diff --git a/config/vanilla/bootstrap.early.php b/config/vanilla/bootstrap.early.php index c81bdcd..02072db 100644 --- a/config/vanilla/bootstrap.early.php +++ b/config/vanilla/bootstrap.early.php @@ -1,104 +1,5 @@ sql(); - - // Cache Settings - saveToConfig('Cache.Enabled', getenv('CACHE_ENABLED'), true); - saveToConfig('Cache.Method', getenv('CACHE_METHOD'), 'dirtycache'); - saveToConfig('memcached.Store', getenv('MEMCACHED_SERVER'), 'localhost:11211'); - - saveToConfig('Garden.Email.SupportName', getenv('MAIL_FROM_NAME') ); - saveToConfig('Garden.Email.SupportAddress', getenv('MAIL_FROM_ADDRESS')); - saveToConfig('Garden.Email.UseSmtp', getenv('MAIL_USE_SMTP')); - saveToConfig('Garden.Email.SmtpHost', getenv('MAIL_SMTP_HOSTNAME')); - saveToConfig('Garden.Email.SmtpUser', getenv('MAIL_SMTP_USERNAME')); - saveToConfig('Garden.Email.SmtpPassword', getenv('MAIL_SMTP_PASSWORD')); - saveToConfig('Garden.Email.SmtpPort', getenv('MAIL_SMTP_PORT')); - saveToConfig('Garden.Email.SmtpSecurity', getenv('MAIL_SMTP_SECURITY')); - - // Appearance - saveToConfig('Garden.Theme', 'topcoder-theme', false); - saveToConfig('Garden.MobileTheme', 'topcoder-theme', false); - saveToConfig('Feature.NewFlyouts.Enabled', true); - - // Feature - saveToConfig('Garden.EditContentTimeout', -1, false); - - // Profile settings - saveToConfig('Garden.Profile.EditPhotos', false); - - // Add settings for the Topcoder plugin - saveToConfig('Plugins.Topcoder.BaseApiURL', getenv('TOPCODER_PLUGIN_BASE_API_URL'),false); - saveToConfig('Plugins.Topcoder.MemberApiURI', getenv('TOPCODER_PLUGIN_MEMBER_API_URI'),false); - saveToConfig('Plugins.Topcoder.RoleApiURI', getenv('TOPCODER_PLUGIN_ROLE_API_URI'),false); - saveToConfig('Plugins.Topcoder.ResourceRolesApiURI', '/v5/resource-roles', false); - saveToConfig('Plugins.Topcoder.ResourcesApiURI', '/v5/resources', false); - saveToConfig('Plugins.Topcoder.MemberProfileURL', getenv('TOPCODER_PLUGIN_MEMBER_PROFILE_URL'), false); // prod: - saveToConfig('Plugins.Topcoder.UseTopcoderAuthToken', getenv('TOPCODER_PLUGIN_USE_AUTH_TOKEN'), false); - - saveToConfig('Plugins.Topcoder.ValidIssuers', str_replace(["[", "]", "\\", "\"", " "], '', getenv('VALID_ISSUERS'))); - - //Add settings for Topcoder M2M Auth0 - saveToConfig('Plugins.Topcoder.M2M.Auth0Audience', getenv('AUTH0_AUDIENCE')); - saveToConfig('Plugins.Topcoder.M2M.Auth0ClientId', getenv('AUTH0_CLIENT_ID')); - saveToConfig('Plugins.Topcoder.M2M.Auth0ClientSecret', getenv('AUTH0_CLIENT_SECRET')); - saveToConfig('Plugins.Topcoder.M2M.Auth0Url', getenv('AUTH0_URL')); - saveToConfig('Plugins.Topcoder.M2M.Auth0ProxyServerUrl', getenv('AUTH0_PROXY_SERVER_URL')); - - //Add settings for Topcoder SSO Auth0 - saveToConfig('Plugins.Topcoder.SSO.Auth0Domain', getenv('TOPCODER_PLUGIN_SSO_AUTH0DOMAIN')); - saveToConfig('Plugins.Topcoder.SSO.AuthorizationURI', '/v3/authorizations/1'); - saveToConfig('Plugins.Topcoder.SSO.CookieName', 