Merge 31db53c into 00d11e9

mattermost · Feb 19, 2017 · 5edd933 · 5edd933
2 parents 00d11e9 + 31db53c
commit 5edd933
Show file tree

Hide file tree

Showing 3 changed files with 102 additions and 46 deletions.
diff --git a/api4/user.go b/api4/user.go
@@ -36,6 +36,7 @@ func InitUser() {
 
 	BaseRoutes.User.Handle("/sessions", ApiSessionRequired(getSessions)).Methods("GET")
 	BaseRoutes.User.Handle("/sessions/revoke", ApiSessionRequired(revokeSession)).Methods("POST")
+	BaseRoutes.User.Handle("/audits", ApiSessionRequired(getAudits)).Methods("GET")
 
 }
 
@@ -481,51 +482,71 @@ func Logout(c *Context, w http.ResponseWriter, r *http.Request) {
 }
 
 func getSessions(c *Context, w http.ResponseWriter, r *http.Request) {
-    c.RequireUserId()
-    if c.Err != nil {
-        return
-    }
-
-    if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
-        c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
-        return
-    }
-
-    if sessions, err := app.GetSessions(c.Params.UserId); err != nil {
-        c.Err = err
-        return
-    } else {
-        for _, session := range sessions {
-            session.Sanitize()
-        }
-
-        w.Write([]byte(model.SessionsToJson(sessions)))
-        return
-    }
+	c.RequireUserId()
+	if c.Err != nil {
+		return
+	}
+
+	if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+		c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+		return
+	}
+
+	if sessions, err := app.GetSessions(c.Params.UserId); err != nil {
+		c.Err = err
+		return
+	} else {
+		for _, session := range sessions {
+			session.Sanitize()
+		}
+
+		w.Write([]byte(model.SessionsToJson(sessions)))
+		return
+	}
 }
 
 func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) {
-    c.RequireUserId()
-    if c.Err != nil {
-        return
-    }
-
-    if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
-        c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
-        return
-    }
-
-    props := model.MapFromJson(r.Body)
-    sessionId := props["session_id"]
-
-    if sessionId == "" {
-        c.SetInvalidParam("session_id")
-    }
-
-    if err := app.RevokeSessionById(sessionId); err != nil {
-        c.Err = err
-        return
-    }
-
-    ReturnStatusOK(w)
-}
+	c.RequireUserId()
+	if c.Err != nil {
+		return
+	}
+
+	if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+		c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+		return
+	}
+
+	props := model.MapFromJson(r.Body)
+	sessionId := props["session_id"]
+
+	if sessionId == "" {
+		c.SetInvalidParam("session_id")
+	}
+
+	if err := app.RevokeSessionById(sessionId); err != nil {
+		c.Err = err
+		return
+	}
+
+	ReturnStatusOK(w)
+}
+
+func getAudits(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireUserId()
+	if c.Err != nil {
+		return
+	}
+
+	if !app.SessionHasPermissionToUser(c.Session, c.Params.UserId) {
+		c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS)
+		return
+	}
+
+	if audits, err := app.GetAudits(c.Params.UserId, 20); err != nil {
+		c.Err = err
+		return
+	} else {
+		w.Write([]byte(audits.ToJson()))
+		return
+	}
+}
diff --git a/api4/user_test.go b/api4/user_test.go
@@ -811,7 +811,7 @@ func TestGetSessions(t *testing.T) {
 	user := th.BasicUser
 
 	Client.Login(user.Email, user.Password)
-	
+
 	sessions, resp := Client.GetSessions(user.Id, "")
 	for _, session := range sessions {
 		if session.UserId != user.Id {
@@ -899,3 +899,28 @@ func TestRevokeSessions(t *testing.T) {
 	CheckNoError(t, resp)
 
 }
+
+func TestGetAudits(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+	user := th.BasicUser
+
+	audits, resp := Client.GetAudits(user.Id, "")
+	for _, audit := range audits {
+		if audit.UserId != user.Id {
+			t.Fatal("user id does not match audit user id")
+		}
+	}
+	CheckNoError(t, resp)
+
+	_, resp = Client.GetAudits(th.BasicUser2.Id, "")
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	_, resp = Client.GetAudits(user.Id, "")
+	CheckUnauthorizedStatus(t, resp)
+
+	_, resp = th.SystemAdminClient.GetAudits(user.Id, "")
+	CheckNoError(t, resp)
+}
diff --git a/model/client4.go b/model/client4.go
@@ -459,6 +459,16 @@ func (c *Client4) RevokeSession(userId, sessionId string) (bool, *Response) {
 	}
 }
 
+// GetAudits returns a list of audit based on the provided user id string.
+func (c *Client4) GetAudits(userId, etag string) (Audits, *Response) {
+	if r, err := c.DoApiGet(c.GetUserRoute(userId)+"/audits", etag); err != nil {
+		return nil, &Response{StatusCode: r.StatusCode, Error: err}
+	} else {
+		defer closeBody(r)
+		return AuditsFromJson(r.Body), BuildResponse(r)
+	}
+}
+
 // Team Section
 
 // CreateTeam creates a team in the system based on the provided team struct.