Merge branch 'master' into PLT-12-log

8 files changed, 30 insertions, 17 deletions

diff --git a/api/channel.go b/api/channel.go
index b40366719..63acaa8d1 100644
--- a/api/channel.go
+++ b/api/channel.go
@@ -191,7 +191,7 @@ func updateChannel(c *Context, w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) {
+		if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
 			c.Err = model.NewAppError("updateChannel", "You do not have the appropriate permissions", "")
 			c.Err.StatusCode = http.StatusForbidden
 			return
@@ -514,7 +514,7 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) {
+		if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
 			c.Err = model.NewAppError("deleteChannel", "You do not have the appropriate permissions", "")
 			c.Err.StatusCode = http.StatusForbidden
 			return
@@ -756,7 +756,7 @@ func removeChannelMember(c *Context, w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) {
+		if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
 			c.Err = model.NewAppError("updateChannel", "You do not have the appropriate permissions ", "")
 			c.Err.StatusCode = http.StatusForbidden
 			return
diff --git a/api/context.go b/api/context.go
index ea5677f95..fc7d8f23d 100644
--- a/api/context.go
+++ b/api/context.go
@@ -106,6 +106,9 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	if !h.isApi {
 		w.Header().Set("X-Frame-Options", "DENY")
 		w.Header().Set("Content-Security-Policy", "frame-ancestors none")
+	} else {
+		// All api response bodies will be JSON formatted
+		w.Header().Set("Content-Type", "application/json")
 	}
 
 	sessionId := ""
@@ -308,7 +311,7 @@ func (c *Context) IsTeamAdmin(userId string) bool {
 		return false
 	} else {
 		user := uresult.Data.(*model.User)
-		return model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) && user.TeamId == c.Session.TeamId
+		return model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && user.TeamId == c.Session.TeamId
 	}
 }
 
diff --git a/api/file.go b/api/file.go
index 1d8244fac..692558acf 100644
--- a/api/file.go
+++ b/api/file.go
@@ -349,6 +349,7 @@ func getFile(c *Context, w http.ResponseWriter, r *http.Request) {
 
 	w.Header().Set("Cache-Control", "max-age=2592000, public")
 	w.Header().Set("Content-Length", strconv.Itoa(len(f)))
+	w.Header().Set("Content-Type", "") // need to provide proper Content-Type in the future
 	w.Write(f)
 }
 
diff --git a/api/post.go b/api/post.go
index f969dd031..bd31e0210 100644
--- a/api/post.go
+++ b/api/post.go
@@ -716,7 +716,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		if post.UserId != c.Session.UserId && !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) {
+		if post.UserId != c.Session.UserId && !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
 			c.Err = model.NewAppError("deletePost", "You do not have the appropriate permissions", "")
 			c.Err.StatusCode = http.StatusForbidden
 			return
diff --git a/api/slackimport.go b/api/slackimport.go
index 1d037a934..4e6c01dbb 100644
--- a/api/slackimport.go
+++ b/api/slackimport.go
@@ -50,6 +50,15 @@ func SlackConvertTimeStamp(ts string) int64 {
 	return timeStamp * 1000 // Convert to milliseconds
 }
 
+func SlackConvertChannelName(channelName string) string {
+	newName := strings.Trim(channelName, "_-")
+	if len(newName) == 1 {
+		return "slack-channel-" + newName
+	}
+
+	return newName
+}
+
 func SlackParseChannels(data io.Reader) []SlackChannel {
 	decoder := json.NewDecoder(data)
 
@@ -172,7 +181,7 @@ func SlackAddChannels(teamId string, slackchannels []SlackChannel, posts map[str
 			TeamId:      teamId,
 			Type:        model.CHANNEL_OPEN,
 			DisplayName: sChannel.Name,
-			Name:        sChannel.Name,
+			Name:        SlackConvertChannelName(sChannel.Name),
 			Description: sChannel.Topic["value"],
 		}
 		mChannel := ImportChannel(&newChannel)
diff --git a/api/team.go b/api/team.go
index 9288b86cb..8258fa929 100644
--- a/api/team.go
+++ b/api/team.go
@@ -477,7 +477,7 @@ func InviteMembers(c *Context, team *model.Team, user *model.User, invites []str
 			sender := user.GetDisplayName()
 
