upstream/mattermost
1
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2026-04-13 13:08:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
mattermost/api/v4/source/definitions.yaml

4964 lines
148 KiB
YAML
Raw Permalink Normal View History

Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
components:
securitySchemes:
feat: Switch from Redoc to Stoplight Elements for API documentation (#30591)
2025-04-17 05:31:56 -04:00
bearerAuth:
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
type: http
scheme: bearer
responses:
Forbidden:
description: Do not have appropriate permissions
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
Unauthorized:
description: No access token provided
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
BadRequest:
description: Invalid or missing parameters in URL or request body
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
NotFound:
description: Resource not found
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
TooLarge:
description: Content too large
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
NotImplemented:
description: Feature is disabled
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
TooManyRequests:
description: Too many requests
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
InternalServerError:
description: Something went wrong with the server
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
Webapp - Outgoing OAuth Connections (#25507) * added store * make generated * add missing license headers * fix receiver name * i18n * i18n sorting * update migrations from master * make migrations-extract * update retrylayer tests * replaced sql query with id pagination * fixed flaky tests * missing columns * missing columns on save/update * typo * improved tests * remove enum from mysql colum * add password credentials to store * license changes * OAuthOutgoingConnectionInterface * Oauth -> OAuth * make generated * copied over installed_oauth_apps component and renamed things to installed_outgoing_oauth_connections * merge migrations * renamed migrations * model change suggestions * refactor test functionsn * migration typo * refactor store table names * updated sanitize test * cleanup merge * refactor symbol * "installed outgoing oauth connections" page works * move things into a nested folder * add and edit page stubs work * list endpoint * oauthoutgoingconnection -> outgoingoauthconnection * signature change * i18n update * granttype typo * naming * api list * uppercase typo * i18n * missing license header * fixed path in comments * updated openapi definitions * changes to support selecting command request url * sanitize connections * make generated * test license and no feature flag * removed t.fatal * updated testhelper calls * yaml schema fixes * switched interface name * suggested translation * missing i18n translation * management permission * moved permission initalization to proper place * endpoints * put tests * error check typo * fixed specific enttity urls * tests * read permission check * updated openapi definitions * i18n * GetConnectionByAudience method * notes * replaced GetConnectionsByAudience with a filter * added custom oauth token object * updated interface and usage * properly set enterprise interface * move retrieval logic to impl * webhook tests * translations * i18n: updates * address comments * endpoint and tests * i18n * api docs * fixed endpoint path * sq.like * use filter object instead of parameters * set url values if not empty * typos * converted some components to function components, and move around files * correctly check token url * restore flag to previous value * added command oauth handler * update enterprise imports * migrate last component to function component * Added enterprise import * refactor permissions and add necessary webapp code * Check correct flag in permission tree * allow partial updates * sort i18n webapp * missing test modification * fixed webapp i18n sorting * allow validating stored connections * added missing translation * fix finished adding connection link and text on result page * added missing permission to smoke tests * missing role in smoke test * updated translations * updated translations * support editing client secret on existing connection * fix some i18n strings * updated translations * better error messages * progress on using react select for command request url while maintaining typed in value * remove writeheader, test * HasValidGrantType * end early to avoid nil pointer errors * move slash command request url input box into its own component * wrap components related to oauth connections in config check * fix tests * i18n-extract * change some i18n strings to say "Outgoing OAuth 2.0 Connections" * remove debug code * fixed i18n * updated i18n file * feature configuration backend * typo * add system console setting * Revert "typo" This reverts commit 669da23e8ee47525ccaa6f59cbbd20bf8a121191. * Revert "updated i18n file" This reverts commit d0882c0dd7587533f0d0f7a7b7b190684186158a. * Revert "fixed i18n" This reverts commit 3108866bc19139182dfd094921c56cdefc4695ea. * fixed i18n * updated i18n file * typo * updated i18n * updated i18n * updated i18n * updated version to 9.6 * replace feature flag with system console configuration * i18n * updated tests * pr feedback * fix styling of disabled text box * fix styling of action links in integration console * server changes for validation feature * webapp changes for validation feature * pencil icon styling * styling fixes for oauth audience correct configuration message * fix sanitize test * remove max lengths from outgoing oauth connection form * use config var in webapp instead of feature flag * change asterisks to bullets * update api docs for validate endpoint * feedback from ux review * fix lint, types, tests * fix stylelint * implement validation button under the token url input * support wildcard for matching audience urls * updates for styling * update snapshots * add doc links for the outgoing oauth connections feature * change doc links to use permalink * add docs link to system console * fix: use limitedreader in json decoding * fix: form error in validation * management permission can read now * updated api documentation * doc typo * require one permission to read only * fix api connection list audience filter * fix audience matching and add loading indicator * fix team permissions on outgoing oauth connection api calls * fix api doc and test, for adding team id to query params * handle read permissions by adding a team in the payload * missing teamid query parameter in test * change validate button logic to not require audience urls to be filled out * fix redux type --------- Co-authored-by: Felipe Martin <me@fmartingr.com>
2024-02-09 14:49:49 -05:00
BadGateway:
description: Bad gateway
content:
application/json:
schema:
$ref: "#/components/schemas/AppError"
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
schemas:
User:
type: object
properties:
id:
type: string
create_at:
description: The time in milliseconds a user was created
type: integer
format: int64
update_at:
description: The time in milliseconds a user was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a user was deleted
type: integer
format: int64
username:
type: string
first_name:
type: string
last_name:
type: string
nickname:
type: string
email:
type: string
email_verified:
type: boolean
auth_service:
type: string
roles:
type: string
locale:
type: string
notify_props:
$ref: "#/components/schemas/UserNotifyProps"
props:
type: object
last_password_update:
type: integer
format: int64
last_picture_update:
type: integer
format: int64
failed_attempts:
type: integer
mfa_active:
type: boolean
timezone:
$ref: "#/components/schemas/Timezone"
terms_of_service_id:
description: ID of accepted terms of service, if any. This field is not present
if empty.
type: string
terms_of_service_create_at:
description: The time in milliseconds the user accepted the terms of service
type: integer
format: int64
UsersStats:
type: object
properties:
total_users_count:
type: integer
KnownUsers:
type: array
properties:
items:
type: string
Team:
type: object
properties:
id:
type: string
create_at:
description: The time in milliseconds a team was created
type: integer
format: int64
update_at:
description: The time in milliseconds a team was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a team was deleted
type: integer
format: int64
display_name:
type: string
name:
type: string
description:
type: string
email:
type: string
type:
type: string
allowed_domains:
type: string
invite_id:
type: string
allow_open_invite:
type: boolean
policy_id:
type: string
description: >-
The data retention policy to which this team has been assigned. If no such policy exists,
or the caller does not have the `sysconsole_read_compliance_data_retention` permission,
this field will be null.
TeamStats:
type: object
properties:
team_id:
type: string
total_member_count:
type: integer
TeamExists:
type: object
properties:
exists:
type: boolean
Channel:
type: object
properties:
id:
type: string
create_at:
description: The time in milliseconds a channel was created
type: integer
format: int64
update_at:
description: The time in milliseconds a channel was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a channel was deleted
type: integer
format: int64
team_id:
type: string
type:
type: string
display_name:
type: string
name:
type: string
header:
type: string
purpose:
type: string
last_post_at:
description: The time in milliseconds of the last post of a channel
type: integer
format: int64
total_msg_count:
type: integer
extra_update_at:
description: Deprecated in Mattermost 5.0 release
type: integer
format: int64
creator_id:
type: string
ChannelStats:
type: object
properties:
channel_id:
type: string
member_count:
type: integer
ChannelMember:
type: object
properties:
channel_id:
type: string
user_id:
type: string
roles:
type: string
last_viewed_at:
description: The time in milliseconds the channel was last viewed by the user
type: integer
format: int64
msg_count:
type: integer
mention_count:
type: integer
notify_props:
$ref: "#/components/schemas/ChannelNotifyProps"
last_update_at:
description: The time in milliseconds the channel member was last updated
type: integer
format: int64
ChannelMemberWithTeamData:
allOf:
- $ref: "#/components/schemas/ChannelMember"
- type: object
properties:
team_display_name:
type: string
description: The display name of the team to which this channel belongs.
team_name:
type: string
description: The name of the team to which this channel belongs.
team_update_at:
type: integer
description: The time at which the team to which this channel belongs was last updated.
ChannelData:
type: object
properties:
channel:
$ref: "#/components/schemas/Channel"
member:
$ref: "#/components/schemas/ChannelMember"
ChannelWithTeamData:
allOf:
- $ref: "#/components/schemas/Channel"
- type: object
properties:
team_display_name:
type: string
description: The display name of the team to which this channel belongs.
team_name:
type: string
description: The name of the team to which this channel belongs.
team_update_at:
type: integer
description: The time at which the team to which this channel belongs was last updated.
policy_id:
type: string
description: >-
The data retention policy to which this team has been assigned. If no such policy exists,
or the caller does not have the `sysconsole_read_compliance_data_retention` permission, this field
will be null.
ChannelListWithTeamData:
type: array
items:
$ref: "#/components/schemas/ChannelWithTeamData"
Channel Bookmarks (#25449) * create ChannelBookmarks table * ChannelBookmark model * channel bookamrks Store layer * add GetBookmarksForAllChannelByIdSince * add channel bookmarks to test store * Add channel bookmarks to app layer * remove index for createAt in channel bookmarks migrations * remove createAt from select channel bookmark query and enable store delete bookmark test * update reponse of UpdateBookmark * rename db migration files * channel bookmarks store update sort order * channel bookmarks app layer update sort order * fix lint & tests * Fix lint and introduce util functions to insert / remove from slice * remove model etag * i18n * defer remove file info after test run * Fix tests passing the request context * fix migrations * fix TestRetry * Add bookmark permissions (#25560) * Adds channel bookmarks permissions * Fix linter * Remove unnecessary empty lines * Remove scss change as it's not necessary anymore * Fix mock store * Fix mock store and add role entry * Fix test * Adds cypress test and update permissions migration to update admin roles * Adds channel bookmarks roles to default admin roles * Adds bookmark permissions to default role permissions constant in webapp * Update mmctl test * Update permission test after normalising the roles * fix store tests * fix app layer tests * Add new bookmark endpoint (#25624) * Adds channel bookmarks api scaffold and create endpoint * Applies review comments to the API docs * Adds websocket test to create channel bookmark --------- Co-authored-by: Mattermost Build <build@mattermost.com> * MM-54426 exclude Channel Bookmarks files from data retention (#25656) * Augment channel APIs to include bookmarks (#25567) * update files docs for server 9.4 * Adds update channel bookmark endpoint (#25653) * Adds update channel bookmark sort order endpoint (#25686) * Adds update channel bookmark endpoint * Updates edit app method to return the right deleted bookmark and adds tests * Adds the update channel bookmark sort order endpoint * Fix repeated test after merge * Assign right permissions to each test * Update store and app layer to return specific errors and add tests * Adds delete channel bookmark endpoint (#25693) * Updates edit app method to return the right deleted bookmark and adds tests * Fix repeated test after merge * Updates edit app method to return the right deleted bookmark and adds tests * Adds delete channel bookmark endpoint * Adds list channel bookmarks endpoint (#25700) * Add channel moderation to bookmarks (#25716) * fix migrations index * fix getChannelsForTeamForUser * fix getChannelsForTeamForUser * fix bad merge client4 * fix file api with bookmark permission * add ChannelBookmarks feature flag * add missing translations * Set DB column for type as enum * use custom type for bookmark query using sqlx * use transaction when saving bookmark * return NewErrNotFound instead of Sql.ErrNoRows * use squirrel for IN query * add a limit of 1K for records in GetBookmarksForAllChannelByIdSince * UpdateSortOrder with one single query instead of multiple updates * fix shadow declaration * fix channel bookmarks permission string definition in admin console * fix another shadow declaration * Fix model conversion * add SplitSliceInChunks * remove include bookmarks in channels api * Cap amount of bookmarks per channel * add etag back to get channels * feedback review * update file info when replacing a bookmark file * return 501 not implemented when the license is not available * add detail message when getting channel member on bookmark api * start audit before permission check on create bookmark api * use require.Eventuallyf for testing WS events * remove unnecessary log in app layer * use require instead of assert to avoid panics * enforce limit when querying bookmarks since * prevent to create/update bookmark if file is already attached * fix lint * delete file when a bookmark is deleted * Dot allow to set a fileId and a url at the same time to a bookmark * fix query to delete a file that belongs to a bookmark * do not patch the bookmark type * Server side FeatureFlag check (#26145) * use ff in server, set ff to false * turn on FF for unit tests * defer unset FF for unit tests * turn ff on for testing * only allow attaching files that were uploaded for bookmark * Set feature flag off as default * fix lint * update email templates as PR failed * revert templates * force the assignment of ID when creating a bookmark * Fix unit tests --------- Co-authored-by: Miguel de la Cruz <miguel@mcrx.me> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Caleb Roseland <caleb@calebroseland.com> Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
