MM-9618: Don't change default role permissions for policy. (#8303)

author: George Goldberg <george@gberg.me> 2018-02-19 10:16:45 +0000
committer: GitHub <noreply@github.com> 2018-02-19 10:16:45 +0000
commit: 0e718a632a616bcfec4378f512182245b68f4fd8 (patch)
tree: 5c1d2cd50566d4eebfe2974e255eb6355fe48668
parent: 642d78173af8cf600cdf81a341d87e75e7854172 (diff)
download: chat-0e718a632a616bcfec4378f512182245b68f4fd8.tar.gz
chat-0e718a632a616bcfec4378f512182245b68f4fd8.tar.bz2
chat-0e718a632a616bcfec4378f512182245b68f4fd8.zip
5 files changed, 47 insertions, 47 deletions
diff --git a/api/channel_test.go b/api/channel_test.go
index c68ace31e..37dde24bd 100644
--- a/api/channel_test.go
+++ b/api/channel_test.go
@@ -1108,8 +1108,8 @@ func TestDeleteChannel(t *testing.T) {
 		th.RestoreDefaultRolePermissions(defaultRolePermissions)
 	}()
 
-	th.AddPermissionToRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
-	th.AddPermissionToRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
+	th.AddPermissionToRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
+	th.AddPermissionToRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
 
 	th.LoginSystemAdmin()
 	th.LinkUserToTeam(th.BasicUser, team)
@@ -1131,8 +1131,8 @@ func TestDeleteChannel(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	th.RemovePermissionFromRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
-	th.RemovePermissionFromRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
+	th.RemovePermissionFromRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
+	th.RemovePermissionFromRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
 	th.AddPermissionToRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_ADMIN_ROLE_ID)
 	th.AddPermissionToRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_ADMIN_ROLE_ID)
 
diff --git a/api4/channel_test.go b/api4/channel_test.go
index d85c939b2..1b74ea880 100644
--- a/api4/channel_test.go
+++ b/api4/channel_test.go
@@ -829,8 +829,8 @@ func TestDeleteChannel(t *testing.T) {
 		th.RestoreDefaultRolePermissions(defaultRolePermissions)
 	}()
 
-	th.AddPermissionToRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
-	th.AddPermissionToRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
+	th.AddPermissionToRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
+	th.AddPermissionToRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
 
 	Client = th.Client
 	team = th.BasicTeam
@@ -852,8 +852,8 @@ func TestDeleteChannel(t *testing.T) {
 	CheckNoError(t, resp)
 
 	// Restrict permissions to Channel Admins
-	th.RemovePermissionFromRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
-	th.RemovePermissionFromRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_USER_ROLE_ID)
+	th.RemovePermissionFromRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
+	th.RemovePermissionFromRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.TEAM_USER_ROLE_ID)
 	th.AddPermissionToRole(model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, model.CHANNEL_ADMIN_ROLE_ID)
 	th.AddPermissionToRole(model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, model.CHANNEL_ADMIN_ROLE_ID)
 
