func checkSessionSwitch(c *api.Context, w http.ResponseWriter, r *http.Request, teamName string) *model.Team {
var team *model.Team
if result := <-api.Srv.Store.Team().GetByName(teamName); result.Err != nil {
c.Err = result.Err
return nil
} else {
team = result.Data.(*model.Team)
}
// We are logged into a different team. Lets see if we have another
// session in the cookie that will give us access.
if c.Session.TeamId != team.Id {
index, session := api.FindMultiSessionForTeamId(r, team.Id)
if session == nil {
// redirect to login
http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/?redirect="+url.QueryEscape(r.URL.Path), http.StatusTemporaryRedirect)
} else {
c.Session = *session
c.SessionTokenIndex = index
}
}
return team
}
func getChannel(c *api.Context, w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
name := params["channelname"]
teamName := params["team"]
var team *model.Team
if result := <-api.Srv.Store.Team().GetByName(teamName); result.Err != nil {
c.Err = result.Err
return
} else {
team = result.Data.(*model.Team)
}
// We are logged into a different team. Lets see if we have another
// session in the cookie that will give us access.
if c.Session.TeamId != team.Id {
index, session := api.FindMultiSessionForTeamId(r, team.Id)
if session == nil {
// redirect to login
http.Redirect(w, r, c.GetSiteURL()+"/"+team.Name+"/?redirect="+url.QueryEscape(r.URL.Path), http.StatusTemporaryRedirect)
} else {
c.Session = *session
c.SessionTokenIndex = index
}
}
userChan := api.Srv.Store.User().Get(c.Session.UserId)
var channelId string
if result := <-api.Srv.Store.Channel().CheckPermissionsToByName(c.Session.TeamId, name, c.Session.UserId); result.Err != nil {
c.Err = result.Err
return
} else {
channelId = result.Data.(string)
}
var user *model.User
if ur := <-userChan; ur.Err != nil {
c.Err = ur.Err
c.RemoveSessionCookie(w, r)
l4g.Error("Error in getting users profile for id=%v forcing logout", c.Session.UserId)
return
} else {
user = ur.Data.(*model.User)
}
if len(channelId) == 0 {
if strings.Index(name, "__") > 0 {
// It's a direct message channel that doesn't exist yet so let's create it
ids := strings.Split(name, "__")
otherUserId := ""
if ids[0] == c.Session.UserId {
otherUserId = ids[1]
} else {
otherUserId = ids[0]
}
if sc, err := api.CreateDirectChannel(c, otherUserId); err != nil {
api.Handle404(w, r)
return
} else {
channelId = sc.Id
}
} else {
// We will attempt to auto-join open channels
if cr := <-api.Srv.Store.Channel().GetByName(c.Session.TeamId, name); cr.Err != nil {
http.Redirect(w, r, c.GetTeamURL()+"/channels/town-square", http.StatusFound)
} else {
channel := cr.Data.(*model.Channel)
if channel.Type == model.CHANNEL_OPEN {
api.JoinChannel(c, channel.Id, "")
if c.Err != nil {
return
}
channelId = channel.Id
} else {
http.Redirect(w, r, c.GetTeamURL()+"/channels/town-square", http.StatusFound)
}
}
}
}
page := NewHtmlTemplatePage("channel", "")
page.Props["Title"] = name + " - " + team.DisplayName + " " + page.ClientCfg["SiteName"]
page.Props["TeamDisplayName"] = team.DisplayName
page.Props["TeamName"] = team.Name
page.Props["TeamType"] = team.Type
page.Props["TeamId"] = team.Id
page.Props["ChannelName"] = name
page.Props["ChannelId"] = channelId
page.Props["UserId"] = c.Session.UserId
page.Team = team
page.User = user
page.Render(c, w)
}