Merge pull request #187 from topcoder-platform/develop

Prod deploy

Author: jmgasper

config/vanilla/bootstrap.early.php

@@ -1,104 +1,5 @@
 <?php if (!defined('APPLICATION')) exit();
 
 if (c('Garden.Installed')) {
-    $Database = Gdn::database();
-    $SQL = $Database->sql();
-
-    // Cache Settings
-    saveToConfig('Cache.Enabled', getenv('CACHE_ENABLED'), true);
-    saveToConfig('Cache.Method', getenv('CACHE_METHOD'), 'dirtycache');
-    saveToConfig('memcached.Store', getenv('MEMCACHED_SERVER'), 'localhost:11211');
-
-    saveToConfig('Garden.Email.SupportName', getenv('MAIL_FROM_NAME') );
-    saveToConfig('Garden.Email.SupportAddress', getenv('MAIL_FROM_ADDRESS'));
-    saveToConfig('Garden.Email.UseSmtp', getenv('MAIL_USE_SMTP'));
-    saveToConfig('Garden.Email.SmtpHost', getenv('MAIL_SMTP_HOSTNAME'));
-    saveToConfig('Garden.Email.SmtpUser', getenv('MAIL_SMTP_USERNAME'));
-    saveToConfig('Garden.Email.SmtpPassword', getenv('MAIL_SMTP_PASSWORD'));
-    saveToConfig('Garden.Email.SmtpPort', getenv('MAIL_SMTP_PORT'));
-    saveToConfig('Garden.Email.SmtpSecurity', getenv('MAIL_SMTP_SECURITY'));
-
-    // Appearance
-    saveToConfig('Garden.Theme', 'topcoder-theme', false);
-    saveToConfig('Garden.MobileTheme', 'topcoder-theme', false);
-    saveToConfig('Feature.NewFlyouts.Enabled', true);
-
-    // Feature
-    saveToConfig('Garden.EditContentTimeout', -1, false);
-
-    // Profile settings
-    saveToConfig('Garden.Profile.EditPhotos', false);
-
-    // Add settings for the Topcoder plugin
-    saveToConfig('Plugins.Topcoder.BaseApiURL', getenv('TOPCODER_PLUGIN_BASE_API_URL'),false);
-    saveToConfig('Plugins.Topcoder.MemberApiURI', getenv('TOPCODER_PLUGIN_MEMBER_API_URI'),false);
-    saveToConfig('Plugins.Topcoder.RoleApiURI', getenv('TOPCODER_PLUGIN_ROLE_API_URI'),false);
-    saveToConfig('Plugins.Topcoder.ResourceRolesApiURI', '/v5/resource-roles', false);
-    saveToConfig('Plugins.Topcoder.ResourcesApiURI', '/v5/resources', false);
-    saveToConfig('Plugins.Topcoder.MemberProfileURL', getenv('TOPCODER_PLUGIN_MEMBER_PROFILE_URL'), false); // prod: 
-    saveToConfig('Plugins.Topcoder.UseTopcoderAuthToken', getenv('TOPCODER_PLUGIN_USE_AUTH_TOKEN'), false);
-
-    saveToConfig('Plugins.Topcoder.ValidIssuers', str_replace(["[", "]", "\\", "\"", " "], '', getenv('VALID_ISSUERS')));
-
-    //Add settings for Topcoder M2M Auth0
-    saveToConfig('Plugins.Topcoder.M2M.Auth0Audience', getenv('AUTH0_AUDIENCE'));
-    saveToConfig('Plugins.Topcoder.M2M.Auth0ClientId', getenv('AUTH0_CLIENT_ID'));
-    saveToConfig('Plugins.Topcoder.M2M.Auth0ClientSecret', getenv('AUTH0_CLIENT_SECRET'));
-    saveToConfig('Plugins.Topcoder.M2M.Auth0Url', getenv('AUTH0_URL'));
-    saveToConfig('Plugins.Topcoder.M2M.Auth0ProxyServerUrl', getenv('AUTH0_PROXY_SERVER_URL'));
-
-     //Add settings for Topcoder SSO Auth0
-    saveToConfig('Plugins.Topcoder.SSO.Auth0Domain', getenv('TOPCODER_PLUGIN_SSO_AUTH0DOMAIN'));
-    saveToConfig('Plugins.Topcoder.SSO.AuthorizationURI', '/v3/authorizations/1');
