2021-05-21 07:02:43 +02:00
|
|
|
from datetime import timedelta
|
2023-06-28 00:33:20 +02:00
|
|
|
from typing import Iterable, Optional
|
2022-01-31 18:24:00 +01:00
|
|
|
from unittest import mock
|
2017-09-25 09:47:15 +02:00
|
|
|
|
2020-08-07 01:09:47 +02:00
|
|
|
import orjson
|
2023-11-28 19:16:58 +01:00
|
|
|
import time_machine
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
from django.db import transaction
|
2021-05-21 07:02:43 +02:00
|
|
|
from django.utils.timezone import now as timezone_now
|
2018-08-14 21:37:52 +02:00
|
|
|
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
from zerver.actions.create_realm import do_create_realm
|
2022-04-14 23:57:15 +02:00
|
|
|
from zerver.actions.realm_settings import do_set_realm_property
|
2023-07-19 16:46:23 +02:00
|
|
|
from zerver.actions.user_groups import (
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
add_subgroups_to_user_group,
|
2023-07-19 16:46:23 +02:00
|
|
|
check_add_user_group,
|
|
|
|
create_user_group_in_database,
|
|
|
|
promote_new_full_members,
|
|
|
|
)
|
2023-01-29 14:02:07 +01:00
|
|
|
from zerver.actions.users import do_deactivate_user
|
2023-07-19 16:46:23 +02:00
|
|
|
from zerver.lib.create_user import create_user
|
2023-01-29 14:02:07 +01:00
|
|
|
from zerver.lib.mention import silent_mention_syntax_for_user
|
2022-04-14 23:42:50 +02:00
|
|
|
from zerver.lib.streams import ensure_stream
|
2017-09-25 09:47:15 +02:00
|
|
|
from zerver.lib.test_classes import ZulipTestCase
|
2020-06-11 00:54:34 +02:00
|
|
|
from zerver.lib.test_helpers import most_recent_usermessage
|
2017-09-25 09:47:15 +02:00
|
|
|
from zerver.lib.user_groups import (
|
2021-10-09 19:53:03 +02:00
|
|
|
get_direct_user_groups,
|
2021-09-29 02:46:57 +02:00
|
|
|
get_recursive_group_members,
|
|
|
|
get_recursive_membership_groups,
|
|
|
|
get_recursive_subgroups,
|
2023-06-28 00:38:48 +02:00
|
|
|
get_subgroup_ids,
|
2023-06-28 00:33:20 +02:00
|
|
|
get_user_group_member_ids,
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
has_user_group_access,
|
2022-03-28 15:55:51 +02:00
|
|
|
is_user_in_group,
|
2017-11-07 07:56:26 +01:00
|
|
|
user_groups_in_realm_serialized,
|
2017-09-25 09:47:15 +02:00
|
|
|
)
|
2021-09-29 02:46:57 +02:00
|
|
|
from zerver.models import (
|
|
|
|
GroupGroupMembership,
|
|
|
|
Realm,
|
2023-09-21 13:06:39 +02:00
|
|
|
SystemGroups,
|
2021-09-29 02:46:57 +02:00
|
|
|
UserGroup,
|
|
|
|
UserGroupMembership,
|
|
|
|
UserProfile,
|
|
|
|
get_realm,
|
|
|
|
)
|
2020-06-11 00:54:34 +02:00
|
|
|
|
2017-09-25 09:47:15 +02:00
|
|
|
|
|
|
|
class UserGroupTestCase(ZulipTestCase):
|
2023-06-28 00:33:20 +02:00
|
|
|
def assert_user_membership(self, user_group: UserGroup, members: Iterable[UserProfile]) -> None:
|
|
|
|
user_ids = get_user_group_member_ids(user_group, direct_member_only=True)
|
|
|
|
self.assertSetEqual(set(user_ids), {member.id for member in members})
|
|
|
|
|
2023-06-28 00:38:48 +02:00
|
|
|
def assert_subgroup_membership(
|
|
|
|
self, user_group: UserGroup, members: Iterable[UserGroup]
|
|
|
|
) -> None:
|
|
|
|
subgroup_ids = get_subgroup_ids(user_group, direct_subgroup_only=True)
|
|
|
|
self.assertSetEqual(set(subgroup_ids), {member.id for member in members})
|
|
|
|
|
2023-10-17 00:08:06 +02:00
|
|
|
def create_user_group_for_test(self, group_name: str) -> UserGroup:
|
2021-02-12 08:20:45 +01:00
|
|
|
members = [self.example_user("othello")]
|
2023-10-17 00:08:06 +02:00
|
|
|
return check_add_user_group(get_realm("zulip"), group_name, members, acting_user=None)
|
2017-09-25 09:47:15 +02:00
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_user_groups_in_realm_serialized(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
realm = get_realm("zulip")
|
2022-06-28 19:04:17 +02:00
|
|
|
user_group = UserGroup.objects.filter(realm=realm).first()
|
2021-07-24 16:56:39 +02:00
|
|
|
assert user_group is not None
|
2022-12-14 06:45:55 +01:00
|
|
|
empty_user_group = check_add_user_group(realm, "newgroup", [], acting_user=None)
|
2017-11-30 01:09:23 +01:00
|
|
|
|
2017-11-13 07:49:01 +01:00
|
|
|
user_groups = user_groups_in_realm_serialized(realm)
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assert_length(user_groups, 10)
|
2021-02-12 08:20:45 +01:00
|
|
|
self.assertEqual(user_groups[0]["id"], user_group.id)
|
2023-09-21 13:06:39 +02:00
|
|
|
self.assertEqual(user_groups[0]["name"], SystemGroups.NOBODY)
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assertEqual(user_groups[0]["description"], "Nobody")
|
|
|
|
self.assertEqual(user_groups[0]["members"], [])
|
2022-05-16 17:02:44 +02:00
|
|
|
self.assertEqual(user_groups[0]["direct_subgroup_ids"], [])
|
2022-02-28 11:50:33 +01:00
|
|
|
|
2023-09-21 13:06:39 +02:00
|
|
|
owners_system_group = UserGroup.objects.get(name=SystemGroups.OWNERS, realm=realm)
|
2023-03-27 05:28:12 +02:00
|
|
|
membership = UserGroupMembership.objects.filter(user_group=owners_system_group).values_list(
|
|
|
|
"user_profile_id", flat=True
|
|
|
|
)
|
|
|
|
self.assertEqual(user_groups[1]["id"], owners_system_group.id)
|
2023-09-21 13:06:39 +02:00
|
|
|
self.assertEqual(user_groups[1]["name"], SystemGroups.OWNERS)
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assertEqual(user_groups[1]["description"], "Owners of this organization")
|
|
|
|
self.assertEqual(set(user_groups[1]["members"]), set(membership))
|
|
|
|
self.assertEqual(user_groups[1]["direct_subgroup_ids"], [])
|
|
|
|
|
2023-09-21 13:06:39 +02:00
|
|
|
admins_system_group = UserGroup.objects.get(name=SystemGroups.ADMINISTRATORS, realm=realm)
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assertEqual(user_groups[2]["id"], admins_system_group.id)
|
2022-05-16 17:02:44 +02:00
|
|
|
# Check that owners system group is present in "direct_subgroup_ids"
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assertEqual(user_groups[2]["direct_subgroup_ids"], [owners_system_group.id])
|
2017-11-07 07:56:26 +01:00
|
|
|
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assertEqual(user_groups[9]["id"], empty_user_group.id)
|
|
|
|
self.assertEqual(user_groups[9]["name"], "newgroup")
|
|
|
|
self.assertEqual(user_groups[9]["description"], "")
|
|
|
|
self.assertEqual(user_groups[9]["members"], [])
|
2017-11-30 01:09:23 +01:00
|
|
|
|
2021-10-09 19:53:03 +02:00
|
|
|
def test_get_direct_user_groups(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
othello = self.example_user("othello")
|
|
|
|
self.create_user_group_for_test("support")
|
2021-10-09 19:53:03 +02:00
|
|
|
user_groups = get_direct_user_groups(othello)
|
2021-08-12 12:15:06 +02:00
|
|
|
self.assert_length(user_groups, 3)
