diff options
author | Christopher Speller <crspeller@gmail.com> | 2017-09-06 20:43:18 -0700 |
---|---|---|
committer | Christopher Speller <crspeller@gmail.com> | 2017-09-06 20:43:18 -0700 |
commit | 77709ccdda86408d5135b8bc71462e2111992358 (patch) | |
tree | 5efc1631eb6cb31f8768fafeb58612557d98cb59 /api/general.go | |
parent | fd86a2490ea81eba8e12dcce76455710f182f81c (diff) | |
parent | e589accdaf38bb82cb5d3b5dd84eadf9bfb58b5c (diff) | |
download | chat-77709ccdda86408d5135b8bc71462e2111992358.tar.gz chat-77709ccdda86408d5135b8bc71462e2111992358.tar.bz2 chat-77709ccdda86408d5135b8bc71462e2111992358.zip |
Merge release-4.2
Diffstat (limited to 'api/general.go')
-rw-r--r-- | api/general.go | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/api/general.go b/api/general.go index 16a739704..ceb0b209f 100644 --- a/api/general.go +++ b/api/general.go @@ -10,6 +10,7 @@ import ( l4g "github.com/alecthomas/log4go" + "github.com/mattermost/platform/app" "github.com/mattermost/platform/model" "github.com/mattermost/platform/utils" ) @@ -30,7 +31,14 @@ func logClient(c *Context, w http.ResponseWriter, r *http.Request) { forceToDebug := false if !*utils.Cfg.ServiceSettings.EnableDeveloper { - forceToDebug = true + if c.Session.UserId == "" { + c.Err = model.NewAppError("Permissions", "api.context.permissions.app_error", nil, "", http.StatusForbidden) + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + forceToDebug = true + } } m := model.MapFromJson(r.Body) |