5 files changed, 94 insertions, 2 deletions
diff --git a/api4/status.go b/api4/status.go
index 59909e295..627ddaca6 100644
--- a/api4/status.go
+++ b/api4/status.go
@@ -71,6 +71,11 @@ func updateUserStatus(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	currentStatus, err := c.App.GetStatus(c.Params.UserId)
+	if err == nil && currentStatus.Status == model.STATUS_OUT_OF_OFFICE && status.Status != model.STATUS_OUT_OF_OFFICE {
+		c.App.DisableAutoResponder(c.Params.UserId, c.IsSystemAdmin())
+	}
+
 	switch status.Status {
 	case "online":
 		c.App.SetStatusOnline(c.Params.UserId, "", true)
diff --git a/api4/system.go b/api4/system.go
index b34f2af6b..c307a39b7 100644
--- a/api4/system.go
+++ b/api4/system.go
@@ -23,6 +23,7 @@ func (api *API) InitSystem() {
 	api.BaseRoutes.ApiRoot.Handle("/config", api.ApiSessionRequired(updateConfig)).Methods("PUT")
 	api.BaseRoutes.ApiRoot.Handle("/config/reload", api.ApiSessionRequired(configReload)).Methods("POST")
 	api.BaseRoutes.ApiRoot.Handle("/config/client", api.ApiHandler(getClientConfig)).Methods("GET")
+	api.BaseRoutes.ApiRoot.Handle("/config/environment", api.ApiSessionRequired(getEnvironmentConfig)).Methods("GET")
 
 	api.BaseRoutes.ApiRoot.Handle("/license", api.ApiSessionRequired(addLicense)).Methods("POST")
 	api.BaseRoutes.ApiRoot.Handle("/license", api.ApiSessionRequired(removeLicense)).Methods("DELETE")
@@ -251,6 +252,18 @@ func getClientConfig(c *Context, w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(model.MapToJson(c.App.ClientConfigWithComputed())))
 }
 
+func getEnvironmentConfig(c *Context, w http.ResponseWriter, r *http.Request) {
+	if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
+		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
+		return
+	}
+
+	envConfig := c.App.GetEnvironmentConfig()
+
+	w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
+	w.Write([]byte(model.StringInterfaceToJson(envConfig)))
+}
+
 func getClientLicense(c *Context, w http.ResponseWriter, r *http.Request) {
 	format := r.URL.Query().Get("format")
 
diff --git a/api4/system_test.go b/api4/system_test.go
index bb3790d4b..f74d91563 100644
--- a/api4/system_test.go
+++ b/api4/system_test.go
@@ -161,6 +161,70 @@ func TestUpdateConfig(t *testing.T) {
 	})
 }
 
+func TestGetEnvironmentConfig(t *testing.T) {
+	os.Setenv("MM_SERVICESETTINGS_SITEURL", "http://example.mattermost.com")
+	os.Setenv("MM_SERVICESETTINGS_ENABLECUSTOMEMOJI", "true")
+	defer os.Unsetenv("MM_SERVICESETTINGS_SITEURL")
+
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer th.TearDown()
+
+	t.Run("as system admin", func(t *testing.T) {
+		SystemAdminClient := th.SystemAdminClient
+
+		envConfig, resp := SystemAdminClient.GetEnvironmentConfig()
+		CheckNoError(t, resp)
+
+		if serviceSettings, ok := envConfig["ServiceSettings"]; !ok {
+			t.Fatal("should've returned ServiceSettings")
+		} else if serviceSettingsAsMap, ok := serviceSettings.(map[string]interface{}); !ok {
+			t.Fatal("should've returned ServiceSettings as a map")
+		} else {
+			if siteURL, ok := serviceSettingsAsMap["SiteURL"]; !ok {
+				t.Fatal("should've returned ServiceSettings.SiteURL")
+			} else if siteURLAsBool, ok := siteURL.(bool); !ok {
+				t.Fatal("should've returned ServiceSettings.SiteURL as a boolean")
+			} else if !siteURLAsBool {
+				t.Fatal("should've returned ServiceSettings.SiteURL as true")
+			}
+
+			if enableCustomEmoji, ok := serviceSettingsAsMap["EnableCustomEmoji"]; !ok {
+				t.Fatal("should've returned ServiceSettings.EnableCustomEmoji")
+			} else if enableCustomEmojiAsBool, ok := enableCustomEmoji.(bool); !ok {
+				t.Fatal("should've returned ServiceSettings.EnableCustomEmoji as a boolean")
+			} else if !enableCustomEmojiAsBool {
+				t.Fatal("should've returned ServiceSettings.EnableCustomEmoji as true")
+			}
+		}
+
+		if _, ok := envConfig["TeamSettings"]; ok {
+			t.Fatal("should not have returned TeamSettings")
+		}
+	})
+
+	t.Run("as team admin", func(t *testing.T) {
+		TeamAdminClient := th.CreateClient()
+		th.LoginTeamAdminWithClient(TeamAdminClient)
+
+		_, resp := TeamAdminClient.GetEnvironmentConfig()
+		CheckForbiddenStatus(t, resp)
+	})
+
+	t.Run("as regular user", func(t *testing.T) {
+		Client := th.Client
+
+		_, resp := Client.GetEnvironmentConfig()
+		CheckForbiddenStatus(t, resp)
+	})
+
+	t.Run("as not-regular user", func(t *testing.T) {
+		Client := th.CreateClient()
+
+		_, resp := Client.GetEnvironmentConfig()
+		CheckUnauthorizedStatus(t, resp)
+	})
+}
+
 func TestGetOldClientConfig(t *testing.T) {
 	th := Setup().InitBasic().InitSystemAdmin()
 	defer th.TearDown()
diff --git a/api4/user.go b/api4/user.go
index 8f8f08c75..9aa709db5 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -199,7 +199,8 @@ func getProfileImage(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	} else {
 		if len(users) == 0 {
-			c.Err = err
+			c.Err = model.NewAppError("getProfileImage", "api.user.get_profile_image.not_found.app_error", nil, "", http.StatusNotFound)
+			return
 		}
 
 		user := users[0]
@@ -589,8 +590,13 @@ func patchUser(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	ouser, err := c.App.GetUser(c.Params.UserId)
+	if err != nil {
+		c.SetInvalidParam("user_id")
+		return
+	}
+
 	if c.Session.IsOAuth && patch.Email != nil {
-		ouser, err := c.App.GetUser(c.Params.UserId)
 		if err != nil {
 			c.Err = err
 			return
@@ -607,6 +613,7 @@ func patchUser(c *Context, w http.ResponseWriter, r *http.Request) {
 		c.Err = err
 		return
 	} else {
+		c.App.SetAutoResponderStatus(ruser, ouser.NotifyProps)
 		c.LogAudit("")
 		w.Write([]byte(ruser.ToJson()))
 	}
diff --git a/api4/user_test.go b/api4/user_test.go
index 359756aeb..27219726b 100644
--- a/api4/user_test.go
+++ b/api4/user_test.go
@@ -834,6 +834,9 @@ func TestGetProfileImage(t *testing.T) {
 	_, resp = Client.GetProfileImage("junk", "")
 	CheckBadRequestStatus(t, resp)
 
+	_, resp = Client.GetProfileImage(model.NewId(), "")
+	CheckNotFoundStatus(t, resp)
+
 	Client.Logout()
 	_, resp = Client.GetProfileImage(user.Id, "")
 	CheckUnauthorizedStatus(t, resp)