user_groups: Add a decorator to check group creation permission.

Earlier there was a single decorator function to check whether user can create and edit user groups. This commit adds a new decorator function to check whether user has permissions to create user groups. This was done because in future commits we will be adding a realm level setting for configuring who can create user groups.
2025-11-02 21:13:36 +00:00 · 2023-07-17 12:50:50 +05:30
parent 3f800002be
commit bb0b6900df
3 changed files with 28 additions and 2 deletions
--- a/zerver/decorator.py
+++ b/zerver/decorator.py
@@ -677,6 +677,25 @@ def require_user_group_edit_permission(
    return _wrapped_view_func


+def require_user_group_create_permission(
+    view_func: Callable[Concatenate[HttpRequest, UserProfile, ParamT], HttpResponse],
+) -> Callable[Concatenate[HttpRequest, UserProfile, ParamT], HttpResponse]:
+    @require_member_or_admin
+    @wraps(view_func)
+    def _wrapped_view_func(
+        request: HttpRequest,
+        user_profile: UserProfile,
+        /,
+        *args: ParamT.args,
+        **kwargs: ParamT.kwargs,
+    ) -> HttpResponse:
+        if not user_profile.can_create_user_groups():
+            raise JsonableError(_("Insufficient permission"))
+        return view_func(request, user_profile, *args, **kwargs)
+
+    return _wrapped_view_func
+
+
 # This API endpoint is used only for the mobile apps.  It is part of a
 # workaround for the fact that React Native doesn't support setting
 # HTTP basic authentication headers.