mirror of
https://github.com/cwinfo/matterbridge.git
synced 2025-07-05 09:24:03 +00:00
Update vendor (#1265)
This commit is contained in:
Wim
277
vendor/github.com/mattermost/mattermost-server/v5/model/role.go
generated
vendored
277
vendor/github.com/mattermost/mattermost-server/v5/model/role.go
generated
vendored
@ -9,10 +9,24 @@ import (
|
||||
"strings"
|
||||
)
|
||||
|
||||
// SysconsoleAncillaryPermissions maps the non-sysconsole permissions required by each sysconsole view.
|
||||
var SysconsoleAncillaryPermissions map[string][]*Permission
|
||||
var SystemManagerDefaultPermissions []string
|
||||
var SystemUserManagerDefaultPermissions []string
|
||||
var SystemReadOnlyAdminDefaultPermissions []string
|
||||
|
||||
var BuiltInSchemeManagedRoleIDs []string
|
||||
|
||||
var NewSystemRoleIDs []string
|
||||
|
||||
func init() {
|
||||
BuiltInSchemeManagedRoleIDs = []string{
|
||||
NewSystemRoleIDs = []string{
|
||||
SYSTEM_USER_MANAGER_ROLE_ID,
|
||||
SYSTEM_READ_ONLY_ADMIN_ROLE_ID,
|
||||
SYSTEM_MANAGER_ROLE_ID,
|
||||
}
|
||||
|
||||
BuiltInSchemeManagedRoleIDs = append([]string{
|
||||
SYSTEM_GUEST_ROLE_ID,
|
||||
SYSTEM_USER_ROLE_ID,
|
||||
SYSTEM_ADMIN_ROLE_ID,
|
||||
@ -29,7 +43,125 @@ func init() {
|
||||
CHANNEL_GUEST_ROLE_ID,
|
||||
CHANNEL_USER_ROLE_ID,
|
||||
CHANNEL_ADMIN_ROLE_ID,
|
||||
}, NewSystemRoleIDs...)
|
||||
|
||||
// When updating the values here, the values in mattermost-redux must also be updated.
|
||||
SysconsoleAncillaryPermissions = map[string][]*Permission{
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS.Id: {
|
||||
PERMISSION_READ_PUBLIC_CHANNEL,
|
||||
PERMISSION_READ_CHANNEL,
|
||||
PERMISSION_READ_PUBLIC_CHANNEL_GROUPS,
|
||||
PERMISSION_READ_PRIVATE_CHANNEL_GROUPS,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_USERS.Id: {
|
||||
PERMISSION_READ_OTHER_USERS_TEAMS,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_TEAMS.Id: {
|
||||
PERMISSION_LIST_PRIVATE_TEAMS,
|
||||
PERMISSION_LIST_PUBLIC_TEAMS,
|
||||
PERMISSION_VIEW_TEAM,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_READ_ENVIRONMENT.Id: {
|
||||
PERMISSION_READ_JOBS,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_READ_AUTHENTICATION.Id: {
|
||||
PERMISSION_READ_JOBS,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_READ_REPORTING.Id: {
|
||||
PERMISSION_VIEW_TEAM,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_USERS.Id: {
|
||||
PERMISSION_EDIT_OTHER_USERS,
|
||||
PERMISSION_DEMOTE_TO_GUEST,
|
||||
PERMISSION_PROMOTE_GUEST,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_CHANNELS.Id: {
|
||||
PERMISSION_MANAGE_TEAM,
|
||||
PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES,
|
||||
PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES,
|
||||
PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS,
|
||||
PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS,
|
||||
PERMISSION_DELETE_PRIVATE_CHANNEL,
|
||||
PERMISSION_DELETE_PUBLIC_CHANNEL,
|
||||
PERMISSION_MANAGE_CHANNEL_ROLES,
|
||||
PERMISSION_CONVERT_PUBLIC_CHANNEL_TO_PRIVATE,
|
||||
PERMISSION_CONVERT_PRIVATE_CHANNEL_TO_PUBLIC,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_TEAMS.Id: {
|
||||
PERMISSION_MANAGE_TEAM,
|
||||
PERMISSION_MANAGE_TEAM_ROLES,
|
||||
PERMISSION_REMOVE_USER_FROM_TEAM,
|
||||
PERMISSION_JOIN_PRIVATE_TEAMS,
|
||||
PERMISSION_JOIN_PUBLIC_TEAMS,
|
||||
PERMISSION_ADD_USER_TO_TEAM,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_GROUPS.Id: {
|
||||
PERMISSION_MANAGE_TEAM,
|
||||
PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS,
