diff --git a/api_docs/changelog.md b/api_docs/changelog.md index 97912e8bc1..ed94acfed2 100644 --- a/api_docs/changelog.md +++ b/api_docs/changelog.md @@ -26,6 +26,15 @@ format used by the Zulip server that they are interacting with. [`GET /events`](/api/get-events): Added `can_create_web_public_channel_group` realm setting, which is a [group-setting value](/api/group-setting-values) describing the set of users with permission to create web-public channels. +* `PATCH /realm`, [`GET /events`](/api/get-events): Removed + `create_web_public_stream_policy` property, as the permission to create + web-public channels is now controlled by `can_create_web_public_channel_group` + setting. +* [`POST /register`](/api/register-queue): `realm_create_web_public_stream_policy` + field is deprecated, having been replaced by `can_create_web_public_channel_group`. + Notably, this backwards-compatible `realm_create_web_public_stream_policy` value + now contains the superset of the true value that best approximates the actual + permission setting. Feature levels 278-279 are reserved for future use in 9.x maintenance releases. diff --git a/version.py b/version.py index 25bba0b4d0..cb5d808894 100644 --- a/version.py +++ b/version.py @@ -34,7 +34,7 @@ DESKTOP_WARNING_VERSION = "5.9.3" # new level means in api_docs/changelog.md, as well as "**Changes**" # entries in the endpoint's documentation in `zulip.yaml`. -API_FEATURE_LEVEL = 277 # Last bumped for Zulip 9.0 +API_FEATURE_LEVEL = 280 # Last bumped for can_create_web_public_channel_group # Bump the minor PROVISION_VERSION to indicate that folks should provision diff --git a/zerver/lib/events.py b/zerver/lib/events.py index e13d12c682..adcf030d05 100644 --- a/zerver/lib/events.py +++ b/zerver/lib/events.py @@ -303,6 +303,13 @@ def fetch_initial_state_data( realm, "can_create_private_channel_group", Realm.COMMON_POLICY_TYPES ) ) + state["realm_create_web_public_stream_policy"] = ( + get_corresponding_policy_value_for_group_setting( + realm, + "can_create_web_public_channel_group", + Realm.CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES, + ) + ) # Most state is handled via the property_types framework; # these manual entries are for those realm settings that don't @@ -1287,6 +1294,13 @@ def apply_event( ) state["can_create_private_streams"] = user_profile.has_permission(key) else: + state["realm_create_web_public_stream_policy"] = ( + get_corresponding_policy_value_for_group_setting( + user_profile.realm, + "can_create_web_public_channel_group", + Realm.CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES, + ) + ) state["can_create_web_public_streams"] = user_profile.has_permission(key) state["can_create_streams"] = ( diff --git a/zerver/migrations/0562_remove_realm_create_web_public_stream_policy.py b/zerver/migrations/0562_remove_realm_create_web_public_stream_policy.py new file mode 100644 index 0000000000..b5d6b4ef86 --- /dev/null +++ b/zerver/migrations/0562_remove_realm_create_web_public_stream_policy.py @@ -0,0 +1,16 @@ +# Generated by Django 5.0.6 on 2024-07-26 07:18 + +from django.db import migrations + + +class Migration(migrations.Migration): + dependencies = [ + ("zerver", "0561_alter_realm_can_create_web_public_channel_group"), + ] + + operations = [ + migrations.RemoveField( + model_name="realm", + name="create_web_public_stream_policy", + ), + ] diff --git a/zerver/models/realms.py b/zerver/models/realms.py index e06a869af6..947e62e0c3 100644 --- a/zerver/models/realms.py +++ b/zerver/models/realms.py @@ -298,10 +298,6 @@ class Realm(models.Model): # type: ignore[django-manager-missing] # django-stub ) # Who in the organization is allowed to create streams. - create_web_public_stream_policy = models.PositiveSmallIntegerField( - default=CreateWebPublicStreamPolicyEnum.OWNERS_ONLY - ) - can_create_public_channel_group = models.ForeignKey( "UserGroup", on_delete=models.RESTRICT, related_name="+" ) @@ -649,7 +645,6 @@ class Realm(models.Model): # type: ignore[django-manager-missing] # django-stub allow_message_editing=bool, avatar_changes_disabled=bool, bot_creation_policy=int, - create_web_public_stream_policy=int, default_code_block_language=str, default_language=str, delete_own_message_policy=int, @@ -1188,6 +1183,12 @@ def get_corresponding_policy_value_for_group_setting( # If the group setting is not set to one of the role based groups # that the previous enum setting allowed, then just return the # enum value corresponding to largest group. + if group_setting_name == "can_create_web_public_channel_group": + # Largest group allowed to create web-public channels is + # moderators group. + assert valid_policy_enums == Realm.CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES + return Realm.POLICY_MODERATORS_ONLY + assert valid_policy_enums == Realm.COMMON_POLICY_TYPES return Realm.POLICY_MEMBERS_ONLY diff --git a/zerver/models/users.py b/zerver/models/users.py index 16a01729b2..5fd6291891 100644 --- a/zerver/models/users.py +++ b/zerver/models/users.py @@ -782,7 +782,6 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings): "can_create_public_channel_group", "can_create_web_public_channel_group", "create_multiuse_invite_group", - "create_web_public_stream_policy", "delete_own_message_policy", "direct_message_initiator_group", "direct_message_permission_group", diff --git a/zerver/openapi/zulip.yaml b/zerver/openapi/zulip.yaml index 1a3ffb2081..7d1ec4828f 100644 --- a/zerver/openapi/zulip.yaml +++ b/zerver/openapi/zulip.yaml @@ -4298,13 +4298,6 @@ paths: **Changes**: New in Zulip 10.0 (feature level 280). Previously `realm_create_web_public_stream_policy` field used to control the permission to create web-public channels. - create_web_public_stream_policy: - type: integer - description: | - The [policy](/api/roles-and-permissions#permission-levels) - for which users can create web public channels in this organization. - - **Changes**: New in Zulip 5.0 (feature level 103). default_code_block_language: type: string description: | @@ -4409,8 +4402,8 @@ paths: Can only be enabled if the `WEB_PUBLIC_STREAMS_ENABLED` [server setting][server-settings] is enabled on the Zulip - server. See also the `create_web_public_stream_policy` realm - setting. + server. See also the `can_create_web_public_channel_group` + realm setting. [server-settings]: https://zulip.readthedocs.io/en/stable/production/settings.html @@ -9719,7 +9712,7 @@ paths: to be enabled on the Zulip server in question, the organization to have enabled the `enable_spectator_access` realm setting, and the current use to have permission under the organization's - `create_web_public_stream_policy` realm setting. + `can_create_web_public_channel_group` realm setting. [server-settings]: https://zulip.readthedocs.io/en/stable/production/settings.html @@ -15535,23 +15528,28 @@ paths: [calc-full-member]: /api/roles-and-permissions#determining-if-a-user-is-a-full-member realm_create_web_public_stream_policy: type: integer + deprecated: true description: | Present if `realm` is present in `fetch_event_types`. - Has no effect and should not be displayed in settings UI - unless the Zulip server has the `WEB_PUBLIC_STREAMS_ENABLED` - server-level setting enabled and the organization has enabled - the `enable_spectator_access` realm setting. + A deprecated representation of a superset of the users who + have permission to create web-public channels in the + organization, available for backwards-compatibility. Clients + should use `can_create_web_public_channel_group` instead. - The [policy][permission-level] for which users can create web - public channels in this organization. Allowed - values are: + It is an enum with the following possible values, corresponding + to roles/system groups: - 2 = Admins only - 4 = Admins and moderators only - 6 = Nobody - 7 = Owners only + **Changes**: Deprecated in Zulip 10.0 (feature level 280) and + replaced by `realm_can_create_web_public_channel_group`, which + supports finer resolution of configurations, resulting in this + property being inaccurate following that transition. + **Changes**: Added in Zulip 5.0 (feature level 103). [permission-level]: /api/roles-and-permissions#permission-levels @@ -15786,7 +15784,7 @@ paths: Can only be enabled if the `WEB_PUBLIC_STREAMS_ENABLED` [server setting][server-settings] is enabled on the Zulip - server. See also the `create_web_public_stream_policy` realm + server. See also the `can_create_web_public_channel_group` realm setting. **Changes**: New in Zulip 5.0 (feature level 109). @@ -18943,7 +18941,7 @@ paths: to be enabled on the Zulip server in question, the organization to have enabled the `enable_spectator_access` realm setting, and the current use to have permission under the organization's - `create_web_public_stream_policy` realm setting. + `can_create_web_public_channel_group` realm setting. [server-settings]: https://zulip.readthedocs.io/en/stable/production/settings.html diff --git a/zerver/tests/test_events.py b/zerver/tests/test_events.py index b5f763b359..e218653697 100644 --- a/zerver/tests/test_events.py +++ b/zerver/tests/test_events.py @@ -3440,7 +3440,6 @@ class RealmPropertyActionTest(BaseAction): message_retention_days=[10, 20], name=["Zulip", "New Name"], waiting_period_threshold=[1000, 2000], - create_web_public_stream_policy=Realm.CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES, invite_to_stream_policy=Realm.COMMON_POLICY_TYPES, user_group_edit_policy=Realm.COMMON_POLICY_TYPES, wildcard_mention_policy=Realm.WILDCARD_MENTION_POLICY_TYPES, diff --git a/zerver/tests/test_realm.py b/zerver/tests/test_realm.py index 8dda00cdba..fea0eba0b8 100644 --- a/zerver/tests/test_realm.py +++ b/zerver/tests/test_realm.py @@ -841,7 +841,6 @@ class RealmTest(ZulipTestCase): invalid_values = dict( bot_creation_policy=10, - create_web_public_stream_policy=10, invite_to_stream_policy=10, message_retention_days=10, video_chat_provider=10, @@ -1558,7 +1557,6 @@ class RealmAPITest(ZulipTestCase): message_retention_days=[10, 20], name=["Zulip", "New Name"], waiting_period_threshold=[10, 20], - create_web_public_stream_policy=Realm.CREATE_WEB_PUBLIC_STREAM_POLICY_TYPES, user_group_edit_policy=Realm.COMMON_POLICY_TYPES, invite_to_stream_policy=Realm.COMMON_POLICY_TYPES, wildcard_mention_policy=Realm.WILDCARD_MENTION_POLICY_TYPES, diff --git a/zerver/views/realm.py b/zerver/views/realm.py index 3a0e0423e6..68bce2a3d5 100644 --- a/zerver/views/realm.py +++ b/zerver/views/realm.py @@ -53,7 +53,6 @@ from zerver.models.realms import ( BotCreationPolicyEnum, CommonMessagePolicyEnum, CommonPolicyEnum, - CreateWebPublicStreamPolicyEnum, DigestWeekdayEnum, EditTopicPolicyEnum, InviteToRealmPolicyEnum, @@ -147,7 +146,6 @@ def update_realm( can_create_web_public_channel_group: Json[GroupSettingChangeRequest] | None = None, direct_message_initiator_group: Json[GroupSettingChangeRequest] | None = None, direct_message_permission_group: Json[GroupSettingChangeRequest] | None = None, - create_web_public_stream_policy: Json[CreateWebPublicStreamPolicyEnum] | None = None, invite_to_stream_policy: Json[CommonPolicyEnum] | None = None, move_messages_between_streams_policy: Json[MoveMessagesBetweenStreamsPolicyEnum] | None = None, user_group_edit_policy: Json[CommonPolicyEnum] | None = None,