diff options
| author | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2017-03-23 13:50:06 +0100 |
|---|---|---|
| committer | George Goldberg <george@gberg.me> | 2017-03-23 12:50:06 +0000 |
| commit | 34cb70d005ba5ebea7398646db6e242baa81b701 (patch) | |
| tree | 086f4bd61c82aa0b807df028ab1dab63e19b7dc6 /api4/webhook.go | |
| parent | 94b4aa082c456914d89d9926d06814bd17309a73 (diff) | |
| download | chat-34cb70d005ba5ebea7398646db6e242baa81b701.tar.gz chat-34cb70d005ba5ebea7398646db6e242baa81b701.tar.bz2 chat-34cb70d005ba5ebea7398646db6e242baa81b701.zip | |
add implementation for endpoint DELETE outgoing webhook for apiv4 (#5828)
Diffstat (limited to 'api4/webhook.go')
| -rw-r--r-- | api4/webhook.go | 40 |
1 files changed, 38 insertions, 2 deletions
diff --git a/api4/webhook.go b/api4/webhook.go index 8d2c4874f..86f8bcc2e 100644 --- a/api4/webhook.go +++ b/api4/webhook.go @@ -23,8 +23,9 @@ func InitWebhook() { BaseRoutes.OutgoingHooks.Handle("", ApiSessionRequired(createOutgoingHook)).Methods("POST") BaseRoutes.OutgoingHooks.Handle("", ApiSessionRequired(getOutgoingHooks)).Methods("GET") - BaseRoutes.OutgoingHook.Handle("", ApiSessionRequired(updateOutcomingHook)).Methods("PUT") BaseRoutes.OutgoingHook.Handle("", ApiSessionRequired(getOutgoingHook)).Methods("GET") + BaseRoutes.OutgoingHook.Handle("", ApiSessionRequired(updateOutgoingHook)).Methods("PUT") + BaseRoutes.OutgoingHook.Handle("", ApiSessionRequired(deleteOutgoingHook)).Methods("DELETE") BaseRoutes.OutgoingHook.Handle("/regen_token", ApiSessionRequired(regenOutgoingHookToken)).Methods("POST") } @@ -226,7 +227,7 @@ func deleteIncomingHook(c *Context, w http.ResponseWriter, r *http.Request) { } } -func updateOutcomingHook(c *Context, w http.ResponseWriter, r *http.Request) { +func updateOutgoingHook(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireHookId() if c.Err != nil { return @@ -395,3 +396,38 @@ func regenOutgoingHookToken(c *Context, w http.ResponseWriter, r *http.Request) w.Write([]byte(rhook.ToJson())) } } + +func deleteOutgoingHook(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireHookId() + if c.Err != nil { + return + } + + hook, err := app.GetOutgoingWebhook(c.Params.HookId) + if err != nil { + c.Err = err + return + } + + c.LogAudit("attempt") + + if !app.SessionHasPermissionToTeam(c.Session, hook.TeamId, model.PERMISSION_MANAGE_WEBHOOKS) { + c.SetPermissionError(model.PERMISSION_MANAGE_WEBHOOKS) + return + } + + if c.Session.UserId != hook.CreatorId && !app.SessionHasPermissionToTeam(c.Session, hook.TeamId, model.PERMISSION_MANAGE_OTHERS_WEBHOOKS) { + c.LogAudit("fail - inappropriate permissions") + c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_WEBHOOKS) + return + } + + if err := app.DeleteOutgoingWebhook(hook.Id); err != nil { + c.LogAudit("fail") + c.Err = err + return + } + + c.LogAudit("success") + ReturnStatusOK(w) +} |