paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-02 21:13:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

settings: Add two new realm settings to restrict bot creation.

Browse Source 
Added `can_create_bots_group` setting which controls who can
create any type of bots in the organization.

Added `can_create_write_only_bots_group` setting which controls
who can create incoming webhooks in the organization in additon
to those who are in `can_create_bots_group`.
This commit is contained in:
Vector73
2025-01-28 11:21:58 +00:00
committed by Tim Abbott
parent 3fd5673bbd
commit d48164ce1e
29 changed files with 568 additions and 253 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
zerver/models/users.py
View File

@@ -792,20 +792,19 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings):
@property
def allowed_bot_types(self) -> list[int]:
from zerver.models.realms import BotCreationPolicyEnum
allowed_bot_types = []
if (
self.is_realm_admin
or self.realm.bot_creation_policy != BotCreationPolicyEnum.LIMIT_GENERIC_BOTS
):
allowed_bot_types.append(UserProfile.DEFAULT_BOT)
allowed_bot_types += [
UserProfile.INCOMING_WEBHOOK_BOT,
UserProfile.OUTGOING_WEBHOOK_BOT,
]
if settings.EMBEDDED_BOTS_ENABLED:
allowed_bot_types.append(UserProfile.EMBEDDED_BOT)
if self.has_permission("can_create_bots_group"):
allowed_bot_types.extend(
[
UserProfile.DEFAULT_BOT,
UserProfile.INCOMING_WEBHOOK_BOT,
UserProfile.OUTGOING_WEBHOOK_BOT,
]
)
if settings.EMBEDDED_BOTS_ENABLED:
allowed_bot_types.append(UserProfile.EMBEDDED_BOT)
elif self.has_permission("can_create_write_only_bots_group"):
allowed_bot_types.append(UserProfile.INCOMING_WEBHOOK_BOT)
return allowed_bot_types
def email_address_is_realm_public(self) -> bool: