setting: Allow changing "can_access_all_users_group" setting in prod.

We now allow changing "can_access_all_users_group" setting in production.
2023-12-10 13:39:58 +05:30 · 2023-12-10 13:39:58 +05:30 · 49470af46e
parent b2b36ff37b
commit 49470af46e
3 changed files with 0 additions and 30 deletions
--- a/web/templates/settings/organization_permissions_admin.hbs
+++ b/web/templates/settings/organization_permissions_admin.hbs
@ -295,12 +295,10 @@
                  is_checked=realm_enable_guest_user_indicator
                  label=admin_settings_label.realm_enable_guest_user_indicator}}

-                {{#if development}}
                {{> ../dropdown_widget_with_label
                  widget_name="realm_can_access_all_users_group"
                  label=(t 'Who can view all other users in the organization')
                  value_type="number"}}
-                {{/if}}
            </div>
        </div>

--- a/zerver/tests/test_realm.py
+++ b/zerver/tests/test_realm.py
@ -1386,30 +1386,6 @@ class RealmAPITest(ZulipTestCase):
            with self.subTest(property=prop):
                self.do_test_realm_permission_group_setting_update_api(prop)

-    def test_update_can_access_all_users_group_setting(self) -> None:
-        realm = get_realm("zulip")
-        self.login("iago")
-        members_group = UserGroup.objects.get(realm=realm, name=SystemGroups.MEMBERS)
-
-        with self.settings(DEVELOPMENT=False):
-            with self.assertRaises(AssertionError), self.assertLogs(
-                "django.request", "ERROR"
-            ) as error_log:
-                self.client_patch("/json/realm", {"can_access_all_users_group": members_group.id})
-
-        self.assertTrue(
-            "ERROR:django.request:Internal Server Error: /json/realm" in error_log.output[0]
-        )
-        self.assertTrue("AssertionError" in error_log.output[0])
-
-        with self.settings(DEVELOPMENT=True):
-            result = self.client_patch(
-                "/json/realm", {"can_access_all_users_group": members_group.id}
-            )
-            self.assert_json_success(result)
-            realm = get_realm("zulip")
-            self.assertEqual(realm.can_access_all_users_group_id, members_group.id)
-
    # Not in Realm.property_types because org_type has
    # a unique RealmAuditLog event_type.
    def test_update_realm_org_type(self) -> None:
--- a/zerver/views/realm.py
+++ b/zerver/views/realm.py
@ -1,6 +1,5 @@
 from typing import Any, Dict, Mapping, Optional, Union

-from django.conf import settings
 from django.core.exceptions import ValidationError
 from django.http import HttpRequest, HttpResponse
 from django.shortcuts import render
@ -236,9 +235,6 @@ def update_realm(
        realm.ensure_not_on_limited_plan()

    if can_access_all_users_group_id is not None:
-        # Remove this when the feature is ready for production.
-        assert settings.DEVELOPMENT
-
        realm.can_enable_restricted_user_access_for_guests()

    data: Dict[str, Any] = {}