From 39161817709a83aea2b123782fd3be065c6eddca Mon Sep 17 00:00:00 2001 From: Sahil Batra Date: Mon, 4 Oct 2021 12:33:01 +0530 Subject: [PATCH] models: Add can_create_web_public_streams helper. This commit adds can_create_web_public_streams helper in models.py which will be used to validate whether user is allowed to create a web-public stream or not. This commit also adds the checks for Realm.POLICY_OWNERS_ONLY in check_has_permission_policies. --- zerver/lib/test_classes.py | 8 ++++++++ zerver/models.py | 12 ++++++++++++ zerver/tests/test_subs.py | 11 +++++++++++ 3 files changed, 31 insertions(+) diff --git a/zerver/lib/test_classes.py b/zerver/lib/test_classes.py index 5745844e04..332cc78786 100644 --- a/zerver/lib/test_classes.py +++ b/zerver/lib/test_classes.py @@ -1269,6 +1269,14 @@ Output: self.assertFalse(validation_func(new_member_user)) self.assertFalse(validation_func(guest_user)) + do_set_realm_property(realm, policy, Realm.POLICY_OWNERS_ONLY, acting_user=None) + self.assertTrue(validation_func(owner_user)) + self.assertFalse(validation_func(admin_user)) + self.assertFalse(validation_func(moderator_user)) + self.assertFalse(validation_func(member_user)) + self.assertFalse(validation_func(new_member_user)) + self.assertFalse(validation_func(guest_user)) + do_set_realm_property(realm, policy, Realm.POLICY_ADMINS_ONLY, acting_user=None) self.assertTrue(validation_func(owner_user)) self.assertTrue(validation_func(admin_user)) diff --git a/zerver/models.py b/zerver/models.py index bb3b042f1c..b4d2d2ed74 100644 --- a/zerver/models.py +++ b/zerver/models.py @@ -1856,6 +1856,7 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings): "add_custom_emoji_policy", "create_private_stream_policy", "create_public_stream_policy", + "create_web_public_stream_policy", "delete_own_message_policy", "edit_topic_policy", "invite_to_stream_policy", @@ -1872,6 +1873,12 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings): if policy_value == Realm.POLICY_EVERYONE: return True + if self.is_realm_owner: + return True + + if policy_value == Realm.POLICY_OWNERS_ONLY: + return False + if self.is_realm_admin: return True @@ -1899,6 +1906,11 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings): def can_create_private_streams(self) -> bool: return self.has_permission("create_private_stream_policy") + def can_create_web_public_streams(self) -> bool: + if not self.realm.web_public_streams_enabled(): + return False + return self.has_permission("create_web_public_stream_policy") + def can_subscribe_other_users(self) -> bool: return self.has_permission("invite_to_stream_policy") diff --git a/zerver/tests/test_subs.py b/zerver/tests/test_subs.py index a785cde2b7..c0818f9968 100644 --- a/zerver/tests/test_subs.py +++ b/zerver/tests/test_subs.py @@ -475,6 +475,8 @@ class StreamAdminTest(ZulipTestCase): ] # Normal user cannot create web-public streams + self.assertFalse(user_profile.can_create_web_public_streams()) + self.assertTrue(owner.can_create_web_public_streams()) with self.assertRaisesRegex(JsonableError, "Must be an organization owner"): list_to_streams( streams_raw, @@ -483,6 +485,8 @@ class StreamAdminTest(ZulipTestCase): ) with self.settings(WEB_PUBLIC_STREAMS_ENABLED=False): + self.assertFalse(user_profile.can_create_web_public_streams()) + self.assertFalse(owner.can_create_web_public_streams()) with self.assertRaisesRegex(JsonableError, "Web public streams are not enabled."): list_to_streams( streams_raw, @@ -3354,6 +3358,13 @@ class SubscriptionAPITest(ZulipTestCase): def test_can_create_public_streams(self) -> None: self._test_can_create_streams("create_public_stream_policy", invite_only=False) + def test_can_create_web_public_streams(self) -> None: + def validation_func(user_profile: UserProfile) -> bool: + user_profile.refresh_from_db() + return user_profile.can_create_web_public_streams() + + self.check_has_permission_policies("create_web_public_stream_policy", validation_func) + def test_user_settings_for_subscribing_other_users(self) -> None: """ You can't subscribe other people to streams if you are a guest or your account is not old