'v3jwt',false); - saveToConfig('Plugins.Topcoder.SSO.TopcoderRS256.ID', getenv('TOPCODER_PLUGIN_SSO_TOPCODER_RS256_ID'), false); - saveToConfig('Plugins.Topcoder.SSO.TopcoderHS256.ID', getenv('TOPCODER_PLUGIN_SSO_TOPCODER_HS256_ID'), false); - - saveToConfig('Plugins.Topcoder.SSO.TopcoderHS256.Secret', getenv('TOPCODER_HS256_SECRET') ); - saveToConfig('Plugins.Topcoder.SSO.TopcoderRS256.UsernameClaim', 'nickname',false); - saveToConfig('Plugins.Topcoder.SSO.TopcoderHS256.UsernameClaim', 'handle',false); - $topcoderSSOAuth0Url = getenv('TOPCODER_PLUGIN_SSO_REFRESHTOKENURL'); - saveToConfig('Plugins.Topcoder.SSO.RefreshTokenURL', $topcoderSSOAuth0Url,false); - $signInUrl = getenv('TOPCODER_PLUGIN_SIGNIN_URL'); - $signOutUrl = getenv('TOPCODER_PLUGIN_SIGNOUT_URL'); - if($signInUrl === false) { - $signInUrl =$topcoderSSOAuth0Url.'?retUrl='.urlencode('https://'.$_SERVER['SERVER_NAME'].'/'); - } - if($signOutUrl === false) { - $signOutUrl =$topcoderSSOAuth0Url.'?logout=true&retUrl='.urlencode('https://'.$_SERVER['SERVER_NAME'].'/'); - } - saveToConfig('Plugins.Topcoder.AuthenticationProvider.SignInUrl', $signInUrl,false); - saveToConfig('Plugins.Topcoder.AuthenticationProvider.SignOutUrl', $signOutUrl,false); - saveToConfig('Plugins.Topcoder.AuthenticationProvider.RegisterUrl', getenv('TOPCODER_PLUGIN_AUTHENTICATIONPROVIDER_REGISTERURL'),false); - - // Filestack - saveToConfig('Plugins.Filestack.ApiKey', getenv('FILESTACK_API_KEY'),false); - - // SumoLogic - saveToConfig('Plugins.Sumologic.HttpSourceURL', '',false); - saveToConfig('Plugins.Sumologic.BatchSize', '10',false); - - // Add settings for the Editor plugin - if(c('Plugins.editor.ForceWysiwyg') === false) { - saveToConfig('Plugins.editor.ForceWysiwyg', false); - } - - // Add settings for the Syntax Prettifier plugin - if(c('Plugins.GooglePrettify.LineNumbers') === false) { - saveToConfig('Plugins.GooglePrettify.LineNumbers', ''); - saveToConfig('Plugins.GooglePrettify.NoCssFile', ''); - saveToConfig('Plugins.GooglePrettify.UseTabby', ''); - saveToConfig('Plugins.GooglePrettify.Language', ''); - } - - // Add settings for the Recaptcha plugin - if(c('Recaptcha.PrivateKey') === false) { - saveToConfig('Recaptcha.PrivateKey', getenv('RECAPTCHA_PLUGIN_PRIVATE_KEY'), false); - saveToConfig('Recaptcha.PublicKey', getenv('RECAPTCHA_PLUGIN_PUBLIC_KEY'), false); - } - - // Fix: Add the 'topcoder' role type in Role Table. It should be removed after upgrading existing DB. - // The Topcoder plugin's setup method will upgrade DB during Vanilla installation - $SQL->query('alter table GDN_Role modify Type enum(\'topcoder\', \'guest\', \'unconfirmed\', \'applicant\', \'member\', \'moderator\', \'administrator\')'); - + // Only for update in future } \ No newline at end of file diff --git a/config/vanilla/config.php b/config/vanilla/config.php index f0fe9a8..7708e85 100644 --- a/config/vanilla/config.php +++ b/config/vanilla/config.php @@ -2,18 +2,19 @@ $Configuration['Garden']['Installed'] = true; -$Configuration['Garden']['SignIn']['Popup'] = false; // Should the sign-in link pop up or go to it's own page - -// Conversations -$Configuration['Conversations']['Version'] = '3.0'; -$Configuration['Conversations']['Moderation']['Allow'] = true; - -// Database $Configuration['Database']['Name'] = getenv('MYSQL_DATABASE'); $Configuration['Database']['Host'] = getenv('MYSQL_HOST'); $Configuration['Database']['User'] = getenv('MYSQL_ROOT_USER'); $Configuration['Database']['Password'] = getenv('MYSQL_ROOT_PASSWORD'); +// Cache +$Configuration['Cache']['Enabled'] = getenv('CACHE_ENABLED'); +$Configuration['Cache']['Method'] = getenv('CACHE_METHOD'); + +// Conversations +$Configuration['Conversations']['Version'] = '3.0'; +$Configuration['Conversations']['Moderation']['Allow'] = true; + // EnabledApplications $Configuration['EnabledApplications']['Conversations'] = 'conversations'; $Configuration['EnabledApplications']['Vanilla'] = 'vanilla'; @@ -33,35 +34,39 @@ $Configuration['EnabledPlugins']['Groups'] = true; $Configuration['EnabledPlugins']['Filestack'] = true; $Configuration['EnabledPlugins']['Sumologic'] = true; -$Configuration['EnabledPlugins']['ReplyTo'] = true; //Uncomment it after upgrading DB - -// Debug -$Configuration['Debug'] = FALSE; -$Configuration['Vanilla']['SSO']['Debug'] = TRUE; - -// Email contents -$Configuration['Vanilla']['Activity']['ShowDiscussionBody'] = true; +$Configuration['EnabledPlugins']['ReplyTo'] = true; // Feature $Configuration['Feature']['NewFlyouts']['Enabled'] = true; -$Configuration['Vanilla']['EnableCategoryFollowing'] = true; -$Configuration['Garden']['EditContentTimeout'] = -1; // Garden +$Configuration['Garden']['SignIn']['Popup'] = false; +$Configuration['Garden']['EditContentTimeout'] = -1; $Configuration['Garden']['Title'] = 'Vanilla'; $Configuration['Garden']['Cookie']['Salt'] = 'rLpGSLgZD1AGdJ4n'; $Configuration['Garden']['Cookie']['Domain'] = ''; $Configuration['Garden']['Registration']['ConfirmEmail'] = true; -$Configuration['Garden']['Email']['SupportName'] = 'Vanilla'; +$Configuration['Garden']['Email']['SupportName'] = getenv('MAIL_FROM_NAME'); $Configuration['Garden']['Email']['Format'] = 'text'; -$Configuration['Garden']['SystemUserID'] = '1'; -$Configuration['Garden']['UpdateToken'] = 'c3988cd76f721f1a03d2c347ab6655609a548425'; +$Configuration['Garden']['Email']['SupportAddress'] = getenv('MAIL_FROM_ADDRESS'); +$Configuration['Garden']['Email']['UseSmtp'] = getenv('MAIL_USE_SMTP'); +$Configuration['Garden']['Email']['SmtpHost'] = getenv('MAIL_SMTP_HOSTNAME'); +$Configuration['Garden']['Email']['SmtpUser'] = getenv('MAIL_SMTP_USERNAME'); +$Configuration['Garden']['Email']['SmtpPassword'] = getenv('MAIL_SMTP_PASSWORD'); +$Configuration['Garden']['Email']['SmtpPort'] = getenv('MAIL_SMTP_PORT'); +$Configuration['Garden']['Email']['SmtpSecurity'] = getenv('MAIL_SMTP_SECURITY'); +$Configuration['Garden']['UpdateToken'] = '105e786dc643fd20143d3c137b593af168560c13'; $Configuration['Garden']['InputFormatter'] = 'Rich'; $Configuration['Garden']['Version'] = 'Undefined'; $Configuration['Garden']['CanProcessImages'] = true; $Configuration['Garden']['Theme'] = 'topcoder-theme'; $Configuration['Garden']['MobileTheme'] = 'topcoder-theme'; $Configuration['Garden']['Profile']['EditPhotos'] = false; +$Configuration['Garden']['SystemUserID'] = '1'; +$Configuration['Garden']['MobileInputFormatter'] = 