github.com/masterhung0112/hk_server/v5@v5.0.0-20220302090640-ec71aef15e1c/api4/channel.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package api4 5 6 import ( 7 "context" 8 "encoding/json" 9 "net/http" 10 "strconv" 11 "strings" 12 13 "github.com/masterhung0112/hk_server/v5/app" 14 "github.com/masterhung0112/hk_server/v5/audit" 15 "github.com/masterhung0112/hk_server/v5/model" 16 "github.com/masterhung0112/hk_server/v5/shared/mlog" 17 ) 18 19 func (api *API) InitChannel() { 20 api.BaseRoutes.Channels.Handle("", api.ApiSessionRequired(getAllChannels)).Methods("GET") 21 api.BaseRoutes.Channels.Handle("", api.ApiSessionRequired(createChannel)).Methods("POST") 22 api.BaseRoutes.Channels.Handle("/direct", api.ApiSessionRequired(createDirectChannel)).Methods("POST") 23 api.BaseRoutes.Channels.Handle("/search", api.ApiSessionRequiredDisableWhenBusy(searchAllChannels)).Methods("POST") 24 api.BaseRoutes.Channels.Handle("/group/search", api.ApiSessionRequiredDisableWhenBusy(searchGroupChannels)).Methods("POST") 25 api.BaseRoutes.Channels.Handle("/group", api.ApiSessionRequired(createGroupChannel)).Methods("POST") 26 api.BaseRoutes.Channels.Handle("/members/{user_id:[A-Za-z0-9]+}/view", api.ApiSessionRequired(viewChannel)).Methods("POST") 27 api.BaseRoutes.Channels.Handle("/{channel_id:[A-Za-z0-9]+}/scheme", api.ApiSessionRequired(updateChannelScheme)).Methods("PUT") 28 29 api.BaseRoutes.ChannelsForTeam.Handle("", api.ApiSessionRequired(getPublicChannelsForTeam)).Methods("GET") 30 api.BaseRoutes.ChannelsForTeam.Handle("/deleted", api.ApiSessionRequired(getDeletedChannelsForTeam)).Methods("GET") 31 api.BaseRoutes.ChannelsForTeam.Handle("/private", api.ApiSessionRequired(getPrivateChannelsForTeam)).Methods("GET") 32 api.BaseRoutes.ChannelsForTeam.Handle("/ids", api.ApiSessionRequired(getPublicChannelsByIdsForTeam)).Methods("POST") 33 api.BaseRoutes.ChannelsForTeam.Handle("/search", api.ApiSessionRequiredDisableWhenBusy(searchChannelsForTeam)).Methods("POST") 34 api.BaseRoutes.ChannelsForTeam.Handle("/search_archived", api.ApiSessionRequiredDisableWhenBusy(searchArchivedChannelsForTeam)).Methods("POST") 35 api.BaseRoutes.ChannelsForTeam.Handle("/autocomplete", api.ApiSessionRequired(autocompleteChannelsForTeam)).Methods("GET") 36 api.BaseRoutes.ChannelsForTeam.Handle("/search_autocomplete", api.ApiSessionRequired(autocompleteChannelsForTeamForSearch)).Methods("GET") 37 api.BaseRoutes.User.Handle("/teams/{team_id:[A-Za-z0-9]+}/channels", api.ApiSessionRequired(getChannelsForTeamForUser)).Methods("GET") 38 39 api.BaseRoutes.ChannelCategories.Handle("", api.ApiSessionRequired(getCategoriesForTeamForUser)).Methods("GET") 40 api.BaseRoutes.ChannelCategories.Handle("", api.ApiSessionRequired(createCategoryForTeamForUser)).Methods("POST") 41 api.BaseRoutes.ChannelCategories.Handle("", api.ApiSessionRequired(updateCategoriesForTeamForUser)).Methods("PUT") 42 api.BaseRoutes.ChannelCategories.Handle("/order", api.ApiSessionRequired(getCategoryOrderForTeamForUser)).Methods("GET") 43 api.BaseRoutes.ChannelCategories.Handle("/order", api.ApiSessionRequired(updateCategoryOrderForTeamForUser)).Methods("PUT") 44 api.BaseRoutes.ChannelCategories.Handle("/{category_id:[A-Za-z0-9_-]+}", api.ApiSessionRequired(getCategoryForTeamForUser)).Methods("GET") 45 api.BaseRoutes.ChannelCategories.Handle("/{category_id:[A-Za-z0-9_-]+}", api.ApiSessionRequired(updateCategoryForTeamForUser)).Methods("PUT") 46 api.BaseRoutes.ChannelCategories.Handle("/{category_id:[A-Za-z0-9_-]+}", api.ApiSessionRequired(deleteCategoryForTeamForUser)).Methods("DELETE") 47 48 api.BaseRoutes.Channel.Handle("", api.ApiSessionRequired(getChannel)).Methods("GET") 49 api.BaseRoutes.Channel.Handle("", api.ApiSessionRequired(updateChannel)).Methods("PUT") 50 api.BaseRoutes.Channel.Handle("/patch", api.ApiSessionRequired(patchChannel)).Methods("PUT") 51 api.BaseRoutes.Channel.Handle("/convert", api.ApiSessionRequired(convertChannelToPrivate)).Methods("POST") 52 api.BaseRoutes.Channel.Handle("/privacy", api.ApiSessionRequired(updateChannelPrivacy)).Methods("PUT") 53 api.BaseRoutes.Channel.Handle("/restore", api.ApiSessionRequired(restoreChannel)).Methods("POST") 54 api.BaseRoutes.Channel.Handle("", api.ApiSessionRequired(deleteChannel)).Methods("DELETE") 55 api.BaseRoutes.Channel.Handle("/stats", api.ApiSessionRequired(getChannelStats)).Methods("GET") 56 api.BaseRoutes.Channel.Handle("/pinned", api.ApiSessionRequired(getPinnedPosts)).Methods("GET") 57 api.BaseRoutes.Channel.Handle("/timezones", api.ApiSessionRequired(getChannelMembersTimezones)).Methods("GET") 58 api.BaseRoutes.Channel.Handle("/members_minus_group_members", api.ApiSessionRequired(channelMembersMinusGroupMembers)).Methods("GET") 59 api.BaseRoutes.Channel.Handle("/move", api.ApiSessionRequired(moveChannel)).Methods("POST") 60 api.BaseRoutes.Channel.Handle("/member_counts_by_group", api.ApiSessionRequired(channelMemberCountsByGroup)).Methods("GET") 61 62 api.BaseRoutes.ChannelForUser.Handle("/unread", api.ApiSessionRequired(getChannelUnread)).Methods("GET") 63 64 api.BaseRoutes.ChannelByName.Handle("", api.ApiSessionRequired(getChannelByName)).Methods("GET") 65 api.BaseRoutes.ChannelByNameForTeamName.Handle("", api.ApiSessionRequired(getChannelByNameForTeamName)).Methods("GET") 66 67 api.BaseRoutes.ChannelMembers.Handle("", api.ApiSessionRequired(getChannelMembers)).Methods("GET") 68 api.BaseRoutes.ChannelMembers.Handle("/ids", api.ApiSessionRequired(getChannelMembersByIds)).Methods("POST") 69 api.BaseRoutes.ChannelMembers.Handle("", api.ApiSessionRequired(addChannelMember)).Methods("POST") 70 api.BaseRoutes.ChannelMembersForUser.Handle("", api.ApiSessionRequired(getChannelMembersForUser)).Methods("GET") 71 api.BaseRoutes.ChannelMember.Handle("", api.ApiSessionRequired(getChannelMember)).Methods("GET") 72 api.BaseRoutes.ChannelMember.Handle("", api.ApiSessionRequired(removeChannelMember)).Methods("DELETE") 73 api.BaseRoutes.ChannelMember.Handle("/roles", api.ApiSessionRequired(updateChannelMemberRoles)).Methods("PUT") 74 api.BaseRoutes.ChannelMember.Handle("/schemeRoles", api.ApiSessionRequired(updateChannelMemberSchemeRoles)).Methods("PUT") 75 api.BaseRoutes.ChannelMember.Handle("/notify_props", api.ApiSessionRequired(updateChannelMemberNotifyProps)).Methods("PUT") 76 77 api.BaseRoutes.ChannelModerations.Handle("", api.ApiSessionRequired(getChannelModerations)).Methods("GET") 78 api.BaseRoutes.ChannelModerations.Handle("/patch", api.ApiSessionRequired(patchChannelModerations)).Methods("PUT") 79 } 80 81 func createChannel(c *Context, w http.ResponseWriter, r *http.Request) { 82 channel := model.ChannelFromJson(r.Body) 83 if channel == nil { 84 c.SetInvalidParam("channel") 85 return 86 } 87 88 auditRec := c.MakeAuditRecord("createChannel", audit.Fail) 89 defer c.LogAuditRec(auditRec) 90 auditRec.AddMeta("channel", channel) 91 92 if channel.Type == model.CHANNEL_OPEN && !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), channel.TeamId, model.PERMISSION_CREATE_PUBLIC_CHANNEL) { 93 c.SetPermissionError(model.PERMISSION_CREATE_PUBLIC_CHANNEL) 94 return 95 } 96 97 if channel.Type == model.CHANNEL_PRIVATE && !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), channel.TeamId, model.PERMISSION_CREATE_PRIVATE_CHANNEL) { 98 c.SetPermissionError(model.PERMISSION_CREATE_PRIVATE_CHANNEL) 99 return 100 } 101 102 sc, err := c.App.CreateChannelWithUser(c.AppContext, channel, c.AppContext.Session().UserId) 103 if err != nil { 104 c.Err = err 105 return 106 } 107 108 auditRec.Success() 109 auditRec.AddMeta("channel", sc) // overwrite meta 110 c.LogAudit("name=" + channel.Name) 111 112 w.WriteHeader(http.StatusCreated) 113 w.Write([]byte(sc.ToJson())) 114 } 115 116 func updateChannel(c *Context, w http.ResponseWriter, r *http.Request) { 117 c.RequireChannelId() 118 if c.Err != nil { 119 return 120 } 121 122 channel := model.ChannelFromJson(r.Body) 123 124 if channel == nil { 125 c.SetInvalidParam("channel") 126 return 127 } 128 129 // The channel being updated in the payload must be the same one as indicated in the URL. 130 if channel.Id != c.Params.ChannelId { 131 c.SetInvalidParam("channel_id") 132 return 133 } 134 135 auditRec := c.MakeAuditRecord("updateChannel", audit.Fail) 136 defer c.LogAuditRec(auditRec) 137 138 originalOldChannel, err := c.App.GetChannel(channel.Id) 139 if err != nil { 140 c.Err = err 141 return 142 } 143 oldChannel := originalOldChannel.DeepCopy() 144 145 auditRec.AddMeta("channel", oldChannel) 146 147 switch oldChannel.Type { 148 case model.CHANNEL_OPEN: 149 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) { 150 c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) 151 return 152 } 153 154 case model.CHANNEL_PRIVATE: 155 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) { 156 c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) 157 return 158 } 159 160 case model.CHANNEL_GROUP, model.CHANNEL_DIRECT: 161 // Modifying the header is not linked to any specific permission for group/dm channels, so just check for membership. 162 if _, errGet := c.App.GetChannelMember(context.Background(), channel.Id, c.AppContext.Session().UserId); errGet != nil { 163 c.Err = model.NewAppError("updateChannel", "api.channel.patch_update_channel.forbidden.app_error", nil, "", http.StatusForbidden) 164 return 165 } 166 167 default: 168 c.Err = model.NewAppError("updateChannel", "api.channel.patch_update_channel.forbidden.app_error", nil, "", http.StatusForbidden) 169 return 170 } 171 172 if oldChannel.DeleteAt > 0 { 173 c.Err = model.NewAppError("updateChannel", "api.channel.update_channel.deleted.app_error", nil, "", http.StatusBadRequest) 174 return 175 } 176 177 if channel.Type != "" && channel.Type != oldChannel.Type { 178 c.Err = model.NewAppError("updateChannel", "api.channel.update_channel.typechange.app_error", nil, "", http.StatusBadRequest) 179 return 180 } 181 182 if oldChannel.Name == model.DEFAULT_CHANNEL { 183 if channel.Name != "" && channel.Name != oldChannel.Name { 184 c.Err = model.NewAppError("updateChannel", "api.channel.update_channel.tried.app_error", map[string]interface{}{"Channel": model.DEFAULT_CHANNEL}, "", http.StatusBadRequest) 185 return 186 } 187 } 188 189 oldChannel.Header = channel.Header 190 oldChannel.Purpose = channel.Purpose 191 192 oldChannelDisplayName := oldChannel.DisplayName 193 194 if channel.DisplayName != "" { 195 oldChannel.DisplayName = channel.DisplayName 196 } 197 198 if channel.Name != "" { 199 oldChannel.Name = channel.Name 200 auditRec.AddMeta("new_channel_name", oldChannel.Name) 201 } 202 203 if channel.GroupConstrained != nil { 204 oldChannel.GroupConstrained = channel.GroupConstrained 205 } 206 207 updatedChannel, err := c.App.UpdateChannel(oldChannel) 208 if err != nil { 209 c.Err = err 210 return 211 } 212 auditRec.AddMeta("update", updatedChannel) 213 214 if oldChannelDisplayName != channel.DisplayName { 215 if err := c.App.PostUpdateChannelDisplayNameMessage(c.AppContext, c.AppContext.Session().UserId, channel, oldChannelDisplayName, channel.DisplayName); err != nil { 216 mlog.Warn("Error while posting channel display name message", mlog.Err(err)) 217 } 218 } 219 220 auditRec.Success() 221 c.LogAudit("name=" + channel.Name) 222 223 w.Write([]byte(oldChannel.ToJson())) 224 } 225 226 func convertChannelToPrivate(c *Context, w http.ResponseWriter, r *http.Request) { 227 c.RequireChannelId() 228 if c.Err != nil { 229 return 230 } 231 232 oldPublicChannel, err := c.App.GetChannel(c.Params.ChannelId) 233 if err != nil { 234 c.Err = err 235 return 236 } 237 238 auditRec := c.MakeAuditRecord("convertChannelToPrivate", audit.Fail) 239 defer c.LogAuditRec(auditRec) 240 auditRec.AddMeta("channel", oldPublicChannel) 241 242 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_CONVERT_PUBLIC_CHANNEL_TO_PRIVATE) { 243 c.SetPermissionError(model.PERMISSION_CONVERT_PUBLIC_CHANNEL_TO_PRIVATE) 244 return 245 } 246 247 if oldPublicChannel.Type == model.CHANNEL_PRIVATE { 248 c.Err = model.NewAppError("convertChannelToPrivate", "api.channel.convert_channel_to_private.private_channel_error", nil, "", http.StatusBadRequest) 249 return 250 } 251 252 if oldPublicChannel.Name == model.DEFAULT_CHANNEL { 253 c.Err = model.NewAppError("convertChannelToPrivate", "api.channel.convert_channel_to_private.default_channel_error", nil, "", http.StatusBadRequest) 254 return 255 } 256 257 user, err := c.App.GetUser(c.AppContext.Session().UserId) 258 if err != nil { 259 c.Err = err 260 return 261 } 262 auditRec.AddMeta("user", user) 263 264 oldPublicChannel.Type = model.CHANNEL_PRIVATE 265 266 rchannel, err := c.App.UpdateChannelPrivacy(c.AppContext, oldPublicChannel, user) 267 if err != nil { 268 c.Err = err 269 return 270 } 271 272 auditRec.Success() 273 c.LogAudit("name=" + rchannel.Name) 274 275 w.Write([]byte(rchannel.ToJson())) 276 } 277 278 func updateChannelPrivacy(c *Context, w http.ResponseWriter, r *http.Request) { 279 c.RequireChannelId() 280 if c.Err != nil { 281 return 282 } 283 284 props := model.StringInterfaceFromJson(r.Body) 285 privacy, ok := props["privacy"].(string) 286 if !ok || (privacy != model.CHANNEL_OPEN && privacy != model.CHANNEL_PRIVATE) { 287 c.SetInvalidParam("privacy") 288 return 289 } 290 291 channel, err := c.App.GetChannel(c.Params.ChannelId) 292 if err != nil { 293 c.Err = err 294 return 295 } 296 297 auditRec := c.MakeAuditRecord("updateChannelPrivacy", audit.Fail) 298 defer c.LogAuditRec(auditRec) 299 auditRec.AddMeta("channel", channel) 300 auditRec.AddMeta("new_type", privacy) 301 302 if privacy == model.CHANNEL_OPEN && !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_CONVERT_PRIVATE_CHANNEL_TO_PUBLIC) { 303 c.SetPermissionError(model.PERMISSION_CONVERT_PRIVATE_CHANNEL_TO_PUBLIC) 304 return 305 } 306 307 if privacy == model.CHANNEL_PRIVATE && !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_CONVERT_PUBLIC_CHANNEL_TO_PRIVATE) { 308 c.SetPermissionError(model.PERMISSION_CONVERT_PUBLIC_CHANNEL_TO_PRIVATE) 309 return 310 } 311 312 if channel.Name == model.DEFAULT_CHANNEL && privacy == model.CHANNEL_PRIVATE { 313 c.Err = model.NewAppError("updateChannelPrivacy", "api.channel.update_channel_privacy.default_channel_error", nil, "", http.StatusBadRequest) 314 return 315 } 316 317 user, err := c.App.GetUser(c.AppContext.Session().UserId) 318 if err != nil { 319 c.Err = err 320 return 321 } 322 auditRec.AddMeta("user", user) 323 324 channel.Type = privacy 325 326 updatedChannel, err := c.App.UpdateChannelPrivacy(c.AppContext, channel, user) 327 if err != nil { 328 c.Err = err 329 return 330 } 331 332 auditRec.Success() 333 c.LogAudit("name=" + updatedChannel.Name) 334 335 w.Write([]byte(updatedChannel.ToJson())) 336 } 337 338 func patchChannel(c *Context, w http.ResponseWriter, r *http.Request) { 339 c.RequireChannelId() 340 if c.Err != nil { 341 return 342 } 343 patch := model.ChannelPatchFromJson(r.Body) 344 if patch == nil { 345 c.SetInvalidParam("channel") 346 return 347 } 348 349 originalOldChannel, err := c.App.GetChannel(c.Params.ChannelId) 350 if err != nil { 351 c.Err = err 352 return 353 } 354 oldChannel := originalOldChannel.DeepCopy() 355 356 auditRec := c.MakeAuditRecord("patchChannel", audit.Fail) 357 defer c.LogAuditRec(auditRec) 358 auditRec.AddMeta("channel", oldChannel) 359 360 switch oldChannel.Type { 361 case model.CHANNEL_OPEN: 362 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) { 363 c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES) 364 return 365 } 366 367 case model.CHANNEL_PRIVATE: 368 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) { 369 c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES) 370 return 371 } 372 373 case model.CHANNEL_GROUP, model.CHANNEL_DIRECT: 374 // Modifying the header is not linked to any specific permission for group/dm channels, so just check for membership. 