From e2cafc1905fc9e20125dd9a1552d2d0c7340ae59 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jes=C3=BAs=20Espino?= <jespinog@gmail.com>
Date: Tue, 29 May 2018 11:29:13 +0200
Subject: [PATCH] Simplifing permissions checks

---
 api4/emoji.go | 56 +++++++++++++++++++++++----------------------------
 1 file changed, 25 insertions(+), 31 deletions(-)

diff --git a/api4/emoji.go b/api4/emoji.go
index 42f66a22af..b6360a01cb 100644
--- a/api4/emoji.go
+++ b/api4/emoji.go
@@ -56,19 +56,17 @@ func createEmoji(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_EMOJIS) {
-		hasPermission := false
-		for _, membership := range memberships {
-			if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_EMOJIS) {
-				hasPermission = true
-				break
-			}
-		}
-		if !hasPermission {
-			c.SetPermissionError(model.PERMISSION_MANAGE_EMOJIS)
-			return
+	hasPermission := false
+	for _, membership := range memberships {
+		if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_EMOJIS) {
+			hasPermission = true
+			break
 		}
 	}
+	if !hasPermission {
+		c.SetPermissionError(model.PERMISSION_MANAGE_EMOJIS)
+		return
+	}
 
 	m := r.MultipartForm
 	props := m.Value
@@ -134,37 +132,33 @@ func deleteEmoji(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_EMOJIS) {
+	hasPermission := false
+	for _, membership := range memberships {
+		if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_EMOJIS) {
+			hasPermission = true
+			break
+		}
+	}
+	if !hasPermission {
+		c.SetPermissionError(model.PERMISSION_MANAGE_EMOJIS)
+		return
+	}
+
+	if c.Session.UserId != emoji.CreatorId {
 		hasPermission := false
 		for _, membership := range memberships {
-			if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_EMOJIS) {
+			if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_OTHERS_EMOJIS) {
 				hasPermission = true
 				break
 			}
 		}
+
 		if !hasPermission {
-			c.SetPermissionError(model.PERMISSION_MANAGE_EMOJIS)
+			c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_EMOJIS)
 			return
 		}
 	}
 
-	if c.Session.UserId != emoji.CreatorId {
-		if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_OTHERS_EMOJIS) {
-			hasPermission := false
-			for _, membership := range memberships {
-				if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_OTHERS_EMOJIS) {
-					hasPermission = true
-					break
-				}
-			}
-
-			if !hasPermission {
-				c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_EMOJIS)
-				return
-			}
-		}
-	}
-
 	err = c.App.DeleteEmoji(emoji)
 	if err != nil {
 		c.Err = err