zulip/web/tests/settings_data.test.cjs

911 lines
28 KiB
JavaScript
Raw Normal View History

"use strict";
const assert = require("node:assert/strict");
const {mock_esm, with_overrides, zrequire} = require("./lib/namespace.cjs");
const {run_test} = require("./lib/test.cjs");
const {page_params} = require("./lib/zpage_params.cjs");
const settings_data = zrequire("settings_data");
const settings_config = zrequire("settings_config");
const {set_current_user, set_realm} = zrequire("state_data");
const user_groups = zrequire("user_groups");
const {initialize_user_settings} = zrequire("user_settings");
const current_user = {};
set_current_user(current_user);
const realm = {};
set_realm(realm);
const user_settings = {};
initialize_user_settings({user_settings});
/*
Some methods in settings_data are fairly
trivial, so the meaningful tests happen
at the higher layers, such as when we
test people.js.
*/
const isaac = {
email: "isaac@example.com",
delivery_email: "isaac-delivery@example.com",
user_id: 30,
full_name: "Isaac",
};
const group_permission_settings = mock_esm("../src/group_permission_settings", {});
run_test("user_can_change_email", ({override}) => {
const can_change_email = settings_data.user_can_change_email;
override(current_user, "is_admin", true);
assert.equal(can_change_email(), true);
override(current_user, "is_admin", false);
override(realm, "realm_email_changes_disabled", true);
assert.equal(can_change_email(), false);
override(realm, "realm_email_changes_disabled", false);
assert.equal(can_change_email(), true);
});
run_test("user_can_change_name", ({override}) => {
const can_change_name = settings_data.user_can_change_name;
override(current_user, "is_admin", true);
assert.equal(can_change_name(), true);
override(current_user, "is_admin", false);
override(realm, "realm_name_changes_disabled", true);
override(realm, "server_name_changes_disabled", false);
assert.equal(can_change_name(), false);
override(realm, "realm_name_changes_disabled", false);
override(realm, "server_name_changes_disabled", false);
assert.equal(can_change_name(), true);
override(realm, "realm_name_changes_disabled", false);
override(realm, "server_name_changes_disabled", true);
assert.equal(can_change_name(), false);
});
run_test("user_can_change_avatar", ({override}) => {
const can_change_avatar = settings_data.user_can_change_avatar;
override(current_user, "is_admin", true);
assert.equal(can_change_avatar(), true);
override(current_user, "is_admin", false);
override(realm, "realm_avatar_changes_disabled", true);
override(realm, "server_avatar_changes_disabled", false);
assert.equal(can_change_avatar(), false);
override(realm, "realm_avatar_changes_disabled", false);
override(realm, "server_avatar_changes_disabled", false);
assert.equal(can_change_avatar(), true);
override(realm, "realm_avatar_changes_disabled", false);
override(realm, "server_avatar_changes_disabled", true);
assert.equal(can_change_avatar(), false);
});
run_test("user_can_change_logo", ({override}) => {
const can_change_logo = settings_data.user_can_change_logo;
override(current_user, "is_admin", true);
override(realm, "zulip_plan_is_not_limited", true);
assert.equal(can_change_logo(), true);
override(current_user, "is_admin", false);
override(realm, "zulip_plan_is_not_limited", false);
assert.equal(can_change_logo(), false);
override(current_user, "is_admin", true);
override(realm, "zulip_plan_is_not_limited", false);
assert.equal(can_change_logo(), false);
override(current_user, "is_admin", false);
override(realm, "zulip_plan_is_not_limited", true);
assert.equal(can_change_logo(), false);
});
function test_policy(label, policy, validation_func) {
run_test(label, ({override}) => {
override(current_user, "is_admin", true);
override(realm, policy, settings_config.common_policy_values.by_admins_only.code);
