From 8a3d7ba0d2c7e056391c59cd2a0623ac7521d6b2 Mon Sep 17 00:00:00 2001
From: Guilherme Gazzo <guilhermegazzo@gmail.com>
Date: Thu, 23 Mar 2017 17:28:32 -0300
Subject: [PATCH] Just admins can change a Default Channel to Private (the
 channel will be a non default channel) (#6426)

* change ChatRoom to AdminChatRoom on channelSettingsDefault

* just admin can change the type of a default channel, and even been an admin you must confirm this
---
 .../client/lib/startup.coffee                 |  1 +
 .../client/lib/ChannelSettings.coffee         |  5 +-
 .../client/views/channelSettings.coffee       | 50 ++++++++++++++-----
 .../client/views/channelSettings.html         | 11 ++++
 packages/rocketchat-i18n/i18n/en.i18n.json    |  2 +
 .../rocketchat-lib/server/models/Rooms.coffee |  3 +-
 .../client/rooms/adminRoomInfo.coffee         | 25 ++++++++--
 .../client/rooms/adminRooms.coffee            |  1 +
 .../client/rooms/channelSettingsDefault.js    |  8 +--
 9 files changed, 82 insertions(+), 24 deletions(-)

diff --git a/packages/rocketchat-channel-settings-mail-messages/client/lib/startup.coffee b/packages/rocketchat-channel-settings-mail-messages/client/lib/startup.coffee
index c55e6956b7b..0fe36ddc31b 100644
--- a/packages/rocketchat-channel-settings-mail-messages/client/lib/startup.coffee
+++ b/packages/rocketchat-channel-settings-mail-messages/client/lib/startup.coffee
@@ -1,5 +1,6 @@
 Meteor.startup ->
 	RocketChat.ChannelSettings.addOption
+		group: ['room']
 		id: 'mail-messages'
 		template: 'channelSettingsMailMessages'
 		validation: ->
diff --git a/packages/rocketchat-channel-settings/client/lib/ChannelSettings.coffee b/packages/rocketchat-channel-settings/client/lib/ChannelSettings.coffee
index 57e23f6b457..4c723d54bd9 100644
--- a/packages/rocketchat-channel-settings/client/lib/ChannelSettings.coffee
+++ b/packages/rocketchat-channel-settings/client/lib/ChannelSettings.coffee
@@ -17,13 +17,14 @@ RocketChat.ChannelSettings = new class
 			opts[config.id] = config
 			options.set opts
 
-	getOptions = (currentData) ->
+	getOptions = (currentData, group) ->
 		allOptions = _.toArray options.get()
 		allowedOptions = _.compact _.map allOptions, (option) ->
 			if not option.validation? or option.validation()
 				option.data = Object.assign (option.data or {}), currentData
 				return option
-
+		allowedOptions = allowedOptions.filter (option) ->
+			!group or !option.group or option.group?.indexOf(group) > -1
 		return _.sortBy allowedOptions, 'order'
 
 	addOption: addOption
diff --git a/packages/rocketchat-channel-settings/client/views/channelSettings.coffee b/packages/rocketchat-channel-settings/client/views/channelSettings.coffee
index 40fc3162b47..8eda21ee2df 100644
--- a/packages/rocketchat-channel-settings/client/views/channelSettings.coffee
+++ b/packages/rocketchat-channel-settings/client/views/channelSettings.coffee
@@ -31,10 +31,10 @@ Template.channelSettings.helpers
 		return Template.instance().editing.get() is field
 
 	isDisabled: (field, room) ->
-		return Template.instance().settings[field].processing.get() or !RocketChat.authz.hasAllPermission('edit-room', room._id)
+		return Template.instance().settings[field].disabled?(room) or Template.instance().settings[field].processing.get() or !RocketChat.authz.hasAllPermission('edit-room', room._id)
 
 	channelSettings: ->
-		return RocketChat.ChannelSettings.getOptions(Template.currentData())
+		return RocketChat.ChannelSettings.getOptions(Template.currentData(), 'room')
 
 	unscape: (value) ->
 		return s.unescapeHTML value
@@ -45,7 +45,8 @@ Template.channelSettings.helpers
 
