APIv4 GET /users/{user_id}/posts/flagged (#5984)

* APIv4 GET /users/{user_id}/posts/flagged

* change permission check

9 files changed, 433 insertions, 5 deletions

diff --git a/api4/api.go b/api4/api.go
index dffed60e4..ea46c8ee5 100644
--- a/api4/api.go
+++ b/api4/api.go
@@ -47,6 +47,7 @@ type Routes struct {
 	Posts           *mux.Router // 'api/v4/posts'
 	Post            *mux.Router // 'api/v4/posts/{post_id:[A-Za-z0-9]+}'
 	PostsForChannel *mux.Router // 'api/v4/channels/{channel_id:[A-Za-z0-9]+}/posts'
+	PostsForUser    *mux.Router // 'api/v4/users/{user_id:[A-Za-z0-9]+}/posts'
 
 	Files *mux.Router // 'api/v4/files'
 	File  *mux.Router // 'api/v4/files/{file_id:[A-Za-z0-9]+}'
@@ -126,6 +127,7 @@ func InitApi(full bool) {
 	BaseRoutes.Posts = BaseRoutes.ApiRoot.PathPrefix("/posts").Subrouter()
 	BaseRoutes.Post = BaseRoutes.Posts.PathPrefix("/{post_id:[A-Za-z0-9]+}").Subrouter()
 	BaseRoutes.PostsForChannel = BaseRoutes.Channel.PathPrefix("/posts").Subrouter()
+	BaseRoutes.PostsForUser = BaseRoutes.User.PathPrefix("/posts").Subrouter()
 
 	BaseRoutes.Files = BaseRoutes.ApiRoot.PathPrefix("/files").Subrouter()
 	BaseRoutes.File = BaseRoutes.Files.PathPrefix("/{file_id:[A-Za-z0-9]+}").Subrouter()
diff --git a/api4/post.go b/api4/post.go
index 5cbfeae92..3493945c9 100644
--- a/api4/post.go
+++ b/api4/post.go
@@ -22,6 +22,7 @@ func InitPost() {
 	BaseRoutes.Post.Handle("/thread", ApiSessionRequired(getPostThread)).Methods("GET")
 	BaseRoutes.Post.Handle("/files/info", ApiSessionRequired(getFileInfosForPost)).Methods("GET")
 	BaseRoutes.PostsForChannel.Handle("", ApiSessionRequired(getPostsForChannel)).Methods("GET")
+	BaseRoutes.PostsForUser.Handle("/flagged", ApiSessionRequired(getFlaggedPostsForUser)).Methods("GET")
 
 	BaseRoutes.Team.Handle("/posts/search", ApiSessionRequired(searchPosts)).Methods("POST")
 	BaseRoutes.Post.Handle("", ApiSessionRequired(updatePost)).Methods("PUT")
@@ -127,6 +128,39 @@ func getPostsForChannel(c *Context, w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(list.ToJson()))
 }
 
+func getFlaggedPostsForUser(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireUserId()
+	if c.Err != nil {
+		return
+	}
+
+	if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+		c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+		return
+	}
+
+	channelId := r.URL.Query().Get("in_channel")
+	teamId := r.URL.Query().Get("in_team")
+
+	var posts *model.PostList
+	var err *model.AppError
+
+	if len(channelId) > 0 {
+		posts, err = app.GetFlaggedPostsForChannel(c.Params.UserId, channelId, c.Params.Page, c.Params.PerPage)
+	} else if len(teamId) > 0 {
+		posts, err = app.GetFlaggedPostsForTeam(c.Params.UserId, teamId, c.Params.Page, c.Params.PerPage)
+	} else {
+		posts, err = app.GetFlaggedPosts(c.Params.UserId, c.Params.Page, c.Params.PerPage)
+	}
+
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	w.Write([]byte(posts.ToJson()))
+}
+
 func getPost(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequirePostId()
 	if c.Err != nil {
diff --git a/api4/post_test.go b/api4/post_test.go
index e5c72ae9e..4a86e9f18 100644
--- a/api4/post_test.go
+++ b/api4/post_test.go
@@ -459,6 +459,187 @@ func TestGetPostsForChannel(t *testing.T) {
 	CheckNoError(t, resp)
 }
 