'Rich'; +$Configuration['Garden']['AllowFileUploads'] = true; +$Configuration['Garden']['EditContentTimeout'] = -1; +$Configuration['Garden']['Profile']['EditPhotos'] = false; // Plugins $Configuration['Plugins']['editor']['ForceWysiwyg'] = false; @@ -72,6 +77,43 @@ $Configuration['Plugins']['GettingStarted']['Dashboard'] = '1'; $Configuration['Plugins']['GettingStarted']['Plugins'] = '1'; + +$Configuration['Plugins']['Topcoder']['BaseApiURL'] = getenv('TOPCODER_PLUGIN_BASE_API_URL'); +$Configuration['Plugins']['Topcoder']['MemberApiURI'] = getenv('TOPCODER_PLUGIN_MEMBER_API_URI'); +$Configuration['Plugins']['Topcoder']['RoleApiURI'] = getenv('TOPCODER_PLUGIN_ROLE_API_URI'); +$Configuration['Plugins']['Topcoder']['ResourceRolesApiURI'] = '/v5/resource-roles'; +$Configuration['Plugins']['Topcoder']['ResourcesApiURI'] = '/v5/resources'; +$Configuration['Plugins']['Topcoder']['MemberProfileURL'] = getenv('TOPCODER_PLUGIN_MEMBER_PROFILE_URL'); +$Configuration['Plugins']['Topcoder']['UseTopcoderAuthToken'] = getenv('TOPCODER_PLUGIN_USE_AUTH_TOKEN'); + + +$Configuration['Plugins']['Topcoder']['ValidIssuers'] = str_replace(["[", "]", "\\", "\"", " "], '', getenv('VALID_ISSUERS')); +$Configuration['Plugins']['Topcoder']['M2M']['Auth0Audience'] = getenv('AUTH0_AUDIENCE'); +$Configuration['Plugins']['Topcoder']['M2M']['Auth0ClientId'] = getenv('AUTH0_CLIENT_ID'); +$Configuration['Plugins']['Topcoder']['M2M']['Auth0ClientSecret'] = getenv('AUTH0_CLIENT_SECRET'); +$Configuration['Plugins']['Topcoder']['M2M']['Auth0Url'] = getenv('AUTH0_URL'); +$Configuration['Plugins']['Topcoder']['M2M']['Auth0ProxyServerUrl'] = getenv('AUTH0_PROXY_SERVER_URL'); +$Configuration['Plugins']['Topcoder']['SSO']['Auth0Domain'] = getenv('TOPCODER_PLUGIN_SSO_AUTH0DOMAIN'); +$Configuration['Plugins']['Topcoder']['SSO']['AuthorizationURI'] = '/v3/authorizations/1'; +$Configuration['Plugins']['Topcoder']['SSO']['CookieName'] = 'v3jwt'; +$Configuration['Plugins']['Topcoder']['SSO']['TopcoderRS256']['ID'] = getenv('TOPCODER_PLUGIN_SSO_TOPCODER_RS256_ID'); +$Configuration['Plugins']['Topcoder']['SSO']['TopcoderHS256']['ID'] = getenv('TOPCODER_PLUGIN_SSO_TOPCODER_HS256_ID'); +$Configuration['Plugins']['Topcoder']['SSO']['TopcoderHS256']['Secret'] = getenv('TOPCODER_HS256_SECRET'); +$Configuration['Plugins']['Topcoder']['SSO']['TopcoderRS256']['UsernameClaim'] = 'nickname'; +$Configuration['Plugins']['Topcoder']['SSO']['TopcoderHS256']['UsernameClaim'] = 'handle'; +$Configuration['Plugins']['Topcoder']['SSO']['RefreshTokenURL' ] = getenv('TOPCODER_PLUGIN_SSO_REFRESHTOKENURL'); + +// Filestack +$Configuration['Plugins']['Filestack']['ApiKey'] = getenv('FILESTACK_API_KEY'); + +// SumoLogic +$Configuration['Plugins']['Sumologic']['HttpSourceURL'] = ''; +$Configuration['Plugins']['Sumologic']['BatchSize'] = 10; + + +// RichEditor +$Configuration['RichEditor']['Quote']['Enable'] = true; + // Routes $Configuration['Routes']['YXBwbGUtdG91Y2gtaWNvbi5wbmc='] = array ( 0 => 'utility/showtouchicon', @@ -90,8 +132,18 @@ 1 => 