From b7fc3d7d35ca4dd16097715a66463392a1dfaf0a Mon Sep 17 00:00:00 2001
From: Martin Kraft <mkraft@users.noreply.github.com>
Date: Tue, 13 Feb 2018 06:08:21 -0500
Subject: Updates migration tests to reflect front-end mapping changes. (#8237)

---
 app/diagnostics.go                |  2 +-
 model/config.go                   |  6 +++-
 utils/authorization.go            |  2 +-
 utils/authorization_test.go       | 10 +++++-
 utils/config.go                   |  2 +-
 utils/policies-roles-mapping.json | 74 +++++++++++++++++++++++++--------------
 6 files changed, 65 insertions(+), 31 deletions(-)

diff --git a/app/diagnostics.go b/app/diagnostics.go
index 6d83d3a89..bbc72e63e 100644
--- a/app/diagnostics.go
+++ b/app/diagnostics.go
@@ -247,7 +247,7 @@ func (a *App) trackConfig() {
 
 	a.SendDiagnostic(TRACK_CONFIG_TEAM, map[string]interface{}{
 		"enable_user_creation":                    cfg.TeamSettings.EnableUserCreation,
-		"enable_team_creation":                    cfg.TeamSettings.EnableTeamCreation,
+		"enable_team_creation":                    *cfg.TeamSettings.EnableTeamCreation,
 		"restrict_team_invite":                    *cfg.TeamSettings.RestrictTeamInvite,
 		"restrict_public_channel_creation":        *cfg.TeamSettings.RestrictPublicChannelCreation,
 		"restrict_private_channel_creation":       *cfg.TeamSettings.RestrictPrivateChannelCreation,
diff --git a/model/config.go b/model/config.go
index 8fb11d403..f20a11ab8 100644
--- a/model/config.go
+++ b/model/config.go
@@ -962,7 +962,7 @@ func (s *ThemeSettings) SetDefaults() {
 type TeamSettings struct {
 	SiteName                            string
 	MaxUsersPerTeam                     *int
-	EnableTeamCreation                  bool
+	EnableTeamCreation                  *bool
 	EnableUserCreation                  bool
 	EnableOpenServer                    *bool
 	RestrictCreationToDomains           string
@@ -1085,6 +1085,10 @@ func (s *TeamSettings) SetDefaults() {
 	if s.ExperimentalPrimaryTeam == nil {
 		s.ExperimentalPrimaryTeam = NewString("")
 	}
+
+	if s.EnableTeamCreation == nil {
+		s.EnableTeamCreation = NewBool(true)
+	}
 }
 
 type ClientRequirements struct {
diff --git a/utils/authorization.go b/utils/authorization.go
index e8556458a..bc71404ef 100644
--- a/utils/authorization.go
+++ b/utils/authorization.go
@@ -260,7 +260,7 @@ func SetRolePermissionsFromConfig(roles map[string]*model.Role, cfg *model.Confi
 		)
 	}
 
-	if cfg.TeamSettings.EnableTeamCreation {
+	if *cfg.TeamSettings.EnableTeamCreation {
 		roles[model.SYSTEM_USER_ROLE_ID].Permissions = append(
 			roles[model.SYSTEM_USER_ROLE_ID].Permissions,
 			model.PERMISSION_CREATE_TEAM.Id,
diff --git a/utils/authorization_test.go b/utils/authorization_test.go
index 9e5b570bb..8c78dcbda 100644
--- a/utils/authorization_test.go
+++ b/utils/authorization_test.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"reflect"
+	"strconv"
 	"strings"
 	"testing"
 
