From 5d9f9615d46fa0f5e0164a6aa80827e6e064a5ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliver=20J=C3=A4gle?= Date: Thu, 7 Dec 2017 11:56:56 +0100 Subject: [PATCH] Create configuration expert role on startup (#159) * Allow maintenance of per-setting permissions (cherry picked from commit eed869a) * Implicitly assign and revoke setting group permissions (cherry picked from commit 28b769b) * Improve Display of setting permissions (cherry picked from commit 8523456) * Add path to permission title (cherry picked from commit c87a30d) * Permission to access setting permissions (cherry picked from commit 48b1076) * Adapt wording (cherry picked from commit daccad8) * UI-adaptation: Allow users with permission 'manage-selected-permissions' to see and change the affected settings. However, this is not reactive: Once the permissions for a particular setting are changed, the user needs to log off and on again before it becomes effective in the UI. This is most probably a consequence of the CachedCollection. This collection needed to be changed on permission-change. In the backend however, the permissions become effective immediately. (cherry picked from commit 00e4bb5) * Don't adapt sorting on the client side (cherry picked from commit 9b71b62) * Fix: Apply changed setting permissions reactively (cherry picked from commit 293ad73) * Move setting-based permissions to own collection (cherry picked from commit 8f59f1c) * Unify collections for setting and other permissions again into one (cherry picked from commit 8d923c2) * Get rid of frontend exceptions on changing selected settings (cherry picked from commit a7fdc87) * - Sort permissions by group - Do not try to create permissions for hidden settings in higher-level-callbacks - Remove `setting-permissions` collection - fully integrated into `permissions` (cherry picked from commit f007231) * Harmonize wording in German (cherry picked from commit 5cf5df2) * add configuration package * Add default role configuration on startup * set default system language to DE * Reduce capabilities of config expert and introduce minor admin * Parted the roles for configuration and managing the rest - Manager - well - manages the application, like a minor admin. Target is that this role is capable of doing everything which is necessary while *regularly* running the application - Config-expert is allowed to customize the application (affecting all users' experience) --- .meteor/packages | 1 + .meteor/versions | 1 + packages/assistify-defaults/README.md | 8 + packages/assistify-defaults/package.js | 19 ++ packages/assistify-defaults/server/config.js | 8 + packages/assistify-defaults/server/roles.js | 232 ++++++++++++++++++ .../i18n/assistify.de.i18n.yml | 2 + .../i18n/assistify.en.i18n.yml | 4 +- 8 files changed, 274 insertions(+), 1 deletion(-) create mode 100644 packages/assistify-defaults/README.md create mode 100644 packages/assistify-defaults/package.js create mode 100644 packages/assistify-defaults/server/config.js create mode 100644 packages/assistify-defaults/server/roles.js diff --git a/.meteor/packages b/.meteor/packages index a6a48797d8c5..67380b6e1676 100644 --- a/.meteor/packages +++ b/.meteor/packages @@ -180,3 +180,4 @@ keepnox:perfect-scrollbar assistify:help-request assistify:ai +assistify:defaults diff --git a/.meteor/versions b/.meteor/versions index 9e33bbcbbf11..d3d087b3d9b5 100644 --- a/.meteor/versions +++ b/.meteor/versions @@ -9,6 +9,7 @@ accounts-twitter@1.3.0 aldeed:simple-schema@1.5.3 allow-deny@1.0.9 assistify:ai@0.1.0 +assistify:defaults@0.0.1 assistify:help-request@0.1.0 autoupdate@1.3.12 babel-compiler@6.20.0 diff --git a/packages/assistify-defaults/README.md b/packages/assistify-defaults/README.md new file mode 100644 index 000000000000..c1272bbb9f22 --- /dev/null +++ b/packages/assistify-defaults/README.md @@ -0,0 +1,8 @@ +This package is a convenience package which shall reduce the effort of