diff options
author | Saturnino Abril <saturnino.abril@gmail.com> | 2017-07-05 06:32:27 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-07-05 06:32:27 +0800 |
commit | 8f8a978e84ec8bbeac22928e6112bc697fa7176d (patch) | |
tree | a82993cfcd1aab059554feeeb1a6256d4640eab4 | |
parent | 6d6ed309b9b7f2b77cd013583990c6eb88f18aff (diff) | |
download | chat-8f8a978e84ec8bbeac22928e6112bc697fa7176d.tar.gz chat-8f8a978e84ec8bbeac22928e6112bc697fa7176d.tar.bz2 chat-8f8a978e84ec8bbeac22928e6112bc697fa7176d.zip |
[PLT-6838] Restrict channel delete option per permission policy even for last channel member (#6706)
* channel delete option is hidden from the menu unless there is appropriate permissions as set in the policy page
* apply to public channel only and add restriction to API layer
* updated channel deletion
-rw-r--r-- | api4/channel.go | 20 | ||||
-rw-r--r-- | api4/channel_test.go | 14 | ||||
-rw-r--r-- | webapp/components/channel_header.jsx | 6 | ||||
-rw-r--r-- | webapp/components/delete_channel_modal.jsx | 1 | ||||
-rw-r--r-- | webapp/components/navbar.jsx | 32 | ||||
-rw-r--r-- | webapp/utils/channel_utils.jsx | 9 |
6 files changed, 45 insertions, 37 deletions
diff --git a/api4/channel.go b/api4/channel.go index 26892bf2f..604c47464 100644 --- a/api4/channel.go +++ b/api4/channel.go @@ -428,7 +428,7 @@ func getDeletedChannelsForTeam(c *Context, w http.ResponseWriter, r *http.Reques return } - if channels, err := app.GetDeletedChannels(c.Params.TeamId, c.Params.Page * c.Params.PerPage, c.Params.PerPage); err != nil { + if channels, err := app.GetDeletedChannels(c.Params.TeamId, c.Params.Page*c.Params.PerPage, c.Params.PerPage); err != nil { c.Err = err return } else { @@ -540,17 +540,15 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } - // Allow delete if user is the only member left in channel - if memberCount > 1 { - if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) { - c.SetPermissionError(model.PERMISSION_DELETE_PUBLIC_CHANNEL) - return - } + if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) { + c.SetPermissionError(model.PERMISSION_DELETE_PUBLIC_CHANNEL) + return + } - if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) { - c.SetPermissionError(model.PERMISSION_DELETE_PRIVATE_CHANNEL) - return - } + // Allow delete if there's only one member left in a private channel + if memberCount > 1 && channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) { + c.SetPermissionError(model.PERMISSION_DELETE_PRIVATE_CHANNEL) + return } err = app.DeleteChannel(channel, c.Session.UserId) diff --git a/api4/channel_test.go b/api4/channel_test.go index e1b5ee5a7..a1c5d2ad8 100644 --- a/api4/channel_test.go +++ b/api4/channel_test.go @@ -901,12 +901,14 @@ func TestDeleteChannel(t *testing.T) { Client = th.Client team = th.BasicTeam user = th.BasicUser + user2 = th.BasicUser2 // channels created by SystemAdmin publicChannel6 := th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_OPEN) privateChannel7 := th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE) app.AddUserToChannel(user, publicChannel6) app.AddUserToChannel(user, privateChannel7) + app.AddUserToChannel(user2, privateChannel7) // successful delete by user _, resp = Client.DeleteChannel(publicChannel6.Id) @@ -924,6 +926,7 @@ func TestDeleteChannel(t *testing.T) { privateChannel7 = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE) app.AddUserToChannel(user, publicChannel6) app.AddUserToChannel(user, privateChannel7) + app.AddUserToChannel(user2, privateChannel7) // cannot delete by user _, resp = Client.DeleteChannel(publicChannel6.Id) @@ -948,6 +951,7 @@ func TestDeleteChannel(t *testing.T) { privateChannel7 = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE) app.AddUserToChannel(user, publicChannel6) app.AddUserToChannel(user, privateChannel7) + app.AddUserToChannel(user2, privateChannel7) // successful delete by team admin UpdateUserToTeamAdmin(user, team) @@ -976,6 +980,7 @@ func TestDeleteChannel(t *testing.T) { privateChannel7 = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE) app.AddUserToChannel(user, publicChannel6) app.AddUserToChannel(user, privateChannel7) + app.AddUserToChannel(user2, privateChannel7) // cannot delete by user _, resp = Client.DeleteChannel(publicChannel6.Id) @@ -1017,6 +1022,7 @@ func TestDeleteChannel(t *testing.T) { privateChannel7 = th.CreateChannelWithClient(th.SystemAdminClient, model.CHANNEL_PRIVATE) app.AddUserToChannel(user, publicChannel6) app.AddUserToChannel(user, privateChannel7) + app.AddUserToChannel(user2, privateChannel7) // cannot