From d82a7362c718ac064782309a9b297f8c85779126 Mon Sep 17 00:00:00 2001 From: Karan Bedi Date: Fri, 2 Feb 2018 16:57:29 +0530 Subject: [PATCH 1/6] [NEW]: Add leave public channel permission --- packages/rocketchat-authorization/server/startup.js | 1 + packages/rocketchat-lib/server/methods/leaveRoom.js | 2 +- packages/rocketchat-ui-sidenav/client/sidebarItem.js | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/rocketchat-authorization/server/startup.js b/packages/rocketchat-authorization/server/startup.js index 10b8846b01e..a7fc477eb1d 100644 --- a/packages/rocketchat-authorization/server/startup.js +++ b/packages/rocketchat-authorization/server/startup.js @@ -34,6 +34,7 @@ Meteor.startup(function() { { _id: 'edit-room', roles : ['admin', 'owner', 'moderator'] }, { _id: 'force-delete-message', roles : ['admin', 'owner'] }, { _id: 'join-without-join-code', roles : ['admin', 'bot'] }, + { _id: 'leave-c', roles : ['admin', 'user', 'bot', 'anonymous'] }, { _id: 'manage-assets', roles : ['admin'] }, { _id: 'manage-emoji', roles : ['admin'] }, { _id: 'manage-integrations', roles : ['admin'] }, diff --git a/packages/rocketchat-lib/server/methods/leaveRoom.js b/packages/rocketchat-lib/server/methods/leaveRoom.js index 603e785acdb..00e8b960a25 100644 --- a/packages/rocketchat-lib/server/methods/leaveRoom.js +++ b/packages/rocketchat-lib/server/methods/leaveRoom.js @@ -12,7 +12,7 @@ Meteor.methods({ const room = RocketChat.models.Rooms.findOneById(rid); const user = Meteor.user(); - if (room.t === 'd') { + if (room.t === 'd' || (room.t === 'c' && !RocketChat.authz.hasPermission(user._id, 'leave-c'))) { throw new Meteor.Error('error-not-allowed', 'Not allowed', { method: 'leaveRoom' }); } diff --git a/packages/rocketchat-ui-sidenav/client/sidebarItem.js b/packages/rocketchat-ui-sidenav/client/sidebarItem.js index 8eb3b831cce..c74b1e2c682 100644 --- a/packages/rocketchat-ui-sidenav/client/sidebarItem.js +++ b/packages/rocketchat-ui-sidenav/client/sidebarItem.js @@ -84,6 +84,8 @@ Template.sidebarItem.events({ if (!roomData) { return false; } + if (roomData.t === 'c' && !RocketChat.authz.hasAtLeastOnePermission('leave-c')) { return false; } + return !(((roomData.cl != null) && !roomData.cl) || (['d', 'l'].includes(roomData.t))); }; From adb6c3262168a08fc75e375353ebebb323aca4ef Mon Sep 17 00:00:00 2001 From: Karan Bedi Date: Sat, 3 Feb 2018 17:20:08 +0530 Subject: [PATCH 2/6] WIP - Migration for leave-c permission --- server/startup/migrations/v107.js | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 server/startup/migrations/v107.js diff --git a/server/startup/migrations/v107.js b/server/startup/migrations/v107.js new file mode 100644 index 00000000000..dafd6c63af9 --- /dev/null +++ b/server/startup/migrations/v107.js @@ -0,0 +1,10 @@ +RocketChat.Migrations.add({ + version: 107, + up() { + const roles = RocketChat.models.Roles.find({ + _id: { $ne: 'guest' }, + scope: 'Users' + }).fetch().map((role)=>{ return role._id; }); + RocketChat.models.Permissions.createOrUpdate('leave-c', roles); + } +}); From 43355331b1136d4ce23c765b41b30258bda4bca7 Mon Sep 17 00:00:00 2001 From: Karan Bedi Date: Fri, 9 Feb 2018 03:29:48 +0530 Subject: [PATCH 3/6] [NEW]: Add leave private chanwnel permission --- packages/rocketchat-authorization/server/startup.js | 1 + packages/rocketchat-lib/server/methods/leaveRoom.js | 2 +- packages/rocketchat-ui-sidenav/client/sidebarItem.js | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/packages/rocketchat-authorization/server/startup.js b/packages/rocketchat-authorization/server/startup.js index a7fc477eb1d..82bb3ab1a8e 100644 --- a/packages/rocketchat-authorization/server/startup.js +++ b/packages/rocketchat-authorization/server/startup.js @@ -35,6 +35,7 @@ Meteor.startup(function() { { _id: 'force-delete-message', roles : ['admin', 'owner'] }, { _id: 'join-without-join-code', roles : ['admin', 'bot'] }, { _id: 