manually configuring each Rocket.Chat instance. +In order to achieve this, it provides + +- Settings +- Roles +- potentially also integrations, icons, ... + +on startup. diff --git a/packages/assistify-defaults/package.js b/packages/assistify-defaults/package.js new file mode 100644 index 000000000000..6d4fd7769280 --- /dev/null +++ b/packages/assistify-defaults/package.js @@ -0,0 +1,19 @@ +Package.describe({ + name: 'assistify:defaults', + version: '0.0.1', + // Brief, one-line summary of the package. + summary: 'Default configuration of Rocket.Chat for Assistify', + git: '', + documentation: 'README.md' +}); + +Package.onUse(function(api) { + api.use('ecmascript'); + api.use('rocketchat:lib'); + api.use('rocketchat:authorization'); + api.use('assistify:help-request'); + api.use('assistify:ai'); + + api.addFiles('server/config.js', 'server'); + api.addFiles('server/roles.js', 'server'); +}); diff --git a/packages/assistify-defaults/server/config.js b/packages/assistify-defaults/server/config.js new file mode 100644 index 000000000000..bc6d17c62ec5 --- /dev/null +++ b/packages/assistify-defaults/server/config.js @@ -0,0 +1,8 @@ +/* globals RocketChat */ + +Meteor.startup(() => { + const languageSetting = RocketChat.models.Settings.db.findOneById('Language'); + if (!languageSetting.value && languageSetting.value === languageSetting.packageValue) { + RocketChat.models.Settings.db.updateValueById(languageSetting._id, 'en'); + } +}); diff --git a/packages/assistify-defaults/server/roles.js b/packages/assistify-defaults/server/roles.js new file mode 100644 index 000000000000..a112011906b7 --- /dev/null +++ b/packages/assistify-defaults/server/roles.js @@ -0,0 +1,232 @@ +import {TAPi18n} from 'meteor/tap:i18n'; + +const CONFIGURATION_ROLE_NAME = 'config-expert'; +const MANAGER_ROLE_NAME = 'manager'; + + +const assignPermissions = function(role, permissions) { + permissions.forEach(permission => RocketChat.models.Permissions.addRole(permission, role)); +}; + +const createConfigurationRole = function() { + RocketChat.models.Roles.createOrUpdate(CONFIGURATION_ROLE_NAME, 'Users', TAPi18n.__('Configuration_expert_description')); + const settingPermissions = [ + 'change-setting-Message_AllowSnippeting', + 'change-setting-Message_AllowStarring', + 'change-setting-Message_AllowPinning', + 'change-setting-Markdown_Parser', + 'change-setting-Livechat_AllowedDomainsList', + 'change-setting-Livechat_open_inquiery_show_connecting', + 'change-setting-Livechat_transcript_message', + 'change-setting-Livechat_enable_transcript', + 'change-setting-Livechat_enable_office_hours', + 'change-setting-Livechat_show_queue_list_link', + 'change-setting-Livechat_guest_pool_with_no_agents', + 'change-setting-Livechat_Routing_Method', + 'change-setting-Livechat_history_monitor_type', + 'change-setting-Livechat_webhook_on_close', + 'change-setting-Livechat_secret_token', + 'change-setting-Livechat_webhookUrl', + 'change-setting-Livechat_agent_leave_comment', + 'change-setting-Livechat_agent_leave_action_timeout', + 'change-setting-Livechat_agent_leave_action', + 'change-setting-Livechat_Room_Count', + 'change-setting-Livechat_guest_count', + 'change-setting-Livechat_allow_switching_departments', + 'change-setting-Livechat_registration_form', + 'change-setting-Livechat_offline_success_message', + 'change-setting-Livechat_offline_email', + 'change-setting-Livechat_offline_message', + 'change-setting-Livechat_offline_title_color', + 'change-setting-Livechat_offline_title', + 'change-setting-Livechat_offline_form_unavailable', + 'change-setting-Livechat_validate_offline_email', + 'change-setting-Livechat_display_offline_form', + 'change-setting-Livechat_title_color', + 'change-setting-Livechat_title', + 'change-setting-Livechat_enabled', + 'change-setting-Livechat', + 'change-setting-Katex_Dollar_Syntax', + 'change-setting-Katex_Parenthesis_Syntax', + 'change-setting-Katex_Enabled', + 