|
||||
PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS,
|
||||
PERMISSION_CONVERT_PUBLIC_CHANNEL_TO_PRIVATE,
|
||||
PERMISSION_CONVERT_PRIVATE_CHANNEL_TO_PUBLIC,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_WRITE_ENVIRONMENT.Id: {
|
||||
PERMISSION_MANAGE_JOBS,
|
||||
},
|
||||
PERMISSION_SYSCONSOLE_WRITE_SITE.Id: {
|
||||
PERMISSION_EDIT_BRAND,
|
||||
},
|
||||
}
|
||||
|
||||
SystemUserManagerDefaultPermissions = []string{
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_GROUPS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_TEAMS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_PERMISSIONS.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_GROUPS.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_TEAMS.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_CHANNELS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_AUTHENTICATION.Id,
|
||||
}
|
||||
|
||||
SystemReadOnlyAdminDefaultPermissions = []string{
|
||||
PERMISSION_SYSCONSOLE_READ_ABOUT.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_REPORTING.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_USERS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_GROUPS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_TEAMS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_PERMISSIONS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_ENVIRONMENT.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_SITE.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_AUTHENTICATION.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_PLUGINS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_INTEGRATIONS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_EXPERIMENTAL.Id,
|
||||
}
|
||||
|
||||
SystemManagerDefaultPermissions = []string{
|
||||
PERMISSION_SYSCONSOLE_READ_ABOUT.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_REPORTING.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_GROUPS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_TEAMS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_CHANNELS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_USERMANAGEMENT_PERMISSIONS.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_GROUPS.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_TEAMS.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_CHANNELS.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_USERMANAGEMENT_PERMISSIONS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_ENVIRONMENT.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_ENVIRONMENT.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_SITE.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_SITE.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_AUTHENTICATION.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_PLUGINS.Id,
|
||||
PERMISSION_SYSCONSOLE_READ_INTEGRATIONS.Id,
|
||||
PERMISSION_SYSCONSOLE_WRITE_INTEGRATIONS.Id,
|
||||
}
|
||||
|
||||
// Add the ancillary permissions to each system role
|
||||
SystemUserManagerDefaultPermissions = addAncillaryPermissions(SystemUserManagerDefaultPermissions)
|
||||
SystemReadOnlyAdminDefaultPermissions = addAncillaryPermissions(SystemReadOnlyAdminDefaultPermissions)
|
||||
SystemManagerDefaultPermissions = addAncillaryPermissions(SystemManagerDefaultPermissions)
|
||||
}
|
||||
|
||||
type RoleType string
|
||||
@ -42,6 +174,9 @@ const (
|
||||
SYSTEM_POST_ALL_ROLE_ID = "system_post_all"
|
||||
SYSTEM_POST_ALL_PUBLIC_ROLE_ID = "system_post_all_public"
|
||||
SYSTEM_USER_ACCESS_TOKEN_ROLE_ID = "system_user_access_token"
