From 80e9021ba62b471fef7bca92a926fc8d4f848996 Mon Sep 17 00:00:00 2001
From: kolaente <konrad@kola-entertainments.de>
Date: Thu, 26 Jul 2018 10:06:41 +0200
Subject: [PATCH] Fixed a bug where it was possible to add the same user
 multiple times to a team

---
 models/error.go               | 16 ++++++++++++++++
 models/team_members_create.go |  7 +++++++
 routes/crud/create.go         |  3 +++
 3 files changed, 26 insertions(+)

diff --git a/models/error.go b/models/error.go
index 8f38540f0..503144ccb 100644
--- a/models/error.go
+++ b/models/error.go
@@ -450,3 +450,19 @@ func IsErrTeamAlreadyHasAccess(err error) bool {
 func (err ErrTeamAlreadyHasAccess) Error() string {
 	return fmt.Sprintf("This team already has access. [Team ID: %d, ID: %d]", err.TeamID, err.ID)
 }
+
+// ErrUserIsMemberOfTeam represents an error where a user is already member of a team.
+type ErrUserIsMemberOfTeam struct {
+	TeamID int64
+	UserID     int64
+}
+
+// IsErrUserIsMemberOfTeam checks if an error is ErrUserIsMemberOfTeam.
+func IsErrUserIsMemberOfTeam(err error) bool {
+	_, ok := err.(ErrUserIsMemberOfTeam)
+	return ok
+}
+
+func (err ErrUserIsMemberOfTeam) Error() string {
+	return fmt.Sprintf("This user is already a member of that team. [Team ID: %d, User ID: %d]", err.TeamID, err.UserID)
+}
\ No newline at end of file
diff --git a/models/team_members_create.go b/models/team_members_create.go
index fbd88753d..3613642fa 100644
--- a/models/team_members_create.go
+++ b/models/team_members_create.go
@@ -14,6 +14,13 @@ func (tm *TeamMember) Create(doer *User) (err error) {
 		return
 	}
 
+	// Check if that user is already part of the team
+	exists, err := x.Where("team_id = ? AND user_id = ?", tm.TeamID, tm.UserID).
+		Get(&TeamMember{})
+	if exists {
+		return ErrUserIsMemberOfTeam{tm.TeamID, tm.UserID}
+	}
+
 	// Insert the user
 	_, err = x.Insert(tm)
 	return
diff --git a/routes/crud/create.go b/routes/crud/create.go
index 0d6d85468..866ad6c60 100644
--- a/routes/crud/create.go
+++ b/routes/crud/create.go
@@ -56,6 +56,9 @@ func (c *WebHandler) CreateWeb(ctx echo.Context) error {
 		if models.IsErrTeamAlreadyHasAccess(err) {
 			return echo.NewHTTPError(http.StatusBadRequest, "This team already has access.")
 		}
+		if models.IsErrUserIsMemberOfTeam(err) {
+			return echo.NewHTTPError(http.StatusBadRequest, "This user is already a member of that team.")
+		}
 
 		return echo.NewHTTPError(http.StatusInternalServerError)
 	}