From a140eea1ba815cebbd65dbaf8036e90c8407e5a2 Mon Sep 17 00:00:00 2001 From: Denis Arh Date: Tue, 7 Aug 2018 21:50:59 +0200 Subject: [PATCH] Fix broken messages & logic for del/undel/arch/unarch --- sam/service/channel.go | 36 ++++++++++++++++++++++++++++-------- 1 file changed, 28 insertions(+), 8 deletions(-) diff --git a/sam/service/channel.go b/sam/service/channel.go index 1cd9ddd7c..c074ca0ea 100644 --- a/sam/service/channel.go +++ b/sam/service/channel.go @@ -246,16 +246,21 @@ func (svc channel) Update(ctx context.Context, in *types.Channel) (out *types.Ch func (svc channel) Delete(ctx context.Context, id uint64) error { return svc.rpo.BeginWith(ctx, func(r repository.Interfaces) (err error) { + var userID = auth.GetIdentityFromContext(ctx).Identity() var ch *types.Channel + // @todo [SECURITY] can user access this channel? + if ch, err = r.FindChannelByID(id); err != nil { + return + } + // @todo [SECURITY] can user delete this channel? if ch.DeletedAt != nil { return errors.New("Channel already deleted") } - _, err = r.CreateMessage(svc.makeSystemMessage(ch, - "%s deleted this channel")) + _, err = r.CreateMessage(svc.makeSystemMessage(ch, "@%d deleted this channel", userID)) return r.DeleteChannelByID(id) }) @@ -263,16 +268,21 @@ func (svc channel) Delete(ctx context.Context, id uint64) error { func (svc channel) Recover(ctx context.Context, id uint64) error { return svc.rpo.BeginWith(ctx, func(r repository.Interfaces) (err error) { + var userID = auth.GetIdentityFromContext(ctx).Identity() var ch *types.Channel + // @todo [SECURITY] can user access this channel? + if ch, err = r.FindChannelByID(id); err != nil { + return + } + // @todo [SECURITY] can user recover this channel? if ch.DeletedAt == nil { return errors.New("Channel not deleted") } - _, err = r.CreateMessage(svc.makeSystemMessage(ch, - "%s recovered this channel")) + _, err = r.CreateMessage(svc.makeSystemMessage(ch, "@%d recovered this channel", userID)) return r.DeleteChannelByID(id) }) @@ -280,16 +290,21 @@ func (svc channel) Recover(ctx context.Context, id uint64) error { func (svc channel) Archive(ctx context.Context, id uint64) error { return svc.rpo.BeginWith(ctx, func(r repository.Interfaces) (err error) { + var userID = auth.GetIdentityFromContext(ctx).Identity() var ch *types.Channel + // @todo [SECURITY] can user access this channel? + if ch, err = r.FindChannelByID(id); err != nil { + return + } + // @todo [SECURITY] can user archive this channel? if ch.ArchivedAt != nil { return errors.New("Channel already archived") } - _, err = r.CreateMessage(svc.makeSystemMessage(ch, - "%s archived this channel")) + _, err = r.CreateMessage(svc.makeSystemMessage(ch, "@%d archived this channel", userID)) return r.ArchiveChannelByID(id) }) @@ -297,16 +312,21 @@ func (svc channel) Archive(ctx context.Context, id uint64) error { func (svc channel) Unarchive(ctx context.Context, id uint64) error { return svc.rpo.BeginWith(ctx, func(r repository.Interfaces) (err error) { + var userID = auth.GetIdentityFromContext(ctx).Identity() var ch *types.Channel + // @todo [SECURITY] can user access this channel? + if ch, err = r.FindChannelByID(id); err != nil { + return + } + // @todo [SECURITY] can user unarchive this channel? if ch.ArchivedAt == nil { return errors.New("Channel not archived") } - _, err = r.CreateMessage(svc.makeSystemMessage(ch, - "%s unarchived this channel")) + _, err = r.CreateMessage(svc.makeSystemMessage(ch, "@%d unarchived this channel", userID)) return r.ArchiveChannelByID(id) })