1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package api4
import (
"net/http"
"strconv"
l4g "github.com/alecthomas/log4go"
"github.com/mattermost/platform/app"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/utils"
)
func InitCommand() {
l4g.Debug(utils.T("api.command.init.debug"))
BaseRoutes.Commands.Handle("", ApiSessionRequired(createCommand)).Methods("POST")
BaseRoutes.Commands.Handle("", ApiSessionRequired(listCommands)).Methods("GET")
}
func createCommand(c *Context, w http.ResponseWriter, r *http.Request) {
cmd := model.CommandFromJson(r.Body)
if cmd == nil {
c.SetInvalidParam("command")
return
}
c.LogAudit("attempt")
if !app.SessionHasPermissionToTeam(c.Session, cmd.TeamId, model.PERMISSION_MANAGE_SLASH_COMMANDS) {
c.SetPermissionError(model.PERMISSION_MANAGE_SLASH_COMMANDS)
return
}
cmd.CreatorId = c.Session.UserId
rcmd, err := app.CreateCommand(cmd)
if err != nil {
c.Err = err
return
}
c.LogAudit("success")
w.WriteHeader(http.StatusCreated)
w.Write([]byte(rcmd.ToJson()))
}
func listCommands(c *Context, w http.ResponseWriter, r *http.Request) {
customOnly, failConv := strconv.ParseBool(r.URL.Query().Get("custom_only"))
if failConv != nil {
customOnly = false
}
teamId := r.URL.Query().Get("team_id")
if len(teamId) == 0 {
c.SetInvalidParam("team_id")
return
}
commands := []*model.Command{}
err := &model.AppError{}
if customOnly {
if !app.SessionHasPermissionToTeam(c.Session, teamId, model.PERMISSION_MANAGE_SLASH_COMMANDS) {
c.SetPermissionError(model.PERMISSION_MANAGE_SLASH_COMMANDS)
return
}
commands, err = app.ListTeamCommands(teamId)
if err != nil {
c.Err = err
return
}
} else {
//User with no permission should see only system commands
if !app.SessionHasPermissionToTeam(c.Session, teamId, model.PERMISSION_MANAGE_SLASH_COMMANDS) {
commands, err = app.ListAutocompleteCommands(teamId, c.T)
if err != nil {
c.Err = err
return
}
} else {
commands, err = app.ListAllCommands(teamId, c.T)
if err != nil {
c.Err = err
return
}
}
}
w.Write([]byte(model.CommandListToJson(commands)))
}
|
