github.com/qichengzx/mattermost-server@v4.5.1-0.20180604164826-2c75247c97d0+incompatible/api4/emoji.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "net/http" 8 "strings" 9 10 "github.com/mattermost/mattermost-server/app" 11 "github.com/mattermost/mattermost-server/model" 12 "github.com/mattermost/mattermost-server/web" 13 ) 14 15 const ( 16 EMOJI_MAX_AUTOCOMPLETE_ITEMS = 100 17 ) 18 19 func (api *API) InitEmoji() { 20 api.BaseRoutes.Emojis.Handle("", api.ApiSessionRequired(createEmoji)).Methods("POST") 21 api.BaseRoutes.Emojis.Handle("", api.ApiSessionRequired(getEmojiList)).Methods("GET") 22 api.BaseRoutes.Emojis.Handle("/search", api.ApiSessionRequired(searchEmojis)).Methods("POST") 23 api.BaseRoutes.Emojis.Handle("/autocomplete", api.ApiSessionRequired(autocompleteEmojis)).Methods("GET") 24 api.BaseRoutes.Emoji.Handle("", api.ApiSessionRequired(deleteEmoji)).Methods("DELETE") 25 api.BaseRoutes.Emoji.Handle("", api.ApiSessionRequired(getEmoji)).Methods("GET") 26 api.BaseRoutes.EmojiByName.Handle("", api.ApiSessionRequired(getEmojiByName)).Methods("GET") 27 api.BaseRoutes.Emoji.Handle("/image", api.ApiSessionRequiredTrustRequester(getEmojiImage)).Methods("GET") 28 } 29 30 func createEmoji(c *Context, w http.ResponseWriter, r *http.Request) { 31 if !*c.App.Config().ServiceSettings.EnableCustomEmoji { 32 c.Err = model.NewAppError("createEmoji", "api.emoji.disabled.app_error", nil, "", http.StatusNotImplemented) 33 return 34 } 35 36 if len(*c.App.Config().FileSettings.DriverName) == 0 { 37 c.Err = model.NewAppError("createEmoji", "api.emoji.storage.app_error", nil, "", http.StatusNotImplemented) 38 return 39 } 40 41 if r.ContentLength > app.MaxEmojiFileSize { 42 c.Err = model.NewAppError("createEmoji", "api.emoji.create.too_large.app_error", nil, "", http.StatusRequestEntityTooLarge) 43 return 44 } 45 46 if err := r.ParseMultipartForm(app.MaxEmojiFileSize); err != nil { 47 c.Err = model.NewAppError("createEmoji", "api.emoji.create.parse.app_error", nil, err.Error(), http.StatusBadRequest) 48 return 49 } 50 51 // Allow any user with MANAGE_EMOJIS permission at Team level to manage emojis at system level 52 memberships, err := c.App.GetTeamMembersForUser(c.Session.UserId) 53 54 if err != nil { 55 c.Err = err 56 return 57 } 58 59 if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_EMOJIS) { 60 hasPermission := false 61 for _, membership := range memberships { 62 if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_EMOJIS) { 63 hasPermission = true 64 break 65 } 66 } 67 if !hasPermission { 68 c.SetPermissionError(model.PERMISSION_MANAGE_EMOJIS) 69 return 70 } 71 } 72 73 m := r.MultipartForm 74 props := m.Value 75 76 if len(props["emoji"]) == 0 { 77 c.SetInvalidParam("emoji") 78 return 79 } 80 81 emoji := model.EmojiFromJson(strings.NewReader(props["emoji"][0])) 82 if emoji == nil { 83 c.SetInvalidParam("emoji") 84 return 85 } 86 87 newEmoji, err := c.App.CreateEmoji(c.Session.UserId, emoji, m) 88 if err != nil { 89 c.Err = err 90 return 91 } else { 92 w.Write([]byte(newEmoji.ToJson())) 93 } 94 } 95 96 func getEmojiList(c *Context, w http.ResponseWriter, r *http.Request) { 97 if !*c.App.Config().ServiceSettings.EnableCustomEmoji { 98 c.Err = model.NewAppError("getEmoji", "api.emoji.disabled.app_error", nil, "", http.StatusNotImplemented) 99 return 100 } 101 102 sort := r.URL.Query().Get("sort") 103 if sort != "" && sort != model.EMOJI_SORT_BY_NAME { 104 c.SetInvalidUrlParam("sort") 105 return 106 } 107 108 listEmoji, err := c.App.GetEmojiList(c.Params.Page, c.Params.PerPage, sort) 109 if err != nil { 110 c.Err = err 111 return 112 } else { 113 w.Write([]byte(model.EmojiListToJson(listEmoji))) 114 } 115 } 116 117 func deleteEmoji(c *Context, w http.ResponseWriter, r *http.Request) { 118 c.RequireEmojiId() 119 if c.Err != nil { 120 return 121 } 122 123 emoji, err := c.App.GetEmoji(c.Params.EmojiId) 124 if err != nil { 125 c.Err = err 126 return 127 } 128 129 // Allow any user with MANAGE_EMOJIS permission at Team level to manage emojis at system level 130 memberships, err := c.App.GetTeamMembersForUser(c.Session.UserId) 131 132 if err != nil { 133 c.Err = err 134 return 135 } 136 137 if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_EMOJIS) { 138 hasPermission := false 139 for _, membership := range memberships { 140 if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_EMOJIS) { 141 hasPermission = true 142 break 143 } 144 } 145 if !hasPermission { 146 c.SetPermissionError(model.PERMISSION_MANAGE_EMOJIS) 147 return 148 } 149 } 150 151 if c.Session.UserId != emoji.CreatorId { 152 if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_OTHERS_EMOJIS) { 153 hasPermission := false 154 for _, membership := range memberships { 155 if c.App.SessionHasPermissionToTeam(c.Session, membership.TeamId, model.PERMISSION_MANAGE_OTHERS_EMOJIS) { 156 hasPermission = true 157 break 158 } 159 } 160 161 if !hasPermission { 162 c.SetPermissionError(model.PERMISSION_MANAGE_OTHERS_EMOJIS) 163 return 164 } 165 } 166 } 167 168 err = c.App.DeleteEmoji(emoji) 169 if err != nil { 170 c.Err = err 171 return 172 } else { 173 ReturnStatusOK(w) 174 } 175 } 176 177 func getEmoji(c *Context, w http.ResponseWriter, r *http.Request) { 178 c.RequireEmojiId() 179 if c.Err != nil { 180 return 181 } 182 183 if !*c.App.Config().ServiceSettings.EnableCustomEmoji { 184 c.Err = model.NewAppError("getEmoji", "api.emoji.disabled.app_error", nil, "", http.StatusNotImplemented) 185 return 186 } 187 188 emoji, err := c.App.GetEmoji(c.Params.EmojiId) 189 if err != nil { 190 c.Err = err 191 return 192 } else { 193 w.Write([]byte(emoji.ToJson())) 194 } 195 } 196 197 func getEmojiByName(c *Context, w http.ResponseWriter, r *http.Request) { 198 c.RequireEmojiName() 199 if c.Err != nil { 200 return 201 } 202 203 emoji, err := c.App.GetEmojiByName(c.Params.EmojiName) 204 if err != nil { 205 c.Err = err 206 return 207 } else { 208 w.Write([]byte(emoji.ToJson())) 209 } 210 } 211 212 func getEmojiImage(c *Context, w http.ResponseWriter, r *http.Request) { 213 c.RequireEmojiId() 214 if c.Err != nil { 215 return 216 } 217 218 if !*c.App.Config().ServiceSettings.EnableCustomEmoji { 219 c.Err = model.NewAppError("getEmojiImage", "api.emoji.disabled.app_error", nil, "", http.StatusNotImplemented) 220 return 221 } 222 223 if len(*c.App.Config().FileSettings.DriverName) == 0 { 224 c.Err = model.NewAppError("getEmojiImage", "api.emoji.storage.app_error", nil, "", http.StatusNotImplemented) 225 return 226 } 227 228 image, imageType, err := c.App.GetEmojiImage(c.Params.EmojiId) 229 if err != nil { 230 c.Err = err 231 return 232 } 233 234 w.Header().Set("Content-Type", "image/"+imageType) 235 w.Header().Set("Cache-Control", "max-age=2592000, public") 236 w.Write(image) 237 } 238 239 func searchEmojis(c *Context, w http.ResponseWriter, r *http.Request) { 240 emojiSearch := model.EmojiSearchFromJson(r.Body) 241 if emojiSearch == nil { 242 c.SetInvalidParam("term") 243 return 244 } 245 246 if emojiSearch.Term == "" { 247 c.SetInvalidParam("term") 248 return 249 } 250 251 emojis, err := c.App.SearchEmoji(emojiSearch.Term, emojiSearch.PrefixOnly, web.PER_PAGE_MAXIMUM) 252 if err != nil { 253 c.Err = err 254 return 255 } else { 256 w.Write([]byte(model.EmojiListToJson(emojis))) 257 } 258 } 259 260 func autocompleteEmojis(c *Context, w http.ResponseWriter, r *http.Request) { 261 name := r.URL.Query().Get("name") 262 263 if name == "" { 264 c.SetInvalidUrlParam("name") 265 return 266 } 267 268 emojis, err := c.App.SearchEmoji(name, true, EMOJI_MAX_AUTOCOMPLETE_ITEMS) 269 if err != nil { 270 c.Err = err 271 return 272 } else { 273 w.Write([]byte(model.EmojiListToJson(emojis))) 274 } 275 }