IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

Prevent accidental removal of user from town square (#4842)

Browse Source
This commit is contained in:
Joram Wilander
2016-12-20 09:27:29 -05:00
committed by Christopher Speller
parent bf3fec604f
commit 1f67c91fce
5 changed files with 27 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
api/channel.go
View File

@@ -1003,23 +1003,22 @@ func getChannel(c *Context, w http.ResponseWriter, r *http.Request) {
func getChannelByName(c *Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
channelname := params["channel_name"]
channelName := params["channel_name"]
cchan := Srv.Store.Channel().GetByName(c.TeamId, channelname)
cchan := Srv.Store.Channel().GetByName(c.TeamId, channelName)
if cresult := <-cchan; cresult.Err != nil {
c.Err = cresult.Err
return
} else {
data := &model.Channel{}
data = cresult.Data.(*model.Channel)
data := cresult.Data.(*model.Channel)
if !HasPermissionToChannelContext(c, data.Id, model.PERMISSION_READ_CHANNEL) {
return
}
if data.TeamId != c.TeamId && data.Type != model.CHANNEL_DIRECT {
c.Err = model.NewLocAppError("getChannel", "api.channel.get_channel.wrong_team.app_error", map[string]interface{}{"ChannelName": channelname, "TeamId": c.TeamId}, "")
c.Err = model.NewLocAppError("getChannel", "api.channel.get_channel.wrong_team.app_error", map[string]interface{}{"ChannelName": channelName, "TeamId": c.TeamId}, "")
return
}
@@ -1207,7 +1206,11 @@ func removeMember(c *Context, w http.ResponseWriter, r *http.Request) {
func RemoveUserFromChannel(userIdToRemove string, removerUserId string, channel *model.Channel) *model.AppError {
if channel.DeleteAt > 0 {
return model.NewLocAppError("updateChannel", "api.channel.remove_user_from_channel.deleted.app_error", nil, "")
return model.NewLocAppError("RemoveUserFromChannel", "api.channel.remove_user_from_channel.deleted.app_error", nil, "")
}
if channel.Name == model.DEFAULT_CHANNEL {
return model.NewLocAppError("RemoveUserFromChannel", "api.channel.remove.default.app_error", map[string]interface{}{"Channel": model.DEFAULT_CHANNEL}, "")
}
if cmresult := <-Srv.Store.Channel().RemoveMember(channel.Id, userIdToRemove); cmresult.Err != nil {

14
api/channel_test.go
View File

@@ -1344,6 +1344,11 @@ func TestRemoveChannelMember(t *testing.T) {
t.Fatal("Should have errored, channel deleted")
}
townSquare := Client.Must(Client.GetChannelByName("town-square")).Data.(*model.Channel)
if _, err := Client.RemoveChannelMember(townSquare.Id, userStd.Id); err == nil {
t.Fatal("should have errored, channel is default")
}
}
func TestUpdateNotifyProps(t *testing.T) {
@@ -1684,8 +1689,13 @@ func TestGetChannelByName(t *testing.T) {
th := Setup().InitBasic()
Client := th.BasicClient
if _, err := Client.GetChannelByName(th.BasicChannel.Name); err != nil {
if result, err := Client.GetChannelByName(th.BasicChannel.Name); err != nil {
t.Fatal("Failed to get channel")
} else {
channel := result.Data.(*model.Channel)
if channel.Name != th.BasicChannel.Name {
t.Fatal("channel names did not match")
}
}
if _, err := Client.GetChannelByName("InvalidChannelName"); err == nil {
@@ -1703,6 +1713,6 @@ func TestGetChannelByName(t *testing.T) {
Client.Login(user2.Email, "passwd1")
if _, err := Client.GetChannelByName(th.BasicChannel.Name); err == nil {
t.Fatal("Should fail due not enough permissions")
t.Fatal("Should fail due to not enough permissions")
}
}

4
i18n/en.json
View File

@@ -287,6 +287,10 @@
"id": "api.channel.leave.default.app_error",
"translation": "Cannot leave the default channel {{.Channel}}"
},
{
"id": "api.channel.remove.default.app_error",
"translation": "Cannot remove user from the default channel {{.Channel}}"
},
{
"id": "api.channel.leave.direct.app_error",
"translation": "Cannot leave a direct message channel"

2
model/client.go
View File

@@ -1258,7 +1258,7 @@ func (c *Client) GetChannelByName(channelName string) (*Result, *AppError) {
} else {
defer closeBody(r)
return &Result{r.Header.Get(HEADER_REQUEST_ID),
r.Header.Get(HEADER_ETAG_SERVER), ChannelMemberFromJson(r.Body)}, nil
r.Header.Get(HEADER_ETAG_SERVER), ChannelFromJson(r.Body)}, nil
}
}

2
webapp/components/channel_header.jsx
View File

@@ -661,7 +661,7 @@ export default class ChannelHeader extends React.Component {
);
let channelMembersModal;
if (this.state.showMembersModal) {
if (this.state.showMembersModal && channel.name !== Constants.DEFAULT_CHANNEL) {
channelMembersModal = (
<ChannelMembersModal
onModalDismissed={() => this.setState({showMembersModal: false})}