msb-public
/
Open-IM-Server
mirror of https://github.com/OpenIMSDK/Open-IM-Server
2
0
Code Issues Projects Releases Wiki Activity

Merge branch 'openimsdk:main' into main

Browse Source
pull/2712/head
chao 12 months ago committed by GitHub
parent 127204881f 49c8440d50
commit 122bf667df
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
12 changed files with 179 additions and 58 deletions
Show Stats Download Patch File Download Diff File

8
.env
Unescape View File

@ -8,12 +8,12 @@ PROMETHEUS_IMAGE=prom/prometheus:v2.45.6
ALERTMANAGER_IMAGE=prom/alertmanager:v0.27.0
GRAFANA_IMAGE=grafana/grafana:11.0.1
OPENIM_WEB_FRONT_IMAGE=openim/openim-web-front:release-v3.8.0
OPENIM_ADMIN_FRONT_IMAGE=openim/openim-admin-front:release-v1.8.0
OPENIM_WEB_FRONT_IMAGE=openim/openim-web-front:release-v3.8.1
OPENIM_ADMIN_FRONT_IMAGE=openim/openim-admin-front:release-v1.8.2
#FRONT_IMAGE: use aliyun images
#OPENIM_WEB_FRONT_IMAGE=registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-web-front:release-v3.5.1
#OPENIM_ADMIN_FRONT_IMAGE=registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-admin-front:release-v1.7
#OPENIM_WEB_FRONT_IMAGE=registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-web-front:release-v3.8.1
#OPENIM_ADMIN_FRONT_IMAGE=registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-admin-front:release-v1.8.2
DATA_DIR=./

89
.github/workflows/publish-docker-image.yml vendored
Unescape View File

@ -4,6 +4,8 @@ on:
push:
branches:
- release-*
# tags:
# - 'v*'
release:
types: [published]
@ -15,11 +17,8 @@ on:
required: true
default: "v3.8.0"
# env:
# GO_VERSION: "1.21"
jobs:
publish-docker-images:
build-and-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@ -28,16 +27,22 @@ jobs:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push Docker image
- name: Build Docker image
id: build
uses: docker/build-push-action@v5
with:
context: ./main-repo
load: true
tags: "openim/openim-server:local"
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Save Docker image to file
run: docker save -o image.tar openim/openim-server:local
- name: Checkout compose repository
uses: actions/checkout@v4
@ -63,38 +68,39 @@ jobs:
docker compose up -d
sleep 60
- name: Check openim-server health
run: |
timeout=300
interval=30
elapsed=0
while [[ $elapsed -le $timeout ]]; do
if ! docker exec openim-server mage check; then
echo "openim-server is not ready, waiting..."
sleep $interval
elapsed=$(($elapsed + $interval))
else
echo "Health check successful"
exit 0
fi
done
echo "Health check failed after 5 minutes"
exit 1
- name: Check openim-chat health
if: success()
run: |
if ! docker exec openim-chat mage check; then
echo "openim-chat check failed"
exit 1
else
echo "Health check successful"
exit 0
fi
- name: Extract metadata for Docker # (tags, labels)
if: success()
# - name: Check openim-server health
# run: |
# timeout=300
# interval=30
# elapsed=0
# while [[ $elapsed -le $timeout ]]; do
# if ! docker exec openim-server mage check; then
# echo "openim-server is not ready, waiting..."
# sleep $interval
# elapsed=$(($elapsed + $interval))
# else
# echo "Health check successful"
# exit 0
# fi
# done
# echo "Health check failed after 5 minutes"
# exit 1
# - name: Check openim-chat health
# if: success()
# run: |
# if ! docker exec openim-chat mage check; then
# echo "openim-chat check failed"
# exit 1
# else
# echo "Health check successful"
# exit 0
# fi
- name: Load Docker image from file
run: docker load -i image.tar
- name: Extract metadata for Docker (tags, labels)
id: meta
uses: docker/metadata-action@v5.5.1
with:
@ -102,18 +108,17 @@ jobs:
openim/openim-server
ghcr.io/openimsdk/openim-server
registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-server
# generate Docker tags based on the following events/attributes
tags: |
type=ref,event=tag
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern=v{{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=semver,pattern=release-{{raw}}
type=sha
type=raw,value=${{ github.event.inputs.tag }}
- name: Log in to Docker Hub
uses: docker/login-action@v2
@ -135,7 +140,7 @@ jobs:
username: ${{ secrets.ALIREGISTRY_USERNAME }}
password: ${{ secrets.ALIREGISTRY_TOKEN }}
- name: Build and push Docker images
- name: Push Docker images
uses: docker/build-push-action@v5
with:
context: ./main-repo

