[APIV4] POST /commands/{command_id}/regen_token for apiV4 (#6052)

* implement POST /commands/{command_id}/regen_token for apiV4 * update comment
2025-02-25 18:55:24 -06:00 · 2017-04-16 22:49:57 +02:00
parent 461a0b3b7c
commit d8d0716122
3 changed files with 84 additions and 0 deletions
--- a/api4/command.go
+++ b/api4/command.go
@@ -23,6 +23,7 @@ func InitCommand() {
 	BaseRoutes.Command.Handle("", ApiSessionRequired(deleteCommand)).Methods("DELETE")

 	BaseRoutes.Team.Handle("/commands/autocomplete", ApiSessionRequired(listAutocompleteCommands)).Methods("GET")
+	BaseRoutes.Command.Handle("/regen_token", ApiSessionRequired(regenCommandToken)).Methods("PUT")
 }

 func createCommand(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -201,3 +202,40 @@ func listAutocompleteCommands(c *Context, w http.ResponseWriter, r *http.Request

 	w.Write([]byte(model.CommandListToJson(commands)))
 }
+
+func regenCommandToken(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireCommandId()
+	if c.Err != nil {
+		return
+	}
+
+	c.LogAudit("attempt")
+	cmd, err := app.GetCommand(c.Params.CommandId)
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	if !app.SessionHasPermissionToTeam(c.Session, cmd.TeamId, model.PERMISSION_MANAGE_SLASH_COMMANDS) {
+		c.LogAudit("fail - inappropriate permissions")
+		c.SetPermissionError(model.PERMISSION_MANAGE_SLASH_COMMANDS)
+		return
+	}
+
+	if c.Session.UserId != cmd.CreatorId && !app.SessionHasPermissionToTeam(c.Session, cmd.TeamId, model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS) {
+		c.LogAudit("fail - inappropriate permissions")
+		c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS)
+		return
+	}
+
+	rcmd, err := app.RegenCommandToken(cmd)
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	resp := make(map[string]string)
+	resp["token"] = rcmd.Token
+
+	w.Write([]byte(model.MapToJson(resp)))
+}
--- a/api4/command_test.go
+++ b/api4/command_test.go
@@ -345,3 +345,39 @@ func TestListAutocompleteCommands(t *testing.T) {
 		}
 	})
 }
+
+func TestRegenToken(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+
+	enableCommands := *utils.Cfg.ServiceSettings.EnableCommands
+	defer func() {
+		utils.Cfg.ServiceSettings.EnableCommands = &enableCommands
+	}()
+	*utils.Cfg.ServiceSettings.EnableCommands = true
+
+	newCmd := &model.Command{
+		CreatorId: th.BasicUser.Id,
+		TeamId:    th.BasicTeam.Id,
+		URL:       "http://nowhere.com",
+		Method:    model.COMMAND_METHOD_POST,
+		Trigger:   "trigger"}
+
+	createdCmd, resp := th.SystemAdminClient.CreateCommand(newCmd)
+	CheckNoError(t, resp)
+	CheckCreatedStatus(t, resp)
+
+	token, resp := th.SystemAdminClient.RegenCommandToken(createdCmd.Id)
+	CheckNoError(t, resp)
+	if token == createdCmd.Token {
+		t.Fatal("should update the token")
+	}
+
+	token, resp = Client.RegenCommandToken(createdCmd.Id)
+	CheckForbiddenStatus(t, resp)
+	if token != "" {
+		t.Fatal("should not return the token")
+	}
+
+}
--- a/model/client4.go
+++ b/model/client4.go
@@ -2243,6 +2243,16 @@ func (c *Client4) ListAutocompleteCommands(teamId string) ([]*Command, *Response
 	}
 }

+// RegenCommandToken will create a new token if the user have the right permissions.
+func (c *Client4) RegenCommandToken(commandId string) (string, *Response) {
+	if r, err := c.DoApiPut(c.GetCommandRoute(commandId)+"/regen_token", ""); err != nil {
+		return "", &Response{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return MapFromJson(r.Body)["token"], BuildResponse(r)
+	}
+}
+
 // Status Section

 // GetUserStatus returns a user based on the provided user id string.