diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-01-23 08:12:05 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-01-23 08:12:05 -0500 |
commit | e9c9688b343049c6d461260bd15fff3486238f92 (patch) | |
tree | a112e51de0e7f9989b173b7dbc4ad89080cc0e34 /api/context.go | |
parent | b064457c745ae6bf27e5e6933a0a7406f3f4921d (diff) | |
download | chat-e9c9688b343049c6d461260bd15fff3486238f92.tar.gz chat-e9c9688b343049c6d461260bd15fff3486238f92.tar.bz2 chat-e9c9688b343049c6d461260bd15fff3486238f92.zip |
Move permissions code into app package (#5146)
* Move permissions code into app package
* Revert getPosts permission
Diffstat (limited to 'api/context.go')
-rw-r--r-- | api/context.go | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/api/context.go b/api/context.go index e77f6da24..edee8bb21 100644 --- a/api/context.go +++ b/api/context.go @@ -345,7 +345,7 @@ func (c *Context) SystemAdminRequired() { c.Err = model.NewLocAppError("", "api.context.session_expired.app_error", nil, "SystemAdminRequired") c.Err.StatusCode = http.StatusUnauthorized return - } else if !HasPermissionToContext(c, model.PERMISSION_MANAGE_SYSTEM) { + } else if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { c.Err = model.NewLocAppError("", "api.context.permissions.app_error", nil, "AdminRequired") c.Err.StatusCode = http.StatusForbidden return @@ -378,6 +378,11 @@ func (c *Context) SetUnknownError(where string, details string) { c.Err = model.NewLocAppError(where, "api.context.unknown.app_error", nil, details) } +func (c *Context) SetPermissionError(permission *model.Permission) { + c.Err = model.NewLocAppError("Permissions", "api.context.permissions.app_error", nil, "userId="+c.Session.UserId+", "+"permission="+permission.Id) + c.Err.StatusCode = http.StatusForbidden +} + func (c *Context) setTeamURL(url string, valid bool) { c.teamURL = url c.teamURLValid = valid @@ -462,14 +467,14 @@ func Handle404(w http.ResponseWriter, r *http.Request) { func (c *Context) CheckTeamId() { if c.TeamId != "" && c.Session.GetTeamByTeamId(c.TeamId) == nil { - if HasPermissionToContext(c, model.PERMISSION_MANAGE_SYSTEM) { + if app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { if result := <-app.Srv.Store.Team().Get(c.TeamId); result.Err != nil { c.Err = result.Err c.Err.StatusCode = http.StatusBadRequest return } } else { - // HasPermissionToContext automatically fills the Context error + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) return } } |