diff options
| author | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2018-05-11 17:20:47 +0200 |
|---|---|---|
| committer | Derrick Anderson <derrick@andersonwebstudio.com> | 2018-05-11 11:20:47 -0400 |
| commit | 0dbaa2d032ae42cbf39945df12efb20fc572b559 (patch) | |
| tree | f7562ffe4f32edd47b36849fd7b5c903d0075855 /app/command_invite.go | |
| parent | 21d3b247d9645efa9471877cc36b46de92dc1d09 (diff) | |
| download | chat-0dbaa2d032ae42cbf39945df12efb20fc572b559.tar.gz chat-0dbaa2d032ae42cbf39945df12efb20fc572b559.tar.bz2 chat-0dbaa2d032ae42cbf39945df12efb20fc572b559.zip | |
[MM-10458] Change system response to "Could not find the channel" - bug fix (#8738)
* [MM-10458] Change system response to "Could not find the channel" when trying to invite user to private channel you can't see
* add another check to check if user have permission to add another in pvt channel
Diffstat (limited to 'app/command_invite.go')
| -rw-r--r-- | app/command_invite.go | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/app/command_invite.go b/app/command_invite.go index 4b76c0c45..54cf2da02 100644 --- a/app/command_invite.go +++ b/app/command_invite.go @@ -79,10 +79,18 @@ func (me *InviteProvider) DoCommand(a *App, args *model.CommandArgs, message str return &model.CommandResponse{Text: args.T("api.command_invite.permission.app_error", map[string]interface{}{"User": userProfile.Username, "Channel": channelToJoin.Name}), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} } - if channelToJoin.Type == model.CHANNEL_PRIVATE && !a.SessionHasPermissionToChannel(args.Session, channelToJoin.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) { + // Check if the user who wants to add another is trying to add in a pvt channel, but does not have permission + // but is in the channel + _, err = a.GetChannelMember(channelToJoin.Id, args.UserId) + if channelToJoin.Type == model.CHANNEL_PRIVATE && !a.SessionHasPermissionToChannel(args.Session, channelToJoin.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) && err == nil { return &model.CommandResponse{Text: args.T("api.command_invite.permission.app_error", map[string]interface{}{"User": userProfile.Username, "Channel": channelToJoin.Name}), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} } + // In this case just check if is a pvt channel and user has permission + if channelToJoin.Type == model.CHANNEL_PRIVATE && !a.SessionHasPermissionToChannel(args.Session, channelToJoin.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) { + return &model.CommandResponse{Text: args.T("api.command_invite.private_channel.app_error", map[string]interface{}{"Channel": channelToJoin.Name}), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} + } + // Check if user is already in the channel _, err = a.GetChannelMember(channelToJoin.Id, userProfile.Id) if err == nil { |