diff options
author | Corey Hulen <corey@hulen.com> | 2016-04-21 22:37:01 -0700 |
---|---|---|
committer | Corey Hulen <corey@hulen.com> | 2016-04-21 22:37:01 -0700 |
commit | 2e5617c29be69637acd384e85f795a0b343bec8d (patch) | |
tree | 6b8bdae1e664013b97c2dda94985375abda91aa5 /api/channel.go | |
parent | 5c755463ed3a4c74a383fb4460b5be02d8868481 (diff) | |
download | chat-2e5617c29be69637acd384e85f795a0b343bec8d.tar.gz chat-2e5617c29be69637acd384e85f795a0b343bec8d.tar.bz2 chat-2e5617c29be69637acd384e85f795a0b343bec8d.zip |
PLT-2057 User as a first class object (#2648)
* Adding TeamMember to system
* Fixing all unit tests on the backend
* Fixing merge conflicts
* Fixing merge conflict
* Adding javascript unit tests
* Adding TeamMember to system
* Fixing all unit tests on the backend
* Fixing merge conflicts
* Fixing merge conflict
* Adding javascript unit tests
* Adding client side unit test
* Cleaning up the clint side tests
* Fixing msg
* Adding more client side unit tests
* Adding more using tests
* Adding last bit of client side unit tests and adding make cmd
* Fixing bad merge
* Fixing libraries
* Updating to new client side API
* Fixing borken unit test
* Fixing unit tests
* ugg...trying to beat gofmt
* ugg...trying to beat gofmt
* Cleaning up remainder of the server side routes
* Adding inital load api
* Increased coverage of webhook unit tests (#2660)
* Adding loading ... to root html
* Fixing bad merge
* Removing explicit content type so superagent will guess corectly (#2685)
* Fixing merge and unit tests
* Adding create team UI
* Fixing signup flows
* Adding LDAP unit tests and enterprise unit test helper (#2702)
* Add the ability to reset MFA from the commandline (#2706)
* Fixing compliance unit tests
* Fixing client side tests
* Adding open server to system console
* Moving websocket connection
* Fixing unit test
* Fixing unit tests
* Fixing unit tests
* Adding nickname and more LDAP unit tests (#2717)
* Adding join open teams
* Cleaning up all TODOs in the code
* Fixing web sockets
* Removing unused webockets file
* PLT-2533 Add the ability to reset a user's MFA from the system console (#2715)
* Add the ability to reset a user's MFA from the system console
* Add client side unit test for adminResetMfa
* Reorganizing authentication to fix LDAP error message (#2723)
* Fixing failing unit test
* Initial upgrade db code
* Adding upgrade script
* Fixing upgrade script after running on core
* Update OAuth and Claim routes to work with user model changes (#2739)
* Fixing perminant deletion. Adding ability to delete all user and the entire database (#2740)
* Fixing team invite ldap login call (#2741)
* Fixing bluebar and some img stuff
* Fix all the different file upload web utils (#2743)
* Fixing invalid session redirect (#2744)
* Redirect on bad channel name (#2746)
* Fixing a bunch of issue and removing dead code
* Patch to fix error message on leave channel (#2747)
* Setting EnableOpenServer to false by default
* Fixing config
* Fixing upgrade
* Fixing reported bugs
* Bug fixes for PLT-2057
* PLT-2563 Redo password recovery to use a database table (#2745)
* Redo password recovery to use a database table
* Update reset password audits
* Split out admin and user reset password APIs to be separate
* Delete password recovery when user is permanently deleted
* Consolidate password resetting into a single function
* Removed private channels as an option for outgoing webhooks (#2752)
* PLT-2577/PLT-2552 Fixes for backstage (#2753)
* Added URL to incoming webhook list
