diff options
Diffstat (limited to 'api4')
-rw-r--r-- | api4/post.go | 34 | ||||
-rw-r--r-- | api4/post_test.go | 70 |
2 files changed, 104 insertions, 0 deletions
diff --git a/api4/post.go b/api4/post.go index 9c671ec21..f16a1ba3d 100644 --- a/api4/post.go +++ b/api4/post.go @@ -26,6 +26,8 @@ func InitPost() { BaseRoutes.Team.Handle("/posts/search", ApiSessionRequired(searchPosts)).Methods("POST") BaseRoutes.Post.Handle("", ApiSessionRequired(updatePost)).Methods("PUT") BaseRoutes.Post.Handle("/patch", ApiSessionRequired(patchPost)).Methods("PUT") + BaseRoutes.Post.Handle("/pin", ApiSessionRequired(pinPost)).Methods("POST") + BaseRoutes.Post.Handle("/unpin", ApiSessionRequired(unpinPost)).Methods("POST") } func createPost(c *Context, w http.ResponseWriter, r *http.Request) { @@ -274,6 +276,38 @@ func patchPost(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(patchedPost.ToJson())) } +func saveIsPinnedPost(c *Context, w http.ResponseWriter, r *http.Request, isPinned bool) { + c.RequirePostId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionToChannelByPost(c.Session, c.Params.PostId, model.PERMISSION_READ_CHANNEL) { + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + + patch := &model.PostPatch{} + patch.IsPinned = new(bool) + *patch.IsPinned = isPinned + + _, err := app.PatchPost(c.Params.PostId, patch) + if err != nil { + c.Err = err + return + } + + ReturnStatusOK(w) +} + +func pinPost(c *Context, w http.ResponseWriter, r *http.Request) { + saveIsPinnedPost(c, w, r, true) +} + +func unpinPost(c *Context, w http.ResponseWriter, r *http.Request) { + saveIsPinnedPost(c, w, r, false) +} + func getFileInfosForPost(c *Context, w http.ResponseWriter, r *http.Request) { c.RequirePostId() if c.Err != nil { diff --git a/api4/post_test.go b/api4/post_test.go index bf896f081..562136ca9 100644 --- a/api4/post_test.go +++ b/api4/post_test.go @@ -270,6 +270,76 @@ func TestPatchPost(t *testing.T) { CheckNoError(t, resp) } +func TestPinPost(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + post := th.BasicPost + pass, resp := Client.PinPost(post.Id) + CheckNoError(t, resp) + + if !pass { + t.Fatal("should have passed") + } + + if rpost, err := app.GetSinglePost(post.Id); err != nil && rpost.IsPinned != true { + t.Fatal("failed to pin post") + } + + pass, resp = Client.PinPost("junk") + CheckBadRequestStatus(t, resp) + + if pass { + t.Fatal("should have failed") + } + + _, resp = Client.PinPost(GenerateTestId()) + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.PinPost(post.Id) + CheckUnauthorizedStatus(t, resp) + + _, resp = th.SystemAdminClient.PinPost(post.Id) + CheckNoError(t, resp) +} + +func TestUnpinPost(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + pinnedPost := th.CreatePinnedPost() + pass, resp := Client.UnpinPost(pinnedPost.Id) + CheckNoError(t, resp) + + if !pass { + t.Fatal("should have passed") + } + + if rpost, err := app.GetSinglePost(pinnedPost.Id); err != nil && rpost.IsPinned != false { + t.Fatal("failed to pin post") + } + + pass, resp = Client.UnpinPost("junk") + CheckBadRequestStatus(t, resp) + + if pass { + t.Fatal("should have failed") + } + + _, resp = Client.UnpinPost(GenerateTestId()) + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.UnpinPost(pinnedPost.Id) + CheckUnauthorizedStatus(t, resp) + + _, resp = th.SystemAdminClient.UnpinPost(pinnedPost.Id) + CheckNoError(t, resp) +} + func TestGetPostsForChannel(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() |