Unverified Commit 847f30a1 authored by Jesús Espino's avatar Jesús Espino Committed by GitHub

MM-11707: Change the default setting for EDIT_OTHERS_POSTS (#9447)

* MM-11707: Removes edit_others_posts permission from the team_admin role in MakeDefaultRoles().

* MM-11707: Tests fix.

* MM-11707: Update test store.

* MM-11707: Allow to change the permission for edit the others posts on TE

* Fixing tests
parent 89cd752a
......@@ -587,6 +587,12 @@ func TestUpdatePost(t *testing.T) {
Client.Logout()
th.LoginTeamAdmin()
_, resp = Client.UpdatePost(rpost.Id, rpost)
CheckForbiddenStatus(t, resp)
Client.Logout()
_, resp = th.SystemAdminClient.UpdatePost(rpost.Id, rpost)
CheckNoError(t, resp)
}
......@@ -673,7 +679,7 @@ func TestPatchPost(t *testing.T) {
th.LoginTeamAdmin()
_, resp = Client.PatchPost(post.Id, patch)
CheckNoError(t, resp)
CheckForbiddenStatus(t, resp)
_, resp = th.SystemAdminClient.PatchPost(post.Id, patch)
CheckNoError(t, resp)
......@@ -1599,7 +1605,7 @@ func TestSearchPostsWithDateFlags(t *testing.T) {
posts, _ = Client.SearchPosts(th.BasicTeam.Id, "before:2018-08-03 after:2018-08-01", false)
if len(posts.Order) != 1 {
t.Fatalf("wrong number of posts returned %v", len(posts.Order))
}
}
}
func TestGetFileInfosForPost(t *testing.T) {
......
......@@ -104,6 +104,7 @@ func patchRole(c *Context, w http.ResponseWriter, r *http.Request) {
model.PERMISSION_MANAGE_OAUTH.Id,
model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
model.PERMISSION_MANAGE_EMOJIS.Id,
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
}
changedPermissions := model.PermissionsChangedByPatch(oldRole, patch)
......
......@@ -152,7 +152,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
model.PERMISSION_CREATE_POST_PUBLIC.Id,
},
"team_admin": []string{
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
model.PERMISSION_MANAGE_TEAM.Id,
model.PERMISSION_IMPORT_TEAM.Id,
......@@ -197,6 +196,7 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
model.PERMISSION_EDIT_OTHER_USERS.Id,
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_MANAGE_OAUTH.Id,
model.PERMISSION_INVITE_USER.Id,
model.PERMISSION_DELETE_POST.Id,
......@@ -222,7 +222,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
model.PERMISSION_GET_PUBLIC_LINK.Id,
model.PERMISSION_CREATE_POST.Id,
model.PERMISSION_USE_SLASH_COMMANDS.Id,
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
model.PERMISSION_MANAGE_TEAM.Id,
model.PERMISSION_IMPORT_TEAM.Id,
......@@ -315,7 +314,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
model.PERMISSION_CREATE_POST_PUBLIC.Id,
},
"team_admin": []string{
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
model.PERMISSION_MANAGE_TEAM.Id,
model.PERMISSION_IMPORT_TEAM.Id,
......@@ -362,6 +360,7 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
model.PERMISSION_EDIT_OTHER_USERS.Id,
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_MANAGE_OAUTH.Id,
model.PERMISSION_INVITE_USER.Id,
model.PERMISSION_DELETE_POST.Id,
......@@ -387,7 +386,6 @@ func TestDoAdvancedPermissionsMigration(t *testing.T) {
model.PERMISSION_GET_PUBLIC_LINK.Id,
model.PERMISSION_CREATE_POST.Id,
model.PERMISSION_USE_SLASH_COMMANDS.Id,
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
model.PERMISSION_MANAGE_TEAM.Id,
model.PERMISSION_IMPORT_TEAM.Id,
......@@ -496,6 +494,7 @@ func TestDoEmojisPermissionsMigration(t *testing.T) {
model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
model.PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
model.PERMISSION_EDIT_OTHER_USERS.Id,
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_MANAGE_OAUTH.Id,
model.PERMISSION_INVITE_USER.Id,
model.PERMISSION_DELETE_POST.Id,
......@@ -521,7 +520,6 @@ func TestDoEmojisPermissionsMigration(t *testing.T) {
model.PERMISSION_GET_PUBLIC_LINK.Id,
model.PERMISSION_CREATE_POST.Id,
model.PERMISSION_USE_SLASH_COMMANDS.Id,
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
model.PERMISSION_MANAGE_TEAM.Id,
model.PERMISSION_IMPORT_TEAM.Id,
......@@ -549,7 +547,6 @@ func TestDoEmojisPermissionsMigration(t *testing.T) {
role2, err2 := th.App.GetRoleByName(model.TEAM_ADMIN_ROLE_ID)
assert.Nil(t, err2)
expected2 := []string{
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_REMOVE_USER_FROM_TEAM.Id,
model.PERMISSION_MANAGE_TEAM.Id,
model.PERMISSION_IMPORT_TEAM.Id,
......
......@@ -243,7 +243,6 @@ func MakeDefaultRoles() map[string]*Role {
DisplayName: "authentication.roles.team_admin.name",
Description: "authentication.roles.team_admin.description",
Permissions: []string{
PERMISSION_EDIT_OTHERS_POSTS.Id,
PERMISSION_REMOVE_USER_FROM_TEAM.Id,
PERMISSION_MANAGE_TEAM.Id,
PERMISSION_IMPORT_TEAM.Id,
......@@ -332,6 +331,7 @@ func MakeDefaultRoles() map[string]*Role {
PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
PERMISSION_MANAGE_OTHERS_WEBHOOKS.Id,
PERMISSION_EDIT_OTHER_USERS.Id,
PERMISSION_EDIT_OTHERS_POSTS.Id,
PERMISSION_MANAGE_OAUTH.Id,
PERMISSION_INVITE_USER.Id,
PERMISSION_DELETE_POST.Id,
......
......@@ -28,7 +28,6 @@ func createDefaultRoles(t *testing.T, ss store.Store) {
Name: model.TEAM_ADMIN_ROLE_ID,
DisplayName: model.TEAM_ADMIN_ROLE_ID,
Permissions: []string{
model.PERMISSION_EDIT_OTHERS_POSTS.Id,
model.PERMISSION_DELETE_OTHERS_POSTS.Id,
},
})
......@@ -91,7 +90,7 @@ func testSchemeStoreSave(t *testing.T, ss store.Store) {
roleRes1 := <-ss.Role().GetByName(d1.DefaultTeamAdminRole)
assert.Nil(t, roleRes1.Err)
role1 := roleRes1.Data.(*model.Role)
assert.Equal(t, role1.Permissions, []string{"edit_others_posts", "delete_others_posts"})
assert.Equal(t, role1.Permissions, []string{"delete_others_posts"})
assert.True(t, role1.SchemeManaged)
roleRes2 := <-ss.Role().GetByName(d1.DefaultTeamUserRole)
......@@ -314,7 +313,7 @@ func testSchemeStoreDelete(t *testing.T, ss store.Store) {
roleRes1 := <-ss.Role().GetByName(d1.DefaultTeamAdminRole)
assert.Nil(t, roleRes1.Err)
role1 := roleRes1.Data.(*model.Role)
assert.Equal(t, role1.Permissions, []string{"edit_others_posts", "delete_others_posts"})
assert.Equal(t, role1.Permissions, []string{"delete_others_posts"})
assert.True(t, role1.SchemeManaged)
roleRes2 := <-ss.Role().GetByName(d1.DefaultTeamUserRole)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment