github.com/mad-app/mattermost-server@v5.11.1+incompatible/api4/scheme.go

github.com/mad-app/mattermost-server@v5.11.1+incompatible/api4/scheme.go (about)

     1  // Copyright (c) 2018-present Mattermost, Inc. All Rights Reserved.
     2  // See License.txt for license information.
     3  
     4  package api4
     5  
     6  import (
     7  	"net/http"
     8  
     9  	"github.com/mattermost/mattermost-server/model"
    10  )
    11  
    12  func (api *API) InitScheme() {
    13  	api.BaseRoutes.Schemes.Handle("", api.ApiSessionRequired(getSchemes)).Methods("GET")
    14  	api.BaseRoutes.Schemes.Handle("", api.ApiSessionRequired(createScheme)).Methods("POST")
    15  	api.BaseRoutes.Schemes.Handle("/{scheme_id:[A-Za-z0-9]+}", api.ApiSessionRequired(deleteScheme)).Methods("DELETE")
    16  	api.BaseRoutes.Schemes.Handle("/{scheme_id:[A-Za-z0-9]+}", api.ApiSessionRequiredTrustRequester(getScheme)).Methods("GET")
    17  	api.BaseRoutes.Schemes.Handle("/{scheme_id:[A-Za-z0-9]+}/patch", api.ApiSessionRequired(patchScheme)).Methods("PUT")
    18  	api.BaseRoutes.Schemes.Handle("/{scheme_id:[A-Za-z0-9]+}/teams", api.ApiSessionRequiredTrustRequester(getTeamsForScheme)).Methods("GET")
    19  	api.BaseRoutes.Schemes.Handle("/{scheme_id:[A-Za-z0-9]+}/channels", api.ApiSessionRequiredTrustRequester(getChannelsForScheme)).Methods("GET")
    20  }
    21  
    22  func createScheme(c *Context, w http.ResponseWriter, r *http.Request) {
    23  	scheme := model.SchemeFromJson(r.Body)
    24  	if scheme == nil {
    25  		c.SetInvalidParam("scheme")
    26  		return
    27  	}
    28  
    29  	if c.App.License() == nil || !*c.App.License().Features.CustomPermissionsSchemes {
    30  		c.Err = model.NewAppError("Api4.CreateScheme", "api.scheme.create_scheme.license.error", nil, "", http.StatusNotImplemented)
    31  		return
    32  	}
    33  
    34  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
    35  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
    36  		return
    37  	}
    38  
    39  	scheme, err := c.App.CreateScheme(scheme)
    40  	if err != nil {
    41  		c.Err = err
    42  		return
    43  	}
    44  
    45  	w.WriteHeader(http.StatusCreated)
    46  	w.Write([]byte(scheme.ToJson()))
    47  }
    48  
    49  func getScheme(c *Context, w http.ResponseWriter, r *http.Request) {
    50  	c.RequireSchemeId()
    51  	if c.Err != nil {
    52  		return
    53  	}
    54  
    55  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
    56  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
    57  		return
    58  	}
    59  
    60  	scheme, err := c.App.GetScheme(c.Params.SchemeId)
    61  	if err != nil {
    62  		c.Err = err
    63  		return
    64  	}
    65  
    66  	w.Write([]byte(scheme.ToJson()))
    67  }
    68  
    69  func getSchemes(c *Context, w http.ResponseWriter, r *http.Request) {
    70  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
    71  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
    72  		return
    73  	}
    74  
    75  	scope := c.Params.Scope
    76  	if scope != "" && scope != model.SCHEME_SCOPE_TEAM && scope != model.SCHEME_SCOPE_CHANNEL {
    77  		c.SetInvalidParam("scope")
    78  		return
    79  	}
    80  
    81  	schemes, err := c.App.GetSchemesPage(c.Params.Scope, c.Params.Page, c.Params.PerPage)
    82  	if err != nil {
    83  		c.Err = err
    84  		return
    85  	}
    86  
    87  	w.Write([]byte(model.SchemesToJson(schemes)))
    88  }
    89  
    90  func getTeamsForScheme(c *Context, w http.ResponseWriter, r *http.Request) {
    91  	c.RequireSchemeId()
    92  	if c.Err != nil {
    93  		return
    94  	}
    95  
    96  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
    97  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
    98  		return
    99  	}
   100  
   101  	scheme, err := c.App.GetScheme(c.Params.SchemeId)
   102  	if err != nil {
   103  		c.Err = err
   104  		return
   105  	}
   106  
   107  	if scheme.Scope != model.SCHEME_SCOPE_TEAM {
   108  		c.Err = model.NewAppError("Api4.GetTeamsForScheme", "api.scheme.get_teams_for_scheme.scope.error", nil, "", http.StatusBadRequest)
   109  		return
   110  	}
   111  
   112  	teams, err := c.App.GetTeamsForSchemePage(scheme, c.Params.Page, c.Params.PerPage)
   113  	if err != nil {
   114  		c.Err = err
   115  		return
   116  	}
   117  
   118  	w.Write([]byte(model.TeamListToJson(teams)))
   119  }
   120  
   121  func getChannelsForScheme(c *Context, w http.ResponseWriter, r *http.Request) {
   122  	c.RequireSchemeId()
   123  	if c.Err != nil {
   124  		return
   125  	}
   126  
   127  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
   128  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
   129  		return
   130  	}
   131  
   132  	scheme, err := c.App.GetScheme(c.Params.SchemeId)
   133  	if err != nil {
   134  		c.Err = err
   135  		return
   136  	}
   137  
   138  	if scheme.Scope != model.SCHEME_SCOPE_CHANNEL {
   139  		c.Err = model.NewAppError("Api4.GetChannelsForScheme", "api.scheme.get_channels_for_scheme.scope.error", nil, "", http.StatusBadRequest)
   140  		return
   141  	}
   142  
   143  	channels, err := c.App.GetChannelsForSchemePage(scheme, c.Params.Page, c.Params.PerPage)
   144  	if err != nil {
   145  		c.Err = err
   146  		return
   147  	}
   148  
   149  	w.Write([]byte(channels.ToJson()))
   150  }
   151  
   152  func patchScheme(c *Context, w http.ResponseWriter, r *http.Request) {
   153  	c.RequireSchemeId()
   154  	if c.Err != nil {
   155  		return
   156  	}
   157  
   158  	patch := model.SchemePatchFromJson(r.Body)
   159  	if patch == nil {
   160  		c.SetInvalidParam("scheme")
   161  		return
   162  	}
   163  
   164  	if c.App.License() == nil || !*c.App.License().Features.CustomPermissionsSchemes {
   165  		c.Err = model.NewAppError("Api4.PatchScheme", "api.scheme.patch_scheme.license.error", nil, "", http.StatusNotImplemented)
   166  		return
   167  	}
   168  
   169  	scheme, err := c.App.GetScheme(c.Params.SchemeId)
   170  	if err != nil {
   171  		c.Err = err
   172  		return
   173  	}
   174  
   175  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
   176  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
   177  		return
   178  	}
   179  
   180  	scheme, err = c.App.PatchScheme(scheme, patch)
   181  	if err != nil {
   182  		c.Err = err
   183  		return
   184  	}
   185  
   186  	c.LogAudit("")
   187  	w.Write([]byte(scheme.ToJson()))
   188  }
   189  
   190  func deleteScheme(c *Context, w http.ResponseWriter, r *http.Request) {
   191  	c.RequireSchemeId()
   192  	if c.Err != nil {
   193  		return
   194  	}
   195  
   196  	if c.App.License() == nil || !*c.App.License().Features.CustomPermissionsSchemes {
   197  		c.Err = model.NewAppError("Api4.DeleteScheme", "api.scheme.delete_scheme.license.error", nil, "", http.StatusNotImplemented)
   198  		return
   199  	}
   200  
   201  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
   202  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
   203  		return
   204  	}
   205  
   206  	if _, err := c.App.DeleteScheme(c.Params.SchemeId); err != nil {
   207  		c.Err = err
   208  		return
   209  	}
   210  
   211  	ReturnStatusOK(w)
   212  }