375 if _, err = c.App.GetChannelMember(context.Background(), c.Params.ChannelId, c.AppContext.Session().UserId); err != nil { 376 c.Err = model.NewAppError("patchChannel", "api.channel.patch_update_channel.forbidden.app_error", nil, "", http.StatusForbidden) 377 return 378 } 379 380 default: 381 c.Err = model.NewAppError("patchChannel", "api.channel.patch_update_channel.forbidden.app_error", nil, "", http.StatusForbidden) 382 return 383 } 384 385 rchannel, err := c.App.PatchChannel(c.AppContext, oldChannel, patch, c.AppContext.Session().UserId) 386 if err != nil { 387 c.Err = err 388 return 389 } 390 391 err = c.App.FillInChannelProps(rchannel) 392 if err != nil { 393 c.Err = err 394 return 395 } 396 397 auditRec.Success() 398 c.LogAudit("") 399 auditRec.AddMeta("patch", rchannel) 400 401 w.Write([]byte(rchannel.ToJson())) 402 } 403 404 func restoreChannel(c *Context, w http.ResponseWriter, r *http.Request) { 405 c.RequireChannelId() 406 if c.Err != nil { 407 return 408 } 409 410 channel, err := c.App.GetChannel(c.Params.ChannelId) 411 if err != nil { 412 c.Err = err 413 return 414 } 415 teamId := channel.TeamId 416 417 auditRec := c.MakeAuditRecord("restoreChannel", audit.Fail) 418 defer c.LogAuditRec(auditRec) 419 auditRec.AddMeta("channel", channel) 420 421 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), teamId, model.PERMISSION_MANAGE_TEAM) { 422 c.SetPermissionError(model.PERMISSION_MANAGE_TEAM) 423 return 424 } 425 426 channel, err = c.App.RestoreChannel(c.AppContext, channel, c.AppContext.Session().UserId) 427 if err != nil { 428 c.Err = err 429 return 430 } 431 432 auditRec.Success() 433 c.LogAudit("name=" + channel.Name) 434 435 w.Write([]byte(channel.ToJson())) 436 } 437 438 func createDirectChannel(c *Context, w http.ResponseWriter, r *http.Request) { 439 userIds := model.ArrayFromJson(r.Body) 440 allowed := false 441 442 if len(userIds) != 2 { 443 c.SetInvalidParam("user_ids") 444 return 445 } 446 447 for _, id := range userIds { 448 if !model.IsValidId(id) { 449 c.SetInvalidParam("user_id") 450 return 451 } 452 if id == c.AppContext.Session().UserId { 453 allowed = true 454 } 455 } 456 457 auditRec := c.MakeAuditRecord("createDirectChannel", audit.Fail) 458 defer c.LogAuditRec(auditRec) 459 460 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_CREATE_DIRECT_CHANNEL) { 461 c.SetPermissionError(model.PERMISSION_CREATE_DIRECT_CHANNEL) 462 return 463 } 464 465 if !allowed && !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_MANAGE_SYSTEM) { 466 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 467 return 468 } 469 470 otherUserId := userIds[0] 471 if c.AppContext.Session().UserId == otherUserId { 472 otherUserId = userIds[1] 473 } 474 475 auditRec.AddMeta("other_user_id", otherUserId) 476 477 canSee, err := c.App.UserCanSeeOtherUser(c.AppContext.Session().UserId, otherUserId) 478 if err != nil { 479 c.Err = err 480 return 481 } 482 483 if !canSee { 484 c.SetPermissionError(model.PERMISSION_VIEW_MEMBERS) 485 return 486 } 487 488 sc, err := c.App.GetOrCreateDirectChannel(c.AppContext, userIds[0], userIds[1]) 489 if err != nil { 490 c.Err = err 491 return 492 } 493 494 auditRec.Success() 495 auditRec.AddMeta("channel", sc) 496 497 w.WriteHeader(http.StatusCreated) 498 w.Write([]byte(sc.ToJson())) 499 } 500 501 func searchGroupChannels(c *Context, w http.ResponseWriter, r *http.Request) { 502 props := model.ChannelSearchFromJson(r.Body) 503 if props == nil { 504 c.SetInvalidParam("channel_search") 505 return 506 } 507 508 groupChannels, err := c.App.SearchGroupChannels(c.AppContext.Session().UserId, props.Term) 509 if err != nil { 510 c.Err = err 511 return 512 } 513 514 w.Write([]byte(groupChannels.ToJson())) 515 } 516 517 func createGroupChannel(c *Context, w http.ResponseWriter, r *http.Request) { 518 userIds := model.ArrayFromJson(r.Body) 519 520 if len(userIds) == 0 { 521 c.SetInvalidParam("user_ids") 522 return 523 } 524 525 found := false 526 for _, id := range userIds { 527 if !model.IsValidId(id) { 528 c.SetInvalidParam("user_id") 529 return 530 } 531 if id == c.AppContext.Session().UserId { 532 found = true 533 } 534 } 535 536 if !found { 537 userIds = append(userIds, c.AppContext.Session().UserId) 538 } 539 540 auditRec := c.MakeAuditRecord("createGroupChannel", audit.Fail) 541 defer c.LogAuditRec(auditRec) 542 543 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_CREATE_GROUP_CHANNEL) { 544 c.SetPermissionError(model.PERMISSION_CREATE_GROUP_CHANNEL) 545 return 546 } 547 548 canSeeAll := true 549 for _, id := range userIds { 550 if c.AppContext.Session().UserId != id { 551 canSee, err := c.App.UserCanSeeOtherUser(c.AppContext.Session().UserId, id) 552 if err != nil { 553 c.Err = err 554 return 555 } 556 if !canSee { 557 canSeeAll = false 558 } 559 } 560 } 561 562 if !canSeeAll { 563 c.SetPermissionError(model.PERMISSION_VIEW_MEMBERS) 564 return 565 } 566 567 groupChannel, err := c.App.CreateGroupChannel(userIds, c.AppContext.Session().UserId) 568 if err != nil { 569 c.Err = err 570 return 571 } 572 573 auditRec.Success() 574 auditRec.AddMeta("channel", groupChannel) 575 576 w.WriteHeader(http.StatusCreated) 577 w.Write([]byte(groupChannel.ToJson())) 578 } 579 580 func getChannel(c *Context, w http.ResponseWriter, r *http.Request) { 581 c.RequireChannelId() 582 if c.Err != nil { 583 return 584 } 585 586 channel, err := c.App.GetChannel(c.Params.ChannelId) 587 if err != nil { 588 c.Err = err 589 return 590 } 591 592 if channel.Type == model.CHANNEL_OPEN { 593 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), channel.TeamId, model.PERMISSION_READ_PUBLIC_CHANNEL) && !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 594 c.SetPermissionError(model.PERMISSION_READ_PUBLIC_CHANNEL) 595 return 596 } 597 } else { 598 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 599 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 600 return 601 } 602 } 603 604 err = c.App.FillInChannelProps(channel) 605 if err != nil { 606 c.Err = err 607 return 608 } 609 610 w.Write([]byte(channel.ToJson())) 611 } 612 613 func getChannelUnread(c *Context, w http.ResponseWriter, r *http.Request) { 614 c.RequireChannelId().RequireUserId() 615 if c.Err != nil { 616 return 617 } 618 619 if !c.App.SessionHasPermissionToUser(*c.AppContext.Session(), c.Params.UserId) { 620 c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) 621 return 622 } 623 624 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 625 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 626 return 627 } 628 629 channelUnread, err := c.App.GetChannelUnread(c.Params.ChannelId, c.Params.UserId) 630 if err != nil { 631 c.Err = err 632 return 633 } 634 635 w.Write([]byte(channelUnread.ToJson())) 636 } 637 638 func getChannelStats(c *Context, w http.ResponseWriter, r *http.Request) { 639 c.RequireChannelId() 640 if c.Err != nil { 641 return 642 } 643 644 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 645 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 646 return 647 } 648 649 memberCount, err := c.App.GetChannelMemberCount(c.Params.ChannelId) 650 if err != nil { 651 c.Err = err 652 return 653 } 654 655 guestCount, err := c.App.GetChannelGuestCount(c.Params.ChannelId) 656 if err != nil { 657 c.Err = err 658 return 659 } 660 661 pinnedPostCount, err := c.App.GetChannelPinnedPostCount(c.Params.ChannelId) 662 if err != nil { 663 c.Err = err 664 return 665 } 666 667 stats := model.ChannelStats{ChannelId: c.Params.ChannelId, MemberCount: memberCount, GuestCount: guestCount, PinnedPostCount: pinnedPostCount} 668 w.Write([]byte(stats.ToJson())) 669 } 670 671 func getPinnedPosts(c *Context, w http.ResponseWriter, r *http.Request) { 672 c.RequireChannelId() 673 if c.Err != nil { 674 return 675 } 676 677 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 678 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 679 return 680 } 681 682 posts, err := c.App.GetPinnedPosts(c.Params.ChannelId) 683 if err != nil { 684 c.Err = err 685 return 686 } 687 688 if c.HandleEtag(posts.Etag(), "Get Pinned Posts", w, r) { 689 return 690 } 691 692 clientPostList := c.App.PreparePostListForClient(posts) 693 694 w.Header().Set(model.HEADER_ETAG_SERVER, clientPostList.Etag()) 695 w.Write([]byte(clientPostList.ToJson())) 696 } 697 698 func getAllChannels(c *Context, w http.ResponseWriter, r *http.Request) { 699 permissions := []*model.Permission{ 700 model.PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_GROUPS, 701 model.PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS, 702 } 703 if !c.App.SessionHasPermissionToAny(*c.AppContext.Session(), permissions) { 704 c.SetPermissionError(permissions...) 705 return 706 } 707 // Only system managers may use the ExcludePolicyConstrained parameter 708 if c.Params.ExcludePolicyConstrained && !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_SYSCONSOLE_READ_COMPLIANCE_DATA_RETENTION_POLICY) { 709 c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_COMPLIANCE_DATA_RETENTION_POLICY) 710 return 711 } 712 713 opts := model.ChannelSearchOpts{ 714 NotAssociatedToGroup: c.Params.NotAssociatedToGroup, 715 ExcludeDefaultChannels: c.Params.ExcludeDefaultChannels, 716 IncludeDeleted: c.Params.IncludeDeleted, 717 ExcludePolicyConstrained: c.Params.ExcludePolicyConstrained, 718 } 719 if c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_SYSCONSOLE_READ_COMPLIANCE_DATA_RETENTION_POLICY) { 720 opts.IncludePolicyID = true 721 } 722 723 channels, err := c.App.GetAllChannels(c.Params.Page, c.Params.PerPage, opts) 724 if err != nil { 725 c.Err = err 726 return 727 } 728 729 var payload []byte 730 if c.Params.IncludeTotalCount { 731 totalCount, err := c.App.GetAllChannelsCount(opts) 732 if err != nil { 733 c.Err = err 734 return 735 } 736 cwc := &model.ChannelsWithCount{ 737 Channels: channels, 738 TotalCount: totalCount, 739 } 740 payload = cwc.ToJson() 741 } else { 742 payload = []byte(channels.ToJson()) 743 } 744 745 w.Write(payload) 746 } 747 748 func getPublicChannelsForTeam(c *Context, w http.ResponseWriter, r *http.Request) { 749 c.RequireTeamId() 750 if c.Err != nil { 751 return 752 } 753 754 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), c.Params.TeamId, model.PERMISSION_LIST_TEAM_CHANNELS) { 755 c.SetPermissionError(model.PERMISSION_LIST_TEAM_CHANNELS) 756 return 757 } 758 759 channels, err := c.App.GetPublicChannelsForTeam(c.Params.TeamId, c.Params.Page*c.Params.PerPage, c.Params.PerPage) 760 if err != nil { 761 c.Err = err 762 return 763 } 764 765 err = c.App.FillInChannelsProps(channels) 766 if err != nil { 767 c.Err = err 768 return 769 } 770 771 w.Write([]byte(channels.ToJson())) 772 } 773 774 func getDeletedChannelsForTeam(c *Context, w http.ResponseWriter, r *http.Request) { 775 c.RequireTeamId() 776 if c.Err != nil { 777 return 778 } 779 780 channels, err := c.App.GetDeletedChannels(c.Params.TeamId, c.Params.Page*c.Params.PerPage, c.Params.PerPage, c.AppContext.Session().UserId) 781 if err != nil { 782 c.Err = err 783 return 784 } 785 786 err = c.App.FillInChannelsProps(channels) 787 if err != nil { 788 c.Err = err 789 return 790 } 791 792 w.Write([]byte(channels.ToJson())) 793 } 794 795 func getPrivateChannelsForTeam(c *Context, w http.ResponseWriter, r *http.Request) { 796 c.RequireTeamId() 797 if c.Err != nil { 798 return 799 } 800 801 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_MANAGE_SYSTEM) { 802 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 803 return 804 } 805 806 channels, err := c.App.GetPrivateChannelsForTeam(c.Params.TeamId, c.Params.Page*c.Params.PerPage, c.Params.PerPage) 807 if err != nil { 808 c.Err = err 809 return 810 } 811 812 err = c.App.FillInChannelsProps(channels) 813 if err != nil { 814 c.Err = err 815 return 816 } 817 818 w.Write([]byte(channels.ToJson())) 819 } 820 821 func getPublicChannelsByIdsForTeam(c *Context, w http.ResponseWriter, r *http.Request) { 822 c.RequireTeamId() 823 if c.Err != nil { 824 return 825 } 826 827 channelIds := model.ArrayFromJson(r.Body) 828 if len(channelIds) == 0 { 829 c.SetInvalidParam("channel_ids") 830 return 831 } 832 833 for _, cid := range channelIds { 834 if !model.IsValidId(cid) { 835 c.SetInvalidParam("channel_id") 836 return 837 } 838 } 839 840 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), c.Params.TeamId, model.PERMISSION_VIEW_TEAM) { 841 c.SetPermissionError(model.PERMISSION_VIEW_TEAM) 842 return 843 } 844 845 channels, err := c.App.GetPublicChannelsByIdsForTeam(c.Params.TeamId, channelIds) 846 if err != nil { 847 c.Err = err 848 return 849 } 850 851 err = c.App.FillInChannelsProps(channels) 852 if err != nil { 853 c.Err = err 854 return 855 } 856 857 w.Write([]byte(channels.ToJson())) 858 } 859 860 func getChannelsForTeamForUser(c *Context, w http.ResponseWriter, r *http.Request) { 861 c.RequireUserId().RequireTeamId() 862 if c.Err != nil { 863 return 864 } 865 866 if !c.App.SessionHasPermissionToUser(*c.AppContext.Session(), c.Params.UserId) { 867 c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) 868 return 869 } 870 871 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), c.Params.TeamId, model.PERMISSION_VIEW_TEAM) { 872 c.SetPermissionError(model.PERMISSION_VIEW_TEAM) 873 return 874 } 875 876 query := r.URL.Query() 877 lastDeleteAt, nErr := strconv.Atoi(query.Get("last_delete_at")) 878 if nErr != nil { 879 lastDeleteAt = 0 880 } 881 if lastDeleteAt < 0 { 882 c.SetInvalidUrlParam("last_delete_at") 883 return 884 } 885 886 channels, err := c.App.GetChannelsForUser(c.Params.TeamId, c.Params.UserId, c.Params.IncludeDeleted, lastDeleteAt) 887 if err != nil { 888 c.Err = err 889 return 890 } 891 892 if c.HandleEtag(channels.Etag(), "Get Channels", w, r) { 893 return 894 } 895 896 err = c.App.FillInChannelsProps(channels) 897 if err != nil { 898 c.Err = err 899 return 900 } 901 902 w.Header().Set(model.HEADER_ETAG_SERVER, channels.Etag()) 903 w.Write([]byte(channels.ToJson())) 904 } 905 906 func autocompleteChannelsForTeam(c *Context, w http.ResponseWriter, r *http.Request) { 907 c.RequireTeamId() 908 if c.Err != nil { 909 return 910 } 911 912 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), c.Params.TeamId, model.PERMISSION_LIST_TEAM_CHANNELS) { 913 c.SetPermissionError(model.PERMISSION_LIST_TEAM_CHANNELS) 914 return 915 } 916 917 name := r.URL.Query().Get("name") 918 919 channels, err := c.App.AutocompleteChannels(c.Params.TeamId, name) 920 if err != nil { 921 c.Err = err 922 return 923 } 924 925 // Don't fill in channels props, since unused by client and potentially expensive. 