assert.equal(validation_func(), true);
override(current_user, "is_admin", false);
assert.equal(validation_func(), false);
override(current_user, "is_moderator", true);
override(realm, policy, settings_config.common_policy_values.by_moderators_only.code);
assert.equal(validation_func(), true);
override(current_user, "is_moderator", false);
assert.equal(validation_func(), false);
override(current_user, "is_guest", true);
override(realm, policy, settings_config.common_policy_values.by_members.code);
assert.equal(validation_func(), false);
override(current_user, "is_guest", false);
assert.equal(validation_func(), true);
page_params.is_spectator = true;
override(realm, policy, settings_config.common_policy_values.by_members.code);
assert.equal(validation_func(), false);
page_params.is_spectator = false;
assert.equal(validation_func(), true);
override(realm, policy, settings_config.common_policy_values.by_full_members.code);
override(current_user, "user_id", 30);
isaac.date_joined = new Date(Date.now());
settings_data.initialize(isaac.date_joined);
override(realm, "realm_waiting_period_threshold", 10);
assert.equal(validation_func(), false);
isaac.date_joined = new Date(Date.now() - 20 * 86400000);
settings_data.initialize(isaac.date_joined);
assert.equal(validation_func(), true);
});
}
test_policy(
"user_can_subscribe_other_users",
"realm_invite_to_stream_policy",
settings_data.user_can_subscribe_other_users,
);
test_policy(
"user_can_invite_others_to_realm",
"realm_invite_to_realm_policy",
settings_data.user_can_invite_users_by_email,
);
test_realm_group_settings(
"realm_can_add_custom_emoji_group",
settings_data.user_can_add_custom_emoji,
);
test_realm_group_settings(
"realm_can_delete_any_message_group",
settings_data.user_can_delete_any_message,
);
test_realm_group_settings(
"realm_can_delete_own_message_group",
settings_data.user_can_delete_own_message,
);
test_realm_group_settings(
"realm_can_move_messages_between_channels_group",
settings_data.user_can_move_messages_between_streams,
);
test_realm_group_settings(
"realm_can_move_messages_between_topics_group",
settings_data.user_can_move_messages_to_another_topic,
);
run_test("using_dark_theme", ({override}) => {
override(user_settings, "color_scheme", settings_config.color_scheme_values.dark.code);
assert.equal(settings_data.using_dark_theme(), true);
override(user_settings, "color_scheme", settings_config.color_scheme_values.automatic.code);
window.matchMedia = (query) => {
assert.equal(query, "(prefers-color-scheme: dark)");
return {matches: true};
};
assert.equal(settings_data.using_dark_theme(), true);
window.matchMedia = (query) => {
assert.equal(query, "(prefers-color-scheme: dark)");
return {matches: false};
};
assert.equal(settings_data.using_dark_theme(), false);
override(user_settings, "color_scheme", settings_config.color_scheme_values.light.code);
assert.equal(settings_data.using_dark_theme(), false);
});
run_test("user_can_invite_others_to_realm_nobody_case", ({override}) => {
override(current_user, "is_admin", true);
override(current_user, "is_guest", false);
override(
realm,
"realm_invite_to_realm_policy",
settings_config.email_invite_to_realm_policy_values.nobody.code,
);
assert.equal(settings_data.user_can_invite_users_by_email(), false);
});
run_test("user_email_not_configured", ({override}) => {
const user_email_not_configured = settings_data.user_email_not_configured;
override(current_user, "is_owner", false);
assert.equal(user_email_not_configured(), false);
override(current_user, "is_owner", true);
override(current_user, "delivery_email", "");
assert.equal(user_email_not_configured(), true);
override(current_user, "delivery_email", "name@example.com");
assert.equal(user_email_not_configured(), false);
});