-    saveToConfig('Plugins.Topcoder.SSO.CookieName', 'v3jwt',false);
-    saveToConfig('Plugins.Topcoder.SSO.TopcoderRS256.ID', getenv('TOPCODER_PLUGIN_SSO_TOPCODER_RS256_ID'), false);
-    saveToConfig('Plugins.Topcoder.SSO.TopcoderHS256.ID', getenv('TOPCODER_PLUGIN_SSO_TOPCODER_HS256_ID'), false);
-    
-    saveToConfig('Plugins.Topcoder.SSO.TopcoderHS256.Secret', getenv('TOPCODER_HS256_SECRET') );
-    saveToConfig('Plugins.Topcoder.SSO.TopcoderRS256.UsernameClaim', 'nickname',false);
-    saveToConfig('Plugins.Topcoder.SSO.TopcoderHS256.UsernameClaim', 'handle',false);
-    $topcoderSSOAuth0Url = getenv('TOPCODER_PLUGIN_SSO_REFRESHTOKENURL');
-    saveToConfig('Plugins.Topcoder.SSO.RefreshTokenURL', $topcoderSSOAuth0Url,false);
-    $signInUrl = getenv('TOPCODER_PLUGIN_SIGNIN_URL');
-    $signOutUrl = getenv('TOPCODER_PLUGIN_SIGNOUT_URL');
-    if($signInUrl === false) {
-        $signInUrl =$topcoderSSOAuth0Url.'?retUrl='.urlencode('https://'.$_SERVER['SERVER_NAME'].'/');
-    }
-    if($signOutUrl === false) {
-        $signOutUrl =$topcoderSSOAuth0Url.'?logout=true&retUrl='.urlencode('https://'.$_SERVER['SERVER_NAME'].'/');
-    }
-    saveToConfig('Plugins.Topcoder.AuthenticationProvider.SignInUrl', $signInUrl,false);
-    saveToConfig('Plugins.Topcoder.AuthenticationProvider.SignOutUrl', $signOutUrl,false);
-    saveToConfig('Plugins.Topcoder.AuthenticationProvider.RegisterUrl', getenv('TOPCODER_PLUGIN_AUTHENTICATIONPROVIDER_REGISTERURL'),false);
-
-    // Filestack
-    saveToConfig('Plugins.Filestack.ApiKey', getenv('FILESTACK_API_KEY'),false);
-
-    // SumoLogic
-    saveToConfig('Plugins.Sumologic.HttpSourceURL', '',false);
-    saveToConfig('Plugins.Sumologic.BatchSize', '10',false);
-
-    // Add settings for the Editor plugin
-    if(c('Plugins.editor.ForceWysiwyg') === false) {
-        saveToConfig('Plugins.editor.ForceWysiwyg', false);
-    }
-
-    // Add settings for the Syntax Prettifier plugin
-    if(c('Plugins.GooglePrettify.LineNumbers') === false) {
-        saveToConfig('Plugins.GooglePrettify.LineNumbers', '');
-        saveToConfig('Plugins.GooglePrettify.NoCssFile', '');
-        saveToConfig('Plugins.GooglePrettify.UseTabby', '');
-        saveToConfig('Plugins.GooglePrettify.Language', '');
-    }
-
-    // Add settings for the Recaptcha plugin
-    if(c('Recaptcha.PrivateKey') === false) {
-        saveToConfig('Recaptcha.PrivateKey', getenv('RECAPTCHA_PLUGIN_PRIVATE_KEY'), false);
-        saveToConfig('Recaptcha.PublicKey', getenv('RECAPTCHA_PLUGIN_PUBLIC_KEY'), false);
-    }
-
-    // Fix: Add the 'topcoder' role type in Role Table. It should be removed after upgrading existing DB.
-    // The Topcoder plugin's setup method will upgrade DB during Vanilla installation
-    $SQL->query('alter table GDN_Role modify Type enum(\'topcoder\', \'guest\', \'unconfirmed\', \'applicant\', \'member\', \'moderator\', \'administrator\')');
-
+   // Only for update in future
 }

config/vanilla/config.php

@@ -2,18 +2,19 @@
 
 $Configuration['Garden']['Installed'] = true;
 