+func TestGetFlaggedPostsForUser(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+	user := th.BasicUser
+	team1 := th.BasicTeam
+	channel1 := th.BasicChannel
+	post1 := th.CreatePost()
+	channel2 := th.CreatePublicChannel()
+	post2 := th.CreatePostWithClient(Client, channel2)
+
+	preference := model.Preference{
+		UserId:   user.Id,
+		Category: model.PREFERENCE_CATEGORY_FLAGGED_POST,
+		Name:     post1.Id,
+		Value:    "true",
+	}
+	Client.UpdatePreferences(user.Id, &model.Preferences{preference})
+	preference.Name = post2.Id
+	Client.UpdatePreferences(user.Id, &model.Preferences{preference})
+
+	opl := model.NewPostList()
+	opl.AddPost(post1)
+	opl.AddOrder(post1.Id)
+
+	rpl, resp := Client.GetFlaggedPostsForUserInChannel(user.Id, channel1.Id, 0, 10)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 1 {
+		t.Fatal("should have returned 1 post")
+	}
+
+	if !reflect.DeepEqual(rpl.Posts, opl.Posts) {
+		t.Fatal("posts should have matched")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInChannel(user.Id, channel1.Id, 0, 1)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 1 {
+		t.Fatal("should have returned 1 post")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInChannel(user.Id, channel1.Id, 1, 1)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 0 {
+		t.Fatal("should be empty")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInChannel(user.Id, GenerateTestId(), 0, 10)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 0 {
+		t.Fatal("should be empty")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInChannel(user.Id, "junk", 0, 10)
+	CheckBadRequestStatus(t, resp)
+
+	if rpl != nil {
+		t.Fatal("should be nil")
+	}
+
+	opl.AddPost(post2)
+	opl.AddOrder(post2.Id)
+
+	rpl, resp = Client.GetFlaggedPostsForUserInTeam(user.Id, team1.Id, 0, 10)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 2 {
+		t.Fatal("should have returned 2 posts")
+	}
+
+	if !reflect.DeepEqual(rpl.Posts, opl.Posts) {
+		t.Fatal("posts should have matched")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInTeam(user.Id, team1.Id, 0, 1)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 1 {
+		t.Fatal("should have returned 1 post")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInTeam(user.Id, team1.Id, 1, 1)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 1 {
+		t.Fatal("should have returned 1 post")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInTeam(user.Id, team1.Id, 1000, 10)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 0 {
+		t.Fatal("should be empty")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInTeam(user.Id, GenerateTestId(), 0, 10)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 0 {
+		t.Fatal("should be empty")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUserInTeam(user.Id, "junk", 0, 10)
+	CheckBadRequestStatus(t, resp)
+
+	if rpl != nil {
+		t.Fatal("should be nil")
+	}
+
+	channel3 := th.CreatePrivateChannel()
+	post4 := th.CreatePostWithClient(Client, channel3)
+
+	preference.Name = post4.Id
+	Client.UpdatePreferences(user.Id, &model.Preferences{preference})
+
+	opl.AddPost(post4)
+	opl.AddOrder(post4.Id)
+
+	rpl, resp = Client.GetFlaggedPostsForUser(user.Id, 0, 10)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 3 {
+		t.Fatal("should have returned 3 posts")
+	}
+
+	if !reflect.DeepEqual(rpl.Posts, opl.Posts) {
+		t.Fatal("posts should have matched")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUser(user.Id, 0, 2)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 2 {
+		t.Fatal("should have returned 2 posts")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUser(user.Id, 2, 2)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 1 {
+		t.Fatal("should have returned 1 post")
+	}
+
+	rpl, resp = Client.GetFlaggedPostsForUser(user.Id, 1000, 10)
+	CheckNoError(t, resp)
+
+	if len(rpl.Posts) != 0 {
+		t.Fatal("should be empty")
+	}
+
+	_, resp = Client.GetFlaggedPostsForUser("junk", 0, 10)
+	CheckBadRequestStatus(t, resp)
+
+	_, resp = Client.GetFlaggedPostsForUser(GenerateTestId(), 0, 10)
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+
+	rpl, resp = Client.GetFlaggedPostsForUserInChannel(user.Id, channel1.Id, 0, 10)
+	CheckUnauthorizedStatus(t, resp)
+
+	rpl, resp = Client.GetFlaggedPostsForUserInTeam(user.Id, team1.Id, 0, 10)
+	CheckUnauthorizedStatus(t, resp)
+
+	rpl, resp = Client.GetFlaggedPostsForUser(user.Id, 0, 10)
+	CheckUnauthorizedStatus(t, resp)
+
+	rpl, resp = th.SystemAdminClient.GetFlaggedPostsForUserInChannel(user.Id, channel1.Id, 0, 10)
+	CheckNoError(t, resp)
+
+	rpl, resp = th.SystemAdminClient.GetFlaggedPostsForUserInTeam(user.Id, team1.Id, 0, 10)
+	CheckNoError(t, resp)
+
+	rpl, resp = th.SystemAdminClient.GetFlaggedPostsForUser(user.Id, 0, 10)
+	CheckNoError(t, resp)
+}
+
 func TestGetPostsAfterAndBefore(t *testing.T) {
 	th := Setup().InitBasic()
 	defer TearDown()
diff --git a/app/post.go b/app/post.go
index 7f38a9bd2..186aa5dcc 100644
--- a/app/post.go
+++ b/app/post.go
@@ -402,6 +402,14 @@ func GetFlaggedPostsForTeam(userId, teamId string, offset int, limit int) (*mode
 	}
 }
 