'change-setting-Accounts_Iframe_api_method', + 'change-setting-Accounts_Iframe_api_url', + 'change-setting-Accounts_iframe_url', + 'change-setting-Accounts_iframe_enabled', + 'change-setting-AutoLinker_Phone', + 'change-setting-AutoLinker_Email', + 'change-setting-AutoLinker_UrlsRegExp', + 'change-setting-AutoLinker_Urls_TLD', + 'change-setting-AutoLinker_Urls_www', + 'change-setting-AutoLinker_Urls_Scheme', + 'change-setting-AutoLinker_StripPrefix', + 'change-setting-AutoLinker', + 'change-setting-IssueLinks_Template', + 'change-setting-IssueLinks_Enabled', + 'change-setting-InternalHubot_ScriptsToLoad', + 'change-setting-InternalHubot_Username', + 'change-setting-InternalHubot_Enabled', + 'change-setting-InternalHubot', + 'change-setting-HexColorPreview_Enabled', + 'change-setting-theme-custom-css', + 'change-setting-theme-color-rc-color-content', + 'change-setting-theme-color-rc-color-primary-lightest', + 'change-setting-theme-color-rc-color-primary-light-medium', + 'change-setting-theme-color-rc-color-primary-light', + 'change-setting-theme-color-rc-color-primary-dark', + 'change-setting-theme-color-rc-color-primary-darkest', + 'change-setting-theme-color-rc-color-primary', + 'change-setting-theme-color-rc-color-button-primary-light', + 'change-setting-theme-color-rc-color-button-primary', + 'change-setting-theme-color-rc-color-success-light', + 'change-setting-theme-color-rc-color-success', + 'change-setting-theme-color-rc-color-alert-light', + 'change-setting-theme-color-rc-color-alert', + 'change-setting-theme-color-rc-color-error-light', + 'change-setting-theme-color-rc-color-error', + 'change-setting-Assets_safari_pinned', + 'change-setting-Assets_tile_310_wide', + 'change-setting-Assets_tile_310_square', + 'change-setting-Assets_tile_150', + 'change-setting-Assets_tile_144', + 'change-setting-Assets_touchicon_180_pre', + 'change-setting-Assets_touchicon_180', + 'change-setting-Assets_favicon_512', + 'change-setting-Assets_favicon_192', + 'change-setting-Assets_favicon_32', + 'change-setting-Assets_favicon_16', + 'change-setting-Assets_favicon', + 'change-setting-Assets_favicon_ico', + 'change-setting-Assets_logo', + 'change-setting-Assets_SvgFavicon_Enable', + 'change-setting-Assets', + 'change-setting-UI_Allow_room_names_with_special_chars', + 'change-setting-UI_Unread_Counter_Style', + 'change-setting-UI_Click_Direct_Message', + 'change-setting-UI_Use_Real_Name', + 'change-setting-UI_Use_Name_Avatar', + 'change-setting-UI_Merge_Channels_Groups', + 'change-setting-UI_DisplayRoles', + 'change-setting-Layout_Global_Announcement', + 'change-setting-Layout_Sidenav_Footer', + 'change-setting-Layout_Home_Body', + 'change-setting-Layout_Home_Title', + 'change-setting-Layout', + 'change-setting-Message_HideType_mute_unmute', + 'change-setting-Message_HideType_au', + 'change-setting-Message_HideType_ru', + 'change-setting-Message_HideType_ul', + 'change-setting-Message_HideType_uj', + 'change-setting-Message_QuoteChainLimit', + 'change-setting-API_EmbedIgnoredHosts', + 'change-setting-API_EmbedDisabledFor', + 'change-setting-API_EmbedCacheExpirationDays', + 'change-setting-API_Embed', + 'change-setting-Message_GroupingPeriod', + 'change-setting-Message_SetNameToAliasEnabled', + 'change-setting-Message_ShowFormattingTips', + 'change-setting-Message_MaxAllowedSize', + 'change-setting-Message_MaxAll', + 'change-setting-Message_KeepHistory', + 'change-setting-Message_BadWordsFilterList', + 'change-setting-Message_AllowBadWordsFilter', + 'change-setting-Message_ShowDeletedStatus', + 'change-setting-Message_ShowEditedStatus', + 'change-setting-Message_AlwaysSearchRegExp', + 'change-setting-Message_AllowDeleting_BlockDeleteInMinutes', + 'change-setting-Message_AllowDeleting', + 'change-setting-Message_AllowEditing_BlockEditInMinutes', + 'change-setting-Message_AllowEditing', + 'change-setting-Message_Attachments_GroupAttach', + 'change-setting-Message', + 