From 30fd4a2951906a59137312d6d1dea2e54fe9c8e9 Mon Sep 17 00:00:00 2001
From: Saturnino Abril <saturnino.abril@gmail.com>
Date: Sat, 5 May 2018 02:16:00 +0800
Subject: update permission of converting a channel from public to private to
 allow team admin (#8723)

---
 api4/channel.go      |  8 +++-----
 api4/channel_test.go | 12 ++++++++----
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/api4/channel.go b/api4/channel.go
index 83fa8eb18..1026a41ad 100644
--- a/api4/channel.go
+++ b/api4/channel.go
@@ -153,15 +153,13 @@ func convertChannelToPrivate(c *Context, w http.ResponseWriter, r *http.Request)
 		return
 	}
 
-	if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
-		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
-		return
-	}
-
 	oldPublicChannel, err := c.App.GetChannel(c.Params.ChannelId)
 	if err != nil {
 		c.Err = err
 		return
+	} else if !c.App.SessionHasPermissionToTeam(c.Session, oldPublicChannel.TeamId, model.PERMISSION_MANAGE_TEAM) {
+		c.SetPermissionError(model.PERMISSION_MANAGE_TEAM)
+		return
 	} else if oldPublicChannel.Type == model.CHANNEL_PRIVATE {
 		c.Err = model.NewAppError("convertChannelToPrivate", "api.channel.convert_channel_to_private.private_channel_error", nil, "", http.StatusBadRequest)
 		return
diff --git a/api4/channel_test.go b/api4/channel_test.go
index 767fdbdb8..b428a382a 100644
--- a/api4/channel_test.go
+++ b/api4/channel_test.go
@@ -915,10 +915,13 @@ func TestConvertChannelToPrivate(t *testing.T) {
 	CheckForbiddenStatus(t, resp)
 
 	th.LoginTeamAdmin()
-	_, resp = Client.ConvertChannelToPrivate(publicChannel.Id)
-	CheckForbiddenStatus(t, resp)
+	rchannel, resp := Client.ConvertChannelToPrivate(publicChannel.Id)
+	CheckOKStatus(t, resp)
+	if rchannel.Type != model.CHANNEL_PRIVATE {
+		t.Fatal("channel should be converted from public to private")
+	}
 
-	rchannel, resp := th.SystemAdminClient.ConvertChannelToPrivate(privateChannel.Id)
+	rchannel, resp = th.SystemAdminClient.ConvertChannelToPrivate(privateChannel.Id)
 	CheckBadRequestStatus(t, resp)
 	if rchannel != nil {
 		t.Fatal("should not return a channel")
@@ -930,7 +933,8 @@ func TestConvertChannelToPrivate(t *testing.T) {
 		t.Fatal("should not return a channel")
 	}
 
-	rchannel, resp = th.SystemAdminClient.ConvertChannelToPrivate(publicChannel.Id)
+	publicChannel2 := th.CreatePublicChannel()
+	rchannel, resp = th.SystemAdminClient.ConvertChannelToPrivate(publicChannel2.Id)
 	CheckOKStatus(t, resp)
 	if rchannel.Type != model.CHANNEL_PRIVATE {
 		t.Fatal("channel should be converted from public to private")
-- 
cgit v1.2.3-1-g7c22