user_groups: Check permission to manage groups based on group setting.

We also add exception for the group creator to manage groups. See https://chat.zulip.org/#narrow/stream/3-backend/topic/Group.20creation.20-.20who.20can.20change.20the.20setting.2E/near/1943861 for more details. For the tests, wherever possible, we've just added an acting_user when creating a group to test. We've also added an acting_user argument to create_user_group_for_test. We will not remove `user_group_edit_policy` yet. That will be removed once we have introduced this setting to the frontend.
2025-11-02 21:13:36 +00:00 · 2024-09-16 17:19:43 +00:00
parent 91953eca28
commit 6e9d56eaf4
5 changed files with 154 additions and 88 deletions
--- a/zerver/transaction_tests/test_user_groups.py
+++ b/zerver/transaction_tests/test_user_groups.py
@@ -82,15 +82,16 @@ class UserGroupRaceConditionTestCase(ZulipTransactionTestCase):
        """Build a user groups forming a chain through group-group memberships
        returning a list where each group is the supergroup of its subsequent group.
        """
+        iago = self.example_user("iago")
        groups = [
-            check_add_user_group(realm, f"chain #{self.counter + i}", [], acting_user=None)
+            check_add_user_group(realm, f"chain #{self.counter + i}", [], acting_user=iago)
            for i in range(self.CHAIN_LENGTH)
        ]
        self.counter += self.CHAIN_LENGTH
        self.created_user_groups.extend(groups)
        prev_group = groups[0]
        for group in groups[1:]:
-            add_subgroups_to_user_group(prev_group, [group], acting_user=None)
+            add_subgroups_to_user_group(prev_group, [group], acting_user=iago)
            prev_group = group
        return groups