diff options
author | George Goldberg <george@gberg.me> | 2018-07-06 09:07:36 +0100 |
---|---|---|
committer | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2018-07-06 10:07:36 +0200 |
commit | 0896b5c64ef224f0f8835b9727d1c1b94cbe7c29 (patch) | |
tree | 4ead8f6f96b730471fafac211a5f03ee0bc06eeb /app | |
parent | 8d3ea1bbf6f6ef6164d26b6801c46cfe7f936fa1 (diff) | |
download | chat-0896b5c64ef224f0f8835b9727d1c1b94cbe7c29.tar.gz chat-0896b5c64ef224f0f8835b9727d1c1b94cbe7c29.tar.bz2 chat-0896b5c64ef224f0f8835b9727d1c1b94cbe7c29.zip |
MM-11106: Allow systeadmin webook to post to read only town square. (#9051)
Diffstat (limited to 'app')
-rw-r--r-- | app/webhook.go | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/app/webhook.go b/app/webhook.go index c887fec97..8926c94a8 100644 --- a/app/webhook.go +++ b/app/webhook.go @@ -587,6 +587,8 @@ func (a *App) HandleIncomingWebhook(hookId string, req *model.IncomingWebhookReq hook = result.Data.(*model.IncomingWebhook) } + uchan := a.Srv.Store.User().Get(hook.UserId) + if len(req.Props) == 0 { req.Props = make(model.StringInterface) } @@ -637,8 +639,15 @@ func (a *App) HandleIncomingWebhook(hookId string, req *model.IncomingWebhookReq return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.channel_locked.app_error", nil, "", http.StatusForbidden) } + var user *model.User + if result := <-uchan; result.Err != nil { + return model.NewAppError("HandleIncomingWebhook", "web.incoming_webhook.user.app_error", nil, "err="+result.Err.Message, http.StatusForbidden) + } else { + user = result.Data.(*model.User) + } + if a.License() != nil && *a.Config().TeamSettings.ExperimentalTownSquareIsReadOnly && - channel.Name == model.DEFAULT_CHANNEL { + channel.Name == model.DEFAULT_CHANNEL && !a.RolesGrantPermission(user.GetRoles(), model.PERMISSION_MANAGE_SYSTEM.Id) { return model.NewAppError("HandleIncomingWebhook", "api.post.create_post.town_square_read_only", nil, "", http.StatusForbidden) } |