* Fixed client functions for adding/removing integrations
* Disallowed slash commands without trigger words
* Fixed clientside handling of errors on AddCommand page
* Minor auth cleanup (#2758)
* Changed EditPostModal to just close if you save without making any changes (#2759)
* Renamed client -> Client in async_client.jsx and fixed eslint warnings (#2756)
* Fixed url in channel info modal (#2755)
* Fixing reported issues
* Moving to version 3 of the apis
* Fixing command unit tests (#2760)
* Adding team admins
* Fixing DM issue
* Fixing eslint error
* Properly set EditPostModal's originalText state in all cases (#2762)
* Update client config check to assume features is defined if server is licensed (#2772)
* Fixing url link
* Fixing issue with websocket crashing when sending messages to different teams
Diffstat (limited to 'api/channel.go')
-rw-r--r-- | api/channel.go | 101 |
1 files changed, 50 insertions, 51 deletions
diff --git a/api/channel.go b/api/channel.go index e97e08fc0..871477824 100644 --- a/api/channel.go +++ b/api/channel.go @@ -18,29 +18,28 @@ const ( defaultExtraMemberLimit = 100 ) -func InitChannel(r *mux.Router) { +func InitChannel() { l4g.Debug(utils.T("api.channel.init.debug")) - sr := r.PathPrefix("/channels").Subrouter() - sr.Handle("/", ApiUserRequiredActivity(getChannels, false)).Methods("GET") - sr.Handle("/more", ApiUserRequired(getMoreChannels)).Methods("GET") - sr.Handle("/counts", ApiUserRequiredActivity(getChannelCounts, false)).Methods("GET") - sr.Handle("/create", ApiUserRequired(createChannel)).Methods("POST") - sr.Handle("/create_direct", ApiUserRequired(createDirectChannel)).Methods("POST") - sr.Handle("/update", ApiUserRequired(updateChannel)).Methods("POST") - sr.Handle("/update_header", ApiUserRequired(updateChannelHeader)).Methods("POST") - sr.Handle("/update_purpose", ApiUserRequired(updateChannelPurpose)).Methods("POST") - sr.Handle("/update_notify_props", ApiUserRequired(updateNotifyProps)).Methods("POST") - sr.Handle("/{id:[A-Za-z0-9]+}/", ApiUserRequiredActivity(getChannel, false)).Methods("GET") - sr.Handle("/{id:[A-Za-z0-9]+}/extra_info", ApiUserRequired(getChannelExtraInfo)).Methods("GET") - sr.Handle("/{id:[A-Za-z0-9]+}/extra_info/{member_limit:-?[0-9]+}", ApiUserRequired(getChannelExtraInfo)).Methods("GET") - sr.Handle("/{id:[A-Za-z0-9]+}/join", ApiUserRequired(join)).Methods("POST") - sr.Handle("/{id:[A-Za-z0-9]+}/leave", ApiUserRequired(leave)).Methods("POST") - sr.Handle("/{id:[A-Za-z0-9]+}/delete", ApiUserRequired(deleteChannel)).Methods("POST") - sr.Handle("/{id:[A-Za-z0-9]+}/add", ApiUserRequired(addMember)).Methods("POST") - sr.Handle("/{id:[A-Za-z0-9]+}/remove", ApiUserRequired(removeMember)).Methods("POST") - sr.Handle("/{id:[A-Za-z0-9]+}/update_last_viewed_at", ApiUserRequired(updateLastViewedAt)).Methods("POST") - + BaseRoutes.Channels.Handle("/", ApiUserRequiredActivity(getChannels, false)).Methods("GET") + BaseRoutes.Channels.Handle("/more", ApiUserRequired(getMoreChannels)).Methods("GET") + BaseRoutes.Channels.Handle("/counts", ApiUserRequiredActivity(getChannelCounts, false)).Methods("GET") + BaseRoutes.Channels.Handle("/create", ApiUserRequired(createChannel)).Methods("POST") + BaseRoutes.Channels.Handle("/create_direct", ApiUserRequired(createDirectChannel)).Methods("POST") + BaseRoutes.Channels.Handle("/update", ApiUserRequired(updateChannel)).Methods("POST") + BaseRoutes.Channels.Handle("/update_header", ApiUserRequired(updateChannelHeader)).Methods("POST") + BaseRoutes.Channels.Handle("/update_purpose", ApiUserRequired(updateChannelPurpose)).Methods("POST") + BaseRoutes.Channels.Handle("/update_notify_props", ApiUserRequired(updateNotifyProps)).Methods("POST") + + BaseRoutes.NeedChannel.Handle("/", ApiUserRequiredActivity(getChannel, false)).Methods("GET") + BaseRoutes.NeedChannel.Handle("/extra_info", ApiUserRequired(getChannelExtraInfo)).Methods("GET") + BaseRoutes.NeedChannel.Handle("/extra_info/{member_limit:-?