Merge branch 'develop-upstream' into #8381-poc

.docker/Dockerfile

@@ -1,6 +1,6 @@
 FROM rocketchat/base:8
 
-ENV RC_VERSION 0.62.0-develop
+ENV RC_VERSION 0.63.0-develop
 
 MAINTAINER buildmaster@rocket.chat
 

.sandstorm/sandstorm-pkgdef.capnp

@@ -21,7 +21,7 @@ const pkgdef :Spk.PackageDefinition = (
 
 		appVersion = 62,  # Increment this for every release.
 
-		appMarketingVersion = (defaultText = "0.62.0-develop"),
+		appMarketingVersion = (defaultText = "0.63.0-develop"),
 		# Human-readable representation of appVersion. Should match the way you
 		# identify versions of your app in documentation and marketing.
 

.travis/snap.sh

@@ -17,7 +17,7 @@ elif [[ $TRAVIS_TAG ]]; then
     RC_VERSION=$TRAVIS_TAG
 else
     CHANNEL=edge
-    RC_VERSION=0.62.0-develop
+    RC_VERSION=0.63.0-develop
 fi
 
 echo "Preparing to trigger a snap release for $CHANNEL channel"

imports/message-read-receipt/server/hooks.js

@@ -2,6 +2,11 @@ import { ReadReceipt } from './lib/ReadReceipt';
 
 RocketChat.callbacks.add('afterSaveMessage', (message, room) => {
 
+	// skips this callback if the message was edited
+	if (message.editedAt) {
+		return message;
+	}
+
 	// set subscription as read right after message was sent
 	RocketChat.models.Subscriptions.setAsReadByRoomIdAndUserId(room._id, message.u._id);
 

package.json

@@ -1,7 +1,7 @@
 {
 	"name": "Rocket.Chat",
 	"description": "The Ultimate Open Source WebChat Platform",
-	"version": "0.62.0-develop",
+	"version": "0.63.0-develop",
 	"author": {
 		"name": "Rocket.Chat",
 		"url": "https://rocket.chat/"

packages/rocketchat-api/server/v1/channels.js

@@ -330,7 +330,14 @@ RocketChat.API.v1.addRoute('channels.history', { authRequired: true }, {
 
 		let result;
 		Meteor.runAsUser(this.userId, () => {
-			result = Meteor.call('getChannelHistory', { rid: findResult._id, latest: latestDate, oldest: oldestDate, inclusive, count, unreads });
+			result = Meteor.call('getChannelHistory', {
+				rid: findResult._id,
+				latest: latestDate,
+				oldest: oldestDate,
+				inclusive,
+				count,
+				unreads
+			});
 		});
 
 		if (!result) {
@@ -417,15 +424,15 @@ RocketChat.API.v1.addRoute('channels.list', { authRequired: true }, {
 		action() {
 			const { offset, count } = this.getPaginationItems();
 			const { sort, fields, query } = this.parseJsonQuery();
+			const hasPermissionToSeeAllPublicChannels = RocketChat.authz.hasPermission(this.userId, 'view-c-room');
 
 			const ourQuery = Object.assign({}, query, { t: 'c' });
 
-			//Special check for the permissions
-			if (RocketChat.authz.hasPermission(this.userId, 'view-joined-room')) {
+			if (RocketChat.authz.hasPermission(this.userId, 'view-joined-room') && !hasPermissionToSeeAllPublicChannels) {
 				ourQuery.usernames = {
-					$in: [ this.user.username ]
+					$in: [this.user.username]
 				};
-			} else if (!RocketChat.authz.hasPermission(this.userId, 'view-c-room')) {
+			} else if (!hasPermissionToSeeAllPublicChannels) {
 				return RocketChat.API.v1.unauthorized();
 			}
 
@@ -476,7 +483,11 @@ RocketChat.API.v1.addRoute('channels.list.joined', { authRequired: true }, {
 
