diff options
author | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2017-03-21 12:56:42 +0100 |
---|---|---|
committer | George Goldberg <george@gberg.me> | 2017-03-21 11:56:42 +0000 |
commit | 4968ef0759087f34c1674a385707f6befef810b7 (patch) | |
tree | ca8a11050a6d57766dcf5e6ae4de97ed8974d0cc /api4/webhook.go | |
parent | 32c658b1ced9f896c6079cf684283a49875f04b5 (diff) | |
download | chat-4968ef0759087f34c1674a385707f6befef810b7.tar.gz chat-4968ef0759087f34c1674a385707f6befef810b7.tar.bz2 chat-4968ef0759087f34c1674a385707f6befef810b7.zip |
implement PUT /hooks/outgoing/{hook_id} - update outgoing hook (#5793)
Diffstat (limited to 'api4/webhook.go')
-rw-r--r-- | api4/webhook.go | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/api4/webhook.go b/api4/webhook.go index b1c013843..aaaf6f396 100644 --- a/api4/webhook.go +++ b/api4/webhook.go @@ -23,6 +23,7 @@ func InitWebhook() { BaseRoutes.OutgoingHooks.Handle("", ApiSessionRequired(createOutgoingHook)).Methods("POST") BaseRoutes.OutgoingHooks.Handle("", ApiSessionRequired(getOutgoingHooks)).Methods("GET") + BaseRoutes.OutgoingHook.Handle("", ApiSessionRequired(updateOutcomingHook)).Methods("PUT") BaseRoutes.OutgoingHook.Handle("/regen_token", ApiSessionRequired(regenOutgoingHookToken)).Methods("POST") } @@ -224,6 +225,49 @@ func deleteIncomingHook(c *Context, w http.ResponseWriter, r *http.Request) { } } +func updateOutcomingHook(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireHookId() + if c.Err != nil { + return + } + + toUpdateHook := model.OutgoingWebhookFromJson(r.Body) + if toUpdateHook == nil { + c.SetInvalidParam("outgoing_webhook") + return + } + + c.LogAudit("attempt") + + toUpdateHook.CreatorId = c.Session.UserId + + if !app.SessionHasPermissionToTeam(c.Session, toUpdateHook.TeamId, model.PERMISSION_MANAGE_WEBHOOKS) { + c.SetPermissionError(model.PERMISSION_MANAGE_WEBHOOKS) + return + } + + oldHook, err := app.GetOutgoingWebhook(toUpdateHook.Id) + if err != nil { + c.Err = err + return + } + + if c.Session.UserId != oldHook.CreatorId && !app.SessionHasPermissionToTeam(c.Session, oldHook.TeamId, model.PERMISSION_MANAGE_OTHERS_WEBHOOKS) { + c.LogAudit("fail - inappropriate permissions") + c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_WEBHOOKS) + return + } + + rhook, err := app.UpdateOutgoingWebhook(oldHook, toUpdateHook) + if err != nil { + c.Err = err + return + } + + c.LogAudit("success") + w.Write([]byte(rhook.ToJson())) +} + func createOutgoingHook(c *Context, w http.ResponseWriter, r *http.Request) { hook := model.OutgoingWebhookFromJson(r.Body) if hook == nil { |