|
|
|
|
# othello is a direct member of two role-based system groups also.
|
|
|
|
user_group_names = [group.name for group in user_groups]
|
2022-08-06 10:04:44 +02:00
|
|
|
self.assertEqual(
|
2022-08-10 12:41:41 +02:00
|
|
|
set(user_group_names),
|
2023-09-21 13:06:39 +02:00
|
|
|
{"support", SystemGroups.MEMBERS, SystemGroups.FULL_MEMBERS},
|
2022-08-06 10:04:44 +02:00
|
|
|
)
|
2017-09-25 09:47:15 +02:00
|
|
|
|
2021-09-29 02:46:57 +02:00
|
|
|
def test_recursive_queries_for_user_groups(self) -> None:
|
|
|
|
realm = get_realm("zulip")
|
|
|
|
iago = self.example_user("iago")
|
|
|
|
desdemona = self.example_user("desdemona")
|
|
|
|
shiva = self.example_user("shiva")
|
|
|
|
|
2023-06-12 13:12:04 +02:00
|
|
|
leadership_group = check_add_user_group(realm, "Leadership", [desdemona], acting_user=None)
|
2021-09-29 02:46:57 +02:00
|
|
|
|
2023-06-12 13:12:04 +02:00
|
|
|
staff_group = check_add_user_group(realm, "Staff", [iago], acting_user=None)
|
2021-09-29 02:46:57 +02:00
|
|
|
GroupGroupMembership.objects.create(supergroup=staff_group, subgroup=leadership_group)
|
|
|
|
|
2023-06-12 13:12:04 +02:00
|
|
|
everyone_group = check_add_user_group(realm, "Everyone", [shiva], acting_user=None)
|
2021-09-29 02:46:57 +02:00
|
|
|
GroupGroupMembership.objects.create(supergroup=everyone_group, subgroup=staff_group)
|
|
|
|
|
|
|
|
self.assertCountEqual(list(get_recursive_subgroups(leadership_group)), [leadership_group])
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_subgroups(staff_group)), [leadership_group, staff_group]
|
|
|
|
)
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_subgroups(everyone_group)),
|
|
|
|
[leadership_group, staff_group, everyone_group],
|
|
|
|
)
|
|
|
|
|
|
|
|
self.assertCountEqual(list(get_recursive_group_members(leadership_group)), [desdemona])
|
|
|
|
self.assertCountEqual(list(get_recursive_group_members(staff_group)), [desdemona, iago])
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_group_members(everyone_group)), [desdemona, iago, shiva]
|
|
|
|
)
|
|
|
|
|
2023-09-12 23:19:57 +02:00
|
|
|
self.assertIn(leadership_group, get_recursive_membership_groups(desdemona))
|
|
|
|
self.assertIn(staff_group, get_recursive_membership_groups(desdemona))
|
|
|
|
self.assertIn(everyone_group, get_recursive_membership_groups(desdemona))
|
2021-08-12 12:15:06 +02:00
|
|
|
|
2023-09-12 23:19:57 +02:00
|
|
|
self.assertIn(staff_group, get_recursive_membership_groups(iago))
|
|
|
|
self.assertIn(everyone_group, get_recursive_membership_groups(iago))
|
2021-08-12 12:15:06 +02:00
|
|
|
|
2023-09-12 23:19:57 +02:00
|
|
|
self.assertIn(everyone_group, get_recursive_membership_groups(shiva))
|
2021-09-29 02:46:57 +02:00
|
|
|
|
2021-08-11 15:10:17 +02:00
|
|
|
def test_subgroups_of_role_based_system_groups(self) -> None:
|
|
|
|
realm = get_realm("zulip")
|
2022-08-10 11:43:28 +02:00
|
|
|
owners_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=realm, name=SystemGroups.OWNERS, is_system_group=True
|
2022-08-10 11:43:28 +02:00
|
|
|
)
|
2021-08-11 15:10:17 +02:00
|
|
|
admins_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=realm, name=SystemGroups.ADMINISTRATORS, is_system_group=True
|
2021-08-11 15:10:17 +02:00
|
|
|
)
|
|
|
|
moderators_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=realm, name=SystemGroups.MODERATORS, is_system_group=True
|
2021-08-11 15:10:17 +02:00
|
|
|
)
|
|
|
|
full_members_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=realm, name=SystemGroups.FULL_MEMBERS, is_system_group=True
|
2021-08-11 15:10:17 +02:00
|
|
|
)
|
|
|
|
members_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=realm, name=SystemGroups.MEMBERS, is_system_group=True
|
2021-08-11 15:10:17 +02:00
|
|
|
)
|
|
|
|
everyone_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=realm, name=SystemGroups.EVERYONE, is_system_group=True
|
2021-08-11 15:10:17 +02:00
|
|
|
)
|
|
|
|
everyone_on_internet_group = UserGroup.objects.get(
|
2022-08-06 12:57:58 +02:00
|
|
|
realm=realm,
|
2023-09-21 13:06:39 +02:00
|
|
|
name=SystemGroups.EVERYONE_ON_INTERNET,
|
2022-08-06 12:57:58 +02:00
|
|
|
is_system_group=True,
|
2021-08-11 15:10:17 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
self.assertCountEqual(list(get_recursive_subgroups(owners_group)), [owners_group])
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_subgroups(admins_group)), [owners_group, admins_group]
|
|
|
|
)
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_subgroups(moderators_group)),
|
|
|
|
[owners_group, admins_group, moderators_group],
|
|
|
|
)
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_subgroups(full_members_group)),
|
|
|
|
[owners_group, admins_group, moderators_group, full_members_group],
|
|
|
|
)
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_subgroups(members_group)),
|
|
|
|
[owners_group, admins_group, moderators_group, full_members_group, members_group],
|
|
|
|
)
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_subgroups(everyone_group)),
|
|
|
|
[
|
|
|
|
owners_group,
|
|
|
|
admins_group,
|
|
|
|
moderators_group,
|
|
|
|
full_members_group,
|
|
|
|
members_group,
|
|
|
|
everyone_group,
|
|
|
|
],
|
|
|
|
)
|
|
|
|
self.assertCountEqual(
|
|
|
|
list(get_recursive_subgroups(everyone_on_internet_group)),
|
|
|
|
[
|
|
|
|
owners_group,
|
|
|
|
admins_group,
|
|
|
|
moderators_group,
|
|
|
|
full_members_group,
|
|
|
|
members_group,
|
|
|
|
everyone_group,
|
|
|
|
everyone_on_internet_group,
|
|
|
|
],
|
|
|
|
)
|
|
|
|
|
2022-03-28 15:55:51 +02:00
|
|
|
def test_is_user_in_group(self) -> None:
|
|
|
|
realm = get_realm("zulip")
|
|
|
|
shiva = self.example_user("shiva")
|
|
|
|
iago = self.example_user("iago")
|
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
|
|
|
|
moderators_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
name=SystemGroups.MODERATORS, realm=realm, is_system_group=True
|
2022-03-28 15:55:51 +02:00
|
|
|
)
|
|
|
|
administrators_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
name=SystemGroups.ADMINISTRATORS, realm=realm, is_system_group=True
|
2022-03-28 15:55:51 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
self.assertTrue(is_user_in_group(moderators_group, shiva))
|
|
|
|
|
|
|
|
# Iago is member of a subgroup of moderators group.
|
|
|
|
self.assertTrue(is_user_in_group(moderators_group, iago))
|
|
|
|
self.assertFalse(is_user_in_group(moderators_group, iago, direct_member_only=True))
|
|
|
|
self.assertTrue(is_user_in_group(administrators_group, iago, direct_member_only=True))
|
|
|
|
|
|
|
|
self.assertFalse(is_user_in_group(moderators_group, hamlet))
|
|
|
|
self.assertFalse(is_user_in_group(moderators_group, hamlet, direct_member_only=True))
|
|
|
|
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
def test_has_user_group_access_to_subgroup(self) -> None:
|
|
|
|
iago = self.example_user("iago")
|
|
|
|
zulip_realm = get_realm("zulip")
|
|
|
|
zulip_group = check_add_user_group(zulip_realm, "zulip", [], acting_user=None)
|
|
|
|
moderators_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
name=SystemGroups.MODERATORS, realm=zulip_realm, is_system_group=True
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
lear_realm = get_realm("lear")
|
|
|
|
lear_group = check_add_user_group(lear_realm, "test", [], acting_user=None)
|
|
|
|
|
|
|
|
self.assertFalse(has_user_group_access(lear_group, iago, for_read=False, as_subgroup=True))
|
|
|
|
self.assertTrue(has_user_group_access(zulip_group, iago, for_read=False, as_subgroup=True))
|
|
|
|
self.assertTrue(
|
|
|
|
has_user_group_access(moderators_group, iago, for_read=False, as_subgroup=True)
|
|
|
|
)
|
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
class UserGroupAPITestCase(UserGroupTestCase):
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_user_group_create(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
hamlet = self.example_user("hamlet")
|
2017-11-01 10:04:16 +01:00
|
|
|
|
|
|
|
# Test success
|
2021-02-12 08:20:45 +01:00
|
|
|
self.login("hamlet")
|
2017-11-01 10:04:16 +01:00
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": "support",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Support team",
|
2017-11-01 10:04:16 +01:00
|
|
|
}
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
2017-11-01 10:04:16 +01:00
|
|
|
self.assert_json_success(result)
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
2017-11-01 10:04:16 +01:00
|
|
|
|
2023-06-12 13:27:47 +02:00
|
|
|
# Check default value of can_mention_group setting.
|
|
|
|
everyone_system_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:everyone", realm=hamlet.realm, is_system_group=True
|
2023-06-12 13:27:47 +02:00
|
|
|
)
|
|
|
|
support_group = UserGroup.objects.get(name="support", realm=hamlet.realm)
|
|
|
|
self.assertEqual(support_group.can_mention_group, everyone_system_group)
|
|
|
|
|
2017-11-01 10:04:16 +01:00
|
|
|
# Test invalid member error
|
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": "backend",
|
|
|
|
"members": orjson.dumps([1111]).decode(),
|
|
|
|
"description": "Backend team",
|
2017-11-01 10:04:16 +01:00
|
|
|
}
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
2017-11-01 10:04:16 +01:00
|
|
|
self.assert_json_error(result, "Invalid user ID: 1111")
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
2017-11-01 10:04:16 +01:00
|
|
|
|
2021-08-14 14:12:15 +02:00
|
|
|
# Test we cannot create group with same name again
|
2017-11-01 10:04:16 +01:00
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": "support",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Support team",
|
2017-11-01 10:04:16 +01:00
|
|
|
}
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
2017-11-01 10:04:16 +01:00
|
|
|
self.assert_json_error(result, "User group 'support' already exists.")
