paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-02 21:13:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

realm: Add option to enable/disable spectator login.

Browse Source 
We restrict access of messages from web public streams if
anonymous login is disabled via `enable_spectator_access`.

Display of `Anonymous login` button is now controlled by
the value of `enable_spectator_access`.

Admins can toggle `enable_spectator_access` via org settings in UI.
This commit is contained in:
Aman Agrawal
2021-10-03 17:46:07 +05:30
committed by Tim Abbott
parent 28488d9939
commit 2a922409aa
15 changed files with 162 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
zerver/tests/test_home.py
View File

@@ -136,6 +136,7 @@ class HomeTest(ZulipTestCase):
"realm_emails_restricted_to_domains",
"realm_embedded_bots",
"realm_emoji",
"realm_enable_spectator_access",
"realm_filters",
"realm_giphy_rating",
"realm_icon_source",
@@ -312,8 +313,22 @@ class HomeTest(ZulipTestCase):
self.assertEqual(result.url, "/login/")
# Tell server that user wants to login anonymously
# Redirects to load webapp.
# Redirects to load webapp. Since Realm.enable_spectator_access
# is False, the login should fail.
realm = get_realm("zulip")
result = self.client_post("/", {"prefers_web_public_view": "true"})
self.assertEqual(self.client.session.get("prefers_web_public_view"), None)
self.assertEqual(realm.enable_spectator_access, False)
self.assertEqual(result.status_code, 302)
self.assertEqual(result.url, "/login/")
# Enable spectator login.
realm.enable_spectator_access = True
realm.save()
result = self.client_post("/", {"prefers_web_public_view": "true"})
self.assertEqual(self.client.session.get("prefers_web_public_view"), True)
self.assertEqual(realm.enable_spectator_access, True)
self.assertEqual(result.status_code, 302)
self.assertEqual(result.url, "http://zulip.testserver")
@@ -337,6 +352,9 @@ class HomeTest(ZulipTestCase):
self.client_get("/")
self.assertEqual(self.client.session.get("prefers_web_public_view"), None)
realm.enable_spectator_access = False
realm.save()
def test_home_under_2fa_without_otp_device(self) -> None:
with self.settings(TWO_FACTOR_AUTHENTICATION_ENABLED=True):
self.login("iago")