Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

models: Add create_web_public_stream_policy setting. 

This commit adds create_web_public_stream_policy
field to Realm table which controls the roles that
can create web-public streams and by default its
value is set to POLICY_OWNERS_ONLY.
This commit is contained in:
Sahil Batra 2021-10-04 12:03:31 +05:30 committed by Tim Abbott
parent be0387b189
commit 5f950e3efd
8 changed files with 65 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
templates/zerver/api/changelog.md
View File

@ -11,6 +11,12 @@ below features are supported.
## Changes in Zulip 5.0 ## Changes in Zulip 5.0
**Feature level 103**
* [`POST /register`](/api/register-queue): Added `create_web_public_stream_policy`
policy for which users can create web public streams.
* [`PATCH /realm`]: Added support for updating `create_web_public_stream_policy`.
**Feature level 102** **Feature level 102**
* [`POST /register`](/api/register-queue), `PATCH /realm`: The * [`POST /register`](/api/register-queue), `PATCH /realm`: The

18
zerver/migrations/0361_realm_create_web_public_stream_policy.py Normal file
View File

@ -0,0 +1,18 @@
# Generated by Django 3.2.7 on 2021-10-04 06:23
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("zerver", "0360_merge_0358_0359"),
]
operations = [
migrations.AddField(
model_name="realm",
name="create_web_public_stream_policy",
field=models.PositiveSmallIntegerField(default=7),
),
]

15
zerver/models.py
View File

@ -263,6 +263,7 @@ class Realm(models.Model):
POLICY_MODERATORS_ONLY = 4 POLICY_MODERATORS_ONLY = 4
POLICY_EVERYONE = 5 POLICY_EVERYONE = 5
POLICY_NOBODY = 6 POLICY_NOBODY = 6
POLICY_OWNERS_ONLY = 7
COMMON_POLICY_TYPES = [ COMMON_POLICY_TYPES = [
POLICY_MEMBERS_ONLY, POLICY_MEMBERS_ONLY,
@ -287,6 +288,16 @@ class Realm(models.Model):
POLICY_NOBODY, POLICY_NOBODY,
] ]
# We don't allow granting roles less than Moderator access to
# create web-public streams, since it's a sensitive feature that
# can be used to send spam.
CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES = [
POLICY_ADMINS_ONLY,
POLICY_MODERATORS_ONLY,
POLICY_OWNERS_ONLY,
POLICY_NOBODY,
]
DEFAULT_COMMUNITY_TOPIC_EDITING_LIMIT_SECONDS = 259200 DEFAULT_COMMUNITY_TOPIC_EDITING_LIMIT_SECONDS = 259200
# Who in the organization is allowed to add custom emojis. # Who in the organization is allowed to add custom emojis.
@ -297,6 +308,9 @@ class Realm(models.Model):
create_private_stream_policy: int = models.PositiveSmallIntegerField( create_private_stream_policy: int = models.PositiveSmallIntegerField(
default=POLICY_MEMBERS_ONLY default=POLICY_MEMBERS_ONLY
) )
create_web_public_stream_policy: int = models.PositiveSmallIntegerField(
default=POLICY_OWNERS_ONLY
)
# Who in the organization is allowed to delete messages they themselves sent. # Who in the organization is allowed to delete messages they themselves sent.
delete_own_message_policy: bool = models.PositiveSmallIntegerField(default=POLICY_ADMINS_ONLY) delete_own_message_policy: bool = models.PositiveSmallIntegerField(default=POLICY_ADMINS_ONLY)
@ -611,6 +625,7 @@ class Realm(models.Model):
bot_creation_policy=int, bot_creation_policy=int,
create_public_stream_policy=int, create_public_stream_policy=int,
create_private_stream_policy=int, create_private_stream_policy=int,
create_web_public_stream_policy=int,
invite_to_stream_policy=int, invite_to_stream_policy=int,
move_messages_between_streams_policy=int, move_messages_between_streams_policy=int,
default_language=str, default_language=str,

