diff options
| author | Brian Olecki <bolecki019@gmail.com> | 2016-11-15 10:43:16 -0500 |
|---|---|---|
| committer | enahum <nahumhbl@gmail.com> | 2016-11-15 12:43:16 -0300 |
| commit | 6297922ab9561dbf774ab5d51619abfc4a411e40 (patch) | |
| tree | 84bbced4d8282f5e8af957164d6e92ae50238011 /api/command.go | |
| parent | 1f241af48a9554b6865d1ac79b4261341ab9b3f3 (diff) | |
| download | chat-6297922ab9561dbf774ab5d51619abfc4a411e40.tar.gz chat-6297922ab9561dbf774ab5d51619abfc4a411e40.tar.bz2 chat-6297922ab9561dbf774ab5d51619abfc4a411e40.zip | |
Add support for editing slash commands (#4335)
Diffstat (limited to 'api/command.go')
| -rw-r--r-- | api/command.go | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/api/command.go b/api/command.go index e71661a67..ff0f72149 100644 --- a/api/command.go +++ b/api/command.go @@ -45,6 +45,7 @@ func InitCommand() { BaseRoutes.Commands.Handle("/list", ApiUserRequired(listCommands)).Methods("GET") BaseRoutes.Commands.Handle("/create", ApiUserRequired(createCommand)).Methods("POST") + BaseRoutes.Commands.Handle("/update", ApiUserRequired(updateCommand)).Methods("POST") BaseRoutes.Commands.Handle("/list_team_commands", ApiUserRequired(listTeamCommands)).Methods("GET") BaseRoutes.Commands.Handle("/regen_token", ApiUserRequired(regenCommandToken)).Methods("POST") BaseRoutes.Commands.Handle("/delete", ApiUserRequired(deleteCommand)).Methods("POST") @@ -319,6 +320,65 @@ func createCommand(c *Context, w http.ResponseWriter, r *http.Request) { } } +func updateCommand(c *Context, w http.ResponseWriter, r *http.Request) { + if !*utils.Cfg.ServiceSettings.EnableCommands { + c.Err = model.NewLocAppError("updateCommand", "api.command.disabled.app_error", nil, "") + c.Err.StatusCode = http.StatusNotImplemented + return + } + + if !HasPermissionToCurrentTeamContext(c, model.PERMISSION_MANAGE_SLASH_COMMANDS) { + c.Err = model.NewLocAppError("updateCommand", "api.command.admin_only.app_error", nil, "") + c.Err.StatusCode = http.StatusForbidden + return + } + + c.LogAudit("attempt") + + cmd := model.CommandFromJson(r.Body) + + if cmd == nil { + c.SetInvalidParam("updateCommand", "command") + return + } + + cmd.Trigger = strings.ToLower(cmd.Trigger) + + var oldCmd *model.Command + if result := <-Srv.Store.Command().Get(cmd.Id); result.Err != nil { + c.Err = result.Err + return + } else { + oldCmd = result.Data.(*model.Command) + + if c.Session.UserId != oldCmd.CreatorId && !HasPermissionToCurrentTeamContext(c, model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS) { + c.LogAudit("fail - inappropriate permissions") + c.Err = model.NewLocAppError("updateCommand", "api.command.update.app_error", nil, "user_id="+c.Session.UserId) + return + } + + if c.TeamId != oldCmd.TeamId { + c.Err = model.NewLocAppError("updateCommand", "api.command.team_mismatch.app_error", nil, "user_id="+c.Session.UserId) + return + } + + cmd.Id = oldCmd.Id + cmd.Token = oldCmd.Token + cmd.CreateAt = oldCmd.CreateAt + cmd.UpdateAt = model.GetMillis() + cmd.DeleteAt = oldCmd.DeleteAt + cmd.CreatorId = oldCmd.CreatorId + cmd.TeamId = oldCmd.TeamId + } + + if result := <-Srv.Store.Command().Update(cmd); result.Err != nil { + c.Err = result.Err + return + } else { + w.Write([]byte(result.Data.(*model.Command).ToJson())) + } +} + func listTeamCommands(c *Context, w http.ResponseWriter, r *http.Request) { if !*utils.Cfg.ServiceSettings.EnableCommands { c.Err = model.NewLocAppError("listTeamCommands", "api.command.disabled.app_error", nil, "") |