diff options
Diffstat (limited to 'api4/oauth.go')
-rw-r--r-- | api4/oauth.go | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/api4/oauth.go b/api4/oauth.go index 593d405db..c3b64b608 100644 --- a/api4/oauth.go +++ b/api4/oauth.go @@ -18,6 +18,7 @@ func InitOAuth() { l4g.Debug(utils.T("api.oauth.init.debug")) BaseRoutes.OAuthApps.Handle("", ApiSessionRequired(createOAuthApp)).Methods("POST") + BaseRoutes.OAuthApp.Handle("", ApiSessionRequired(updateOAuthApp)).Methods("PUT") BaseRoutes.OAuthApps.Handle("", ApiSessionRequired(getOAuthApps)).Methods("GET") BaseRoutes.OAuthApp.Handle("", ApiSessionRequired(getOAuthApp)).Methods("GET") BaseRoutes.OAuthApp.Handle("/info", ApiSessionRequired(getOAuthAppInfo)).Methods("GET") @@ -74,6 +75,47 @@ func createOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(rapp.ToJson())) } +func updateOAuthApp(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireAppId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_OAUTH) { + c.SetPermissionError(model.PERMISSION_MANAGE_OAUTH) + return + } + + oauthApp := model.OAuthAppFromJson(r.Body) + if oauthApp == nil { + c.SetInvalidParam("oauth_app") + return + } + + c.LogAudit("attempt") + + oldOauthApp, err := c.App.GetOAuthApp(c.Params.AppId) + if err != nil { + c.Err = err + return + } + + if c.Session.UserId != oauthApp.CreatorId && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) + return + } + + updatedOauthApp, err := c.App.UpdateOauthApp(oldOauthApp, oauthApp) + if err != nil { + c.Err = err + return + } + + c.LogAudit("success") + + w.Write([]byte(updatedOauthApp.ToJson())) +} + func getOAuthApps(c *Context, w http.ResponseWriter, r *http.Request) { if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_OAUTH) { c.Err = model.NewAppError("getOAuthApps", "api.command.admin_only.app_error", nil, "", http.StatusForbidden) |