Fix PolicyDelegateBase not giving access details for admin policies
Fix PolicyDelegateBase not giving access details for admin policies.
This gets used in createBasePolicy and records known access(knownAccessRecorder) which we use for putting the little admin role indicator in rooms and sorting the admins to the front.
We don't use this for anything critical at the moment (just cosmetic) so it didn't cause any access/permission problems. Plus existing rooms already have recorded access in the database so things just continued working for existing rooms.
Found this bug while testing https://gitlab.com/gitlab-org/gitter/webapp/-/merge_requests/1921
We initially dryed things up and used PolicyDelegateBase in https://gitlab.com/gitlab-org/gitter/webapp/-/merge_requests/1905
but mistakenly simplified the following from gh-repo-policy-delegate
// No need to record access to a public repo
if (policyName === 'GH_REPO_ACCESS' && this._securityDescriptor.public) {
return null;
}into this incorrect generalized snippet:
// No need to record access to a public room
if (this._securityDescriptor.public) {
return null;
}It should actually be the following which still allows us to getAccessDetails for admin policies(public or private), and member policies for private rooms. The only thing we don't care about is member policies in public rooms because anyone can join anyway.
// No need to record access to a public room for a member joining because anyone can join anway
// We still want to record access for admins through
if (this._securityDescriptor.public && policyName === this._securityDescriptor.members) {
return null;
}Testing strategy
- Create a room for one of your GitHub repos that you haven't created a room for before
- Notice how your avatar in the people roster in the right-toolbar has a dark blue bar at the bottom (you may need to wait 5 minutes for the rate-limit cache thing expires)
| Before | After |
|---|---|
 |
 |