926 927 w.Write([]byte(channels.ToJson())) 928 } 929 930 func autocompleteChannelsForTeamForSearch(c *Context, w http.ResponseWriter, r *http.Request) { 931 c.RequireTeamId() 932 if c.Err != nil { 933 return 934 } 935 936 name := r.URL.Query().Get("name") 937 938 channels, err := c.App.AutocompleteChannelsForSearch(c.Params.TeamId, c.AppContext.Session().UserId, name) 939 if err != nil { 940 c.Err = err 941 return 942 } 943 944 w.Write([]byte(channels.ToJson())) 945 } 946 947 func searchChannelsForTeam(c *Context, w http.ResponseWriter, r *http.Request) { 948 c.RequireTeamId() 949 if c.Err != nil { 950 return 951 } 952 953 props := model.ChannelSearchFromJson(r.Body) 954 if props == nil { 955 c.SetInvalidParam("channel_search") 956 return 957 } 958 959 var channels *model.ChannelList 960 var err *model.AppError 961 if c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), c.Params.TeamId, model.PERMISSION_LIST_TEAM_CHANNELS) { 962 channels, err = c.App.SearchChannels(c.Params.TeamId, props.Term) 963 } else { 964 // If the user is not a team member, return a 404 965 if _, err = c.App.GetTeamMember(c.Params.TeamId, c.AppContext.Session().UserId); err != nil { 966 c.Err = err 967 return 968 } 969 970 channels, err = c.App.SearchChannelsForUser(c.AppContext.Session().UserId, c.Params.TeamId, props.Term) 971 } 972 973 if err != nil { 974 c.Err = err 975 return 976 } 977 978 // Don't fill in channels props, since unused by client and potentially expensive. 979 980 w.Write([]byte(channels.ToJson())) 981 } 982 983 func searchArchivedChannelsForTeam(c *Context, w http.ResponseWriter, r *http.Request) { 984 c.RequireTeamId() 985 if c.Err != nil { 986 return 987 } 988 989 props := model.ChannelSearchFromJson(r.Body) 990 if props == nil { 991 c.SetInvalidParam("channel_search") 992 return 993 } 994 995 var channels *model.ChannelList 996 var err *model.AppError 997 if c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), c.Params.TeamId, model.PERMISSION_LIST_TEAM_CHANNELS) { 998 channels, err = c.App.SearchArchivedChannels(c.Params.TeamId, props.Term, c.AppContext.Session().UserId) 999 } else { 1000 // If the user is not a team member, return a 404 1001 if _, err = c.App.GetTeamMember(c.Params.TeamId, c.AppContext.Session().UserId); err != nil { 1002 c.Err = err 1003 return 1004 } 1005 1006 channels, err = c.App.SearchArchivedChannels(c.Params.TeamId, props.Term, c.AppContext.Session().UserId) 1007 } 1008 1009 if err != nil { 1010 c.Err = err 1011 return 1012 } 1013 1014 // Don't fill in channels props, since unused by client and potentially expensive. 1015 1016 w.Write([]byte(channels.ToJson())) 1017 } 1018 1019 func searchAllChannels(c *Context, w http.ResponseWriter, r *http.Request) { 1020 props := model.ChannelSearchFromJson(r.Body) 1021 if props == nil { 1022 c.SetInvalidParam("channel_search") 1023 return 1024 } 1025 // Only system managers may use the ExcludePolicyConstrained field 1026 if props.ExcludePolicyConstrained && !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_SYSCONSOLE_READ_COMPLIANCE_DATA_RETENTION_POLICY) { 1027 c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_COMPLIANCE_DATA_RETENTION_POLICY) 1028 return 1029 } 1030 1031 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS) { 1032 c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS) 1033 return 1034 } 1035 includeDeleted, _ := strconv.ParseBool(r.URL.Query().Get("include_deleted")) 1036 includeDeleted = includeDeleted || props.IncludeDeleted 1037 1038 opts := model.ChannelSearchOpts{ 1039 NotAssociatedToGroup: props.NotAssociatedToGroup, 1040 ExcludeDefaultChannels: props.ExcludeDefaultChannels, 1041 TeamIds: props.TeamIds, 1042 GroupConstrained: props.GroupConstrained, 1043 ExcludeGroupConstrained: props.ExcludeGroupConstrained, 1044 ExcludePolicyConstrained: props.ExcludePolicyConstrained, 1045 Public: props.Public, 1046 Private: props.Private, 1047 IncludeDeleted: includeDeleted, 1048 Deleted: props.Deleted, 1049 Page: props.Page, 1050 PerPage: props.PerPage, 1051 } 1052 if c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_SYSCONSOLE_READ_COMPLIANCE_DATA_RETENTION_POLICY) { 1053 opts.IncludePolicyID = true 1054 } 1055 1056 channels, totalCount, appErr := c.App.SearchAllChannels(props.Term, opts) 1057 if appErr != nil { 1058 c.Err = appErr 1059 return 1060 } 1061 1062 // Don't fill in channels props, since unused by client and potentially expensive. 1063 var payload []byte 1064 if props.Page != nil && props.PerPage != nil { 1065 data := model.ChannelsWithCount{Channels: channels, TotalCount: totalCount} 1066 payload = data.ToJson() 1067 } else { 1068 payload = []byte(channels.ToJson()) 1069 } 1070 1071 w.Write(payload) 1072 } 1073 1074 func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) { 1075 c.RequireChannelId() 1076 if c.Err != nil { 1077 return 1078 } 1079 1080 channel, err := c.App.GetChannel(c.Params.ChannelId) 1081 if err != nil { 1082 c.Err = err 1083 return 1084 } 1085 1086 auditRec := c.MakeAuditRecord("deleteChannel", audit.Fail) 1087 defer c.LogAuditRec(auditRec) 1088 auditRec.AddMeta("channeld", channel) 1089 1090 if channel.Type == model.CHANNEL_DIRECT || channel.Type == model.CHANNEL_GROUP { 1091 c.Err = model.NewAppError("deleteChannel", "api.channel.delete_channel.type.invalid", nil, "", http.StatusBadRequest) 1092 return 1093 } 1094 1095 if channel.Type == model.CHANNEL_OPEN && !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) { 1096 c.SetPermissionError(model.PERMISSION_DELETE_PUBLIC_CHANNEL) 1097 return 1098 } 1099 1100 if channel.Type == model.CHANNEL_PRIVATE && !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) { 1101 c.SetPermissionError(model.PERMISSION_DELETE_PRIVATE_CHANNEL) 1102 return 1103 } 1104 1105 if c.Params.Permanent { 1106 if *c.App.Config().ServiceSettings.EnableAPIChannelDeletion { 1107 err = c.App.PermanentDeleteChannel(channel) 1108 } else { 1109 err = model.NewAppError("deleteChannel", "api.user.delete_channel.not_enabled.app_error", nil, "channelId="+c.Params.ChannelId, http.StatusUnauthorized) 1110 } 1111 } else { 1112 err = c.App.DeleteChannel(c.AppContext, channel, c.AppContext.Session().UserId) 1113 } 1114 if err != nil { 1115 c.Err = err 1116 return 1117 } 1118 1119 auditRec.Success() 1120 c.LogAudit("name=" + channel.Name) 1121 1122 ReturnStatusOK(w) 1123 } 1124 1125 func getChannelByName(c *Context, w http.ResponseWriter, r *http.Request) { 1126 c.RequireTeamId().RequireChannelName() 1127 if c.Err != nil { 1128 return 1129 } 1130 1131 includeDeleted, _ := strconv.ParseBool(r.URL.Query().Get("include_deleted")) 1132 channel, appErr := c.App.GetChannelByName(c.Params.ChannelName, c.Params.TeamId, includeDeleted) 1133 if appErr != nil { 1134 c.Err = appErr 1135 return 1136 } 1137 1138 if channel.Type == model.CHANNEL_OPEN { 1139 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), channel.TeamId, model.PERMISSION_READ_PUBLIC_CHANNEL) && !