XYZ-51: Unit tests for and changes to SetRolePermissionsFromConfig. (#8160)

* XYZ-10: Role store. * XYZ-37: Update unit tests to work with database roles. * XYZ-51: Tests 'SetRolePermissionsFromConfig' against JSON from policy page. * XYZ-51: Adds permissions in non-licensed cases also. * XYZ-51: Removes some permissions from team_user role. * XYZ-51: Merge fix for change to default permissions from PR 8208. * XYZ-51: Removes unused function.
author: Martin Kraft <mkraft@users.noreply.github.com> 2018-02-09 10:57:07 -0500
committer: GitHub <noreply@github.com> 2018-02-09 10:57:07 -0500
commit: 3b83cc7dd3fc8c6281bbd74b5b85a6a06efcbb6d (patch)
tree: 214b35bb91e99a259b11fbf4a44c4e06adbfe9b3 /utils/authorization.go
parent: 0aa7ecd5e89f054ae927b246f2aec4bd6348d42b (diff)
download: chat-3b83cc7dd3fc8c6281bbd74b5b85a6a06efcbb6d.tar.gz
chat-3b83cc7dd3fc8c6281bbd74b5b85a6a06efcbb6d.tar.bz2
chat-3b83cc7dd3fc8c6281bbd74b5b85a6a06efcbb6d.zip
1 files changed, 27 insertions, 27 deletions
diff --git a/utils/authorization.go b/utils/authorization.go
index b17e94587..e8556458a 100644
--- a/utils/authorization.go
+++ b/utils/authorization.go
@@ -7,8 +7,8 @@ import (
 	"github.com/mattermost/mattermost-server/model"
 )
 
-func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Config) map[string]*model.Role {
-	if IsLicensed() {
+func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Config, isLicensed bool) map[string]*model.Role {
+	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPublicChannelCreation {
 		case model.PERMISSIONS_ALL:
 			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
@@ -28,11 +28,11 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 		)
 	}
 
-	if IsLicensed() {
+	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPublicChannelManagement {
 		case model.PERMISSIONS_ALL:
-			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
-				roles[model.TEAM_USER_ROLE_ID].Permissions,
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
 				model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
 			)
 		case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -51,17 +51,17 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 			)
 		}
 	} else {
-		roles[model.TEAM_USER_ROLE_ID].Permissions = append(
-			roles[model.TEAM_USER_ROLE_ID].Permissions,
+		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
 			model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
 		)
 	}
 
-	if IsLicensed() {
+	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPublicChannelDeletion {
 		case model.PERMISSIONS_ALL:
-			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
-				roles[model.TEAM_USER_ROLE_ID].Permissions,
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
 				model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
 			)
 		case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -80,13 +80,13 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 			)
 		}
 	} else {
-		roles[model.TEAM_USER_ROLE_ID].Permissions = append(
-			roles[model.TEAM_USER_ROLE_ID].Permissions,
+		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
 			model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
 		)
 	}
 
-	if IsLicensed() {
+	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPrivateChannelCreation {
 		case model.PERMISSIONS_ALL:
 			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
@@ -106,11 +106,11 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 		)
 	}
 
-	if IsLicensed() {
+	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPrivateChannelManagement {
 		case model.PERMISSIONS_ALL:
-			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
-				roles[model.TEAM_USER_ROLE_ID].Permissions,
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
 				model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
 			)
 		case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -129,17 +129,17 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 			)
 		}
 	} else {
-		roles[model.TEAM_USER_ROLE_ID].Permissions = append(
-			roles[model.TEAM_USER_ROLE_ID].Permissions,
+		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
 			model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
 		)
 	}
 
-	if IsLicensed() {
+	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPrivateChannelDeletion {
 		case model.PERMISSIONS_ALL:
-			roles[model.TEAM_USER_ROLE_ID].Permissions = append(
-				roles[model.TEAM_USER_ROLE_ID].Permissions,
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
 				model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
 			)
 		case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -158,14 +158,14 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 			)
 		}
 	} else {
-		roles[model.TEAM_USER_ROLE_ID].Permissions = append(
-			roles[model.TEAM_USER_ROLE_ID].Permissions,
+		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
 			model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
 		)
 	}
 
 	// Restrict permissions for Private Channel Manage Members
-	if IsLicensed() {
+	if isLicensed {
 		switch *cfg.TeamSettings.RestrictPrivateChannelManageMembers {
 		case model.PERMISSIONS_ALL:
 			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
@@ -207,7 +207,7 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 	}
 
 	// Grant permissions for inviting and adding users to a team.
-	if IsLicensed() {
+	if isLicensed {
 		if *cfg.TeamSettings.RestrictTeamInvite == model.PERMISSIONS_TEAM_ADMIN {
 			roles[model.TEAM_ADMIN_ROLE_ID].Permissions = append(
 				roles[model.TEAM_ADMIN_ROLE_ID].Permissions,
@@ -229,7 +229,7 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 		)
 	}
 
-	if IsLicensed() {
+	if isLicensed {
 		switch *cfg.ServiceSettings.RestrictPostDelete {
 		case model.PERMISSIONS_DELETE_POST_ALL:
 			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
@@ -267,7 +267,7 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 		)
 	}
 
-	if IsLicensed() {
+	if isLicensed {
 		switch *cfg.ServiceSettings.AllowEditPost {
 		case model.ALLOW_EDIT_POST_ALWAYS, model.ALLOW_EDIT_POST_TIME_LIMIT:
 			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
author	Martin Kraft <mkraft@users.noreply.github.com>	2018-02-09 10:57:07 -0500
committer	GitHub <noreply@github.com>	2018-02-09 10:57:07 -0500
commit	3b83cc7dd3fc8c6281bbd74b5b85a6a06efcbb6d (patch)
tree	214b35bb91e99a259b11fbf4a44c4e06adbfe9b3 /utils/authorization.go
parent	0aa7ecd5e89f054ae927b246f2aec4bd6348d42b (diff)
download	chat-3b83cc7dd3fc8c6281bbd74b5b85a6a06efcbb6d.tar.gz chat-3b83cc7dd3fc8c6281bbd74b5b85a6a06efcbb6d.tar.bz2 chat-3b83cc7dd3fc8c6281bbd74b5b85a6a06efcbb6d.zip