4 files changed, 31 insertions, 7 deletions

diff --git a/api/context.go b/api/context.go
index bea0fbeff..054e42e2e 100644
--- a/api/context.go
+++ b/api/context.go
@@ -265,6 +265,16 @@ func (c *Context) IsSystemAdmin() bool {
 	return false
 }
 
+func (c *Context) IsTeamAdmin(userId string) bool {
+	if uresult := <-Srv.Store.User().Get(userId); uresult.Err != nil {
+		c.Err = uresult.Err
+		return false
+	} else {
+		user := uresult.Data.(*model.User)
+		return strings.Contains(c.Session.Roles, model.ROLE_ADMIN) && user.TeamId == c.Session.TeamId
+	}
+}
+
 func (c *Context) RemoveSessionCookie(w http.ResponseWriter) {
 
 	sessionCache.Remove(c.Session.Id)
diff --git a/api/post.go b/api/post.go
index 02f997166..efca2f570 100644
--- a/api/post.go
+++ b/api/post.go
@@ -634,16 +634,17 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) {
 	cchan := Srv.Store.Channel().CheckPermissionsTo(c.Session.TeamId, channelId, c.Session.UserId)
 	pchan := Srv.Store.Post().Get(postId)
 
-	if !c.HasPermissionsToChannel(cchan, "deletePost") {
-		return
-	}
-
 	if result := <-pchan; result.Err != nil {
 		c.Err = result.Err
 		return
 	} else {
+
 		post := result.Data.(*model.PostList).Posts[postId]
 
+	if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin(post.UserId){
+		return
+	}
+
 		if post == nil {
 			c.SetInvalidParam("deletePost", "postId")
 			return
@@ -655,7 +656,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		if post.UserId != c.Session.UserId {
+		if post.UserId != c.Session.UserId && !strings.Contains(c.Session.Roles,model.ROLE_ADMIN) {
 			c.Err = model.NewAppError("deletePost", "You do not have the appropriate permissions", "")
 			c.Err.StatusCode = http.StatusForbidden
 			return
diff --git a/api/post_test.go b/api/post_test.go
index 970307759..5009ff54d 100644
--- a/api/post_test.go
+++ b/api/post_test.go
@@ -483,6 +483,10 @@ func TestDeletePosts(t *testing.T) {
 	team := &model.Team{Name: "Name", Domain: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
 	team = Client.Must(Client.CreateTeam(team)).Data.(*model.Team)
 
+	userAdmin := &model.User{TeamId: team.Id, Email: team.Email, FullName: "Corey Hulen", Password: "pwd"}
+	userAdmin = Client.Must(Client.CreateUser(userAdmin, "")).Data.(*model.User)
+	store.Must(Srv.Store.User().VerifyEmail(userAdmin.Id))
+
 	user1 := &model.User{TeamId: team.Id, Email: model.NewId() + "corey@test.com", FullName: "Corey Hulen", Password: "pwd"}
 	user1 = Client.Must(Client.CreateUser(user1, "")).Data.(*model.User)
 	store.Must(Srv.Store.User().VerifyEmail(user1.Id))
@@ -521,8 +525,16 @@ func TestDeletePosts(t *testing.T) {
 	r2 := Client.Must(Client.GetPosts(channel1.Id, 0, 10, "")).Data.(*model.PostList)
 
 	if len(r2.Posts) != 4 {
-		t.Fatal("should have returned 5 items")
+		t.Fatal("should have returned 4 items")
 	}
+
+	time.Sleep(10 * time.Millisecond)
+	post4 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"}
+	post4 = Client.Must(Client.CreatePost(post4)).Data.(*model.Post)
+
+	Client.LoginByEmail(team.Domain, userAdmin.Email, "pwd")
+
+	Client.Must(Client.DeletePost(channel1.Id, post4.Id))
 }
 
 func TestEmailMention(t *testing.T) {
diff --git a/web/react/components/post_info.jsx b/web/react/components/post_info.jsx
index cf01747f0..48efa95ba 100644
--- a/web/react/components/post_info.jsx
+++ b/web/react/components/post_info.jsx
@@ -11,6 +11,7 @@ module.exports = React.createClass({
     render: function() {
         var post = this.props.post;
         var isOwner = UserStore.getCurrentId() == post.user_id;
+        var isAdmin = UserStore.getCurrentUser().roles.indexOf("admin") > -1
 
         var type = "Post"
         if (post.root_id.length > 0) {
@@ -36,7 +37,7 @@ module.exports = React.createClass({
                                 <ul className="dropdown-menu" role="menu">
                                     { isOwner ? <li role="presentation"><a href="#" role="menuitem" data-toggle="modal" data-target="#edit_post" data-title={type} data-message={post.message} data-postid={post.id} data-channelid={post.channel_id} data-comments={type === "Post" ? this.props.commentCount : 0}>Edit</a></li>
                                     : "" }
-                                    { isOwner ? <li role="presentation"><a href="#" role="menuitem" data-toggle="modal" data-target="#delete_post" data-title={type} data-postid={post.id} data-channelid={post.channel_id} data-comments={type === "Post" ? this.props.commentCount : 0}>Delete</a></li>
+                                    { isOwner || isAdmin ? <li role="presentation"><a href="#" role="menuitem" data-toggle="modal" data-target="#delete_post" data-title={type} data-postid={post.id} data-channelid={post.channel_id} data-comments={type === "Post" ? this.props.commentCount : 0}>Delete</a></li>
                                     : "" }
                                     { this.props.allowReply === "true" ? <li role="presentation"><a className="reply-link theme" href="#" onClick={this.props.handleCommentClick}>Reply</a></li>
                                     : "" }