[0-9]+}", ApiUserRequired(getChannelExtraInfo)).Methods("GET") + BaseRoutes.NeedChannel.Handle("/join", ApiUserRequired(join)).Methods("POST") + BaseRoutes.NeedChannel.Handle("/leave", ApiUserRequired(leave)).Methods("POST") + BaseRoutes.NeedChannel.Handle("/delete", ApiUserRequired(deleteChannel)).Methods("POST") + BaseRoutes.NeedChannel.Handle("/add", ApiUserRequired(addMember)).Methods("POST") + BaseRoutes.NeedChannel.Handle("/remove", ApiUserRequired(removeMember)).Methods("POST") + BaseRoutes.NeedChannel.Handle("/update_last_viewed_at", ApiUserRequired(updateLastViewedAt)).Methods("POST") } func createChannel(c *Context, w http.ResponseWriter, r *http.Request) { @@ -52,6 +51,10 @@ func createChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } + if len(channel.TeamId) == 0 { + channel.TeamId = c.TeamId + } + if !c.HasPermissionsToTeam(channel.TeamId, "createChannel") { return } @@ -107,10 +110,6 @@ func createDirectChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !c.HasPermissionsToTeam(c.Session.TeamId, "createDirectChannel") { - return - } - if sc, err := CreateDirectChannel(c, userId); err != nil { c.Err = err return @@ -131,7 +130,7 @@ func CreateDirectChannel(c *Context, otherUserId string) (*model.Channel, *model channel.DisplayName = "" channel.Name = model.GetDMNameFromIds(otherUserId, c.Session.UserId) - channel.TeamId = c.Session.TeamId + channel.TeamId = c.TeamId channel.Header = "" channel.Type = model.CHANNEL_DIRECT @@ -214,7 +213,7 @@ func updateChannel(c *Context, w http.ResponseWriter, r *http.Request) { if oldChannel.Name == model.DEFAULT_CHANNEL { if (len(channel.Name) > 0 && channel.Name != oldChannel.Name) || (len(channel.Type) > 0 && channel.Type != oldChannel.Type) { c.Err = model.NewLocAppError("updateChannel", "api.channel.update_channel.tried.app_error", map[string]interface{}{"Channel": model.DEFAULT_CHANNEL}, "") - c.Err.StatusCode = http.StatusForbidden + c.Err.StatusCode = http.StatusBadRequest return } } @@ -367,7 +366,7 @@ func getChannels(c *Context, w http.ResponseWriter, r *http.Request) { // user is already in the team - if result := <-Srv.Store.Channel().GetChannels(c.Session.TeamId, c.Session.UserId); result.Err != nil { + if result := <-Srv.Store.Channel().GetChannels(c.TeamId, c.Session.UserId); result.Err != nil { if result.Err.Id == "store.sql_channel.get_channels.not_found.app_error" { // lets make sure the user is valid if result := <-Srv.Store.User().Get(c.Session.UserId); result.Err != nil { @@ -392,7 +391,7 @@ func getMoreChannels(c *Context, w http.ResponseWriter, r *http.Request) { // user is already in the team - if result := <-Srv.Store.Channel().GetMoreChannels(c.Session.TeamId, c.Session.UserId); result.Err != nil { + if result := <-Srv.Store.Channel().GetMoreChannels(c.TeamId, c.Session.UserId); result.Err != nil { c.Err = result.Err return } else if HandleEtag(result.Data.