mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-29 12:03:33 -05:00
Merge pull request #13530 from overleaf/bg-support-managed-users
add backend support for managed users GitOrigin-RevId: 61d965949c864013be31206661d2d36b35dd37a1
This commit is contained in:
parent
49c2fee3ba
commit
64ca8ce094
4 changed files with 106 additions and 0 deletions
|
@ -0,0 +1,62 @@
|
||||||
|
const { callbackify } = require('util')
|
||||||
|
const { Subscription } = require('../../models/Subscription')
|
||||||
|
const { GroupPolicy } = require('../../models/GroupPolicy')
|
||||||
|
const ManagedUsersPolicy = require('./ManagedUsersPolicy')
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This module contains functions for handling managed users in a
|
||||||
|
* group subscription.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Enables managed users for a given subscription by creating a new
|
||||||
|
* group policy with default settings for managed users and updating
|
||||||
|
* the subscription to use the new policy.
|
||||||
|
* @async
|
||||||
|
* @function
|
||||||
|
* @param {string} subscriptionId - The ID of the subscription to enable
|
||||||
|
* managed users for.
|
||||||
|
* @returns {Promise<void>} - A Promise that resolves when the subscription
|
||||||
|
* has been updated with the new group policy.
|
||||||
|
*/
|
||||||
|
async function enableManagedUsers(subscriptionId) {
|
||||||
|
const subscription = await Subscription.findById(subscriptionId).exec()
|
||||||
|
// create a new Group policy with the default settings for managed users
|
||||||
|
const policy = ManagedUsersPolicy.getDefaultPolicy()
|
||||||
|
const groupPolicy = new GroupPolicy(policy)
|
||||||
|
await groupPolicy.save()
|
||||||
|
// update the subscription to use the new policy
|
||||||
|
subscription.groupPolicy = groupPolicy._id
|
||||||
|
await subscription.save()
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Retrieves the group policy for a user enrolled in a managed group.
|
||||||
|
* @async
|
||||||
|
* @function
|
||||||
|
* @param {Object} user - The user object to retrieve the group policy for.
|
||||||
|
* @returns {Promise<Object>} - A Promise that resolves with the group policy
|
||||||
|
* object for the user's enrollment, or undefined if it does not exist.
|
||||||
|
*/
|
||||||
|
async function getGroupPolicyForUser(user) {
|
||||||
|
if (user.enrollment?.managedBy == null) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
const subscription = await Subscription.findById(user.enrollment.managedBy)
|
||||||
|
.populate('groupPolicy', '-_id')
|
||||||
|
.exec()
|
||||||
|
// return the group policy as a plain object without the _id and __v field
|
||||||
|
const groupPolicy = subscription?.groupPolicy.toObject({
|
||||||
|
versionKey: false,
|
||||||
|
})
|
||||||
|
return groupPolicy
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
promises: {
|
||||||
|
enableManagedUsers,
|
||||||
|
getGroupPolicyForUser,
|
||||||
|
},
|
||||||
|
enableManagedUsers: callbackify(enableManagedUsers),
|
||||||
|
getGroupPolicyForUser: callbackify(getGroupPolicyForUser),
|
||||||
|
}
|
|
@ -0,0 +1,23 @@
|
||||||
|
/**
|
||||||
|
* Returns the default group policy for managed users.
|
||||||
|
* Managed users are users who are part of a group subscription, and are
|
||||||
|
* managed by the group policy. Managed users have limited functionality.
|
||||||
|
* This method returns an object with boolean values for each policy that
|
||||||
|
* indicates whether the policy is enforced or not.
|
||||||
|
*
|
||||||
|
* @returns {Object} An object with boolean values for each policy that indicates whether it is enforced or not.
|
||||||
|
* @function
|
||||||
|
*/
|
||||||
|
function getDefaultPolicy() {
|
||||||
|
return {
|
||||||
|
userCannotDeleteOwnAccount: true,
|
||||||
|
userCannotAddSecondaryEmail: true,
|
||||||
|
userCannotHaveSubscription: true,
|
||||||
|
userCannotLeaveManagingGroupSubscription: true,
|
||||||
|
userCannotHaveThirdPartySSO: true,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
getDefaultPolicy,
|
||||||
|
}
|
|
@ -1,6 +1,7 @@
|
||||||
const { db, ObjectId } = require('../../../../app/src/infrastructure/mongodb')
|
const { db, ObjectId } = require('../../../../app/src/infrastructure/mongodb')
|
||||||
const { expect } = require('chai')
|
const { expect } = require('chai')
|
||||||
const SubscriptionUpdater = require('../../../../app/src/Features/Subscription/SubscriptionUpdater')
|
const SubscriptionUpdater = require('../../../../app/src/Features/Subscription/SubscriptionUpdater')
|
||||||
|
const ManagedUsersHandler = require('../../../../app/src/Features/Subscription/ManagedUsersHandler')
|
||||||
const SubscriptionModel =
|
const SubscriptionModel =
|
||||||
require('../../../../app/src/models/Subscription').Subscription
|
require('../../../../app/src/models/Subscription').Subscription
|
||||||
const DeletedSubscriptionModel =
|
const DeletedSubscriptionModel =
|
||||||
|
@ -43,6 +44,10 @@ class Subscription {
|
||||||
db.subscriptions.findOne({ _id: ObjectId(this._id) }, callback)
|
db.subscriptions.findOne({ _id: ObjectId(this._id) }, callback)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getWithGroupPolicy(callback) {
|
||||||
|
SubscriptionModel.findById(this._id).populate('groupPolicy').exec(callback)
|
||||||
|
}
|
||||||
|
|
||||||
setManagerIds(managerIds, callback) {
|
setManagerIds(managerIds, callback) {
|
||||||
return SubscriptionModel.findOneAndUpdate(
|
return SubscriptionModel.findOneAndUpdate(
|
||||||
{ _id: ObjectId(this._id) },
|
{ _id: ObjectId(this._id) },
|
||||||
|
@ -55,6 +60,14 @@ class Subscription {
|
||||||
SubscriptionUpdater.refreshUsersFeatures(this, callback)
|
SubscriptionUpdater.refreshUsersFeatures(this, callback)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
enableManagedUsers(callback) {
|
||||||
|
ManagedUsersHandler.enableManagedUsers(this._id, callback)
|
||||||
|
}
|
||||||
|
|
||||||
|
getGroupPolicyForUser(user, callback) {
|
||||||
|
ManagedUsersHandler.getGroupPolicyForUser(user, callback)
|
||||||
|
}
|
||||||
|
|
||||||
expectDeleted(deleterData, callback) {
|
expectDeleted(deleterData, callback) {
|
||||||
DeletedSubscriptionModel.find(
|
DeletedSubscriptionModel.find(
|
||||||
{ 'subscription._id': this._id },
|
{ 'subscription._id': this._id },
|
||||||
|
|
|
@ -205,6 +205,14 @@ class User {
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
enrollInSubscription(subscription, callback) {
|
||||||
|
UserModel.updateOne(
|
||||||
|
{ _id: this.id },
|
||||||
|
{ 'enrollment.managedBy': subscription._id },
|
||||||
|
callback
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
logout(callback) {
|
logout(callback) {
|
||||||
this.getCsrfToken(error => {
|
this.getCsrfToken(error => {
|
||||||
if (error != null) {
|
if (error != null) {
|
||||||
|
|
Loading…
Reference in a new issue