Adding the remoteID migration, and making the synthetic user identification more robust

server/command_test.go

@@ -1368,7 +1368,7 @@ func TestExecutePromoteCommand(t *testing.T) {
 			params:      []string{"existing-user", "existing-user"},
 			setupAPI: func(api *plugintest.API) {
 				api.On("HasPermissionTo", testutils.GetUserID(), model.PermissionManageSystem).Return(true).Times(1)
-				api.On("GetUserByUsername", "existing-user").Return(&model.User{Id: "test", Username: "existing-user", RemoteId: model.NewString("test")}, nil).Once()
+				api.On("GetUserByUsername", "existing-user").Return(&model.User{Id: "test", Username: "existing-user", RemoteId: model.NewString("remote-id")}, nil).Once()
 				api.On("SendEphemeralPost", testutils.GetUserID(), testutils.GetEphemeralPost(p.userID, testutils.GetChannelID(), "Error: Unable to promote account existing-user, it is not a known msteams user account")).Return(testutils.GetPost(testutils.GetChannelID(), testutils.GetUserID(), time.Now().UnixMicro())).Once()
 			},
 			setupStore: func(s *mockStore.Store) {
@@ -1392,7 +1392,7 @@ func TestExecutePromoteCommand(t *testing.T) {
 			params:      []string{"valid-user", "new-user"},
 			setupAPI: func(api *plugintest.API) {
 				api.On("HasPermissionTo", testutils.GetUserID(), model.PermissionManageSystem).Return(true).Times(1)
-				api.On("GetUserByUsername", "valid-user").Return(&model.User{Id: "test", Username: "valid-user", RemoteId: model.NewString("test")}, nil).Once()
+				api.On("GetUserByUsername", "valid-user").Return(&model.User{Id: "test", Username: "valid-user", RemoteId: model.NewString("remote-id")}, nil).Once()
 				api.On("GetUserByUsername", "new-user").Return(&model.User{Id: "test2", Username: "new-user", RemoteId: nil}, nil).Once()
 				api.On("SendEphemeralPost", testutils.GetUserID(), testutils.GetEphemeralPost(p.userID, testutils.GetChannelID(), "Error: the promoted username already exists, please use a different username.")).Return(testutils.GetPost(testutils.GetChannelID(), testutils.GetUserID(), time.Now().UnixMicro())).Once()
 			},
@@ -1405,7 +1405,7 @@ func TestExecutePromoteCommand(t *testing.T) {
 			params:      []string{"valid-user", "new-user"},
 			setupAPI: func(api *plugintest.API) {
 				api.On("HasPermissionTo", testutils.GetUserID(), model.PermissionManageSystem).Return(true).Times(1)
-				api.On("GetUserByUsername", "valid-user").Return(&model.User{Id: "test", Username: "valid-user", RemoteId: model.NewString("test")}, nil).Once()
+				api.On("GetUserByUsername", "valid-user").Return(&model.User{Id: "test", Username: "valid-user", RemoteId: model.NewString("remote-id")}, nil).Once()
 				api.On("GetUserByUsername", "new-user").Return(nil, &model.AppError{}).Once()
 				api.On("UpdateUser", mock.Anything).Return(nil, &model.AppError{}).Once()
 				api.On("SendEphemeralPost", testutils.GetUserID(), testutils.GetEphemeralPost(p.userID, testutils.GetChannelID(), "Error: Unable to promote account valid-user")).Return(testutils.GetPost(testutils.GetChannelID(), testutils.GetUserID(), time.Now().UnixMicro())).Once()
@@ -1419,7 +1419,7 @@ func TestExecutePromoteCommand(t *testing.T) {
 			params:      []string{"valid-user", "new-user"},
 			setupAPI: func(api *plugintest.API) {
 				api.On("HasPermissionTo", testutils.GetUserID(), model.PermissionManageSystem).Return(true).Times(1)
-				api.On("GetUserByUsername", "valid-user").Return(&model.User{Id: "test", Username: "valid-user", RemoteId: model.NewString("test")}, nil).Once()
+				api.On("GetUserByUsername", "valid-user").Return(&model.User{Id: "test", Username: "valid-user", RemoteId: model.NewString("remote-id")}, nil).Once()
 				api.On("GetUserByUsername", "new-user").Return(nil, &model.AppError{}).Once()
 				api.On("UpdateUser", &model.User{Id: "test", Username: "new-user", RemoteId: nil}).Return(&model.User{Id: "test", Username: "new-user", RemoteId: nil}, nil).Once()
 				api.On("SendEphemeralPost", testutils.GetUserID(), testutils.GetEphemeralPost(p.userID, testutils.GetChannelID(), "Account valid-user has been promoted and updated the username to new-user")).Return(testutils.GetPost(testutils.GetChannelID(), testutils.GetUserID(), time.Now().UnixMicro())).Once()
@@ -1433,7 +1433,7 @@ func TestExecutePromoteCommand(t *testing.T) {
 			params:      []string{"valid-user", "valid-user"},
 			setupAPI: func(api *plugintest.API) {
 				api.On("HasPermissionTo", testutils.GetUserID(), model.PermissionManageSystem).Return(true).Times(1)
-				api.On("GetUserByUsername", "valid-user").Return(&model.User{Id: "test", Username: "valid-user", RemoteId: model.NewString("test")}, nil).Times(2)
+				api.On("GetUserByUsername", "valid-user").Return(&model.User{Id: "test", Username: "valid-user", RemoteId: model.NewString("remote-id")}, nil).Times(2)
 				api.On("UpdateUser", &model.User{Id: "test", Username: "valid-user", RemoteId: nil}).Return(&model.User{Id: "test", Username: "valid-user", RemoteId: nil}, nil).Times(1)
 				api.On("SendEphemeralPost", testutils.GetUserID(), testutils.GetEphemeralPost(p.userID, testutils.GetChannelID(), "Account valid-user has been promoted and updated the username to valid-user")).Return(testutils.GetPost(testutils.GetChannelID(), testutils.GetUserID(), time.Now().UnixMicro())).Once()
 			},

