diff --git a/zerver/lib/actions.py b/zerver/lib/actions.py index 2695384f72..4f66fe7d4c 100644 --- a/zerver/lib/actions.py +++ b/zerver/lib/actions.py @@ -16,6 +16,7 @@ from zerver.models import Realm, RealmEmoji, Stream, UserProfile, UserActivity, UserActivityInterval, get_active_user_dicts_in_realm, RealmAlias, \ ScheduledJob, realm_filters_for_domain, RealmFilter from zerver.lib.avatar import get_avatar_url +from guardian.shortcuts import assign_perm, remove_perm from django.db import transaction, IntegrityError from django.db.models import F, Q @@ -1163,6 +1164,19 @@ def do_change_full_name(user_profile, full_name, log=True): users=active_user_ids(user_profile.realm)) tornado_callbacks.send_notification(notice) +def do_change_is_admin(user_profile, is_admin): + if is_admin: + assign_perm('administer', user_profile, user_profile.realm) + else: + remove_perm('administer', user_profile, user_profile.realm) + + notice = dict(event=dict(type="realm_user", op="update", + person=dict(email=user_profile.email, + is_admin=is_admin)), + users=active_user_ids(user_profile.realm)) + tornado_callbacks.send_notification(notice) + + def do_make_stream_public(user_profile, realm, stream_name): stream_name = stream_name.strip() stream = get_stream(stream_name, realm) diff --git a/zerver/tests.py b/zerver/tests.py index d52921a178..4f0608e2a4 100644 --- a/zerver/tests.py +++ b/zerver/tests.py @@ -770,17 +770,28 @@ class PermissionTest(AuthedTestCase): # Giveth req = dict(is_admin=ujson.dumps(True)) - result = self.client_patch('/json/users/othello@zulip.com', req) + + events = [] + with tornado_redirected_to_list(events): + result = self.client_patch('/json/users/othello@zulip.com', req) self.assert_json_success(result) admin_users = realm.get_admin_users() self.assertTrue(user in admin_users) + person = events[0]['event']['person'] + self.assertEqual(person['email'], 'othello@zulip.com') + self.assertEqual(person['is_admin'], True) # Taketh away req = dict(is_admin=ujson.dumps(False)) - result = self.client_patch('/json/users/othello@zulip.com', req) + events = [] + with tornado_redirected_to_list(events): + result = self.client_patch('/json/users/othello@zulip.com', req) self.assert_json_success(result) admin_users = realm.get_admin_users() self.assertFalse(user in admin_users) + person = events[0]['event']['person'] + self.assertEqual(person['email'], 'othello@zulip.com') + self.assertEqual(person['is_admin'], False) # Make sure only admins can patch other user's info. self.login('othello@zulip.com') diff --git a/zerver/views/__init__.py b/zerver/views/__init__.py index 8bd3427ccc..f6e029a4c0 100644 --- a/zerver/views/__init__.py +++ b/zerver/views/__init__.py @@ -24,7 +24,7 @@ from zerver.models import Message, UserProfile, Stream, Subscription, \ split_email_to_domain, resolve_email_to_domain, email_to_username, get_realm, \ completely_open, get_active_user_dicts_in_realm, remote_user_to_email from zerver.lib.actions import bulk_remove_subscriptions, do_change_password, \ - do_change_full_name, do_change_enable_desktop_notifications, \ + do_change_full_name, do_change_enable_desktop_notifications, do_change_is_admin, \ do_change_enter_sends, do_change_enable_sounds, do_activate_user, do_create_user, \ do_change_subscription_property, internal_send_message, \ create_stream_if_needed, gather_subscriptions, \ @@ -65,7 +65,7 @@ from zerver.lib.queue import queue_json_publish from zerver.lib.utils import statsd, generate_random_token, statsd_key from zerver import tornado_callbacks from zproject.backends import password_auth_enabled -from guardian.shortcuts import assign_perm, remove_perm +from guardian.shortcuts import assign_perm from confirmation.models import Confirmation @@ -1700,10 +1700,7 @@ def update_user_backend(request, user_profile, email, return json_error('Insufficient permission') if is_admin is not None: - if is_admin: - assign_perm('administer', target, target.realm) - else: - remove_perm('administer', target, target.realm) + do_change_is_admin(target, is_admin) return json_success({}) @require_realm_admin