mirror of
https://github.com/mattermost/mattermost.git
synced 2026-02-18 18:18:23 -05:00
MM-11707: Change the default setting for EDIT_OTHERS_POSTS (#9447)
* MM-11707: Removes edit_others_posts permission from the team_admin role in MakeDefaultRoles(). * MM-11707: Tests fix. * MM-11707: Update test store. * MM-11707: Allow to change the permission for edit the others posts on TE * Fixing tests
This commit is contained in:
Jesús Espino
GitHub
parent
89cd752aa1
commit
847f30a13b
5 changed files with 15 additions and 12 deletions
|
|
@ -587,6 +587,12 @@ func TestUpdatePost(t *testing.T) {
|
|||
|
||||
Client.Logout()
|
||||
|
||||
th.LoginTeamAdmin()
|
||||
_, resp = Client.UpdatePost(rpost.Id, rpost)
|
||||
CheckForbiddenStatus(t, resp)
|
||||
|
||||
Client.Logout()
|
||||
|
||||
_, resp = th.SystemAdminClient.UpdatePost(rpost.Id, rpost)
|
||||
CheckNoError(t, resp)
|
||||
}
|
||||
|
|
@ -673,7 +679,7 @@ func TestPatchPost(t *testing.T) {
|
|||
|
||||
th.LoginTeamAdmin()
|
||||
_, resp = Client.PatchPost(post.Id, patch)
|
||||
CheckNoError(t, resp)
|
||||
CheckForbiddenStatus(t, resp)
|
||||
|
||||
_, resp = th.SystemAdminClient.PatchPost(post.Id, patch)
|
||||
CheckNoError(t, resp)
|
||||
|
|
@ -1599,7 +1605,7 @@ func TestSearchPostsWithDateFlags(t *testing.T) {
|
|||
posts, _ = Client.SearchPosts(th.BasicTeam.Id, "before:2018-08-03 after:2018-08-01", false)
|
||||
if len(posts.Order) != 1 {
|
||||
t.Fatalf("wrong number of posts returned %v", len(posts.Order))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestGetFileInfosForPost(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -104,6 +104,7 @@ func patchRole(c *Context, w http.ResponseWriter, r *http.Request) {
|
|||
model.PERMISSION_MANAGE_OAUTH.Id,
|
||||
model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
|
||||
model.PERMISSION_MANAGE_EMOJIS.Id,
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
}
|
||||
|
||||
changedPermissions := model.PermissionsChangedByPatch(oldRole, patch)
|
||||
|
|
|
|||
|
|
@ -152,7 +152,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
|
|||
model.PERMISSION_CREATE_POST_PUBLIC.Id,
|
||||
},
|
||||
"team_admin": []string{
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
|
||||
model.PERMISSION_MANAGE_TEAM.Id,
|
||||
model.PERMISSION_IMPORT_TEAM.Id,
|
||||
|
|
@ -197,6 +196,7 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
|
|||
model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
|
||||
model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
|
||||
model.PERMISSION_EDIT_OTHER_USERS.Id,
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_MANAGE_OAUTH.Id,
|
||||
model.PERMISSION_INVITE_USER.Id,
|
||||
model.PERMISSION_DELETE_POST.Id,
|
||||
|
|
@ -222,7 +222,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
|
|||
model.PERMISSION_GET_PUBLIC_LINK.Id,
|
||||
model.PERMISSION_CREATE_POST.Id,
|
||||
model.PERMISSION_USE_SLASH_COMMANDS.Id,
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
|
||||
model.PERMISSION_MANAGE_TEAM.Id,
|
||||
model.PERMISSION_IMPORT_TEAM.Id,
|
||||
|
|
@ -315,7 +314,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
|
|||
model.PERMISSION_CREATE_POST_PUBLIC.Id,
|
||||
},
|
||||
"team_admin": []string{
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
|
||||
model.PERMISSION_MANAGE_TEAM.Id,
|
||||
model.PERMISSION_IMPORT_TEAM.Id,
|
||||
|
|
@ -362,6 +360,7 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
|
|||
model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
|
||||
model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
|
||||
model.PERMISSION_EDIT_OTHER_USERS.Id,
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_MANAGE_OAUTH.Id,
|
||||
model.PERMISSION_INVITE_USER.Id,
