diff options
Diffstat (limited to 'app/authorization.go')
-rw-r--r-- | app/authorization.go | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/app/authorization.go b/app/authorization.go index 0f48b3c9d..b43d64341 100644 --- a/app/authorization.go +++ b/app/authorization.go @@ -83,6 +83,19 @@ func SessionHasPermissionToUser(session model.Session, userId string) bool { return false } +func SessionHasPermissionToPost(session model.Session, postId string, permission *model.Permission) bool { + post, err := GetSinglePost(postId) + if err != nil { + return false + } + + if post.UserId == session.UserId { + return true + } + + return SessionHasPermissionToChannel(session, post.ChannelId, permission) +} + func HasPermissionTo(askingUserId string, permission *model.Permission) bool { user, err := GetUser(askingUserId) if err != nil { @@ -135,6 +148,24 @@ func HasPermissionToChannel(askingUserId string, channelId string, permission *m return HasPermissionTo(askingUserId, permission) } +func HasPermissionToChannelByPost(askingUserId string, postId string, permission *model.Permission) bool { + var channelMember *model.ChannelMember + if result := <-Srv.Store.Channel().GetMemberForPost(postId, askingUserId); result.Err == nil { + channelMember = result.Data.(*model.ChannelMember) + + if CheckIfRolesGrantPermission(channelMember.GetRoles(), permission.Id) { + return true + } + } + + if result := <-Srv.Store.Channel().GetForPost(postId); result.Err == nil { + channel := result.Data.(*model.Channel) + return HasPermissionToTeam(askingUserId, channel.TeamId, permission) + } + + return HasPermissionTo(askingUserId, permission) +} + func HasPermissionToUser(askingUserId string, userId string) bool { if askingUserId == userId { return true |