mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
Allow system admins to update and delete channels (#3161)
This commit is contained in:
Joram Wilander
committed by
Corey Hulen
Corey Hulen
parent
bd48d304c3
commit
3ce6dfc71e
@@ -189,7 +189,6 @@ func updateChannel(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
sc := Srv.Store.Channel().Get(channel.Id)
|
||||
cmc := Srv.Store.Channel().GetMember(channel.Id, c.Session.UserId)
|
||||
tmc := Srv.Store.Team().GetMember(c.TeamId, c.Session.UserId)
|
||||
|
||||
if cresult := <-sc; cresult.Err != nil {
|
||||
c.Err = cresult.Err
|
||||
@@ -197,19 +196,15 @@ func updateChannel(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
} else if cmcresult := <-cmc; cmcresult.Err != nil {
|
||||
c.Err = cmcresult.Err
|
||||
return
|
||||
} else if tmcresult := <-tmc; cmcresult.Err != nil {
|
||||
c.Err = tmcresult.Err
|
||||
return
|
||||
} else {
|
||||
oldChannel := cresult.Data.(*model.Channel)
|
||||
channelMember := cmcresult.Data.(model.ChannelMember)
|
||||
teamMember := tmcresult.Data.(model.TeamMember)
|
||||
|
||||
if !c.HasPermissionsToTeam(oldChannel.TeamId, "updateChannel") {
|
||||
return
|
||||
}
|
||||
|
||||
if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(teamMember.Roles, model.ROLE_TEAM_ADMIN) {
|
||||
if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !c.IsTeamAdmin() {
|
||||
c.Err = model.NewLocAppError("updateChannel", "api.channel.update_channel.permission.app_error", nil, "")
|
||||
c.Err.StatusCode = http.StatusForbidden
|
||||
return
|
||||
@@ -639,7 +634,6 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
sc := Srv.Store.Channel().Get(id)
|
||||
scm := Srv.Store.Channel().GetMember(id, c.Session.UserId)
|
||||
tmc := Srv.Store.Team().GetMember(c.TeamId, c.Session.UserId)
|
||||
uc := Srv.Store.User().Get(c.Session.UserId)
|
||||
ihc := Srv.Store.Webhook().GetIncomingByChannel(id)
|
||||
ohc := Srv.Store.Webhook().GetOutgoingByChannel(id)
|
||||
@@ -653,9 +647,6 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
} else if scmresult := <-scm; scmresult.Err != nil {
|
||||
c.Err = scmresult.Err
|
||||
return
|
||||
} else if tmcresult := <-tmc; tmcresult.Err != nil {
|
||||
c.Err = tmcresult.Err
|
||||
return
|
||||
} else if ihcresult := <-ihc; ihcresult.Err != nil {
|
||||
c.Err = ihcresult.Err
|
||||
return
|
||||
@@ -666,7 +657,6 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
channel := cresult.Data.(*model.Channel)
|
||||
user := uresult.Data.(*model.User)
|
||||
channelMember := scmresult.Data.(model.ChannelMember)
|
||||
teamMember := tmcresult.Data.(model.TeamMember)
|
||||
incomingHooks := ihcresult.Data.([]*model.IncomingWebhook)
|
||||
outgoingHooks := ohcresult.Data.([]*model.OutgoingWebhook)
|
||||
|
||||
@@ -674,7 +664,7 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(teamMember.Roles, model.ROLE_TEAM_ADMIN) {
|
||||
if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !c.IsTeamAdmin() {
|
||||
c.Err = model.NewLocAppError("deleteChannel", "api.channel.delete_channel.permissions.app_error", nil, "")
|
||||
c.Err.StatusCode = http.StatusForbidden
|
||||
return
|
||||
|
||||
@@ -129,13 +129,17 @@ func TestCreateDirectChannel(t *testing.T) {
|
||||
}
|
||||
|
||||
func TestUpdateChannel(t *testing.T) {
|
||||
th := Setup().InitBasic()
|
||||
Client := th.BasicClient
|
||||
team := th.BasicTeam
|
||||
user := th.BasicUser
|
||||
user2 := th.CreateUser(th.BasicClient)
|
||||
th := Setup().InitSystemAdmin()
|
||||
Client := th.SystemAdminClient
|
||||
team := th.SystemAdminTeam
