diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-01-25 09:32:42 -0500 |
---|---|---|
committer | Harrison Healey <harrisonmhealey@gmail.com> | 2017-01-25 09:32:42 -0500 |
commit | d245b29f82a03f1aff966a2fb2100a5703d82f32 (patch) | |
tree | cf204039af74fa2579e0291e9e595f08411b0a7a /app/authorization.go | |
parent | 8ed665cb76c0763e83a2949c4bdd70153baf72f7 (diff) | |
download | chat-d245b29f82a03f1aff966a2fb2100a5703d82f32.tar.gz chat-d245b29f82a03f1aff966a2fb2100a5703d82f32.tar.bz2 chat-d245b29f82a03f1aff966a2fb2100a5703d82f32.zip |
More app code migration (#5170)
* Migrate admin functions into app package
* More user function refactoring
* Move post functions into app package
Diffstat (limited to 'app/authorization.go')
-rw-r--r-- | app/authorization.go | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/app/authorization.go b/app/authorization.go index 0f48b3c9d..b43d64341 100644 --- a/app/authorization.go +++ b/app/authorization.go @@ -83,6 +83,19 @@ func SessionHasPermissionToUser(session model.Session, userId string) bool { return false } +func SessionHasPermissionToPost(session model.Session, postId string, permission *model.Permission) bool { + post, err := GetSinglePost(postId) + if err != nil { + return false + } + + if post.UserId == session.UserId { + return true + } + + return SessionHasPermissionToChannel(session, post.ChannelId, permission) +} + func HasPermissionTo(askingUserId string, permission *model.Permission) bool { user, err := GetUser(askingUserId) if err != nil { @@ -135,6 +148,24 @@ func HasPermissionToChannel(askingUserId string, channelId string, permission *m return HasPermissionTo(askingUserId, permission) } +func HasPermissionToChannelByPost(askingUserId string, postId string, permission *model.Permission) bool { + var channelMember *model.ChannelMember + if result := <-Srv.Store.Channel().GetMemberForPost(postId, askingUserId); result.Err == nil { + channelMember = result.Data.(*model.ChannelMember) + + if CheckIfRolesGrantPermission(channelMember.GetRoles(), permission.Id) { + return true + } + } + + if result := <-Srv.Store.Channel().GetForPost(postId); result.Err == nil { + channel := result.Data.(*model.Channel) + return HasPermissionToTeam(askingUserId, channel.TeamId, permission) + } + + return HasPermissionTo(askingUserId, permission) +} + func HasPermissionToUser(askingUserId string, userId string) bool { if askingUserId == userId { return true |