diff options
| author | Joram Wilander <jwawilander@gmail.com> | 2017-12-01 08:21:44 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-12-01 08:21:44 -0500 |
| commit | 239e8df3f4e94e71c08863fbaca72172c594fa22 (patch) | |
| tree | 7ce70e4a8e3977565dff89723e83b3d4563102ca | |
| parent | 965a1bf7847d717683377521f5e77adb590851cf (diff) | |
| download | chat-239e8df3f4e94e71c08863fbaca72172c594fa22.tar.gz chat-239e8df3f4e94e71c08863fbaca72172c594fa22.tar.bz2 chat-239e8df3f4e94e71c08863fbaca72172c594fa22.zip | |
Fix oauth app update (#7913)
| -rw-r--r-- | api4/oauth.go | 2 | ||||
| -rw-r--r-- | api4/oauth_test.go | 7 |
2 files changed, 8 insertions, 1 deletions
diff --git a/api4/oauth.go b/api4/oauth.go index b11a070e4..b54a43832 100644 --- a/api4/oauth.go +++ b/api4/oauth.go @@ -100,7 +100,7 @@ func updateOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) { return } - if c.Session.UserId != oauthApp.CreatorId && !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) { + if c.Session.UserId != oldOauthApp.CreatorId && !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) { c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) return } diff --git a/api4/oauth_test.go b/api4/oauth_test.go index 8658e86e9..8dd602456 100644 --- a/api4/oauth_test.go +++ b/api4/oauth_test.go @@ -164,6 +164,13 @@ func TestUpdateOAuthApp(t *testing.T) { t.Fatal("IsTrusted should have updated") } + th.LoginBasic2() + updatedApp.CreatorId = th.BasicUser2.Id + _, resp = Client.UpdateOAuthApp(oapp) + CheckForbiddenStatus(t, resp) + + th.LoginBasic() + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) th.App.SetDefaultRolesBasedOnConfig() _, resp = Client.UpdateOAuthApp(oapp) |