diff options
| author | n1aba <n1aba.github@gmail.com> | 2017-09-18 14:40:41 +0300 |
|---|---|---|
| committer | Joram Wilander <jwawilander@gmail.com> | 2017-09-18 07:40:41 -0400 |
| commit | 5a855e1ca1c1403ea63e4812d33b2b10a6a0fcf7 (patch) | |
| tree | cfa615903bc4307e88584cd46001cb7c4f6746dd /api4/oauth.go | |
| parent | 7243aa6751c266ecd342a41cbef390c71a962425 (diff) | |
| download | chat-5a855e1ca1c1403ea63e4812d33b2b10a6a0fcf7.tar.gz chat-5a855e1ca1c1403ea63e4812d33b2b10a6a0fcf7.tar.bz2 chat-5a855e1ca1c1403ea63e4812d33b2b10a6a0fcf7.zip | |
Implement update OAuthApp endpoint for APIv4, add test (#7413)
Diffstat (limited to 'api4/oauth.go')
| -rw-r--r-- | api4/oauth.go | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/api4/oauth.go b/api4/oauth.go index 593d405db..c3b64b608 100644 --- a/api4/oauth.go +++ b/api4/oauth.go @@ -18,6 +18,7 @@ func InitOAuth() { l4g.Debug(utils.T("api.oauth.init.debug")) BaseRoutes.OAuthApps.Handle("", ApiSessionRequired(createOAuthApp)).Methods("POST") + BaseRoutes.OAuthApp.Handle("", ApiSessionRequired(updateOAuthApp)).Methods("PUT") BaseRoutes.OAuthApps.Handle("", ApiSessionRequired(getOAuthApps)).Methods("GET") BaseRoutes.OAuthApp.Handle("", ApiSessionRequired(getOAuthApp)).Methods("GET") BaseRoutes.OAuthApp.Handle("/info", ApiSessionRequired(getOAuthAppInfo)).Methods("GET") @@ -74,6 +75,47 @@ func createOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(rapp.ToJson())) } +func updateOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireAppId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_OAUTH) { + c.SetPermissionError(model.PERMISSION_MANAGE_OAUTH) + return + } + + oauthApp := model.OAuthAppFromJson(r.Body) + if oauthApp == nil { + c.SetInvalidParam("oauth_app") + return + } + + c.LogAudit("attempt") + + oldOauthApp, err := c.App.GetOAuthApp(c.Params.AppId) + if err != nil { + c.Err = err + return + } + + if c.Session.UserId != oauthApp.CreatorId && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) + return + } + + updatedOauthApp, err := c.App.UpdateOauthApp(oldOauthApp, oauthApp) + if err != nil { + c.Err = err + return + } + + c.LogAudit("success") + + w.Write([]byte(updatedOauthApp.ToJson())) +} + func getOAuthApps(c *Context, w http.ResponseWriter, r *http.Request) { if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_OAUTH) { c.Err = model.NewAppError("getOAuthApps", "api.command.admin_only.app_error", nil, "", http.StatusForbidden) |