diff options
-rw-r--r-- | api/channel_test.go | 90 | ||||
-rw-r--r-- | api/context.go | 2 | ||||
-rw-r--r-- | api/post_test.go | 13 | ||||
-rw-r--r-- | api4/channel_test.go | 15 | ||||
-rw-r--r-- | api4/context.go | 2 | ||||
-rw-r--r-- | api4/user_test.go | 3 | ||||
-rw-r--r-- | app/license.go | 4 | ||||
-rw-r--r-- | app/web_conn.go | 2 | ||||
-rw-r--r-- | model/user.go | 2 | ||||
-rw-r--r-- | model/user_test.go | 3 | ||||
-rw-r--r-- | utils/authorization.go | 262 | ||||
-rw-r--r-- | webapp/components/root.jsx | 2 |
12 files changed, 284 insertions, 116 deletions
diff --git a/api/channel_test.go b/api/channel_test.go index 08136bc35..bace5df5c 100644 --- a/api/channel_test.go +++ b/api/channel_test.go @@ -170,6 +170,20 @@ func TestCreateChannel(t *testing.T) { t.Fatal(err) } + // Check that if unlicensed the policy restriction is not enforced. + utils.IsLicensed = false + utils.License = nil + utils.SetDefaultRolesBasedOnConfig() + + channel4 := model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_OPEN, TeamId: team.Id} + channel5 := model.Channel{DisplayName: "Test API Name", Name: "a" + model.NewId() + "a", Type: model.CHANNEL_PRIVATE, TeamId: team.Id} + if _, err := Client.CreateChannel(&channel4); err != nil { + t.Fatal("should have succeeded") + } + if _, err := Client.CreateChannel(&channel5); err != nil { + t.Fatal("should have succeeded") + } + *utils.Cfg.TeamSettings.RestrictPublicChannelCreation = model.PERMISSIONS_ALL *utils.Cfg.TeamSettings.RestrictPrivateChannelCreation = model.PERMISSIONS_ALL utils.SetDefaultRolesBasedOnConfig() @@ -374,16 +388,19 @@ func TestUpdateChannel(t *testing.T) { *utils.Cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_CHANNEL_ADMIN *utils.Cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_CHANNEL_ADMIN + utils.IsLicensed = true + utils.License = &model.License{Features: &model.Features{}} + utils.License.Features.SetDefaults() utils.SetDefaultRolesBasedOnConfig() MakeUserChannelUser(th.BasicUser, channel2) MakeUserChannelUser(th.BasicUser, channel3) store.ClearChannelCaches() if _, err := Client.UpdateChannel(channel2); err == nil { - t.Fatal("should have errored not team admin") + t.Fatal("should have errored not channel admin") } if _, err := Client.UpdateChannel(channel3); err == nil { - t.Fatal("should have errored not team admin") + t.Fatal("should have errored not channel admin") } UpdateUserToTeamAdmin(th.BasicUser, team) @@ -410,6 +427,9 @@ func TestUpdateChannel(t *testing.T) { *utils.Cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_TEAM_ADMIN *utils.Cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_TEAM_ADMIN + utils.IsLicensed = true + utils.License = &model.License{Features: &model.Features{}} + utils.License.Features.SetDefaults() utils.SetDefaultRolesBasedOnConfig() if _, err := Client.UpdateChannel(channel2); err == nil { @@ -433,6 +453,9 @@ func TestUpdateChannel(t *testing.T) { *utils.Cfg.TeamSettings.RestrictPublicChannelManagement = model.PERMISSIONS_SYSTEM_ADMIN *utils.Cfg.TeamSettings.RestrictPrivateChannelManagement = model.PERMISSIONS_SYSTEM_ADMIN + utils.IsLicensed = true + utils.License = &model.License{Features: &model.Features{}} + utils.License.Features.SetDefaults() utils.SetDefaultRolesBasedOnConfig() if _, err := Client.UpdateChannel(channel2); err == nil { @@ -450,6 +473,18 @@ func TestUpdateChannel(t *testing.T) { if _, err := Client.UpdateChannel(channel3); err != nil { t.Fatal(err) } + + // Check that if unlicensed the policy restriction is not