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
2017-11-02 07:53:08 +01:00
|
|
|
|
2023-07-03 08:01:01 +02:00
|
|
|
# Test we cannot create group with same name again
|
|
|
|
params = {
|
|
|
|
"name": "a" * (UserGroup.MAX_NAME_LENGTH + 1),
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Test group",
|
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot exceed 100 characters.")
|
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
|
|
|
|
2023-09-20 11:46:52 +02:00
|
|
|
# Test emtpty group name.
|
|
|
|
params = {
|
|
|
|
"name": "",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Test empty group",
|
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(result, "User group name can't be empty!")
|
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
|
|
|
|
2023-07-03 08:20:48 +02:00
|
|
|
# Test invalid prefixes for user group name.
|
|
|
|
params = {
|
|
|
|
"name": "@test",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Test group",
|
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with '@'.")
|
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
|
|
|
|
|
|
|
params["name"] = "role:manager"
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with 'role:'.")
|
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
|
|
|
|
|
|
|
params["name"] = "user:1"
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with 'user:'.")
|
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
|
|
|
|
|
|
|
params["name"] = "stream:1"
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with 'stream:'.")
|
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
|
|
|
|
|
|
|
params["name"] = "channel:1"
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with 'channel:'.")
|
|
|
|
self.assert_length(UserGroup.objects.filter(realm=hamlet.realm), 10)
|
|
|
|
|
2023-06-14 16:48:58 +02:00
|
|
|
def test_can_mention_group_setting_during_user_group_creation(self) -> None:
|
|
|
|
self.login("hamlet")
|
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
leadership_group = check_add_user_group(
|
|
|
|
hamlet.realm, "leadership", [hamlet], acting_user=None
|
|
|
|
)
|
|
|
|
moderators_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:moderators", realm=hamlet.realm, is_system_group=True
|
2023-06-14 16:48:58 +02:00
|
|
|
)
|
|
|
|
params = {
|
|
|
|
"name": "support",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Support team",
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(moderators_group.id).decode(),
|
2023-06-14 16:48:58 +02:00
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_success(result)
|
|
|
|
support_group = UserGroup.objects.get(name="support", realm=hamlet.realm)
|
|
|
|
self.assertEqual(support_group.can_mention_group, moderators_group)
|
|
|
|
|
|
|
|
params = {
|
|
|
|
"name": "test",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Test group",
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(leadership_group.id).decode(),
|
2023-06-14 16:48:58 +02:00
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_success(result)
|
|
|
|
test_group = UserGroup.objects.get(name="test", realm=hamlet.realm)
|
|
|
|
self.assertEqual(test_group.can_mention_group, leadership_group)
|
|
|
|
|
|
|
|
nobody_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:nobody", realm=hamlet.realm, is_system_group=True
|
2023-06-14 16:48:58 +02:00
|
|
|
)
|
|
|
|
params = {
|
|
|
|
"name": "marketing",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Marketing team",
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(nobody_group.id).decode(),
|
2023-06-14 16:48:58 +02:00
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_success(result)
|
|
|
|
marketing_group = UserGroup.objects.get(name="marketing", realm=hamlet.realm)
|
|
|
|
self.assertEqual(marketing_group.can_mention_group, nobody_group)
|
|
|
|
|
|
|
|
internet_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:internet", realm=hamlet.realm, is_system_group=True
|
2023-06-14 16:48:58 +02:00
|
|
|
)
|
|
|
|
params = {
|
|
|
|
"name": "frontend",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Frontend team",
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(internet_group.id).decode(),
|
2023-06-14 16:48:58 +02:00
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(
|
2023-07-03 09:18:44 +02:00
|
|
|
result, "'can_mention_group' setting cannot be set to 'role:internet' group."
|
2023-06-14 16:48:58 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
owners_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:owners", realm=hamlet.realm, is_system_group=True
|
2023-06-14 16:48:58 +02:00
|
|
|
)
|
|
|
|
params = {
|
|
|
|
"name": "frontend",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Frontend team",
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(owners_group.id).decode(),
|
2023-06-14 16:48:58 +02:00
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(
|
2023-07-03 09:18:44 +02:00
|
|
|
result, "'can_mention_group' setting cannot be set to 'role:owners' group."
|
2023-06-14 16:48:58 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
params = {
|
|
|
|
"name": "frontend",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Frontend team",
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(1111).decode(),
|
2023-06-14 16:48:58 +02:00
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2018-08-16 02:44:51 +02:00
|
|
|
def test_user_group_get(self) -> None:
|
|
|
|
# Test success
|
2021-02-12 08:20:45 +01:00
|
|
|
user_profile = self.example_user("hamlet")
|
2020-03-06 18:40:46 +01:00
|
|
|
self.login_user(user_profile)
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_get("/json/user_groups")
|
2022-06-07 01:37:01 +02:00
|
|
|
response_dict = self.assert_json_success(result)
|
2021-02-12 08:19:30 +01:00
|
|
|
self.assert_length(
|
2022-06-07 01:37:01 +02:00
|
|
|
response_dict["user_groups"], UserGroup.objects.filter(realm=user_profile.realm).count()
|
2021-02-12 08:19:30 +01:00
|
|
|
)
|
2018-08-16 02:44:51 +02:00
|
|
|
|
2021-05-21 07:06:03 +02:00
|
|
|
def test_can_edit_user_groups(self) -> None:
|
|
|
|
def validation_func(user_profile: UserProfile) -> bool:
|
|
|
|
return user_profile.can_edit_user_groups()
|
|
|
|
|
|
|
|
self.check_has_permission_policies("user_group_edit_policy", validation_func)
|
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_user_group_update(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
self.login("hamlet")
|
2017-11-02 07:53:08 +01:00
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": "support",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Support team",
|
2017-11-02 07:53:08 +01:00
|
|
|
}
|
2021-02-12 08:20:45 +01:00
|
|
|
self.client_post("/json/user_groups/create", info=params)
|
|
|
|
user_group = UserGroup.objects.get(name="support")
|
2017-11-02 07:53:08 +01:00
|
|
|
# Test success
|
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": "help",
|
|
|
|
"description": "Troubleshooting team",
|
2017-11-02 07:53:08 +01:00
|
|
|
}
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
2017-11-02 07:53:08 +01:00
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:40:09 +02:00
|
|
|
user_group = UserGroup.objects.get(id=user_group.id)
|
|
|
|
self.assertEqual(user_group.name, "help")
|
|
|
|
self.assertEqual(user_group.description, "Troubleshooting team")
|
2017-11-02 07:53:08 +01:00
|
|
|
|
|
|
|
# Test when new data is not supplied.
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info={})
|
2017-11-02 07:53:08 +01:00
|
|
|
self.assert_json_error(result, "No new data supplied")
|
|
|
|
|
2023-02-26 16:47:58 +01:00
|
|
|
# Test when only one of name or description is supplied.
|
|
|
|
params = {"name": "help team"}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:40:09 +02:00
|
|
|
user_group = UserGroup.objects.get(id=user_group.id)
|
|
|
|
self.assertEqual(user_group.name, "help team")
|
|
|
|
self.assertEqual(user_group.description, "Troubleshooting team")
|
2023-02-26 16:47:58 +01:00
|
|
|
|
2017-11-02 07:53:08 +01:00
|
|
|
# Test when invalid user group is supplied
|
2021-02-12 08:20:45 +01:00
|
|
|
params = {"name": "help"}
|
|
|
|
result = self.client_patch("/json/user_groups/1111", info=params)
|
2017-11-02 07:53:08 +01:00
|
|
|
self.assert_json_error(result, "Invalid user group")
|
2017-11-02 08:15:14 +01:00
|
|
|
|
2022-04-26 20:44:37 +02:00
|
|
|
lear_realm = get_realm("lear")
|
2022-12-14 06:45:55 +01:00
|
|
|
lear_test_group = check_add_user_group(
|
|
|
|
lear_realm, "test", [self.lear_user("cordelia")], acting_user=None
|
2022-11-21 03:37:11 +01:00
|
|
|
)
|
2022-04-26 20:44:37 +02:00
|
|
|
result = self.client_patch(f"/json/user_groups/{lear_test_group.id}", info=params)
|
2023-06-15 05:24:23 +02:00
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2023-07-03 08:01:01 +02:00
|
|
|
params = {"name": "a" * (UserGroup.MAX_NAME_LENGTH + 1)}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot exceed 100 characters.")
|
|
|
|
|
2023-09-20 11:46:52 +02:00
|
|
|
# Test emtpty group name.
|
|
|
|
params = {"name": ""}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_error(result, "User group name can't be empty!")
|
|
|
|
|
2023-07-03 08:20:48 +02:00
|
|
|
# Test invalid prefixes for user group name.
|
|
|
|
params = {"name": "@test"}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with '@'.")
|
|
|
|
|
|
|
|
params = {"name": "role:manager"}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with 'role:'.")
|
|
|
|
|
|
|
|
params = {"name": "user:1"}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with 'user:'.")
|
|
|
|
|
|
|
|
params = {"name": "stream:1"}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with 'stream:'.")
|
|
|
|
|
|
|
|
params = {"name": "channel:1"}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_error(result, "User group name cannot start with 'channel:'.")
|
|
|
|
|
2023-06-15 05:24:23 +02:00
|
|
|
def test_update_can_mention_group_setting(self) -> None:
|
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
support_group = check_add_user_group(hamlet.realm, "support", [hamlet], acting_user=None)
|
|
|
|
marketing_group = check_add_user_group(
|
|
|
|
hamlet.realm, "marketing", [hamlet], acting_user=None
|
|
|
|
)
|
|
|
|
|
|
|
|
moderators_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:moderators", realm=hamlet.realm, is_system_group=True
|
2023-06-15 05:24:23 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
self.login("hamlet")
|
|
|
|
params = {
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(moderators_group.id).decode(),
|
2023-06-15 05:24:23 +02:00
|
|
|
}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{support_group.id}", info=params)
|
|
|
|
self.assert_json_success(result)
|
|
|
|
support_group = UserGroup.objects.get(name="support", realm=hamlet.realm)
|
|
|
|
self.assertEqual(support_group.can_mention_group, moderators_group)
|
|
|
|
|
|
|
|
params = {
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(marketing_group.id).decode(),
|
2023-06-15 05:24:23 +02:00
|
|
|
}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{support_group.id}", info=params)
|
|
|
|
self.assert_json_success(result)
|
|
|
|
support_group = UserGroup.objects.get(name="support", realm=hamlet.realm)
|
|
|
|
self.assertEqual(support_group.can_mention_group, marketing_group)
|
|
|
|
|
|
|
|
nobody_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:nobody", realm=hamlet.realm, is_system_group=True
|
2023-06-15 05:24:23 +02:00
|
|
|
)
|
|
|
|
params = {
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(nobody_group.id).decode(),
|
2023-06-15 05:24:23 +02:00
|
|
|
}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{support_group.id}", info=params)
|
|
|
|
self.assert_json_success(result)
|
|
|
|
support_group = UserGroup.objects.get(name="support", realm=hamlet.realm)
|
|
|
|
self.assertEqual(support_group.can_mention_group, nobody_group)
|
|
|
|
|
|
|
|
owners_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:owners", realm=hamlet.realm, is_system_group=True
|
2023-06-15 05:24:23 +02:00
|
|
|
)
|
|
|
|
params = {
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(owners_group.id).decode(),
|
2023-06-15 05:24:23 +02:00
|
|
|
}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{support_group.id}", info=params)
|
|
|
|
self.assert_json_error(
|
2023-07-03 09:18:44 +02:00
|
|
|
result, "'can_mention_group' setting cannot be set to 'role:owners' group."