'leave-c', roles : ['admin', 'user', 'bot', 'anonymous'] }, + { _id: 'leave-p', roles : ['admin', 'user', 'bot', 'anonymous'] }, { _id: 'manage-assets', roles : ['admin'] }, { _id: 'manage-emoji', roles : ['admin'] }, { _id: 'manage-integrations', roles : ['admin'] }, diff --git a/packages/rocketchat-lib/server/methods/leaveRoom.js b/packages/rocketchat-lib/server/methods/leaveRoom.js index 00e8b960a25..dd13f2e67ba 100644 --- a/packages/rocketchat-lib/server/methods/leaveRoom.js +++ b/packages/rocketchat-lib/server/methods/leaveRoom.js @@ -12,7 +12,7 @@ Meteor.methods({ const room = RocketChat.models.Rooms.findOneById(rid); const user = Meteor.user(); - if (room.t === 'd' || (room.t === 'c' && !RocketChat.authz.hasPermission(user._id, 'leave-c'))) { + if (room.t === 'd' || (room.t === 'c' && !RocketChat.authz.hasPermission(user._id, 'leave-c')) || (room.t === 'p' && !RocketChat.authz.hasPermission(user._id, 'leave-p'))) { throw new Meteor.Error('error-not-allowed', 'Not allowed', { method: 'leaveRoom' }); } diff --git a/packages/rocketchat-ui-sidenav/client/sidebarItem.js b/packages/rocketchat-ui-sidenav/client/sidebarItem.js index c74b1e2c682..f127e60e3a8 100644 --- a/packages/rocketchat-ui-sidenav/client/sidebarItem.js +++ b/packages/rocketchat-ui-sidenav/client/sidebarItem.js @@ -85,6 +85,7 @@ Template.sidebarItem.events({ if (!roomData) { return false; } if (roomData.t === 'c' && !RocketChat.authz.hasAtLeastOnePermission('leave-c')) { return false; } + if (roomData.t === 'p' && !RocketChat.authz.hasAtLeastOnePermission('leave-p')) { return false; } return !(((roomData.cl != null) && !roomData.cl) || (['d', 'l'].includes(roomData.t))); }; From 15e12a07a9b8e66b0fba20086fb1e9ad6037701d Mon Sep 17 00:00:00 2001 From: Karan Bedi Date: Fri, 9 Feb 2018 03:31:00 +0530 Subject: [PATCH 4/6] Migration for leave-d permission --- server/startup/migrations/v107.js | 1 + 1 file changed, 1 insertion(+) diff --git a/server/startup/migrations/v107.js b/server/startup/migrations/v107.js index dafd6c63af9..c3fabd5ca6c 100644 --- a/server/startup/migrations/v107.js +++ b/server/startup/migrations/v107.js @@ -6,5 +6,6 @@ RocketChat.Migrations.add({ scope: 'Users' }).fetch().map((role)=>{ return role._id; }); RocketChat.models.Permissions.createOrUpdate('leave-c', roles); + RocketChat.models.Permissions.createOrUpdate('leave-d', roles); } }); From df5f3a950aa5e2fc94acf6a8661ff1b13d367ef6 Mon Sep 17 00:00:00 2001 From: kb0304 Date: Sat, 10 Mar 2018 02:28:59 +0530 Subject: [PATCH 5/6] Rename migration 107 -> 108 --- server/startup/migrations/{v107.js => v108.js} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename server/startup/migrations/{v107.js => v108.js} (100%) diff --git a/server/startup/migrations/v107.js b/server/startup/migrations/v108.js similarity index 100% rename from server/startup/migrations/v107.js rename to server/startup/migrations/v108.js From dbd84724af19cabe9804d1613f7ba6133c9bf6cb Mon Sep 17 00:00:00 2001 From: Bradley Hilton Date: Mon, 26 Mar 2018 12:11:51 -0300 Subject: [PATCH 6/6] Add english i18n strings for the new leave permissions --- packages/rocketchat-i18n/i18n/en.i18n.json | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/rocketchat-i18n/i18n/en.i18n.json b/packages/rocketchat-i18n/i18n/en.i18n.json index 434bf04b1d1..2b65e563c2b 100644 --- a/packages/rocketchat-i18n/i18n/en.i18n.json +++ b/packages/rocketchat-i18n/i18n/en.i18n.json @@ -1135,6 +1135,8 @@ "Lead_capture_email_regex": "Lead capture email regex", "Lead_capture_phone_regex": "Lead capture phone regex", "Least_Amount": "Least Amount", + "leave-c": "Leave Channels", + "leave-p": "Leave Private Groups", "Leave_Group_Warning": "Are you sure you want to leave the group \"%s\"?", "Leave_Livechat_Warning": "Are you sure you want to leave the livechat with \"%s\"?", "Leave_Private_Warning": "Are you sure you want to leave the discussion with \"%s\"?",