6 files changed, 196 insertions, 3 deletions
diff --git a/api4/apitestlib.go b/api4/apitestlib.go
index 6d1822ae9..c6c1dfa94 100644
--- a/api4/apitestlib.go
+++ b/api4/apitestlib.go
@@ -380,6 +380,16 @@ func CheckUserSanitization(t *testing.T, user *model.User) {
 	}
 }
 
+func CheckTeamSanitization(t *testing.T, team *model.Team) {
+	if team.Email != "" {
+		t.Fatal("email wasn't blank")
+	}
+
+	if team.AllowedDomains != "" {
+		t.Fatal("'allowed domains' wasn't blank")
+	}
+}
+
 func CheckEtag(t *testing.T, data interface{}, resp *model.Response) {
 	if !reflect.ValueOf(data).IsNil() {
 		debug.PrintStack()
diff --git a/api4/team.go b/api4/team.go
index 26fff7ce1..a9be5c8ab 100644
--- a/api4/team.go
+++ b/api4/team.go
@@ -22,6 +22,7 @@ func InitTeam() {
 
 	BaseRoutes.Team.Handle("", ApiSessionRequired(getTeam)).Methods("GET")
 	BaseRoutes.Team.Handle("", ApiSessionRequired(updateTeam)).Methods("PUT")
+	BaseRoutes.Team.Handle("/patch", ApiSessionRequired(patchTeam)).Methods("PUT")
 	BaseRoutes.Team.Handle("/stats", ApiSessionRequired(getTeamStats)).Methods("GET")
 	BaseRoutes.TeamMembers.Handle("", ApiSessionRequired(getTeamMembers)).Methods("GET")
 	BaseRoutes.TeamMembers.Handle("/ids", ApiSessionRequired(getTeamMembersByIds)).Methods("POST")
@@ -127,6 +128,35 @@ func updateTeam(c *Context, w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(updatedTeam.ToJson()))
 }
 
+func patchTeam(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireTeamId()
+	if c.Err != nil {
+		return
+	}
+
+	team := model.TeamPatchFromJson(r.Body)
+
+	if team == nil {
+		c.SetInvalidParam("team")
+		return
+	}
+
+	if !app.SessionHasPermissionToTeam(c.Session, c.Params.TeamId, model.PERMISSION_MANAGE_TEAM) {
+		c.SetPermissionError(model.PERMISSION_MANAGE_TEAM)
+		return
+	}
+
+	patchedTeam, err := app.PatchTeam(c.Params.TeamId, team)
+
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	c.LogAudit("")
+	w.Write([]byte(patchedTeam.ToJson()))
+}
+
 func getTeamsForUser(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequireUserId()
 	if c.Err != nil {
diff --git a/api4/team_test.go b/api4/team_test.go
index 2076a8c1d..1f1e031b3 100644
--- a/api4/team_test.go
+++ b/api4/team_test.go
@@ -247,6 +247,75 @@ func TestUpdateTeam(t *testing.T) {
 	CheckNoError(t, resp)
 }
 
+func TestPatchTeam(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+
+	team := &model.Team{DisplayName: "Name", Description: "Some description", CompanyName: "Some company name", AllowOpenInvite: false, InviteId: "inviteid0", Name: "z-z-" + model.NewId() + "a", Email: "success+" + model.NewId() + "@simulator.amazonses.com", Type: model.TEAM_OPEN}
+	team, _ = Client.CreateTeam(team)
+
+	patch := &model.TeamPatch{}
+
+	patch.DisplayName = new(string)
+	*patch.DisplayName = "Other name"
+	patch.Description = new(string)
+	*patch.Description = "Other description"
+	patch.CompanyName = new(string)
+	*patch.CompanyName = "Other company name"
+	patch.InviteId = new(string)
+	*patch.InviteId = "inviteid1"
+	patch.AllowOpenInvite = new(bool)
+	*patch.AllowOpenInvite = true
+
+	rteam, resp := Client.PatchTeam(team.Id, patch)
+	CheckNoError(t, resp)
+	CheckTeamSanitization(t, rteam)
+
+	if rteam.DisplayName != "Other name" {
+		t.Fatal("DisplayName did not update properly")
+	}
+	if rteam.Description != "Other description" {
+		t.Fatal("Description did not update properly")
+	}
+	if rteam.CompanyName != "Other company name" {
+		t.Fatal("CompanyName did not update properly")
+	}
+	if rteam.InviteId != "inviteid1" {
+		t.Fatal("InviteId did not update properly")
+	}
+	if rteam.AllowOpenInvite != true {
+		t.Fatal("AllowOpenInvite did not update properly")
+	}
+
+	_, resp = Client.PatchTeam("junk", patch)
+	CheckBadRequestStatus(t, resp)
+
+	_, resp = Client.PatchTeam(GenerateTestId(), patch)
+	CheckForbiddenStatus(t, resp)
+
+	if r, err := Client.DoApiPut("/teams/"+team.Id+"/patch", "garbage"); err == nil {
+		t.Fatal("should have errored")
+	} else {
+		if r.StatusCode != http.StatusBadRequest {
+			t.Log("actual: " + strconv.Itoa(r.StatusCode))
+			t.Log("expected: " + strconv.Itoa(http.StatusBadRequest))
+			t.Fatal("wrong status code")
+		}
+	}
+
+	Client.Logout()
+	_, resp = Client.PatchTeam(team.Id, patch)
+	CheckUnauthorizedStatus(t, resp)
+
+	th.LoginBasic2()
+	_, resp = Client.PatchTeam(team.Id, patch)
+	CheckForbiddenStatus(t, resp)
+
+	_, resp = th.SystemAdminClient.PatchTeam(team.Id, patch)
+	CheckNoError(t, resp)
+}
+
 func TestGetAllTeams(t *testing.T) {
 	th := Setup().InitBasic().InitSystemAdmin()
 	defer TearDown()
diff --git a/app/team.go b/app/team.go
index 0de6cffc4..dbff5ffac 100644
--- a/app/team.go
+++ b/app/team.go
@@ -100,13 +100,37 @@ func UpdateTeam(team *model.Team) (*model.Team, *model.AppError) {
 
 	oldTeam.Sanitize()
 
-	message := model.NewWebSocketEvent(model.WEBSOCKET_EVENT_UPDATE_TEAM, "", "", "", nil)
-	message.Add("team", oldTeam.ToJson())
-	go Publish(message)
+	sendUpdatedTeamEvent(oldTeam)
 
 	return oldTeam, nil
 }
 
+func PatchTeam(teamId string, patch *model.TeamPatch) (*model.Team, *model.AppError) {
+	team, err := GetTeam(teamId)
+	if err != nil {
+		return nil, err
+	}
+
+	team.Patch(patch)
+
+	updatedTeam, err := UpdateTeam(team)
+	if err != nil {
+		return nil, err
+	}
+
+	updatedTeam.Sanitize()
+
+	sendUpdatedTeamEvent(updatedTeam)
+
+	return updatedTeam, nil
+}
+
+func sendUpdatedTeamEvent(team *model.Team) {
+	message := model.NewWebSocketEvent(model.WEBSOCKET_EVENT_UPDATE_TEAM, "", "", "", nil)
+	message.Add("team", team.ToJson())
+	go Publish(message)
+}
+
 func UpdateTeamMemberRoles(teamId string, userId string, newRoles string) (*model.TeamMember, *model.AppError) {
 	var member *model.TeamMember
 	if result := <-Srv.Store.Team().GetTeamsForUser(userId); result.Err != nil {
diff --git a/model/client4.go b/model/client4.go
index 31b754bd3..214c31865 100644
--- a/model/client4.go
+++ b/model/client4.go
@@ -781,6 +781,16 @@ func (c *Client4) UpdateTeam(team *Team) (*Team, *Response) {
 	}
 }
 
+// PatchTeam partially updates a team. Any missing fields are not updated.
+func (c *Client4) PatchTeam(teamId string, patch *TeamPatch) (*Team, *Response) {
+	if r, err := c.DoApiPut(c.GetTeamRoute(teamId)+"/patch", patch.ToJson()); err != nil {
+		return nil, &Response{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return TeamFromJson(r.Body), BuildResponse(r)
+	}
+}
+
 // GetTeamMembers returns team members based on the provided team id string.
 func (c *Client4) GetTeamMembers(teamId string, page int, perPage int, etag string) ([]*TeamMember, *Response) {
 	query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage)
diff --git a/model/team.go b/model/team.go
index 99444bc5e..458f71e95 100644
--- a/model/team.go
+++ b/model/team.go
@@ -41,6 +41,14 @@ type Team struct {
 	AllowOpenInvite bool   `json:"allow_open_invite"`
 }
 
+type TeamPatch struct {
+	DisplayName     *string `json:"display_name"`
+	Description     *string `json:"description"`
+	CompanyName     *string `json:"company_name"`
+	InviteId        *string `json:"invite_id"`
+	AllowOpenInvite *bool   `json:"allow_open_invite"`
+}
+
 type Invites struct {
 	Invites []map[string]string `json:"invites"`
 }
@@ -278,3 +286,45 @@ func (o *Team) SanitizeForNotLoggedIn() {
 		o.InviteId = ""
 	}
 }
+
+func (t *Team) Patch(patch *TeamPatch) {
+	if patch.DisplayName != nil {
+		t.DisplayName = *patch.DisplayName
+	}
+
+	if patch.Description != nil {
+		t.Description = *patch.Description
+	}
+
+	if patch.CompanyName != nil {
+		t.CompanyName = *patch.CompanyName
+	}
+
+	if patch.InviteId != nil {
+		t.InviteId = *patch.InviteId
+	}
+
+	if patch.AllowOpenInvite != nil {
+		t.AllowOpenInvite = *patch.AllowOpenInvite
+	}
+}
+
+func (t *TeamPatch) ToJson() string {
+	b, err := json.Marshal(t)
+	if err != nil {
+		return ""
+	}
+
+	return string(b)
+}
+
+func TeamPatchFromJson(data io.Reader) *TeamPatch {
+	decoder := json.NewDecoder(data)
+	var team TeamPatch
+	err := decoder.Decode(&team)
+	if err != nil {
+		return nil
+	}
+
+	return &team
+}