server/handlers/handlers.go

@@ -52,6 +52,7 @@ type PluginIface interface {
 	GenerateRandomPassword() string
 	ChatSpansPlatforms(channelID string) (bool, *model.AppError)
 	GetSelectiveSync() bool
+	IsRemoteUser(user *model.User) bool
 }
 
 type ActivityHandler struct {
@@ -596,7 +597,7 @@ func (ah *ActivityHandler) isRemoteUser(userID string) bool {
 		return false
 	}
 
-	return user.RemoteId != nil && *user.RemoteId != "" && strings.HasPrefix(user.Username, "msteams_")
+	return ah.plugin.IsRemoteUser(user)
 }
 
 func IsDirectMessage(chatID string) bool {

server/message_hooks.go

@@ -24,7 +24,7 @@ import (
 )
 
 func (p *Plugin) UserWillLogIn(_ *plugin.Context, user *model.User) string {
-	if user.RemoteId != nil && *user.RemoteId != "" && p.getConfiguration().AutomaticallyPromoteSyntheticUsers {
+	if p.IsRemoteUser(user) && p.getConfiguration().AutomaticallyPromoteSyntheticUsers {
 		*user.RemoteId = ""
 		if _, appErr := p.API.UpdateUser(user); appErr != nil {
 			p.API.LogWarn("Unable to promote synthetic user", "user_id", user.Id, "error", appErr.Error())

server/plugin.go

@@ -5,7 +5,6 @@ import (
 	"crypto/rand"
 	"crypto/rsa"
 	"crypto/x509"
-	"encoding/base32"
 	"encoding/base64"
 	"encoding/pem"
 	"fmt"
@@ -19,7 +18,6 @@ import (
 	"time"
 
 	"github.com/gosimple/slug"
-	"github.com/pborman/uuid"
 	"github.com/pkg/errors"
 	"golang.org/x/oauth2"
 