enforced. + utils.IsLicensed = false + utils.License = nil + utils.SetDefaultRolesBasedOnConfig() + + if _, err := Client.UpdateChannel(channel2); err != nil { + t.Fatal(err) + } + if _, err := Client.UpdateChannel(channel3); err != nil { + t.Fatal(err) + } } func TestUpdateChannelDisplayName(t *testing.T) { @@ -660,6 +695,18 @@ func TestUpdateChannelHeader(t *testing.T) { if _, err := SystemAdminClient.UpdateChannelHeader(data3); err != nil { t.Fatal(err) } + + // Check that if unlicensed the policy restriction is not enforced. + utils.IsLicensed = false + utils.License = nil + utils.SetDefaultRolesBasedOnConfig() + + if _, err := SystemAdminClient.UpdateChannelHeader(data2); err != nil { + t.Fatal(err) + } + if _, err := SystemAdminClient.UpdateChannelHeader(data3); err != nil { + t.Fatal(err) + } } func TestUpdateChannelPurpose(t *testing.T) { @@ -830,6 +877,17 @@ func TestUpdateChannelPurpose(t *testing.T) { if _, err := SystemAdminClient.UpdateChannelPurpose(data3); err != nil { t.Fatal(err) } + + // Check that if unlicensed the policy restriction is not enforced. + utils.IsLicensed = false + utils.License = nil + utils.SetDefaultRolesBasedOnConfig() + if _, err := SystemAdminClient.UpdateChannelHeader(data2); err != nil { + t.Fatal(err) + } + if _, err := SystemAdminClient.UpdateChannelHeader(data3); err != nil { + t.Fatal(err) + } } func TestGetChannel(t *testing.T) { @@ -1304,6 +1362,9 @@ func TestDeleteChannel(t *testing.T) { t.Fatal(err) } + utils.IsLicensed = true + utils.License = &model.License{Features: &model.Features{}} + utils.License.Features.SetDefaults() *utils.Cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_CHANNEL_ADMIN *utils.Cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_CHANNEL_ADMIN utils.SetDefaultRolesBasedOnConfig() @@ -1357,6 +1418,9 @@ func TestDeleteChannel(t *testing.T) { UpdateUserToNonTeamAdmin(th.BasicUser, team) app.InvalidateAllCaches() + utils.IsLicensed = true + utils.License = &model.License{Features: &model.Features{}} + utils.License.Features.SetDefaults() *utils.Cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_TEAM_ADMIN *utils.Cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_TEAM_ADMIN utils.SetDefaultRolesBasedOnConfig() @@ -1389,6 +1453,9 @@ func TestDeleteChannel(t *testing.T) { t.Fatal(err) } + utils.IsLicensed = true + utils.License = &model.License{Features: &model.Features{}} + utils.License.Features.SetDefaults() *utils.Cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_SYSTEM_ADMIN *utils.Cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_SYSTEM_ADMIN utils.SetDefaultRolesBasedOnConfig() @@ -1423,6 +1490,25 @@ func TestDeleteChannel(t *testing.T) { t.Fatal(err) } + // Check that if unlicensed the policy restriction is not enforced. + utils.IsLicensed = false + utils.License = nil + utils.SetDefaultRolesBasedOnConfig() + + channel2 = th.CreateChannel(Client, team) + channel3 = th.CreatePrivateChannel(Client, team) + Client.Must(Client.AddChannelMember(channel2.Id, th.BasicUser.Id)) + Client.Must(Client.AddChannelMember(channel3.Id, th.BasicUser.Id)) + + Client.Login(th.BasicUser.Email, th.BasicUser.Password) + + if _, err := Client.DeleteChannel(channel2.Id); err != nil { + t.Fatal(err) + } + if _, err := Client.DeleteChannel(channel3.Id); err != nil { + t.Fatal(err) + } + *utils.Cfg.TeamSettings.RestrictPublicChannelDeletion = model.PERMISSIONS_ALL *utils.Cfg.TeamSettings.RestrictPrivateChannelDeletion = model.PERMISSIONS_ALL utils.SetDefaultRolesBasedOnConfig() diff --git a/api/context.go b/api/context.go index 9a707c968..1b251eb53 100644 --- a/api/context.go +++ b/api/context.go @@ -154,7 +154,7 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } w.Header().Set(model.HEADER_REQUEST_ID, c.RequestId) - w.Header().Set(model.HEADER_VERSION_ID, fmt.Sprintf("%v.