From 59992ae4a4638006ec1489dd834151b258c1728c Mon Sep 17 00:00:00 2001
From: Joram Wilander <jwawilander@gmail.com>
Date: Mon, 31 Jul 2017 12:59:32 -0400
Subject: PLT-6763 Implement user access tokens and new roles (server-side)
 (#6972)

* Implement user access tokens and new roles

* Update config.json

* Add public post permission to apiv3

* Remove old comment

* Fix model unit test

* Updates to store per feedback

* Updates per feedback from CS
---
 api4/context.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'api4/context.go')

diff --git a/api4/context.go b/api4/context.go
index 61c318266..d72b3593d 100644
--- a/api4/context.go
+++ b/api4/context.go
@@ -239,6 +239,11 @@ func (c *Context) IsSystemAdmin() bool {
 }
 
 func (c *Context) SessionRequired() {
+	if !*utils.Cfg.ServiceSettings.EnableUserAccessTokens && c.Session.Props[model.SESSION_PROP_TYPE] == model.SESSION_TYPE_USER_ACCESS_TOKEN {
+		c.Err = model.NewAppError("", "api.context.session_expired.app_error", nil, "UserAccessToken", http.StatusUnauthorized)
+		return
+	}
+
 	if len(c.Session.UserId) == 0 {
 		c.Err = model.NewAppError("", "api.context.session_expired.app_error", nil, "UserRequired", http.StatusUnauthorized)
 		return
@@ -361,6 +366,17 @@ func (c *Context) RequireInviteId() *Context {
 	return c
 }
 
+func (c *Context) RequireTokenId() *Context {
+	if c.Err != nil {
+		return c
+	}
+
+	if len(c.Params.TokenId) != 26 {
+		c.SetInvalidUrlParam("token_id")
+	}
+	return c
+}
+
 func (c *Context) RequireChannelId() *Context {
 	if c.Err != nil {
 		return c
-- 
cgit v1.2.3-1-g7c22