(*model.ChannelList).Etag(), w, r) { @@ -408,7 +407,7 @@ func getChannelCounts(c *Context, w http.ResponseWriter, r *http.Request) { // user is already in the team - if result := <-Srv.Store.Channel().GetChannelCounts(c.Session.TeamId, c.Session.UserId); result.Err != nil { + if result := <-Srv.Store.Channel().GetChannelCounts(c.TeamId, c.Session.UserId); result.Err != nil { c.Err = model.NewLocAppError("getChannelCounts", "api.channel.get_channel_counts.app_error", nil, result.Err.Message) return } else if HandleEtag(result.Data.(*model.ChannelCounts).Etag(), w, r) { @@ -423,7 +422,7 @@ func getChannelCounts(c *Context, w http.ResponseWriter, r *http.Request) { func join(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - channelId := params["id"] + channelId := params["channel_id"] JoinChannel(c, channelId, "") @@ -498,7 +497,7 @@ func AddUserToChannel(user *model.User, channel *model.Channel) (*model.ChannelM } go func() { - UpdateChannelAccessCache(channel.TeamId, user.Id, channel.Id) + InvalidateCacheForUser(user.Id) message := model.NewMessage(channel.TeamId, channel.Id, user.Id, model.ACTION_USER_ADDED) PublishAndForget(message) @@ -507,12 +506,12 @@ func AddUserToChannel(user *model.User, channel *model.Channel) (*model.ChannelM return newMember, nil } -func JoinDefaultChannels(user *model.User, channelRole string) *model.AppError { +func JoinDefaultChannels(teamId string, user *model.User, channelRole string) *model.AppError { // We don't call JoinChannel here since c.Session is not populated on user creation var err *model.AppError = nil - if result := <-Srv.Store.Channel().GetByName(user.TeamId, "town-square"); result.Err != nil { + if result := <-Srv.Store.Channel().GetByName(teamId, "town-square"); result.Err != nil { err = result.Err } else { cm := &model.ChannelMember{ChannelId: result.Data.(*model.Channel).Id, UserId: user.Id, @@ -523,7 +522,7 @@ func JoinDefaultChannels(user *model.User, channelRole string) *model.AppError { } } - if result := <-Srv.Store.Channel().GetByName(user.TeamId, "off-topic"); result.Err != nil { + if result := <-Srv.Store.Channel().GetByName(teamId, "off-topic"); result.Err != nil { err = result.Err } else { cm := &model.ChannelMember{ChannelId: result.Data.(*model.Channel).Id, UserId: user.Id, @@ -540,7 +539,7 @@ func JoinDefaultChannels(user *model.User, channelRole string) *model.AppError { func leave(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - id := params["id"] + id := params["channel_id"] sc := Srv.Store.Channel().Get(id) uc := Srv.Store.User().Get(c.Session.UserId) @@ -561,13 +560,13 @@ func leave(c *Context, w http.ResponseWriter, r *http.Request) { if channel.Type == model.CHANNEL_DIRECT { c.Err = model.NewLocAppError("leave", "api.channel.leave.direct.app_error", nil, "") - c.Err.StatusCode = http.StatusForbidden + c.Err.StatusCode = http.StatusBadRequest return } if channel.Name == model.DEFAULT_CHANNEL { c.Err = model.NewLocAppError("leave", "api.channel.leave.default.app_error", map[string]interface{}{"Channel": model.DEFAULT_CHANNEL}, "") - c.Err.StatusCode = http.StatusForbidden + c.Err.StatusCode = http.StatusBadRequest return } @@ -589,7 +588,7 @@ func leave(c *Context, w http.ResponseWriter, r *http.Request) { func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - id := params["id"] + id := params["channel_id"] sc := Srv.Store.Channel().Get(id) scm := Srv.Store.Channel().GetMember(id, c.Session.UserId) @@ -637,7 +636,7 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) { if channel.Name == model.DEFAULT_CHANNEL { c.Err = model.NewLocAppError("deleteChannel", "api.channel.delete_channel.cannot.app_error", map[string]interface{}{"Channel": model.DEFAULT_CHANNEL}, "") - c.Err.StatusCode = http.StatusForbidden + c.Err.StatusCode = http.StatusBadRequest