Implement GET /posts/{post_id}/files/info endpoint for APIv4 (#5519)

2 files changed, 84 insertions, 0 deletions

diff --git a/api4/post.go b/api4/post.go
index 7290ce8ef..6a8b1bff2 100644
--- a/api4/post.go
+++ b/api4/post.go
@@ -20,6 +20,7 @@ func InitPost() {
 	BaseRoutes.Post.Handle("", ApiSessionRequired(getPost)).Methods("GET")
 	BaseRoutes.Post.Handle("", ApiSessionRequired(deletePost)).Methods("DELETE")
 	BaseRoutes.Post.Handle("/thread", ApiSessionRequired(getPostThread)).Methods("GET")
+	BaseRoutes.Post.Handle("/files/info", ApiSessionRequired(getFileInfosForPost)).Methods("GET")
 	BaseRoutes.PostsForChannel.Handle("", ApiSessionRequired(getPostsForChannel)).Methods("GET")
 
 	BaseRoutes.Team.Handle("/posts/search", ApiSessionRequired(searchPosts)).Methods("POST")
@@ -174,3 +175,26 @@ func searchPosts(c *Context, w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
 	w.Write([]byte(posts.ToJson()))
 }
+
+func getFileInfosForPost(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequirePostId()
+	if c.Err != nil {
+		return
+	}
+
+	if !app.SessionHasPermissionToChannelByPost(c.Session, c.Params.PostId, model.PERMISSION_READ_CHANNEL) {
+		c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
+		return
+	}
+
+	if infos, err := app.GetFileInfosForPost(c.Params.PostId, false); err != nil {
+		c.Err = err
+		return
+	} else if HandleEtag(model.GetEtagForFileInfos(infos), "Get File Infos For Post", w, r) {
+		return
+	} else {
+		w.Header().Set("Cache-Control", "max-age=2592000, public")
+		w.Header().Set(model.HEADER_ETAG_SERVER, model.GetEtagForFileInfos(infos))
+		w.Write([]byte(model.FileInfosToJson(infos)))
+	}
+}
diff --git a/api4/post_test.go b/api4/post_test.go
index 5c224cb06..67f815b7f 100644
--- a/api4/post_test.go
+++ b/api4/post_test.go
@@ -504,3 +504,63 @@ func TestSearchPostsFromUser(t *testing.T) {
 		t.Fatalf("wrong number of posts returned %v", len(posts.Order))
 	}
 }
+
+func TestGetFileInfosForPost(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+
+	fileIds := make([]string, 3, 3)
+	if data, err := readTestFile("test.png"); err != nil {
+		t.Fatal(err)
+	} else {
+		for i := 0; i < 3; i++ {
+			fileResp, _ := Client.UploadFile(data, th.BasicChannel.Id, "test.png")
+			fileIds[i] = fileResp.FileInfos[0].Id
+		}
+	}
+
+	post := &model.Post{ChannelId: th.BasicChannel.Id, Message: "a" + model.NewId() + "a", FileIds: fileIds}
+	post, _ = Client.CreatePost(post)
+
+	infos, resp := Client.GetFileInfosForPost(post.Id, "")
+	CheckNoError(t, resp)
+
+	if len(infos) != 3 {
+		t.Fatal("missing file infos")
+	}
+
+	found := false
+	for _, info := range infos {
+		if info.Id == fileIds[0] {
+			found = true
+		}
+	}
+
+	if !found {
+		t.Fatal("missing file info")
+	}
+
+	infos, resp = Client.GetFileInfosForPost(post.Id, resp.Etag)
+	CheckEtag(t, infos, resp)
+
+	infos, resp = Client.GetFileInfosForPost(th.BasicPost.Id, "")
+	CheckNoError(t, resp)
+
+	if len(infos) != 0 {
+		t.Fatal("should have no file infos")
+	}
+
+	_, resp = Client.GetFileInfosForPost("junk", "")
+	CheckBadRequestStatus(t, resp)
+
+	_, resp = Client.GetFileInfosForPost(model.NewId(), "")
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	_, resp = Client.GetFileInfosForPost(model.NewId(), "")
+	CheckUnauthorizedStatus(t, resp)
+
+	_, resp = th.SystemAdminClient.GetFileInfosForPost(th.BasicPost.Id, "")
+	CheckNoError(t, resp)
+}