 	readOnly: ->
 		return  ChatRoom.findOne(@rid, { fields: { ro: 1 }})?.ro
-
+	has: (v, key) ->
+		v?[key]?
 	readOnlyDescription: ->
 		readOnly = ChatRoom.findOne(@rid, { fields: { ro: 1 }})?.ro
 		if readOnly is true
@@ -160,6 +161,14 @@ Template.channelSettings.onCreated ->
 			label: 'Private'
 			isToggle: true
 			processing: new ReactiveVar(false)
+			disabled: (room) =>
+				room.default and not RocketChat.authz.hasRole( Meteor.userId(), 'admin')
+			message: (room) =>
+				#if the user can change but the channel is default
+				if RocketChat.authz.hasAllPermission('edit-room', room._id) and room.default
+					# if you are an admin, even so you can change
+					unless RocketChat.authz.hasRole( Meteor.userId(), 'admin')
+						return 'Room_type_of_default_rooms_cant_be_changed'
 			canView: (room) ->
 				if room.t not in ['c', 'p']
 					return false
@@ -168,16 +177,33 @@ Template.channelSettings.onCreated ->
 				else if room.t is 'c' and not RocketChat.authz.hasAllPermission('create-p')
 					return false
 				return true
-			canEdit: (room) => RocketChat.authz.hasAllPermission('edit-room', room._id)
+			canEdit: (room) => ( RocketChat.authz.hasAllPermission('edit-room', room._id) and not room.default) or RocketChat.authz.hasRole( Meteor.userId(), 'admin')
 			save: (value, room) ->
-				@processing.set(true)
-				value = if value then 'p' else 'c'
-				RocketChat.callbacks.run 'roomTypeChanged', room
-				Meteor.call 'saveRoomSettings', room._id, 'roomType', value, (err, result) =>
-					return handleError err if err
-					@processing.set(false)
-					toastr.success TAPi18n.__ 'Room_type_changed_successfully'
-
+				saveRoomSettings = =>
+					@processing.set(true)
+					value = if value then 'p' else 'c'
+					RocketChat.callbacks.run 'roomTypeChanged', room
+					Meteor.call 'saveRoomSettings', room._id, 'roomType', value, (err, result) =>
+						return handleError err if err
+						@processing.set(false)
+						toastr.success TAPi18n.__ 'Room_type_changed_successfully'
+
+				if room.default
+					if RocketChat.authz.hasRole Meteor.userId(), 'admin'
+						swal {
+							title: t('Room_default_change_to_private_will_be_default_no_more')
+							type: 'warning'
+							showCancelButton: true
+							confirmButtonColor: '#DD6B55'
+							confirmButtonText: t('Yes')
+							cancelButtonText: t('Cancel')
+							closeOnConfirm: true
+							html: false
+						}, (confirmed) =>
+							return saveRoomSettings() if confirmed
+					$(".channel-settings form [name='t']").prop('checked', !!room.type == 'p')
+				else
+					saveRoomSettings()
 		ro:
 			type: 'boolean'
 			label: 'Read_only'
diff --git a/packages/rocketchat-channel-settings/client/views/channelSettings.html b/packages/rocketchat-channel-settings/client/views/channelSettings.html
index 562590be0c7..f4475a56244 100644
--- a/packages/rocketchat-channel-settings/client/views/channelSettings.html
+++ b/packages/rocketchat-channel-settings/client/views/channelSettings.html
@@ -75,6 +75,17 @@
 											{{/unless}}
 										</div>
 									</li>
+									{{# if has $value 'message' }}
+										{{#let message=($value.message room)}}
+											{{#if message}}
+												<li>
+													<div class="alert alert-warning pending-background pending-border">
+														{{_ message}}
+													</div>
+												</li>
+											{{/if}}
+										{{/let}}
+									{{/if}}
 								{{/let}}
 							{{/if}}
 						{{/each}}
diff --git a/packages/rocketchat-i18n/i18n/en.i18n.json b/packages/rocketchat-i18n/i18n/en.i18n.json
index e08f9931ad8..3bd7044d7a7 100644
--- a/packages/rocketchat-i18n/i18n/en.i18n.json
+++ b/packages/rocketchat-i18n/i18n/en.i18n.json
@@ -1235,6 +1235,8 @@
   "Room_has_been_deleted": "Room has been deleted",
   "Room_has_been_archived": "Room has been archived",
   "Room_has_been_unarchived": "Room has been unarchived",
+  "Room_type_of_default_rooms_cant_be_changed": "This is a default room and the type can not be changed, please consult with your administrator.",
+  "Room_default_change_to_private_will_be_default_no_more": "This is a default channel and changing it to a private group will cause it to no longer be a default channel. Do you want to proceed?",
   "Room_Info": "Room Info",
   "room_is_blocked": "This room is blocked",
   "room_is_read_only": "This room is read only",
diff --git a/packages/rocketchat-lib/server/models/Rooms.coffee b/packages/rocketchat-lib/server/models/Rooms.coffee
index 0830b53f773..8b97db2e8ea 100644
--- a/packages/rocketchat-lib/server/models/Rooms.coffee
+++ b/packages/rocketchat-lib/server/models/Rooms.coffee
@@ -482,10 +482,11 @@ class ModelRooms extends RocketChat.models._Base
 	setTypeById: (_id, type) ->
 		query =
 			_id: _id
-
 		update =
 			$set:
 				t: type
+		if type == 'p'
+			update.$unset = {default: ''}
 