|
||||
SYSTEM_USER_MANAGER_ROLE_ID = "system_user_manager"
|
||||
SYSTEM_READ_ONLY_ADMIN_ROLE_ID = "system_read_only_admin"
|
||||
SYSTEM_MANAGER_ROLE_ID = "system_manager"
|
||||
|
||||
TEAM_GUEST_ROLE_ID = "team_guest"
|
||||
TEAM_USER_ROLE_ID = "team_user"
|
||||
@ -135,8 +270,8 @@ func (r *Role) MergeChannelHigherScopedPermissions(higherScopedPermissions *Role
|
||||
higherScopedPermissionsMap := AsStringBoolMap(higherScopedPermissions.Permissions)
|
||||
rolePermissionsMap := AsStringBoolMap(r.Permissions)
|
||||
|
||||
for _, cp := range ALL_PERMISSIONS {
|
||||
if cp.Scope != PERMISSION_SCOPE_CHANNEL {
|
||||
for _, cp := range AllPermissions {
|
||||
if cp.Scope != PermissionScopeChannel {
|
||||
continue
|
||||
}
|
||||
|
||||
@ -150,7 +285,7 @@ func (r *Role) MergeChannelHigherScopedPermissions(higherScopedPermissions *Role
|
||||
continue
|
||||
}
|
||||
|
||||
_, permissionIsModerated := CHANNEL_MODERATED_PERMISSIONS_MAP[cp.Id]
|
||||
_, permissionIsModerated := ChannelModeratedPermissionsMap[cp.Id]
|
||||
if permissionIsModerated {
|
||||
_, presentOnRole := rolePermissionsMap[cp.Id]
|
||||
if presentOnRole && presentOnHigherScope {
|
||||
@ -216,13 +351,13 @@ func ChannelModeratedPermissionsChangedByPatch(role *Role, patch *RolePatch) []s
|
||||
patchMap := make(map[string]bool)
|
||||
|
||||
for _, permission := range role.Permissions {
|
||||
if channelModeratedPermissionName, found := CHANNEL_MODERATED_PERMISSIONS_MAP[permission]; found {
|
||||
if channelModeratedPermissionName, found := ChannelModeratedPermissionsMap[permission]; found {
|
||||
roleMap[channelModeratedPermissionName] = true
|
||||
}
|
||||
}
|
||||
|
||||
for _, permission := range *patch.Permissions {
|
||||
if channelModeratedPermissionName, found := CHANNEL_MODERATED_PERMISSIONS_MAP[permission]; found {
|
||||
if channelModeratedPermissionName, found := ChannelModeratedPermissionsMap[permission]; found {
|
||||
patchMap[channelModeratedPermissionName] = true
|
||||
}
|
||||
}
|
||||
@ -246,11 +381,11 @@ func ChannelModeratedPermissionsChangedByPatch(role *Role, patch *RolePatch) []s
|
||||
func (r *Role) GetChannelModeratedPermissions(channelType string) map[string]bool {
|
||||
moderatedPermissions := make(map[string]bool)
|
||||
for _, permission := range r.Permissions {
|
||||
if _, found := CHANNEL_MODERATED_PERMISSIONS_MAP[permission]; !found {
|
||||
if _, found := ChannelModeratedPermissionsMap[permission]; !found {
|
||||
continue
|
||||
}
|
||||
|
||||
for moderated, moderatedPermissionValue := range CHANNEL_MODERATED_PERMISSIONS_MAP {
|
||||
for moderated, moderatedPermissionValue := range ChannelModeratedPermissionsMap {
|
||||
// the moderated permission has already been found to be true so skip this iteration
|
||||
if moderatedPermissions[moderatedPermissionValue] {
|
||||
continue
|
||||
@ -279,14 +414,14 @@ func (r *Role) RolePatchFromChannelModerationsPatch(channelModerationsPatch []*C
|
||||
// Iterate through the list of existing permissions on the role and append permissions that we want to keep.
|
||||
for _, permission := range r.Permissions {
|
||||
// Permission is not moderated so dont add it to the patch and skip the channelModerationsPatch
|
||||
if _, isModerated := CHANNEL_MODERATED_PERMISSIONS_MAP[permission]; !isModerated {
|
||||
if _, isModerated := ChannelModeratedPermissionsMap[permission]; !isModerated {
|
||||
continue
|
||||
}
|
||||
|
||||
permissionEnabled := true
|
||||
