stream settings: Allow realm admins to remove others from any stream.

This will allow realm admins to remove others from private stream to which the realm administrator is not subscribed; this is important for managing those streams, because previously nobody could remove users from private streams that didn't have any realm administrators subscribed.
2025-11-03 13:33:24 +00:00 · 2018-02-20 23:26:01 +05:30
parent 2031118545
commit 93ee0aace7
3 changed files with 16 additions and 15 deletions
--- a/docs/production/security-model.md
+++ b/docs/production/security-model.md
@@ -114,7 +114,8 @@ strength allowed is controlled by two settings in
    stream's message history.
  * Organization administrators can do some basic management of
    private streams that they are not subscribed to: Changing the
-    stream name and description, and viewing the current subscribers.
+    stream name and description, viewing the current subscribers, and
+    removing subscribers.

 * Zulip supports editing the content and topics of messages that have
  already been sent. As a general philosophy, our policies provide
--- a/zerver/tests/test_subs.py
+++ b/zerver/tests/test_subs.py
@@ -589,7 +589,8 @@ class StreamAdminTest(ZulipTestCase):

    def attempt_unsubscribe_of_principal(self, query_count: int, is_admin: bool=False,
                                         is_subbed: bool=True, invite_only: bool=False,
-                                         other_user_subbed: bool=True) -> HttpResponse:
+                                         other_user_subbed: bool=True,
+                                         other_sub_users: List[UserProfile]=None) -> HttpResponse:

        # Set up the main user, who is in most cases an admin.
        user_profile = self.example_user('hamlet')
@@ -611,6 +612,9 @@ class StreamAdminTest(ZulipTestCase):
            self.subscribe(user_profile, stream_name)
        if other_user_subbed:
            self.subscribe(other_user_profile, stream_name)
+        if other_sub_users:
+            for user in other_sub_users:
+                self.subscribe(user, stream_name)

        with queries_captured() as queries:
            result = self.client_delete(
@@ -654,7 +658,7 @@ class StreamAdminTest(ZulipTestCase):
        are on.
        """
        result = self.attempt_unsubscribe_of_principal(
-            query_count=22, is_admin=True, is_subbed=True, invite_only=True,
+            query_count=21, is_admin=True, is_subbed=True, invite_only=True,
            other_user_subbed=True)
        json = self.assert_json_success(result)
        self.assertEqual(len(json["removed"]), 1)
@@ -662,13 +666,15 @@ class StreamAdminTest(ZulipTestCase):

    def test_admin_remove_others_from_unsubbed_private_stream(self) -> None:
        """
-        Even if you're an admin, you can't remove people from private
+        If you're an admin, you can remove people from private
        streams you aren't on.
        """
        result = self.attempt_unsubscribe_of_principal(
-            query_count=5, is_admin=True, is_subbed=False, invite_only=True,
-            other_user_subbed=True)
-        self.assert_json_error(result, "Cannot administer invite-only streams this way")
+            query_count=21, is_admin=True, is_subbed=False, invite_only=True,
+            other_user_subbed=True, other_sub_users=[self.example_user("othello")])
+        json = self.assert_json_success(result)
+        self.assertEqual(len(json["removed"]), 1)
+        self.assertEqual(len(json["not_subscribed"]), 0)

    def test_create_stream_by_admins_only_setting(self) -> None:
        """
--- a/zerver/views/streams.py
+++ b/zerver/views/streams.py
@@ -221,9 +221,10 @@ def remove_subscriptions_backend(

    removing_someone_else = principals and \
        set(principals) != set((user_profile.email,))
+
    if removing_someone_else and not user_profile.is_realm_admin:
        # You can only unsubscribe other people from a stream if you are a realm
-        # admin.
+        # admin (whether the stream is public or private).
        return json_error(_("This action requires administrative rights"))

    streams_as_dict = []
@@ -232,13 +233,6 @@ def remove_subscriptions_backend(

    streams, __ = list_to_streams(streams_as_dict, user_profile)

-    for stream in streams:
-        if removing_someone_else and stream.invite_only and \
-                not subscribed_to_stream(user_profile, stream.id):
-            # Even as an admin, you can't remove other people from an
-            # invite-only stream you're not on.
-            return json_error(_("Cannot administer invite-only streams this way"))
-
    if principals:
        people_to_unsub = set(principal_to_user_profile(
            user_profile, principal) for principal in principals)