diff options
-rw-r--r-- | api4/channel.go | 40 | ||||
-rw-r--r-- | api4/channel_test.go | 52 | ||||
-rw-r--r-- | app/channel.go | 11 | ||||
-rw-r--r-- | i18n/en.json | 2 | ||||
-rw-r--r-- | model/client4.go | 12 |
5 files changed, 113 insertions, 4 deletions
diff --git a/api4/channel.go b/api4/channel.go index 2ce9e23e5..10e59f49b 100644 --- a/api4/channel.go +++ b/api4/channel.go @@ -16,6 +16,7 @@ func InitChannel() { l4g.Debug(utils.T("api.channel.init.debug")) BaseRoutes.Channels.Handle("", ApiSessionRequired(createChannel)).Methods("POST") + BaseRoutes.Channels.Handle("/direct", ApiSessionRequired(createDirectChannel)).Methods("POST") } func createChannel(c *Context, w http.ResponseWriter, r *http.Request) { @@ -40,6 +41,45 @@ func createChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } else { c.LogAudit("name=" + channel.Name) + w.WriteHeader(http.StatusCreated) + w.Write([]byte(sc.ToJson())) + } +} + +func createDirectChannel(c *Context, w http.ResponseWriter, r *http.Request) { + userIds := model.ArrayFromJson(r.Body) + allowed := false + + if len(userIds) != 2 { + c.SetInvalidParam("user_ids") + return + } + + for _, id := range userIds { + if len(id) != 26 { + c.SetInvalidParam("user_id") + return + } + if id == c.Session.UserId { + allowed = true + } + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_CREATE_DIRECT_CHANNEL) { + c.SetPermissionError(model.PERMISSION_CREATE_DIRECT_CHANNEL) + return + } + + if !allowed && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + if sc, err := app.CreateDirectChannel(userIds[0], userIds[1]); err != nil { + c.Err = err + return + } else { + w.WriteHeader(http.StatusCreated) w.Write([]byte(sc.ToJson())) } } diff --git a/api4/channel_test.go b/api4/channel_test.go index e3d0a85bd..5123d7730 100644 --- a/api4/channel_test.go +++ b/api4/channel_test.go @@ -167,3 +167,55 @@ func TestCreateChannel(t *testing.T) { } } } + +func TestCreateDirectChannel(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + user1 := th.BasicUser + user2 := th.BasicUser2 + user3 := th.CreateUser() + + dm, resp := Client.CreateDirectChannel(user1.Id, user2.Id) + CheckNoError(t, resp) + + channelName := "" + if user2.Id > user1.Id { + channelName = user1.Id + "__" + user2.Id + } else { + channelName = user2.Id + "__" + user1.Id + } + + if dm.Name != channelName { + t.Fatal("dm name didn't match") + } + + _, resp = Client.CreateDirectChannel("junk", user2.Id) + CheckBadRequestStatus(t, resp) + + _, resp = Client.CreateDirectChannel(user1.Id, model.NewId()) + CheckBadRequestStatus(t, resp) + + _, resp = Client.CreateDirectChannel(model.NewId(), user1.Id) + CheckBadRequestStatus(t, resp) + + _, resp = Client.CreateDirectChannel(model.NewId(), user2.Id) + CheckForbiddenStatus(t, resp) + + if r, err := Client.DoApiPost("/channels/direct", "garbage"); err == nil { + t.Fatal("should have errored") + } else { + if r.StatusCode != http.StatusBadRequest { + t.Log("actual: " + strconv.Itoa(r.StatusCode)) + t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) + t.Fatal("wrong status code") + } + } + + Client.Logout() + _, resp = Client.CreateDirectChannel(model.NewId(), user2.Id) + CheckUnauthorizedStatus(t, resp) + + _, resp = th.SystemAdminClient.CreateDirectChannel(user3.Id, user2.Id) + CheckNoError(t, resp) +} diff --git a/app/channel.go b/app/channel.go index 025eccfcd..02124f3c8 100644 --- a/app/channel.go +++ b/app/channel.go @@ -188,10 +188,15 @@ func CreateChannel(channel *model.Channel, addMember bool) (*model.Channel, *mod } func CreateDirectChannel(userId string, otherUserId string) (*model.Channel, *model.AppError) { - uc := Srv.Store.User().Get(otherUserId) + uc1 := Srv.Store.User().Get(userId) + uc2 := Srv.Store.User().Get(otherUserId) - if uresult := <-uc; uresult.Err != nil { - return nil, model.NewLocAppError("CreateDirectChannel", "api.channel.create_direct_channel.invalid_user.app_error", nil, otherUserId) + if result := <-uc1; result.Err != nil { + return nil, model.NewAppError("CreateDirectChannel", "api.channel.create_direct_channel.invalid_user.app_error", nil, userId, http.StatusBadRequest) + } + + if result := <-uc2; result.Err != nil { + return nil, model.NewAppError("CreateDirectChannel", "api.channel.create_direct_channel.invalid_user.app_error", nil, otherUserId, http.StatusBadRequest) } if result := <-Srv.Store.Channel().CreateDirectChannel(userId, otherUserId); result.Err != nil { diff --git a/i18n/en.json b/i18n/en.json index 6a7bb05f9..9d63fc98e 100644 --- a/i18n/en.json +++ b/i18n/en.json @@ -221,7 +221,7 @@ }, { "id": "api.channel.create_direct_channel.invalid_user.app_error", - "translation": "Invalid other user ID " + "translation": "Invalid user ID for direct channel creation" }, { "id": "api.channel.delete_channel.archived", diff --git a/model/client4.go b/model/client4.go index fb314e26d..6ea0398d0 100644 --- a/model/client4.go +++ b/model/client4.go @@ -265,5 +265,17 @@ func (c *Client4) CreateChannel(channel *Channel) (*Channel, *Response) { } } +// CreateDirectChannel creates a direct message channel based on the two user +// ids provided. +func (c *Client4) CreateDirectChannel(userId1, userId2 string) (*Channel, *Response) { + requestBody := []string{userId1, userId2} + if r, err := c.DoApiPost(c.GetChannelsRoute()+"/direct", ArrayToJson(requestBody)); err != nil { + return nil, &Response{StatusCode: r.StatusCode, Error: err} + } else { + defer closeBody(r) + return ChannelFromJson(r.Body), BuildResponse(r) + } +} + // Post Section // to be filled in.. |