 RocketChat.API.v1.addRoute('channels.members', { authRequired: true }, {
 	get() {
-		const findResult = findChannelByIdOrName({ params: this.requestParams(), checkedArchived: false, returnUsernames: true });
+		const findResult = findChannelByIdOrName({
+			params: this.requestParams(),
+			checkedArchived: false,
+			returnUsernames: true
+		});
 
 		const { offset, count } = this.getPaginationItems();
 		const { sort } = this.parseJsonQuery();
@@ -625,7 +636,7 @@ RocketChat.API.v1.addRoute('channels.rename', { authRequired: true }, {
 			return RocketChat.API.v1.failure('The bodyParam "name" is required');
 		}
 
-		const findResult = findChannelByIdOrName({ params: { roomId: this.bodyParams.roomId} });
+		const findResult = findChannelByIdOrName({ params: { roomId: this.bodyParams.roomId } });
 
 		if (findResult.name === this.bodyParams.name) {
 			return RocketChat.API.v1.failure('The channel name is the same as what it would be renamed to.');

packages/rocketchat-api/server/v1/users.js

@@ -260,14 +260,41 @@ RocketChat.API.v1.addRoute('users.update', { authRequired: true }, {
 	}
 });
 
+RocketChat.API.v1.addRoute('users.updateOwnBasicInfo', { authRequired: true }, {
+	post() {
+		check(this.bodyParams, {
+			data: Match.ObjectIncluding({
+				email: Match.Maybe(String),
+				name: Match.Maybe(String),
+				username: Match.Maybe(String),
+				currentPassword: Match.Maybe(String),
+				newPassword: Match.Maybe(String)
+			}),
+			customFields: Match.Maybe(Object)
+		});
+
+		const userData = {
+			email: this.bodyParams.data.email,
+			realname: this.bodyParams.data.name,
+			username: this.bodyParams.data.username,
+			newPassword: this.bodyParams.data.newPassword,
+			typedPassword: this.bodyParams.data.currentPassword
+		};
+
+		Meteor.runAsUser(this.userId, () => Meteor.call('saveUserProfile', userData, this.bodyParams.customFields));
+
+		return RocketChat.API.v1.success({ user: RocketChat.models.Users.findOneById(this.userId, { fields: RocketChat.API.v1.defaultFieldsToExclude }) });
+	}
+});
+
 RocketChat.API.v1.addRoute('users.createToken', { authRequired: true }, {
 	post() {
 		const user = this.getUserFromParams();
 		let data;
 		Meteor.runAsUser(this.userId, () => {
 			data = Meteor.call('createToken', user._id);
 		});
-		return data ? RocketChat.API.v1.success({data}) : RocketChat.API.v1.unauthorized();
+		return data ? RocketChat.API.v1.success({ data }) : RocketChat.API.v1.unauthorized();
 	}
 });
 

packages/rocketchat-cors/cors.js

@@ -3,11 +3,18 @@ import _ from 'underscore';
 
 import url from 'url';
 
+import { Mongo } from 'meteor/mongo';
 import tls from 'tls';
 // FIX For TLS error see more here https://github.com/RocketChat/Rocket.Chat/issues/9316
 // TODO: Remove after NodeJS fix it, more information https://github.com/nodejs/node/issues/16196 https://github.com/nodejs/node/pull/16853
 tls.DEFAULT_ECDH_CURVE = 'auto';
 
+// Revert change from Meteor 1.6.1 who set ignoreUndefined: true
+// more information https://github.com/meteor/meteor/pull/9444
+Mongo.setConnectionOptions({
+	ignoreUndefined: false
+});
+
 WebApp.rawConnectHandlers.use(Meteor.bindEnvironment(function(req, res, next) {
 	if (req._body) {
 		return next();

packages/rocketchat-cors/package.js

@@ -8,7 +8,8 @@ Package.describe({
 Package.onUse(function(api) {
 	api.use([
 		'ecmascript',
-		'webapp'
+		'webapp',
+		'mongo'
 	]);
 
 	api.addFiles('cors.js', 'server');

packages/rocketchat-file-upload/server/lib/requests.js

@@ -1,6 +1,6 @@
 /* globals FileUpload, WebApp */
 
-WebApp.connectHandlers.use(`${ __meteor_runtime_config__.ROOT_URL_PATH_PREFIX }/file-upload/`,	function(req, res, next) {
+WebApp.connectHandlers.use('/file-upload/',	function(req, res, next) {
 
