github.com/masterhung0112/hk_server/v5@v5.0.0-20220302090640-ec71aef15e1c/api4/channel_local.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package api4 5 6 import ( 7 "net/http" 8 9 "github.com/masterhung0112/hk_server/v5/app" 10 "github.com/masterhung0112/hk_server/v5/audit" 11 "github.com/masterhung0112/hk_server/v5/model" 12 ) 13 14 func (api *API) InitChannelLocal() { 15 api.BaseRoutes.Channels.Handle("", api.ApiLocal(getAllChannels)).Methods("GET") 16 api.BaseRoutes.Channels.Handle("", api.ApiLocal(localCreateChannel)).Methods("POST") 17 api.BaseRoutes.Channel.Handle("", api.ApiLocal(getChannel)).Methods("GET") 18 api.BaseRoutes.ChannelByName.Handle("", api.ApiLocal(getChannelByName)).Methods("GET") 19 api.BaseRoutes.Channel.Handle("", api.ApiLocal(localDeleteChannel)).Methods("DELETE") 20 api.BaseRoutes.Channel.Handle("/patch", api.ApiLocal(localPatchChannel)).Methods("PUT") 21 api.BaseRoutes.Channel.Handle("/move", api.ApiLocal(localMoveChannel)).Methods("POST") 22 api.BaseRoutes.Channel.Handle("/privacy", api.ApiLocal(localUpdateChannelPrivacy)).Methods("PUT") 23 api.BaseRoutes.Channel.Handle("/restore", api.ApiLocal(localRestoreChannel)).Methods("POST") 24 25 api.BaseRoutes.ChannelMember.Handle("", api.ApiLocal(localRemoveChannelMember)).Methods("DELETE") 26 api.BaseRoutes.ChannelMember.Handle("", api.ApiLocal(getChannelMember)).Methods("GET") 27 api.BaseRoutes.ChannelMembers.Handle("", api.ApiLocal(localAddChannelMember)).Methods("POST") 28 api.BaseRoutes.ChannelMembers.Handle("", api.ApiLocal(getChannelMembers)).Methods("GET") 29 30 api.BaseRoutes.ChannelsForTeam.Handle("", api.ApiLocal(getPublicChannelsForTeam)).Methods("GET") 31 api.BaseRoutes.ChannelsForTeam.Handle("/deleted", api.ApiLocal(getDeletedChannelsForTeam)).Methods("GET") 32 api.BaseRoutes.ChannelsForTeam.Handle("/private", api.ApiLocal(getPrivateChannelsForTeam)).Methods("GET") 33 34 api.BaseRoutes.ChannelByName.Handle("", api.ApiLocal(getChannelByName)).Methods("GET") 35 api.BaseRoutes.ChannelByNameForTeamName.Handle("", api.ApiLocal(getChannelByNameForTeamName)).Methods("GET") 36 } 37 38 func localCreateChannel(c *Context, w http.ResponseWriter, r *http.Request) { 39 channel := model.ChannelFromJson(r.Body) 40 if channel == nil { 41 c.SetInvalidParam("channel") 42 return 43 } 44 45 auditRec := c.MakeAuditRecord("localCreateChannel", audit.Fail) 46 defer c.LogAuditRec(auditRec) 47 auditRec.AddMeta("channel", channel) 48 49 sc, err := c.App.CreateChannel(c.AppContext, channel, false) 50 if err != nil { 51 c.Err = err 52 return 53 } 54 55 auditRec.Success() 56 auditRec.AddMeta("channel", sc) // overwrite meta 57 c.LogAudit("name=" + channel.Name) 58 59 w.WriteHeader(http.StatusCreated) 60 w.Write([]byte(sc.ToJson())) 61 } 62 63 func localUpdateChannelPrivacy(c *Context, w http.ResponseWriter, r *http.Request) { 64 c.RequireChannelId() 65 if c.Err != nil { 66 return 67 } 68 69 props := model.StringInterfaceFromJson(r.Body) 70 privacy, ok := props["privacy"].(string) 71 if !ok || (privacy != model.CHANNEL_OPEN && privacy != model.CHANNEL_PRIVATE) { 72 c.SetInvalidParam("privacy") 73 return 74 } 75 76 channel, err := c.App.GetChannel(c.Params.ChannelId) 77 if err != nil { 78 c.Err = err 79 return 80 } 81 82 auditRec := c.MakeAuditRecord("localUpdateChannelPrivacy", audit.Fail) 83 defer c.LogAuditRec(auditRec) 84 auditRec.AddMeta("channel", channel) 85 auditRec.AddMeta("new_type", privacy) 86 87 if channel.Name == model.DEFAULT_CHANNEL && privacy == model.CHANNEL_PRIVATE { 88 c.Err = model.NewAppError("updateChannelPrivacy", "api.channel.update_channel_privacy.default_channel_error", nil, "", http.StatusBadRequest) 89 return 90 } 91 channel.Type = privacy 92 93 updatedChannel, err := c.App.UpdateChannelPrivacy(c.AppContext, channel, nil) 94 if err != nil { 95 c.Err = err 96 return 97 } 98 99 auditRec.Success() 100 c.LogAudit("name=" + updatedChannel.Name) 101 102 w.Write([]byte(updatedChannel.ToJson())) 103 } 104 105 func localRestoreChannel(c *Context, w http.ResponseWriter, r *http.Request) { 106 c.RequireChannelId() 107 if c.Err != nil { 108 return 109 } 110 111 channel, err := c.App.GetChannel(c.Params.ChannelId) 112 if err != nil { 113 c.Err = err 114 return 115 } 116 117 auditRec := c.MakeAuditRecord("localRestoreChannel", audit.Fail) 118 defer c.LogAuditRec(auditRec) 119 auditRec.AddMeta("channel", channel) 120 121 channel, err = c.App.RestoreChannel(c.AppContext, channel, "") 122 if err != nil { 123 c.Err = err 124 return 125 } 126 127 auditRec.Success() 128 c.LogAudit("name=" + channel.Name) 129 130 w.Write([]byte(channel.ToJson())) 131 } 132 133 func localAddChannelMember(c *Context, w http.ResponseWriter, r *http.Request) { 134 c.RequireChannelId() 135 if c.Err != nil { 136 return 137 } 138 139 props := model.StringInterfaceFromJson(r.Body) 140 userId, ok := props["user_id"].(string) 141 if !ok || !model.IsValidId(userId) { 142 c.SetInvalidParam("user_id") 143 return 144 } 145 146 member := &model.ChannelMember{ 147 ChannelId: c.Params.ChannelId, 148 UserId: userId, 149 } 150 151 postRootId, ok := props["post_root_id"].(string) 152 if ok && postRootId != "" && !model.IsValidId(postRootId) { 153 c.SetInvalidParam("post_root_id") 154 return 155 } 156 157 if ok && len(postRootId) == 26 { 158 rootPost, err := c.App.GetSinglePost(postRootId) 159 if err != nil { 160 c.Err = err 161 return 162 } 163 if rootPost.ChannelId != member.ChannelId { 164 c.SetInvalidParam("post_root_id") 165 return 166 } 167 } 168 169 channel, err := c.App.GetChannel(member.ChannelId) 170 if err != nil { 171 c.Err = err 172 return 173 } 174 175 auditRec := c.MakeAuditRecord("localAddChannelMember", audit.Fail) 176 defer c.LogAuditRec(auditRec) 177 auditRec.AddMeta("channel", channel) 178 179 if channel.Type == model.CHANNEL_DIRECT || channel.Type == model.CHANNEL_GROUP { 180 c.Err = model.NewAppError("localAddChannelMember", "api.channel.add_user_to_channel.type.app_error", nil, "", http.StatusBadRequest) 181 return 182 } 183 184 if channel.IsGroupConstrained() { 185 nonMembers, err := c.App.FilterNonGroupChannelMembers([]string{member.UserId}, channel) 186 if err != nil { 187 if v, ok := err.(*model.AppError); ok { 188 c.Err = v 189 } else { 190 c.Err = model.NewAppError("localAddChannelMember", "api.channel.add_members.error", nil, err.Error(), http.StatusBadRequest) 191 } 192 return 193 } 194 if len(nonMembers) > 0 { 195 c.Err = model.NewAppError("localAddChannelMember", "api.channel.add_members.user_denied", map[string]interface{}{"UserIDs": nonMembers}, "", http.StatusBadRequest) 196 return 197 } 198 } 199 200 cm, err := c.App.AddChannelMember(c.AppContext, member.UserId, channel, app.ChannelMemberOpts{ 201 PostRootID: postRootId, 202 }) 203 if err != nil { 204 c.Err = err 205 return 206 } 207 208 auditRec.Success() 209 auditRec.AddMeta("add_user_id", cm.UserId) 210 c.LogAudit("name=" + channel.Name + " user_id=" + cm.UserId) 211 212 w.WriteHeader(http.StatusCreated) 213 w.Write([]byte(cm.ToJson())) 214 } 215 216 func localRemoveChannelMember(c *Context, w http.ResponseWriter, r *http.Request) { 217 c.RequireChannelId().RequireUserId() 218 if c.Err != nil { 219 return 220 } 221 222 channel, err := c.App.GetChannel(c.Params.ChannelId) 223 if err != nil { 224 c.Err = err 225 return 226 } 227 228 user, err := c.App.GetUser(c.Params.UserId) 229 if err != nil { 230 c.Err = err 231 return 232 } 233 234 if !(channel.Type == model.CHANNEL_OPEN || channel.Type == model.CHANNEL_PRIVATE) { 235 c.Err = model.NewAppError("removeChannelMember", "api.channel.remove_channel_member.type.app_error", nil, "", http.StatusBadRequest) 236 return 237 } 238 239 if channel.IsGroupConstrained() && !user.IsBot { 240 c.Err = model.NewAppError("removeChannelMember", "api.channel.remove_member.group_constrained.app_error", nil, "", http.StatusBadRequest) 241 return 242 } 243 244 auditRec := c.MakeAuditRecord("localRemoveChannelMember", audit.Fail) 245 defer c.LogAuditRec(auditRec) 246 auditRec.AddMeta("channel", channel) 247 auditRec.AddMeta("remove_user_id", user.Id) 248 249 if err = c.App.RemoveUserFromChannel(c.AppContext, c.Params.UserId, "", channel); err != nil { 250 c.Err = err 251 return 252 } 253 254 auditRec.Success() 255 c.LogAudit("name=" + channel.Name + " user_id=" + c.Params.UserId) 256 257 ReturnStatusOK(w) 258 } 259 260 func localPatchChannel(c *Context, w http.ResponseWriter, r *http.Request) { 261 c.RequireChannelId() 262 if c.Err != nil { 263 return 264 } 265 266 patch := model.ChannelPatchFromJson(r.Body) 267 if patch == nil { 268 c.SetInvalidParam("channel") 269 return 270 } 271 272 originalOldChannel, err := c.App.GetChannel(c.Params.ChannelId) 273 if err != nil { 274 c.Err = err 275 return 276 } 277 channel := originalOldChannel.DeepCopy() 278 279 auditRec := c.MakeAuditRecord("localPatchChannel", audit.Fail) 280 defer c.LogAuditRec(auditRec) 281 auditRec.AddMeta("channel", channel) 282 283 channel.Patch(patch) 284 rchannel, err := c.App.UpdateChannel(channel) 285 if err != nil { 286 c.Err = err 287 return 288 } 289 290 err = c.App.FillInChannelProps(rchannel) 291 if err != nil { 292 c.Err = err 293 return 294 } 295 296 auditRec.Success() 297 c.LogAudit("") 298 auditRec.AddMeta("patch", rchannel) 299 300 w.Write([]byte(rchannel.ToJson())) 301 } 302 303 func localMoveChannel(c *Context, w http.ResponseWriter, r *http.Request) { 304 c.RequireChannelId() 305 if c.Err != nil { 306 return 307 } 308 309 channel, err := c.App.GetChannel(c.Params.ChannelId) 310 if err != nil { 311 c.Err = err 312 return 313 } 314 315 props := model.StringInterfaceFromJson(r.Body) 316 teamId, ok := props["team_id"].(string) 317 if !ok { 318 c.SetInvalidParam("team_id") 319 return 320 } 321 322 force, ok := props["force"].(bool) 323 if !ok { 324 c.SetInvalidParam("force") 325 return 326 } 327 328 team, err := c.App.GetTeam(teamId) 329 if err != nil { 330 c.Err = err 331 return 332 } 333 334 auditRec := c.MakeAuditRecord("localMoveChannel", audit.Fail) 335 defer c.LogAuditRec(auditRec) 336 auditRec.AddMeta("channel_id", channel.Id) 337 auditRec.AddMeta("channel_name", channel.Name) 338 auditRec.AddMeta("team_id", team.Id) 339 auditRec.AddMeta("team_name", team.Name) 340 341 if channel.Type == model.CHANNEL_DIRECT || channel.Type == model.CHANNEL_GROUP { 342 c.Err = model.NewAppError("moveChannel", "api.channel.move_channel.type.invalid", nil, "", http.StatusForbidden) 343 return 344 } 345 346 err = c.App.RemoveAllDeactivatedMembersFromChannel(channel) 347 if err != nil { 348 c.Err = err 349 return 350 } 351 352 if force { 353 err = c.App.RemoveUsersFromChannelNotMemberOfTeam(c.AppContext, nil, channel, team) 354 if err != nil { 355 c.Err = err 356 return 357 } 358 } 359 360 err = c.App.MoveChannel(c.AppContext, team, channel, nil) 361 if err != nil { 362 c.Err = err 363 return 364 } 365 366 auditRec.Success() 367 c.LogAudit("channel=" + channel.Name) 368 c.LogAudit("team=" + team.Name) 369 370 w.Write([]byte(channel.ToJson())) 371 } 372 373 func localDeleteChannel(c *Context, w http.ResponseWriter, r *http.Request) { 374 c.RequireChannelId() 375 if c.Err != nil { 376 return 377 } 378 379 channel, err := c.App.GetChannel(c.Params.ChannelId) 380 if err != nil { 381 c.Err = err 382 return 383 } 384 385 auditRec := c.MakeAuditRecord("localDeleteChannel", audit.Fail) 386 defer c.LogAuditRec(auditRec) 387 auditRec.AddMeta("channeld", channel) 388 389 if channel.Type == model.CHANNEL_DIRECT || channel.Type == model.CHANNEL_GROUP { 390 c.Err = model.NewAppError("localDeleteChannel", "api.channel.delete_channel.type.invalid", nil, "", http.StatusBadRequest) 391 return 392 } 393 394 if c.Params.Permanent { 395 err = c.App.PermanentDeleteChannel(channel) 396 } else { 397 err = c.App.DeleteChannel(c.AppContext, channel, "") 398 } 399 if err != nil { 400 c.Err = err 401 return 402 } 403 404 auditRec.Success() 405 c.LogAudit("name=" + channel.Name) 406 407 ReturnStatusOK(w) 408 }