%v.%v", model.CurrentVersion, model.BuildNumber, utils.CfgHash)) + w.Header().Set(model.HEADER_VERSION_ID, fmt.Sprintf("%v.%v.%v.%v", model.CurrentVersion, model.BuildNumber, utils.CfgHash, utils.IsLicensed)) if einterfaces.GetClusterInterface() != nil { w.Header().Set(model.HEADER_CLUSTER_ID, einterfaces.GetClusterInterface().GetClusterId()) } diff --git a/api/post_test.go b/api/post_test.go index 5546e7165..6558aeb5b 100644 --- a/api/post_test.go +++ b/api/post_test.go @@ -993,6 +993,19 @@ func TestDeletePosts(t *testing.T) { t.Fatal(err) } + // Check that if unlicensed the policy restriction is not enforced. + utils.IsLicensed = false + utils.License = nil + utils.SetDefaultRolesBasedOnConfig() + + time.Sleep(10 * time.Millisecond) + post7 := &model.Post{ChannelId: channel1.Id, Message: "a" + model.NewId() + "a"} + post7 = Client.Must(Client.CreatePost(post7)).Data.(*model.Post) + + if _, err := Client.DeletePost(channel1.Id, post7.Id); err != nil { + t.Fatal(err) + } + SystemAdminClient.Must(SystemAdminClient.DeletePost(channel1.Id, post6a.Id)) } diff --git a/api4/channel_test.go b/api4/channel_test.go index e8e79cebd..987678ee0 100644 --- a/api4/channel_test.go +++ b/api4/channel_test.go @@ -92,10 +92,10 @@ func TestCreateChannel(t *testing.T) { }() *utils.Cfg.TeamSettings.RestrictPublicChannelCreation = model.PERMISSIONS_ALL *utils.Cfg.TeamSettings.RestrictPrivateChannelCreation = model.PERMISSIONS_ALL - utils.SetDefaultRolesBasedOnConfig() utils.IsLicensed = true utils.License = &model.License{Features: &model.Features{}} utils.License.Features.SetDefaults() + utils.SetDefaultRolesBasedOnConfig() channel.Name = GenerateTestChannelName() _, resp = Client.CreateChannel(channel) @@ -161,6 +161,19 @@ func TestCreateChannel(t *testing.T) { _, resp = th.SystemAdminClient.CreateChannel(private) CheckNoError(t, resp) + // Check that if unlicensed the policy restriction is not enforced. + utils.IsLicensed = false + utils.License = nil + utils.SetDefaultRolesBasedOnConfig() + + channel.Name = GenerateTestChannelName() + _, resp = Client.CreateChannel(channel) + CheckNoError(t, resp) + + private.Name = GenerateTestChannelName() + _, resp = Client.CreateChannel(private) + CheckNoError(t, resp) + if r, err := Client.DoApiPost("/channels", "garbage"); err == nil { t.Fatal("should have errored") } else { diff --git a/api4/context.go b/api4/context.go index 9fb1361bc..8f663431d 100644 --- a/api4/context.go +++ b/api4/context.go @@ -133,7 +133,7 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } w.Header().Set(model.HEADER_REQUEST_ID, c.RequestId) - w.Header().Set(model.HEADER_VERSION_ID, fmt.Sprintf("%v.%v.%v", model.CurrentVersion, model.BuildNumber, utils.CfgHash)) + w.Header().Set(model.HEADER_VERSION_ID, fmt.Sprintf("%v.%v.%v.