2024-03-12 10:36:05 -04:00
ChannelBookmark:
type: object
properties:
id:
type: string
create_at:
description: The time in milliseconds a channel bookmark was created
type: integer
format: int64
update_at:
description: The time in milliseconds a channel bookmark was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a channel bookmark was deleted
type: integer
format: int64
channel_id:
type: string
owner_id:
description: The ID of the user that the channel bookmark belongs to
type: string
file_id:
description: The ID of the file associated with the channel bookmark
type: string
display_name:
type: string
sort_order:
description: The order of the channel bookmark
type: integer
format: int64
link_url:
description: The URL associated with the channel bookmark
type: string
image_url:
description: The URL of the image associated with the channel bookmark
type: string
emoji:
type: string
type:
type: string
enum: [link, file]
original_id:
description: The ID of the original channel bookmark
type: string
parent_id:
description: The ID of the parent channel bookmark
type: string
ChannelBookmarkWithFileInfo:
allOf:
- $ref: "#/components/schemas/ChannelBookmark"
- type: object
properties:
file:
$ref: "#/components/schemas/FileInfo"
UpdateChannelBookmarkResponse:
type: object
properties:
updated:
$ref: "#/components/schemas/ChannelBookmarkWithFileInfo"
deleted:
$ref: "#/components/schemas/ChannelBookmarkWithFileInfo"
Merge the Integrated Boards MVP feature branch (#35796) * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 05:36:35 -04:00
View:
type: object
properties:
id:
type: string
description: The unique identifier of the view
channel_id:
type: string
description: The ID of the channel this view belongs to
type:
type: string
enum: [kanban]
creator_id:
type: string
description: The ID of the user who created this view
title:
type: string
description: The title of the view
description:
type: string
description: The description of the view
sort_order:
type: integer
description: The display order of the view within the channel
props:
type: object
description: Arbitrary key-value properties for the view
additionalProperties: true
create_at:
description: The time in milliseconds the view was created
type: integer
format: int64
update_at:
description: The time in milliseconds the view was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds the view was deleted
type: integer
format: int64
ViewPatch:
type: object
description: Fields that can be updated on a view via PATCH
properties:
title:
type: string
description:
type: string
sort_order:
type: integer
props:
type: object
description: Arbitrary key-value properties for the view
additionalProperties: true
ViewsWithCount:
type: object
description: Paginated list of views with total count
properties:
views:
type: array
items:
$ref: "#/components/schemas/View"
total_count:
type: integer
format: int64
description: Total number of views matching the query (ignoring pagination)
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
Post:
type: object
properties:
id:
type: string
create_at:
description: The time in milliseconds a post was created
type: integer
format: int64
update_at:
description: The time in milliseconds a post was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a post was deleted
type: integer
format: int64
edit_at:
type: integer
format: int64
user_id:
type: string
channel_id:
type: string
root_id:
type: string
original_id:
type: string
message:
type: string
type:
type: string
props:
type: object
hashtag:
type: string
file_ids:
type: array
items:
type: string
pending_post_id:
type: string
metadata:
$ref: "#/components/schemas/PostMetadata"
Custom profile attributes field endpoints (#29662) * Adds the main Property System Architecture components This change adds the necessary migrations for the Property Groups, Fields and Values tables to be created, the store layer and a Property Service that can be used from the app layer. * Adds Custom Profile Attributes endpoints and app layer * implement get and patch cpa values * run i18n-extract * Update property field type to use user instead of person * Update PropertyFields to allow for unique nondeleted fields and remove redundant indexes * Update PropertyValues to allow for unique nondeleted fields and remove redundant indexes * Use StringMap instead of the map[string]any on property fields * Add i18n strings * Revert "Use StringMap instead of the map[string]any on property fields" This reverts commit e2735ab0f8589d2524d636419ca0cb144575c4d6. * Cast JSON binary data to string and add todo note for StringMap use * Add mocks to the retrylayer tests * Cast JSON binary data to string in property value store * Check for binary parameter instead of casting to string for JSON data * Fix bad merge * Check property field type is one of the allowed ones * Avoid reusing err variable to be explicit about the returned value * Merge Property System Migrations into one file * Adds NOT NULL to timestamps at the DB level * Update stores to use tableSelectQuery instead of a slice var * Update PropertyField model translations to be more explicit and avoid repetition * Update PropertyValue model translations to be more explicit and avoid repetition * Use ExecBuilder instead of ToSql&Exec * Update property field errors to add context * Ensure PerPage is greater than zero * Update store errors to give more context * Use ExecBuilder in the property stores where possible * Add an on conflict suffix to the group register to avoid race conditions * Remove user profile API documentation changes * Update patchCPAValues endpoint and docs to return the updated information * Merge two similar error conditions * Use a route function for ListCPAValues * Remove badly used translation string * Remove unused get in register group method * Adds input sanitization and validation to the CPA API endpoints * Takes login outside of one test case to make it clear it affects multiple t.Runs * Fix wrap error and return code when property field has been deleted * Fix receiver name * Adds comment to move the CPA group ID to the db cache * Set the PerPage of CPA fields to the fields limit * Update server/channels/app/custom_profile_attributes_test.go Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Standardize group ID access * Avoid polluting the state between tests * Use specific errors for the retrieval of CPA group --------- Co-authored-by: Scott Bishel <scott.bishel@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
2025-01-13 12:12:38 -05:00
PropertyField:
type: object
properties:
id:
type: string
group_id:
type: string
name:
type: string
type:
type: string
Merge the Integrated Boards MVP feature branch (#35796) * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 05:36:35 -04:00
description: The type of property
enum: [text, select, multiselect, date, user, multiuser]
object_type:
type: string
description: The type of object this property applies to
enum: [post, channel, user]
Custom profile attributes field endpoints (#29662) * Adds the main Property System Architecture components This change adds the necessary migrations for the Property Groups, Fields and Values tables to be created, the store layer and a Property Service that can be used from the app layer. * Adds Custom Profile Attributes endpoints and app layer * implement get and patch cpa values * run i18n-extract * Update property field type to use user instead of person * Update PropertyFields to allow for unique nondeleted fields and remove redundant indexes * Update PropertyValues to allow for unique nondeleted fields and remove redundant indexes * Use StringMap instead of the map[string]any on property fields * Add i18n strings * Revert "Use StringMap instead of the map[string]any on property fields" This reverts commit e2735ab0f8589d2524d636419ca0cb144575c4d6. * Cast JSON binary data to string and add todo note for StringMap use * Add mocks to the retrylayer tests * Cast JSON binary data to string in property value store * Check for binary parameter instead of casting to string for JSON data * Fix bad merge * Check property field type is one of the allowed ones * Avoid reusing err variable to be explicit about the returned value * Merge Property System Migrations into one file * Adds NOT NULL to timestamps at the DB level * Update stores to use tableSelectQuery instead of a slice var * Update PropertyField model translations to be more explicit and avoid repetition * Update PropertyValue model translations to be more explicit and avoid repetition * Use ExecBuilder instead of ToSql&Exec * Update property field errors to add context * Ensure PerPage is greater than zero * Update store errors to give more context * Use ExecBuilder in the property stores where possible * Add an on conflict suffix to the group register to avoid race conditions * Remove user profile API documentation changes * Update patchCPAValues endpoint and docs to return the updated information * Merge two similar error conditions * Use a route function for ListCPAValues * Remove badly used translation string * Remove unused get in register group method * Adds input sanitization and validation to the CPA API endpoints * Takes login outside of one test case to make it clear it affects multiple t.Runs * Fix wrap error and return code when property field has been deleted * Fix receiver name * Adds comment to move the CPA group ID to the db cache * Set the PerPage of CPA fields to the fields limit * Update server/channels/app/custom_profile_attributes_test.go Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Standardize group ID access * Avoid polluting the state between tests * Use specific errors for the retrieval of CPA group --------- Co-authored-by: Scott Bishel <scott.bishel@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
