invite: Add 'Nobody' option to invite_to_realm_policy in backend.

2021-07-18 13:41:58 +05:30 · 2021-07-18 13:41:58 +05:30 · 8ced74192a
parent ace527af0a
commit 8ced74192a
6 changed files with 36 additions and 7 deletions
--- a/zerver/models.py
+++ b/zerver/models.py
@ -256,6 +256,7 @@ class Realm(models.Model):
    POLICY_FULL_MEMBERS_ONLY = 3
    POLICY_MODERATORS_ONLY = 4
    POLICY_EVERYONE = 5
+    POLICY_NOBODY = 6

    COMMON_POLICY_TYPES = [
        POLICY_MEMBERS_ONLY,
@ -272,6 +273,14 @@ class Realm(models.Model):
        POLICY_EVERYONE,
    ]

+    INVITE_TO_REALM_POLICY_TYPES = [
+        POLICY_MEMBERS_ONLY,
+        POLICY_ADMINS_ONLY,
+        POLICY_FULL_MEMBERS_ONLY,
+        POLICY_MODERATORS_ONLY,
+        POLICY_NOBODY,
+    ]
+
    DEFAULT_COMMUNITY_TOPIC_EDITING_LIMIT_SECONDS = 259200

    # Who in the organization is allowed to create streams.
@ -1743,10 +1752,13 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings):
        ]:
            raise AssertionError("Invalid policy")

+        policy_value = getattr(self.realm, policy_name)
+        if policy_value == Realm.POLICY_NOBODY:
+            return False
+
        if self.is_realm_admin:
            return True

-        policy_value = getattr(self.realm, policy_name)
        if policy_value == Realm.POLICY_ADMINS_ONLY:
            return False

--- a/zerver/openapi/zulip.yaml
+++ b/zerver/openapi/zulip.yaml
@ -8859,6 +8859,7 @@ paths:
                          * 2 = Administrators only
                          * 3 = Full members only
                          * 4 = Moderators only
+                          * 6 = Nobody

                          **Changes**: New in Zulip 4.0 (feature level 50) replacing the
                          previous `realm_invite_by_admins_only` boolean.
--- a/zerver/tests/test_events.py
+++ b/zerver/tests/test_events.py
@ -2045,7 +2045,7 @@ class RealmPropertyActionTest(BaseAction):
            ],
            default_code_block_language=["python", "javascript"],
            message_content_delete_limit_seconds=[1000, 1100, 1200],
-            invite_to_realm_policy=[4, 3, 2, 1],
+            invite_to_realm_policy=[6, 4, 3, 2, 1],
            move_messages_between_streams_policy=[4, 3, 2, 1],
        )

--- a/zerver/tests/test_realm.py
+++ b/zerver/tests/test_realm.py
@ -778,7 +778,7 @@ class RealmAPITest(ZulipTestCase):
                Realm.GIPHY_RATING_OPTIONS["r"]["id"],
            ],
            message_content_delete_limit_seconds=[1000, 1100, 1200],
-            invite_to_realm_policy=Realm.COMMON_POLICY_TYPES,
+            invite_to_realm_policy=Realm.INVITE_TO_REALM_POLICY_TYPES,
            move_messages_between_streams_policy=Realm.COMMON_POLICY_TYPES,
        )

--- a/zerver/tests/test_signup.py
+++ b/zerver/tests/test_signup.py
@ -1328,6 +1328,13 @@ class InviteUserTest(InviteUserBase):
            user_profile.refresh_from_db()
            return user_profile.can_invite_others_to_realm()

+        realm = get_realm("zulip")
+        do_set_realm_property(
+            realm, "invite_to_realm_policy", Realm.POLICY_NOBODY, acting_user=None
+        )
+        desdemona = self.example_user("desdemona")
+        self.assertFalse(validation_func(desdemona))
+
        self.check_has_permission_policies("invite_to_realm_policy", validation_func)

    def test_invite_others_to_realm_setting(self) -> None:
@ -1335,14 +1342,23 @@ class InviteUserTest(InviteUserBase):
        The invite_to_realm_policy realm setting works properly.
        """
        realm = get_realm("zulip")
+        do_set_realm_property(
+            realm, "invite_to_realm_policy", Realm.POLICY_NOBODY, acting_user=None
+        )
+        self.login("desdemona")
+        email = "alice-test@zulip.com"
+        email2 = "bob-test@zulip.com"
+        invitee = f"Alice Test <{email}>, {email2}"
+        self.assert_json_error(
+            self.invite(invitee, ["Denmark"]),
+            "Insufficient permission",
+        )
+
        do_set_realm_property(
            realm, "invite_to_realm_policy", Realm.POLICY_ADMINS_ONLY, acting_user=None
        )

        self.login("shiva")
-        email = "alice-test@zulip.com"
-        email2 = "bob-test@zulip.com"
-        invitee = f"Alice Test <{email}>, {email2}"
        self.assert_json_error(
            self.invite(invitee, ["Denmark"]),
            "Insufficient permission",
--- a/zerver/views/realm.py
+++ b/zerver/views/realm.py
@ -53,7 +53,7 @@ def update_realm(
    ),
    invite_required: Optional[bool] = REQ(json_validator=check_bool, default=None),
    invite_to_realm_policy: Optional[int] = REQ(
-        json_validator=check_int_in(Realm.COMMON_POLICY_TYPES), default=None
+        json_validator=check_int_in(Realm.INVITE_TO_REALM_POLICY_TYPES), default=None
    ),
    name_changes_disabled: Optional[bool] = REQ(json_validator=check_bool, default=None),
    email_changes_disabled: Optional[bool] = REQ(json_validator=check_bool, default=None),