%v", model.CurrentVersion, model.BuildNumber, utils.CfgHash, utils.IsLicensed)) if einterfaces.GetClusterInterface() != nil { w.Header().Set(model.HEADER_CLUSTER_ID, einterfaces.GetClusterInterface().GetClusterId()) } diff --git a/api4/user_test.go b/api4/user_test.go index 53dbd53e8..6a42d19d2 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -177,9 +177,6 @@ func TestGetUserByUsername(t *testing.T) { _, resp = Client.GetUserByUsername(GenerateTestUsername(), "") CheckNotFoundStatus(t, resp) - _, resp = Client.GetUserByUsername(model.NewRandomString(1), "") - CheckBadRequestStatus(t, resp) - // Check against privacy config settings emailPrivacy := utils.Cfg.PrivacySettings.ShowEmailAddress namePrivacy := utils.Cfg.PrivacySettings.ShowFullName diff --git a/app/license.go b/app/license.go index 87b2d1b05..1efaf85d5 100644 --- a/app/license.go +++ b/app/license.go @@ -76,6 +76,8 @@ func SaveLicense(licenseBytes []byte) (*model.License, *model.AppError) { return nil, model.NewLocAppError("addLicense", model.INVALID_LICENSE_ERROR, nil, "") } + ReloadConfig() + InvalidateAllCaches() return license, nil @@ -93,6 +95,8 @@ func RemoveLicense() *model.AppError { return result.Err } + ReloadConfig() + InvalidateAllCaches() return nil diff --git a/app/web_conn.go b/app/web_conn.go index 012236513..da6330f5c 100644 --- a/app/web_conn.go +++ b/app/web_conn.go @@ -178,7 +178,7 @@ func (webCon *WebConn) IsAuthenticated() bool { func (webCon *WebConn) SendHello() { msg := model.NewWebSocketEvent(model.WEBSOCKET_EVENT_HELLO, "", "", webCon.UserId, nil) - msg.Add("server_version", fmt.Sprintf("%v.%v.%v", model.CurrentVersion, model.BuildNumber, utils.CfgHash)) + msg.Add("server_version", fmt.Sprintf("%v.%v.%v.%v", model.CurrentVersion, model.BuildNumber, utils.CfgHash, utils.IsLicensed)) msg.DoPreComputeJson() webCon.Send <- msg } diff --git a/model/user.go b/model/user.go index c7e2b6352..5cefdf1b1 100644 --- a/model/user.go +++ b/model/user.go @@ -37,7 +37,7 @@ const ( USER_LAST_NAME_MAX_RUNES = 64 USER_AUTH_DATA_MAX_LENGTH = 128 USER_NAME_MAX_LENGTH = 64 - USER_NAME_MIN_LENGTH = 3 + USER_NAME_MIN_LENGTH = 1 ) type User struct { diff --git a/model/user_test.go b/model/user_test.go index 542d15e5d..47ec38dbf 100644 --- a/model/user_test.go +++ b/model/user_test.go @@ -189,7 +189,8 @@ var usernames = []struct { expected bool }{ {"spin-punch", true}, - {"sp", false}, + {"sp", true}, + {"s", true}, {"1spin-punch", false}, {"-spin-punch", false}, {".spin-punch", false}, diff --git a/utils/authorization.go b/utils/authorization.go index 9a45878a2..2c7f35164 100644 --- a/utils/authorization.go +++ b/utils/authorization.go @@ -11,134 +11,176 @@ func SetDefaultRolesBasedOnConfig() { // Reset the roles to default to make this logic easier model.InitalizeRoles() - switch *Cfg.TeamSettings.RestrictPublicChannelCreation { - case model.PERMISSIONS_ALL: + if IsLicensed { + switch *Cfg.TeamSettings.RestrictPublicChannelCreation { + case model.PERMISSIONS_ALL: + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, + ) + break + } + } else { model.ROLE_TEAM_USER.Permissions = append( model.ROLE_TEAM_USER.Permissions, model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, ) - break - case model.PERMISSIONS_TEAM_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_CREATE_PUBLIC_CHANNEL.Id, - ) - break } - switch *Cfg.TeamSettings.RestrictPublicChannelManagement { - case model.PERMISSIONS_ALL: + if IsLicensed { + switch *Cfg.TeamSettings.RestrictPublicChannelManagement { + case model.PERMISSIONS_ALL: + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, + ) + break + case model.PERMISSIONS_CHANNEL_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, + ) + model.ROLE_CHANNEL_ADMIN.Permissions = append( + model.ROLE_CHANNEL_ADMIN.Permissions, + model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, + ) + break + } + } else { model.ROLE_TEAM_USER.Permissions = append( model.ROLE_TEAM_USER.Permissions, model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, ) - break - case model.PERMISSIONS_CHANNEL_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, - ) - model.ROLE_CHANNEL_ADMIN.Permissions = append( - model.ROLE_CHANNEL_ADMIN.Permissions, - model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, - ) - break - case model.PERMISSIONS_TEAM_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id, - ) - break } - switch *Cfg.TeamSettings.RestrictPublicChannelDeletion { - case model.PERMISSIONS_ALL: + if IsLicensed { + switch *Cfg.TeamSettings.RestrictPublicChannelDeletion { + case model.PERMISSIONS_ALL: + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, + ) + break + case model.PERMISSIONS_CHANNEL_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, + ) + model.ROLE_CHANNEL_ADMIN.Permissions = append( + model.ROLE_CHANNEL_ADMIN.Permissions, + model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, + ) + break + } + } else { model.ROLE_TEAM_USER.Permissions = append( model.ROLE_TEAM_USER.Permissions, model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, ) - break - case model.PERMISSIONS_CHANNEL_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, - ) - model.ROLE_CHANNEL_ADMIN.Permissions = append( - model.ROLE_CHANNEL_ADMIN.Permissions, - model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, - ) - break - case model.PERMISSIONS_TEAM_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id, - ) - break } - switch *Cfg.TeamSettings.RestrictPrivateChannelCreation { - case model.PERMISSIONS_ALL: + if IsLicensed { + switch *Cfg.TeamSettings.RestrictPrivateChannelCreation { + case model.PERMISSIONS_ALL: + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, + ) + break + } + } else { model.ROLE_TEAM_USER.Permissions = append( model.ROLE_TEAM_USER.Permissions, model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, ) - break - case model.PERMISSIONS_TEAM_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_CREATE_PRIVATE_CHANNEL.Id, - ) - break } - switch *Cfg.TeamSettings.RestrictPrivateChannelManagement { - case model.PERMISSIONS_ALL: + if IsLicensed { + switch *Cfg.TeamSettings.RestrictPrivateChannelManagement { + case model.PERMISSIONS_ALL: + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, + ) + break + case model.PERMISSIONS_CHANNEL_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, + ) + model.ROLE_CHANNEL_ADMIN.Permissions = append( + model.ROLE_CHANNEL_ADMIN.Permissions, + model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, + ) + break + } + } else { model.ROLE_TEAM_USER.Permissions = append( model.ROLE_TEAM_USER.Permissions, model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, ) - break - case model.PERMISSIONS_CHANNEL_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, - ) - model.ROLE_CHANNEL_ADMIN.Permissions = append( - model.ROLE_CHANNEL_ADMIN.Permissions, - model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, - ) - break - case model.PERMISSIONS_TEAM_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id, - ) - break } - switch *Cfg.TeamSettings.RestrictPrivateChannelDeletion { - case model.PERMISSIONS_ALL: + if IsLicensed { + switch *Cfg.TeamSettings.RestrictPrivateChannelDeletion { + case model.PERMISSIONS_ALL: + model.ROLE_TEAM_USER.Permissions = append( + model.ROLE_TEAM_USER.Permissions, + model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, + ) + break + case model.PERMISSIONS_CHANNEL_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, + ) + model.ROLE_CHANNEL_ADMIN.Permissions = append( + model.ROLE_CHANNEL_ADMIN.Permissions, + model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, + ) + break + case model.PERMISSIONS_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, + ) + break + } + } else { model.ROLE_TEAM_USER.Permissions = append( model.ROLE_TEAM_USER.Permissions, model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, ) - break - case model.PERMISSIONS_CHANNEL_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, - ) - model.ROLE_CHANNEL_ADMIN.Permissions = append( - model.ROLE_CHANNEL_ADMIN.Permissions, - model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, - ) - break - case model.PERMISSIONS_TEAM_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id, - ) - break } if !*Cfg.ServiceSettings.EnableOnlyAdminIntegrations { @@ -167,8 +209,28 @@ func SetDefaultRolesBasedOnConfig() { ) } - switch *Cfg.ServiceSettings.RestrictPostDelete { - case model.PERMISSIONS_DELETE_POST_ALL: + if IsLicensed { + switch *Cfg.ServiceSettings.RestrictPostDelete { + case model.PERMISSIONS_DELETE_POST_ALL: + model.ROLE_CHANNEL_USER.Permissions = append( + model.ROLE_CHANNEL_USER.Permissions, + model.PERMISSION_DELETE_POST.Id, + ) + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_DELETE_POST.Id, + model.PERMISSION_DELETE_OTHERS_POSTS.Id, + ) + break + case model.PERMISSIONS_DELETE_POST_TEAM_ADMIN: + model.ROLE_TEAM_ADMIN.Permissions = append( + model.ROLE_TEAM_ADMIN.Permissions, + model.PERMISSION_DELETE_POST.Id, + model.PERMISSION_DELETE_OTHERS_POSTS.Id, + ) + break + } + } else { model.ROLE_CHANNEL_USER.Permissions = append( model.ROLE_CHANNEL_USER.Permissions, model.PERMISSION_DELETE_POST.Id, @@ -178,14 +240,6 @@ func SetDefaultRolesBasedOnConfig() { model.PERMISSION_DELETE_POST.Id, model.PERMISSION_DELETE_OTHERS_POSTS.Id, ) - break - case model.PERMISSIONS_DELETE_POST_TEAM_ADMIN: - model.ROLE_TEAM_ADMIN.Permissions = append( - model.ROLE_TEAM_ADMIN.Permissions, - model.PERMISSION_DELETE_POST.Id, - model.PERMISSION_DELETE_OTHERS_POSTS.Id, - ) - break } if Cfg.TeamSettings.EnableTeamCreation { diff --git a/webapp/components/root.jsx b/webapp/components/root.jsx index 06a22f395..07c4415f5 100644 --- a/webapp/components/root.jsx +++ b/webapp/components/root.jsx @@ -31,7 +31,7 @@ export default class Root extends React.Component { // Ya.... /*eslint-disable */ - if (segmentKey != null && segmentKey !== '' && window.mm_config.DiagnosticsEnabled) { + if (segmentKey != null && segmentKey !== '' && window.mm_config.DiagnosticsEnabled === 'true') { !function(){var analytics=global.window.analytics=global.window.analytics||[];if(!analytics.initialize)if(analytics.invoked)window.console&&console.error&&console.error("Segment snippet included twice.");else{analytics.invoked=!0;analytics.methods=["trackSubmit","trackClick","trackLink","trackForm","pageview","identify","group","track","ready","alias","page","once","off","on"];analytics.factory=function(t){return function(){var e=Array.prototype.slice.call(arguments);e.unshift(t);analytics.push(e);return analytics}};for(var t=0;t<analytics.methods.length;t++){var e=analytics.methods[t];analytics[e]=analytics.factory(e)}analytics.load=function(t){var e=document.createElement("script");e.type="text/javascript";e.async=!0;e.src=("https:"===document.location.protocol?"https://":"http://")+"cdn.segment.com/analytics.js/v1/"+t+"/analytics.min.js";var n=document.getElementsByTagName("script")[0];n.parentNode.insertBefore(e,n)};analytics.SNIPPET_VERSION="3.0.1"; analytics.load(segmentKey); |