mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
Add Billing Permissions (#16364)
* add billing permissions * update store.go * Update permission.go Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
This commit is contained in:
Hossein
GitHub
@@ -46,8 +46,8 @@ func getSubscription(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_READ_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -73,8 +73,8 @@ func getCloudProducts(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_READ_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -99,8 +99,8 @@ func getCloudCustomer(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_READ_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -125,8 +125,8 @@ func updateCloudCustomer(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_WRITE_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_WRITE_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -163,8 +163,8 @@ func updateCloudCustomerAddress(c *Context, w http.ResponseWriter, r *http.Reque
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_WRITE_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_WRITE_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -201,8 +201,8 @@ func createCustomerPayment(c *Context, w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_WRITE_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_WRITE_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -232,8 +232,8 @@ func confirmCustomerPayment(c *Context, w http.ResponseWriter, r *http.Request)
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_WRITE_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_WRITE_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -269,8 +269,8 @@ func getInvoicesForSubscription(c *Context, w http.ResponseWriter, r *http.Reque
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_READ_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -300,8 +300,8 @@ func getSubscriptionInvoicePDF(c *Context, w http.ResponseWriter, r *http.Reques
|
||||
return
|
||||
}
|
||||
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_MANAGE_SYSTEM) {
|
||||
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
||||
if !c.App.SessionHasPermissionTo(*c.App.Session(), model.PERMISSION_SYSCONSOLE_READ_BILLING) {
|
||||
c.SetPermissionError(model.PERMISSION_SYSCONSOLE_READ_BILLING)
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@@ -516,6 +516,15 @@ func (a *App) getAddManageSharedChannelsPermissionsMigration() (permissionsMap,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (a *App) getBillingPermissionsMigration() (permissionsMap, error) {
|
||||
return permissionsMap{
|
||||
permissionTransformation{
|
||||
On: isRole(model.SYSTEM_ADMIN_ROLE_ID),
|
||||
Add: []string{model.PERMISSION_SYSCONSOLE_READ_BILLING.Id, model.PERMISSION_SYSCONSOLE_WRITE_BILLING.Id},
|
||||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (a *App) getAddManageRemoteClustersPermissionsMigration() (permissionsMap, error) {
|
||||
return permissionsMap{
|
||||
permissionTransformation{
|
||||
@@ -547,6 +556,7 @@ func (a *App) DoPermissionsMigrations() error {
|
||||
{Key: model.MIGRATION_KEY_ADD_MANAGE_SHARED_CHANNEL_PERMISSIONS, Migration: a.getAddManageSharedChannelsPermissionsMigration},
|
||||
{Key: model.MIGRATION_KEY_ADD_MANAGE_REMOTE_CLUSTERS_PERMISSIONS, Migration: a.getAddManageRemoteClustersPermissionsMigration},
|
||||
{Key: model.MIGRATION_KEY_ADD_SYSTEM_ROLES_PERMISSIONS, Migration: a.getSystemRolesPermissionsMigration},
|
||||
{Key: model.MIGRATION_KEY_ADD_BILLING_PERMISSIONS, Migration: a.getBillingPermissionsMigration},
|
||||
}
|
||||
|
||||
roles, err := a.GetAllRoles()
|
||||
|
||||
