Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Allow granting the mobile-upload-file permission to guests #34191

Merged
merged 12 commits into from
Jan 20, 2025
Merged

feat: Allow granting the mobile-upload-file permission to guests #34191

merged 12 commits into from
Jan 20, 2025

Conversation

matheusbsilva137
Copy link
Member

@matheusbsilva137 matheusbsilva137 commented Dec 16, 2024
edited
Loading

Proposed changes (including videos or screenshots)

  • Allow granting the mobile-upload-file permission to the guest role (but not make it the default behavior)

Issue(s)

Steps to test or reproduce

Use the authorization:addPermissionToRole Meteor method to check that the mobile-upload-file permission can now be granted to the guest role. Example (cURL) request:

curl --request POST \
  --url http://localhost:3000/api/v1/method.call/authorization%3AaddPermissionToRole \
  --header 'Content-Type: application/json' \
  --header 'X-Auth-Token: jVrwkAmobgfne3aEdL-dJh-znNXMkhg79pEAZS2rEIg' \
  --header 'X-User-Id: rMq9ovRmZabXHW4Do' \
  --data '{"message":"{\"msg\":\"method\",\"id\":\"16\",\"method\":\"authorization:addPermissionToRole\",\"params\":[\"mobile-upload-file\",\"guest\"]}"}'

This Meteor method should return an error (Permission is restricted [error-action-not-allowed]) in case an invalid permission is provided (e.g. a permission that can't be granted to the guest role -- any permission that isn't in this list: view-d-room, view-joined-room, view-p-room, start-discussion, mobile-upload-file).

Use the authorization:removeRoleFromPermission Meteor method to check that the mobile-upload-file permission can also be removed from the guest role. Example (cURL) request:

curl --request POST \
  --url http://localhost:3000/api/v1/method.call/authorization%3AremoveRoleFromPermission \
  --header 'Content-Type: application/json' \
  --header 'X-Auth-Token: jVrwkAmobgfne3aEdL-dJh-znNXMkhg79pEAZS2rEIg' \
  --header 'X-User-Id: rMq9ovRmZabXHW4Do' \
  --data '{"message":"{\"msg\":\"method\",\"id\":\"16\",\"method\":\"authorization:addPermissionToRole\",\"params\":[\"mobile-upload-file\",\"guest\"]}"}'

Further comments

CORE-837

@matheusbsilva137 matheusbsilva137 added this to the 7.2.0 milestone Dec 16, 2024
@dionisio-bot dionisio-bot
Copy link
Contributor

dionisio-bot bot commented Dec 16, 2024
edited
Loading

Looks like this PR is ready to merge! 🎉
If you have any trouble, please check the PR guidelines

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Dec 16, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 01d0a9e

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 35 packages
Name Type
@rocket.chat/meteor Minor
@rocket.chat/core-typings Minor
@rocket.chat/rest-typings Minor
@rocket.chat/uikit-playground Patch
@rocket.chat/api-client Patch
@rocket.chat/apps Patch
@rocket.chat/core-services Patch
@rocket.chat/cron Patch
@rocket.chat/ddp-client Patch
@rocket.chat/freeswitch Patch
@rocket.chat/fuselage-ui-kit Major
@rocket.chat/gazzodown Major
@rocket.chat/livechat Patch
@rocket.chat/model-typings Patch
@rocket.chat/ui-contexts Major
@rocket.chat/account-service Patch
@rocket.chat/authorization-service Patch
@rocket.chat/ddp-streamer Patch
@rocket.chat/omnichannel-transcript Patch
@rocket.chat/presence-service Patch
@rocket.chat/queue-worker Patch
@rocket.chat/stream-hub-service Patch
@rocket.chat/license Patch
@rocket.chat/omnichannel-services Patch
@rocket.chat/pdf-worker Patch
@rocket.chat/presence Patch
rocketchat-services Patch
@rocket.chat/models Patch
@rocket.chat/network-broker Patch
@rocket.chat/ui-avatar Major
@rocket.chat/ui-client Major
@rocket.chat/ui-video-conf Major
@rocket.chat/ui-voip Major
@rocket.chat/web-ui-registration Major
@rocket.chat/instance-status Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 16, 2024
edited
Loading

PR Preview Action v1.6.0

🚀 View preview at
https://RocketChat.github.io/Rocket.Chat/pr-preview/pr-34191/

Built to branch gh-pages at 2025-01-20 11:40 UTC.
Preview will be ready when the GitHub Pages deployment is complete.

@codecov Codecov
Copy link

codecov bot commented Dec 16, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 74.99%. Comparing base (b14a5c1) to head (01d0a9e).
Report is 2 commits behind head on develop.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff              @@
##           develop   #34191       +/-   ##
============================================
+ Coverage    59.18%   74.99%   +15.81%     
============================================
  Files         2819      516     -2303     
  Lines        67718    22742    -44976     
  Branches     15081     5519     -9562     
============================================
- Hits         40076    17056    -23020     
+ Misses       24820     5023    -19797     
+ Partials      2822      663     -2159
Flag Coverage Δ
e2e ?
e2e-api ?
unit 74.99% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

@scuciatto scuciatto modified the milestones: 7.2.0, 7.3.0 Dec 20, 2024
@matheusbsilva137 matheusbsilva137 marked this pull request as ready for review December 27, 2024 01:59
@matheusbsilva137 matheusbsilva137 requested a review from a team as a code owner December 27, 2024 01:59
@scuciatto scuciatto added the stat: QA assured Means it has been tested and approved by a company insider label Jan 17, 2025
@dionisio-bot dionisio-bot bot added the stat: ready to merge PR tested and approved waiting for merge label Jan 17, 2025
@dionisio-bot dionisio-bot bot removed the stat: ready to merge PR tested and approved waiting for merge label Jan 17, 2025
@scuciatto scuciatto added stat: QA assured Means it has been tested and approved by a company insider and removed stat: QA assured Means it has been tested and approved by a company insider labels Jan 17, 2025
@dionisio-bot dionisio-bot bot added the stat: ready to merge PR tested and approved waiting for merge label Jan 19, 2025
@kodiakhq kodiakhq bot merged commit 0cc933e into develop Jan 20, 2025
49 checks passed
@kodiakhq kodiakhq bot deleted the feat/mobile-upload-file-guest branch January 20, 2025 12:32
This was referenced Jan 20, 2025
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tapiarafael tapiarafael tapiarafael approved these changes

Assignees
No one assigned
Labels
stat: QA assured Means it has been tested and approved by a company insider stat: ready to merge PR tested and approved waiting for merge
Projects
None yet
Milestone
7.3.0
Development

Successfully merging this pull request may close these issues.
3 participants
@matheusbsilva137 @tapiarafael @scuciatto