'change-setting-Verification_Email', + 'change-setting-Verification_Email_Subject', + 'change-setting-Verification_Customized', + 'change-setting-Forgot_Password_Email', + 'change-setting-Forgot_Password_Email_Subject', + 'change-setting-Forgot_Password_Customized', + 'change-setting-Accounts_UserAddedEmail', + 'change-setting-Accounts_UserAddedEmailSubject', + 'change-setting-Accounts_UserAddedEmail_Customized', + 'change-setting-Accounts_Enrollment_Email', + 'change-setting-Accounts_Enrollment_Email_Subject', + 'change-setting-Accounts_Enrollment_Customized', + 'change-setting-Invitation_HTML', + 'change-setting-Invitation_Subject', + 'change-setting-Invitation_Customized', + 'change-setting-Email_Footer', + 'change-setting-Email_Header', + 'change-setting-Offline_Mention_All_Email', + 'change-setting-Offline_Mention_Email', + 'change-setting-Email', + 'change-setting-Custom_Translations', + 'change-setting-Notifications_Max_Room_Members', + 'change-setting-Mobile_Notifications_Default_Alert', + 'change-setting-Desktop_Notifications_Default_Alert', + 'change-setting-Audio_Notifications_Default_Alert', + 'change-setting-Audio_Notifications_Value', + 'change-setting-Desktop_Notifications_Duration', + 'change-setting-UTF8_Names_Slugify', + 'change-setting-UTF8_Names_Validation', + 'change-setting-Unread_Count_DM', + 'change-setting-Unread_Count', + 'change-setting-First_Channel_After_Login', + 'change-setting-Favorite_Rooms', + 'change-setting-Language', + 'change-setting-General', + 'change-setting-Accounts_BlockedUsernameList', + 'change-setting-Accounts_BlockedDomainsList', + 'change-setting-Accounts_AllowedDomainsList', + 'change-setting-Accounts_ManuallyApproveNewUsers', + 'change-setting-Accounts_EmailVerification', + 'change-setting-Accounts' + ]; + + assignPermissions(CONFIGURATION_ROLE_NAME, + settingPermissions.concat([ + 'manage-emoji', + 'manage-own-integrations', + 'manage-selected-settings' + ])); +}; + +const createManagerRole = function() { + RocketChat.models.Roles.createOrUpdate(MANAGER_ROLE_NAME, 'Users', TAPi18n.__('Manager_description')); + + const permissions = [ + 'add-user-to-any-c-room', + 'archive-room', + 'ban-user', + 'bulk-register-user', + 'create-user', + 'delete-c', + // 'delete-d', + 'delete-message', + // 'delete-p', + 'edit-message', + 'edit-other-user-active-status', + 'edit-other-user-info', + 'edit-other-user-password', + 'manage-emoji', + 'manage-own-integrations', + 'manage-selected-settings', + 'mute-user', + 'post-readonly', + 'remove-user', + 'set-moderator', + 'set-owner', + 'set-readonly', + 'set-react-when-readonly', + 'unarchive-room', + 'view-full-other-user-info', + 'view-room-administration', + 'view-user-administration' + ]; + + assignPermissions(MANAGER_ROLE_NAME, permissions); +}; + +Meteor.startup(() => { + createConfigurationRole(); + createManagerRole(); +}); diff --git a/packages/rocketchat-i18n/i18n/assistify.de.i18n.yml b/packages/rocketchat-i18n/i18n/assistify.de.i18n.yml index 3876718f6e7e..1822e267bfb5 100644 --- a/packages/rocketchat-i18n/i18n/assistify.de.i18n.yml +++ b/packages/rocketchat-i18n/i18n/assistify.de.i18n.yml @@ -1,3 +1,5 @@ Assistify_Show_Standard_Features: Standard RocketChat Features +Configuration_expert_description: Konfigurator +Manager_description: Fachadmin Create_new_standard_channel: Neuen einfachen Kanal erstellen General: Allgemeines diff --git a/packages/rocketchat-i18n/i18n/assistify.en.i18n.yml b/packages/rocketchat-i18n/i18n/assistify.en.i18n.yml index 31817a0a82cf..e23e08e33827 100644 --- a/packages/rocketchat-i18n/i18n/assistify.en.i18n.yml +++ b/packages/rocketchat-i18n/i18n/assistify.en.i18n.yml @@ -1,3 +1,5 @@ Assistify_Show_Standard_Features: Standard RocketChat features -Create_new_standard_channel: Create new simple channel +Configuration_expert_description: Config expert +Manager_description: Manager +Create_new_standard_channel: Create new channel General: General