diff options
Diffstat (limited to 'api')
| -rw-r--r-- | api/command.go | 20 | ||||
| -rw-r--r-- | api/post.go | 20 | ||||
| -rw-r--r-- | api/post_test.go | 2 | ||||
| -rw-r--r-- | api/team.go | 11 | ||||
| -rw-r--r-- | api/user.go | 4 |
5 files changed, 42 insertions, 15 deletions
diff --git a/api/command.go b/api/command.go index 449483bbf..94d2d8f60 100644 --- a/api/command.go +++ b/api/command.go @@ -25,9 +25,7 @@ func InitCommand(r *mux.Router) { l4g.Debug("Initializing command api routes") r.Handle("/command", ApiUserRequired(command)).Methods("POST") - if utils.Cfg.TeamSettings.AllowValet { - commands = append(commands, echoCommand) - } + commands = append(commands, echoCommand) hub.Start() } @@ -59,6 +57,8 @@ func checkCommand(c *Context, command *model.Command) bool { return false } + tchan := Srv.Store.Team().Get(c.Session.TeamId) + if len(command.ChannelId) > 0 { cchan := Srv.Store.Channel().CheckPermissionsTo(c.Session.TeamId, command.ChannelId, c.Session.UserId) @@ -67,7 +67,21 @@ func checkCommand(c *Context, command *model.Command) bool { } } + allowValet := false + if tResult := <-tchan; tResult.Err != nil { + c.Err = model.NewAppError("checkCommand", "Could not find the team for this session, team_id="+c.Session.TeamId, "") + return false + } else { + allowValet = tResult.Data.(*model.Team).AllowValet + } + + var ec commandHandler + ec = echoCommand for _, v := range commands { + if !allowValet && &v == &ec { + continue + } + if v(c, command) { return true } else if c.Err != nil { diff --git a/api/post.go b/api/post.go index 36607c231..6f500286f 100644 --- a/api/post.go +++ b/api/post.go @@ -58,11 +58,7 @@ func createPost(c *Context, w http.ResponseWriter, r *http.Request) { } func createValetPost(c *Context, w http.ResponseWriter, r *http.Request) { - if !utils.Cfg.TeamSettings.AllowValet { - c.Err = model.NewAppError("createValetPost", "The valet feature is currently turned off. Please contact your system administrator for details.", "") - c.Err.StatusCode = http.StatusNotImplemented - return - } + tchan := Srv.Store.Team().Get(c.Session.TeamId) post := model.PostFromJson(r.Body) if post == nil { @@ -70,13 +66,25 @@ func createValetPost(c *Context, w http.ResponseWriter, r *http.Request) { return } - // Any one with access to the team can post as valet to any open channel cchan := Srv.Store.Channel().CheckOpenChannelPermissions(c.Session.TeamId, post.ChannelId) + // Any one with access to the team can post as valet to any open channel if !c.HasPermissionsToChannel(cchan, "createValetPost") { return } + // Make sure this team has the valet feature enabled + if tResult := <-tchan; tResult.Err != nil { + c.Err = model.NewAppError("createValetPost", "Could not find the team for this session, team_id="+c.Session.TeamId, "") + return + } else { + if !tResult.Data.(*model.Team).AllowValet { + c.Err = model.NewAppError("createValetPost", "The valet feature is currently turned off. Please contact your team administrator for details.", "") + c.Err.StatusCode = http.StatusNotImplemented + return + } + } + if rp, err := CreateValetPost(c, post); err != nil { c.Err = err diff --git a/api/post_test.go b/api/post_test.go index b322a5017..03f70bff7 100644 --- a/api/post_test.go +++ b/api/post_test.go @@ -147,7 +147,7 @@ func TestCreateValetPost(t *testing.T) { channel2 := &model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} channel2 = Client.Must(Client.CreateChannel(channel2)).Data.(*model.Channel) - if utils.Cfg.TeamSettings.AllowValet { + if utils.Cfg.TeamSettings.AllowValetDefault { post1 := &model.Post{ChannelId: channel1.Id, Message: "#hashtag a" + model.NewId() + "a"} rpost1, err := Client.CreateValetPost(post1) if err != nil { diff --git a/api/team.go b/api/team.go index cb60602c6..65f0879ff 100644 --- a/api/team.go +++ b/api/team.go @@ -136,6 +136,8 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { } } + teamSignup.Team.AllowValet = utils.Cfg.TeamSettings.AllowValetDefault + if result := <-Srv.Store.Team().Save(&teamSignup.Team); result.Err != nil { c.Err = result.Err return @@ -157,7 +159,7 @@ func createTeamFromSignup(c *Context, w http.ResponseWriter, r *http.Request) { return } - if utils.Cfg.TeamSettings.AllowValet { + if teamSignup.Team.AllowValet { CreateValet(c, rteam) if c.Err != nil { return @@ -200,6 +202,13 @@ func createTeam(c *Context, w http.ResponseWriter, r *http.Request) { return } + if rteam.AllowValet { + CreateValet(c, rteam) + if c.Err != nil { + return + } + } + w.Write([]byte(rteam.ToJson())) } } diff --git a/api/user.go b/api/user.go index 83e29b28e..c0ebc05e0 100644 --- a/api/user.go +++ b/api/user.go @@ -145,10 +145,6 @@ func createUser(c *Context, w http.ResponseWriter, r *http.Request) { } func CreateValet(c *Context, team *model.Team) *model.User { - if !utils.Cfg.TeamSettings.AllowValet { - return &model.User{} - } - valet := &model.User{} valet.TeamId = team.Id valet.Email = utils.Cfg.EmailSettings.FeedbackEmail |