IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

[MM-58840] Add routing restrictions (#27482)

Browse Source
This commit is contained in:
Julien Tant 2024-07-01 11:05:38 -07:00 committed by GitHub
parent 6bfd309573
commit d0c4e820a4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 35 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
e2e-tests/cypress/tests/integration/channels/enterprise/system_console/group_configuration_spec.js
View File

@ -55,6 +55,14 @@ describe('group configuration', () => {
});
});
it("MM-58840 Groups - can't navigate to invalid URL", () => {
// # Visit the invalid URL.
cy.visit('/admin_console/user_management/groups/invalid');
// * Verify that the user is seeing the listing (subroute not matched)
cy.findByText('AD/LDAP Groups').should('be.visible');
});
describe('adding a team', () => {
it('does not add a team without saving', () => {
addGroupSyncable('team', () => {

8
e2e-tests/cypress/tests/integration/channels/enterprise/system_console/team_members_spec.js
View File

@ -41,6 +41,14 @@ describe('Team members test', () => {
});
});
it("MM-58840 Teams - can't navigate to invalid URL", () => {
// # Visit the invalid URL.
cy.visit('/admin_console/user_management/teams/invalid');
// * Verify that the user is seeing the listing (subroute not matched)
cy.findByText('Mattermost Teams').should('be.visible');
});
it('MM-23938 - Team members block is only visible when team is not group synced', () => {
// # Visit the team page
cy.visit(`/admin_console/user_management/teams/${testTeam.id}`);

11
e2e-tests/cypress/tests/integration/channels/system_console/user_management_spec.js
View File

@ -222,6 +222,17 @@ describe('User Management', () => {
cy.url().should('contain', '/login');
});
it("MM-58840 Users - can't navigate to invalid URL", () => {
// # Login as sysadmin.
cy.apiLogin(sysadmin);
// # Visit the invalid URL.
cy.visit('/admin_console/user_management/user/invalid');
// * Verify that the user is redirected to the default page.
cy.url().should('include', '/admin_console/about/license');
});
function resetUserEmail(oldEmail, newEmail, errorMsg) {
cy.visit('/admin_console/user_management/users');

15
webapp/channels/src/components/admin_console/admin_definition.tsx
View File

@ -36,6 +36,7 @@ import RestrictedIndicator from 'components/widgets/menu/menu_items/restricted_i
import {Constants, CloudProducts, LicenseSkus, AboutLinks, DocLinks, DeveloperLinks} from 'utils/constants';
import {isCloudLicense} from 'utils/license_utils';
import {ID_PATH_PATTERN} from 'utils/path';
import {getSiteURL} from 'utils/url';
import * as DefinitionConstants from './admin_definition_constants';
@ -457,7 +458,7 @@ const AdminDefinition: AdminDefinitionType = {
},
},
system_user_detail: {
url: 'user_management/user/:user_id',
url: `user_management/user/:user_id(${ID_PATH_PATTERN})`,
isHidden: it.not(it.userHasReadPermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.USERS)),
schema: {
id: 'SystemUserDetail',
@ -465,7 +466,7 @@ const AdminDefinition: AdminDefinitionType = {
},
},
group_detail: {
url: 'user_management/groups/:group_id',
url: `user_management/groups/:group_id(${ID_PATH_PATTERN})`,
isDisabled: it.not(it.userHasWritePermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.GROUPS)),
isHidden: it.not(it.userHasReadPermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.GROUPS)),
schema: {
@ -510,7 +511,7 @@ const AdminDefinition: AdminDefinitionType = {
restrictedIndicator: getRestrictedIndicator(true, LicenseSkus.Enterprise),
},
team_detail: {
url: 'user_management/teams/:team_id',
url: `user_management/teams/:team_id(${ID_PATH_PATTERN})`,
isDisabled: it.not(it.userHasWritePermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.TEAMS)),
isHidden: it.not(it.userHasReadPermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.TEAMS)),
schema: {
@ -530,7 +531,7 @@ const AdminDefinition: AdminDefinitionType = {
},
},
channel_detail: {
url: 'user_management/channels/:channel_id',
url: `user_management/channels/:channel_id(${ID_PATH_PATTERN})`,
isDisabled: it.not(it.userHasWritePermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.CHANNELS)),
isHidden: it.not(it.userHasReadPermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.CHANNELS)),
schema: {
@ -557,7 +558,7 @@ const AdminDefinition: AdminDefinitionType = {
},
},
teamSchemeDetail: {
url: 'user_management/permissions/team_override_scheme/:scheme_id',
url: `user_management/permissions/team_override_scheme/:scheme_id(${ID_PATH_PATTERN})`,
isDisabled: it.not(it.userHasWritePermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.PERMISSIONS)),
schema: {
id: 'PermissionSystemScheme',
@ -586,7 +587,7 @@ const AdminDefinition: AdminDefinitionType = {
},
},
system_role: {
url: 'user_management/system_roles/:role_id',
url: `user_management/system_roles/:role_id(${ID_PATH_PATTERN})`,
isDisabled: it.not(it.userHasWritePermissionOnResource(RESOURCE_KEYS.USER_MANAGEMENT.SYSTEM_ROLES)),
schema: {
id: 'SystemRole',
@ -5622,7 +5623,7 @@ const AdminDefinition: AdminDefinitionType = {
isHidden: it.not(it.userHasReadPermissionOnSomeResources(RESOURCE_KEYS.COMPLIANCE)),
subsections: {
custom_policy_form_edit: {
url: 'compliance/data_retention_settings/custom_policy/:policy_id',
url: `compliance/data_retention_settings/custom_policy/:policy_id(${ID_PATH_PATTERN})`,
isHidden: it.any(
it.not(it.licensedForFeature('DataRetention')),
it.not(it.userHasReadPermissionOnSomeResources(RESOURCE_KEYS.COMPLIANCE.DATA_RETENTION_POLICY)),