-$Configuration['Garden']['SignIn']['Popup'] = false; // Should the sign-in link pop up or go to it's own page
-
-// Conversations
-$Configuration['Conversations']['Version'] = '3.0';
-$Configuration['Conversations']['Moderation']['Allow'] = true;
-
-// Database
 $Configuration['Database']['Name'] = getenv('MYSQL_DATABASE');
 $Configuration['Database']['Host'] = getenv('MYSQL_HOST');
 $Configuration['Database']['User'] = getenv('MYSQL_ROOT_USER');
 $Configuration['Database']['Password'] = getenv('MYSQL_ROOT_PASSWORD');
 
+// Cache
+$Configuration['Cache']['Enabled'] = getenv('CACHE_ENABLED');
+$Configuration['Cache']['Method'] = getenv('CACHE_METHOD');
+
+// Conversations
+$Configuration['Conversations']['Version'] = '3.0';
+$Configuration['Conversations']['Moderation']['Allow'] = true;
+
 // EnabledApplications
 $Configuration['EnabledApplications']['Conversations'] = 'conversations';
 $Configuration['EnabledApplications']['Vanilla'] = 'vanilla';
@@ -33,35 +34,39 @@
 $Configuration['EnabledPlugins']['Groups'] = true;
 $Configuration['EnabledPlugins']['Filestack'] = true;
 $Configuration['EnabledPlugins']['Sumologic'] = true;
-$Configuration['EnabledPlugins']['ReplyTo'] = true; //Uncomment it after upgrading DB
-
-// Debug
-$Configuration['Debug'] = FALSE;
-$Configuration['Vanilla']['SSO']['Debug'] = TRUE;
-
-// Email contents
-$Configuration['Vanilla']['Activity']['ShowDiscussionBody'] = true;
+$Configuration['EnabledPlugins']['ReplyTo'] = true;
 
 // Feature
 $Configuration['Feature']['NewFlyouts']['Enabled'] = true;
-$Configuration['Vanilla']['EnableCategoryFollowing'] = true;
-$Configuration['Garden']['EditContentTimeout'] = -1;
 
 // Garden
+$Configuration['Garden']['SignIn']['Popup'] = false;
+$Configuration['Garden']['EditContentTimeout'] = -1;
 $Configuration['Garden']['Title'] = 'Vanilla';
 $Configuration['Garden']['Cookie']['Salt'] = 'rLpGSLgZD1AGdJ4n';
 $Configuration['Garden']['Cookie']['Domain'] = '';
 $Configuration['Garden']['Registration']['ConfirmEmail'] = true;
-$Configuration['Garden']['Email']['SupportName'] = 'Vanilla';
+$Configuration['Garden']['Email']['SupportName'] =  getenv('MAIL_FROM_NAME');
 $Configuration['Garden']['Email']['Format'] = 'text';
-$Configuration['Garden']['SystemUserID'] = '1';
-$Configuration['Garden']['UpdateToken'] = 'c3988cd76f721f1a03d2c347ab6655609a548425';
+$Configuration['Garden']['Email']['SupportAddress'] = getenv('MAIL_FROM_ADDRESS');
+$Configuration['Garden']['Email']['UseSmtp'] =  getenv('MAIL_USE_SMTP');
+$Configuration['Garden']['Email']['SmtpHost'] = getenv('MAIL_SMTP_HOSTNAME');
+$Configuration['Garden']['Email']['SmtpUser'] =  getenv('MAIL_SMTP_USERNAME');
+$Configuration['Garden']['Email']['SmtpPassword'] = getenv('MAIL_SMTP_PASSWORD');
+$Configuration['Garden']['Email']['SmtpPort'] = getenv('MAIL_SMTP_PORT');
+$Configuration['Garden']['Email']['SmtpSecurity'] = getenv('MAIL_SMTP_SECURITY');
+$Configuration['Garden']['UpdateToken'] = '105e786dc643fd20143d3c137b593af168560c13';
 $Configuration['Garden']['InputFormatter'] = 'Rich';
 $Configuration['Garden']['Version'] = 'Undefined';
 $Configuration['Garden']['CanProcessImages'] = true;
 $Configuration['Garden']['Theme'] = 'topcoder-theme';
 $Configuration['Garden']['MobileTheme'] = 'topcoder-theme';
 $Configuration['Garden']['Profile']['EditPhotos'] = false;
+$Configuration['Garden']['SystemUserID'] = '1';
+$Configuration['Garden']['MobileInputFormatter'] = 'Rich';
+$Configuration['Garden']['AllowFileUploads'] = true;
+$Configuration['Garden']['EditContentTimeout'] = -1;
+$Configuration['Garden']['Profile']['EditPhotos'] = false;
 