19
zerver/openapi/zulip.yaml
View File

@ -10405,6 +10405,25 @@ paths:
**Changes**: Before Zulip 5.0 (feature level 102), permission to **Changes**: Before Zulip 5.0 (feature level 102), permission to
create streams was controlled by the `realm_create_stream_policy` setting. create streams was controlled by the `realm_create_stream_policy` setting.
realm_create_web_public_stream_policy:
type: integer
description: |
Present if `realm` is present in `fetch_event_types`.
Has no effect and should not be displayed in settings UI
unless the Zulip server has the `WEB_PUBLIC_STREAMS_ENABLED`
server-level setting enabled.
The policy for which users can create web
public streams in this organization. Allowed
values are:
- 2 = admins only
- 4 = admins and moderators only
- 6 = nobody
- 7 = owners only
**Changes**: Added in Zulip 5.0 (feature level 103).
realm_invite_to_stream_policy: realm_invite_to_stream_policy:
type: integer type: integer
description: | description: |

1
zerver/tests/test_events.py
View File

@ -2149,6 +2149,7 @@ class RealmPropertyActionTest(BaseAction):
waiting_period_threshold=[10, 20], waiting_period_threshold=[10, 20],
create_public_stream_policy=Realm.COMMON_POLICY_TYPES, create_public_stream_policy=Realm.COMMON_POLICY_TYPES,
create_private_stream_policy=Realm.COMMON_POLICY_TYPES, create_private_stream_policy=Realm.COMMON_POLICY_TYPES,
create_web_public_stream_policy=Realm.CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES,
invite_to_stream_policy=Realm.COMMON_POLICY_TYPES, invite_to_stream_policy=Realm.COMMON_POLICY_TYPES,
private_message_policy=Realm.PRIVATE_MESSAGE_POLICY_TYPES, private_message_policy=Realm.PRIVATE_MESSAGE_POLICY_TYPES,
user_group_edit_policy=Realm.COMMON_POLICY_TYPES, user_group_edit_policy=Realm.COMMON_POLICY_TYPES,

1
zerver/tests/test_home.py
View File

@ -116,6 +116,7 @@ class HomeTest(ZulipTestCase):
"realm_community_topic_editing_limit_seconds", "realm_community_topic_editing_limit_seconds",
"realm_create_private_stream_policy", "realm_create_private_stream_policy",
"realm_create_public_stream_policy", "realm_create_public_stream_policy",
"realm_create_web_public_stream_policy",
"realm_default_code_block_language", "realm_default_code_block_language",
"realm_default_external_accounts", "realm_default_external_accounts",
"realm_default_language", "realm_default_language",

2
zerver/tests/test_realm.py
View File

@ -497,6 +497,7 @@ class RealmTest(ZulipTestCase):
bot_creation_policy=10, bot_creation_policy=10,
create_public_stream_policy=10, create_public_stream_policy=10,
create_private_stream_policy=10, create_private_stream_policy=10,
create_web_public_stream_policy=10,
invite_to_stream_policy=10, invite_to_stream_policy=10,
email_address_visibility=10, email_address_visibility=10,
message_retention_days=10, message_retention_days=10,
@ -848,6 +849,7 @@ class RealmAPITest(ZulipTestCase):
waiting_period_threshold=[10, 20], waiting_period_threshold=[10, 20],
create_private_stream_policy=Realm.COMMON_POLICY_TYPES, create_private_stream_policy=Realm.COMMON_POLICY_TYPES,
create_public_stream_policy=Realm.COMMON_POLICY_TYPES, create_public_stream_policy=Realm.COMMON_POLICY_TYPES,
create_web_public_stream_policy=Realm.CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES,
user_group_edit_policy=Realm.COMMON_POLICY_TYPES, user_group_edit_policy=Realm.COMMON_POLICY_TYPES,
private_message_policy=Realm.PRIVATE_MESSAGE_POLICY_TYPES, private_message_policy=Realm.PRIVATE_MESSAGE_POLICY_TYPES,
invite_to_stream_policy=Realm.COMMON_POLICY_TYPES, invite_to_stream_policy=Realm.COMMON_POLICY_TYPES,

3
zerver/views/realm.py
View File

@ -106,6 +106,9 @@ def update_realm(
create_private_stream_policy: Optional[int] = REQ( create_private_stream_policy: Optional[int] = REQ(
json_validator=check_int_in(Realm.COMMON_POLICY_TYPES), default=None json_validator=check_int_in(Realm.COMMON_POLICY_TYPES), default=None
), ),
create_web_public_stream_policy: Optional[int] = REQ(
json_validator=check_int_in(Realm.CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES), default=None
),
invite_to_stream_policy: Optional[int] = REQ( invite_to_stream_policy: Optional[int] = REQ(
json_validator=check_int_in(Realm.COMMON_POLICY_TYPES), default=None json_validator=check_int_in(Realm.COMMON_POLICY_TYPES), default=None
), ),