summaryrefslogtreecommitdiffstats
path: root/api
diff options
context:
space:
mode:
Diffstat (limited to 'api')
-rw-r--r--api/channel.go6
-rw-r--r--api/channel_test.go9
-rw-r--r--api/context.go1
-rw-r--r--api/team.go9
-rw-r--r--api/user.go11
5 files changed, 28 insertions, 8 deletions
diff --git a/api/channel.go b/api/channel.go
index c0c2d1548..8264b3e74 100644
--- a/api/channel.go
+++ b/api/channel.go
@@ -366,7 +366,7 @@ func JoinChannel(c *Context, channelId string, role string) {
post := &model.Post{ChannelId: channel.Id, Message: fmt.Sprintf(
`User %v has joined this channel.`,
- user.Username)}
+ user.Username), Type: model.POST_JOIN_LEAVE}
if _, err := CreatePost(c, post, false); err != nil {
l4g.Error("Failed to post join message %v", err)
c.Err = model.NewAppError("joinChannel", "Failed to send join request", "")
@@ -453,7 +453,7 @@ func leaveChannel(c *Context, w http.ResponseWriter, r *http.Request) {
post := &model.Post{ChannelId: channel.Id, Message: fmt.Sprintf(
`%v has left the channel.`,
- user.Username)}
+ user.Username), Type: model.POST_JOIN_LEAVE}
if _, err := CreatePost(c, post, false); err != nil {
l4g.Error("Failed to post leave message %v", err)
c.Err = model.NewAppError("leaveChannel", "Failed to send leave message", "")
@@ -646,7 +646,7 @@ func addChannelMember(c *Context, w http.ResponseWriter, r *http.Request) {
post := &model.Post{ChannelId: id, Message: fmt.Sprintf(
`%v added to the channel by %v`,
- nUser.Username, oUser.Username)}
+ nUser.Username, oUser.Username), Type: model.POST_JOIN_LEAVE}
if _, err := CreatePost(c, post, false); err != nil {
l4g.Error("Failed to post add message %v", err)
c.Err = model.NewAppError("addChannelMember", "Failed to add member to channel", "")
diff --git a/api/channel_test.go b/api/channel_test.go
index ff09ab4bc..ed0554693 100644
--- a/api/channel_test.go
+++ b/api/channel_test.go
@@ -52,6 +52,8 @@ func TestCreateChannel(t *testing.T) {
t.Fatal("Cannot create an existing")
}
+ savedId := rchannel.Data.(*model.Channel).Id
+
rchannel.Data.(*model.Channel).Id = ""
if _, err := Client.CreateChannel(rchannel.Data.(*model.Channel)); err != nil {
if err.Message != "A channel with that name already exists" {
@@ -63,6 +65,13 @@ func TestCreateChannel(t *testing.T) {
t.Fatal("should have been an error")
}
+ Client.DeleteChannel(savedId)
+ if _, err := Client.CreateChannel(rchannel.Data.(*model.Channel)); err != nil {
+ if err.Message != "A channel with that name was previously created" {
+ t.Fatal(err)
+ }
+ }
+
channel = model.Channel{DisplayName: "Channel on Different Team", Name: "aaaa" + model.NewId() + "abbb", Type: model.CHANNEL_OPEN, TeamId: team2.Id}
if _, err := Client.CreateChannel(&channel); err.StatusCode != http.StatusForbidden {
diff --git a/api/context.go b/api/context.go
index 501e4e77f..bea0fbeff 100644
--- a/api/context.go
+++ b/api/context.go
@@ -84,6 +84,7 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if forwardProto == "http" {
l4g.Info("redirecting http request to https for %v", r.URL.Path)
http.Redirect(w, r, "https://"+r.Host, http.StatusTemporaryRedirect)
+ return
} else {
protocol = "https"
}
diff --git a/api/team.go b/api/team.go
index 15e4e2c17..c4a0ca181 100644
--- a/api/team.go
+++ b/api/team.go
@@ -456,6 +456,15 @@ func inviteMembers(c *Context, w http.ResponseWriter, r *http.Request) {
user = result.Data.(*model.User)
}
+ var invNum int64 = 0
+ for i, invite := range invites.Invites {
+ if result := <-Srv.Store.User().GetByEmail(c.Session.TeamId, invite["email"]); result.Err == nil || result.Err.Message != "We couldn't find the existing account" {
+ invNum = int64(i)
+ c.Err = model.NewAppError("invite_members", "This person is already on your team", strconv.FormatInt(invNum, 10))
+ return
+ }
+ }
+
ia := make([]string, len(invites.Invites))
for _, invite := range invites.Invites {
ia = append(ia, invite["email"])
diff --git a/api/user.go b/api/user.go
index ada781bc7..483ae67b5 100644
--- a/api/user.go
+++ b/api/user.go
@@ -289,7 +289,7 @@ func login(c *Context, w http.ResponseWriter, r *http.Request) {
if !model.ComparePassword(user.Password, props["password"]) {
c.LogAuditWithUserId(user.Id, "fail")
c.Err = model.NewAppError("login", "Login failed because of invalid password", extraInfo)
- c.Err.StatusCode = http.StatusBadRequest
+ c.Err.StatusCode = http.StatusForbidden
return
}
@@ -417,7 +417,7 @@ func getSessions(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
id := params["id"]
- if !c.HasPermissionsToUser(id, "getAudits") {
+ if !c.HasPermissionsToUser(id, "getSessions") {
return
}
@@ -740,7 +740,7 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if !c.HasPermissionsToUser(user.Id, "updateUsers") {
+ if !c.HasPermissionsToUser(user.Id, "updateUser") {
return
}
@@ -813,12 +813,13 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) {
if !model.ComparePassword(user.Password, currentPassword) {
c.Err = model.NewAppError("updatePassword", "Update password failed because of invalid password", "")
- c.Err.StatusCode = http.StatusBadRequest
+ c.Err.StatusCode = http.StatusForbidden
return
}
if uresult := <-Srv.Store.User().UpdatePassword(c.Session.UserId, model.HashPassword(newPassword)); uresult.Err != nil {
- c.Err = uresult.Err
+ c.Err = model.NewAppError("updatePassword", "Update password failed", uresult.Err.Error())
+ c.Err.StatusCode = http.StatusForbidden
return
} else {
c.LogAudit("completed")
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-10-04 15:02:53 +0000