|
||||
sysAdminUser := th.SystemAdminUser
|
||||
user := th.CreateUser(Client)
|
||||
LinkUserToTeam(user, team)
|
||||
user2 := th.CreateUser(Client)
|
||||
LinkUserToTeam(user2, team)
|
||||
|
||||
Client.Login(user.Email, user.Password)
|
||||
|
||||
channel1 := &model.Channel{DisplayName: "A Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
|
||||
channel1 = Client.Must(Client.CreateChannel(channel1)).Data.(*model.Channel)
|
||||
|
||||
@@ -180,9 +184,26 @@ func TestUpdateChannel(t *testing.T) {
|
||||
Client.Must(Client.JoinChannel(channel1.Id))
|
||||
UpdateUserToTeamAdmin(user2, team)
|
||||
|
||||
Client.Logout()
|
||||
Client.Login(user2.Email, user2.Password)
|
||||
Client.SetTeamId(team.Id)
|
||||
|
||||
if _, err := Client.UpdateChannel(upChannel1); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
Client.Login(sysAdminUser.Email, sysAdminUser.Password)
|
||||
Client.Must(Client.JoinChannel(channel1.Id))
|
||||
|
||||
if _, err := Client.UpdateChannel(upChannel1); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
Client.Must(Client.DeleteChannel(channel1.Id))
|
||||
|
||||
if _, err := Client.UpdateChannel(upChannel1); err == nil {
|
||||
t.Fatal("should have failed - channel deleted")
|
||||
}
|
||||
}
|
||||
|
||||
func TestUpdateChannelHeader(t *testing.T) {
|
||||
@@ -517,12 +538,16 @@ func TestLeaveChannel(t *testing.T) {
|
||||
}
|
||||
|
||||
func TestDeleteChannel(t *testing.T) {
|
||||
th := Setup().InitBasic()
|
||||
Client := th.BasicClient
|
||||
team := th.BasicTeam
|
||||
userTeamAdmin := th.BasicUser
|
||||
th := Setup().InitSystemAdmin()
|
||||
Client := th.SystemAdminClient
|
||||
team := th.SystemAdminTeam
|
||||
userSystemAdmin := th.SystemAdminUser
|
||||
userTeamAdmin := th.CreateUser(Client)
|
||||
LinkUserToTeam(userTeamAdmin, team)
|
||||
user2 := th.CreateUser(Client)
|
||||
LinkUserToTeam(user2, team)
|
||||
|
||||
th.LoginBasic2()
|
||||
Client.Login(user2.Email, user2.Password)
|
||||
|
||||
channelMadeByCA := &model.Channel{DisplayName: "C Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
|
||||
channelMadeByCA = Client.Must(Client.CreateChannel(channelMadeByCA)).Data.(*model.Channel)
|
||||
@@ -550,7 +575,7 @@ func TestDeleteChannel(t *testing.T) {
|
||||
t.Fatal("should have failed to post to deleted channel")
|
||||
}
|
||||
|
||||
userStd := th.CreateUser(th.BasicClient)
|
||||
userStd := th.CreateUser(Client)
|
||||
LinkUserToTeam(userStd, team)
|
||||
Client.Login(userStd.Email, userStd.Password)
|
||||
|
||||
@@ -577,9 +602,27 @@ func TestDeleteChannel(t *testing.T) {
|
||||
|
||||
UpdateUserToTeamAdmin(userStd, team)
|
||||
|
||||
Client.Logout()
|
||||
Client.Login(userStd.Email, userStd.Password)
|
||||
Client.SetTeamId(team.Id)
|
||||
|
||||
if _, err := Client.DeleteChannel(channel2.Id); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
channel3 := &model.Channel{DisplayName: "B Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id}
|
||||
channel3 = Client.Must(Client.CreateChannel(channel3)).Data.(*model.Channel)
|
||||
|
||||
Client.Login(userSystemAdmin.Email, userSystemAdmin.Password)
|
||||
Client.Must(Client.JoinChannel(channel3.Id))
|
||||
|
||||
if _, err := Client.DeleteChannel(channel3.Id); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
if _, err := Client.DeleteChannel(channel3.Id); err == nil {
|
||||
t.Fatal("should have failed - channel already deleted")
|
||||
}
|
||||
}
|
||||
|
||||
func TestGetChannelExtraInfo(t *testing.T) {
|
||||
|
||||
Reference in New Issue
Block a user