MM-12013: Fix post-permission checks to cascade for DM/GM channels. (#9476)

author: George Goldberg <george@gberg.me> 2018-09-27 20:15:47 +0100
committer: Christopher Speller <crspeller@gmail.com> 2018-09-27 12:15:47 -0700
commit: cad806703d06d8996a98b19bec353bce255ae6a1 (patch)
tree: 0ba7f4ff652eb12cd6054dda173f5598dee2cdce /app/authorization.go
parent: 45464234277394c9debd272749552ed4c312c908 (diff)
download: chat-cad806703d06d8996a98b19bec353bce255ae6a1.tar.gz
chat-cad806703d06d8996a98b19bec353bce255ae6a1.tar.bz2
chat-cad806703d06d8996a98b19bec353bce255ae6a1.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/app/authorization.go b/app/authorization.go
index 9d4714ba1..3310237c6 100644
--- a/app/authorization.go
+++ b/app/authorization.go
@@ -74,7 +74,9 @@ func (a *App) SessionHasPermissionToChannelByPost(session model.Session, postId
 
 	if result := <-a.Srv.Store.Channel().GetForPost(postId); result.Err == nil {
 		channel := result.Data.(*model.Channel)
-		return a.SessionHasPermissionToTeam(session, channel.TeamId, permission)
+		if channel.TeamId != "" {
+			return a.SessionHasPermissionToTeam(session, channel.TeamId, permission)
+		}
 	}
 
 	return a.SessionHasPermissionTo(session, permission)
author	George Goldberg <george@gberg.me>	2018-09-27 20:15:47 +0100
committer	Christopher Speller <crspeller@gmail.com>	2018-09-27 12:15:47 -0700
commit	cad806703d06d8996a98b19bec353bce255ae6a1 (patch)
tree	0ba7f4ff652eb12cd6054dda173f5598dee2cdce /app/authorization.go
parent	45464234277394c9debd272749552ed4c312c908 (diff)
download	chat-cad806703d06d8996a98b19bec353bce255ae6a1.tar.gz chat-cad806703d06d8996a98b19bec353bce255ae6a1.tar.bz2 chat-cad806703d06d8996a98b19bec353bce255ae6a1.zip