From 443a880fbd4249d4782f39f2f96152a14147c08b Mon Sep 17 00:00:00 2001
From: Joram Wilander <jwawilander@gmail.com>
Date: Mon, 30 Oct 2017 13:14:17 -0400
Subject: Add command validation on update (#7742)

---
 store/sqlstore/command_store.go  | 4 ++++
 store/storetest/command_store.go | 6 ++++++
 2 files changed, 10 insertions(+)

diff --git a/store/sqlstore/command_store.go b/store/sqlstore/command_store.go
index 0ab09d61c..ed90051c8 100644
--- a/store/sqlstore/command_store.go
+++ b/store/sqlstore/command_store.go
@@ -138,6 +138,10 @@ func (s SqlCommandStore) Update(cmd *model.Command) store.StoreChannel {
 	return store.Do(func(result *store.StoreResult) {
 		cmd.UpdateAt = model.GetMillis()
 
+		if result.Err = cmd.IsValid(); result.Err != nil {
+			return
+		}
+
 		if _, err := s.GetMaster().Update(cmd); err != nil {
 			result.Err = model.NewAppError("SqlCommandStore.Update", "store.sql_command.save.update.app_error", nil, "id="+cmd.Id+", "+err.Error(), http.StatusInternalServerError)
 		} else {
diff --git a/store/storetest/command_store.go b/store/storetest/command_store.go
index 92d981660..ffc575563 100644
--- a/store/storetest/command_store.go
+++ b/store/storetest/command_store.go
@@ -221,6 +221,12 @@ func testCommandStoreUpdate(t *testing.T, ss store.Store) {
 	if r2 := <-ss.Command().Update(o1); r2.Err != nil {
 		t.Fatal(r2.Err)
 	}
+
+	o1.URL = "junk"
+
+	if r2 := <-ss.Command().Update(o1); r2.Err == nil {
+		t.Fatal("should have failed - bad URL")
+	}
 }
 
 func testCommandCount(t *testing.T, ss store.Store) {
-- 
cgit v1.2.3-1-g7c22