diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-02-01 16:13:16 -0500 |
---|---|---|
committer | Christopher Speller <crspeller@gmail.com> | 2017-02-01 16:13:16 -0500 |
commit | 36f43edba3481a19476943942bff1ab53cc14e0f (patch) | |
tree | 4f2925a492cb594e6c80a7f569395528139307ce /api4/user.go | |
parent | 187aff9fa8bd7616b5a93aefaa2e9166d5d3d4ab (diff) | |
download | chat-36f43edba3481a19476943942bff1ab53cc14e0f.tar.gz chat-36f43edba3481a19476943942bff1ab53cc14e0f.tar.bz2 chat-36f43edba3481a19476943942bff1ab53cc14e0f.zip |
Implement PUT /users/{user_id}/roles endpoint for APIv4 (#5238)
Diffstat (limited to 'api4/user.go')
-rw-r--r-- | api4/user.go | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/api4/user.go b/api4/user.go index 9d38df1a1..f68d01d33 100644 --- a/api4/user.go +++ b/api4/user.go @@ -18,6 +18,7 @@ func InitUser() { BaseRoutes.Users.Handle("", ApiHandler(createUser)).Methods("POST") BaseRoutes.User.Handle("", ApiSessionRequired(getUser)).Methods("GET") BaseRoutes.User.Handle("", ApiSessionRequired(updateUser)).Methods("PUT") + BaseRoutes.User.Handle("/roles", ApiSessionRequired(updateUserRoles)).Methods("PUT") BaseRoutes.Users.Handle("/login", ApiHandler(login)).Methods("POST") BaseRoutes.Users.Handle("/logout", ApiHandler(logout)).Methods("POST") @@ -109,6 +110,35 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { } } +func updateUserRoles(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireUserId() + if c.Err != nil { + return + } + + props := model.MapFromJson(r.Body) + + newRoles := props["roles"] + if !model.IsValidUserRoles(newRoles) { + c.SetInvalidParam("roles") + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_ROLES) { + c.SetPermissionError(model.PERMISSION_MANAGE_ROLES) + return + } + + if _, err := app.UpdateUserRoles(c.Params.UserId, newRoles); err != nil { + c.Err = err + return + } else { + c.LogAuditWithUserId(c.Params.UserId, "roles="+newRoles) + } + + ReturnStatusOK(w) +} + func login(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) |