2
Dockerfile
Unescape View File

@ -1,5 +1,5 @@
# Use Go 1.21 Alpine as the base image for building the application
FROM golang:1.21-alpine as builder
FROM golang:1.21-alpine AS builder
# Define the base directory for the application as an environment variable
ENV SERVER_DIR=/openim-server

24
config/webhooks.yml
Unescape View File

@ -1,8 +1,18 @@
url: webhook://127.0.0.1:10008/callbackExample
url: http://127.0.0.1:10006/callbackExample
beforeSendSingleMsg:
enable: false
timeout: 5
failedContinue: true
# Only the contentType in allowedTypes will send the callback.
# Supports two formats: a single type or a range. The range is defined by the lower and upper bounds connected with a hyphen ("-").
# e.g. allowedTypes: [1, 100, 200-500, 600-700] means that only contentType within the range
# {1, 100} [200, 500] [600, 700] will be allowed through the filter.
# If not set, all contentType messages will through this filter.
allowedTypes: []
# Only the contentType not in deniedTypes will send the callback.
# Supports two formats, same as allowedTypes.
# If not set, all contentType messages will through this filter.
deniedTypes: []
beforeUpdateUserInfoEx:
enable: false
timeout: 5
@ -16,17 +26,29 @@ afterSendSingleMsg:
# Only the senID/recvID specified in attentionIds will send the callback
# if not set, all user messages will be callback
attentionIds: []
# See beforeSendSingleMsg comment.
allowedTypes: []
deniedTypes: []
beforeSendGroupMsg:
enable: false
timeout: 5
failedContinue: true
# See beforeSendSingleMsg comment.
allowedTypes: []
deniedTypes: []
beforeMsgModify:
enable: false
timeout: 5
failedContinue: true
# See beforeSendSingleMsg comment.
allowedTypes: []
deniedTypes: []
afterSendGroupMsg:
enable: false
timeout: 5
# See beforeSendSingleMsg comment.
allowedTypes: []
deniedTypes: []
afterUserOnline:
enable: false
timeout: 5

2
go.mod
Unescape View File

@ -13,7 +13,7 @@ require (
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
github.com/mitchellh/mapstructure v1.5.0
github.com/openimsdk/protocol v0.0.72
github.com/openimsdk/tools v0.0.50-alpha.15
github.com/openimsdk/tools v0.0.50-alpha.16
github.com/pkg/errors v0.9.1 // indirect
github.com/prometheus/client_golang v1.18.0
github.com/stretchr/testify v1.9.0