 		return @update query, update
 
diff --git a/packages/rocketchat-ui-admin/client/rooms/adminRoomInfo.coffee b/packages/rocketchat-ui-admin/client/rooms/adminRoomInfo.coffee
index 62cda0ec704..cfac8a088aa 100644
--- a/packages/rocketchat-ui-admin/client/rooms/adminRoomInfo.coffee
+++ b/packages/rocketchat-ui-admin/client/rooms/adminRoomInfo.coffee
@@ -11,7 +11,7 @@ Template.adminRoomInfo.helpers
 	roomType: ->
 		return AdminChatRoom.findOne(@rid, { fields: { t: 1 }})?.t
 	channelSettings: ->
-		return RocketChat.ChannelSettings.getOptions()
+		return RocketChat.ChannelSettings.getOptions(null, 'admin-room')
 	roomTypeDescription: ->
 		roomType = AdminChatRoom.findOne(@rid, { fields: { t: 1 }})?.t
 		if roomType is 'c'
@@ -138,12 +138,27 @@ Template.adminRoomInfo.onCreated ->
 						toastr.success TAPi18n.__ 'Room_topic_changed_successfully'
 						RocketChat.callbacks.run 'roomTopicChanged', AdminChatRoom.findOne(rid)
 			when 'roomType'
+				val = @$('input[name=roomType]:checked').val()
 				if @validateRoomType(rid)
 					RocketChat.callbacks.run 'roomTypeChanged', AdminChatRoom.findOne(rid)
-					Meteor.call 'saveRoomSettings', rid, 'roomType', @$('input[name=roomType]:checked').val(), (err, result) ->
-						if err
-							return handleError(err)
-						toastr.success TAPi18n.__ 'Room_type_changed_successfully'
+					saveRoomSettings = =>
+						Meteor.call 'saveRoomSettings', rid, 'roomType', val, (err, result) ->
+							if err
+								return handleError(err)
+								toastr.success TAPi18n.__ 'Room_type_changed_successfully'
+					unless AdminChatRoom.findOne(rid, { fields: { default: 1 }}).default
+						return saveRoomSettings()
+					swal
+						title: t('Room_default_change_to_private_will_be_default_no_more')
+						type: 'warning'
+						showCancelButton: true
+						confirmButtonColor: '#DD6B55'
+						confirmButtonText: t('Yes')
+						cancelButtonText: t('Cancel')
+						closeOnConfirm: true
+						html: false
+						(confirmed) =>
+							return !confirmed || saveRoomSettings()
 			when 'archivationState'
 				if @$('input[name=archivationState]:checked').val() is 'true'
 					if AdminChatRoom.findOne(rid)?.archived isnt true
diff --git a/packages/rocketchat-ui-admin/client/rooms/adminRooms.coffee b/packages/rocketchat-ui-admin/client/rooms/adminRooms.coffee
index 47504f09248..1be4c06b44e 100644
--- a/packages/rocketchat-ui-admin/client/rooms/adminRooms.coffee
+++ b/packages/rocketchat-ui-admin/client/rooms/adminRooms.coffee
@@ -53,6 +53,7 @@ Template.adminRooms.onCreated ->
 	});
 
 	RocketChat.ChannelSettings.addOption
+		group: ['admin-room']
 		id: 'make-default'
 		template: 'channelSettingsDefault'
 		data: ->
diff --git a/packages/rocketchat-ui-admin/client/rooms/channelSettingsDefault.js b/packages/rocketchat-ui-admin/client/rooms/channelSettingsDefault.js
index b17d5e1aa27..d950e5850a4 100644
--- a/packages/rocketchat-ui-admin/client/rooms/channelSettingsDefault.js
+++ b/packages/rocketchat-ui-admin/client/rooms/channelSettingsDefault.js
@@ -1,23 +1,23 @@
 import toastr from 'toastr';
-/* globals ChatRoom */
+/* globals AdminChatRoom */
 
 Template.channelSettingsDefault.helpers({
 	canMakeDefault() {
-		var room = ChatRoom.findOne(this.rid, { fields: { t: 1 }});
+		var room = AdminChatRoom.findOne(this.rid, { fields: { t: 1 }});
 		return room && room.t === 'c';
 	},
 	editing(field) {
 		return Template.instance().editing.get() === field;
 	},
 	roomDefault() {
-		var room = ChatRoom.findOne(this.rid, { fields: { default: 1 }});
+		var room = AdminChatRoom.findOne(this.rid, { fields: { default: 1 }});
 
 		if (room) {
 			return room.default;
 		}
 	},
 	defaultDescription() {
-		var room = ChatRoom.findOne(this.rid, { fields: { default: 1 }});
+		var room = AdminChatRoom.findOne(this.rid, { fields: { default: 1 }});
 		if (room && room.default) {
 			return t('True');
 		} else {