 	const match = /^\/([^\/]+)\/(.*)/.exec(req.url);
 

packages/rocketchat-importer/server/classes/ImporterBase.js

@@ -26,7 +26,7 @@ export class Base {
 	 * @static
 	 */
 	static getBSONSize(item) {
-		const { BSON } = require('bson').native();
+		const { BSON } = require('bson');
 		const bson = new BSON();
 		return bson.calculateObjectSize(item);
 	}

packages/rocketchat-lib/client/lib/cachedCollection.js

@@ -99,7 +99,7 @@ class CachedCollection {
 		useSync = true,
 		useCache = true,
 		debug = false,
-		version = 6,
+		version = 7,
 		maxCacheTime = 60*60*24*30,
 		onSyncData = (/* action, record */) => {}
 	}) {

packages/rocketchat-lib/rocketchat.info

@@ -1,3 +1,3 @@
 {
-	"version": "0.62.0-develop"
+	"version": "0.63.0-develop"
 }

packages/rocketchat-lib/server/functions/deleteUser.js

@@ -1,30 +1,33 @@
 RocketChat.deleteUser = function(userId) {
 	const user = RocketChat.models.Users.findOneById(userId);
 
-	RocketChat.models.Messages.removeByUserId(userId); // Remove user messages
-	RocketChat.models.Subscriptions.db.findByUserId(userId).forEach((subscription) => {
-		const room = RocketChat.models.Rooms.findOneById(subscription.rid);
-		if (room) {
-			if (room.t !== 'c' && room.usernames.length === 1) {
-				RocketChat.models.Rooms.removeById(subscription.rid); // Remove non-channel rooms with only 1 user (the one being deleted)
+	// Users without username can't do anything, so there is nothing to remove
+	if (user.username != null) {
+		RocketChat.models.Messages.removeByUserId(userId); // Remove user messages
+		RocketChat.models.Subscriptions.db.findByUserId(userId).forEach((subscription) => {
+			const room = RocketChat.models.Rooms.findOneById(subscription.rid);
+			if (room) {
+				if (room.t !== 'c' && room.usernames.length === 1) {
+					RocketChat.models.Rooms.removeById(subscription.rid); // Remove non-channel rooms with only 1 user (the one being deleted)
+				}
+				if (room.t === 'd') {
+					RocketChat.models.Subscriptions.removeByRoomId(subscription.rid);
+					RocketChat.models.Messages.removeByRoomId(subscription.rid);
+				}
 			}
-			if (room.t === 'd') {
-				RocketChat.models.Subscriptions.removeByRoomId(subscription.rid);
-				RocketChat.models.Messages.removeByRoomId(subscription.rid);
-			}
-		}
-	});
+		});
 
-	RocketChat.models.Subscriptions.removeByUserId(userId); // Remove user subscriptions
-	RocketChat.models.Rooms.removeByTypeContainingUsername('d', user.username); // Remove direct rooms with the user
-	RocketChat.models.Rooms.removeUsernameFromAll(user.username); // Remove user from all other rooms
+		RocketChat.models.Subscriptions.removeByUserId(userId); // Remove user subscriptions
+		RocketChat.models.Rooms.removeByTypeContainingUsername('d', user.username); // Remove direct rooms with the user
+		RocketChat.models.Rooms.removeUsernameFromAll(user.username); // Remove user from all other rooms
 
-	// removes user's avatar
-	if (user.avatarOrigin === 'upload' || user.avatarOrigin === 'url') {
-		FileUpload.getStore('Avatars').deleteByName(user.username);
-	}
+		// removes user's avatar
+		if (user.avatarOrigin === 'upload' || user.avatarOrigin === 'url') {
+			FileUpload.getStore('Avatars').deleteByName(user.username);
+		}
 
-	RocketChat.models.Integrations.disableByUserId(userId); // Disables all the integrations which rely on the user being deleted.
+		RocketChat.models.Integrations.disableByUserId(userId); // Disables all the integrations which rely on the user being deleted.
+	}
 
 	RocketChat.models.Users.removeById(userId); // Remove user from users database
 };