 			senderRole := ""
-			if model.IsInRole(user.Roles, model.ROLE_ADMIN) || model.IsInRole(user.Roles, model.ROLE_SYSTEM_ADMIN) {
+			if model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) || model.IsInRole(user.Roles, model.ROLE_SYSTEM_ADMIN) {
 				senderRole = "administrator"
 			} else {
 				senderRole = "member"
@@ -536,7 +536,7 @@ func updateTeamDisplayName(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) {
+	if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
 		c.Err = model.NewAppError("updateTeamDisplayName", "You do not have the appropriate permissions", "userId="+c.Session.UserId)
 		c.Err.StatusCode = http.StatusForbidden
 		return
@@ -576,7 +576,7 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) {
+	if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) {
 		c.Err = model.NewAppError("updateValetFeature", "You do not have the appropriate permissions", "userId="+c.Session.UserId)
 		c.Err.StatusCode = http.StatusForbidden
 		return
diff --git a/api/user.go b/api/user.go
index f32bbbe13..c87b89c7a 100644
--- a/api/user.go
+++ b/api/user.go
@@ -170,7 +170,7 @@ func CreateUser(c *Context, team *model.Team, user *model.User) *model.User {
 
 	channelRole := ""
 	if team.Email == user.Email {
-		user.Roles = model.ROLE_ADMIN
+		user.Roles = model.ROLE_TEAM_ADMIN
 		channelRole = model.CHANNEL_ROLE_ADMIN
 	} else {
 		user.Roles = ""
@@ -945,7 +945,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) && !c.IsSystemAdmin() {
+	if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() {
 		c.Err = model.NewAppError("updateRoles", "You do not have the appropriate permissions", "userId="+user_id)
 		c.Err.StatusCode = http.StatusForbidden
 		return
@@ -984,7 +984,7 @@ func UpdateRoles(c *Context, user *model.User, roles string) *model.User {
 	// make sure there is at least 1 other active admin
 
 	if !model.IsInRole(roles, model.ROLE_SYSTEM_ADMIN) {
-		if model.IsInRole(user.Roles, model.ROLE_ADMIN) && !model.IsInRole(roles, model.ROLE_ADMIN) {
+		if model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) && !model.IsInRole(roles, model.ROLE_TEAM_ADMIN) {
 			if result := <-Srv.Store.User().GetProfiles(user.TeamId); result.Err != nil {
 				c.Err = result.Err
 				return nil
@@ -992,7 +992,7 @@ func UpdateRoles(c *Context, user *model.User, roles string) *model.User {
 				activeAdmins := -1
 				profileUsers := result.Data.(map[string]*model.User)
 				for _, profileUser := range profileUsers {
-					if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_ADMIN) {
+					if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_TEAM_ADMIN) {
 						activeAdmins = activeAdmins + 1
 					}
 				}
@@ -1042,14 +1042,14 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) && !c.IsSystemAdmin() {
+	if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() {
 		c.Err = model.NewAppError("updateActive", "You do not have the appropriate permissions", "userId="+user_id)
 		c.Err.StatusCode = http.StatusForbidden
 		return
 	}
 
 	// make sure there is at least 1 other active admin
-	if !active && model.IsInRole(user.Roles, model.ROLE_ADMIN) {
+	if !active && model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) {
 		if result := <-Srv.Store.User().GetProfiles(user.TeamId); result.Err != nil {
 			c.Err = result.Err
 			return
@@ -1057,7 +1057,7 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) {
 			activeAdmins := -1
 			profileUsers := result.Data.(map[string]*model.User)
 			for _, profileUser := range profileUsers {
-				if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_ADMIN) {
+				if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_TEAM_ADMIN) {
 					activeAdmins = activeAdmins + 1
 				}
 			}
diff --git a/api/user_test.go b/api/user_test.go
index 8c037fdf3..fe5a4a27f 100644
--- a/api/user_test.go
+++ b/api/user_test.go
@@ -509,7 +509,7 @@ func TestUserUpdate(t *testing.T) {
 	user.TeamId = "12345678901234567890123456"
 	user.LastActivityAt = time2
 	user.LastPingAt = time2
-	user.Roles = model.ROLE_ADMIN
+	user.Roles = model.ROLE_TEAM_ADMIN
 	user.LastPasswordUpdate = 123
 
 	if result, err := Client.UpdateUser(user); err != nil {