4
go.sum
Unescape View File

@ -321,8 +321,8 @@ github.com/openimsdk/gomake v0.0.14-alpha.5 h1:VY9c5x515lTfmdhhPjMvR3BBRrRquAUCF
github.com/openimsdk/gomake v0.0.14-alpha.5/go.mod h1:PndCozNc2IsQIciyn9mvEblYWZwJmAI+06z94EY+csI=
github.com/openimsdk/protocol v0.0.72 h1:K+vslwaR7lDXyBzb07UuEQITaqsgighz7NyXVIWsu6A=
github.com/openimsdk/protocol v0.0.72/go.mod h1:OZQA9FR55lseYoN2Ql1XAHYKHJGu7OMNkUbuekrKCM8=
github.com/openimsdk/tools v0.0.50-alpha.15 h1:HV9aKZ4vvCZCGG4wFDsgUONkkdJeCcrFNn3BT52nUVQ=
github.com/openimsdk/tools v0.0.50-alpha.15/go.mod h1:h1cYmfyaVtgFbKmb1Cfsl8XwUOMTt8ubVUQrdGtsUh4=
github.com/openimsdk/tools v0.0.50-alpha.16 h1:bC1AQvJMuOHtZm8LZRvN8L5mH1Ws2VYdL+TLTs1iGSc=
github.com/openimsdk/tools v0.0.50-alpha.16/go.mod h1:h1cYmfyaVtgFbKmb1Cfsl8XwUOMTt8ubVUQrdGtsUh4=
github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs=
github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ=

1
internal/rpc/group/group.go
Unescape View File

@ -1764,6 +1764,7 @@ func (g *groupServer) GetSpecifiedUserGroupRequestInfo(ctx context.Context, req
}
adminIDs = append(adminIDs, owners[0].UserID)
adminIDs = append(adminIDs, g.config.Share.IMAdminUserID...)
if !datautil.Contain(req.UserID, adminIDs...) {
return nil, errs.ErrNoPermission.WrapMsg("opUser no permission")

16
internal/rpc/msg/callback.go
Unescape View File

@ -67,6 +67,9 @@ func (m *msgServer) webhookBeforeSendSingleMsg(ctx context.Context, before *conf
if msg.MsgData.ContentType == constant.Typing {
return nil
}
if !filterBeforeMsg(msg, before) {
return nil
}
cbReq := &cbapi.CallbackBeforeSendSingleMsgReq{
CommonCallbackReq: toCommonCallback(ctx, msg, cbapi.CallbackBeforeSendSingleMsgCommand),
RecvID: msg.MsgData.RecvID,
@ -84,9 +87,7 @@ func (m *msgServer) webhookAfterSendSingleMsg(ctx context.Context, after *config
if msg.MsgData.ContentType == constant.Typing {
return
}
// According to the attentionIds configuration, only some users are sent
attentionIds := after.AttentionIds
if attentionIds != nil && !datautil.Contain(msg.MsgData.RecvID, attentionIds...) && !datautil.Contain(msg.MsgData.SendID, attentionIds...) {
if !filterAfterMsg(msg, after) {
return
}
cbReq := &cbapi.CallbackAfterSendSingleMsgReq{
@ -98,6 +99,9 @@ func (m *msgServer) webhookAfterSendSingleMsg(ctx context.Context, after *config
func (m *msgServer) webhookBeforeSendGroupMsg(ctx context.Context, before *config.BeforeConfig, msg *pbchat.SendMsgReq) error {
return webhook.WithCondition(ctx, before, func(ctx context.Context) error {
if !filterBeforeMsg(msg, before) {
return nil
}
if msg.MsgData.ContentType == constant.Typing {
return nil
}
@ -117,6 +121,9 @@ func (m *msgServer) webhookAfterSendGroupMsg(ctx context.Context, after *config.
if msg.MsgData.ContentType == constant.Typing {
return
}
if !filterAfterMsg(msg, after) {
return
}
cbReq := &cbapi.CallbackAfterSendGroupMsgReq{
CommonCallbackReq: toCommonCallback(ctx, msg, cbapi.CallbackAfterSendGroupMsgCommand),
GroupID: msg.MsgData.GroupID,
@ -129,6 +136,9 @@ func (m *msgServer) webhookBeforeMsgModify(ctx context.Context, before *config.B
if msg.MsgData.ContentType != constant.Text {
return nil
}
if !filterBeforeMsg(msg, before) {
return nil
}
cbReq := &cbapi.CallbackMsgModifyCommandReq{
CommonCallbackReq: toCommonCallback(ctx, msg, cbapi.CallbackBeforeMsgModifyCommand),
}

