mirror of https://github.com/zulip/zulip.git
org_settings: Add backend support to change bot role.
This commit attempts to add the backend support by extending the /json/bots/{bot_id}/ url support to accept the role field as a parameter. This was previously already possible via `/json/users/{user_id}`, so this change just simplifies client implementation.
This commit is contained in:
parent
0b92e4c22f
commit
0b1f8c05e3
|
@ -20,6 +20,12 @@ format used by the Zulip server that they are interacting with.
|
||||||
|
|
||||||
## Changes in Zulip 6.0
|
## Changes in Zulip 6.0
|
||||||
|
|
||||||
|
**Feature level 130**
|
||||||
|
|
||||||
|
* `PATCH /bots/{bot_user_id}`: Added support for changing a bot's role
|
||||||
|
via this endpoint. Previously, this could only be done via [`PATCH
|
||||||
|
/users/{user_id}`](/api/update-user).
|
||||||
|
|
||||||
**Feature level 129**
|
**Feature level 129**
|
||||||
|
|
||||||
* [`POST /register`](/api/register-queue),
|
* [`POST /register`](/api/register-queue),
|
||||||
|
|
|
@ -33,7 +33,7 @@ DESKTOP_WARNING_VERSION = "5.4.3"
|
||||||
# Changes should be accompanied by documentation explaining what the
|
# Changes should be accompanied by documentation explaining what the
|
||||||
# new level means in templates/zerver/api/changelog.md, as well as
|
# new level means in templates/zerver/api/changelog.md, as well as
|
||||||
# "**Changes**" entries in the endpoint's documentation in `zulip.yaml`.
|
# "**Changes**" entries in the endpoint's documentation in `zulip.yaml`.
|
||||||
API_FEATURE_LEVEL = 129
|
API_FEATURE_LEVEL = 130
|
||||||
|
|
||||||
# Bump the minor PROVISION_VERSION to indicate that folks should provision
|
# Bump the minor PROVISION_VERSION to indicate that folks should provision
|
||||||
# only when going from an old version of the code to a newer version. Bump
|
# only when going from an old version of the code to a newer version. Bump
|
||||||
|
|
|
@ -10,7 +10,7 @@ from zulip_bots.custom_exceptions import ConfigValidationError
|
||||||
|
|
||||||
from zerver.actions.realm_settings import do_set_realm_property
|
from zerver.actions.realm_settings import do_set_realm_property
|
||||||
from zerver.actions.streams import do_change_stream_permission
|
from zerver.actions.streams import do_change_stream_permission
|
||||||
from zerver.actions.users import do_change_can_create_users, do_deactivate_user
|
from zerver.actions.users import do_change_can_create_users, do_change_user_role, do_deactivate_user
|
||||||
from zerver.lib.bot_config import ConfigError, get_bot_config
|
from zerver.lib.bot_config import ConfigError, get_bot_config
|
||||||
from zerver.lib.bot_lib import get_bot_handler
|
from zerver.lib.bot_lib import get_bot_handler
|
||||||
from zerver.lib.integrations import EMBEDDED_BOTS, WebhookIntegration
|
from zerver.lib.integrations import EMBEDDED_BOTS, WebhookIntegration
|
||||||
|
@ -1169,6 +1169,31 @@ class BotTest(ZulipTestCase, UploadSerializeMixin):
|
||||||
bot = self.get_bot()
|
bot = self.get_bot()
|
||||||
self.assertEqual(None, bot["default_sending_stream"])
|
self.assertEqual(None, bot["default_sending_stream"])
|
||||||
|
|
||||||
|
def test_patch_bot_role(self) -> None:
|
||||||
|
self.login("desdemona")
|
||||||
|
|
||||||
|
email = "default-bot@zulip.com"
|
||||||
|
user_profile = self.get_bot_user(email)
|
||||||
|
|
||||||
|
do_change_user_role(user_profile, UserProfile.ROLE_MEMBER, acting_user=user_profile)
|
||||||
|
|
||||||
|
req = dict(role=UserProfile.ROLE_GUEST)
|
||||||
|
|
||||||
|