function test_realm_group_settings(setting_name, validation_func) {
with_overrides(({override}) => {
const admin_user_id = 1;
const moderator_user_id = 2;
const member_user_id = 3;
const admins = {
name: "Admins",
id: 1,
members: new Set([admin_user_id]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
};
const moderators = {
name: "Moderators",
id: 2,
members: new Set([moderator_user_id]),
is_system_group: true,
direct_subgroup_ids: new Set([1]),
};
group_permission_settings.get_group_permission_setting_config = () => ({
allow_everyone_group: false,
});
user_groups.initialize({realm_user_groups: [admins, moderators]});
page_params.is_spectator = true;
assert.equal(validation_func(), false);
page_params.is_spectator = false;
override(current_user, "is_guest", false);
override(realm, setting_name, 1);
override(current_user, "user_id", admin_user_id);
assert.equal(validation_func(), true);
override(current_user, "user_id", moderator_user_id);
assert.equal(validation_func(), false);
override(realm, setting_name, 2);
override(current_user, "user_id", moderator_user_id);
assert.equal(validation_func(), true);
override(current_user, "user_id", member_user_id);
assert.equal(validation_func(), false);
override(current_user, "user_id", moderator_user_id);
override(current_user, "is_guest", true);
assert.equal(validation_func(), false);
group_permission_settings.get_group_permission_setting_config = () => ({
allow_everyone_group: true,
});
assert.equal(validation_func(), true);
});
}
run_test("user_can_create_multiuse_invite", () => {
test_realm_group_settings(
"realm_create_multiuse_invite_group",
settings_data.user_can_create_multiuse_invite,
);
});
run_test("can_manage_user_group", ({override}) => {
const admins = {
description: "Administrators",
name: "role:administrators",
id: 1,
members: new Set([1]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
can_manage_group: 4,
can_mention_group: 1,
};
const moderators = {
description: "Moderators",
name: "role:moderators",
id: 2,
members: new Set([2]),
is_system_group: true,
direct_subgroup_ids: new Set([1]),
can_manage_group: 4,
can_mention_group: 1,
};
const members = {
description: "Members",
name: "role:members",
id: 3,
members: new Set([3, 4]),
is_system_group: true,
direct_subgroup_ids: new Set([1, 2]),
can_manage_group: 4,
can_mention_group: 4,
};
const nobody = {
description: "Nobody",
name: "role:nobody",
id: 4,
members: new Set([]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
can_manage_group: 4,
can_mention_group: 2,
};
const students = {
description: "Students group",
name: "Students",
id: 5,
members: new Set([1, 2]),
is_system_group: false,
direct_subgroup_ids: new Set([4, 5]),
can_manage_group: {
direct_members: [4],
direct_subgroups: [],
},
can_mention_group: 3,
creator_id: 4,
};
user_groups.initialize({
realm_user_groups: [admins, moderators, members, nobody, students],
});
page_params.is_spectator = true;
assert.ok(!settings_data.can_manage_user_group(students.id));
page_params.is_spectator = false;
override(realm, "realm_can_manage_all_groups", admins.id);
override(current_user, "user_id", 3);
assert.ok(!settings_data.can_manage_user_group(students.id));
// non-admin group_creator
override(current_user, "user_id", 4);
assert.ok(settings_data.can_manage_user_group(students.id));
// admin user
override(current_user, "user_id", 1);
assert.ok(settings_data.can_manage_user_group(students.id));
// moderator user
override(current_user, "user_id", 2);
assert.ok(!settings_data.can_manage_user_group(students.id));
// User with role member and not part of the group.
override(realm, "realm_can_manage_all_groups", members.id);
override(current_user, "user_id", 3);
assert.ok(settings_data.can_manage_user_group(students.id));
// User with role member and part of the group.