67
internal/rpc/msg/filter.go
Unescape View File

@ -0,0 +1,67 @@
package msg
import (
"github.com/openimsdk/open-im-server/v3/pkg/common/config"
pbchat "github.com/openimsdk/protocol/msg"
"github.com/openimsdk/tools/utils/datautil"
"strconv"
"strings"
)
const (
separator = "-"
)
func filterAfterMsg(msg *pbchat.SendMsgReq, after *config.AfterConfig) bool {
return filterMsg(msg, after.AttentionIds, after.AllowedTypes, after.DeniedTypes)
}
func filterBeforeMsg(msg *pbchat.SendMsgReq, before *config.BeforeConfig) bool {
return filterMsg(msg, nil, before.AllowedTypes, before.DeniedTypes)
}
func filterMsg(msg *pbchat.SendMsgReq, attentionIds, allowedTypes, deniedTypes []string) bool {
// According to the attentionIds configuration, only some users are sent
if len(attentionIds) != 0 && !datautil.Contains([]string{msg.MsgData.SendID, msg.MsgData.RecvID}, attentionIds...) {
return false
}
if len(allowedTypes) != 0 && !isInInterval(msg.MsgData.ContentType, allowedTypes) {
return false
}
if len(deniedTypes) != 0 && isInInterval(msg.MsgData.ContentType, deniedTypes) {
return false
}
return true
}
func isInInterval(contentType int32, interval []string) bool {
for _, v := range interval {
if strings.Contains(v, separator) {
// is interval
bounds := strings.Split(v, separator)
if len(bounds) != 2 {
continue
}
bottom, err := strconv.Atoi(bounds[0])
if err != nil {
continue
}
top, err := strconv.Atoi(bounds[1])
if err != nil {
continue
}
if datautil.BetweenEq(int(contentType), bottom, top) {
return true
}
} else {
iv, err := strconv.Atoi(v)
if err != nil {
continue
}
if int(contentType) == iv {
return true
}
}
}
return false
}

10
pkg/common/config/config.go
Unescape View File

@ -345,15 +345,19 @@ type Redis struct {
}
type BeforeConfig struct {
Enable bool `mapstructure:"enable"`
Timeout int `mapstructure:"timeout"`
FailedContinue bool `mapstructure:"failedContinue"`
Enable bool `mapstructure:"enable"`
Timeout int `mapstructure:"timeout"`
FailedContinue bool `mapstructure:"failedContinue"`
AllowedTypes []string `mapstructure:"allowedTypes"`
DeniedTypes []string `mapstructure:"deniedTypes"`
}
type AfterConfig struct {
Enable bool `mapstructure:"enable"`
Timeout int `mapstructure:"timeout"`
AttentionIds []string `mapstructure:"attentionIds"`
AllowedTypes []string `mapstructure:"allowedTypes"`
DeniedTypes []string `mapstructure:"deniedTypes"`
}
type Share struct {

12
pkg/common/storage/controller/auth.go
Unescape View File

@ -16,6 +16,7 @@ package controller
import (
"context"
"github.com/openimsdk/tools/log"
"github.com/golang-jwt/jwt/v4"
"github.com/openimsdk/open-im-server/v3/pkg/authverify"
@ -77,12 +78,23 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
return "", err
}
}
const adminTokenMaxNum = 30
if platformID == constant.AdminPlatformID {
if len(kickedTokenKey) > adminTokenMaxNum {
kickedTokenKey = kickedTokenKey[:len(kickedTokenKey)-adminTokenMaxNum]
} else {
kickedTokenKey = nil
}
}
if len(kickedTokenKey) != 0 {
for _, k := range kickedTokenKey {
err := a.cache.SetTokenFlagEx(ctx, userID, platformID, k, constant.KickedToken)
if err != nil {
return "", err
}
log.ZDebug(ctx, "kicked token in create token", "token", k)
}
}

2
version/version
Unescape View File

@ -1 +1 @@
3.8.0
3.8.1
Write Preview
Loading…
Cancel
Save