From f1274a7ec29919e9c99cf41f5c1b47589f38cfb1 Mon Sep 17 00:00:00 2001
From: Saturnino Abril <saturnino.abril@gmail.com>
Date: Fri, 24 Mar 2017 18:13:27 +0900
Subject: Endpoint for APIv4 POST /teams/{team_id}/members (#5804)

---
 api4/team.go | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

(limited to 'api4/team.go')

diff --git a/api4/team.go b/api4/team.go
index 1e63273e6..26fff7ce1 100644
--- a/api4/team.go
+++ b/api4/team.go
@@ -25,6 +25,7 @@ func InitTeam() {
 	BaseRoutes.Team.Handle("/stats", ApiSessionRequired(getTeamStats)).Methods("GET")
 	BaseRoutes.TeamMembers.Handle("", ApiSessionRequired(getTeamMembers)).Methods("GET")
 	BaseRoutes.TeamMembers.Handle("/ids", ApiSessionRequired(getTeamMembersByIds)).Methods("POST")
+	BaseRoutes.TeamMembers.Handle("", ApiSessionRequired(addTeamMember)).Methods("POST")
 
 	BaseRoutes.TeamForUser.Handle("/unread", ApiSessionRequired(getTeamUnread)).Methods("GET")
 
@@ -235,6 +236,57 @@ func getTeamMembersByIds(c *Context, w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(model.TeamMembersToJson(members)))
 }
 
+func addTeamMember(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireTeamId()
+	if c.Err != nil {
+		return
+	}
+
+	var err *model.AppError
+	member := model.TeamMemberFromJson(r.Body)
+	if member.TeamId != c.Params.TeamId {
+		c.SetInvalidParam("team_id")
+		return
+	}
+
+	hash := r.URL.Query().Get("hash")
+	data := r.URL.Query().Get("data")
+	inviteId := r.URL.Query().Get("invite_id")
+
+	if len(member.UserId) > 0 {
+		if len(member.UserId) != 26 {
+			c.SetInvalidParam("user_id")
+			return
+		}
+
+		if !app.SessionHasPermissionToTeam(c.Session, member.TeamId, model.PERMISSION_ADD_USER_TO_TEAM) {
+			c.SetPermissionError(model.PERMISSION_ADD_USER_TO_TEAM)
+			return
+		}
+
+		member, err = app.AddTeamMember(member.TeamId, member.UserId, c.GetSiteURL())
+	} else if len(hash) > 0 && len(data) > 0 {
+		member, err = app.AddTeamMemberByHash(c.Session.UserId, hash, data, c.GetSiteURL())
+		if err != nil {
+			err = model.NewAppError("addTeamMember", "api.team.add_user_to_team.invalid_data.app_error", nil, "", http.StatusNotFound)
+		}
+	} else if len(inviteId) > 0 {
+		member, err = app.AddTeamMemberByInviteId(inviteId, c.Session.UserId, c.GetSiteURL())
+		if err != nil {
+			err = model.NewAppError("addTeamMember", "api.team.add_user_to_team.invalid_invite_id.app_error", nil, "", http.StatusNotFound)
+		}
+	} else {
+		err = model.NewAppError("addTeamMember", "api.team.add_user_to_team.missing_parameter.app_error", nil, "", http.StatusBadRequest)
+	}
+
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	w.Write([]byte(member.ToJson()))
+}
+
 func getTeamUnread(c *Context, w http.ResponseWriter, r *http.Request) {
 	c.RequireTeamId().RequireUserId()
 	if c.Err != nil {
-- 
cgit v1.2.3-1-g7c22