IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

MM-14845: Updates default permissions. (#10590)

Browse Source
This commit is contained in:
George Goldberg
2019-04-12 18:00:57 +01:00
committed by GitHub
parent e5e1c5c027
commit a69ce6d64d
10 changed files with 362 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
utils/authorization.go
View File

@@ -31,8 +31,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
if isLicensed {
switch *cfg.TeamSettings.DEPRECATED_DO_NOT_USE_RestrictPublicChannelManagement {
case model.PERMISSIONS_ALL:
roles[model.TEAM_USER_ROLE_ID].Permissions = append(
roles[model.TEAM_USER_ROLE_ID].Permissions,
roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
roles[model.CHANNEL_USER_ROLE_ID].Permissions,
model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
)
case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -51,8 +51,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
)
}
} else {
roles[model.TEAM_USER_ROLE_ID].Permissions = append(
roles[model.TEAM_USER_ROLE_ID].Permissions,
roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
roles[model.CHANNEL_USER_ROLE_ID].Permissions,
model.PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
)
}
@@ -60,8 +60,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
if isLicensed {
switch *cfg.TeamSettings.DEPRECATED_DO_NOT_USE_RestrictPublicChannelDeletion {
case model.PERMISSIONS_ALL:
roles[model.TEAM_USER_ROLE_ID].Permissions = append(
roles[model.TEAM_USER_ROLE_ID].Permissions,
roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
roles[model.CHANNEL_USER_ROLE_ID].Permissions,
model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
)
case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -80,8 +80,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
)
}
} else {
roles[model.TEAM_USER_ROLE_ID].Permissions = append(
roles[model.TEAM_USER_ROLE_ID].Permissions,
roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
roles[model.CHANNEL_USER_ROLE_ID].Permissions,
model.PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
)
}
@@ -109,8 +109,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
if isLicensed {
switch *cfg.TeamSettings.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelManagement {
case model.PERMISSIONS_ALL:
roles[model.TEAM_USER_ROLE_ID].Permissions = append(
roles[model.TEAM_USER_ROLE_ID].Permissions,
roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
roles[model.CHANNEL_USER_ROLE_ID].Permissions,
model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
)
case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -129,8 +129,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
)
}
} else {
roles[model.TEAM_USER_ROLE_ID].Permissions = append(
roles[model.TEAM_USER_ROLE_ID].Permissions,
roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
roles[model.CHANNEL_USER_ROLE_ID].Permissions,
model.PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
)
}
@@ -138,8 +138,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
if isLicensed {
switch *cfg.TeamSettings.DEPRECATED_DO_NOT_USE_RestrictPrivateChannelDeletion {
case model.PERMISSIONS_ALL:
roles[model.TEAM_USER_ROLE_ID].Permissions = append(
roles[model.TEAM_USER_ROLE_ID].Permissions,
roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
roles[model.CHANNEL_USER_ROLE_ID].Permissions,
model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
)
case model.PERMISSIONS_CHANNEL_ADMIN:
@@ -158,8 +158,8 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
)
}
} else {
roles[model.TEAM_USER_ROLE_ID].Permissions = append(
roles[model.TEAM_USER_ROLE_ID].Permissions,
roles[model.CHANNEL_USER_ROLE_ID].Permissions = append(
roles[model.CHANNEL_USER_ROLE_ID].Permissions,
model.PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
)
}

32
utils/policies-roles-mapping.json
View File

@@ -101,14 +101,14 @@
"restrictPublicChannelManagement": {
"all": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "manage_public_channel_properties",
"shouldHave": true
}
],
"channel_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "manage_public_channel_properties",
"shouldHave": false
},
@@ -125,7 +125,7 @@
],
"team_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "manage_public_channel_properties",
"shouldHave": false
},
@@ -142,7 +142,7 @@
],
"system_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "manage_public_channel_properties",
"shouldHave": false
},
@@ -161,14 +161,14 @@
"restrictPublicChannelDeletion": {
"all": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "delete_public_channel",
"shouldHave": true
}
],
"channel_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "delete_public_channel",
"shouldHave": false
},
@@ -185,7 +185,7 @@
],
"team_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "delete_public_channel",
"shouldHave": false
},
@@ -202,7 +202,7 @@
],
"system_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "delete_public_channel",
"shouldHave": false
},
@@ -221,14 +221,14 @@
"restrictPrivateChannelManagement": {
"all": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "manage_private_channel_properties",
"shouldHave": true
}
],
"channel_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "manage_private_channel_properties",
"shouldHave": false
},
@@ -245,7 +245,7 @@
],
"team_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "manage_private_channel_properties",
"shouldHave": false
},
@@ -262,7 +262,7 @@
],
"system_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "manage_private_channel_properties",
"shouldHave": false
},
@@ -341,14 +341,14 @@
"restrictPrivateChannelDeletion": {
"all": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "delete_private_channel",
"shouldHave": true
}
],
"channel_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "delete_private_channel",
"shouldHave": false
},
@@ -365,7 +365,7 @@
],
"team_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "delete_private_channel",
"shouldHave": false
},
@@ -382,7 +382,7 @@
],
"system_admin": [
{
"roleName": "team_user",
"roleName": "channel_user",
"permission": "delete_private_channel",
"shouldHave": false
},