-
Notifications
You must be signed in to change notification settings - Fork 6
/
reaction.go
115 lines (94 loc) · 2.88 KB
/
reaction.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package api4
import (
"net/http"
l4g "github.com/alecthomas/log4go"
"github.com/mattermost/platform/app"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/utils"
)
func InitReaction() {
l4g.Debug(utils.T("api.reaction.init.debug"))
BaseRoutes.Reactions.Handle("", ApiSessionRequired(saveReaction)).Methods("POST")
BaseRoutes.Post.Handle("/reactions", ApiSessionRequired(getReactions)).Methods("GET")
BaseRoutes.ReactionByNameForPostForUser.Handle("", ApiSessionRequired(deleteReaction)).Methods("DELETE")
}
func saveReaction(c *Context, w http.ResponseWriter, r *http.Request) {
reaction := model.ReactionFromJson(r.Body)
if reaction == nil {
c.SetInvalidParam("reaction")
return
}
if len(reaction.UserId) != 26 || len(reaction.PostId) != 26 || len(reaction.EmojiName) == 0 || len(reaction.EmojiName) > 64 {
c.Err = model.NewLocAppError("saveReaction", "api.reaction.save_reaction.invalid.app_error", nil, "")
c.Err.StatusCode = http.StatusBadRequest
return
}
if reaction.UserId != c.Session.UserId {
c.Err = model.NewLocAppError("saveReaction", "api.reaction.save_reaction.user_id.app_error", nil, "")
c.Err.StatusCode = http.StatusForbidden
return
}
if !app.SessionHasPermissionToChannelByPost(c.Session, reaction.PostId, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
if reaction, err := app.SaveReactionForPost(reaction); err != nil {
c.Err = err
return
} else {
w.Write([]byte(reaction.ToJson()))
return
}
}
func getReactions(c *Context, w http.ResponseWriter, r *http.Request) {
c.RequirePostId()
if c.Err != nil {
return
}
if !app.SessionHasPermissionToChannelByPost(c.Session, c.Params.PostId, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
if reactions, err := app.GetReactionsForPost(c.Params.PostId); err != nil {
c.Err = err
return
} else {
w.Write([]byte(model.ReactionsToJson(reactions)))
return
}
}
func deleteReaction(c *Context, w http.ResponseWriter, r *http.Request) {
c.RequireUserId()
if c.Err != nil {
return
}
c.RequirePostId()
if c.Err != nil {
return
}
c.RequireEmojiName()
if c.Err != nil {
return
}
if !app.SessionHasPermissionToChannelByPost(c.Session, c.Params.PostId, model.PERMISSION_READ_CHANNEL) {
c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
return
}
if c.Params.UserId != c.Session.UserId && !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
reaction := &model.Reaction{
UserId: c.Params.UserId,
PostId: c.Params.PostId,
EmojiName: c.Params.EmojiName,
}
err := app.DeleteReactionForPost(reaction)
if err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}