// Check if permission has a matching moderated permission name inside the channel moderation patch
|
||||
for _, channelModerationPatch := range channelModerationsPatch {
|
||||
if *channelModerationPatch.Name == CHANNEL_MODERATED_PERMISSIONS_MAP[permission] {
|
||||
if *channelModerationPatch.Name == ChannelModeratedPermissionsMap[permission] {
|
||||
// Permission key exists in patch with a value of false so skip over it
|
||||
if roleName == "members" {
|
||||
if channelModerationPatch.Roles.Members != nil && !*channelModerationPatch.Roles.Members {
|
||||
@ -307,7 +442,7 @@ func (r *Role) RolePatchFromChannelModerationsPatch(channelModerationsPatch []*C
|
||||
|
||||
// Iterate through the patch and add any permissions that dont already exist on the role
|
||||
for _, channelModerationPatch := range channelModerationsPatch {
|
||||
for permission, moderatedPermissionName := range CHANNEL_MODERATED_PERMISSIONS_MAP {
|
||||
for permission, moderatedPermissionName := range ChannelModeratedPermissionsMap {
|
||||
if roleName == "members" && channelModerationPatch.Roles.Members != nil && *channelModerationPatch.Roles.Members && *channelModerationPatch.Name == moderatedPermissionName {
|
||||
permissionsToAddToPatch[permission] = true
|
||||
}
|
||||
@ -349,7 +484,7 @@ func (r *Role) IsValidWithoutId() bool {
|
||||
|
||||
for _, permission := range r.Permissions {
|
||||
permissionValidated := false
|
||||
for _, p := range ALL_PERMISSIONS {
|
||||
for _, p := range append(AllPermissions, DeprecatedPermissions...) {
|
||||
if permission == p.Id {
|
||||
permissionValidated = true
|
||||
break
|
||||
@ -364,6 +499,23 @@ func (r *Role) IsValidWithoutId() bool {
|
||||
return true
|
||||
}
|
||||
|
||||
func CleanRoleNames(roleNames []string) ([]string, bool) {
|
||||
var cleanedRoleNames []string
|
||||
for _, roleName := range roleNames {
|
||||
if strings.TrimSpace(roleName) == "" {
|
||||
continue
|
||||
}
|
||||
|
||||
if !IsValidRoleName(roleName) {
|
||||
return roleNames, false
|
||||
}
|
||||
|
||||
cleanedRoleNames = append(cleanedRoleNames, roleName)
|
||||
}
|
||||
|
||||
return cleanedRoleNames, true
|
||||
}
|
||||
|
||||
func IsValidRoleName(roleName string) bool {
|
||||
if len(roleName) <= 0 || len(roleName) > ROLE_NAME_MAX_LENGTH {
|
||||
return false
|
||||
@ -493,6 +645,8 @@ func MakeDefaultRoles() map[string]*Role {
|
||||
PERMISSION_MANAGE_OTHERS_SLASH_COMMANDS.Id,
|
||||
PERMISSION_MANAGE_INCOMING_WEBHOOKS.Id,
|
||||
PERMISSION_MANAGE_OUTGOING_WEBHOOKS.Id,
|
||||
PERMISSION_CONVERT_PUBLIC_CHANNEL_TO_PRIVATE.Id,
|
||||
PERMISSION_CONVERT_PRIVATE_CHANNEL_TO_PUBLIC.Id,
|
||||
},
|
||||
SchemeManaged: true,
|
||||
BuiltIn: true,
|
||||
@ -562,6 +716,38 @@ func MakeDefaultRoles() map[string]*Role {
|
||||
BuiltIn: true,
|
||||
}
|
||||
|
||||
roles[SYSTEM_USER_MANAGER_ROLE_ID] = &Role{
|
||||
Name: "system_user_manager",
|
||||
DisplayName: "authentication.roles.system_user_manager.name",
|
||||
Description: "authentication.roles.system_user_manager.description",
|
||||
Permissions: SystemUserManagerDefaultPermissions,
|
||||
SchemeManaged: false,
|
||||
BuiltIn: true,
|
||||
}
|
||||
|
||||
roles[SYSTEM_READ_ONLY_ADMIN_ROLE_ID] = &Role{
|
||||
Name: "system_read_only_admin",
|
||||
DisplayName: "authentication.roles.system_read_only_admin.name",
|
||||
Description: "authentication.roles.system_read_only_admin.description",
|
||||
Permissions: SystemReadOnlyAdminDefaultPermissions,
|
||||
SchemeManaged: false,
|
||||
BuiltIn: true,
|
||||
}
|
||||
|
||||
roles[SYSTEM_MANAGER_ROLE_ID] = &Role{