 // Plugins
 $Configuration['Plugins']['editor']['ForceWysiwyg'] = false;
@@ -72,6 +77,43 @@
 $Configuration['Plugins']['GettingStarted']['Dashboard'] = '1';
 $Configuration['Plugins']['GettingStarted']['Plugins'] = '1';
 
+
+$Configuration['Plugins']['Topcoder']['BaseApiURL'] = getenv('TOPCODER_PLUGIN_BASE_API_URL');
+$Configuration['Plugins']['Topcoder']['MemberApiURI'] = getenv('TOPCODER_PLUGIN_MEMBER_API_URI');
+$Configuration['Plugins']['Topcoder']['RoleApiURI'] = getenv('TOPCODER_PLUGIN_ROLE_API_URI');
+$Configuration['Plugins']['Topcoder']['ResourceRolesApiURI'] = '/v5/resource-roles';
+$Configuration['Plugins']['Topcoder']['ResourcesApiURI'] = '/v5/resources';
+$Configuration['Plugins']['Topcoder']['MemberProfileURL'] = getenv('TOPCODER_PLUGIN_MEMBER_PROFILE_URL');
+$Configuration['Plugins']['Topcoder']['UseTopcoderAuthToken'] = getenv('TOPCODER_PLUGIN_USE_AUTH_TOKEN');
+
+
+$Configuration['Plugins']['Topcoder']['ValidIssuers'] = str_replace(["[", "]", "\\", "\"", " "], '', getenv('VALID_ISSUERS'));
+$Configuration['Plugins']['Topcoder']['M2M']['Auth0Audience'] = getenv('AUTH0_AUDIENCE');
+$Configuration['Plugins']['Topcoder']['M2M']['Auth0ClientId'] = getenv('AUTH0_CLIENT_ID');
+$Configuration['Plugins']['Topcoder']['M2M']['Auth0ClientSecret'] = getenv('AUTH0_CLIENT_SECRET');
+$Configuration['Plugins']['Topcoder']['M2M']['Auth0Url'] =  getenv('AUTH0_URL');
+$Configuration['Plugins']['Topcoder']['M2M']['Auth0ProxyServerUrl'] = getenv('AUTH0_PROXY_SERVER_URL');
+$Configuration['Plugins']['Topcoder']['SSO']['Auth0Domain'] = getenv('TOPCODER_PLUGIN_SSO_AUTH0DOMAIN');
+$Configuration['Plugins']['Topcoder']['SSO']['AuthorizationURI'] = '/v3/authorizations/1';
+$Configuration['Plugins']['Topcoder']['SSO']['CookieName'] = 'v3jwt';
+$Configuration['Plugins']['Topcoder']['SSO']['TopcoderRS256']['ID'] =  getenv('TOPCODER_PLUGIN_SSO_TOPCODER_RS256_ID');
+$Configuration['Plugins']['Topcoder']['SSO']['TopcoderHS256']['ID'] =  getenv('TOPCODER_PLUGIN_SSO_TOPCODER_HS256_ID');
+$Configuration['Plugins']['Topcoder']['SSO']['TopcoderHS256']['Secret'] =  getenv('TOPCODER_HS256_SECRET');
+$Configuration['Plugins']['Topcoder']['SSO']['TopcoderRS256']['UsernameClaim'] =  'nickname';
+$Configuration['Plugins']['Topcoder']['SSO']['TopcoderHS256']['UsernameClaim'] =  'handle';
+$Configuration['Plugins']['Topcoder']['SSO']['RefreshTokenURL' ] = getenv('TOPCODER_PLUGIN_SSO_REFRESHTOKENURL');
+
+// Filestack
+$Configuration['Plugins']['Filestack']['ApiKey'] = getenv('FILESTACK_API_KEY');
+
+// SumoLogic
+$Configuration['Plugins']['Sumologic']['HttpSourceURL'] = '';
+$Configuration['Plugins']['Sumologic']['BatchSize'] = 10;
+
+
+// RichEditor
+$Configuration['RichEditor']['Quote']['Enable'] = true;
+
 // Routes
 $Configuration['Routes']['YXBwbGUtdG91Y2gtaWNvbi5wbmc='] = array (
     0 => 'utility/showtouchicon',
@@ -90,8 +132,18 @@
     1 => 'Internal',
 );
 $Configuration['Routes']['DefaultController'] = 'discussions';
+$Configuration['Routes']['XmZpbGVzdGFjaygvLiopPyQ='] = array (
+    0 => 'vanilla/filestack$1',
+    1 => 'Internal',
+);
 
