diff options
author | Brian Olecki <bolecki019@gmail.com> | 2016-11-15 10:43:16 -0500 |
---|---|---|
committer | enahum <nahumhbl@gmail.com> | 2016-11-15 12:43:16 -0300 |
commit | 6297922ab9561dbf774ab5d51619abfc4a411e40 (patch) | |
tree | 84bbced4d8282f5e8af957164d6e92ae50238011 /api | |
parent | 1f241af48a9554b6865d1ac79b4261341ab9b3f3 (diff) | |
download | chat-6297922ab9561dbf774ab5d51619abfc4a411e40.tar.gz chat-6297922ab9561dbf774ab5d51619abfc4a411e40.tar.bz2 chat-6297922ab9561dbf774ab5d51619abfc4a411e40.zip |
Add support for editing slash commands (#4335)
Diffstat (limited to 'api')
-rw-r--r-- | api/command.go | 60 | ||||
-rw-r--r-- | api/command_test.go | 39 |
2 files changed, 99 insertions, 0 deletions
diff --git a/api/command.go b/api/command.go index e71661a67..ff0f72149 100644 --- a/api/command.go +++ b/api/command.go @@ -45,6 +45,7 @@ func InitCommand() { BaseRoutes.Commands.Handle("/list", ApiUserRequired(listCommands)).Methods("GET") BaseRoutes.Commands.Handle("/create", ApiUserRequired(createCommand)).Methods("POST") + BaseRoutes.Commands.Handle("/update", ApiUserRequired(updateCommand)).Methods("POST") BaseRoutes.Commands.Handle("/list_team_commands", ApiUserRequired(listTeamCommands)).Methods("GET") BaseRoutes.Commands.Handle("/regen_token", ApiUserRequired(regenCommandToken)).Methods("POST") BaseRoutes.Commands.Handle("/delete", ApiUserRequired(deleteCommand)).Methods("POST") @@ -319,6 +320,65 @@ func createCommand(c *Context, w http.ResponseWriter, r *http.Request) { } } +func updateCommand(c *Context, w http.ResponseWriter, r *http.Request) { + if !*utils.Cfg.ServiceSettings.EnableCommands { + c.Err = model.NewLocAppError("updateCommand", "api.command.disabled.app_error", nil, "") + c.Err.StatusCode = http.StatusNotImplemented + return + } + + if !HasPermissionToCurrentTeamContext(c, model.PERMISSION_MANAGE_SLASH_COMMANDS) { + c.Err = model.NewLocAppError("updateCommand", "api.command.admin_only.app_error", nil, "") + c.Err.StatusCode = http.StatusForbidden + return + } + + c.LogAudit("attempt") + + cmd := model.CommandFromJson(r.Body) + + if cmd == nil { + c.SetInvalidParam("updateCommand", "command") + return + } + + cmd.Trigger = strings.ToLower(cmd.Trigger) + + var oldCmd *model.Command + if result := <-Srv.Store.Command().Get(cmd.Id); result.Err != nil { + c.Err = result.Err + return + } else { + oldCmd = result.Data.(*model.Command) + + if c.Session.UserId != oldCmd.CreatorId && !HasPermissionToCurrentTeamContext(c, model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS) { + c.LogAudit("fail - inappropriate permissions") + c.Err = model.NewLocAppError("updateCommand", "api.command.update.app_error", nil, "user_id="+c.Session.UserId) + return + } + + if c.TeamId != oldCmd.TeamId { + c.Err = model.NewLocAppError("updateCommand", "api.command.team_mismatch.app_error", nil, "user_id="+c.Session.UserId) + return + } + + cmd.Id = oldCmd.Id + cmd.Token = oldCmd.Token + cmd.CreateAt = oldCmd.CreateAt + cmd.UpdateAt = model.GetMillis() + cmd.DeleteAt = oldCmd.DeleteAt + cmd.CreatorId = oldCmd.CreatorId + cmd.TeamId = oldCmd.TeamId + } + + if result := <-Srv.Store.Command().Update(cmd); result.Err != nil { + c.Err = result.Err + return + } else { + w.Write([]byte(result.Data.(*model.Command).ToJson())) + } +} + func listTeamCommands(c *Context, w http.ResponseWriter, r *http.Request) { if !*utils.Cfg.ServiceSettings.EnableCommands { c.Err = model.NewLocAppError("listTeamCommands", "api.command.disabled.app_error", nil, "") diff --git a/api/command_test.go b/api/command_test.go index 7a78d350d..45268a9a5 100644 --- a/api/command_test.go +++ b/api/command_test.go @@ -120,6 +120,45 @@ func TestListTeamCommands(t *testing.T) { } } +func TestUpdateCommand(t *testing.T) { + th := Setup().InitSystemAdmin() + Client := th.SystemAdminClient + user := th.SystemAdminUser + team := th.SystemAdminTeam + + enableCommands := *utils.Cfg.ServiceSettings.EnableCommands + defer func() { + utils.Cfg.ServiceSettings.EnableCommands = &enableCommands + }() + *utils.Cfg.ServiceSettings.EnableCommands = true + + cmd1 := &model.Command{ + CreatorId: user.Id, + TeamId: team.Id, + URL: "http://nowhere.com", + Method: model.COMMAND_METHOD_POST, + Trigger: "trigger"} + + cmd1 = Client.Must(Client.CreateCommand(cmd1)).Data.(*model.Command) + + cmd2 := &model.Command{ + CreatorId: user.Id, + TeamId: team.Id, + URL: "http://nowhere.com", + Method: model.COMMAND_METHOD_POST, + Trigger: "trigger2", + Token: cmd1.Token, + Id: cmd1.Id} + + if result, err := Client.UpdateCommand(cmd2); err != nil { + t.Fatal(err) + } else { + if result.Data.(*model.Command).Trigger == cmd1.Trigger { + t.Fatal("update didn't work properly") + } + } +} + func TestRegenToken(t *testing.T) { th := Setup().InitSystemAdmin() Client := th.SystemAdminClient |