diff options
Diffstat (limited to 'api')
-rw-r--r-- | api/channel.go | 39 | ||||
-rw-r--r-- | api/user.go | 8 | ||||
-rw-r--r-- | api/web_hub.go | 10 |
3 files changed, 37 insertions, 20 deletions
diff --git a/api/channel.go b/api/channel.go index 5e13fa18a..0d22d7c00 100644 --- a/api/channel.go +++ b/api/channel.go @@ -472,6 +472,8 @@ func leaveChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } + UpdateChannelAccessCacheAndForget(c.Session.TeamId, c.Session.UserId, channel.Id) + post := &model.Post{ChannelId: channel.Id, Message: fmt.Sprintf( `%v has left the channel.`, user.Username), Type: model.POST_JOIN_LEAVE} @@ -706,20 +708,21 @@ func addChannelMember(c *Context, w http.ResponseWriter, r *http.Request) { return } - post := &model.Post{ChannelId: id, Message: fmt.Sprintf( - `%v added to the channel by %v`, - nUser.Username, oUser.Username), Type: model.POST_JOIN_LEAVE} - if _, err := CreatePost(c, post, false); err != nil { - l4g.Error("Failed to post add message %v", err) - c.Err = model.NewAppError("addChannelMember", "Failed to add member to channel", "") - return - } - c.LogAudit("name=" + channel.Name + " user_id=" + userId) - message := model.NewMessage(c.Session.TeamId, "", userId, model.ACTION_USER_ADDED) + go func() { + post := &model.Post{ChannelId: id, Message: fmt.Sprintf( + `%v added to the channel by %v`, + nUser.Username, oUser.Username), Type: model.POST_JOIN_LEAVE} + if _, err := CreatePost(c, post, false); err != nil { + l4g.Error("Failed to post add member to channel message, err=%v", err) + } - PublishAndForget(message) + UpdateChannelAccessCache(c.Session.TeamId, userId, channel.Id) + message := model.NewMessage(c.Session.TeamId, channel.Id, userId, model.ACTION_USER_ADDED) + + PublishAndForget(message) + }() <-Srv.Store.Channel().UpdateLastViewedAt(id, oUser.Id) w.Write([]byte(cm.ToJson())) @@ -773,13 +776,17 @@ func removeChannelMember(c *Context, w http.ResponseWriter, r *http.Request) { return } - message := model.NewMessage(c.Session.TeamId, "", userId, model.ACTION_USER_REMOVED) - message.Add("channel_id", id) - message.Add("remover", c.Session.UserId) - PublishAndForget(message) - c.LogAudit("name=" + channel.Name + " user_id=" + userId) + go func() { + UpdateChannelAccessCache(c.Session.TeamId, userId, id) + + message := model.NewMessage(c.Session.TeamId, "", userId, model.ACTION_USER_REMOVED) + message.Add("channel_id", id) + message.Add("remover", c.Session.UserId) + PublishAndForget(message) + }() + result := make(map[string]string) result["channel_id"] = channel.Id result["removed_user_id"] = userId diff --git a/api/user.go b/api/user.go index 2d7dd9ab1..78f8768a4 100644 --- a/api/user.go +++ b/api/user.go @@ -991,7 +991,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { } if model.IsInRole(new_roles, model.ROLE_SYSTEM_ADMIN) && !c.IsSystemAdmin() { - c.Err = model.NewAppError("updateRoles", "The system_admin role can only be set by another system admin", "") + c.Err = model.NewAppError("updateRoles", "The system admin role can only be set by another system admin", "") c.Err.StatusCode = http.StatusForbidden return } @@ -1014,6 +1014,12 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { return } + if user.IsInRole(model.ROLE_SYSTEM_ADMIN) && !c.IsSystemAdmin() { + c.Err = model.NewAppError("updateRoles", "The system admin role can only by modified by another system admin", "") + c.Err.StatusCode = http.StatusForbidden + return + } + ruser := UpdateRoles(c, user, new_roles) if c.Err != nil { return diff --git a/api/web_hub.go b/api/web_hub.go index 44d405283..15528c612 100644 --- a/api/web_hub.go +++ b/api/web_hub.go @@ -30,11 +30,15 @@ func PublishAndForget(message *model.Message) { }() } +func UpdateChannelAccessCache(teamId, userId, channelId string) { + if nh, ok := hub.teamHubs[teamId]; ok { + nh.UpdateChannelAccessCache(userId, channelId) + } +} + func UpdateChannelAccessCacheAndForget(teamId, userId, channelId string) { go func() { - if nh, ok := hub.teamHubs[teamId]; ok { - nh.UpdateChannelAccessCache(userId, channelId) - } + UpdateChannelAccessCache(teamId, userId, channelId) }() } |