@@ -484,6 +482,22 @@ func (p *Plugin) onActivate() error {
 		return err
 	}
 
+	p.remoteID = "msteams"
+	if !p.getConfiguration().DisableSyncMsg {
+		remoteID, err := p.API.RegisterPluginForSharedChannels(model.RegisterPluginOpts{
+			Displayname:  pluginID,
+			PluginID:     pluginID,
+			CreatorID:    p.userID,
+			AutoShareDMs: true,
+			AutoInvited:  true,
+		})
+		if err != nil {
+			return err
+		}
+		p.remoteID = remoteID
+		p.API.LogInfo("Registered plugin for shared channels", "remote_id", p.remoteID)
+	}
+
 	if p.store == nil {
 		if p.apiClient.Store.DriverName() != model.DatabaseDriverPostgres {
 			return fmt.Errorf("unsupported database driver: %s", p.apiClient.Store.DriverName())
@@ -502,26 +516,12 @@ func (p *Plugin) onActivate() error {
 		)
 		p.store = timerlayer.New(store, p.GetMetrics())
 
-		if err = p.store.Init(); err != nil {
+		if err = p.store.Init(p.remoteID); err != nil {
 			return err
 		}
 	}
 
 	if !p.getConfiguration().DisableSyncMsg {
-		remoteID, err := p.API.RegisterPluginForSharedChannels(model.RegisterPluginOpts{
-			Displayname:  pluginID,
-			PluginID:     pluginID,
-			CreatorID:    p.userID,
-			AutoShareDMs: true,
-			AutoInvited:  true,
-		})
-		if err != nil {
-			return err
-		}
-		p.remoteID = remoteID
-
-		p.API.LogInfo("Registered plugin for shared channels", "remote_id", p.remoteID)
-
 		linkedChannels, err := p.store.ListChannelLinks()
 		if err != nil {
 			p.API.LogError("Failed to list channel links for shared channels", "error", err.Error())
@@ -662,7 +662,7 @@ func (p *Plugin) syncUsers() {
 				}
 			}
 
-			if isRemoteUser(mmUser) {
+			if p.IsRemoteUser(mmUser) {
 				if msUser.IsAccountEnabled {
 					// Activate the deactivated Mattermost user corresponding to the MS Teams user.
 					if mmUser.DeleteAt != 0 {
@@ -704,7 +704,7 @@ func (p *Plugin) syncUsers() {
 		if msUser.Type == msteamsUserTypeGuest {
 			// Check if syncing of MS Teams guest users is disabled.
 			if !syncGuestUsers {
-				if isUserPresent && isRemoteUser(mmUser) && mmUser.DeleteAt == 0 {
+				if isUserPresent && p.IsRemoteUser(mmUser) && mmUser.DeleteAt == 0 {
 					// Deactivate the Mattermost user corresponding to the MS Teams guest user.
 					p.API.LogInfo("Deactivating the guest user account", "user_id", mmUser.Id, "teams_user_id", msUser.ID)
 					if err := p.API.UpdateUserActive(mmUser.Id, false); err != nil {
@@ -718,13 +718,9 @@ func (p *Plugin) syncUsers() {
 
 		username := "msteams_" + slug.Make(msUser.DisplayName)
 		if !isUserPresent {
-			userUUID := uuid.Parse(msUser.ID)
-			encoding := base32.NewEncoding("ybndrfg8ejkmcpqxot1uwisza345h769").WithPadding(base32.NoPadding)
-			shortUserID := encoding.EncodeToString(userUUID)
-
 			newMMUser := &model.User{
 				Email:     msUser.Mail,
-				RemoteId:  &shortUserID,
+				RemoteId:  &p.remoteID,
 				FirstName: msUser.DisplayName,
 				Username:  username,
 			}
@@ -777,7 +773,7 @@ func (p *Plugin) syncUsers() {
 			if err = p.store.SetUserInfo(newUser.Id, msUser.ID, nil); err != nil {
 				p.API.LogWarn("Unable to set user info during sync user job", "user_id", newUser.Id, "teams_user_id", msUser.ID, "error", err.Error())
 			}
-		} else if mmUser.RemoteId != nil {
+		} else if p.IsRemoteUser(mmUser) {
 			shouldUpdate := false
 			if !strings.HasPrefix(mmUser.Username, "msteams_") && username != mmUser.Username {
 				mmUser.Username = username
@@ -848,9 +844,9 @@ func getRandomString(characterSet string, length int) string {
 	return randomString.String()
 }
 