override(current_user, "user_id", 2);
assert.ok(settings_data.can_manage_user_group(students.id));
override(realm, "realm_can_manage_all_groups", admins.id);
override(current_user, "user_id", 2);
assert.ok(!settings_data.can_manage_user_group(students.id));
const event = {
group_id: students.id,
data: {
can_manage_group: members.id,
},
};
user_groups.update(event);
assert.ok(settings_data.can_manage_user_group(students.id));
override(current_user, "user_id", 3);
assert.ok(settings_data.can_manage_user_group(students.id));
});
run_test("can_join_user_group", ({override}) => {
const admins = {
description: "Administrators",
name: "role:administrators",
id: 1,
members: new Set([1]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
can_join_group: 4,
can_manage_group: 4,
can_mention_group: 1,
};
const moderators = {
description: "Moderators",
name: "role:moderators",
id: 2,
members: new Set([2]),
is_system_group: true,
direct_subgroup_ids: new Set([1]),
can_join_group: 4,
can_manage_group: 4,
can_mention_group: 1,
};
const members = {
description: "Members",
name: "role:members",
id: 3,
members: new Set([3, 4]),
is_system_group: true,
direct_subgroup_ids: new Set([1, 2]),
can_join_group: 4,
can_manage_group: 4,
can_mention_group: 4,
};
const nobody = {
description: "Nobody",
name: "role:nobody",
id: 4,
members: new Set([]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
can_join_group: 4,
can_manage_group: 4,
can_mention_group: 2,
};
const students = {
description: "Students group",
name: "Students",
id: 5,
members: new Set([1, 2]),
is_system_group: false,
direct_subgroup_ids: new Set([4, 5]),
can_join_group: 1,
can_manage_group: {
direct_members: [4],
direct_subgroups: [],
},
can_mention_group: 3,
creator_id: 4,
};
user_groups.initialize({
realm_user_groups: [admins, moderators, members, nobody, students],
});
override(realm, "realm_can_manage_all_groups", nobody.id);
page_params.is_spectator = true;
assert.ok(!settings_data.can_join_user_group(students.id));
page_params.is_spectator = false;
// admin user
override(current_user, "user_id", 1);
assert.ok(settings_data.can_join_user_group(students.id));
// moderator user
override(current_user, "user_id", 2);
assert.ok(!settings_data.can_join_user_group(students.id));
let event = {
group_id: students.id,
data: {
can_join_group: moderators.id,
},
};
user_groups.update(event);
assert.ok(settings_data.can_join_user_group(students.id));
override(current_user, "user_id", 1);
assert.ok(settings_data.can_join_user_group(students.id));
// Some other user.
override(current_user, "user_id", 5);
assert.ok(!settings_data.can_join_user_group(students.id));
event = {
group_id: students.id,
data: {
can_join_group: {
direct_members: [5],
direct_subgroups: [admins.id],
},
},
};
user_groups.update(event);
assert.ok(settings_data.can_join_user_group(students.id));
override(current_user, "user_id", 2);
assert.ok(!settings_data.can_join_user_group(students.id));
// User can join the group if they can add anyone in the group which
// depends on can_manage_group and realm.can_manage_all_groups settings.
override(current_user, "user_id", 4);
assert.ok(settings_data.can_join_user_group(students.id));
override(realm, "realm_can_manage_all_groups", moderators.id);
override(current_user, "user_id", 2);
assert.ok(settings_data.can_join_user_group(students.id));
});
run_test("can_leave_user_group", ({override}) => {
const admins = {
description: "Administrators",
name: "role:administrators",
id: 1,
members: new Set([1]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
can_join_group: 4,
can_leave_group: 4,
can_manage_group: 4,
can_mention_group: 1,
};
const moderators = {
description: "Moderators",
name: "role:moderators",
id: 2,
members: new Set([2]),
is_system_group: true,
direct_subgroup_ids: new Set([1]),
can_join_group: 4,
can_leave_group: 4,
can_manage_group: 4,
can_mention_group: 1,
};
const members = {
description: "Members",
name: "role:members",
id: 3,
members: new Set([3, 4]),
is_system_group: true,
direct_subgroup_ids: new Set([1, 2]),
can_join_group: 4,
can_leave_group: 4,
can_manage_group: 4,
can_mention_group: 4,
};
const nobody = {
description: "Nobody",
name: "role:nobody",
id: 4,
members: new Set([]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
can_join_group: 4,
can_leave_group: 4,
can_manage_group: 4,
can_mention_group: 2,
};
const students = {
description: "Students group",
name: "Students",
id: 5,
members: new Set([1, 2]),
is_system_group: false,
direct_subgroup_ids: new Set([4, 5]),
can_join_group: 1,
can_leave_group: 1,
can_manage_group: {
direct_members: [4],
direct_subgroups: [],
},
can_mention_group: 3,
creator_id: 4,
};
user_groups.initialize({
realm_user_groups: [admins, moderators, members, nobody, students],
});
override(realm, "realm_can_manage_all_groups", nobody.id);
page_params.is_spectator = true;
assert.ok(!settings_data.can_leave_user_group(students.id));
page_params.is_spectator = false;
// admin user
override(current_user, "user_id", 1);
assert.ok(settings_data.can_leave_user_group(students.id));
// moderator user
override(current_user, "user_id", 2);
assert.ok(!settings_data.can_leave_user_group(students.id));
let event = {
group_id: students.id,
data: {
can_leave_group: moderators.id,
},
};
user_groups.update(event);
assert.ok(settings_data.can_leave_user_group(students.id));
override(current_user, "user_id", 1);
assert.ok(settings_data.can_leave_user_group(students.id));
// Some other user.