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_READ_CHANNEL) { 1140 c.SetPermissionError(model.PERMISSION_READ_PUBLIC_CHANNEL) 1141 return 1142 } 1143 } else { 1144 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_READ_CHANNEL) { 1145 c.Err = model.NewAppError("getChannelByName", "app.channel.get_by_name.missing.app_error", nil, "teamId="+channel.TeamId+", "+"name="+channel.Name+"", http.StatusNotFound) 1146 return 1147 } 1148 } 1149 1150 appErr = c.App.FillInChannelProps(channel) 1151 if appErr != nil { 1152 c.Err = appErr 1153 return 1154 } 1155 1156 w.Write([]byte(channel.ToJson())) 1157 } 1158 1159 func getChannelByNameForTeamName(c *Context, w http.ResponseWriter, r *http.Request) { 1160 c.RequireTeamName().RequireChannelName() 1161 if c.Err != nil { 1162 return 1163 } 1164 1165 includeDeleted, _ := strconv.ParseBool(r.URL.Query().Get("include_deleted")) 1166 channel, appErr := c.App.GetChannelByNameForTeamName(c.Params.ChannelName, c.Params.TeamName, includeDeleted) 1167 if appErr != nil { 1168 c.Err = appErr 1169 return 1170 } 1171 1172 teamOk := c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), channel.TeamId, model.PERMISSION_READ_PUBLIC_CHANNEL) 1173 channelOk := c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_READ_CHANNEL) 1174 1175 if channel.Type == model.CHANNEL_OPEN { 1176 if !teamOk && !channelOk { 1177 c.SetPermissionError(model.PERMISSION_READ_PUBLIC_CHANNEL) 1178 return 1179 } 1180 } else if !channelOk { 1181 c.Err = model.NewAppError("getChannelByNameForTeamName", "app.channel.get_by_name.missing.app_error", nil, "teamId="+channel.TeamId+", "+"name="+channel.Name+"", http.StatusNotFound) 1182 return 1183 } 1184 1185 appErr = c.App.FillInChannelProps(channel) 1186 if appErr != nil { 1187 c.Err = appErr 1188 return 1189 } 1190 1191 w.Write([]byte(channel.ToJson())) 1192 } 1193 1194 func getChannelMembers(c *Context, w http.ResponseWriter, r *http.Request) { 1195 c.RequireChannelId() 1196 if c.Err != nil { 1197 return 1198 } 1199 1200 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 1201 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 1202 return 1203 } 1204 1205 members, err := c.App.GetChannelMembersPage(c.Params.ChannelId, c.Params.Page, c.Params.PerPage) 1206 if err != nil { 1207 c.Err = err 1208 return 1209 } 1210 1211 w.Write([]byte(members.ToJson())) 1212 } 1213 1214 func getChannelMembersTimezones(c *Context, w http.ResponseWriter, r *http.Request) { 1215 c.RequireChannelId() 1216 if c.Err != nil { 1217 return 1218 } 1219 1220 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 1221 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 1222 return 1223 } 1224 1225 membersTimezones, err := c.App.GetChannelMembersTimezones(c.Params.ChannelId) 1226 if err != nil { 1227 c.Err = err 1228 return 1229 } 1230 1231 w.Write([]byte(model.ArrayToJson(membersTimezones))) 1232 } 1233 1234 func getChannelMembersByIds(c *Context, w http.ResponseWriter, r *http.Request) { 1235 c.RequireChannelId() 1236 if c.Err != nil { 1237 return 1238 } 1239 1240 userIds := model.ArrayFromJson(r.Body) 1241 if len(userIds) == 0 { 1242 c.SetInvalidParam("user_ids") 1243 return 1244 } 1245 1246 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 1247 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 1248 return 1249 } 1250 1251 members, err := c.App.GetChannelMembersByIds(c.Params.ChannelId, userIds) 1252 if err != nil { 1253 c.Err = err 1254 return 1255 } 1256 1257 w.Write([]byte(members.ToJson())) 1258 } 1259 1260 func getChannelMember(c *Context, w http.ResponseWriter, r *http.Request) { 1261 c.RequireChannelId().RequireUserId() 1262 if c.Err != nil { 1263 return 1264 } 1265 1266 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 1267 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 1268 return 1269 } 1270 1271 member, err := c.App.GetChannelMember(app.WithMaster(context.Background()), c.Params.ChannelId, c.Params.UserId) 1272 if err != nil { 1273 c.Err = err 1274 return 1275 } 1276 1277 w.Write([]byte(member.ToJson())) 1278 } 1279 1280 func getChannelMembersForUser(c *Context, w http.ResponseWriter, r *http.Request) { 1281 c.RequireUserId().RequireTeamId() 1282 if c.Err != nil { 1283 return 1284 } 1285 1286 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), c.Params.TeamId, model.PERMISSION_VIEW_TEAM) { 1287 c.SetPermissionError(model.PERMISSION_VIEW_TEAM) 1288 return 1289 } 1290 1291 if c.AppContext.Session().UserId != c.Params.UserId && !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), c.Params.TeamId, model.PERMISSION_MANAGE_SYSTEM) { 1292 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 1293 return 1294 } 1295 1296 members, err := c.App.GetChannelMembersForUser(c.Params.TeamId, c.Params.UserId) 1297 if err != nil { 1298 c.Err = err 1299 return 1300 } 1301 1302 w.Write([]byte(members.ToJson())) 1303 } 1304 1305 func viewChannel(c *Context, w http.ResponseWriter, r *http.Request) { 1306 c.RequireUserId() 1307 if c.Err != nil { 1308 return 1309 } 1310 1311 if !c.App.SessionHasPermissionToUser(*c.AppContext.Session(), c.Params.UserId) { 1312 c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) 1313 return 1314 } 1315 1316 view := model.ChannelViewFromJson(r.Body) 1317 if view == nil { 1318 c.SetInvalidParam("channel_view") 1319 return 1320 } 1321 1322 // Validate view struct 1323 // Check IDs are valid or blank. Blank IDs are used to denote focus loss or initial channel view. 1324 if view.ChannelId != "" && !model.IsValidId(view.ChannelId) { 1325 c.SetInvalidParam("channel_view.channel_id") 1326 return 1327 } 1328 if view.PrevChannelId != "" && !model.IsValidId(view.PrevChannelId) { 1329 c.SetInvalidParam("channel_view.prev_channel_id") 1330 return 1331 } 1332 1333 times, err := c.App.ViewChannel(view, c.Params.UserId, c.AppContext.Session().Id, view.CollapsedThreadsSupported) 1334 if err != nil { 1335 c.Err = err 1336 return 1337 } 1338 1339 c.App.UpdateLastActivityAtIfNeeded(*c.AppContext.Session()) 1340 c.ExtendSessionExpiryIfNeeded(w, r) 1341 1342 // Returning {"status": "OK", ...} for backwards compatibility 1343 resp := &model.ChannelViewResponse{ 1344 Status: "OK", 1345 LastViewedAtTimes: times, 1346 } 1347 1348 w.Write([]byte(resp.ToJson())) 1349 } 1350 1351 func updateChannelMemberRoles(c *Context, w http.ResponseWriter, r *http.Request) { 1352 c.RequireChannelId().RequireUserId() 1353 if c.Err != nil { 1354 return 1355 } 1356 1357 props := model.MapFromJson(r.Body) 1358 1359 newRoles := props["roles"] 1360 if !(model.IsValidUserRoles(newRoles)) { 1361 c.SetInvalidParam("roles") 1362 return 1363 } 1364 1365 auditRec := c.MakeAuditRecord("updateChannelMemberRoles", audit.Fail) 1366 defer c.LogAuditRec(auditRec) 1367 auditRec.AddMeta("channel_id", c.Params.ChannelId) 1368 auditRec.AddMeta("roles", newRoles) 1369 1370 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_MANAGE_CHANNEL_ROLES) { 1371 c.SetPermissionError(model.PERMISSION_MANAGE_CHANNEL_ROLES) 1372 return 1373 } 1374 1375 if _, err := c.App.UpdateChannelMemberRoles(c.Params.ChannelId, c.Params.UserId, newRoles); err != nil { 1376 c.Err = err 1377 return 1378 } 1379 1380 auditRec.Success() 1381 1382 ReturnStatusOK(w) 1383 } 1384 1385 func updateChannelMemberSchemeRoles(c *Context, w http.ResponseWriter, r *http.Request) { 1386 c.RequireChannelId().RequireUserId() 1387 if c.Err != nil { 1388 return 1389 } 1390 1391 schemeRoles := model.SchemeRolesFromJson(r.Body) 1392 if schemeRoles == nil { 1393 c.SetInvalidParam("scheme_roles") 1394 return 1395 } 1396 1397 auditRec := c.MakeAuditRecord("updateChannelMemberSchemeRoles", audit.Fail) 1398 defer c.LogAuditRec(auditRec) 1399 auditRec.AddMeta("channel_id", c.Params.ChannelId) 1400 auditRec.AddMeta("roles", schemeRoles) 1401 1402 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_MANAGE_CHANNEL_ROLES) { 1403 c.SetPermissionError(model.PERMISSION_MANAGE_CHANNEL_ROLES) 1404 return 1405 } 1406 1407 if _, err := c.App.UpdateChannelMemberSchemeRoles(c.Params.ChannelId, c.Params.UserId, schemeRoles.SchemeGuest, schemeRoles.SchemeUser, schemeRoles.SchemeAdmin); err != nil { 1408 c.Err = err 1409 return 1410 } 1411 1412 auditRec.Success() 1413 1414 ReturnStatusOK(w) 1415 } 1416 1417 func updateChannelMemberNotifyProps(c *Context, w http.ResponseWriter, r *http.Request) { 1418 c.RequireChannelId().RequireUserId() 1419 if c.Err != nil { 1420 return 1421 } 1422 1423 props := model.MapFromJson(r.Body) 1424 if props == nil { 1425 c.SetInvalidParam("notify_props") 1426 return 1427 } 1428 1429 auditRec := c.MakeAuditRecord("updateChannelMemberNotifyProps", audit.Fail) 1430 defer c.LogAuditRec(auditRec) 1431 auditRec.AddMeta("channel_id", c.Params.ChannelId) 1432 auditRec.AddMeta("props", props) 1433 1434 if !c.App.SessionHasPermissionToUser(*c.AppContext.Session(), c.Params.UserId) { 1435 c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) 1436 return 1437 } 1438 1439 _, err := c.App.UpdateChannelMemberNotifyProps(props, c.Params.ChannelId, c.Params.UserId) 1440 if err != nil { 1441 c.Err = err 1442 return 1443 } 1444 1445 auditRec.Success() 1446 1447 ReturnStatusOK(w) 1448 } 1449 1450 func addChannelMember(c *Context, w http.ResponseWriter, r *http.Request) { 1451 c.RequireChannelId() 1452 if c.Err != nil { 1453 return 1454 } 1455 1456 props := model.StringInterfaceFromJson(r.Body) 1457 userId, ok := props["user_id"].(string) 1458 if !ok || !model.IsValidId(userId) { 1459 c.SetInvalidParam("user_id") 1460 return 1461 } 1462 1463 member := &model.ChannelMember{ 1464 ChannelId: c.Params.ChannelId, 1465 UserId: userId, 1466 } 1467 1468 postRootId, ok := props["post_root_id"].(string) 1469 if ok && postRootId != "" && !model.IsValidId(postRootId) { 1470 c.SetInvalidParam("post_root_id") 1471 return 1472 } 1473 1474 if ok && len(postRootId) == 26 { 1475 rootPost, err := c.App.GetSinglePost(postRootId) 1476 if err != nil { 1477 c.Err = err 1478 return 1479 } 1480 if rootPost.ChannelId != member.ChannelId { 1481 c.SetInvalidParam("post_root_id") 1482 return 1483 } 1484 } 1485 1486 channel, err := c.App.GetChannel(member.ChannelId) 1487 if err != nil { 1488 c.Err = err 1489 return 1490 } 1491 1492 auditRec := c.MakeAuditRecord("addChannelMember", audit.Fail) 1493 defer c.LogAuditRec(auditRec) 1494 auditRec.AddMeta("channel", channel) 1495 1496 if channel.Type == model.CHANNEL_DIRECT || channel.Type == model.CHANNEL_GROUP { 1497 c.Err = model.NewAppError("addUserToChannel", "api.channel.add_user_to_channel.type.app_error", nil, "", http.StatusBadRequest) 1498 return 1499 } 1500 1501 isNewMembership := false 1502 if _, err = c.App.GetChannelMember(context.Background(), member.ChannelId, member.UserId); err != nil { 1503 if err.Id == app.MissingChannelMemberError { 1504 isNewMembership = true 1505 } else { 1506 c.Err = err 1507 return 1508 } 1509 } 1510 1511 isSelfAdd := member.UserId == c.AppContext.Session().UserId 1512 1513 if channel.Type == model.CHANNEL_OPEN { 1514 if isSelfAdd && isNewMembership { 1515 if !c.App.SessionHasPermissionToTeam(*c.AppContext.Session(), channel.TeamId, model.PERMISSION_JOIN_PUBLIC_CHANNELS) { 1516 c.SetPermissionError(model.PERMISSION_JOIN_PUBLIC_CHANNELS) 1517 return 1518 } 1519 } else if isSelfAdd && !isNewMembership { 1520 // nothing to do, since already in the channel 1521 } else if !isSelfAdd { 1522 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS) { 1523 c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS) 1524 return 1525 } 1526 } 1527 } 1528 1529 if channel.Type == model.CHANNEL_PRIVATE { 1530 if isSelfAdd && isNewMembership { 1531 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) { 1532 c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) 1533 return 1534 } 1535 } else if isSelfAdd && !isNewMembership { 1536 // nothing to do, since already in the channel 1537 } else if !isSelfAdd { 1538 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) { 1539 c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) 1540 return 1541 } 1542 } 1543 } 1544 1545 if channel.IsGroupConstrained() { 1546 nonMembers, err := c.App.FilterNonGroupChannelMembers([]string{member.UserId}, channel) 1547 if err != nil { 1548 if v, ok := err.(*model.AppError); ok { 1549 c.Err = v 1550 } else { 1551 c.Err = model.NewAppError("addChannelMember", "api.channel.add_members.error", nil, err.Error(), http.StatusBadRequest) 1552 } 1553 return 1554 } 1555 if len(nonMembers) > 0 { 1556 c.Err = model.NewAppError("addChannelMember", "api.channel.add_members.user_denied", map[string]interface{}{"UserIDs": nonMembers}, "", http.StatusBadRequest) 1557 return 1558 } 1559 } 1560 1561 cm, err := c.App.AddChannelMember(c.AppContext, member.UserId, channel, app.ChannelMemberOpts{ 1562 UserRequestorID: c.AppContext.Session().UserId, 1563 PostRootID: postRootId, 1564 }) 1565 if err != nil { 1566 c.Err = err 1567 return 1568 } 1569 1570 auditRec.Success() 1571 auditRec.AddMeta("add_user_id", cm.UserId) 1572 c.LogAudit("name=" + channel.Name + " user_id=" + cm.UserId) 1573 1574 w.WriteHeader(http.StatusCreated) 1575 w.Write([]byte(cm.ToJson())) 1576 } 1577 1578 func removeChannelMember(c *Context, w http.ResponseWriter, r *http.Request) { 1579 c.RequireChannelId().RequireUserId() 1580 if c.Err != nil { 1581 return 1582 } 1583 1584 channel, err := c.App.GetChannel(c.Params.ChannelId) 1585 if err != nil { 1586 c.Err = err 1587 return 1588 } 1589 1590 user, err := c.App.GetUser(c.Params.UserId) 1591 if err != nil { 1592 c.Err = err 1593 return 1594 } 1595 1596 auditRec := c.MakeAuditRecord("removeChannelMember", audit.Fail) 1597 defer c.LogAuditRec(auditRec) 1598 auditRec.AddMeta("channel", channel) 1599 auditRec.AddMeta("remove_user_id", user.Id) 1600 1601 if !(channel.Type == model.CHANNEL_OPEN || channel.Type == model.CHANNEL_PRIVATE) { 1602 c.Err = model.NewAppError("removeChannelMember", "api.channel.remove_channel_member.type.app_error", nil, "", http.StatusBadRequest) 1603 return 1604 } 1605 1606 if channel.IsGroupConstrained() && (c.Params.UserId != c.AppContext.Session().UserId) && !user.IsBot { 1607 c.Err = model.NewAppError("removeChannelMember", "api.channel.remove_member.group_constrained.app_error", nil, "", http.StatusBadRequest) 1608 return 1609 } 1610 1611 if c.Params.UserId != c.AppContext.Session().UserId { 1612 if channel.Type == model.CHANNEL_OPEN && !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS) { 1613 c.SetPermissionError(model.PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS) 1614 return 1615 } 1616 1617 if channel.Type == model.CHANNEL_PRIVATE && !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), channel.Id, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) { 1618 c.SetPermissionError(model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS) 1619 return 1620 } 1621 } 1622 1623 if err = c.App.RemoveUserFromChannel(c.AppContext, c.Params.UserId, c.AppContext.Session().UserId, channel); err != nil { 1624 c.Err = err 1625 return 1626 } 1627 1628 auditRec.Success() 1629 c.LogAudit("name=" + channel.Name + " user_id=" + c.Params.UserId) 1630 1631 ReturnStatusOK(w) 1632 } 1633 1634 func updateChannelScheme(c *Context, w http.ResponseWriter, r *http.Request) { 1635 c.RequireChannelId() 1636 if c.Err != nil { 1637 return 1638 } 1639 1640 schemeID := model.SchemeIDFromJson(r.Body) 1641 if schemeID == nil || !model.IsValidId(*schemeID) { 1642 c.SetInvalidParam("scheme_id") 1643 return 1644 } 1645 1646 auditRec := c.MakeAuditRecord("updateChannelScheme", audit.Fail) 1647 defer c.LogAuditRec(auditRec) 1648 auditRec.AddMeta("new_scheme_id", schemeID) 1649 1650 if c.App.Srv().License() == nil { 1651 c.Err = model.NewAppError("Api4.UpdateChannelScheme", "api.channel.update_channel_scheme.license.error", nil, "", http.StatusNotImplemented) 1652 return 1653 } 1654 1655 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_MANAGE_SYSTEM) { 1656 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 1657 return 1658 } 1659 1660 scheme, err := c.App.GetScheme(*schemeID) 1661 if err != nil { 1662 c.Err = err 1663 return 1664 } 1665 1666 if scheme.Scope != model.SCHEME_SCOPE_CHANNEL { 1667 c.Err = model.NewAppError("Api4.UpdateChannelScheme", "api.channel.update_channel_scheme.scheme_scope.error", nil, "", http.StatusBadRequest) 1668 return 1669 } 1670 1671 channel, err := c.App.GetChannel(c.Params.ChannelId) 1672 if err != nil { 1673 c.Err = err 1674 return 1675 } 1676 1677 auditRec.AddMeta("channel", channel) 1678 auditRec.AddMeta("old_scheme_id", channel.SchemeId) 1679 1680 channel.SchemeId = &scheme.Id 1681 1682 _, err = c.App.UpdateChannelScheme(channel) 1683 if err != nil { 1684 c.Err = err 1685 return 1686 } 1687 1688 auditRec.Success() 1689 1690 ReturnStatusOK(w) 1691 } 1692 1693 func channelMembersMinusGroupMembers(c *Context, w http.ResponseWriter, r *http.Request) { 1694 c.RequireChannelId() 1695 if c.Err != nil { 1696 return 1697 } 1698 1699 groupIDsParam := groupIDsQueryParamRegex.ReplaceAllString(c.Params.GroupIDs, "") 1700 1701 if len(groupIDsParam) < 26 { 1702 c.SetInvalidParam("group_ids") 1703 return 1704 } 1705 1706 groupIDs := []string{} 1707 for _, gid := range strings.Split(c.Params.GroupIDs, ",") { 1708 if !model.IsValidId(gid) { 1709 c.SetInvalidParam("group_ids") 1710 return 1711 } 1712 groupIDs = append(groupIDs, gid) 1713 } 1714 1715 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS) { 1716 c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS) 1717 return 1718 } 1719 1720 users, totalCount, err := c.App.ChannelMembersMinusGroupMembers( 1721 c.Params.ChannelId, 1722 groupIDs, 1723 c.Params.Page, 1724 c.Params.PerPage, 1725 ) 1726 if err != nil { 1727 c.Err = err 1728 return 1729 } 1730 1731 b, marshalErr := json.Marshal(&model.UsersWithGroupsAndCount{ 1732 Users: users, 1733 Count: totalCount, 1734 }) 1735 if marshalErr != nil { 1736 c.Err = model.NewAppError("Api4.channelMembersMinusGroupMembers", "api.marshal_error", nil, marshalErr.Error(), http.StatusInternalServerError) 1737 return 1738 } 1739 1740 w.Write(b) 1741 } 1742 1743 func channelMemberCountsByGroup(c *Context, w http.ResponseWriter, r *http.Request) { 1744 if c.App.Srv().License() == nil { 1745 c.Err = model.NewAppError("Api4.channelMemberCountsByGroup", "api.channel.channel_member_counts_by_group.license.error", nil, "", http.StatusNotImplemented) 1746 return 1747 } 1748 1749 c.RequireChannelId() 1750 if c.Err != nil { 1751 return 1752 } 1753 1754 if !c.App.SessionHasPermissionToChannel(*c.AppContext.Session(), c.Params.ChannelId, model.PERMISSION_READ_CHANNEL) { 1755 c.SetPermissionError(model.PERMISSION_READ_CHANNEL) 1756 return 1757 } 1758 1759 includeTimezones := r.URL.Query().Get("include_timezones") == "true" 1760 1761 channelMemberCounts, err := c.App.GetMemberCountsByGroup(app.WithMaster(context.Background()), c.Params.ChannelId, includeTimezones) 1762 if err != nil { 1763 c.Err = err 1764 return 1765 } 1766 1767 b, marshalErr := json.Marshal(channelMemberCounts) 1768 if marshalErr != nil { 1769 c.Err = model.NewAppError("Api4.channelMemberCountsByGroup", "api.marshal_error", nil, marshalErr.Error(), http.StatusInternalServerError) 1770 return 1771 } 1772 1773 w.Write(b) 1774 } 1775 1776 func getChannelModerations(c *Context, w http.ResponseWriter, r *http.Request) { 1777 if c.App.Srv().License() == nil { 1778 c.Err = model.NewAppError("Api4.GetChannelModerations", "api.channel.get_channel_moderations.license.error", nil, "", http.StatusNotImplemented) 1779 return 1780 } 1781 1782 c.RequireChannelId() 1783 if c.Err != nil { 1784 return 1785 } 1786 1787 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS) { 1788 c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS) 1789 return 1790 } 1791 1792 channel, err := c.App.GetChannel(c.Params.ChannelId) 1793 if err != nil { 1794 c.Err = err 1795 return 1796 } 1797 1798 channelModerations, err := c.App.GetChannelModerationsForChannel(channel) 1799 if err != nil { 1800 c.Err = err 1801 return 1802 } 1803 1804 b, marshalErr := json.Marshal(channelModerations) 1805 if marshalErr != nil { 1806 c.Err = model.NewAppError("Api4.getChannelModerations", "api.marshal_error", nil, marshalErr.Error(), http.StatusInternalServerError) 1807 return 1808 } 1809 1810 w.Write(b) 1811 } 1812 1813 func patchChannelModerations(c *Context, w http.ResponseWriter, r *http.Request) { 1814 if c.App.Srv().License() == nil { 1815 c.Err = model.NewAppError("Api4.patchChannelModerations", "api.channel.patch_channel_moderations.license.error", nil, "", http.StatusNotImplemented) 1816 return 1817 } 1818 1819 c.RequireChannelId() 1820 if c.Err != nil { 1821 return 1822 } 1823 1824 auditRec := c.MakeAuditRecord("patchChannelModerations", audit.Fail) 1825 defer c.LogAuditRec(auditRec) 1826 1827 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_CHANNELS) { 1828 c.SetPermissionError(model.PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_CHANNELS) 1829 return 1830 } 1831 1832 channel, err := c.App.GetChannel(c.Params.ChannelId) 1833 if err != nil { 1834 c.Err = err 1835 return 1836 } 1837 auditRec.AddMeta("channel", channel) 1838 1839 channelModerationsPatch := model.ChannelModerationsPatchFromJson(r.Body) 1840 channelModerations, err := c.App.PatchChannelModerationsForChannel(channel, channelModerationsPatch) 1841 if err != nil { 1842 c.Err = err 1843 return 1844 } 1845 auditRec.AddMeta("patch", channelModerationsPatch) 1846 1847 b, marshalErr := json.Marshal(channelModerations) 1848 if marshalErr != nil { 1849 c.Err = model.NewAppError("Api4.patchChannelModerations", "api.marshal_error", nil, marshalErr.Error(), http.StatusInternalServerError) 1850 return 1851 } 1852 1853 auditRec.Success() 1854 w.Write(b) 1855 } 1856 1857 func moveChannel(c *Context, w http.ResponseWriter, r *http.Request) { 1858 c.RequireChannelId() 1859 if c.Err != nil { 1860 return 1861 } 1862 1863 channel, err := c.App.GetChannel(c.Params.ChannelId) 1864 if err != nil { 1865 c.Err = err 1866 return 1867 } 1868 1869 props := model.StringInterfaceFromJson(r.Body) 1870 teamId, ok := props["team_id"].(string) 1871 if !ok { 1872 c.SetInvalidParam("team_id") 1873 return 1874 } 1875 1876 force, ok := props["force"].(bool) 1877 if !ok { 1878 c.SetInvalidParam("force") 1879 return 1880 } 1881 1882 team, err := c.App.GetTeam(teamId) 1883 if err != nil { 1884 c.Err = err 1885 return 1886 } 1887 1888 auditRec := c.MakeAuditRecord("moveChannel", audit.Fail) 1889 defer c.LogAuditRec(auditRec) 1890 auditRec.AddMeta("channel_id", channel.Id) 1891 auditRec.AddMeta("channel_name", channel.Name) 1892 auditRec.AddMeta("team_id", team.Id) 1893 auditRec.AddMeta("team_name", team.Name) 1894 1895 if channel.Type == model.CHANNEL_DIRECT || channel.Type == model.CHANNEL_GROUP { 1896 c.Err = model.NewAppError("moveChannel", "api.channel.move_channel.type.invalid", nil, "", http.StatusForbidden) 1897 return 1898 } 1899 1900 if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_MANAGE_SYSTEM) { 1901 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 1902 return 1903 } 1904 1905 user, err := c.App.GetUser(c.AppContext.Session().UserId) 1906 if err != nil { 1907 c.Err = err 1908 return 1909 } 1910 1911 err = c.App.RemoveAllDeactivatedMembersFromChannel(channel) 1912 if err != nil { 1913 c.Err = err 1914 return 1915 } 1916 1917 if force { 1918 err = c.App.RemoveUsersFromChannelNotMemberOfTeam(c.AppContext, user, channel, team) 1919 if err != nil { 1920 c.Err = err 1921 return 1922 } 1923 } 1924 1925 err = c.App.MoveChannel(c.AppContext, team, channel, user) 1926 if err != nil { 1927 c.Err = err 1928 return 1929 } 1930 1931 auditRec.Success() 1932 c.LogAudit("channel=" + channel.Name) 1933 c.LogAudit("team=" + team.Name) 1934 1935 w.Write([]byte(channel.ToJson())) 1936 }