-// isRemoteUser returns true if the given user is a remote user managed by this plugin.
-func isRemoteUser(user *model.User) bool {
-	return user.RemoteId != nil && *user.RemoteId != "" && strings.HasPrefix(user.Username, "msteams_")
+// IsRemoteUser returns true if the given user is a remote user managed by this plugin.
+func (p *Plugin) IsRemoteUser(user *model.User) bool {
+	return user.RemoteId != nil && *user.RemoteId == p.remoteID
 }
 
 func (p *Plugin) updateMetrics() {

server/plugin_test.go

@@ -44,6 +44,7 @@ func newTestPlugin(t *testing.T) *Plugin {
 		clientBuilderWithToken: func(redirectURL, tenantID, clientId, clientSecret string, token *oauth2.Token, apiClient *pluginapi.LogService) msteams.Client {
 			return clientMock
 		},
+		remoteID: "remote-id",
 	}
 	plugin.store.(*storemocks.Store).On("Shutdown").Return(nil)
 	plugin.store.(*storemocks.Store).Test(t)

server/selective_sync.go

@@ -28,7 +28,7 @@ func (p *Plugin) ChatMembersSpanPlatforms(members model.ChannelMembers) (bool, *
 			return false, appErr
 		}
 
-		if isRemoteUser(user) {
+		if p.IsRemoteUser(user) {
 			// Synthetic users are always remote.
 			atLeastOneRemoteUser = true
 		} else if p.getAutomuteIsEnabledForUser(user.Id) {

server/selective_sync_test.go

@@ -20,6 +20,7 @@ func setupPlugin(t *testing.T) *Plugin {
 	t.Helper()
 
 	p := &Plugin{}
+	p.remoteID = "remote-id"
 
 	ctx, cancel := context.WithCancel(context.Background())
 	t.Cleanup(cancel)
@@ -122,11 +123,11 @@ func TestChatSpansPlatforms(t *testing.T) {
 
 		var appErr *model.AppError
 
-		user1.RemoteId = model.NewString(model.NewId())
+		user1.RemoteId = model.NewString("remote-id")
 		user1, appErr = p.API.UpdateUser(user1)
 		require.Nil(t, appErr)
 
-		user2.RemoteId = model.NewString(model.NewId())
+		user2.RemoteId = model.NewString("remote-id")
 		user2, appErr = p.API.UpdateUser(user2)
 		require.Nil(t, appErr)
 
@@ -145,7 +146,7 @@ func TestChatSpansPlatforms(t *testing.T) {
 
 		var appErr *model.AppError
 
-		user1.RemoteId = model.NewString(model.NewId())
+		user1.RemoteId = model.NewString("remote-id")
 		user1, appErr = p.API.UpdateUser(user1)
 		require.Nil(t, appErr)
 
@@ -196,15 +197,15 @@ func TestChatSpansPlatforms(t *testing.T) {
 
 		var appErr *model.AppError
 
-		user1.RemoteId = model.NewString(model.NewId())
+		user1.RemoteId = model.NewString("remote-id")
 		user1, appErr = p.API.UpdateUser(user1)
 		require.Nil(t, appErr)
 
-		user2.RemoteId = model.NewString(model.NewId())
+		user2.RemoteId = model.NewString("remote-id")
 		user2, appErr = p.API.UpdateUser(user2)
 		require.Nil(t, appErr)
 
-		user3.RemoteId = model.NewString(model.NewId())
+		user3.RemoteId = model.NewString("remote-id")
 		user3, appErr = p.API.UpdateUser(user3)
 		require.Nil(t, appErr)
 
@@ -224,11 +225,11 @@ func TestChatSpansPlatforms(t *testing.T) {
 
 		var appErr *model.AppError
 
-		user1.RemoteId = model.NewString(model.NewId())
+		user1.RemoteId = model.NewString("remote-id")
 		user1, appErr = p.API.UpdateUser(user1)
 		require.Nil(t, appErr)
 
-		user3.RemoteId = model.NewString(model.NewId())
+		user3.RemoteId = model.NewString("remote-id")
 		user3, appErr = p.API.UpdateUser(user3)
 		require.Nil(t, appErr)
 
@@ -296,11 +297,11 @@ func TestChatMembersSpanPlatforms(t *testing.T) {
 
 		var appErr *model.AppError
 
-		user1.RemoteId = model.NewString(model.NewId())
+		user1.RemoteId = model.NewString("remote-id")
 		user1, appErr = p.API.UpdateUser(user1)
 		require.Nil(t, appErr)
 
-		user2.RemoteId = model.NewString(model.NewId())
+		user2.RemoteId = model.NewString("remote-id")
 		user2, appErr = p.API.UpdateUser(user2)
 		require.Nil(t, appErr)
 
@@ -319,7 +320,7 @@ func TestChatMembersSpanPlatforms(t *testing.T) {
 
 		var appErr *model.AppError
 
-		user1.RemoteId = model.NewString(model.NewId())
+		user1.RemoteId = model.NewString("remote-id")
 		user1, appErr = p.API.UpdateUser(user1)
 		require.Nil(t, appErr)
 
@@ -374,15 +375,15 @@ func TestChatMembersSpanPlatforms(t *testing.T) {
 
 		var appErr *model.AppError
 
-		user1.RemoteId = model.NewString(model.NewId())
+		user1.RemoteId = model.NewString("remote-id")
 		user1, appErr = p.API.UpdateUser(user1)
 		require.Nil(t, appErr)
 
-		user2.RemoteId = model.NewString(model.NewId())
+		user2.RemoteId = model.NewString("remote-id")
 		user2, appErr = p.API.UpdateUser(user2)
 		require.Nil(t, appErr)
 
-		user3.RemoteId = model.NewString(model.NewId())
+		user3.RemoteId = model.NewString("remote-id")
 		user3, appErr = p.API.UpdateUser(user3)
 		require.Nil(t, appErr)
 
@@ -403,11 +404,11 @@ func TestChatMembersSpanPlatforms(t *testing.T) {
 
 		var appErr *model.AppError
 
-		user1.RemoteId = model.NewString(model.NewId())
+		user1.RemoteId = model.NewString("remote-id")
 		user1, appErr = p.API.UpdateUser(user1)
 		require.Nil(t, appErr)
 
-		user3.RemoteId = model.NewString(model.NewId())
+		user3.RemoteId = model.NewString("remote-id")
 		user3, appErr = p.API.UpdateUser(user3)
 		require.Nil(t, appErr)
 

server/store/sqlstore/store.go

@@ -99,7 +99,7 @@
 	return nil
 }
 
-func (s *SQLStore) Init() error {
+func (s *SQLStore) Init(remoteID string) error {
 	if err := s.createTable(subscriptionsTableName, "subscriptionID VARCHAR(255) PRIMARY KEY, type VARCHAR(255), msTeamsTeamID VARCHAR(255), msTeamsChannelID VARCHAR(255), msTeamsUserID VARCHAR(255), secret VARCHAR(255), expiresOn BIGINT"); err != nil {
 		return err
 	}
@@ -144,7 +144,11 @@
 		return err
 	}
 
-	return s.createTable(whitelistedUsersTableName, "mmUserID VARCHAR(255) PRIMARY KEY")
+	if err := s.createTable(whitelistedUsersTableName, "mmUserID VARCHAR(255) PRIMARY KEY"); err != nil {
+		return err
+	}
+
+	return s.runMigrationRemoteID(remoteID)
 }
 
 func (s *SQLStore) ListChannelLinksWithNames() ([]*storemodels.ChannelLink, error) {

server/store/store.go

@@ -10,7 +10,7 @@ import (
 )
 
 type Store interface {
-	Init() error
+	Init(remoteID string) error
 	GetLinkByChannelID(channelID string) (*storemodels.ChannelLink, error)
 	ListChannelLinks() ([]storemodels.ChannelLink, error)
 	ListChannelLinksWithNames() ([]*storemodels.ChannelLink, error)