summaryrefslogtreecommitdiffstats
path: root/api/channel.go
diff options
context:
space:
mode:
Diffstat (limited to 'api/channel.go')
-rw-r--r--api/channel.go63
1 files changed, 42 insertions, 21 deletions
diff --git a/api/channel.go b/api/channel.go
index 4c0c56496..474c41d07 100644
--- a/api/channel.go
+++ b/api/channel.go
@@ -71,11 +71,13 @@ func createChannel(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if channel.Type == model.CHANNEL_OPEN && !HasPermissionToTeamContext(c, channel.TeamId, model.PERMISSION_CREATE_PUBLIC_CHANNEL) {
+ if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToTeam(c.Session, channel.TeamId, model.PERMISSION_CREATE_PUBLIC_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_CREATE_PUBLIC_CHANNEL)
return
}
- if channel.Type == model.CHANNEL_PRIVATE && !HasPermissionToTeamContext(c, channel.TeamId, model.PERMISSION_CREATE_PRIVATE_CHANNEL) {
+ if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToTeam(c.Session, channel.TeamId, model.PERMISSION_CREATE_PRIVATE_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_CREATE_PRIVATE_CHANNEL)
return
}
@@ -105,7 +107,8 @@ func createChannel(c *Context, w http.ResponseWriter, r *http.Request) {
}
func createDirectChannel(c *Context, w http.ResponseWriter, r *http.Request) {
- if !HasPermissionToContext(c, model.PERMISSION_CREATE_DIRECT_CHANNEL) {
+ if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_CREATE_DIRECT_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_CREATE_DIRECT_CHANNEL)
return
}
@@ -126,11 +129,13 @@ func createDirectChannel(c *Context, w http.ResponseWriter, r *http.Request) {
}
func CanManageChannel(c *Context, channel *model.Channel) bool {
- if channel.Type == model.CHANNEL_OPEN && !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
+ if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES)
return false
}
- if channel.Type == model.CHANNEL_PRIVATE && !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
+ if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES)
return false
}
@@ -345,7 +350,8 @@ func getMoreChannelsPage(c *Context, w http.ResponseWriter, r *http.Request) {
}
// user is already in the team
- if !HasPermissionToTeamContext(c, c.TeamId, model.PERMISSION_LIST_TEAM_CHANNELS) {
+ if !app.SessionHasPermissionToTeam(c.Session, c.TeamId, model.PERMISSION_LIST_TEAM_CHANNELS) {
+ c.SetPermissionError(model.PERMISSION_LIST_TEAM_CHANNELS)
return
}
@@ -396,7 +402,8 @@ func join(c *Context, w http.ResponseWriter, r *http.Request) {
}
if channel.Type == model.CHANNEL_OPEN {
- if !HasPermissionToTeamContext(c, channel.TeamId, model.PERMISSION_JOIN_PUBLIC_CHANNELS) {
+ if !app.SessionHasPermissionToTeam(c.Session, channel.TeamId, model.PERMISSION_JOIN_PUBLIC_CHANNELS) {
+ c.SetPermissionError(model.PERMISSION_JOIN_PUBLIC_CHANNELS)
return
}
}
@@ -445,11 +452,13 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) {
// Allow delete if user is the only member left in channel
if memberCount > 1 {
- if channel.Type == model.CHANNEL_OPEN && !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) {
+ if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_DELETE_PUBLIC_CHANNEL)
return
}
- if channel.Type == model.CHANNEL_PRIVATE && !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) {
+ if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_DELETE_PRIVATE_CHANNEL)
return
}
}
@@ -509,7 +518,8 @@ func getChannelByName(c *Context, w http.ResponseWriter, r *http.Request) {
c.Err = err
return
} else {
- if !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_READ_CHANNEL) {
+ if !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_READ_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
@@ -544,7 +554,8 @@ func getChannelStats(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_READ_CHANNEL) {
+ if !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_READ_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
@@ -562,7 +573,8 @@ func getChannelMember(c *Context, w http.ResponseWriter, r *http.Request) {
channelId := params["channel_id"]
userId := params["user_id"]
- if !HasPermissionToChannelContext(c, channelId, model.PERMISSION_READ_CHANNEL) {
+ if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
@@ -602,11 +614,13 @@ func addMember(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if channel.Type == model.CHANNEL_OPEN && !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS) {
+ if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS)
return
}
- if channel.Type == model.CHANNEL_PRIVATE && !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) {
+ if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS)
return
}
@@ -655,11 +669,13 @@ func removeMember(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if channel.Type == model.CHANNEL_OPEN && !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS) {
+ if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS)
return
}
- if channel.Type == model.CHANNEL_PRIVATE && !HasPermissionToChannelContext(c, channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) {
+ if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS)
return
}
@@ -704,7 +720,8 @@ func updateNotifyProps(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if !HasPermissionToUser(c, userId) {
+ if !app.SessionHasPermissionToUser(c.Session, userId) {
+ c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
return
}
@@ -725,7 +742,8 @@ func searchMoreChannels(c *Context, w http.ResponseWriter, r *http.Request) {
}
if c.Session.GetTeamByTeamId(c.TeamId) == nil {
- if !HasPermissionToContext(c, model.PERMISSION_MANAGE_SYSTEM) {
+ if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
}
@@ -747,7 +765,8 @@ func autocompleteChannels(c *Context, w http.ResponseWriter, r *http.Request) {
term := r.URL.Query().Get("term")
if c.Session.GetTeamByTeamId(c.TeamId) == nil {
- if !HasPermissionToContext(c, model.PERMISSION_MANAGE_SYSTEM) {
+ if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
}
@@ -792,7 +811,8 @@ func getChannelMembersByIds(c *Context, w http.ResponseWriter, r *http.Request)
return
}
- if !HasPermissionToChannelContext(c, channelId, model.PERMISSION_READ_CHANNEL) {
+ if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_READ_CHANNEL) {
+ c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
@@ -816,7 +836,8 @@ func updateChannelMemberRoles(c *Context, w http.ResponseWriter, r *http.Request
return
}
- if !HasPermissionToChannelContext(c, channelId, model.PERMISSION_MANAGE_CHANNEL_ROLES) {
+ if !app.SessionHasPermissionToChannel(c.Session, channelId, model.PERMISSION_MANAGE_CHANNEL_ROLES) {
+ c.SetPermissionError(model.PERMISSION_MANAGE_CHANNEL_ROLES)
return
}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-01 17:56:37 +0000