return } @@ -682,7 +681,7 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) { func updateLastViewedAt(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - id := params["id"] + id := params["channel_id"] Srv.Store.Channel().UpdateLastViewedAt(id, c.Session.UserId) @@ -695,7 +694,7 @@ func updateLastViewedAt(c *Context, w http.ResponseWriter, r *http.Request) { Srv.Store.Preference().Save(&model.Preferences{preference}) - message := model.NewMessage(c.Session.TeamId, id, c.Session.UserId, model.ACTION_CHANNEL_VIEWED) + message := model.NewMessage(c.TeamId, id, c.Session.UserId, model.ACTION_CHANNEL_VIEWED) message.Add("channel_id", id) PublishAndForget(message) @@ -707,9 +706,9 @@ func updateLastViewedAt(c *Context, w http.ResponseWriter, r *http.Request) { func getChannel(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - id := params["id"] + id := params["channel_id"] - //pchan := Srv.Store.Channel().CheckPermissionsTo(c.Session.TeamId, id, c.Session.UserId) + //pchan := Srv.Store.Channel().CheckPermissionsTo(c.TeamId, id, c.Session.UserId) cchan := Srv.Store.Channel().Get(id) cmchan := Srv.Store.Channel().GetMember(id, c.Session.UserId) @@ -737,7 +736,7 @@ func getChannel(c *Context, w http.ResponseWriter, r *http.Request) { func getChannelExtraInfo(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - id := params["id"] + id := params["channel_id"] var memberLimit int if memberLimitString, ok := params["member_limit"]; !ok { @@ -781,7 +780,7 @@ func getChannelExtraInfo(c *Context, w http.ResponseWriter, r *http.Request) { extraMembers := ecmresult.Data.([]model.ExtraMember) memberCount := ccmresult.Data.(int64) - if !c.HasPermissionsToTeam(channel.TeamId, "getChannelExtraInfo") { + if len(channel.TeamId) > 0 && !c.HasPermissionsToTeam(channel.TeamId, "getChannelExtraInfo") { return } @@ -803,7 +802,7 @@ func getChannelExtraInfo(c *Context, w http.ResponseWriter, r *http.Request) { func addMember(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - id := params["id"] + id := params["channel_id"] data := model.MapFromJson(r.Body) userId := data["user_id"] @@ -813,7 +812,7 @@ func addMember(c *Context, w http.ResponseWriter, r *http.Request) { return } - cchan := Srv.Store.Channel().CheckPermissionsTo(c.Session.TeamId, id, c.Session.UserId) + cchan := Srv.Store.Channel().CheckPermissionsTo(c.TeamId, id, c.Session.UserId) sc := Srv.Store.Channel().Get(id) ouc := Srv.Store.User().Get(c.Session.UserId) nuc := Srv.Store.User().Get(userId) @@ -857,7 +856,7 @@ func addMember(c *Context, w http.ResponseWriter, r *http.Request) { func removeMember(c *Context, w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) - channelId := params["id"] + channelId := params["channel_id"] data := model.MapFromJson(r.Body) userIdToRemove := data["user_id"] @@ -914,7 +913,7 @@ func RemoveUserFromChannel(userIdToRemove string, removerUserId string, channel return cmresult.Err } - UpdateChannelAccessCacheAndForget(channel.TeamId, userIdToRemove, channel.Id) + InvalidateCacheForUser(userIdToRemove) message := model.NewMessage(channel.TeamId, channel.Id, userIdToRemove, model.ACTION_USER_REMOVED) message.Add("remover_id", removerUserId) @@ -938,7 +937,7 @@ func updateNotifyProps(c *Context, w http.ResponseWriter, r *http.Request) { return } - cchan := Srv.Store.Channel().CheckPermissionsTo(c.Session.TeamId, channelId, c.Session.UserId) + cchan := Srv.Store.Channel().CheckPermissionsTo(c.TeamId, channelId, c.Session.UserId) if !c.HasPermissionsToUser(userId, "updateNotifyLevel") { return |