override(current_user, "user_id", 5);
assert.ok(!settings_data.can_leave_user_group(students.id));
event = {
group_id: students.id,
data: {
can_leave_group: {
direct_members: [5],
direct_subgroups: [admins.id],
},
},
};
user_groups.update(event);
assert.ok(settings_data.can_leave_user_group(students.id));
override(current_user, "user_id", 2);
assert.ok(!settings_data.can_leave_user_group(students.id));
// User can leave the group if they can manage the group which
// depends on can_manage_group and realm.can_manage_all_groups settings.
override(current_user, "user_id", 4);
assert.ok(settings_data.can_leave_user_group(students.id));
override(realm, "realm_can_manage_all_groups", moderators.id);
override(current_user, "user_id", 2);
assert.ok(settings_data.can_leave_user_group(students.id));
});
run_test("can_add_members_user_group", () => {
const admins = {
description: "Administrators",
name: "role:administrators",
id: 1,
members: new Set([1]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
can_add_members_group: 4,
can_manage_group: 4,
can_mention_group: 1,
};
const moderators = {
description: "Moderators",
name: "role:moderators",
id: 2,
members: new Set([2]),
is_system_group: true,
direct_subgroup_ids: new Set([1]),
can_add_members_group: 4,
can_manage_group: 4,
can_mention_group: 1,
};
const members = {
description: "Members",
name: "role:members",
id: 3,
members: new Set([3, 4]),
is_system_group: true,
direct_subgroup_ids: new Set([1, 2]),
can_add_members_group: 4,
can_manage_group: 4,
can_mention_group: 4,
};
const nobody = {
description: "Nobody",
name: "role:nobody",
id: 4,
members: new Set([]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
can_add_members_group: 4,
can_manage_group: 4,
can_mention_group: 2,
};
const students = {
description: "Students group",
name: "Students",
id: 5,
members: new Set([1, 2]),
is_system_group: false,
direct_subgroup_ids: new Set([4, 5]),
can_add_members_group: 1,
can_manage_group: {
direct_members: [6],
direct_subgroups: [],
},
can_mention_group: 3,
creator_id: 4,
};
user_groups.initialize({
realm_user_groups: [admins, moderators, members, nobody, students],
});
realm.realm_can_manage_all_groups = nobody.id;
page_params.is_spectator = true;
assert.ok(!settings_data.can_add_members_to_user_group(students.id));
page_params.is_spectator = false;
// admin user
current_user.user_id = 1;
assert.ok(settings_data.can_add_members_to_user_group(students.id));
// moderator user
current_user.user_id = 2;
assert.ok(!settings_data.can_add_members_to_user_group(students.id));
let event = {
group_id: students.id,
data: {
can_add_members_group: moderators.id,
},
};
user_groups.update(event);
assert.ok(settings_data.can_add_members_to_user_group(students.id));
// Some other user.
current_user.user_id = 5;
assert.ok(!settings_data.can_add_members_to_user_group(students.id));
event = {
group_id: students.id,
data: {
can_add_members_group: {
direct_members: [5],
direct_subgroups: [admins.id],
},
},
};
user_groups.update(event);
assert.ok(settings_data.can_add_members_to_user_group(students.id));
// Users with permission to manage the group should be able to add
// members to the group without adding themselves to
// can_add_members_group.
