Remove user permissions if service becomes a broadcast service

The "normal" service permissions and broadcast service permissions are going to be different with no overlap. This means that if you were viewing the team members page, there might be permissions in the database that are not visible on the frontend if a service has changed type. For example, someone could have the 'manage_api_keys' permission, which would not show up on the team members page of a broadcast service. To avoid people having permissions which aren't visible in admin, we now remove all permissions from users when their service is converted to a broadcast service. Permisions for invited users are also removed. It's not possible to convert a broadcast service to a normal service, so we don't need to cover for this scenario.
2025-12-20 23:41:17 -05:00 · 2021-06-22 16:03:39 +01:00
parent 29a13a8fae
commit fc0b9736eb
3 changed files with 51 additions and 0 deletions
--- a/app/dao/broadcast_service_dao.py
+++ b/app/dao/broadcast_service_dao.py
@@ -7,7 +7,10 @@ from app.dao.dao_utils import autocommit, version_class
 from app.models import (
    BROADCAST_TYPE,
    EMAIL_AUTH_TYPE,
+    INVITE_PENDING,
+    InvitedUser,
    Organisation,
+    Permission,
    Service,
    ServiceBroadcastSettings,
    ServicePermission,
@@ -53,6 +56,13 @@ def set_broadcast_service_type(service, service_mode, broadcast_channel, provide
        service.restricted = True
        service.go_live_at = None

+    # Remove all user permissions for the service users and invited users
+    Permission.query.filter_by(service_id=service.id).delete()
+    InvitedUser.query.filter_by(
+        service_id=service.id,
+        status=INVITE_PENDING
+    ).update({'permissions': ''})
+
    # Add service to organisation
    organisation = Organisation.query.filter_by(
        id=current_app.config['BROADCAST_ORGANISATION_ID']