|
2023-06-15 05:24:23 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
internet_group = UserGroup.objects.get(
|
2023-07-03 09:18:44 +02:00
|
|
|
name="role:internet", realm=hamlet.realm, is_system_group=True
|
2023-06-15 05:24:23 +02:00
|
|
|
)
|
|
|
|
params = {
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(internet_group.id).decode(),
|
2023-06-15 05:24:23 +02:00
|
|
|
}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{support_group.id}", info=params)
|
|
|
|
self.assert_json_error(
|
2023-07-03 09:18:44 +02:00
|
|
|
result, "'can_mention_group' setting cannot be set to 'role:internet' group."
|
2023-06-15 05:24:23 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
params = {
|
2023-07-14 06:50:33 +02:00
|
|
|
"can_mention_group": orjson.dumps(1111).decode(),
|
2023-06-15 05:24:23 +02:00
|
|
|
}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{support_group.id}", info=params)
|
2022-04-26 20:44:37 +02:00
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2018-08-08 16:10:59 +02:00
|
|
|
def test_user_group_update_to_already_existing_name(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
hamlet = self.example_user("hamlet")
|
2020-03-06 18:40:46 +01:00
|
|
|
self.login_user(hamlet)
|
2021-02-12 08:20:45 +01:00
|
|
|
realm = get_realm("zulip")
|
2022-12-14 06:45:55 +01:00
|
|
|
support_user_group = check_add_user_group(realm, "support", [hamlet], acting_user=None)
|
|
|
|
marketing_user_group = check_add_user_group(realm, "marketing", [hamlet], acting_user=None)
|
2018-08-08 16:10:59 +02:00
|
|
|
|
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": marketing_user_group.name,
|
2018-08-08 16:10:59 +02:00
|
|
|
}
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_patch(f"/json/user_groups/{support_user_group.id}", info=params)
|
2021-02-12 08:19:30 +01:00
|
|
|
self.assert_json_error(result, f"User group '{marketing_user_group.name}' already exists.")
|
2018-08-08 16:10:59 +02:00
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_user_group_delete(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
self.login("hamlet")
|
2017-11-02 08:15:14 +01:00
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": "support",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Support team",
|
2017-11-02 08:15:14 +01:00
|
|
|
}
|
2021-02-12 08:20:45 +01:00
|
|
|
self.client_post("/json/user_groups/create", info=params)
|
|
|
|
user_group = UserGroup.objects.get(name="support")
|
2017-11-02 08:15:14 +01:00
|
|
|
# Test success
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assertEqual(UserGroup.objects.filter(realm=hamlet.realm).count(), 10)
|
2023-04-11 19:51:14 +02:00
|
|
|
self.assertEqual(UserGroupMembership.objects.count(), 45)
|
2023-06-28 00:40:09 +02:00
|
|
|
self.assertTrue(UserGroup.objects.filter(id=user_group.id).exists())
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_delete(f"/json/user_groups/{user_group.id}")
|
2017-11-02 08:15:14 +01:00
|
|
|
self.assert_json_success(result)
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assertEqual(UserGroup.objects.filter(realm=hamlet.realm).count(), 9)
|
2023-04-11 19:51:14 +02:00
|
|
|
self.assertEqual(UserGroupMembership.objects.count(), 44)
|
2023-06-28 00:40:09 +02:00
|
|
|
self.assertFalse(UserGroup.objects.filter(id=user_group.id).exists())
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
# Test when invalid user group is supplied; transaction needed for
|
|
|
|
# error handling
|
|
|
|
with transaction.atomic():
|
|
|
|
result = self.client_delete("/json/user_groups/1111")
|
2017-11-02 08:15:14 +01:00
|
|
|
self.assert_json_error(result, "Invalid user group")
|
2017-11-02 08:53:30 +01:00
|
|
|
|
2022-04-26 20:44:37 +02:00
|
|
|
lear_realm = get_realm("lear")
|
2022-12-14 06:45:55 +01:00
|
|
|
lear_test_group = check_add_user_group(
|
|
|
|
lear_realm, "test", [self.lear_user("cordelia")], acting_user=None
|
2022-11-21 03:37:11 +01:00
|
|
|
)
|
2022-04-26 20:44:37 +02:00
|
|
|
result = self.client_delete(f"/json/user_groups/{lear_test_group.id}")
|
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2023-07-19 16:46:23 +02:00
|
|
|
def test_query_counts(self) -> None:
|
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
cordelia = self.example_user("cordelia")
|
|
|
|
realm = hamlet.realm
|
|
|
|
self.login_user(hamlet)
|
|
|
|
|
|
|
|
original_users = [
|
|
|
|
create_user(
|
|
|
|
email=f"original_user{i}@zulip.com",
|
|
|
|
password=None,
|
|
|
|
realm=realm,
|
|
|
|
full_name="full_name",
|
|
|
|
)
|
|
|
|
for i in range(50)
|
|
|
|
]
|
|
|
|
|
|
|
|
with self.assert_database_query_count(4):
|
|
|
|
user_group = create_user_group_in_database(
|
|
|
|
name="support",
|
|
|
|
members=[hamlet, cordelia, *original_users],
|
|
|
|
realm=realm,
|
|
|
|
acting_user=hamlet,
|
|
|
|
)
|
|
|
|
|
|
|
|
self.assert_user_membership(user_group, [hamlet, cordelia, *original_users])
|
|
|
|
|
|
|
|
new_users = [
|
|
|
|
create_user(
|
|
|
|
email=f"new_user{i}@zulip.com",
|
|
|
|
password=None,
|
|
|
|
realm=realm,
|
|
|
|
full_name="full_name",
|
|
|
|
)
|
|
|
|
for i in range(50)
|
|
|
|
]
|
|
|
|
|
|
|
|
new_user_ids = [user.id for user in new_users]
|
|
|
|
|
|
|
|
munge = lambda obj: orjson.dumps(obj).decode()
|
|
|
|
params = dict(add=munge(new_user_ids))
|
|
|
|
|
|
|
|
with mock.patch("zerver.views.user_groups.notify_for_user_group_subscription_changes"):
|
|
|
|
with self.assert_database_query_count(11):
|
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
|
|
|
self.assert_json_success(result)
|
|
|
|
|
|
|
|
with self.assert_database_query_count(1):
|
|
|
|
all_user_ids = get_user_group_member_ids(user_group, direct_member_only=True)
|
|
|
|
|
|
|
|
self.assert_length(all_user_ids, 102)
|
|
|
|
self.assert_user_membership(user_group, [hamlet, cordelia, *new_users, *original_users])
|
|
|
|
|
2017-11-05 10:51:25 +01:00
|
|
|
def test_update_members_of_user_group(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
self.login("hamlet")
|
2017-11-02 08:53:30 +01:00
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": "support",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Support team",
|
2017-11-02 08:53:30 +01:00
|
|
|
}
|
2021-02-12 08:20:45 +01:00
|
|
|
self.client_post("/json/user_groups/create", info=params)
|
|
|
|
user_group = UserGroup.objects.get(name="support")
|
2017-11-02 08:53:30 +01:00
|
|
|
# Test add members
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [hamlet])
|
2018-02-19 13:38:18 +01:00
|
|
|
|
2021-02-12 08:20:45 +01:00
|
|
|
othello = self.example_user("othello")
|
2023-01-29 14:02:07 +01:00
|
|
|
# A bot
|
|
|
|
webhook_bot = self.example_user("webhook_bot")
|
|
|
|
# A deactivated user
|
|
|
|
iago = self.example_user("iago")
|
|
|
|
do_deactivate_user(iago, acting_user=None)
|
|
|
|
|
|
|
|
params = {"add": orjson.dumps([othello.id]).decode()}
|
|
|
|
initial_last_message = self.get_last_message()
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
2017-11-02 08:53:30 +01:00
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [hamlet, othello])
|
2017-11-02 08:53:30 +01:00
|
|
|
|
2023-01-29 14:02:07 +01:00
|
|
|
# A notification message is sent for adding to user group.
|
|
|
|
self.assertNotEqual(self.get_last_message(), initial_last_message)
|
|
|
|
expected_notification = (
|
|
|
|
f"{silent_mention_syntax_for_user(hamlet)} added you to the group @_*support*."
|
|
|
|
)
|
|
|
|
self.assertEqual(self.get_last_message().content, expected_notification)
|
|
|
|
|
2017-11-02 08:53:30 +01:00
|
|
|
# Test adding a member already there.
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
2020-06-09 00:25:09 +02:00
|
|
|
self.assert_json_error(result, f"User {othello.id} is already a member of this group")
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [hamlet, othello])
|
2017-11-02 08:53:30 +01:00
|
|
|
|
2023-06-28 00:32:16 +02:00
|
|
|
# Test user adding itself, bot and deactivated user to user group.
|
2023-01-29 14:02:07 +01:00
|
|
|
desdemona = self.example_user("desdemona")
|
|
|
|
self.login_user(desdemona)
|
|
|
|
|
|
|
|
params = {"add": orjson.dumps([desdemona.id, iago.id, webhook_bot.id]).decode()}
|
|
|
|
initial_last_message = self.get_last_message()
|
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [hamlet, othello, desdemona, iago, webhook_bot])
|
2023-01-29 14:02:07 +01:00
|
|
|
|
|
|
|
# No notification message is sent for adding to user group.
|
|
|
|
self.assertEqual(self.get_last_message(), initial_last_message)
|
|
|
|
|
docs: Add missing space to compound verbs “log in”, “set up”, etc.
