diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-02-03 10:27:12 -0500 |
---|---|---|
committer | Christopher Speller <crspeller@gmail.com> | 2017-02-03 10:27:12 -0500 |
commit | 9312469ad54cf2ff268a44e478b584549f62e2c4 (patch) | |
tree | 6b29783b9341b54a16aca581c4878f3cdd7474d7 /api4 | |
parent | ccb034382850b7e8ea924a4559e47ef44203155c (diff) | |
download | chat-9312469ad54cf2ff268a44e478b584549f62e2c4.tar.gz chat-9312469ad54cf2ff268a44e478b584549f62e2c4.tar.bz2 chat-9312469ad54cf2ff268a44e478b584549f62e2c4.zip |
Implement POST /channels/direct endpoint for APIv4 (#5283)
Diffstat (limited to 'api4')
-rw-r--r-- | api4/channel.go | 40 | ||||
-rw-r--r-- | api4/channel_test.go | 52 |
2 files changed, 92 insertions, 0 deletions
diff --git a/api4/channel.go b/api4/channel.go index 2ce9e23e5..10e59f49b 100644 --- a/api4/channel.go +++ b/api4/channel.go @@ -16,6 +16,7 @@ func InitChannel() { l4g.Debug(utils.T("api.channel.init.debug")) BaseRoutes.Channels.Handle("", ApiSessionRequired(createChannel)).Methods("POST") + BaseRoutes.Channels.Handle("/direct", ApiSessionRequired(createDirectChannel)).Methods("POST") } func createChannel(c *Context, w http.ResponseWriter, r *http.Request) { @@ -40,6 +41,45 @@ func createChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } else { c.LogAudit("name=" + channel.Name) + w.WriteHeader(http.StatusCreated) + w.Write([]byte(sc.ToJson())) + } +} + +func createDirectChannel(c *Context, w http.ResponseWriter, r *http.Request) { + userIds := model.ArrayFromJson(r.Body) + allowed := false + + if len(userIds) != 2 { + c.SetInvalidParam("user_ids") + return + } + + for _, id := range userIds { + if len(id) != 26 { + c.SetInvalidParam("user_id") + return + } + if id == c.Session.UserId { + allowed = true + } + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_CREATE_DIRECT_CHANNEL) { + c.SetPermissionError(model.PERMISSION_CREATE_DIRECT_CHANNEL) + return + } + + if !allowed && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + if sc, err := app.CreateDirectChannel(userIds[0], userIds[1]); err != nil { + c.Err = err + return + } else { + w.WriteHeader(http.StatusCreated) w.Write([]byte(sc.ToJson())) } } diff --git a/api4/channel_test.go b/api4/channel_test.go index e3d0a85bd..5123d7730 100644 --- a/api4/channel_test.go +++ b/api4/channel_test.go @@ -167,3 +167,55 @@ func TestCreateChannel(t *testing.T) { } } } + +func TestCreateDirectChannel(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + user1 := th.BasicUser + user2 := th.BasicUser2 + user3 := th.CreateUser() + + dm, resp := Client.CreateDirectChannel(user1.Id, user2.Id) + CheckNoError(t, resp) + + channelName := "" + if user2.Id > user1.Id { + channelName = user1.Id + "__" + user2.Id + } else { + channelName = user2.Id + "__" + user1.Id + } + + if dm.Name != channelName { + t.Fatal("dm name didn't match") + } + + _, resp = Client.CreateDirectChannel("junk", user2.Id) + CheckBadRequestStatus(t, resp) + + _, resp = Client.CreateDirectChannel(user1.Id, model.NewId()) + CheckBadRequestStatus(t, resp) + + _, resp = Client.CreateDirectChannel(model.NewId(), user1.Id) + CheckBadRequestStatus(t, resp) + + _, resp = Client.CreateDirectChannel(model.NewId(), user2.Id) + CheckForbiddenStatus(t, resp) + + if r, err := Client.DoApiPost("/channels/direct", "garbage"); err == nil { + t.Fatal("should have errored") + } else { + if r.StatusCode != http.StatusBadRequest { + t.Log("actual: " + strconv.Itoa(r.StatusCode)) + t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) + t.Fatal("wrong status code") + } + } + + Client.Logout() + _, resp = Client.CreateDirectChannel(model.NewId(), user2.Id) + CheckUnauthorizedStatus(t, resp) + + _, resp = th.SystemAdminClient.CreateDirectChannel(user3.Id, user2.Id) + CheckNoError(t, resp) +} |