diff options
author | George Goldberg <george@gberg.me> | 2016-12-21 19:18:41 +0000 |
---|---|---|
committer | Corey Hulen <corey@hulen.com> | 2016-12-21 11:18:41 -0800 |
commit | dce4205699bed68046f9dc6ed371ad959d93ee59 (patch) | |
tree | 7bd2d857ee9786ec59b782c52ffc5f59c0853728 /utils | |
parent | f0f53260984a210f44458d86ed5ac9e3afb3f363 (diff) | |
download | chat-dce4205699bed68046f9dc6ed371ad959d93ee59.tar.gz chat-dce4205699bed68046f9dc6ed371ad959d93ee59.tar.bz2 chat-dce4205699bed68046f9dc6ed371ad959d93ee59.zip |
PLT-4990 - Server: Split out channel permissions to Create/Manage/Delete (#4864)
* Server side changes.
* Fix unit tests and default config.
Diffstat (limited to 'utils')
-rw-r--r-- | utils/authorization.go | 66 | ||||
-rw-r--r-- | utils/config.go | 4 |
2 files changed, 60 insertions, 10 deletions
diff --git a/utils/authorization.go b/utils/authorization.go index 23a7673fe..75f92062d 100644 --- a/utils/authorization.go +++ b/utils/authorization.go @@ -9,46 +9,92 @@ func SetDefaultRolesBasedOnConfig() { // Reset the roles to default to make this logic easier model.InitalizeRoles() + switch *Cfg.TeamSettings.RestrictPublicChannelCreation { + case model.PERMISSIONS_ALL: + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, + ) + break + } + switch *Cfg.TeamSettings.RestrictPublicChannelManagement { case model.PERMISSIONS_ALL: - model.ROLE_CHANNEL_USER.Permissions = append( - model.ROLE_CHANNEL_USER.Permissions, + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, ) + break + } + + switch *Cfg.TeamSettings.RestrictPublicChannelDeletion { + case model.PERMISSIONS_ALL: model.ROLE_TEAM_USER.Permissions = append( model.ROLE_TEAM_USER.Permissions, model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, - model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, ) break case model.PERMISSIONS_TEAM_ADMIN: model.ROLE_TEAM_ADMIN.Permissions = append( model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, - model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, + ) + break + } + + switch *Cfg.TeamSettings.RestrictPrivateChannelCreation { + case model.PERMISSIONS_ALL: + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, ) break } switch *Cfg.TeamSettings.RestrictPrivateChannelManagement { case model.PERMISSIONS_ALL: - model.ROLE_CHANNEL_USER.Permissions = append( - model.ROLE_CHANNEL_USER.Permissions, + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, ) + break + } + + switch *Cfg.TeamSettings.RestrictPrivateChannelDeletion { + case model.PERMISSIONS_ALL: model.ROLE_TEAM_USER.Permissions = append( model.ROLE_TEAM_USER.Permissions, model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, - model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, ) break case model.PERMISSIONS_TEAM_ADMIN: model.ROLE_TEAM_ADMIN.Permissions = append( model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, - model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, ) break } diff --git a/utils/config.go b/utils/config.go index c06223e6c..ab149d55f 100644 --- a/utils/config.go +++ b/utils/config.go @@ -238,8 +238,12 @@ func getClientConfig(c *model.Config) map[string]string { props["EnableOpenServer"] = strconv.FormatBool(*c.TeamSettings.EnableOpenServer) props["RestrictDirectMessage"] = *c.TeamSettings.RestrictDirectMessage props["RestrictTeamInvite"] = *c.TeamSettings.RestrictTeamInvite + props["RestrictPublicChannelCreation"] = *c.TeamSettings.RestrictPublicChannelCreation + props["RestrictPrivateChannelCreation"] = *c.TeamSettings.RestrictPrivateChannelCreation props["RestrictPublicChannelManagement"] = *c.TeamSettings.RestrictPublicChannelManagement props["RestrictPrivateChannelManagement"] = *c.TeamSettings.RestrictPrivateChannelManagement + props["RestrictPublicChannelDeletion"] = *c.TeamSettings.RestrictPublicChannelDeletion + props["RestrictPrivateChannelDeletion"] = *c.TeamSettings.RestrictPrivateChannelDeletion props["EnableOAuthServiceProvider"] = strconv.FormatBool(c.ServiceSettings.EnableOAuthServiceProvider) props["SegmentDeveloperKey"] = c.ServiceSettings.SegmentDeveloperKey |