Add customizable user roles (#18641)

* Add customizable user roles * Various fixes and improvements * Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00 · 2022-07-05 02:41:40 +02:00 · 44b2ee3485
commit 44b2ee3485
parent 1b4054256f
187 changed files with 1945 additions and 1032 deletions
--- a/spec/controllers/invites_controller_spec.rb
+++ b/spec/controllers/invites_controller_spec.rb
@ -7,30 +7,30 @@ describe InvitesController do
    sign_in user
  end

-  around do |example|
-    min_invite_role = Setting.min_invite_role
-    example.run
-    Setting.min_invite_role = min_invite_role
-  end
-
  describe 'GET #index' do
    subject { get :index }

-    let(:user) { Fabricate(:user, moderator: false, admin: false) }
+    let(:user) { Fabricate(:user) }
    let!(:invite) { Fabricate(:invite, user: user) }

-    context 'when user is a staff' do
+    context 'when everyone can invite' do
+      before do
+        UserRole.everyone.update(permissions: UserRole.everyone.permissions | UserRole::FLAGS[:invite_users])
+      end
+
      it 'renders index page' do
-        Setting.min_invite_role = 'user'
        expect(subject).to render_template :index
        expect(assigns(:invites)).to include invite
        expect(assigns(:invites).count).to eq 1
      end
    end

-    context 'when user is not a staff' do
+    context 'when not everyone can invite' do
+      before do
+        UserRole.everyone.update(permissions: UserRole.everyone.permissions & ~UserRole::FLAGS[:invite_users])
+      end
+
      it 'returns 403' do
-        Setting.min_invite_role = 'modelator'
        expect(subject).to have_http_status 403
      end
    end
@ -39,8 +39,12 @@ describe InvitesController do
  describe 'POST #create' do
    subject { post :create, params: { invite: { max_uses: '10', expires_in: 1800 } } }

-    context 'when user is an admin' do
-      let(:user) { Fabricate(:user, moderator: false, admin: true) }
+    context 'when everyone can invite' do
+      let(:user) { Fabricate(:user) }
+
+      before do
+        UserRole.everyone.update(permissions: UserRole.everyone.permissions | UserRole::FLAGS[:invite_users])
+      end

      it 'succeeds to create a invite' do
        expect { subject }.to change { Invite.count }.by(1)
@ -49,8 +53,12 @@ describe InvitesController do
      end
    end

-    context 'when user is not an admin' do
-      let(:user) { Fabricate(:user, moderator: true, admin: false) }
+    context 'when not everyone can invite' do
+      let(:user) { Fabricate(:user) }
+
+      before do
+        UserRole.everyone.update(permissions: UserRole.everyone.permissions & ~UserRole::FLAGS[:invite_users])
+      end

      it 'returns 403' do
        expect(subject).to have_http_status 403
@ -61,8 +69,8 @@ describe InvitesController do
  describe 'DELETE #create' do
    subject { delete :destroy, params: { id: invite.id } }

+    let(:user) { Fabricate(:user) }
    let!(:invite) { Fabricate(:invite, user: user, expires_at: nil) }
-    let(:user) { Fabricate(:user, moderator: false, admin: true) }

    it 'expires invite' do
      expect(subject).to redirect_to invites_path