add API service to turn on valet feature

1 files changed, 51 insertions, 0 deletions

diff --git a/api/team.go b/api/team.go
index 65f0879ff..40f75ec9e 100644
--- a/api/team.go
+++ b/api/team.go
@@ -29,6 +29,7 @@ func InitTeam(r *mux.Router) {
 	sr.Handle("/email_teams", ApiAppHandler(emailTeams)).Methods("POST")
 	sr.Handle("/invite_members", ApiUserRequired(inviteMembers)).Methods("POST")
 	sr.Handle("/update_name", ApiUserRequired(updateTeamName)).Methods("POST")
+	sr.Handle("/update_valet_feature", ApiUserRequired(updateValetFeature)).Methods("POST")
 }
 
 func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -551,3 +552,53 @@ func updateTeamName(c *Context, w http.ResponseWriter, r *http.Request) {
 
 	w.Write([]byte(model.MapToJson(props)))
 }
+
+func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) {
+
+	props := model.MapFromJson(r.Body)
+
+	allowValetStr := props["allow_valet"]
+	if len(allowValetStr) == 0 {
+		c.SetInvalidParam("updateValetFeature", "allow_valet")
+		return
+	}
+
+	allowValet := allowValetStr == "true"
+
+	teamId := props["team_id"]
+	if len(teamId) > 0 && len(teamId) != 26 {
+		c.SetInvalidParam("updateValetFeature", "team_id")
+		return
+	} else if len(teamId) == 0 {
+		teamId = c.Session.TeamId
+	}
+
+	tchan := Srv.Store.Team().Get(teamId)
+
+	if !c.HasPermissionsToTeam(teamId, "updateValetFeature") {
+		return
+	}
+
+	if !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) {
+		c.Err = model.NewAppError("updateValetFeature", "You do not have the appropriate permissions", "userId="+c.Session.UserId)
+		c.Err.StatusCode = http.StatusForbidden
+		return
+	}
+
+	var team *model.Team
+	if tResult := <-tchan; tResult.Err != nil {
+		c.Err = tResult.Err
+		return
+	} else {
+		team = tResult.Data.(*model.Team)
+	}
+
+	team.AllowValet = allowValet
+
+	if result := <-Srv.Store.Team().Update(team); result.Err != nil {
+		c.Err = result.Err
+		return
+	}
+
+	w.Write([]byte(model.MapToJson(props)))
+}