summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--api4/service_terms.go5
-rw-r--r--api4/service_terms_test.go17
2 files changed, 18 insertions, 4 deletions
diff --git a/api4/service_terms.go b/api4/service_terms.go
index 549bad0a1..ff953102d 100644
--- a/api4/service_terms.go
+++ b/api4/service_terms.go
@@ -25,6 +25,11 @@ func getServiceTerms(c *Context, w http.ResponseWriter, r *http.Request) {
}
func createServiceTerms(c *Context, w http.ResponseWriter, r *http.Request) {
+ if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
+ return
+ }
+
if license := c.App.License(); license == nil || !*license.Features.CustomTermsOfService {
c.Err = model.NewAppError("createServiceTerms", "api.create_service_terms.custom_service_terms_disabled.app_error", nil, "", http.StatusBadRequest)
return
diff --git a/api4/service_terms_test.go b/api4/service_terms_test.go
index 693388376..607c104a6 100644
--- a/api4/service_terms_test.go
+++ b/api4/service_terms_test.go
@@ -30,15 +30,24 @@ func TestCreateServiceTerms(t *testing.T) {
defer th.TearDown()
Client := th.Client
- serviceTerms, resp := Client.CreateServiceTerms("service terms new", th.BasicUser.Id)
+ _, resp := Client.CreateServiceTerms("service terms new", th.BasicUser.Id)
+ CheckErrorMessage(t, resp, "api.context.permissions.app_error")
+}
+
+func TestCreateServiceTermsAdminUser(t *testing.T) {
+ th := Setup().InitSystemAdmin()
+ defer th.TearDown()
+ Client := th.SystemAdminClient
+
+ serviceTerms, resp := Client.CreateServiceTerms("service terms new", th.SystemAdminUser.Id)
CheckErrorMessage(t, resp, "api.create_service_terms.custom_service_terms_disabled.app_error")
th.App.SetLicense(model.NewTestLicense("EnableCustomServiceTerms"))
- serviceTerms, resp = Client.CreateServiceTerms("service terms new", th.BasicUser.Id)
+ serviceTerms, resp = Client.CreateServiceTerms("service terms new_2", th.SystemAdminUser.Id)
CheckNoError(t, resp)
assert.NotEmpty(t, serviceTerms.Id)
assert.NotEmpty(t, serviceTerms.CreateAt)
- assert.Equal(t, "service terms new", serviceTerms.Text)
- assert.Equal(t, th.BasicUser.Id, serviceTerms.UserId)
+ assert.Equal(t, "service terms new_2", serviceTerms.Text)
+ assert.Equal(t, th.SystemAdminUser.Id, serviceTerms.UserId)
}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-05-09 15:35:52 +0000