diff options
| author | Jonathan <jonfritz@gmail.com> | 2017-08-09 09:34:09 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-08-09 09:34:09 -0400 |
| commit | fd6856b674cc24deb708f2cd36c247662ee10bc7 (patch) | |
| tree | 7c47d2468d894d7867fda71f0f6ac252832dd728 /api | |
| parent | 6b741c4cea36f54b8f20c4a3e5871f00123db185 (diff) | |
| download | chat-fd6856b674cc24deb708f2cd36c247662ee10bc7.tar.gz chat-fd6856b674cc24deb708f2cd36c247662ee10bc7.tar.bz2 chat-fd6856b674cc24deb708f2cd36c247662ee10bc7.zip | |
PLT-7206: Remove the "Delete Channel" option for private channels if you're the last channel member and policy setting restricts channel deletion (#7050)
* PLT-7206: UI changes. Removed last user in channel loophole, refactored code to clean it up, added differentiated support for public and private channels, added unit tests. Still need to implement server-side checks
* PLT-7206: All helper methods in channel_utils.jsx now accept the same three boolean variables in the same order and use the same boolean logic to check their values.
* PLT-7206: Added unit tests for showManagementOptions(...)
* PLT-7206: Fixed test case descriptions
* Added unit tests for showCreateOption(...)
* PLT-7206: Added unit tests for canManageMembers(...)
* PLT-7206: Removed last person in channel loophole from server-side code
* PLT-7206: Reverted config.json
* PLT-7206: Fixed double negatives in unit test names
* PLT-7206: PR feedback - Removed confusing comment and unused variable
Diffstat (limited to 'api')
| -rw-r--r-- | api/channel.go | 19 | ||||
| -rw-r--r-- | api/channel_test.go | 5 |
2 files changed, 7 insertions, 17 deletions
diff --git a/api/channel.go b/api/channel.go index 2a56e7c93..50dc840ff 100644 --- a/api/channel.go +++ b/api/channel.go @@ -448,23 +448,14 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } - var memberCount int64 - if memberCount, err = app.GetChannelMemberCount(id); err != nil { - c.Err = err + if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) { + c.SetPermissionError(model.PERMISSION_DELETE_PUBLIC_CHANNEL) return } - // Allow delete if user is the only member left in channel - if memberCount > 1 { - if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) { - c.SetPermissionError(model.PERMISSION_DELETE_PUBLIC_CHANNEL) - return - } - - if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) { - c.SetPermissionError(model.PERMISSION_DELETE_PRIVATE_CHANNEL) - return - } + if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) { + c.SetPermissionError(model.PERMISSION_DELETE_PRIVATE_CHANNEL) + return } err = app.DeleteChannel(channel, c.Session.UserId) diff --git a/api/channel_test.go b/api/channel_test.go index 6ed4d55fa..bdb62677f 100644 --- a/api/channel_test.go +++ b/api/channel_test.go @@ -1476,9 +1476,8 @@ func TestDeleteChannel(t *testing.T) { t.Fatal("should have errored not system admin") } - // Only one left in channel, should be able to delete - if _, err := Client.DeleteChannel(channel4.Id); err != nil { - t.Fatal(err) + if _, err := Client.DeleteChannel(channel4.Id); err == nil { + t.Fatal("Should not be able to delete channel, even though only one user is left") } th.LoginSystemAdmin() |