'Internal', ); $Configuration['Routes']['DefaultController'] = 'discussions'; +$Configuration['Routes']['XmZpbGVzdGFjaygvLiopPyQ='] = array ( + 0 => 'vanilla/filestack$1', + 1 => 'Internal', +); // Vanilla +$Configuration['Vanilla']['SSO']['Debug'] = true; +$Configuration['Vanilla']['Activity']['ShowDiscussionBody'] = true; +$Configuration['Vanilla']['EnableCategoryFollowing'] = true; $Configuration['Vanilla']['Version'] = '3.0'; -// Last edited by admin (172.26.0.1) 2020-09-03 13:16:33 \ No newline at end of file +// memcached +$Configuration['memcached']['Store'] = getenv('MEMCACHED_SERVER'); + +// Initial setup config \ No newline at end of file diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 674b70a..b360c27 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -7,6 +7,8 @@ services: - 3306:3306 env_file: - ./mysql.env + security_opt: + - seccomp:unconfined command: --default-authentication-plugin=mysql_native_password vanilla-forums: links: diff --git a/vanilla/applications/dashboard/models/class.rolemodel.php b/vanilla/applications/dashboard/models/class.rolemodel.php index 7908c2b..b39b164 100644 --- a/vanilla/applications/dashboard/models/class.rolemodel.php +++ b/vanilla/applications/dashboard/models/class.rolemodel.php @@ -45,14 +45,18 @@ class RoleModel extends Gdn_Model { 'Connect Manager' => [], 'Connect Account Manager' => [], 'Connect Copilot' => [ - 'Name' => ROLE_TOPCODER_CONNECT_COPILOT, - 'Type' => ROLE_TYPE_TOPCODER, - 'Garden.Uploads.Add' => 1 + 'Groups.Category.Manage' => 1, + 'Groups.Moderation.Manage' => 1, + 'Groups.EmailInvitations.Add' => 1 ], 'Connect Admin' => [ // all permissions ], - 'Connect Copilot Manager' => [], + 'Connect Copilot Manager' => [ + 'Groups.Category.Manage' => 1, + 'Groups.Moderation.Manage' => 1, + 'Groups.EmailInvitations.Add' => 1 + ], 'Business Development Representative' => [], 'Presales' => [], 'Account Executive' => [], @@ -63,11 +67,15 @@ class RoleModel extends Gdn_Model { ]; const TOPCODER_PROJECT_ROLES = [ - 'manager' => [], + 'manager' => [ + 'Groups.Category.Manage' => 1, + 'Groups.Moderation.Manage' => 1, + 'Groups.EmailInvitations.Add' => 1 + ], 'copilot' => [ - 'Name' => ROLE_TOPCODER_PROJECT_COPILOT, - 'Type' => ROLE_TYPE_TOPCODER, - 'Garden.Uploads.Add' => 1 + 'Groups.Category.Manage' => 1, + 'Groups.Moderation.Manage' => 1, + 'Groups.EmailInvitations.Add' => 1 ], 'customer' => [], 'observer'=> [], diff --git a/vanilla/applications/dashboard/settings/class.hooks.php b/vanilla/applications/dashboard/settings/class.hooks.php index 9ae898d..1eabced 100644 --- a/vanilla/applications/dashboard/settings/class.hooks.php +++ b/vanilla/applications/dashboard/settings/class.hooks.php @@ -912,52 +912,57 @@ public function updateModel_afterStructure_handler($sender) { if (!