From 0aa7ecd5e89f054ae927b246f2aec4bd6348d42b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jes=C3=BAs=20Espino?= <jespinog@gmail.com>
Date: Fri, 9 Feb 2018 16:31:01 +0100
Subject: AllowEditPost and PostEditTimeLimit migration (#8208)

* AllowEditPost and PostEditTimeLimit migration

* Not set EDIT_POST permission to sysadmin_role if ALLOW_EDIT_POST is configured to NEVER

* Remove a bit of code duplication
---
 utils/authorization.go | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'utils/authorization.go')

diff --git a/utils/authorization.go b/utils/authorization.go
index b18ece141..b17e94587 100644
--- a/utils/authorization.go
+++ b/utils/authorization.go
@@ -267,5 +267,28 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 		)
 	}
 
+	if IsLicensed() {
+		switch *cfg.ServiceSettings.AllowEditPost {
+		case model.ALLOW_EDIT_POST_ALWAYS, model.ALLOW_EDIT_POST_TIME_LIMIT:
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+				roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+				model.PERMISSION_EDIT_POST.Id,
+			)
+			roles[model.SYSTEM_ADMIN_ROLE_ID].Permissions = append(
+				roles[model.SYSTEM_ADMIN_ROLE_ID].Permissions,
+				model.PERMISSION_EDIT_POST.Id,
+			)
+		}
+	} else {
+		roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
+			roles[model.CHANNEL_USER_ROLE_ID].Permissions,
+			model.PERMISSION_EDIT_POST.Id,
+		)
+		roles[model.SYSTEM_ADMIN_ROLE_ID].Permissions = append(
+			roles[model.SYSTEM_ADMIN_ROLE_ID].Permissions,
+			model.PERMISSION_EDIT_POST.Id,
+		)
+	}
+
 	return roles
 }
-- 
cgit v1.2.3-1-g7c22