summaryrefslogtreecommitdiffstats
path: root/utils/authorization.go
diff options
context:
space:
mode:
Diffstat (limited to 'utils/authorization.go')
-rw-r--r--utils/authorization.go33
1 files changed, 33 insertions, 0 deletions
diff --git a/utils/authorization.go b/utils/authorization.go
index 086caa565..8078f4023 100644
--- a/utils/authorization.go
+++ b/utils/authorization.go
@@ -183,6 +183,39 @@ func SetDefaultRolesBasedOnConfig() {
)
}
+ // Restrict permissions for Private Channel Manage Members
+ if IsLicensed {
+ switch *Cfg.TeamSettings.RestrictPrivateChannelManageMembers {
+ case model.PERMISSIONS_ALL:
+ model.ROLE_CHANNEL_USER.Permissions = append(
+ model.ROLE_CHANNEL_USER.Permissions,
+ model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
+ )
+ break
+ case model.PERMISSIONS_CHANNEL_ADMIN:
+ model.ROLE_TEAM_ADMIN.Permissions = append(
+ model.ROLE_TEAM_ADMIN.Permissions,
+ model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
+ )
+ model.ROLE_CHANNEL_ADMIN.Permissions = append(
+ model.ROLE_CHANNEL_ADMIN.Permissions,
+ model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
+ )
+ break
+ case model.PERMISSIONS_TEAM_ADMIN:
+ model.ROLE_TEAM_ADMIN.Permissions = append(
+ model.ROLE_TEAM_ADMIN.Permissions,
+ model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
+ )
+ break
+ }
+ } else {
+ model.ROLE_CHANNEL_USER.Permissions = append(
+ model.ROLE_CHANNEL_USER.Permissions,
+ model.PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
+ )
+ }
+
if !*Cfg.ServiceSettings.EnableOnlyAdminIntegrations {
model.ROLE_TEAM_USER.Permissions = append(
model.ROLE_TEAM_USER.Permissions,
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-11 08:44:19 +0000