$hasPermissions) { PermissionModel::resetAllRoles(); - // TODO: refactor it - //create Topocder roles - $RoleModel = new RoleModel(); $PermissionModel = new PermissionModel(); // Configure default permission for Topcoder roles $allRoles = $RoleModel->getByType(RoleModel::TYPE_TOPCODER)->resultArray(); - foreach ($allRoles as $role) { - $allPermissions = $PermissionModel->getRolePermissions($role['RoleID']); - foreach ($allPermissions as $permission) { - $roleName = $role['Name']; - if (array_key_exists($roleName, RoleModel::TOPCODER_ROLES)) { - if ($roleName == RoleModel::ROLE_TOPCODER_CONNECT_ADMIN || $roleName == RoleModel::ROLE_TOPCODER_ADMINISTRATOR) { - foreach ($permission as $key => $value) { - if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn' - && $key !== 'JunctionID') { - $permission[$key] = 1; - } - } - } else { - $globalRolePermissions = RoleModel::TOPCODER_ROLES[$roleName]; - foreach ($permission as $key => $value) { - if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn' - && $key !== 'JunctionID') { - $permission[$key] = array_key_exists($key, $globalRolePermissions) ? $globalRolePermissions[$key] : $value; - } - } + $this->updateTopcoderRolePermissions($PermissionModel, $allRoles, RoleModel::TOPCODER_ROLES); + $this->updateTopcoderRolePermissions($PermissionModel, $allRoles, RoleModel::TOPCODER_PROJECT_ROLES); + $this->configureDefaultCategoryPermission($PermissionModel, $allRoles, RoleModel::TOPCODER_ROLES); + + } + } + private function configureDefaultCategoryPermission($PermissionModel, $allRoles) { + foreach ($allRoles as $role) { + $allPermissions = $PermissionModel->getRolePermissions($role['RoleID'], '', 'Category', 'PermissionCategoryID', -1); + foreach ($allPermissions as $permission) { + $roleName = $role['Name']; + if ($roleName == RoleModel::ROLE_TOPCODER_CONNECT_ADMIN || $roleName == RoleModel::ROLE_TOPCODER_ADMINISTRATOR) { + foreach ($permission as $key => $value) { + if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn' + && $key !== 'JunctionID') { + $permission[$key] = 1; } $PermissionModel->save($permission); } } } - // Configure default category permission for Topcoder roles - foreach ($allRoles as $role) { - $allPermissions = $PermissionModel->getRolePermissions($role['RoleID'], '', 'Category', 'PermissionCategoryID', -1); - foreach ($allPermissions as $permission) { - $roleName = $role['Name']; + } + } + + private function updateTopcoderRolePermissions($PermissionModel, $allRoles, $topcoderRoles) { + foreach ($allRoles as $role) { + $allPermissions = $PermissionModel->getRolePermissions($role['RoleID']); + foreach ($allPermissions as $permission) { + $roleName = $role['Name']; + if (array_key_exists($roleName, $topcoderRoles)) { if ($roleName == RoleModel::ROLE_TOPCODER_CONNECT_ADMIN || $roleName == RoleModel::ROLE_TOPCODER_ADMINISTRATOR) { foreach ($permission as $key => $value) { if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn' && $key !== 'JunctionID') { $permission[$key] = 1; } - $PermissionModel->save($permission); + } + } else { + $globalRolePermissions = $topcoderRoles[$roleName]; + foreach ($permission as $key => $value) { + if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn' + && $key !== 'JunctionID') { + $permission[$key] = array_key_exists($key, $globalRolePermissions) ? $globalRolePermissions[$key] : $value; + } } } + $PermissionModel->save($permission); } } }