|
||||
model.PERMISSION_DELETE_POST.Id,
|
||||
|
|
@ -387,7 +386,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
|
|||
model.PERMISSION_GET_PUBLIC_LINK.Id,
|
||||
model.PERMISSION_CREATE_POST.Id,
|
||||
model.PERMISSION_USE_SLASH_COMMANDS.Id,
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
|
||||
model.PERMISSION_MANAGE_TEAM.Id,
|
||||
model.PERMISSION_IMPORT_TEAM.Id,
|
||||
|
|
@ -496,6 +494,7 @@ func TestDoEmojisPermissionsMigration(t *testing.T) {
|
|||
model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
|
||||
model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
|
||||
model.PERMISSION_EDIT_OTHER_USERS.Id,
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_MANAGE_OAUTH.Id,
|
||||
model.PERMISSION_INVITE_USER.Id,
|
||||
model.PERMISSION_DELETE_POST.Id,
|
||||
|
|
@ -521,7 +520,6 @@ func TestDoEmojisPermissionsMigration(t *testing.T) {
|
|||
model.PERMISSION_GET_PUBLIC_LINK.Id,
|
||||
model.PERMISSION_CREATE_POST.Id,
|
||||
model.PERMISSION_USE_SLASH_COMMANDS.Id,
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
|
||||
model.PERMISSION_MANAGE_TEAM.Id,
|
||||
model.PERMISSION_IMPORT_TEAM.Id,
|
||||
|
|
@ -549,7 +547,6 @@ func TestDoEmojisPermissionsMigration(t *testing.T) {
|
|||
role2, err2 := th.App.GetRoleByName(model.TEAM_ADMIN_ROLE_ID)
|
||||
assert.Nil(t, err2)
|
||||
expected2 := []string{
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
|
||||
model.PERMISSION_MANAGE_TEAM.Id,
|
||||
model.PERMISSION_IMPORT_TEAM.Id,
|
||||
|
|
|
|||
|
|
@ -243,7 +243,6 @@ func MakeDefaultRoles() map[string]*Role {
|
|||
DisplayName: "authentication.roles.team_admin.name",
|
||||
Description: "authentication.roles.team_admin.description",
|
||||
Permissions: []string{
|
||||
PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
PERMISSION_REMOVE_USER_FROM_TEAM.Id,
|
||||
PERMISSION_MANAGE_TEAM.Id,
|
||||
PERMISSION_IMPORT_TEAM.Id,
|
||||
|
|
@ -332,6 +331,7 @@ func MakeDefaultRoles() map[string]*Role {
|
|||
PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
|
||||
PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
|
||||
PERMISSION_EDIT_OTHER_USERS.Id,
|
||||
PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
PERMISSION_MANAGE_OAUTH.Id,
|
||||
PERMISSION_INVITE_USER.Id,
|
||||
PERMISSION_DELETE_POST.Id,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,6 @@ func createDefaultRoles(t *testing.T, ss store.Store) {
|
|||
Name: model.TEAM_ADMIN_ROLE_ID,
|
||||
DisplayName: model.TEAM_ADMIN_ROLE_ID,
|
||||
Permissions: []string{
|
||||
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
model.PERMISSION_DELETE_OTHERS_POSTS.Id,
|
||||
},
|
||||
})
|
||||
|
|
@ -91,7 +90,7 @@ func testSchemeStoreSave(t *testing.T, ss store.Store) {
|
|||
roleRes1 := <-ss.Role().GetByName(d1.DefaultTeamAdminRole)
|
||||
assert.Nil(t, roleRes1.Err)
|
||||
role1 := roleRes1.Data.(*model.Role)
|
||||
assert.Equal(t, role1.Permissions, []string{"edit_others_posts", "delete_others_posts"})
|
||||
assert.Equal(t, role1.Permissions, []string{"delete_others_posts"})
|
||||
assert.True(t, role1.SchemeManaged)
|
||||
|
||||
roleRes2 := <-ss.Role().GetByName(d1.DefaultTeamUserRole)
|
||||
|
|
@ -314,7 +313,7 @@ func testSchemeStoreDelete(t *testing.T, ss store.Store) {
|
|||
roleRes1 := <-ss.Role().GetByName(d1.DefaultTeamAdminRole)
|
||||
assert.Nil(t, roleRes1.Err)
|
||||
role1 := roleRes1.Data.(*model.Role)
|
||||
assert.Equal(t, role1.Permissions, []string{"edit_others_posts", "delete_others_posts"})
|
||||
assert.Equal(t, role1.Permissions, []string{"delete_others_posts"})
|
||||
assert.True(t, role1.SchemeManaged)
|
||||
|
||||
roleRes2 := <-ss.Role().GetByName(d1.DefaultTeamUserRole)
|
||||
|
|
|
|||
Loading…
Reference in a new issue