From 41d2786e3e256acf22be18c96c036e84e0ae4fc9 Mon Sep 17 00:00:00 2001
From: nickago <ngonella@calpoly.edu>
Date: Thu, 16 Jul 2015 13:50:20 -0700
Subject: reworked logic to stem from post

---
 api/context.go | 4 ++--
 api/post.go    | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

(limited to 'api')

diff --git a/api/context.go b/api/context.go
index 0c9dee5c3..9f23d71a0 100644
--- a/api/context.go
+++ b/api/context.go
@@ -265,8 +265,8 @@ func (c *Context) IsSystemAdmin() bool {
 	return false
 }
 
-func (c *Context) IsTeamAdmin() bool {
-	if uresult := <-Srv.Store.User().Get(c.Session.UserId); uresult.Err != nil {
+func (c *Context) IsTeamAdmin(userId string) bool {
+	if uresult := <-Srv.Store.User().Get(userId); uresult.Err != nil {
 		c.Err = uresult.Err
 		return false
 	} else {
diff --git a/api/post.go b/api/post.go
index 214429bb9..36fcafd39 100644
--- a/api/post.go
+++ b/api/post.go
@@ -620,10 +620,6 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) {
 	cchan := Srv.Store.Channel().CheckPermissionsTo(c.Session.TeamId, channelId, c.Session.UserId)
 	pchan := Srv.Store.Post().Get(postId)
 
-	if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin(){
-		return
-	}
-
 	if result := <-pchan; result.Err != nil {
 		c.Err = result.Err
 		return
@@ -631,6 +627,10 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) {
 
 		post := result.Data.(*model.PostList).Posts[postId]
 
+	if !c.HasPermissionsToChannel(cchan, "deletePost") && !c.IsTeamAdmin(post.UserId){
+		return
+	}
+
 		if post == nil {
 			c.SetInvalidParam("deletePost", "postId")
 			return
-- 
cgit v1.2.3-1-g7c22