current_user.user_id = 4;
assert.ok(!settings_data.can_add_members_to_user_group(students.id));
event = {
group_id: students.id,
data: {
can_manage_group: {
direct_members: [4],
},
},
};
user_groups.update(event);
assert.ok(settings_data.can_add_members_to_user_group(students.id));
});
run_test("type_id_to_string", () => {
page_params.bot_types = [
{
type_id: 1,
name: "Generic bot",
allowed: true,
},
{
type_id: 2,
name: "Incoming webhook",
allowed: true,
},
];
assert.equal(settings_data.bot_type_id_to_string(1), "Generic bot");
assert.equal(settings_data.bot_type_id_to_string(2), "Incoming webhook");
assert.equal(settings_data.bot_type_id_to_string(5), undefined);
});
run_test("user_can_access_all_other_users", ({override}) => {
const guest_user_id = 1;
const member_user_id = 2;
const members = {
name: "role:members",
id: 1,
members: new Set([member_user_id]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
};
const everyone = {
name: "role:everyone",
id: 2,
members: new Set([guest_user_id]),
is_system_group: true,
direct_subgroup_ids: new Set([1]),
};
user_groups.initialize({realm_user_groups: [members, everyone]});
override(realm, "realm_can_access_all_users_group", members.id);
// Test spectators case.
page_params.is_spectator = true;
assert.ok(settings_data.user_can_access_all_other_users());
page_params.is_spectator = false;
override(current_user, "user_id", member_user_id);
assert.ok(settings_data.user_can_access_all_other_users());
override(current_user, "user_id", guest_user_id);
assert.ok(!settings_data.user_can_access_all_other_users());
override(realm, "realm_can_access_all_users_group", everyone.id);
assert.ok(settings_data.user_can_access_all_other_users());
});
run_test("user_can_create_public_streams", () => {
test_realm_group_settings(
"realm_can_create_public_channel_group",
settings_data.user_can_create_public_streams,
);
});
run_test("user_can_create_user_groups", () => {
test_realm_group_settings("realm_can_create_groups", settings_data.user_can_create_user_groups);
});
run_test("user_can_manage_all_groups", () => {
test_realm_group_settings(
"realm_can_manage_all_groups",
settings_data.user_can_manage_all_groups,
);
});
run_test("user_can_create_private_streams", () => {
test_realm_group_settings(
"realm_can_create_private_channel_group",
settings_data.user_can_create_private_streams,
);
});
run_test("user_can_create_web_public_streams", ({override}) => {
override(realm, "server_web_public_streams_enabled", true);
override(realm, "realm_enable_spectator_access", true);
test_realm_group_settings(
"realm_can_create_web_public_channel_group",
settings_data.user_can_create_web_public_streams,
);
const owner_user_id = 4;
const owners = {
name: "Admins",
id: 3,
members: new Set([owner_user_id]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
};
override(current_user, "user_id", owner_user_id);
user_groups.initialize({realm_user_groups: [owners]});
override(realm, "server_web_public_streams_enabled", true);
override(realm, "realm_enable_spectator_access", true);
override(realm, "realm_can_create_web_public_channel_group", owners.id);
assert.equal(settings_data.user_can_create_web_public_streams(), true);
override(realm, "realm_enable_spectator_access", false);
override(realm, "server_web_public_streams_enabled", true);
assert.equal(settings_data.user_can_create_web_public_streams(), false);
override(realm, "realm_enable_spectator_access", true);
override(realm, "server_web_public_streams_enabled", false);
assert.equal(settings_data.user_can_create_web_public_streams(), false);
override(realm, "realm_enable_spectator_access", false);
override(realm, "server_web_public_streams_enabled", false);
assert.equal(settings_data.user_can_create_web_public_streams(), false);
});
run_test("guests_can_access_all_other_users", () => {
const guest_user_id = 1;
const member_user_id = 2;
const members = {
name: "role:members",
id: 1,
members: new Set([member_user_id]),
is_system_group: true,
direct_subgroup_ids: new Set([]),
};
const everyone = {
name: "role:everyone",
id: 2,
members: new Set([guest_user_id]),
is_system_group: true,
direct_subgroup_ids: new Set([1]),
};
user_groups.initialize({realm_user_groups: [members]});
realm.realm_can_access_all_users_group = members.id;
assert.ok(!settings_data.guests_can_access_all_other_users());
user_groups.initialize({realm_user_groups: [members, everyone]});
realm.realm_can_access_all_users_group = everyone.id;
assert.ok(settings_data.guests_can_access_all_other_users());
});