diff options
| author | JoramWilander <jwawilander@gmail.com> | 2015-08-17 09:28:20 -0400 |
|---|---|---|
| committer | JoramWilander <jwawilander@gmail.com> | 2015-08-17 09:28:20 -0400 |
| commit | b068cc1058a2909e7fc9d9622e806d52127bfa52 (patch) | |
| tree | 0670b4f8fc4c7afd97c785728a79736138a40445 /api/user.go | |
| parent | e5a38174884310a07e62bed99e10b655c5c6749f (diff) | |
| download | chat-b068cc1058a2909e7fc9d9622e806d52127bfa52.tar.gz chat-b068cc1058a2909e7fc9d9622e806d52127bfa52.tar.bz2 chat-b068cc1058a2909e7fc9d9622e806d52127bfa52.zip | |
when user roles are updated, the relevant session roles are updated as well
Diffstat (limited to 'api/user.go')
| -rw-r--r-- | api/user.go | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/api/user.go b/api/user.go index a42f81cf1..130f0f3d0 100644 --- a/api/user.go +++ b/api/user.go @@ -961,18 +961,38 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { user.Roles = new_roles + var ruser *model.User if result := <-Srv.Store.User().Update(user, true); result.Err != nil { c.Err = result.Err return } else { c.LogAuditWithUserId(user.Id, "roles="+new_roles) - ruser := result.Data.([2]*model.User)[0] - options := utils.SanitizeOptions - options["passwordupdate"] = false - ruser.Sanitize(options) - w.Write([]byte(ruser.ToJson())) + ruser = result.Data.([2]*model.User)[0] + } + + uchan := Srv.Store.Session().UpdateRoles(user.Id, new_roles) + gchan := Srv.Store.Session().GetSessions(user.Id) + + if result := <-uchan; result.Err != nil { + // soft error since the user roles were still updated + l4g.Error(result.Err) + } + + if result := <-gchan; result.Err != nil { + // soft error since the user roles were still updated + l4g.Error(result.Err) + } else { + sessions := result.Data.([]*model.Session) + for _, s := range sessions { + sessionCache.Remove(s.Id) + } } + + options := utils.SanitizeOptions + options["passwordupdate"] = false + ruser.Sanitize(options) + w.Write([]byte(ruser.ToJson())) } func updateActive(c *Context, w http.ResponseWriter, r *http.Request) { |