MM-11194: Fix channel header slash command. (#9057)

author: George Goldberg <george@gberg.me> 2018-07-08 10:27:13 +0100
committer: Carlos Tadeu Panato Junior <ctadeu@gmail.com> 2018-07-08 11:27:13 +0200
commit: a840fc285bfead1e5a28b5293e58bdeb8c33f2b6 (patch)
tree: e1422a487cd89db1e79f738514801a26bc6df3d1 /app/command_channel_header.go
parent: 0896b5c64ef224f0f8835b9727d1c1b94cbe7c29 (diff)
download: chat-a840fc285bfead1e5a28b5293e58bdeb8c33f2b6.tar.gz
chat-a840fc285bfead1e5a28b5293e58bdeb8c33f2b6.tar.bz2
chat-a840fc285bfead1e5a28b5293e58bdeb8c33f2b6.zip
1 files changed, 18 insertions, 4 deletions
diff --git a/app/command_channel_header.go b/app/command_channel_header.go
index 63a9250a7..100135f48 100644
--- a/app/command_channel_header.go
+++ b/app/command_channel_header.go
@@ -40,11 +40,25 @@ func (me *HeaderProvider) DoCommand(a *App, args *model.CommandArgs, message str
 		return &model.CommandResponse{Text: args.T("api.command_channel_header.channel.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
 	}
 
-	if channel.Type == model.CHANNEL_OPEN && !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
-		return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
-	}
+	switch channel.Type {
+	case model.CHANNEL_OPEN:
+		if !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
+			return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
+		}
+
+	case model.CHANNEL_PRIVATE:
+		if !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
+			return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
+		}
+
+	case model.CHANNEL_GROUP, model.CHANNEL_DIRECT:
+		// Modifying the header is not linked to any specific permission for group/dm channels, so just check for membership.
+		channelMember, err := a.GetChannelMember(args.ChannelId, args.Session.UserId)
+		if err != nil || channelMember == nil {
+			return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
+		}
 
-	if channel.Type == model.CHANNEL_PRIVATE && !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
+	default:
 		return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL}
 	}
author	George Goldberg <george@gberg.me>	2018-07-08 10:27:13 +0100
committer	Carlos Tadeu Panato Junior <ctadeu@gmail.com>	2018-07-08 11:27:13 +0200
commit	a840fc285bfead1e5a28b5293e58bdeb8c33f2b6 (patch)
tree	e1422a487cd89db1e79f738514801a26bc6df3d1 /app/command_channel_header.go
parent	0896b5c64ef224f0f8835b9727d1c1b94cbe7c29 (diff)
download	chat-a840fc285bfead1e5a28b5293e58bdeb8c33f2b6.tar.gz chat-a840fc285bfead1e5a28b5293e58bdeb8c33f2b6.tar.bz2 chat-a840fc285bfead1e5a28b5293e58bdeb8c33f2b6.zip