@@ -112,7 +113,14 @@ func updateConfig(config *model.Config, key string, value string) {
 		v = reflect.ValueOf(config.TeamSettings)
 		field = v.FieldByName(key)
 	}
-	field.Elem().SetString(value)
+
+	switch value {
+	case "true", "false":
+		b, _ := strconv.ParseBool(value)
+		field.Elem().SetBool(b)
+	default:
+		field.Elem().SetString(value)
+	}
 }
 
 func roleHasPermission(role *model.Role, permission string) bool {
diff --git a/utils/config.go b/utils/config.go
index 9e962eef4..be20e0367 100644
--- a/utils/config.go
+++ b/utils/config.go
@@ -354,7 +354,7 @@ func GenerateClientConfig(c *model.Config, diagnosticId string) map[string]strin
 
 	props["SiteURL"] = strings.TrimRight(*c.ServiceSettings.SiteURL, "/")
 	props["SiteName"] = c.TeamSettings.SiteName
-	props["EnableTeamCreation"] = strconv.FormatBool(c.TeamSettings.EnableTeamCreation)
+	props["EnableTeamCreation"] = strconv.FormatBool(*c.TeamSettings.EnableTeamCreation)
 	props["EnableUserCreation"] = strconv.FormatBool(c.TeamSettings.EnableUserCreation)
 	props["EnableOpenServer"] = strconv.FormatBool(*c.TeamSettings.EnableOpenServer)
 	props["RestrictDirectMessage"] = *c.TeamSettings.RestrictDirectMessage
diff --git a/utils/policies-roles-mapping.json b/utils/policies-roles-mapping.json
index f083a854a..1b2acdfcb 100644
--- a/utils/policies-roles-mapping.json
+++ b/utils/policies-roles-mapping.json
@@ -431,16 +431,6 @@
                 "permission": "delete_post",
                 "shouldHave": true
             },
-            {
-                "roleName": "channel_admin",
-                "permission": "delete_post",
-                "shouldHave": false
-            },
-            {
-                "roleName": "channel_admin",
-                "permission": "delete_others_posts",
-                "shouldHave": false
-            },
             {
                 "roleName": "team_admin",
                 "permission": "delete_post",
@@ -458,16 +448,6 @@
                 "permission": "delete_post",
                 "shouldHave": false
             },
-            {
-                "roleName": "channel_admin",
-                "permission": "delete_post",
-                "shouldHave": false
-            },
-            {
-                "roleName": "channel_admin",
-                "permission": "delete_others_posts",
-                "shouldHave": false
-            },
             {
                 "roleName": "team_admin",
                 "permission": "delete_post",
@@ -486,25 +466,67 @@
                 "shouldHave": false
             },
             {
-                "roleName": "channel_admin",
+                "roleName": "team_admin",
                 "permission": "delete_post",
                 "shouldHave": false
             },
             {
-                "roleName": "channel_admin",
+                "roleName": "team_admin",
                 "permission": "delete_others_posts",
                 "shouldHave": false
+            }
+        ]
+    },
+    "enableTeamCreation": {
+        "true": [
+            {
+                "roleName": "system_user",
+                "permission": "create_team",
+                "shouldHave": true
+            }
+        ],
+        "false": [
+            {
+                "roleName": "system_user",
+                "permission": "create_team",
+                "shouldHave": false
+            }
+        ]
+    },
+    "enableOnlyAdminIntegrations": {
+        "true": [
+            {
+                "roleName": "team_user",
+                "permission": "manage_webhooks",
+                "shouldHave": false
             },
             {
-                "roleName": "team_admin",
-                "permission": "delete_post",
+                "roleName": "team_user",
+                "permission": "manage_slash_commands",
                 "shouldHave": false
             },
             {
-                "roleName": "team_admin",
-                "permission": "delete_others_posts",
+                "roleName": "system_user",
+                "permission": "manage_oauth",
                 "shouldHave": false
             }
+        ],
+        "false": [
+            {
+                "roleName": "team_user",
+                "permission": "manage_webhooks",
+                "shouldHave": true
+            },
+            {
+                "roleName": "team_user",
+                "permission": "manage_slash_commands",
+                "shouldHave": true
+            },
+            {
+                "roleName": "system_user",
+                "permission": "manage_oauth",
+                "shouldHave": true
+            }
         ]
     }
 }
\ No newline at end of file
-- 
cgit v1.2.3-1-g7c22