 // Vanilla
+$Configuration['Vanilla']['SSO']['Debug'] = true;
+$Configuration['Vanilla']['Activity']['ShowDiscussionBody'] = true;
+$Configuration['Vanilla']['EnableCategoryFollowing'] = true;
 $Configuration['Vanilla']['Version'] = '3.0';
 
-// Last edited by admin (172.26.0.1) 2020-09-03 13:16:33
+// memcached
+$Configuration['memcached']['Store'] = getenv('MEMCACHED_SERVER');
+
+// Initial setup config

docker-compose.dev.yml

@@ -7,6 +7,8 @@ services:
       - 3306:3306
     env_file:
       - ./mysql.env
+    security_opt:
+      - seccomp:unconfined
     command: --default-authentication-plugin=mysql_native_password
   vanilla-forums:
     links:

vanilla/applications/dashboard/models/class.rolemodel.php

@@ -45,14 +45,18 @@ class RoleModel extends Gdn_Model {
         'Connect Manager' => [],
         'Connect Account Manager' => [],
         'Connect Copilot' => [
-            'Name' => ROLE_TOPCODER_CONNECT_COPILOT,
-            'Type' => ROLE_TYPE_TOPCODER,
-            'Garden.Uploads.Add' => 1
+           'Groups.Category.Manage' => 1,
+           'Groups.Moderation.Manage' => 1,
+           'Groups.EmailInvitations.Add' => 1
         ],
         'Connect Admin' => [
             // all permissions
         ],
-        'Connect Copilot Manager' => [],
+        'Connect Copilot Manager' => [
+           'Groups.Category.Manage' => 1,
+           'Groups.Moderation.Manage' => 1,
+           'Groups.EmailInvitations.Add' => 1
+        ],
         'Business Development Representative' => [],
         'Presales' => [],
         'Account Executive' => [],
@@ -63,11 +67,15 @@ class RoleModel extends Gdn_Model {
     ];
 
     const TOPCODER_PROJECT_ROLES = [
-        'manager' => [],
+        'manager' => [
+            'Groups.Category.Manage' => 1,
+            'Groups.Moderation.Manage' => 1,
+            'Groups.EmailInvitations.Add' => 1
+        ],
         'copilot' =>  [
-            'Name' => ROLE_TOPCODER_PROJECT_COPILOT,
-            'Type' => ROLE_TYPE_TOPCODER,
-            'Garden.Uploads.Add' => 1
+            'Groups.Category.Manage' => 1,
+            'Groups.Moderation.Manage' => 1,
+            'Groups.EmailInvitations.Add' => 1
         ],
         'customer' => [],
         'observer'=> [],

vanilla/applications/dashboard/settings/class.hooks.php

@@ -912,52 +912,57 @@ public function updateModel_afterStructure_handler($sender) {
         if (!$hasPermissions) {
             PermissionModel::resetAllRoles();
 
