindy65