upstream/mattermost
1
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2026-02-03 20:40:00 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
mattermost/server/channels/api4/reaction.go
Scott Bishel 82b8d4dc07
MM-55966 - Update ArrayFromJSON to use LimitedReader (#25510) 
* update ArrayFromJSON to use LimitedReader

* update for bad merge

* fix lint errors

* update test code

* update unit tests

* update unit tests

* fix unit tests

* use consts, other cleanup

* add non sorting duplicate check

* set config to default value, then config setting if available

* fix lint errors

* fixes and debugs

* fix log test

* remove setting from Client, add unlimited Parser to client

* a couple more fixes

* another fix

* rename some variables

* remove superflous call

* check for valid MaximumPayloadSize

* update language file

* fix for e2e-tests

* update util function to return error

* lint fix

* update config property name to include unit

* fix for unit test

* add new config to telemetry

* call function to create LimitedReader

* Deprecate old function, use new function name

* return new AppError on failed parse

* return new AppError on failed parse

* return new AppError on failed parse

* add constant for i18n valid constants

* Update server/public/model/utils_test.go

Co-authored-by: Miguel de la Cruz <mgdelacroix@gmail.com>

* Apply suggestions from code review

Co-authored-by: Miguel de la Cruz <mgdelacroix@gmail.com>

* update error variable, remove unnecessary check

* Update function names

* fix errors from merge

* update unit test to create unique ids

---------

Co-authored-by: Mattermost Build <build@mattermost.com>
Co-authored-by: Miguel de la Cruz <mgdelacroix@gmail.com>
2024-01-09 10:04:16 -07:00

145 lines
4.2 KiB
Go
Raw Blame History

// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See LICENSE.txt for license information.
package api4
import (
"encoding/json"
"net/http"
"github.com/mattermost/mattermost/server/public/model"
"github.com/mattermost/mattermost/server/public/shared/mlog"
)
func (api *API) InitReaction() {
api.BaseRoutes.Reactions.Handle("", api.APISessionRequired(saveReaction)).Methods("POST")
api.BaseRoutes.Post.Handle("/reactions", api.APISessionRequired(getReactions)).Methods("GET")
api.BaseRoutes.ReactionByNameForPostForUser.Handle("", api.APISessionRequired(deleteReaction)).Methods("DELETE")
api.BaseRoutes.Posts.Handle("/ids/reactions", api.APISessionRequired(getBulkReactions)).Methods("POST")
}
func saveReaction(c *Context, w http.ResponseWriter, r *http.Request) {
var reaction model.Reaction
if jsonErr := json.NewDecoder(r.Body).Decode(&reaction); jsonErr != nil {
c.SetInvalidParamWithErr("reaction", jsonErr)
return
}
if !model.IsValidId(reaction.UserId) || !model.IsValidId(reaction.PostId) || reaction.EmojiName == "" || len(reaction.EmojiName) > model.EmojiNameMaxLength {
c.Err = model.NewAppError("saveReaction", "api.reaction.save_reaction.invalid.app_error", nil, "", http.StatusBadRequest)
return
}
if reaction.UserId != c.AppContext.Session().UserId {
c.Err = model.NewAppError("saveReaction", "api.reaction.save_reaction.user_id.app_error", nil, "", http.StatusForbidden)
return
}
if !c.App.SessionHasPermissionToChannelByPost(*c.AppContext.Session(), reaction.PostId, model.PermissionAddReaction) {
c.SetPermissionError(model.PermissionAddReaction)
return
}
re, err := c.App.SaveReactionForPost(c.AppContext, &reaction)
if err != nil {
c.Err = err
return
}
if err := json.NewEncoder(w).Encode(re); err != nil {
c.Logger.Warn("Error while writing response", mlog.Err(err))
}
}
func getReactions(c *Context, w http.ResponseWriter, r *http.Request) {
c.RequirePostId()
if c.Err != nil {
return
}
if !c.App.SessionHasPermissionToChannelByPost(*c.AppContext.Session(), c.Params.PostId, model.PermissionReadChannelContent) {
c.SetPermissionError(model.PermissionReadChannelContent)
return
}
reactions, appErr := c.App.GetReactionsForPost(c.Params.PostId)
if appErr != nil {
c.Err = appErr
return
}
js, err := json.Marshal(reactions)
if err != nil {
c.Err = model.NewAppError("getReactions", "api.marshal_error", nil, "", http.StatusInternalServerError).Wrap(err)
return
}
w.Write(js)
}
func deleteReaction(c *Context, w http.ResponseWriter, r *http.Request) {
c.RequireUserId()
if c.Err != nil {
return
}
c.RequirePostId()
if c.Err != nil {
return
}
c.RequireEmojiName()
if c.Err != nil {
return
}
if !c.App.SessionHasPermissionToChannelByPost(*c.AppContext.Session(), c.Params.PostId, model.PermissionRemoveReaction) {
c.SetPermissionError(model.PermissionRemoveReaction)
return
}
if c.Params.UserId != c.AppContext.Session().UserId && !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PermissionRemoveOthersReactions) {
c.SetPermissionError(model.PermissionRemoveOthersReactions)
return
}
reaction := &model.Reaction{
UserId: c.Params.UserId,
PostId: c.Params.PostId,
EmojiName: c.Params.EmojiName,
}
err := c.App.DeleteReactionForPost(c.AppContext, reaction)
if err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}
func getBulkReactions(c *Context, w http.ResponseWriter, r *http.Request) {
postIds, err := model.SortedArrayFromJSON(r.Body, *c.App.Config().ServiceSettings.MaximumPayloadSizeBytes)
if err != nil {
c.Err = model.NewAppError("getBulkReactions", model.PayloadParseError, nil, "", http.StatusBadRequest).Wrap(err)
return
}
for _, postId := range postIds {
if !c.App.SessionHasPermissionToChannelByPost(*c.AppContext.Session(), postId, model.PermissionReadChannelContent) {
c.SetPermissionError(model.PermissionReadChannelContent)
return
}
}
reactions, appErr := c.App.GetBulkReactionsForPosts(postIds)
if appErr != nil {
c.Err = appErr
return
}
js, err := json.Marshal(reactions)
if err != nil {
c.Err = model.NewAppError("getBulkReactions", "api.marshal_error", nil, "", http.StatusInternalServerError).Wrap(err)
return
}
w.Write(js)
}
Reference in a new issue View git blame Copy permalink