From f2abb9d8eb4b35369d286749ede37916a8979e07 Mon Sep 17 00:00:00 2001
From: Saturnino Abril <saturnino.abril@gmail.com>
Date: Tue, 27 Jun 2017 04:05:50 +0800
Subject: fix permission app error with updatePost (#6749)

---
 api4/post.go      | 4 ++++
 api4/post_test.go | 2 ++
 app/post.go       | 5 -----
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/api4/post.go b/api4/post.go
index 7bfe5ad64..65a508df7 100644
--- a/api4/post.go
+++ b/api4/post.go
@@ -302,6 +302,10 @@ func searchPosts(c *Context, w http.ResponseWriter, r *http.Request) {
 
 func updatePost(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequirePostId()
+	if c.Err != nil {
+		return
+	}
+
 	post := model.PostFromJson(r.Body)
 
 	if post == nil {
diff --git a/api4/post_test.go b/api4/post_test.go
index abfd83989..a2c0b065b 100644
--- a/api4/post_test.go
+++ b/api4/post_test.go
@@ -137,6 +137,8 @@ func TestUpdatePost(t *testing.T) {
 
 	msg := "zz" + model.NewId() + " update post"
 	rpost.Message = msg
+	rpost.UserId = ""
+
 	rupost, resp := Client.UpdatePost(rpost.Id, rpost)
 	CheckNoError(t, resp)
 
diff --git a/app/post.go b/app/post.go
index baea6179f..01581c748 100644
--- a/app/post.go
+++ b/app/post.go
@@ -239,11 +239,6 @@ func UpdatePost(post *model.Post, safeUpdate bool) (*model.Post, *model.AppError
 			return nil, err
 		}
 
-		if oldPost.UserId != post.UserId {
-			err := model.NewAppError("UpdatePost", "api.post.update_post.permissions.app_error", nil, "oldUserId="+oldPost.UserId, http.StatusBadRequest)
-			return nil, err
-		}
-
 		if oldPost.DeleteAt != 0 {
 			err := model.NewAppError("UpdatePost", "api.post.update_post.permissions_details.app_error", map[string]interface{}{"PostId": post.Id}, "", http.StatusBadRequest)
 			return nil, err
-- 
cgit v1.2.3-1-g7c22