diff options
Diffstat (limited to 'api/team.go')
-rw-r--r-- | api/team.go | 61 |
1 files changed, 39 insertions, 22 deletions
diff --git a/api/team.go b/api/team.go index e1b3b274a..92fcbff93 100644 --- a/api/team.go +++ b/api/team.go @@ -56,8 +56,10 @@ func signupTeam(c *Context, w http.ResponseWriter, r *http.Request) { return } - subjectPage := NewServerTemplatePage("signup_team_subject", c.GetSiteURL()) - bodyPage := NewServerTemplatePage("signup_team_body", c.GetSiteURL()) + subjectPage := NewServerTemplatePage("signup_team_subject") + subjectPage.Props["SiteURL"] = c.GetSiteURL() + bodyPage := NewServerTemplatePage("signup_team_body") + bodyPage.Props["SiteURL"] = c.GetSiteURL() bodyPage.Props["TourUrl"] = utils.Cfg.TeamSettings.TourLink props := make(map[string]string) @@ -98,6 +100,10 @@ func createTeamFromSSO(c *Context, w http.ResponseWriter, r *http.Request) { return } + if !isTreamCreationAllowed(c, team.Email) { + return + } + team.PreSave() team.Name = model.CleanTeamName(team.Name) @@ -241,47 +247,55 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { } func createTeam(c *Context, w http.ResponseWriter, r *http.Request) { + team := model.TeamFromJson(r.Body) + rteam := CreateTeam(c, team) + if c.Err != nil { + return + } + + w.Write([]byte(rteam.ToJson())) +} + +func CreateTeam(c *Context, team *model.Team) *model.Team { if utils.Cfg.ServiceSettings.DisableEmailSignUp { c.Err = model.NewAppError("createTeam", "Team sign-up with email is disabled.", "") c.Err.StatusCode = http.StatusNotImplemented - return + return nil } - team := model.TeamFromJson(r.Body) - if team == nil { c.SetInvalidParam("createTeam", "team") - return + return nil } if !isTreamCreationAllowed(c, team.Email) { - return + return nil } if utils.Cfg.ServiceSettings.Mode != utils.MODE_DEV { - c.Err = model.NewAppError("createTeam", "The mode does not allow network creation without a valid invite", "") - return + c.Err = model.NewAppError("CreateTeam", "The mode does not allow network creation without a valid invite", "") + return nil } if result := <-Srv.Store.Team().Save(team); result.Err != nil { c.Err = result.Err - return + return nil } else { rteam := result.Data.(*model.Team) if _, err := CreateDefaultChannels(c, rteam.Id); err != nil { c.Err = err - return + return nil } if rteam.AllowValet { CreateValet(c, rteam) if c.Err != nil { - return + return nil } } - w.Write([]byte(rteam.ToJson())) + return rteam } } @@ -393,8 +407,10 @@ func emailTeams(c *Context, w http.ResponseWriter, r *http.Request) { return } - subjectPage := NewServerTemplatePage("find_teams_subject", c.GetSiteURL()) - bodyPage := NewServerTemplatePage("find_teams_body", c.GetSiteURL()) + subjectPage := NewServerTemplatePage("find_teams_subject") + subjectPage.Props["SiteURL"] = c.GetSiteURL() + bodyPage := NewServerTemplatePage("find_teams_body") + bodyPage.Props["SiteURL"] = c.GetSiteURL() if result := <-Srv.Store.Team().GetTeamsForEmail(email); result.Err != nil { c.Err = result.Err @@ -469,22 +485,23 @@ func InviteMembers(c *Context, team *model.Team, user *model.User, invites []str sender := user.GetDisplayName() senderRole := "" - if strings.Contains(user.Roles, model.ROLE_ADMIN) || strings.Contains(user.Roles, model.ROLE_SYSTEM_ADMIN) { + if model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) || model.IsInRole(user.Roles, model.ROLE_SYSTEM_ADMIN) { senderRole = "administrator" } else { senderRole = "member" } - subjectPage := NewServerTemplatePage("invite_subject", c.GetSiteURL()) + subjectPage := NewServerTemplatePage("invite_subject") + subjectPage.Props["SiteURL"] = c.GetSiteURL() subjectPage.Props["SenderName"] = sender subjectPage.Props["TeamDisplayName"] = team.DisplayName - bodyPage := NewServerTemplatePage("invite_body", c.GetSiteURL()) + + bodyPage := NewServerTemplatePage("invite_body") + bodyPage.Props["SiteURL"] = c.GetSiteURL() bodyPage.Props["TeamDisplayName"] = team.DisplayName bodyPage.Props["SenderName"] = sender bodyPage.Props["SenderStatus"] = senderRole - bodyPage.Props["Email"] = invite - props := make(map[string]string) props["email"] = invite props["id"] = team.Id @@ -528,7 +545,7 @@ func updateTeamDisplayName(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) { + if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { c.Err = model.NewAppError("updateTeamDisplayName", "You do not have the appropriate permissions", "userId="+c.Session.UserId) c.Err.StatusCode = http.StatusForbidden return @@ -568,7 +585,7 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) { + if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { c.Err = model.NewAppError("updateValetFeature", "You do not have the appropriate permissions", "userId="+c.Session.UserId) c.Err.StatusCode = http.StatusForbidden return |