diff options
| author | Christopher Speller <crspeller@gmail.com> | 2015-08-18 08:51:57 -0400 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2015-08-18 08:51:57 -0400 |
| commit | 390cb47ec37c0bbddb829cae9cefeb8e0e97b7a1 (patch) | |
| tree | f14c1edc4aa7d0f1ceade130e450ae21e40efa77 /api | |
| parent | 2f1dcf6f5267ecf85d14c8a36a9d3059a5d41218 (diff) | |
| parent | b068cc1058a2909e7fc9d9622e806d52127bfa52 (diff) | |
| download | chat-390cb47ec37c0bbddb829cae9cefeb8e0e97b7a1.tar.gz chat-390cb47ec37c0bbddb829cae9cefeb8e0e97b7a1.tar.bz2 chat-390cb47ec37c0bbddb829cae9cefeb8e0e97b7a1.zip | |
Merge pull request #385 from mattermost/mm-1623
MM-1623 when user roles are updated, the relevant session roles are updated as well
Diffstat (limited to 'api')
| -rw-r--r-- | api/user.go | 30 | ||||
| -rw-r--r-- | api/user_test.go | 12 |
2 files changed, 37 insertions, 5 deletions
diff --git a/api/user.go b/api/user.go index 303ec2b0a..2e71ddfc6 100644 --- a/api/user.go +++ b/api/user.go @@ -962,18 +962,38 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { user.Roles = new_roles + var ruser *model.User if result := <-Srv.Store.User().Update(user, true); result.Err != nil { c.Err = result.Err return } else { c.LogAuditWithUserId(user.Id, "roles="+new_roles) - ruser := result.Data.([2]*model.User)[0] - options := utils.SanitizeOptions - options["passwordupdate"] = false - ruser.Sanitize(options) - w.Write([]byte(ruser.ToJson())) + ruser = result.Data.([2]*model.User)[0] + } + + uchan := Srv.Store.Session().UpdateRoles(user.Id, new_roles) + gchan := Srv.Store.Session().GetSessions(user.Id) + + if result := <-uchan; result.Err != nil { + // soft error since the user roles were still updated + l4g.Error(result.Err) + } + + if result := <-gchan; result.Err != nil { + // soft error since the user roles were still updated + l4g.Error(result.Err) + } else { + sessions := result.Data.([]*model.Session) + for _, s := range sessions { + sessionCache.Remove(s.Id) + } } + + options := utils.SanitizeOptions + options["passwordupdate"] = false + ruser.Sanitize(options) + w.Write([]byte(ruser.ToJson())) } func updateActive(c *Context, w http.ResponseWriter, r *http.Request) { diff --git a/api/user_test.go b/api/user_test.go index 8b95bdf55..776b17b3c 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -651,6 +651,12 @@ func TestUserUpdateRoles(t *testing.T) { t.Fatal("Should have errored, not admin") } + name := make(map[string]string) + name["new_name"] = "NewName" + if _, err := Client.UpdateTeamDisplayName(name); err == nil { + t.Fatal("should have errored - user not admin yet") + } + team2 := &model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} team2 = Client.Must(Client.CreateTeam(team2)).Data.(*model.Team) @@ -690,6 +696,12 @@ func TestUserUpdateRoles(t *testing.T) { t.Fatal("Roles did not update properly") } } + + Client.LoginByEmail(team.Name, user2.Email, "pwd") + + if _, err := Client.UpdateTeamDisplayName(name); err != nil { + t.Fatal(err) + } } func TestUserUpdateActive(t *testing.T) { |