@@ -22,6 +22,7 @@ const (
|
||||
MIGRATION_KEY_SIDEBAR_CATEGORIES_PHASE_2 = "migration_sidebar_categories_phase_2"
|
||||
MIGRATION_KEY_ADD_CONVERT_CHANNEL_PERMISSIONS = "add_convert_channel_permissions"
|
||||
MIGRATION_KEY_ADD_SYSTEM_ROLES_PERMISSIONS = "add_system_roles_permissions"
|
||||
MIGRATION_KEY_ADD_BILLING_PERMISSIONS = "add_billing_permissions"
|
||||
MIGRATION_KEY_ADD_MANAGE_SHARED_CHANNEL_PERMISSIONS = "manage_shared_channel_permissions"
|
||||
MIGRATION_KEY_ADD_MANAGE_REMOTE_CLUSTERS_PERMISSIONS = "manage_remote_clusters_permissions"
|
||||
)
|
||||
|
||||
@@ -105,6 +105,9 @@ var PERMISSION_MANAGE_REMOTE_CLUSTERS *Permission
|
||||
var PERMISSION_SYSCONSOLE_READ_ABOUT *Permission
|
||||
var PERMISSION_SYSCONSOLE_WRITE_ABOUT *Permission
|
||||
|
||||
var PERMISSION_SYSCONSOLE_READ_BILLING *Permission
|
||||
var PERMISSION_SYSCONSOLE_WRITE_BILLING *Permission
|
||||
|
||||
var PERMISSION_SYSCONSOLE_READ_REPORTING *Permission
|
||||
var PERMISSION_SYSCONSOLE_WRITE_REPORTING *Permission
|
||||
|
||||
@@ -695,6 +698,18 @@ func initializePermissions() {
|
||||
"authentication.permissions.use_group_mentions.description",
|
||||
PermissionScopeSystem,
|
||||
}
|
||||
PERMISSION_SYSCONSOLE_READ_BILLING = &Permission{
|
||||
"sysconsole_read_billing",
|
||||
"",
|
||||
"",
|
||||
PermissionScopeSystem,
|
||||
}
|
||||
PERMISSION_SYSCONSOLE_WRITE_BILLING = &Permission{
|
||||
"sysconsole_write_billing",
|
||||
"",
|
||||
"",
|
||||
PermissionScopeSystem,
|
||||
}
|
||||
PERMISSION_SYSCONSOLE_READ_REPORTING = &Permission{
|
||||
"sysconsole_read_reporting",
|
||||
"authentication.permissions.use_group_mentions.name",
|
||||
@@ -878,6 +893,7 @@ func initializePermissions() {
|
||||
|
||||
SysconsoleReadPermissions = []*Permission{
|
||||
PERMISSION_SYSCONSOLE_READ_ABOUT,
|
||||
PERMISSION_SYSCONSOLE_READ_BILLING,
|
||||
PERMISSION_SYSCONSOLE_READ_REPORTING,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_USERS,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_GROUPS,
|
||||
@@ -896,6 +912,7 @@ func initializePermissions() {
|
||||
|
||||
SysconsoleWritePermissions = []*Permission{
|
||||
PERMISSION_SYSCONSOLE_WRITE_ABOUT,
|
||||
PERMISSION_SYSCONSOLE_WRITE_BILLING,
|
||||
PERMISSION_SYSCONSOLE_WRITE_REPORTING,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_USERS,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_GROUPS,
|
||||
|
||||
@@ -47,6 +47,7 @@ func GetMockStoreForSetupFunctions() *mocks.Store {
|
||||
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_SYSTEM_CONSOLE_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_SYSTEM_CONSOLE_PERMISSIONS, Value: "true"}, nil)
|
||||
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_CONVERT_CHANNEL_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_CONVERT_CHANNEL_PERMISSIONS, Value: "true"}, nil)
|
||||
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_SYSTEM_ROLES_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_SYSTEM_ROLES_PERMISSIONS, Value: "true"}, nil)
|
||||
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_BILLING_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_BILLING_PERMISSIONS, Value: "true"}, nil)
|
||||
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_MANAGE_SHARED_CHANNEL_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_MANAGE_SHARED_CHANNEL_PERMISSIONS, Value: "true"}, nil)
|
||||
systemStore.On("GetByName", model.MIGRATION_KEY_ADD_MANAGE_REMOTE_CLUSTERS_PERMISSIONS).Return(&model.System{Name: model.MIGRATION_KEY_ADD_MANAGE_REMOTE_CLUSTERS_PERMISSIONS, Value: "true"}, nil)
|
||||
systemStore.On("Get").Return(make(model.StringMap), nil)
|
||||
|
||||
Reference in New Issue
Block a user