diff options
author | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2017-04-16 22:49:57 +0200 |
---|---|---|
committer | Joram Wilander <jwawilander@gmail.com> | 2017-04-16 16:49:57 -0400 |
commit | d8d0716122be5eebab85b89f5a5a522fcaed3bd1 (patch) | |
tree | 8568b44afc612d9adaddc7fea7b92d993663ce16 /api4/command.go | |
parent | 461a0b3b7c14cd59cb53eb66f419c965ab3bdd24 (diff) | |
download | chat-d8d0716122be5eebab85b89f5a5a522fcaed3bd1.tar.gz chat-d8d0716122be5eebab85b89f5a5a522fcaed3bd1.tar.bz2 chat-d8d0716122be5eebab85b89f5a5a522fcaed3bd1.zip |
[APIV4] POST /commands/{command_id}/regen_token for apiV4 (#6052)
* implement POST /commands/{command_id}/regen_token for apiV4
* update comment
Diffstat (limited to 'api4/command.go')
-rw-r--r-- | api4/command.go | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/api4/command.go b/api4/command.go index 5787d1132..f44363522 100644 --- a/api4/command.go +++ b/api4/command.go @@ -23,6 +23,7 @@ func InitCommand() { BaseRoutes.Command.Handle("", ApiSessionRequired(deleteCommand)).Methods("DELETE") BaseRoutes.Team.Handle("/commands/autocomplete", ApiSessionRequired(listAutocompleteCommands)).Methods("GET") + BaseRoutes.Command.Handle("/regen_token", ApiSessionRequired(regenCommandToken)).Methods("PUT") } func createCommand(c *Context, w http.ResponseWriter, r *http.Request) { @@ -201,3 +202,40 @@ func listAutocompleteCommands(c *Context, w http.ResponseWriter, r *http.Request w.Write([]byte(model.CommandListToJson(commands))) } + +func regenCommandToken(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireCommandId() + if c.Err != nil { + return + } + + c.LogAudit("attempt") + cmd, err := app.GetCommand(c.Params.CommandId) + if err != nil { + c.Err = err + return + } + + if !app.SessionHasPermissionToTeam(c.Session, cmd.TeamId, model.PERMISSION_MANAGE_SLASH_COMMANDS) { + c.LogAudit("fail - inappropriate permissions") + c.SetPermissionError(model.PERMISSION_MANAGE_SLASH_COMMANDS) + return + } + + if c.Session.UserId != cmd.CreatorId && !app.SessionHasPermissionToTeam(c.Session, cmd.TeamId, model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS) { + c.LogAudit("fail - inappropriate permissions") + c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS) + return + } + + rcmd, err := app.RegenCommandToken(cmd) + if err != nil { + c.Err = err + return + } + + resp := make(map[string]string) + resp["token"] = rcmd.Token + + w.Write([]byte(model.MapToJson(resp))) +} |