-            // TODO: refactor it
-            //create Topocder roles
-
             $RoleModel = new RoleModel();
             $PermissionModel = new PermissionModel();
             // Configure default permission for Topcoder roles
             $allRoles = $RoleModel->getByType(RoleModel::TYPE_TOPCODER)->resultArray();
-            foreach ($allRoles as $role) {
-                $allPermissions = $PermissionModel->getRolePermissions($role['RoleID']);
-                foreach ($allPermissions as $permission) {
-                    $roleName = $role['Name'];
-                    if (array_key_exists($roleName, RoleModel::TOPCODER_ROLES)) {
-                        if ($roleName == RoleModel::ROLE_TOPCODER_CONNECT_ADMIN || $roleName == RoleModel::ROLE_TOPCODER_ADMINISTRATOR) {
-                            foreach ($permission as $key => $value) {
-                                if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn'
-                                    && $key !== 'JunctionID') {
-                                    $permission[$key] = 1;
-                                }
-                            }
-                        } else {
-                            $globalRolePermissions = RoleModel::TOPCODER_ROLES[$roleName];
-                            foreach ($permission as $key => $value) {
-                                if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn'
-                                    && $key !== 'JunctionID') {
-                                    $permission[$key] = array_key_exists($key, $globalRolePermissions) ? $globalRolePermissions[$key] : $value;
-                                }
-                            }
+            $this->updateTopcoderRolePermissions($PermissionModel, $allRoles, RoleModel::TOPCODER_ROLES);
+            $this->updateTopcoderRolePermissions($PermissionModel, $allRoles, RoleModel::TOPCODER_PROJECT_ROLES);
+            $this->configureDefaultCategoryPermission($PermissionModel, $allRoles, RoleModel::TOPCODER_ROLES);
+
+        }
+    }
+    private function configureDefaultCategoryPermission($PermissionModel, $allRoles) {
+        foreach ($allRoles as $role) {
+            $allPermissions = $PermissionModel->getRolePermissions($role['RoleID'], '', 'Category', 'PermissionCategoryID', -1);
+            foreach ($allPermissions as $permission) {
+                $roleName = $role['Name'];
+                if ($roleName == RoleModel::ROLE_TOPCODER_CONNECT_ADMIN || $roleName == RoleModel::ROLE_TOPCODER_ADMINISTRATOR) {
+                    foreach ($permission as $key => $value) {
+                        if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn'
+                            && $key !== 'JunctionID') {
+                            $permission[$key] = 1;
                         }
                         $PermissionModel->save($permission);
                     }
                 }
             }
-            // Configure default category permission for Topcoder roles
-            foreach ($allRoles as $role) {
-                $allPermissions = $PermissionModel->getRolePermissions($role['RoleID'], '', 'Category', 'PermissionCategoryID', -1);
-                foreach ($allPermissions as $permission) {
-                    $roleName = $role['Name'];
+        }
+    }
+
+    private function updateTopcoderRolePermissions($PermissionModel, $allRoles, $topcoderRoles) {
+        foreach ($allRoles as $role) {
+            $allPermissions = $PermissionModel->getRolePermissions($role['RoleID']);
+            foreach ($allPermissions as $permission) {
+                $roleName = $role['Name'];
+                if (array_key_exists($roleName, $topcoderRoles)) {
                     if ($roleName == RoleModel::ROLE_TOPCODER_CONNECT_ADMIN || $roleName == RoleModel::ROLE_TOPCODER_ADMINISTRATOR) {
                         foreach ($permission as $key => $value) {
                             if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn'
                                 && $key !== 'JunctionID') {
                                 $permission[$key] = 1;
                             }
-                            $PermissionModel->save($permission);
+                        }
+                    } else {
+                        $globalRolePermissions = $topcoderRoles[$roleName];
+                        foreach ($permission as $key => $value) {
+                            if ($key != 'PermissionID' && $key != 'RoleID' && $key != 'JunctionTable' && $key != 'JunctionColumn'
+                                && $key !== 'JunctionID') {
+                                $permission[$key] = array_key_exists($key, $globalRolePermissions) ? $globalRolePermissions[$key] : $value;
+                            }
                         }
                     }
+                    $PermissionModel->save($permission);
                 }
             }
         }