diff --git a/changelog.d/3-bug-fixes/WPB-25521-allow-collaborators-to-add-_-remove-members-to-_-from-team-if-they-are-are-conversation-admins b/changelog.d/3-bug-fixes/WPB-25521-allow-collaborators-to-add-_-remove-members-to-_-from-team-if-they-are-are-conversation-admins new file mode 100644 index 00000000000..6e458eb3fdd --- /dev/null +++ b/changelog.d/3-bug-fixes/WPB-25521-allow-collaborators-to-add-_-remove-members-to-_-from-team-if-they-are-are-conversation-admins @@ -0,0 +1 @@ +Allow collaborators to add / remove members to / from team if they are are conversation admins. diff --git a/libs/wire-api/src/Wire/API/Team/Collaborator.hs b/libs/wire-api/src/Wire/API/Team/Collaborator.hs index d256ce92474..3210d4158d4 100644 --- a/libs/wire-api/src/Wire/API/Team/Collaborator.hs +++ b/libs/wire-api/src/Wire/API/Team/Collaborator.hs @@ -19,6 +19,7 @@ module Wire.API.Team.Collaborator where +import Control.Lens qualified as L import Data.Aeson qualified as A import Data.Id import Data.OpenApi qualified as S @@ -33,11 +34,23 @@ data CollaboratorPermission = CreateTeamConversation | ImplicitConnection instance ToSchema CollaboratorPermission where schema = - enum @Text $ - mconcat - [ element "create_team_conversation" CreateTeamConversation, - element "implicit_connection" ImplicitConnection - ] + (doc . description L.?~ descr) $ + enum @Text $ + mconcat + [ element "create_team_conversation" CreateTeamConversation, + element "implicit_connection" ImplicitConnection + ] + where + descr = + "

Permission granted to a team collaborator.

\ + \\n\ + \

NB: a member of team A can always open conversations with a collaborator of \ + \team A; the permission only controls the collaborator's abilities.

" data TeamCollaboratorsError = InsufficientRights diff --git a/libs/wire-api/src/Wire/API/Team/Member.hs b/libs/wire-api/src/Wire/API/Team/Member.hs index 7a0b09dbe07..61f32827557 100644 --- a/libs/wire-api/src/Wire/API/Team/Member.hs +++ b/libs/wire-api/src/Wire/API/Team/Member.hs @@ -492,6 +492,7 @@ data HiddenPerm | ChangeTeamMemberProfiles | SearchContacts | NewTeamCollaborator + | GetTeamCollaborators | JoinRegularConversations | CreateApp | ManageApps @@ -597,6 +598,7 @@ roleHiddenPermissions role = HiddenPermissions p p (roleHiddenPerms RoleExternalPartner <>) $ Set.fromList [ ViewSameTeamEmails, + GetTeamCollaborators, SearchContacts ] roleHiddenPerms RoleExternalPartner = diff --git a/libs/wire-subsystems/src/Wire/TeamCollaboratorsSubsystem/Interpreter.hs b/libs/wire-subsystems/src/Wire/TeamCollaboratorsSubsystem/Interpreter.hs index 7af4b25c9a5..30a970706e3 100644 --- a/libs/wire-subsystems/src/Wire/TeamCollaboratorsSubsystem/Interpreter.hs +++ b/libs/wire-subsystems/src/Wire/TeamCollaboratorsSubsystem/Interpreter.hs @@ -82,7 +82,7 @@ createTeamCollaboratorImpl :: Set CollaboratorPermission -> Sem r () createTeamCollaboratorImpl zUser user team perms = do - guardPermission (tUnqualified zUser) team TeamMember.NewTeamCollaborator InsufficientRights + guardPermission (tUnqualified zUser) team TeamMember.GetTeamCollaborators InsufficientRights Store.createTeamCollaborator user team perms -- TODO: Review the event's values @@ -97,7 +97,7 @@ getAllTeamCollaboratorsImpl :: TeamId -> Sem r [TeamCollaborator] getAllTeamCollaboratorsImpl zUser team = do - guardPermission (tUnqualified zUser) team TeamMember.NewTeamCollaborator InsufficientRights + guardPermission (tUnqualified zUser) team TeamMember.GetTeamCollaborators InsufficientRights Store.getAllTeamCollaborators team internalGetTeamCollaboratorsWithIdsImpl ::