Noun: backup, checkout, cleanup, login, logout, setup, shutdown, signup,
timeout.
Verb: back up, check out, clean up, log in, log out, set up, shut
down, sign up, time out.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-25 23:05:38 +02:00
|
|
|
# For normal testing we again log in with hamlet
|
2018-02-19 13:38:18 +01:00
|
|
|
self.logout()
|
2020-03-06 18:40:46 +01:00
|
|
|
self.login_user(hamlet)
|
2018-02-19 13:38:18 +01:00
|
|
|
# Test remove members
|
2021-02-12 08:20:45 +01:00
|
|
|
params = {"delete": orjson.dumps([othello.id]).decode()}
|
2023-01-29 14:02:07 +01:00
|
|
|
initial_last_message = self.get_last_message()
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
2017-11-02 08:53:30 +01:00
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [hamlet, desdemona, iago, webhook_bot])
|
2023-01-29 14:02:07 +01:00
|
|
|
|
|
|
|
# A notification message is sent for removing from user group.
|
|
|
|
self.assertNotEqual(self.get_last_message(), initial_last_message)
|
|
|
|
expected_notification = (
|
|
|
|
f"{silent_mention_syntax_for_user(hamlet)} removed you from the group @_*support*."
|
|
|
|
)
|
|
|
|
self.assertEqual(self.get_last_message().content, expected_notification)
|
2018-02-19 13:38:18 +01:00
|
|
|
|
|
|
|
# Test remove a member that's already removed
|
2021-02-12 08:20:45 +01:00
|
|
|
params = {"delete": orjson.dumps([othello.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
2020-06-09 00:25:09 +02:00
|
|
|
self.assert_json_error(result, f"There is no member '{othello.id}' in this user group")
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [hamlet, desdemona, iago, webhook_bot])
|
2023-01-29 14:02:07 +01:00
|
|
|
|
|
|
|
# Test user remove itself,bot and deactivated user from user group.
|
|
|
|
desdemona = self.example_user("desdemona")
|
|
|
|
self.login_user(desdemona)
|
|
|
|
|
|
|
|
params = {"delete": orjson.dumps([desdemona.id, iago.id, webhook_bot.id]).decode()}
|
|
|
|
initial_last_message = self.get_last_message()
|
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [hamlet])
|
2017-11-02 08:53:30 +01:00
|
|
|
|
2023-01-29 14:02:07 +01:00
|
|
|
# No notification message is sent for removing from user group.
|
|
|
|
self.assertEqual(self.get_last_message(), initial_last_message)
|
|
|
|
|
2017-11-02 08:53:30 +01:00
|
|
|
# Test when nothing is provided
|
2021-02-12 08:20:45 +01:00
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info={})
|
2017-11-02 08:53:30 +01:00
|
|
|
msg = 'Nothing to do. Specify at least one of "add" or "delete".'
|
|
|
|
self.assert_json_error(result, msg)
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [hamlet])
|
2018-02-19 13:38:18 +01:00
|
|
|
|
2018-08-14 21:37:52 +02:00
|
|
|
def test_mentions(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
cordelia = self.example_user("cordelia")
|
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
othello = self.example_user("othello")
|
|
|
|
zoe = self.example_user("ZOE")
|
2018-08-14 21:37:52 +02:00
|
|
|
|
|
|
|
realm = cordelia.realm
|
|
|
|
|
2021-02-12 08:20:45 +01:00
|
|
|
group_name = "support"
|
2021-05-10 07:02:14 +02:00
|
|
|
stream_name = "Dev help"
|
2018-08-14 21:37:52 +02:00
|
|
|
|
2021-02-12 08:20:45 +01:00
|
|
|
content_with_group_mention = "hey @*support* can you help us with this?"
|
2018-08-14 21:37:52 +02:00
|
|
|
|
2021-04-02 18:11:45 +02:00
|
|
|
ensure_stream(realm, stream_name, acting_user=None)
|
2018-08-14 21:37:52 +02:00
|
|
|
|
|
|
|
all_users = {cordelia, hamlet, othello, zoe}
|
|
|
|
support_team = {hamlet, zoe}
|
|
|
|
sender = cordelia
|
|
|
|
other_users = all_users - support_team
|
|
|
|
|
|
|
|
for user in all_users:
|
|
|
|
self.subscribe(user, stream_name)
|
|
|
|
|
2022-12-14 06:45:55 +01:00
|
|
|
check_add_user_group(
|
|
|
|
name=group_name, initial_members=list(support_team), realm=realm, acting_user=None
|
2018-08-14 21:37:52 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
payload = dict(
|
|
|
|
type="stream",
|
2022-09-13 08:39:44 +02:00
|
|
|
to=orjson.dumps(stream_name).decode(),
|
2021-02-12 08:20:45 +01:00
|
|
|
topic="whatever",
|
2018-08-14 21:37:52 +02:00
|
|
|
content=content_with_group_mention,
|
|
|
|
)
|
|
|
|
|
2022-11-04 20:26:18 +01:00
|
|
|
result = self.api_post(sender, "/api/v1/messages", payload)
|
2018-08-14 21:37:52 +02:00
|
|
|
|
|
|
|
self.assert_json_success(result)
|
|
|
|
|
|
|
|
for user in support_team:
|
|
|
|
um = most_recent_usermessage(user)
|
|
|
|
self.assertTrue(um.flags.mentioned)
|
|
|
|
|
|
|
|
for user in other_users:
|
|
|
|
um = most_recent_usermessage(user)
|
|
|
|
self.assertFalse(um.flags.mentioned)
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
def test_user_group_edit_policy_for_creating_and_deleting_user_group(self) -> None:
|
2021-02-12 08:20:45 +01:00
|
|
|
hamlet = self.example_user("hamlet")
|
2021-08-16 10:09:10 +02:00
|
|
|
realm = hamlet.realm
|
2021-05-21 07:02:43 +02:00
|
|
|
|
|
|
|
def check_create_user_group(acting_user: str, error_msg: Optional[str] = None) -> None:
|
|
|
|
self.login(acting_user)
|
|
|
|
params = {
|
|
|
|
"name": "support",
|
|
|
|
"members": orjson.dumps([hamlet.id]).decode(),
|
|
|
|
"description": "Support Team",
|
|
|
|
}
|
|
|
|
result = self.client_post("/json/user_groups/create", info=params)
|
|
|
|
if error_msg is None:
|
|
|
|
self.assert_json_success(result)
|
|
|
|
# One group already exists in the test database.
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assert_length(UserGroup.objects.filter(realm=realm), 10)
|
2021-05-21 07:02:43 +02:00
|
|
|
else:
|
|
|
|
self.assert_json_error(result, error_msg)
|
|
|
|
|
|
|
|
def check_delete_user_group(acting_user: str, error_msg: Optional[str] = None) -> None:
|
|
|
|
self.login(acting_user)
|
|
|
|
user_group = UserGroup.objects.get(name="support")
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
with transaction.atomic():
|
|
|
|
result = self.client_delete(f"/json/user_groups/{user_group.id}")
|
2021-05-21 07:02:43 +02:00
|
|
|
if error_msg is None:
|
|
|
|
self.assert_json_success(result)
|
2023-03-27 05:28:12 +02:00
|
|
|
self.assert_length(UserGroup.objects.filter(realm=realm), 9)
|
2021-05-21 07:02:43 +02:00
|
|
|
else:
|
|
|
|
self.assert_json_error(result, error_msg)