+func GetFlaggedPostsForChannel(userId, channelId string, offset int, limit int) (*model.PostList, *model.AppError) {
+	if result := <-Srv.Store.Post().GetFlaggedPostsForChannel(userId, channelId, offset, limit); result.Err != nil {
+		return nil, result.Err
+	} else {
+		return result.Data.(*model.PostList), nil
+	}
+}
+
 func GetPermalinkPost(postId string, userId string) (*model.PostList, *model.AppError) {
 	if result := <-Srv.Store.Post().Get(postId); result.Err != nil {
 		return nil, result.Err
diff --git a/i18n/en.json b/i18n/en.json
index 051631f3c..a04c11066 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -3704,6 +3704,14 @@
     "translation": "Unable to write request"
   },
   {
+    "id": "model.client.get_flagged_posts_in_channel.missing_parameter.app_error",
+    "translation": "Missing channel parameter"
+  },
+  {
+    "id": "model.client.get_flagged_posts_in_team.missing_parameter.app_error",
+    "translation": "Missing team parameter"
+  },
+  {
     "id": "model.client.login.app_error",
     "translation": "Authentication tokens didn't match"
   },
diff --git a/model/client4.go b/model/client4.go
index cd9a6de75..62c58eb00 100644
--- a/model/client4.go
+++ b/model/client4.go
@@ -1415,6 +1415,47 @@ func (c *Client4) GetPostsForChannel(channelId string, page, perPage int, etag s
 	}
 }
 
+// GetFlaggedPostsForUser returns flagged posts of a user based on user id string.
+func (c *Client4) GetFlaggedPostsForUser(userId string, page int, perPage int) (*PostList, *Response) {
+	query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage)
+	if r, err := c.DoApiGet(c.GetUserRoute(userId)+"/posts/flagged"+query, ""); err != nil {
+		return nil, &Response{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return PostListFromJson(r.Body), BuildResponse(r)
+	}
+}
+
+// GetFlaggedPostsForUserInTeam returns flagged posts in team of a user based on user id string.
+func (c *Client4) GetFlaggedPostsForUserInTeam(userId string, teamId string, page int, perPage int) (*PostList, *Response) {
+	if len(teamId) == 0 || len(teamId) != 26 {
+		return nil, &Response{StatusCode: http.StatusBadRequest, Error: NewAppError("GetFlaggedPostsForUserInTeam", "model.client.get_flagged_posts_in_team.missing_parameter.app_error", nil, "", http.StatusBadRequest)}
+	}
+
+	query := fmt.Sprintf("?in_team=%v&page=%v&per_page=%v", teamId, page, perPage)
+	if r, err := c.DoApiGet(c.GetUserRoute(userId)+"/posts/flagged"+query, ""); err != nil {
+		return nil, &Response{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return PostListFromJson(r.Body), BuildResponse(r)
+	}
+}
+
+// GetFlaggedPostsForUserInChannel returns flagged posts in channel of a user based on user id string.
+func (c *Client4) GetFlaggedPostsForUserInChannel(userId string, channelId string, page int, perPage int) (*PostList, *Response) {
+	if len(channelId) == 0 || len(channelId) != 26 {
+		return nil, &Response{StatusCode: http.StatusBadRequest, Error: NewAppError("GetFlaggedPostsForUserInChannel", "model.client.get_flagged_posts_in_channel.missing_parameter.app_error", nil, "", http.StatusBadRequest)}
+	}
+
+	query := fmt.Sprintf("?in_channel=%v&page=%v&per_page=%v", channelId, page, perPage)
+	if r, err := c.DoApiGet(c.GetUserRoute(userId)+"/posts/flagged"+query, ""); err != nil {
+		return nil, &Response{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return PostListFromJson(r.Body), BuildResponse(r)
+	}
+}
+
 // GetPostsSince gets posts created after a specified time as Unix time in milliseconds.
 func (c *Client4) GetPostsSince(channelId string, time int64) (*PostList, *Response) {
 	query := fmt.Sprintf("?since=%v", time)
diff --git a/store/sql_post_store.go b/store/sql_post_store.go
index 14580dc5f..5779f727c 100644
--- a/store/sql_post_store.go
+++ b/store/sql_post_store.go
@@ -5,6 +5,7 @@ package store
 
 import (
 	"fmt"
+	"net/http"
 	"regexp"
 	"strconv"
 	"strings"
@@ -13,7 +14,6 @@ import (
 	"github.com/mattermost/platform/einterfaces"
 	"github.com/mattermost/platform/model"
 	"github.com/mattermost/platform/utils"
-	"net/http"
 )
 
 type SqlPostStore struct {
@@ -237,7 +237,7 @@ func (s SqlPostStore) GetFlaggedPostsForTeam(userId, teamId string, offset int,
                         Preferences
                     WHERE
                         UserId = :UserId
-                        AND Category = 'flagged_post')
+                        AND Category = :Category)
                         AND DeleteAt = 0
                 ) as A
             INNER JOIN Channels as B
@@ -247,7 +247,43 @@ func (s SqlPostStore) GetFlaggedPostsForTeam(userId, teamId string, offset int,
             LIMIT :Limit OFFSET :Offset`
 
 		if _, err := s.GetReplica().Select(&posts, query, map[string]interface{}{"UserId": userId, "Category": model.PREFERENCE_CATEGORY_FLAGGED_POST, "Offset": offset, "Limit": limit, "TeamId": teamId}); err != nil {
-			result.Err = model.NewLocAppError("SqlPostStore.GetFlaggedPosts", "store.sql_post.get_flagged_posts.app_error", nil, err.Error())
+			result.Err = model.NewLocAppError("SqlPostStore.GetFlaggedPostsForTeam", "store.sql_post.get_flagged_posts.app_error", nil, err.Error())
+		} else {
+			for _, post := range posts {
+				pl.AddPost(post)
+				pl.AddOrder(post.Id)
+			}
+		}
+
+		result.Data = pl
+
+		storeChannel <- result
+		close(storeChannel)
+	}()
+
+	return storeChannel
+}
+
+func (s SqlPostStore) GetFlaggedPostsForChannel(userId, channelId string, offset int, limit int) StoreChannel {
+	storeChannel := make(StoreChannel, 1)
+	go func() {
+		result := StoreResult{}
+		pl := model.NewPostList()
+
+		var posts []*model.Post
+		query := `
+			SELECT 
+				* 
+			FROM Posts 
+			WHERE 
+				Id IN (SELECT Name FROM Preferences WHERE UserId = :UserId AND Category = :Category) 
+				AND ChannelId = :ChannelId
+				AND DeleteAt = 0 
+			ORDER BY CreateAt DESC 
+			LIMIT :Limit OFFSET :Offset`
+
+		if _, err := s.GetReplica().Select(&posts, query, map[string]interface{}{"UserId": userId, "Category": model.PREFERENCE_CATEGORY_FLAGGED_POST, "ChannelId": channelId, "Offset": offset, "Limit": limit}); err != nil {
+			result.Err = model.NewLocAppError("SqlPostStore.GetFlaggedPostsForChannel", "store.sql_post.get_flagged_posts.app_error", nil, err.Error())
 		} else {
 			for _, post := range posts {
 				pl.AddPost(post)
diff --git a/store/sql_post_store_test.go b/store/sql_post_store_test.go
index f9dc5499f..d006555a3 100644
--- a/store/sql_post_store_test.go
+++ b/store/sql_post_store_test.go
@@ -1144,6 +1144,18 @@ func TestPostStoreGetFlaggedPostsForTeam(t *testing.T) {
 		t.Fatal("should have 1 post")
 	}
 
