Initial Commit of Ephemeral Message Support for System Admins (#8611)

Fixed Permission Test

Fixed and extended ephemeral message tests; Removed Online/Activity Updates

Set Create Time to current time

gofmt

2 files changed, 71 insertions, 0 deletions

diff --git a/api4/post.go b/api4/post.go
index 80088d9ef..189edfc20 100644
--- a/api4/post.go
+++ b/api4/post.go
@@ -4,6 +4,7 @@
 package api4
 
 import (
+	"encoding/json"
 	"net/http"
 	"strconv"
 	"time"
@@ -15,6 +16,7 @@ func (api *API) InitPost() {
 	api.BaseRoutes.Posts.Handle("", api.ApiSessionRequired(createPost)).Methods("POST")
 	api.BaseRoutes.Post.Handle("", api.ApiSessionRequired(getPost)).Methods("GET")
 	api.BaseRoutes.Post.Handle("", api.ApiSessionRequired(deletePost)).Methods("DELETE")
+	api.BaseRoutes.Posts.Handle("/ephemeral", api.ApiSessionRequired(createEphemeralPost)).Methods("POST")
 	api.BaseRoutes.Post.Handle("/thread", api.ApiSessionRequired(getPostThread)).Methods("GET")
 	api.BaseRoutes.Post.Handle("/files/info", api.ApiSessionRequired(getFileInfosForPost)).Methods("GET")
 	api.BaseRoutes.PostsForChannel.Handle("", api.ApiSessionRequired(getPostsForChannel)).Methods("GET")
@@ -69,6 +71,34 @@ func createPost(c *Context, w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(c.App.PostWithProxyAddedToImageURLs(rp).ToJson()))
 }
 
+func createEphemeralPost(c *Context, w http.ResponseWriter, r *http.Request) {
+	ephRequest := model.PostEphemeral{}
+
+	json.NewDecoder(r.Body).Decode(&ephRequest)
+	if ephRequest.UserID == "" {
+		c.SetInvalidParam("user_id")
+		return
+	}
+
+	if ephRequest.Post == nil {
+		c.SetInvalidParam("post")
+		return
+	}
+
+	ephRequest.Post.UserId = c.Session.UserId
+	ephRequest.Post.CreateAt = model.GetMillis()
+
+	if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_CREATE_POST_EPHEMERAL) {
+		c.SetPermissionError(model.PERMISSION_CREATE_POST_EPHEMERAL)
+		return
+	}
+
+	rp := c.App.SendEphemeralPost(ephRequest.UserID, c.App.PostWithProxyRemovedFromImageURLs(ephRequest.Post))
+
+	w.WriteHeader(http.StatusCreated)
+	w.Write([]byte(c.App.PostWithProxyAddedToImageURLs(rp).ToJson()))
+}
+
 func getPostsForChannel(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequireChannelId()
 	if c.Err != nil {
diff --git a/api4/post_test.go b/api4/post_test.go
index 1b682e38b..63d71b5bd 100644
--- a/api4/post_test.go
+++ b/api4/post_test.go
@@ -116,6 +116,47 @@ func TestCreatePost(t *testing.T) {
 	}
 }
 
+func TestCreatePostEphemeral(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer th.TearDown()
+	Client := th.SystemAdminClient
+
+	ephemeralPost := &model.PostEphemeral{
+		UserID: th.BasicUser2.Id,
+		Post:   &model.Post{ChannelId: th.BasicChannel.Id, Message: "a" + model.NewId() + "a", Props: model.StringInterface{model.PROPS_ADD_CHANNEL_MEMBER: "no good"}},
+	}
+
+	rpost, resp := Client.CreatePostEphemeral(ephemeralPost)
+	CheckNoError(t, resp)
+	CheckCreatedStatus(t, resp)
+
+	if rpost.Message != ephemeralPost.Post.Message {
+		t.Fatal("message didn't match")
+	}
+
+	if rpost.EditAt != 0 {
+		t.Fatal("newly created ephemeral post shouldn't have EditAt set")
+	}
+
+	if r, err := Client.DoApiPost("/posts/ephemeral", "garbage"); err == nil {
+		t.Fatal("should have errored")
+	} else {
+		if r.StatusCode != http.StatusBadRequest {
+			t.Log("actual: " + strconv.Itoa(r.StatusCode))
+			t.Log("expected: " + strconv.Itoa(http.StatusBadRequest))
+			t.Fatal("wrong status code")
+		}
+	}
+
+	Client.Logout()
+	_, resp = Client.CreatePostEphemeral(ephemeralPost)
+	CheckUnauthorizedStatus(t, resp)
+
+	Client = th.Client
+	rpost, resp = Client.CreatePostEphemeral(ephemeralPost)
+	CheckForbiddenStatus(t, resp)
+}
+
 func testCreatePostWithOutgoingHook(
 	t *testing.T,
 	hookContentType, expectedContentType, message, triggerWord string,