diff --git a/app/app_test.go b/app/app_test.go
index f31e0332c..3690d916f 100644
--- a/app/app_test.go
+++ b/app/app_test.go
@@ -111,10 +111,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
 			model.PERMISSION_GET_PUBLIC_LINK.Id,
 			model.PERMISSION_CREATE_POST.Id,
 			model.PERMISSION_USE_SLASH_COMMANDS.Id,
-			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
-			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
-			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
-			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
 			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
 			model.PERMISSION_DELETE_POST.Id,
 			model.PERMISSION_EDIT_POST.Id,
@@ -128,7 +124,11 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
 			model.PERMISSION_READ_PUBLIC_CHANNEL.Id,
 			model.PERMISSION_VIEW_TEAM.Id,
 			model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
+			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
+			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
 			model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
+			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
+			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
 			model.PERMISSION_INVITE_USER.Id,
 			model.PERMISSION_ADD_USER_TO_TEAM.Id,
 		},
@@ -270,8 +270,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
 			model.PERMISSION_GET_PUBLIC_LINK.Id,
 			model.PERMISSION_CREATE_POST.Id,
 			model.PERMISSION_USE_SLASH_COMMANDS.Id,
-			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
-			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
 			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
 			model.PERMISSION_DELETE_POST.Id,
 			model.PERMISSION_EDIT_POST.Id,
@@ -285,7 +283,9 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
 			model.PERMISSION_READ_PUBLIC_CHANNEL.Id,
 			model.PERMISSION_VIEW_TEAM.Id,
 			model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
+			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
 			model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
+			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
 			model.PERMISSION_INVITE_USER.Id,
 			model.PERMISSION_ADD_USER_TO_TEAM.Id,
 		},
diff --git a/utils/authorization.go b/utils/authorization.go
index bc71404ef..16f33bc1a 100644
--- a/utils/authorization.go
+++ b/utils/authorization.go
@@ -31,8 +31,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPublicChannelManagement {
 		case model.PERMISSIONS_ALL:
-			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
-				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
+				roles[model.TEAM_USER_ROLE_ID].Permissions,
 				model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
 			)
 		case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -51,8 +51,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 			)
 		}
 	} else {
-		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
-			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+		roles[model.TEAM_USER_ROLE_ID].Permissions = append(
+			roles[model.TEAM_USER_ROLE_ID].Permissions,
 			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
 		)
 	}
@@ -60,8 +60,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPublicChannelDeletion {
 		case model.PERMISSIONS_ALL:
-			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
-				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
+				roles[model.TEAM_USER_ROLE_ID].Permissions,
 				model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
 			)
 		case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -80,8 +80,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 			)
 		}
 	} else {
-		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
-			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+		roles[model.TEAM_USER_ROLE_ID].Permissions = append(
+			roles[model.TEAM_USER_ROLE_ID].Permissions,
 			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
 		)
 	}
@@ -109,8 +109,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPrivateChannelManagement {
 		case model.PERMISSIONS_ALL:
-			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
-				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
+				roles[model.TEAM_USER_ROLE_ID].Permissions,
 				model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
 			)
 		case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -129,8 +129,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 			)
 		}
 	} else {
-		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
-			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+		roles[model.TEAM_USER_ROLE_ID].Permissions = append(
+			roles[model.TEAM_USER_ROLE_ID].Permissions,
 			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
 		)
 	}
@@ -138,8 +138,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPrivateChannelDeletion {
 		case model.PERMISSIONS_ALL:
-			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
-				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
+				roles[model.TEAM_USER_ROLE_ID].Permissions,
 				model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
 			)
 		case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -158,8 +158,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 			)
 		}
 	} else {
-		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
-			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+		roles[model.TEAM_USER_ROLE_ID].Permissions = append(
+			roles[model.TEAM_USER_ROLE_ID].Permissions,
 			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
 		)
 	}
diff --git a/utils/policies-roles-mapping.json b/utils/policies-roles-mapping.json
index 1b2acdfcb..6b09c6c72 100644
--- a/utils/policies-roles-mapping.json
+++ b/utils/policies-roles-mapping.json
@@ -101,14 +101,14 @@
     "restrictPublicChannelManagement": {
         "all": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "manage_public_channel_properties",
                 "shouldHave": true
             }
         ],
         "channel_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "manage_public_channel_properties",
                 "shouldHave": false
             },
@@ -125,7 +125,7 @@
         ],
         "team_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "manage_public_channel_properties",
                 "shouldHave": false
             },
@@ -142,7 +142,7 @@
         ],
         "system_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "manage_public_channel_properties",
                 "shouldHave": false
             },
@@ -161,14 +161,14 @@
     "restrictPublicChannelDeletion": {
         "all": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "delete_public_channel",
                 "shouldHave": true
             }
         ],
         "channel_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "delete_public_channel",
                 "shouldHave": false
             },
@@ -185,7 +185,7 @@
         ],
         "team_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "delete_public_channel",
                 "shouldHave": false
             },
@@ -202,7 +202,7 @@
         ],
         "system_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "delete_public_channel",
                 "shouldHave": false
             },
@@ -221,14 +221,14 @@
     "restrictPrivateChannelManagement": {
         "all": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "manage_private_channel_properties",
                 "shouldHave": true
             }
         ],
         "channel_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "manage_private_channel_properties",
                 "shouldHave": false
             },
@@ -245,7 +245,7 @@
         ],
         "team_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "manage_private_channel_properties",
                 "shouldHave": false
             },
@@ -262,7 +262,7 @@
         ],
         "system_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "manage_private_channel_properties",
                 "shouldHave": false
             },
@@ -341,14 +341,14 @@
     "restrictPrivateChannelDeletion": {
         "all": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "delete_private_channel",
                 "shouldHave": true
             }
         ],
         "channel_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "delete_private_channel",
                 "shouldHave": false
             },
@@ -365,7 +365,7 @@
         ],
         "team_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "delete_private_channel",
                 "shouldHave": false
             },
@@ -382,7 +382,7 @@
         ],
         "system_admin": [
             {
-                "roleName": "channel_user",
+                "roleName": "team_user",
                 "permission": "delete_private_channel",
                 "shouldHave": false
             },
@@ -529,4 +529,4 @@
             }
         ]
     }
-}
-\ No newline at end of file
+}
author	George Goldberg <george@gberg.me>	2018-02-19 10:16:45 +0000
committer	GitHub <noreply@github.com>	2018-02-19 10:16:45 +0000
commit	0e718a632a616bcfec4378f512182245b68f4fd8 (patch)
tree	5c1d2cd50566d4eebfe2974e255eb6355fe48668
parent	642d78173af8cf600cdf81a341d87e75e7854172 (diff)
download	chat-0e718a632a616bcfec4378f512182245b68f4fd8.tar.gz chat-0e718a632a616bcfec4378f512182245b68f4fd8.tar.bz2 chat-0e718a632a616bcfec4378f512182245b68f4fd8.zip