+	r3 = (<-store.Post().GetFlaggedPostsForTeam(o1.UserId, c1.TeamId, 1, 1)).Data.(*model.PostList)
+
+	if len(r3.Order) != 1 {
+		t.Fatal("should have 1 post")
+	}
+
+	r3 = (<-store.Post().GetFlaggedPostsForTeam(o1.UserId, c1.TeamId, 1000, 10)).Data.(*model.PostList)
+
+	if len(r3.Order) != 0 {
+		t.Fatal("should be empty")
+	}
+
 	r4 := (<-store.Post().GetFlaggedPostsForTeam(o1.UserId, c1.TeamId, 0, 2)).Data.(*model.PostList)
 
 	if len(r4.Order) != 2 {
@@ -1202,7 +1214,6 @@ func TestPostStoreGetFlaggedPostsForTeam(t *testing.T) {
 	r4 = (<-store.Post().GetFlaggedPostsForTeam(o1.UserId, c1.TeamId, 0, 10)).Data.(*model.PostList)
 
 	if len(r4.Order) != 3 {
-		t.Log(len(r4.Order))
 		t.Fatal("should have 3 posts")
 	}
 }
@@ -1232,7 +1243,7 @@ func TestPostStoreGetFlaggedPosts(t *testing.T) {
 	o3 = (<-store.Post().Save(o3)).Data.(*model.Post)
 	time.Sleep(2 * time.Millisecond)
 
-	r1 := (<-store.Post().GetFlaggedPosts(o1.ChannelId, 0, 2)).Data.(*model.PostList)
+	r1 := (<-store.Post().GetFlaggedPosts(o1.UserId, 0, 2)).Data.(*model.PostList)
 
 	if len(r1.Order) != 0 {
 		t.Fatal("should be empty")
@@ -1272,6 +1283,18 @@ func TestPostStoreGetFlaggedPosts(t *testing.T) {
 		t.Fatal("should have 1 post")
 	}
 
+	r3 = (<-store.Post().GetFlaggedPosts(o1.UserId, 1, 1)).Data.(*model.PostList)
+
+	if len(r3.Order) != 1 {
+		t.Fatal("should have 1 post")
+	}
+
+	r3 = (<-store.Post().GetFlaggedPosts(o1.UserId, 1000, 10)).Data.(*model.PostList)
+
+	if len(r3.Order) != 0 {
+		t.Fatal("should be empty")
+	}
+
 	r4 := (<-store.Post().GetFlaggedPosts(o1.UserId, 0, 2)).Data.(*model.PostList)
 
 	if len(r4.Order) != 2 {
@@ -1296,6 +1319,100 @@ func TestPostStoreGetFlaggedPosts(t *testing.T) {
 	}
 }
 
