fix: Add default role option for new users (#2665)

* Add defaultUserRole on server * Handle defaultUserRole on frontend * Handle tests * Handle user role in userCreator * Minor improvments * Fix prettier issue * Undefined when isNewTeam is false * Update app/scenes/Settings/Security.js Co-authored-by: Tom Moor <tom.moor@gmail.com> * Update app/scenes/Settings/Security.js Co-authored-by: Tom Moor <tom.moor@gmail.com> * Update app/scenes/Settings/Security.js Co-authored-by: Tom Moor <tom.moor@gmail.com> * Remove duplicate validation * Update Team.js * fix: Move note out of restricted width wrapper * Move language setting to use 'note' prop * Remove admin option Co-authored-by: Tom Moor <tom.moor@gmail.com>
2021-10-20 09:26:11 +05:30
parent 90fdf5106a
commit 3610a7f4a2
13 changed files with 189 additions and 23 deletions
--- a/server/commands/accountProvisioner.js
+++ b/server/commands/accountProvisioner.js
@@ -76,7 +76,7 @@ export default async function accountProvisioner({
      name: userParams.name,
      email: userParams.email,
      username: userParams.username,
-      isAdmin: isNewTeam,
+      isAdmin: isNewTeam || undefined,
      avatarUrl: userParams.avatarUrl,
      teamId: team.id,
      ip,
--- a/server/commands/userCreator.js
+++ b/server/commands/userCreator.js
@@ -1,6 +1,6 @@
 // @flow
 import Sequelize from "sequelize";
-import { Event, User, UserAuthentication } from "../models";
+import { Event, Team, User, UserAuthentication } from "../models";
 import { sequelize } from "../sequelize";

 const Op = Sequelize.Op;
@@ -126,12 +126,18 @@ export default async function userCreator({
  let transaction = await sequelize.transaction();

  try {
+    const { defaultUserRole } = await Team.findByPk(teamId, {
+      attributes: ["defaultUserRole"],
+      transaction,
+    });
+
    const user = await User.create(
      {
        name,
        email,
        username,
-        isAdmin,
+        isAdmin: typeof isAdmin === "boolean" && isAdmin,
+        isViewer: isAdmin === true ? false : defaultUserRole === "viewer",
        teamId,
        avatarUrl,
        service: null,
--- a/server/commands/userCreator.test.js
+++ b/server/commands/userCreator.test.js
@@ -122,9 +122,83 @@ describe("userCreator", () => {
    expect(authentication.scopes[0]).toEqual("read");
    expect(user.email).toEqual("test@example.com");
    expect(user.username).toEqual("tname");
+    expect(user.isAdmin).toEqual(false);
+    expect(user.isViewer).toEqual(false);
    expect(isNewUser).toEqual(true);
  });

+  it("should prefer isAdmin argument over defaultUserRole", async () => {
+    const team = await buildTeam({ defaultUserRole: "viewer" });
+    const authenticationProviders = await team.getAuthenticationProviders();
+    const authenticationProvider = authenticationProviders[0];
+
+    const result = await userCreator({
+      name: "Test Name",
+      email: "test@example.com",
+      username: "tname",
+      teamId: team.id,
+      isAdmin: true,
+      ip,
+      authentication: {
+        authenticationProviderId: authenticationProvider.id,
+        providerId: "fake-service-id",
+        accessToken: "123",
+        scopes: ["read"],
+      },
+    });
+
+    const { user } = result;
+
+    expect(user.isAdmin).toEqual(true);
+  });
+
+  it("should prefer defaultUserRole when isAdmin is undefined or false", async () => {
+    const team = await buildTeam({ defaultUserRole: "viewer" });
+    const authenticationProviders = await team.getAuthenticationProviders();
+    const authenticationProvider = authenticationProviders[0];
+
+    const result = await userCreator({
+      name: "Test Name",
+      email: "test@example.com",
+      username: "tname",
+      teamId: team.id,
+      ip,
+      authentication: {
+        authenticationProviderId: authenticationProvider.id,
+        providerId: "fake-service-id",
+        accessToken: "123",
+        scopes: ["read"],
+      },
+    });
+
+    const { user: tname } = result;
+
+    expect(tname.username).toEqual("tname");
+    expect(tname.isAdmin).toEqual(false);
+    expect(tname.isViewer).toEqual(true);
+
+    const tname2Result = await userCreator({
+      name: "Test2 Name",
+      email: "tes2@example.com",
+      username: "tname2",
+      teamId: team.id,
+      isAdmin: false,
+      ip,
+      authentication: {
+        authenticationProviderId: authenticationProvider.id,
+        providerId: "fake-service-id",
+        accessToken: "123",
+        scopes: ["read"],
+      },
+    });
+
+    const { user: tname2 } = tname2Result;
+
+    expect(tname2.username).toEqual("tname2");
+    expect(tname2.isAdmin).toEqual(false);
+    expect(tname2.isViewer).toEqual(true);
+  });
+
  it("should create a user from an invited user", async () => {
    const team = await buildTeam();
    const invite = await buildInvite({ teamId: team.id });