paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-25 00:53:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ad122af6f878366bdd01442da2dff9f78ef534d2
zulip/zerver/views/muted_users.py
roanster007 8bd92fe801 bots: Fix muting of cross realm bots. 
Previously, we weren't able to mute the cross realm bots. This was
because, for muting the users, we access only those profiles which are
in realm, excluding the cross realm system bots.

This is fixed by replacing the access_user_by_id method with a new
method access_user_by_id_including_cross_realm for this specific test.

Fixes #27823
2023-11-27 16:16:23 -08:00

52 lines
2.0 KiB
Python
Raw Blame History

from django.db import IntegrityError
from django.http import HttpRequest, HttpResponse
from django.utils.timezone import now as timezone_now
from django.utils.translation import gettext as _
from zerver.actions.muted_users import do_mute_user, do_unmute_user
from zerver.lib.exceptions import JsonableError
from zerver.lib.muted_users import get_mute_object
from zerver.lib.response import json_success
from zerver.lib.users import access_user_by_id_including_cross_realm
from zerver.models import UserProfile
def mute_user(request: HttpRequest, user_profile: UserProfile, muted_user_id: int) -> HttpResponse:
if user_profile.id == muted_user_id:
raise JsonableError(_("Cannot mute self"))
# Arguably, access_used_by_id is not quite the right check; in the
# corner case of a limited guest trying to mute a deactivated user
# who they no longer have access to because the user was
# deactivated... it might from a policy perspective be OK to allow
# that operation even though this API will reject it.
#
# But it's quite possibly something nobody will try to do, so we
# just reuse the existing shared code path.
muted_user = access_user_by_id_including_cross_realm(
user_profile, muted_user_id, allow_bots=True, allow_deactivated=True, for_admin=False
)
date_muted = timezone_now()
try:
do_mute_user(user_profile, muted_user, date_muted)
except IntegrityError:
raise JsonableError(_("User already muted"))
return json_success(request)
def unmute_user(
request: HttpRequest, user_profile: UserProfile, muted_user_id: int
) -> HttpResponse:
muted_user = access_user_by_id_including_cross_realm(
user_profile, muted_user_id, allow_bots=True, allow_deactivated=True, for_admin=False
)
mute_object = get_mute_object(user_profile, muted_user)
if mute_object is None:
raise JsonableError(_("User is not muted"))
do_unmute_user(mute_object)
return json_success(request)
Reference in New Issue View Git Blame Copy Permalink