realm: Allow only owners to set message retention policy for a realm.

This commits adds restriction on admins to set message retention policy.
We now only allow only organization owners to set message retention
policy.

Dropdown for changing retention policy is disabled in UI for admins also.
This commit is contained in:
sahil839 2020-06-12 00:46:53 +05:30 committed by Tim Abbott
parent 87e72ac8e2
commit 18429cfd29
5 changed files with 16 additions and 2 deletions

View File

@ -23,6 +23,7 @@ exports.maybe_disable_widgets = function () {
if (page_params.is_admin) { if (page_params.is_admin) {
$("#deactivate_realm_button").attr("disabled", true); $("#deactivate_realm_button").attr("disabled", true);
$("#org-message-retention").find("input, select").attr("disabled", true);
return; return;
} }

View File

@ -150,7 +150,10 @@
<div class="inline-block organization-settings-parent"> <div class="inline-block organization-settings-parent">
<div class="input-group"> <div class="input-group">
<label for="id_realm_message_retention_setting" class="dropdown-title">{{t "Message retention period" }}</label> <label for="id_realm_message_retention_setting" class="dropdown-title">{{t "Message retention period" }}
<i class="fa fa-info-circle settings-info-icon realm_allow_message_deleting_tooltip" data-toggle="tooltip"
aria-hidden="true" title="{{t 'Only owners can change message retention policy.' }}"></i>
</label>
<select name="realm_message_retention_setting" <select name="realm_message_retention_setting"
id="id_realm_message_retention_setting" class="prop-element" id="id_realm_message_retention_setting" class="prop-element"
{{#unless zulip_plan_is_not_limited}}disabled{{/unless}}> {{#unless zulip_plan_is_not_limited}}disabled{{/unless}}>

View File

@ -1,5 +1,7 @@
# Message retention policy (beta) # Message retention policy (beta)
{!owner-only.md!}
By default, Zulip stores messages indefinitely, allowing full-text By default, Zulip stores messages indefinitely, allowing full-text
search of your complete history. search of your complete history.

View File

@ -634,6 +634,12 @@ class RealmTest(ZulipTestCase):
realm = get_realm('zulip') realm = get_realm('zulip')
self.assertEqual(realm.plan_type, Realm.SELF_HOSTED) self.assertEqual(realm.plan_type, Realm.SELF_HOSTED)
req = dict(message_retention_days=ujson.dumps(10))
result = self.client_patch('/json/realm', req)
self.assert_json_error(result, "Only organization owners can change message retention period.")
self.login('desdemona')
req = dict(message_retention_days=ujson.dumps(0)) req = dict(message_retention_days=ujson.dumps(0))
result = self.client_patch('/json/realm', req) result = self.client_patch('/json/realm', req)
self.assert_json_error(result, "Bad value for 'message_retention_days': 0") self.assert_json_error(result, "Bad value for 'message_retention_days': 0")
@ -666,7 +672,7 @@ class RealmAPITest(ZulipTestCase):
def setUp(self) -> None: def setUp(self) -> None:
super().setUp() super().setUp()
self.login('iago') self.login('desdemona')
def set_up_db(self, attr: str, value: Any) -> None: def set_up_db(self, attr: str, value: Any) -> None:
realm = get_realm('zulip') realm = get_realm('zulip')

View File

@ -113,6 +113,8 @@ def update_realm(
return json_error(_('Invalid domain: {}').format(e.messages[0])) return json_error(_('Invalid domain: {}').format(e.messages[0]))
if message_retention_days is not None: if message_retention_days is not None:
if not user_profile.is_realm_owner:
return json_error(_("Only organization owners can change message retention period."))
realm.ensure_not_on_limited_plan() realm.ensure_not_on_limited_plan()
# The user of `locals()` here is a bit of a code smell, but it's # The user of `locals()` here is a bit of a code smell, but it's