diff options
author | cpanato <ctadeu@gmail.com> | 2018-07-06 10:57:40 +0200 |
---|---|---|
committer | cpanato <ctadeu@gmail.com> | 2018-07-06 10:57:40 +0200 |
commit | a92f5addccad0f77079308ff853a8251db5f2d09 (patch) | |
tree | f4aefb58970b38a5b561551ccd3d4cd430dbdce7 /app/webhook.go | |
parent | 4de50ddfc3ef09ddc0a56c8ff9bf2429df524aa5 (diff) | |
parent | 0896b5c64ef224f0f8835b9727d1c1b94cbe7c29 (diff) | |
download | chat-a92f5addccad0f77079308ff853a8251db5f2d09.tar.gz chat-a92f5addccad0f77079308ff853a8251db5f2d09.tar.bz2 chat-a92f5addccad0f77079308ff853a8251db5f2d09.zip |
Merge remote-tracking branch 'upstream/release-5.1' into release-5.1-daily-merge-20180706
Diffstat (limited to 'app/webhook.go')
-rw-r--r-- | app/webhook.go | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/app/webhook.go b/app/webhook.go index c887fec97..8926c94a8 100644 --- a/app/webhook.go +++ b/app/webhook.go @@ -587,6 +587,8 @@ func (a *App) HandleIncomingWebhook(hookId string, req *model.IncomingWebhookReq hook = result.Data.(*model.IncomingWebhook) } + uchan := a.Srv.Store.User().Get(hook.UserId) + if len(req.Props) == 0 { req.Props = make(model.StringInterface) } @@ -637,8 +639,15 @@ func (a *App) HandleIncomingWebhook(hookId string, req *model.IncomingWebhookReq return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.channel_locked.app_error", nil, "", http.StatusForbidden) } + var user *model.User + if result := <-uchan; result.Err != nil { + return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.user.app_error", nil, "err="+result.Err.Message, http.StatusForbidden) + } else { + user = result.Data.(*model.User) + } + if a.License() != nil && *a.Config().TeamSettings.ExperimentalTownSquareIsReadOnly && - channel.Name == model.DEFAULT_CHANNEL { + channel.Name == model.DEFAULT_CHANNEL && !a.RolesGrantPermission(user.GetRoles(), model.PERMISSION_MANAGE_SYSTEM.Id) { return model.NewAppError("HandleIncomingWebhook", "api.post.create_post.town_square_read_only", nil, "", http.StatusForbidden) } |