|
||||
Name: "system_manager",
|
||||
DisplayName: "authentication.roles.system_manager.name",
|
||||
Description: "authentication.roles.system_manager.description",
|
||||
Permissions: SystemManagerDefaultPermissions,
|
||||
SchemeManaged: false,
|
||||
BuiltIn: true,
|
||||
}
|
||||
|
||||
allPermissionIDs := []string{}
|
||||
for _, permission := range AllPermissions {
|
||||
allPermissionIDs = append(allPermissionIDs, permission.Id)
|
||||
}
|
||||
|
||||
roles[SYSTEM_ADMIN_ROLE_ID] = &Role{
|
||||
Name: "system_admin",
|
||||
DisplayName: "authentication.roles.global_admin.name",
|
||||
@ -569,64 +755,21 @@ func MakeDefaultRoles() map[string]*Role {
|
||||
// System admins can do anything channel and team admins can do
|
||||
// plus everything members of teams and channels can do to all teams
|
||||
// and channels on the system
|
||||
Permissions: append(
|
||||
append(
|
||||
append(
|
||||
append(
|
||||
[]string{
|
||||
PERMISSION_ASSIGN_SYSTEM_ADMIN_ROLE.Id,
|
||||
PERMISSION_MANAGE_SYSTEM.Id,
|
||||
PERMISSION_MANAGE_ROLES.Id,
|
||||
PERMISSION_MANAGE_PUBLIC_CHANNEL_PROPERTIES.Id,
|
||||
PERMISSION_MANAGE_PUBLIC_CHANNEL_MEMBERS.Id,
|
||||
PERMISSION_MANAGE_PRIVATE_CHANNEL_MEMBERS.Id,
|
||||
PERMISSION_DELETE_PUBLIC_CHANNEL.Id,
|
||||
PERMISSION_CREATE_PUBLIC_CHANNEL.Id,
|
||||
PERMISSION_MANAGE_PRIVATE_CHANNEL_PROPERTIES.Id,
|
||||
PERMISSION_DELETE_PRIVATE_CHANNEL.Id,
|
||||
PERMISSION_CREATE_PRIVATE_CHANNEL.Id,
|
||||
PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH.Id,
|
||||
PERMISSION_MANAGE_OTHERS_INCOMING_WEBHOOKS.Id,
|
||||
PERMISSION_MANAGE_OTHERS_OUTGOING_WEBHOOKS.Id,
|
||||
PERMISSION_EDIT_OTHER_USERS.Id,
|
||||
PERMISSION_EDIT_OTHERS_POSTS.Id,
|
||||
PERMISSION_MANAGE_OAUTH.Id,
|
||||
PERMISSION_INVITE_USER.Id,
|
||||
PERMISSION_INVITE_GUEST.Id,
|
||||
PERMISSION_PROMOTE_GUEST.Id,
|
||||
PERMISSION_DEMOTE_TO_GUEST.Id,
|
||||
PERMISSION_DELETE_POST.Id,
|
||||
PERMISSION_DELETE_OTHERS_POSTS.Id,
|
||||
PERMISSION_CREATE_TEAM.Id,
|
||||
PERMISSION_ADD_USER_TO_TEAM.Id,
|
||||
PERMISSION_LIST_USERS_WITHOUT_TEAM.Id,
|
||||
PERMISSION_MANAGE_JOBS.Id,
|
||||
PERMISSION_CREATE_POST_PUBLIC.Id,
|
||||
PERMISSION_CREATE_POST_EPHEMERAL.Id,
|
||||
PERMISSION_CREATE_USER_ACCESS_TOKEN.Id,
|
||||
PERMISSION_READ_USER_ACCESS_TOKEN.Id,
|
||||
PERMISSION_REVOKE_USER_ACCESS_TOKEN.Id,
|
||||
PERMISSION_CREATE_BOT.Id,
|
||||
PERMISSION_READ_BOTS.Id,
|
||||
PERMISSION_READ_OTHERS_BOTS.Id,
|
||||
PERMISSION_MANAGE_BOTS.Id,
|
||||
PERMISSION_MANAGE_OTHERS_BOTS.Id,
|
||||
PERMISSION_REMOVE_OTHERS_REACTIONS.Id,
|
||||
PERMISSION_LIST_PRIVATE_TEAMS.Id,
|
||||
PERMISSION_JOIN_PRIVATE_TEAMS.Id,
|
||||
PERMISSION_VIEW_MEMBERS.Id,
|
||||
},
|
||||
roles[TEAM_USER_ROLE_ID].Permissions...,
|
||||
),
|
||||
roles[CHANNEL_USER_ROLE_ID].Permissions...,
|
||||
),
|
||||
roles[TEAM_ADMIN_ROLE_ID].Permissions...,
|
||||
),
|
||||
roles[CHANNEL_ADMIN_ROLE_ID].Permissions...,
|
||||
),
|
||||
Permissions: allPermissionIDs,
|
||||
SchemeManaged: true,
|
||||
BuiltIn: true,
|
||||
}
|
||||
|
||||
return roles
|
||||
}
|
||||
|
||||
func addAncillaryPermissions(permissions []string) []string {
|
||||
for _, permission := range permissions {
|
||||
if ancillaryPermissions, ok := SysconsoleAncillaryPermissions[permission]; ok {
|
||||
for _, ancillaryPermission := range ancillaryPermissions {
|
||||
permissions = append(permissions, ancillaryPermission.Id)
|
||||
}
|
||||
}
|
||||
}
|
||||
return permissions
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user