|
|
|
|
|
|
|
|
# Check only admins are allowed to create/delete user group. Admins are allowed even if
|
|
|
|
# they are not a member of the group.
|
2021-02-12 08:19:30 +01:00
|
|
|
do_set_realm_property(
|
2021-05-21 07:02:43 +02:00
|
|
|
realm,
|
2021-03-01 11:33:24 +01:00
|
|
|
"user_group_edit_policy",
|
2021-05-21 07:02:43 +02:00
|
|
|
Realm.POLICY_ADMINS_ONLY,
|
2021-03-01 11:33:24 +01:00
|
|
|
acting_user=None,
|
2021-02-12 08:19:30 +01:00
|
|
|
)
|
2021-05-21 07:02:43 +02:00
|
|
|
check_create_user_group("shiva", "Insufficient permission")
|
|
|
|
check_create_user_group("iago")
|
|
|
|
|
|
|
|
check_delete_user_group("shiva", "Insufficient permission")
|
|
|
|
check_delete_user_group("iago")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
# Check moderators are allowed to create/delete user group but not members. Moderators are
|
|
|
|
# allowed even if they are not a member of the group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_MODERATORS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
check_create_user_group("cordelia", "Insufficient permission")
|
|
|
|
check_create_user_group("shiva")
|
|
|
|
|
|
|
|
check_delete_user_group("hamlet", "Insufficient permission")
|
|
|
|
check_delete_user_group("shiva")
|
|
|
|
|
|
|
|
# Check only members are allowed to create the user group and they are allowed to delete
|
|
|
|
# a user group only if they are a member of that group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_MEMBERS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
check_create_user_group("polonius", "Not allowed for guest users")
|
|
|
|
check_create_user_group("cordelia")
|
|
|
|
|
|
|
|
check_delete_user_group("polonius", "Not allowed for guest users")
|
|
|
|
check_delete_user_group("cordelia", "Insufficient permission")
|
|
|
|
check_delete_user_group("hamlet")
|
|
|
|
|
|
|
|
# Check only full members are allowed to create the user group and they are allowed to delete
|
|
|
|
# a user group only if they are a member of that group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_FULL_MEMBERS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
cordelia = self.example_user("cordelia")
|
|
|
|
do_set_realm_property(realm, "waiting_period_threshold", 10, acting_user=None)
|
|
|
|
|
|
|
|
cordelia.date_joined = timezone_now() - timedelta(days=9)
|
|
|
|
cordelia.save()
|
|
|
|
check_create_user_group("cordelia", "Insufficient permission")
|
|
|
|
|
|
|
|
cordelia.date_joined = timezone_now() - timedelta(days=11)
|
|
|
|
cordelia.save()
|
|
|
|
check_create_user_group("cordelia")
|
|
|
|
|
|
|
|
hamlet.date_joined = timezone_now() - timedelta(days=9)
|
|
|
|
hamlet.save()
|
|
|
|
|
|
|
|
check_delete_user_group("cordelia", "Insufficient permission")
|
|
|
|
check_delete_user_group("hamlet", "Insufficient permission")
|
|
|
|
|
|
|
|
hamlet.date_joined = timezone_now() - timedelta(days=11)
|
|
|
|
hamlet.save()
|
|
|
|
check_delete_user_group("hamlet")
|
|
|
|
|
|
|
|
def test_user_group_edit_policy_for_updating_user_groups(self) -> None:
|
|
|
|
othello = self.example_user("othello")
|
|
|
|
self.login("othello")
|
2019-11-02 17:58:55 +01:00
|
|
|
params = {
|
2021-02-12 08:20:45 +01:00
|
|
|
"name": "support",
|
2021-05-21 07:02:43 +02:00
|
|
|
"members": orjson.dumps([othello.id]).decode(),
|
2021-02-12 08:20:45 +01:00
|
|
|
"description": "Support team",
|
2019-11-02 17:58:55 +01:00
|
|
|
}
|
2021-05-21 07:02:43 +02:00
|
|
|
self.client_post("/json/user_groups/create", info=params)
|
2021-02-12 08:20:45 +01:00
|
|
|
user_group = UserGroup.objects.get(name="support")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
def check_update_user_group(
|
|
|
|
new_name: str,
|
|
|
|
new_description: str,
|
|
|
|
acting_user: str,
|
|
|
|
error_msg: Optional[str] = None,
|
|
|
|
) -> None:
|
|
|
|
self.login(acting_user)
|
|
|
|
params = {
|
|
|
|
"name": new_name,
|
|
|
|
"description": new_description,
|
|
|
|
}
|
2023-06-28 00:40:09 +02:00
|
|
|
# Ensure that this update request is not a no-op.
|
|
|
|
self.assertNotEqual(user_group.name, new_name)
|
|
|
|
self.assertNotEqual(user_group.description, new_description)
|
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
if error_msg is None:
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:40:09 +02:00
|
|
|
user_group.refresh_from_db()
|
|
|
|
self.assertEqual(user_group.name, new_name)
|
|
|
|
self.assertEqual(user_group.description, new_description)
|
2021-05-21 07:02:43 +02:00
|
|
|
else:
|
|
|
|
self.assert_json_error(result, error_msg)
|
|
|
|
|
|
|
|
realm = othello.realm
|
|
|
|
|
|
|
|
# Check only admins are allowed to update user group. Admins are allowed even if
|
|
|
|
# they are not a member of the group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_ADMINS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
check_update_user_group("help", "Troubleshooting team", "shiva", "Insufficient permission")
|
|
|
|
check_update_user_group("help", "Troubleshooting team", "iago")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
# Check moderators are allowed to update user group but not members. Moderators are
|
|
|
|
# allowed even if they are not a member of the group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_MODERATORS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
check_update_user_group("support", "Support team", "othello", "Insufficient permission")
|
|
|
|
check_update_user_group("support", "Support team", "iago")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
# Check only members are allowed to update the user group and only if belong to the
|
|
|
|
# user group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_MEMBERS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
check_update_user_group(
|
|
|
|
"help", "Troubleshooting team", "polonius", "Not allowed for guest users"
|
|
|
|
)
|
|
|
|
check_update_user_group(
|
|
|
|
"help",
|
|
|
|
"Troubleshooting team",
|
|
|
|
"cordelia",
|
|
|
|
"Insufficient permission",
|
|
|
|
)
|
|
|
|
check_update_user_group("help", "Troubleshooting team", "othello")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
# Check only full members are allowed to update the user group and only if belong to the
|
|
|
|
# user group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm, "user_group_edit_policy", Realm.POLICY_FULL_MEMBERS_ONLY, acting_user=None
|
|
|
|
)
|
|
|
|
do_set_realm_property(realm, "waiting_period_threshold", 10, acting_user=None)
|
|
|
|
othello = self.example_user("othello")
|
|
|
|
othello.date_joined = timezone_now() - timedelta(days=9)
|
|
|
|
othello.save()
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
cordelia = self.example_user("cordelia")
|
|
|
|
cordelia.date_joined = timezone_now() - timedelta(days=11)
|
|
|
|
cordelia.save()
|
|
|
|
check_update_user_group(
|
|
|
|
"support",
|
|
|
|
"Support team",
|
|
|
|
"cordelia",
|
|
|
|
"Insufficient permission",
|
2021-02-12 08:19:30 +01:00
|
|
|
)
|
2021-05-21 07:02:43 +02:00
|
|
|
check_update_user_group("support", "Support team", "othello", "Insufficient permission")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
othello.date_joined = timezone_now() - timedelta(days=11)
|
|
|
|
othello.save()
|
|
|
|
check_update_user_group("support", "Support team", "othello")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
def test_user_group_edit_policy_for_updating_members(self) -> None:
|
|
|
|
user_group = self.create_user_group_for_test("support")
|
|
|
|
aaron = self.example_user("aaron")
|
|
|
|
othello = self.example_user("othello")
|
|
|
|
cordelia = self.example_user("cordelia")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
def check_adding_members_to_group(
|
|
|
|
acting_user: str, error_msg: Optional[str] = None
|
|
|
|
) -> None:
|
|
|
|
self.login(acting_user)
|
|
|
|
params = {"add": orjson.dumps([aaron.id]).decode()}
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [othello])
|
2021-05-21 07:02:43 +02:00
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
|
|
|
if error_msg is None:
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [aaron, othello])
|
2021-05-21 07:02:43 +02:00
|
|
|
else:
|
|
|
|
self.assert_json_error(result, error_msg)
|
|
|
|
|
|
|
|
def check_removing_members_from_group(
|
|
|
|
acting_user: str, error_msg: Optional[str] = None
|
|
|
|
) -> None:
|
|
|
|
self.login(acting_user)
|
|
|
|
params = {"delete": orjson.dumps([aaron.id]).decode()}
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [aaron, othello])
|
2021-05-21 07:02:43 +02:00
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
|
|
|
if error_msg is None:
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:33:20 +02:00
|
|
|
self.assert_user_membership(user_group, [othello])
|
2021-05-21 07:02:43 +02:00
|
|
|
else:
|
|
|
|
self.assert_json_error(result, error_msg)
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
realm = get_realm("zulip")
|
|
|
|
# Check only admins are allowed to add/remove users from the group. Admins are allowed even if
|
|
|
|
# they are not a member of the group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_ADMINS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
check_adding_members_to_group("shiva", "Insufficient permission")
|
|
|
|
check_adding_members_to_group("iago")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
check_removing_members_from_group("shiva", "Insufficient permission")
|
|
|
|
check_removing_members_from_group("iago")
|
2019-11-02 17:58:55 +01:00
|
|
|
|
2021-05-21 07:02:43 +02:00
|
|
|
# Check moderators are allowed to add/remove users from the group but not members. Moderators are
|
|
|
|
# allowed even if they are not a member of the group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_MODERATORS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
check_adding_members_to_group("cordelia", "Insufficient permission")
|
|
|
|
check_adding_members_to_group("shiva")
|
|
|
|
|
|
|
|
check_removing_members_from_group("hamlet", "Insufficient permission")
|
|
|
|
check_removing_members_from_group("shiva")
|
|
|
|
|
|
|
|
# Check only members are allowed to add/remove users in the group and only if belong to the
|
|
|
|
# user group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_MEMBERS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
check_adding_members_to_group("polonius", "Not allowed for guest users")
|
|
|
|
check_adding_members_to_group("cordelia", "Insufficient permission")
|
|
|
|
check_adding_members_to_group("othello")
|
|
|
|
|
|
|
|
check_removing_members_from_group("polonius", "Not allowed for guest users")
|
|
|
|
check_removing_members_from_group("cordelia", "Insufficient permission")
|
|
|
|
check_removing_members_from_group("othello")