delete by user _, resp = Client.DeleteChannel(publicChannel6.Id) @@ -1056,12 +1062,14 @@ func TestDeleteChannel(t *testing.T) { _, resp = th.SystemAdminClient.DeleteChannel(privateChannel7.Id) CheckNoError(t, resp) - // last member of a channel should be able to delete it regardless of required permissions + // last member of a public channel should have required permission to delete publicChannel6 = th.CreateChannelWithClient(th.Client, model.CHANNEL_OPEN) - privateChannel7 = th.CreateChannelWithClient(th.Client, model.CHANNEL_PRIVATE) _, resp = Client.DeleteChannel(publicChannel6.Id) - CheckNoError(t, resp) + CheckForbiddenStatus(t, resp) + + // last member of a private channel should be able to delete it regardless of required permissions + privateChannel7 = th.CreateChannelWithClient(th.Client, model.CHANNEL_PRIVATE) _, resp = Client.DeleteChannel(privateChannel7.Id) CheckNoError(t, resp) diff --git a/webapp/components/channel_header.jsx b/webapp/components/channel_header.jsx index a409baec6..b6fcf7ef7 100644 --- a/webapp/components/channel_header.jsx +++ b/webapp/components/channel_header.jsx @@ -720,11 +720,7 @@ export default class ChannelHeader extends React.Component { ); } - if (ChannelUtils.showDeleteOption(channel, isAdmin, isSystemAdmin, isChannelAdmin)) { - if (!ChannelStore.isDefault(channel)) { - dropdownContents.push(deleteOption); - } - } else if (this.state.userCount === 1) { + if (ChannelUtils.showDeleteOption(channel, isAdmin, isSystemAdmin, isChannelAdmin, this.state.userCount)) { dropdownContents.push(deleteOption); } diff --git a/webapp/components/delete_channel_modal.jsx b/webapp/components/delete_channel_modal.jsx index 74ba51a4c..fd5447524 100644 --- a/webapp/components/delete_channel_modal.jsx +++ b/webapp/components/delete_channel_modal.jsx @@ -33,6 +33,7 @@ export default class DeleteChannelModal extends React.Component { browserHistory.push(TeamStore.getCurrentTeamRelativeUrl() + '/channels/town-square'); deleteChannel(this.props.channel.id); + this.onHide(); } onHide() { diff --git a/webapp/components/navbar.jsx b/webapp/components/navbar.jsx index b27e22709..fa759cae7 100644 --- a/webapp/components/navbar.jsx +++ b/webapp/components/navbar.jsx @@ -529,23 +529,21 @@ export default class Navbar extends React.Component { ); } - if (ChannelUtils.showDeleteOption(channel, isAdmin, isSystemAdmin, isChannelAdmin) || this.state.userCount === 1) { - if (!ChannelStore.isDefault(channel)) { - deleteChannelOption = ( - <li role='presentation'> - <ToggleModalButton - role='menuitem' - dialogType={DeleteChannelModal} - dialogProps={{channel}} - > - <FormattedMessage - id='channel_header.delete' - defaultMessage='Delete Channel' - /> - </ToggleModalButton> - </li> - ); - } + if (ChannelUtils.showDeleteOption(channel, isAdmin, isSystemAdmin, isChannelAdmin, this.state.userCount)) { + deleteChannelOption = ( + <li role='presentation'> + <ToggleModalButton + role='menuitem' + dialogType={DeleteChannelModal} + dialogProps={{channel}} + > + <FormattedMessage + id='channel_header.delete' + defaultMessage='Delete Channel' + /> + </ToggleModalButton> + </li> + ); } const canLeave = channel.type === Constants.PRIVATE_CHANNEL ? this.state.userCount > 1 : true; diff --git a/webapp/utils/channel_utils.jsx b/webapp/utils/channel_utils.jsx index e3a9f0423..c29cea386 100644 --- a/webapp/utils/channel_utils.jsx +++ b/webapp/utils/channel_utils.jsx @@ -190,11 +190,15 @@ export function showManagementOptions(channel, isAdmin, isSystemAdmin, isChannel return true; } -export function showDeleteOption(channel, isAdmin, isSystemAdmin, isChannelAdmin) { +export function showDeleteOption(channel, isAdmin, isSystemAdmin, isChannelAdmin, userCount) { if (global.window.mm_license.IsLicensed !== 'true') { return true; } + if (ChannelStore.isDefault(channel)) { + return false; + } + if (channel.type === Constants.OPEN_CHANNEL) { if (global.window.mm_config.RestrictPublicChannelDeletion === Constants.PERMISSIONS_SYSTEM_ADMIN && !isSystemAdmin) { return false; @@ -206,6 +210,9 @@ export function showDeleteOption(channel, isAdmin, isSystemAdmin, isChannelAdmin return false; } } else if (channel.type === Constants.PRIVATE_CHANNEL) { + if (userCount === 1) { + return true; + } if (global.window.mm_config.RestrictPrivateChannelDeletion === Constants.PERMISSIONS_SYSTEM_ADMIN && !isSystemAdmin) { return false; } |