result = self.client_patch(f"/json/bots/{self.get_bot_user(email).id}", req)
|
||||||
|
self.assert_json_success(result)
|
||||||
|
|
||||||
|
user_profile = self.get_bot_user(email)
|
||||||
|
self.assertEqual(user_profile.role, UserProfile.ROLE_GUEST)
|
||||||
|
|
||||||
|
# Test for not allowing a non-owner user to make assign a bot an owner role
|
||||||
|
desdemona = self.example_user("desdemona")
|
||||||
|
do_change_user_role(desdemona, UserProfile.ROLE_REALM_ADMINISTRATOR, acting_user=None)
|
||||||
|
|
||||||
|
req = dict(role=UserProfile.ROLE_REALM_OWNER)
|
||||||
|
|
||||||
|
result = self.client_patch(f"/json/bots/{self.get_bot_user(email).id}", req)
|
||||||
|
self.assert_json_error(result, "Must be an organization owner")
|
||||||
|
|
||||||
def test_patch_bot_to_stream_private_allowed(self) -> None:
|
def test_patch_bot_to_stream_private_allowed(self) -> None:
|
||||||
self.login("hamlet")
|
self.login("hamlet")
|
||||||
user_profile = self.example_user("hamlet")
|
user_profile = self.example_user("hamlet")
|
||||||
|
|
|
@ -193,6 +193,8 @@ def update_user_backend(
|
||||||
# grant/remove the role in question. access_user_by_id has
|
# grant/remove the role in question. access_user_by_id has
|
||||||
# already verified we're an administrator; here we enforce
|
# already verified we're an administrator; here we enforce
|
||||||
# that only owners can toggle the is_realm_owner flag.
|
# that only owners can toggle the is_realm_owner flag.
|
||||||
|
#
|
||||||
|
# Logic replicated in patch_bot_backend.
|
||||||
if UserProfile.ROLE_REALM_OWNER in [role, target.role] and not user_profile.is_realm_owner:
|
if UserProfile.ROLE_REALM_OWNER in [role, target.role] and not user_profile.is_realm_owner:
|
||||||
raise OrganizationOwnerRequired()
|
raise OrganizationOwnerRequired()
|
||||||
|
|
||||||
|
@ -302,6 +304,12 @@ def patch_bot_backend(
|
||||||
user_profile: UserProfile,
|
user_profile: UserProfile,
|
||||||
bot_id: int,
|
bot_id: int,
|
||||||
full_name: Optional[str] = REQ(default=None),
|
full_name: Optional[str] = REQ(default=None),
|
||||||
|
role: Optional[int] = REQ(
|
||||||
|
default=None,
|
||||||
|
json_validator=check_int_in(
|
||||||
|
UserProfile.ROLE_TYPES,
|
||||||
|
),
|
||||||
|
),
|
||||||
bot_owner_id: Optional[int] = REQ(json_validator=check_int, default=None),
|
bot_owner_id: Optional[int] = REQ(json_validator=check_int, default=None),
|
||||||
config_data: Optional[Dict[str, str]] = REQ(
|
config_data: Optional[Dict[str, str]] = REQ(
|
||||||
default=None, json_validator=check_dict(value_validator=check_string)
|
default=None, json_validator=check_dict(value_validator=check_string)
|
||||||
|
@ -316,6 +324,14 @@ def patch_bot_backend(
|
||||||
|
|
||||||
if full_name is not None:
|
if full_name is not None:
|
||||||
check_change_bot_full_name(bot, full_name, user_profile)
|
check_change_bot_full_name(bot, full_name, user_profile)
|
||||||
|
|
||||||
|
if role is not None and bot.role != role:
|
||||||
|
# Logic duplicated from update_user_backend.
|
||||||
|
if UserProfile.ROLE_REALM_OWNER in [role, bot.role] and not user_profile.is_realm_owner:
|
||||||
|
raise OrganizationOwnerRequired()
|
||||||
|
|
||||||
|
do_change_user_role(bot, role, acting_user=user_profile)
|
||||||
|
|
||||||
if bot_owner_id is not None:
|
if bot_owner_id is not None:
|
||||||
try:
|
try:
|
||||||
owner = get_user_profile_by_id_in_realm(bot_owner_id, user_profile.realm)
|
owner = get_user_profile_by_id_in_realm(bot_owner_id, user_profile.realm)
|
||||||
|
|
Loading…
Reference in New Issue