|
|
|
|
|
|
|
|
# Check only full members are allowed to add/remove users in the group and only if belong to the
|
|
|
|
# user group.
|
|
|
|
do_set_realm_property(
|
|
|
|
realm,
|
|
|
|
"user_group_edit_policy",
|
|
|
|
Realm.POLICY_FULL_MEMBERS_ONLY,
|
|
|
|
acting_user=None,
|
|
|
|
)
|
|
|
|
do_set_realm_property(realm, "waiting_period_threshold", 10, acting_user=None)
|
|
|
|
|
|
|
|
othello.date_joined = timezone_now() - timedelta(days=9)
|
|
|
|
othello.save()
|
|
|
|
check_adding_members_to_group("cordelia", "Insufficient permission")
|
|
|
|
|
|
|
|
cordelia.date_joined = timezone_now() - timedelta(days=11)
|
|
|
|
cordelia.save()
|
|
|
|
check_adding_members_to_group("cordelia", "Insufficient permission")
|
|
|
|
|
|
|
|
othello.date_joined = timezone_now() - timedelta(days=11)
|
|
|
|
othello.save()
|
|
|
|
check_adding_members_to_group("othello")
|
|
|
|
|
|
|
|
othello.date_joined = timezone_now() - timedelta(days=9)
|
|
|
|
othello.save()
|
|
|
|
|
|
|
|
check_removing_members_from_group("cordelia", "Insufficient permission")
|
|
|
|
check_removing_members_from_group("othello", "Insufficient permission")
|
|
|
|
|
|
|
|
othello.date_joined = timezone_now() - timedelta(days=11)
|
|
|
|
othello.save()
|
|
|
|
check_removing_members_from_group("othello")
|
2021-08-06 15:22:08 +02:00
|
|
|
|
|
|
|
def test_editing_system_user_groups(self) -> None:
|
|
|
|
desdemona = self.example_user("desdemona")
|
|
|
|
iago = self.example_user("iago")
|
|
|
|
othello = self.example_user("othello")
|
|
|
|
aaron = self.example_user("aaron")
|
2021-08-11 15:10:17 +02:00
|
|
|
|
|
|
|
user_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=iago.realm, name=SystemGroups.FULL_MEMBERS, is_system_group=True
|
2021-08-06 15:22:08 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
def check_support_group_permission(acting_user: UserProfile) -> None:
|
|
|
|
self.login_user(acting_user)
|
|
|
|
params = {
|
2021-08-20 19:49:23 +02:00
|
|
|
"name": "Full members user group",
|
|
|
|
"description": "Full members system user group.",
|
2021-08-06 15:22:08 +02:00
|
|
|
}
|
|
|
|
result = self.client_patch(f"/json/user_groups/{user_group.id}", info=params)
|
|
|
|
self.assert_json_error(result, "Insufficient permission")
|
|
|
|
|
|
|
|
params = {"add": orjson.dumps([aaron.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
|
|
|
self.assert_json_error(result, "Insufficient permission")
|
|
|
|
|
|
|
|
params = {"delete": orjson.dumps([othello.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{user_group.id}/members", info=params)
|
|
|
|
self.assert_json_error(result, "Insufficient permission")
|
|
|
|
|
|
|
|
check_support_group_permission(desdemona)
|
|
|
|
check_support_group_permission(iago)
|
|
|
|
check_support_group_permission(othello)
|
2022-01-31 18:24:00 +01:00
|
|
|
|
|
|
|
def test_promote_new_full_members(self) -> None:
|
|
|
|
realm = get_realm("zulip")
|
|
|
|
|
|
|
|
cordelia = self.example_user("cordelia")
|
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
cordelia.date_joined = timezone_now() - timedelta(days=11)
|
|
|
|
cordelia.save()
|
|
|
|
|
|
|
|
hamlet.date_joined = timezone_now() - timedelta(days=8)
|
|
|
|
hamlet.save()
|
|
|
|
|
|
|
|
do_set_realm_property(realm, "waiting_period_threshold", 10, acting_user=None)
|
|
|
|
full_members_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=realm, name=SystemGroups.FULL_MEMBERS, is_system_group=True
|
2022-01-31 18:24:00 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
self.assertTrue(
|
|
|
|
UserGroupMembership.objects.filter(
|
|
|
|
user_profile=cordelia, user_group=full_members_group
|
|
|
|
).exists()
|
|
|
|
)
|
|
|
|
self.assertFalse(
|
|
|
|
UserGroupMembership.objects.filter(
|
|
|
|
user_profile=hamlet, user_group=full_members_group
|
|
|
|
).exists()
|
|
|
|
)
|
|
|
|
|
|
|
|
current_time = timezone_now()
|
2023-11-28 19:16:58 +01:00
|
|
|
with time_machine.travel((current_time + timedelta(days=3)), tick=False):
|
2022-01-31 18:24:00 +01:00
|
|
|
promote_new_full_members()
|
|
|
|
|
|
|
|
self.assertTrue(
|
|
|
|
UserGroupMembership.objects.filter(
|
|
|
|
user_profile=cordelia, user_group=full_members_group
|
|
|
|
).exists()
|
|
|
|
)
|
|
|
|
self.assertTrue(
|
|
|
|
UserGroupMembership.objects.filter(
|
|
|
|
user_profile=hamlet, user_group=full_members_group
|
|
|
|
).exists()
|
|
|
|
)
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
def test_updating_subgroups_of_user_group(self) -> None:
|
|
|
|
realm = get_realm("zulip")
|
|
|
|
desdemona = self.example_user("desdemona")
|
|
|
|
iago = self.example_user("iago")
|
|
|
|
hamlet = self.example_user("hamlet")
|
|
|
|
othello = self.example_user("othello")
|
|
|
|
|
2022-12-14 06:45:55 +01:00
|
|
|
leadership_group = check_add_user_group(
|
|
|
|
realm, "leadership", [desdemona, iago, hamlet], acting_user=None
|
2022-11-21 03:37:11 +01:00
|
|
|
)
|
2022-12-14 06:45:55 +01:00
|
|
|
support_group = check_add_user_group(realm, "support", [hamlet, othello], acting_user=None)
|
2023-06-10 10:00:56 +02:00
|
|
|
test_group = check_add_user_group(realm, "test", [hamlet], acting_user=None)
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
self.login("cordelia")
|
|
|
|
# Non-admin and non-moderators who are not a member of group cannot add or remove subgroups.
|
|
|
|
params = {"add": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_error(result, "Insufficient permission")
|
|
|
|
|
|
|
|
self.login("iago")
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
params = {"delete": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
self.login("shiva")
|
|
|
|
params = {"add": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
params = {"delete": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
self.login("hamlet")
|
|
|
|
# Non-admin and non-moderators who are a member of the user group can add or remove subgroups.
|
|
|
|
params = {"add": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
params = {"delete": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
# Users need not be part of the subgroup to add or remove it from a user group.
|
|
|
|
self.login("othello")
|
|
|
|
params = {"add": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
params = {"delete": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_success(result)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_error(
|
|
|
|
result,
|
2023-07-19 23:06:38 +02:00
|
|
|
f"User group {leadership_group.id} is not a subgroup of this group.",
|
2022-03-02 11:58:37 +01:00
|
|
|
)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
params = {"add": orjson.dumps([leadership_group.id]).decode()}
|
|
|
|
self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_error(
|
|
|
|
result,
|
2023-07-19 23:06:38 +02:00
|
|
|
f"User group {leadership_group.id} is already a subgroup of this group.",
|
2022-03-02 11:58:37 +01:00
|
|
|
)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
2023-06-10 10:00:56 +02:00
|
|
|
self.login("iago")
|
|
|
|
params = {"add": orjson.dumps([support_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{leadership_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_error(
|
|
|
|
result,
|
2023-09-12 21:10:57 +02:00
|
|
|
f"User group {leadership_group.id} is already a subgroup of one of the passed subgroups.",
|
2023-06-10 10:00:56 +02:00
|
|
|
)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2023-06-10 10:00:56 +02:00
|
|
|
|
|
|
|
params = {"add": orjson.dumps([support_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{test_group.id}/subgroups", info=params)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_json_success(result)
|
|
|
|
self.assert_subgroup_membership(test_group, [support_group])
|
2023-06-10 10:00:56 +02:00
|
|
|
|
|
|
|
params = {"add": orjson.dumps([test_group.id]).decode()}
|
|
|
|
result = self.client_post(f"/json/user_groups/{leadership_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_error(
|
|
|
|
result,
|
2023-09-12 21:10:57 +02:00
|
|
|
f"User group {leadership_group.id} is already a subgroup of one of the passed subgroups.",
|
2023-06-10 10:00:56 +02:00
|
|
|
)
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(test_group, [support_group])
|
2023-06-10 10:00:56 +02:00
|
|
|
|
2022-04-26 20:44:37 +02:00
|
|
|
lear_realm = get_realm("lear")
|
2022-12-14 06:45:55 +01:00
|
|
|
lear_test_group = check_add_user_group(
|
|
|
|
lear_realm, "test", [self.lear_user("cordelia")], acting_user=None
|
2022-11-21 03:37:11 +01:00
|
|
|
)
|
2022-04-26 20:44:37 +02:00
|
|
|
result = self.client_post(f"/json/user_groups/{lear_test_group.id}/subgroups", info=params)
|
|
|
|
self.assert_json_error(result, "Invalid user group")
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(lear_test_group, [])
|
2022-04-26 20:44:37 +02:00
|
|
|
|
2022-03-02 11:58:37 +01:00
|
|
|
# Invalid subgroup id will raise an error.
|
2022-04-26 20:11:00 +02:00
|
|
|
params = {"add": orjson.dumps([leadership_group.id, 1111]).decode()}
|
2022-03-02 11:58:37 +01:00
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info=params)
|
2022-04-26 20:11:00 +02:00
|
|
|
self.assert_json_error(result, "Invalid user group ID: 1111")
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2022-03-02 11:58:37 +01:00
|
|
|
|
|
|
|
# Test when nothing is provided
|
|
|
|
result = self.client_post(f"/json/user_groups/{support_group.id}/subgroups", info={})
|
|
|
|
self.assert_json_error(result, 'Nothing to do. Specify at least one of "add" or "delete".')
|
2023-06-28 00:38:48 +02:00
|
|
|
self.assert_subgroup_membership(support_group, [leadership_group])
|
2022-03-18 14:38:11 +01:00
|
|
|
|
|
|
|
def test_get_is_user_group_member_status(self) -> None:
|
|
|
|
self.login("iago")
|
|
|
|
realm = get_realm("zulip")
|
|
|
|
desdemona = self.example_user("desdemona")
|
|
|
|
iago = self.example_user("iago")
|
|
|
|
othello = self.example_user("othello")
|
|
|
|
admins_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
realm=realm, name=SystemGroups.ADMINISTRATORS, is_system_group=True
|
2022-03-18 14:38:11 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
# Invalid user ID.
|
2022-04-26 20:11:00 +02:00
|
|
|
result = self.client_get(f"/json/user_groups/{admins_group.id}/members/1111")
|
2022-03-18 14:38:11 +01:00
|
|
|
self.assert_json_error(result, "No such user")
|
|
|
|
|
|
|
|
# Invalid user group ID.
|
2022-04-26 20:11:00 +02:00
|
|
|
result = self.client_get(f"/json/user_groups/1111/members/{iago.id}")
|
2022-03-18 14:38:11 +01:00
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2022-04-26 20:44:37 +02:00
|
|
|
lear_realm = get_realm("lear")
|
|
|
|
lear_cordelia = self.lear_user("cordelia")
|
2022-12-14 06:45:55 +01:00
|
|
|
lear_test_group = check_add_user_group(
|
|
|
|
lear_realm, "test", [lear_cordelia], acting_user=None
|
|
|
|
)
|
2022-04-26 20:44:37 +02:00
|
|
|
result = self.client_get(
|
|
|
|
f"/json/user_groups/{lear_test_group.id}/members/{lear_cordelia.id}"
|
|
|
|
)
|
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2022-03-18 14:38:11 +01:00
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{admins_group.id}/members/{othello.id}").content
|
|
|
|
)
|
|
|
|
self.assertFalse(result_dict["is_user_group_member"])
|
|
|
|
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{admins_group.id}/members/{iago.id}").content
|
|
|
|
)
|
|
|
|
self.assertTrue(result_dict["is_user_group_member"])
|
|
|
|
|
|
|
|
# Checking membership of not a direct member but member of a subgroup.
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{admins_group.id}/members/{desdemona.id}").content
|
|
|
|
)
|
|
|
|
self.assertTrue(result_dict["is_user_group_member"])
|
|
|
|
|
|
|
|
# Checking membership of not a direct member but member of a subgroup when passing
|
|
|
|
# recursive parameter as False.
|
|
|
|
params = {"direct_member_only": orjson.dumps(True).decode()}
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(
|
|
|
|
f"/json/user_groups/{admins_group.id}/members/{desdemona.id}", info=params
|
|
|
|
).content
|
|
|
|
)
|
|
|
|
self.assertFalse(result_dict["is_user_group_member"])
|
|
|
|
|
|
|
|
# Logging in with a user not part of the group.
|
|
|
|
self.login("hamlet")
|
|
|
|
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{admins_group.id}/members/{iago.id}").content
|
|
|
|
)
|
|
|
|
self.assertTrue(result_dict["is_user_group_member"])
|
|
|
|
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{admins_group.id}/members/{othello.id}").content
|
|
|
|
)
|
|
|
|
self.assertFalse(result_dict["is_user_group_member"])
|
2022-03-24 11:39:57 +01:00
|
|
|
|
|
|
|
def test_get_user_group_members(self) -> None:
|
|
|
|
realm = get_realm("zulip")
|
|
|
|
iago = self.example_user("iago")
|
|
|
|
desdemona = self.example_user("desdemona")
|
|
|
|
shiva = self.example_user("shiva")
|
|
|
|
moderators_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
name=SystemGroups.MODERATORS, realm=realm, is_system_group=True
|
2022-03-24 11:39:57 +01:00
|
|
|
)
|
|
|
|
self.login("iago")
|
|
|
|
|
|
|
|
# Test invalid user group id
|
2022-04-26 20:11:00 +02:00
|
|
|
result = self.client_get("/json/user_groups/1111/members")
|
2022-03-24 11:39:57 +01:00
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2022-04-26 20:44:37 +02:00
|
|
|
lear_realm = get_realm("lear")
|
2022-12-14 06:45:55 +01:00
|
|
|
lear_test_group = check_add_user_group(
|
|
|
|
lear_realm, "test", [self.lear_user("cordelia")], acting_user=None
|
2022-11-21 03:37:11 +01:00
|
|
|
)
|
2022-04-26 20:44:37 +02:00
|
|
|
result = self.client_get(f"/json/user_groups/{lear_test_group.id}/members")
|
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2022-03-24 11:39:57 +01:00
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{moderators_group.id}/members").content
|
|
|
|
)
|
|
|
|
self.assertCountEqual(result_dict["members"], [desdemona.id, iago.id, shiva.id])
|
|
|
|
|
|
|
|
params = {"direct_member_only": orjson.dumps(True).decode()}
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{moderators_group.id}/members", info=params).content
|
|
|
|
)
|
|
|
|
self.assertCountEqual(result_dict["members"], [shiva.id])
|
|
|
|
|
|
|
|
# User not part of a group can also get its members.
|
|
|
|
self.login("hamlet")
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{moderators_group.id}/members").content
|
|
|
|
)
|
|
|
|
self.assertCountEqual(result_dict["members"], [desdemona.id, iago.id, shiva.id])
|
|
|
|
|
|
|
|
params = {"direct_member_only": orjson.dumps(True).decode()}
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{moderators_group.id}/members", info=params).content
|
|
|
|
)
|
|
|
|
self.assertCountEqual(result_dict["members"], [shiva.id])
|
2022-04-04 13:59:25 +02:00
|
|
|
|
|
|
|
def test_get_subgroups_of_user_group(self) -> None:
|
|
|
|
realm = get_realm("zulip")
|
2022-08-10 11:43:28 +02:00
|
|
|
owners_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
name=SystemGroups.OWNERS, realm=realm, is_system_group=True
|
2022-08-10 11:43:28 +02:00
|
|
|
)
|
2022-04-04 13:59:25 +02:00
|
|
|
admins_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
name=SystemGroups.ADMINISTRATORS, realm=realm, is_system_group=True
|
2022-04-04 13:59:25 +02:00
|
|
|
)
|
|
|
|
moderators_group = UserGroup.objects.get(
|
2023-09-21 13:06:39 +02:00
|
|
|
name=SystemGroups.MODERATORS, realm=realm, is_system_group=True
|
2022-04-04 13:59:25 +02:00
|
|
|
)
|
|
|
|
self.login("iago")
|
|
|
|
|
|
|
|
# Test invalid user group id
|
2022-04-26 20:11:00 +02:00
|
|
|
result = self.client_get("/json/user_groups/1111/subgroups")
|
2022-04-04 13:59:25 +02:00
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2022-04-26 20:44:37 +02:00
|
|
|
lear_realm = get_realm("lear")
|
2022-12-14 06:45:55 +01:00
|
|
|
lear_test_group = check_add_user_group(
|
|
|
|
lear_realm, "test", [self.lear_user("cordelia")], acting_user=None
|
2022-11-21 03:37:11 +01:00
|
|
|
)
|
2022-04-26 20:44:37 +02:00
|
|
|
result = self.client_get(f"/json/user_groups/{lear_test_group.id}/subgroups")
|
|
|
|
self.assert_json_error(result, "Invalid user group")
|
|
|
|
|
2022-04-04 13:59:25 +02:00
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{moderators_group.id}/subgroups").content
|
|
|
|
)
|
2023-11-03 17:37:22 +01:00
|
|
|
self.assertEqual(set(result_dict["subgroups"]), {admins_group.id, owners_group.id})
|
2022-04-04 13:59:25 +02:00
|
|
|
|
|
|
|
params = {"direct_subgroup_only": orjson.dumps(True).decode()}
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(
|
|
|
|
f"/json/user_groups/{moderators_group.id}/subgroups", info=params
|
|
|
|
).content
|
|
|
|
)
|
|
|
|
self.assertCountEqual(result_dict["subgroups"], [admins_group.id])
|
|
|
|
|
|
|
|
# User not part of a group can also get its subgroups.
|
|
|
|
self.login("hamlet")
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(f"/json/user_groups/{moderators_group.id}/subgroups").content
|
|
|
|
)
|
2023-11-03 17:37:22 +01:00
|
|
|
self.assertEqual(set(result_dict["subgroups"]), {admins_group.id, owners_group.id})
|
2022-04-04 13:59:25 +02:00
|
|
|
|
|
|
|
params = {"direct_subgroup_only": orjson.dumps(True).decode()}
|
|
|
|
result_dict = orjson.loads(
|
|
|
|
self.client_get(
|
|
|
|
f"/json/user_groups/{moderators_group.id}/subgroups", info=params
|
|
|
|
).content
|
|
|
|
)
|
|
|
|
self.assertCountEqual(result_dict["subgroups"], [admins_group.id])
|
user_groups: Make locks required for updating user group memberships.
**Background**
User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.
This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.
**Solution**
To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.
The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.
Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:
1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.
For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.
**Error handling**
We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.
**Notes**
An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.
User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.
**Testing**
We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).
To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.
The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).
**Security notes**
get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.
We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-06-17 04:39:52 +02:00
|
|
|
|
|
|
|
def test_add_subgroup_from_wrong_realm(self) -> None:
|
|
|
|
other_realm = do_create_realm("other", "Other Realm")
|
|
|
|
other_user_group = check_add_user_group(other_realm, "user_group", [], acting_user=None)
|
|
|
|
|
|
|
|
realm = get_realm("zulip")
|
|
|
|
zulip_group = check_add_user_group(realm, "zulip_test", [], acting_user=None)
|
|
|
|
|
|
|
|
self.login("iago")
|
|
|
|
result = self.client_post(
|
|
|
|
f"/json/user_groups/{zulip_group.id}/subgroups",
|
|
|
|
{"add": orjson.dumps([other_user_group.id]).decode()},
|
|
|
|
)
|
|
|
|
self.assert_json_error(result, f"Invalid user group ID: {other_user_group.id}")
|
|
|
|
|
|
|
|
# Having a subgroup from another realm is very unlikely because we do
|
|
|
|
# not allow cross-realm subgroups being added in the first place. But we
|
|
|
|
# test the handling in this scenario for completeness.
|
|
|
|
add_subgroups_to_user_group(zulip_group, [other_user_group], acting_user=None)
|
|
|
|
result = self.client_post(
|
|
|
|
f"/json/user_groups/{zulip_group.id}/subgroups",
|
|
|
|
{"delete": orjson.dumps([other_user_group.id]).decode()},
|
|
|
|
)
|
|
|
|
self.assert_json_error(result, f"Invalid user group ID: {other_user_group.id}")
|