+func TestPostStoreGetFlaggedPostsForChannel(t *testing.T) {
+	Setup()
+
+	o1 := &model.Post{}
+	o1.ChannelId = model.NewId()
+	o1.UserId = model.NewId()
+	o1.Message = "a" + model.NewId() + "b"
+	o1 = (<-store.Post().Save(o1)).Data.(*model.Post)
+	time.Sleep(2 * time.Millisecond)
+
+	o2 := &model.Post{}
+	o2.ChannelId = o1.ChannelId
+	o2.UserId = model.NewId()
+	o2.Message = "a" + model.NewId() + "b"
+	o2 = (<-store.Post().Save(o2)).Data.(*model.Post)
+	time.Sleep(2 * time.Millisecond)
+
+	// deleted post
+	o3 := &model.Post{}
+	o3.ChannelId = model.NewId()
+	o3.UserId = o1.ChannelId
+	o3.Message = "a" + model.NewId() + "b"
+	o3.DeleteAt = 1
+	o3 = (<-store.Post().Save(o3)).Data.(*model.Post)
+	time.Sleep(2 * time.Millisecond)
+
+	o4 := &model.Post{}
+	o4.ChannelId = model.NewId()
+	o4.UserId = model.NewId()
+	o4.Message = "a" + model.NewId() + "b"
+	o4 = (<-store.Post().Save(o4)).Data.(*model.Post)
+	time.Sleep(2 * time.Millisecond)
+
+	r := (<-store.Post().GetFlaggedPostsForChannel(o1.UserId, o1.ChannelId, 0, 10)).Data.(*model.PostList)
+
+	if len(r.Order) != 0 {
+		t.Fatal("should be empty")
+	}
+
+	preference := model.Preference{
+		UserId:   o1.UserId,
+		Category: model.PREFERENCE_CATEGORY_FLAGGED_POST,
+		Name:     o1.Id,
+		Value:    "true",
+	}
+
+	Must(store.Preference().Save(&model.Preferences{preference}))
+
+	r = (<-store.Post().GetFlaggedPostsForChannel(o1.UserId, o1.ChannelId, 0, 10)).Data.(*model.PostList)
+
+	if len(r.Order) != 1 {
+		t.Fatal("should have 1 post")
+	}
+
+	preference.Name = o2.Id
+	Must(store.Preference().Save(&model.Preferences{preference}))
+
+	preference.Name = o3.Id
+	Must(store.Preference().Save(&model.Preferences{preference}))
+
+	r = (<-store.Post().GetFlaggedPostsForChannel(o1.UserId, o1.ChannelId, 0, 1)).Data.(*model.PostList)
+
+	if len(r.Order) != 1 {
+		t.Fatal("should have 1 post")
+	}
+
+	r = (<-store.Post().GetFlaggedPostsForChannel(o1.UserId, o1.ChannelId, 1, 1)).Data.(*model.PostList)
+
+	if len(r.Order) != 1 {
+		t.Fatal("should have 1 post")
+	}
+
+	r = (<-store.Post().GetFlaggedPostsForChannel(o1.UserId, o1.ChannelId, 1000, 10)).Data.(*model.PostList)
+
+	if len(r.Order) != 0 {
+		t.Fatal("should be empty")
+	}
+
+	r = (<-store.Post().GetFlaggedPostsForChannel(o1.UserId, o1.ChannelId, 0, 10)).Data.(*model.PostList)
+
+	if len(r.Order) != 2 {
+		t.Fatal("should have 2 posts")
+	}
+
+	preference.Name = o4.Id
+	Must(store.Preference().Save(&model.Preferences{preference}))
+
+	r = (<-store.Post().GetFlaggedPostsForChannel(o1.UserId, o4.ChannelId, 0, 10)).Data.(*model.PostList)
+
+	if len(r.Order) != 1 {
+		t.Fatal("should have 1 post")
+	}
+}
+
 func TestPostStoreGetPostsCreatedAt(t *testing.T) {
 	Setup()
 
diff --git a/store/store.go b/store/store.go
index 3e508dfa5..0f6952247 100644
--- a/store/store.go
+++ b/store/store.go
@@ -150,6 +150,7 @@ type PostStore interface {
 	GetPosts(channelId string, offset int, limit int, allowFromCache bool) StoreChannel
 	GetFlaggedPosts(userId string, offset int, limit int) StoreChannel
 	GetFlaggedPostsForTeam(userId, teamId string, offset int, limit int) StoreChannel
+	GetFlaggedPostsForChannel(userId, channelId string, offset int, limit int) StoreChannel
 	GetPostsBefore(channelId string, postId string, numPosts int, offset int) StoreChannel
 	GetPostsAfter(channelId string, postId string, numPosts int, offset int) StoreChannel
 	GetPostsSince(channelId string, time int64, allowFromCache bool) StoreChannel