diff options
author | cpanato <ctadeu@gmail.com> | 2018-07-10 19:27:14 +0200 |
---|---|---|
committer | cpanato <ctadeu@gmail.com> | 2018-07-10 19:27:14 +0200 |
commit | c042ffa460296587579aff54b157a5109e022f7e (patch) | |
tree | 9e7f77fbc83b6d06204db099066be8999dbb22d9 /app/command_channel_header.go | |
parent | 9470564d355c201155f6fcb123152b8ac954f812 (diff) | |
parent | dccd95bc67779a5b83a2660aec0cf4622cd56550 (diff) | |
download | chat-c042ffa460296587579aff54b157a5109e022f7e.tar.gz chat-c042ffa460296587579aff54b157a5109e022f7e.tar.bz2 chat-c042ffa460296587579aff54b157a5109e022f7e.zip |
Merge remote-tracking branch 'upstream/release-5.1' into release-5.1-daily-merge-20180710
Diffstat (limited to 'app/command_channel_header.go')
-rw-r--r-- | app/command_channel_header.go | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/app/command_channel_header.go b/app/command_channel_header.go index 63a9250a7..100135f48 100644 --- a/app/command_channel_header.go +++ b/app/command_channel_header.go @@ -40,11 +40,25 @@ func (me *HeaderProvider) DoCommand(a *App, args *model.CommandArgs, message str return &model.CommandResponse{Text: args.T("api.command_channel_header.channel.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} } - if channel.Type == model.CHANNEL_OPEN && !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) { - return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} - } + switch channel.Type { + case model.CHANNEL_OPEN: + if !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) { + return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} + } + + case model.CHANNEL_PRIVATE: + if !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) { + return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} + } + + case model.CHANNEL_GROUP, model.CHANNEL_DIRECT: + // Modifying the header is not linked to any specific permission for group/dm channels, so just check for membership. + channelMember, err := a.GetChannelMember(args.ChannelId, args.Session.UserId) + if err != nil || channelMember == nil { + return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} + } - if channel.Type == model.CHANNEL_PRIVATE && !a.SessionHasPermissionToChannel(args.Session, args.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) { + default: return &model.CommandResponse{Text: args.T("api.command_channel_header.permission.app_error"), ResponseType: model.COMMAND_RESPONSE_TYPE_EPHEMERAL} } |