2025-01-13 12:12:38 -05:00
attrs:
type: object
Merge the Integrated Boards MVP feature branch (#35796) * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 05:36:35 -04:00
description: Additional attributes
Custom profile attributes field endpoints (#29662) * Adds the main Property System Architecture components This change adds the necessary migrations for the Property Groups, Fields and Values tables to be created, the store layer and a Property Service that can be used from the app layer. * Adds Custom Profile Attributes endpoints and app layer * implement get and patch cpa values * run i18n-extract * Update property field type to use user instead of person * Update PropertyFields to allow for unique nondeleted fields and remove redundant indexes * Update PropertyValues to allow for unique nondeleted fields and remove redundant indexes * Use StringMap instead of the map[string]any on property fields * Add i18n strings * Revert "Use StringMap instead of the map[string]any on property fields" This reverts commit e2735ab0f8589d2524d636419ca0cb144575c4d6. * Cast JSON binary data to string and add todo note for StringMap use * Add mocks to the retrylayer tests * Cast JSON binary data to string in property value store * Check for binary parameter instead of casting to string for JSON data * Fix bad merge * Check property field type is one of the allowed ones * Avoid reusing err variable to be explicit about the returned value * Merge Property System Migrations into one file * Adds NOT NULL to timestamps at the DB level * Update stores to use tableSelectQuery instead of a slice var * Update PropertyField model translations to be more explicit and avoid repetition * Update PropertyValue model translations to be more explicit and avoid repetition * Use ExecBuilder instead of ToSql&Exec * Update property field errors to add context * Ensure PerPage is greater than zero * Update store errors to give more context * Use ExecBuilder in the property stores where possible * Add an on conflict suffix to the group register to avoid race conditions * Remove user profile API documentation changes * Update patchCPAValues endpoint and docs to return the updated information * Merge two similar error conditions * Use a route function for ListCPAValues * Remove badly used translation string * Remove unused get in register group method * Adds input sanitization and validation to the CPA API endpoints * Takes login outside of one test case to make it clear it affects multiple t.Runs * Fix wrap error and return code when property field has been deleted * Fix receiver name * Adds comment to move the CPA group ID to the db cache * Set the PerPage of CPA fields to the fields limit * Update server/channels/app/custom_profile_attributes_test.go Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Standardize group ID access * Avoid polluting the state between tests * Use specific errors for the retrieval of CPA group --------- Co-authored-by: Scott Bishel <scott.bishel@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
2025-01-13 12:12:38 -05:00
target_id:
type: string
Merge the Integrated Boards MVP feature branch (#35796) * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 05:36:35 -04:00
description: The ID of the target (empty for system-level, team ID for team-level, channel ID for channel-level)
Custom profile attributes field endpoints (#29662) * Adds the main Property System Architecture components This change adds the necessary migrations for the Property Groups, Fields and Values tables to be created, the store layer and a Property Service that can be used from the app layer. * Adds Custom Profile Attributes endpoints and app layer * implement get and patch cpa values * run i18n-extract * Update property field type to use user instead of person * Update PropertyFields to allow for unique nondeleted fields and remove redundant indexes * Update PropertyValues to allow for unique nondeleted fields and remove redundant indexes * Use StringMap instead of the map[string]any on property fields * Add i18n strings * Revert "Use StringMap instead of the map[string]any on property fields" This reverts commit e2735ab0f8589d2524d636419ca0cb144575c4d6. * Cast JSON binary data to string and add todo note for StringMap use * Add mocks to the retrylayer tests * Cast JSON binary data to string in property value store * Check for binary parameter instead of casting to string for JSON data * Fix bad merge * Check property field type is one of the allowed ones * Avoid reusing err variable to be explicit about the returned value * Merge Property System Migrations into one file * Adds NOT NULL to timestamps at the DB level * Update stores to use tableSelectQuery instead of a slice var * Update PropertyField model translations to be more explicit and avoid repetition * Update PropertyValue model translations to be more explicit and avoid repetition * Use ExecBuilder instead of ToSql&Exec * Update property field errors to add context * Ensure PerPage is greater than zero * Update store errors to give more context * Use ExecBuilder in the property stores where possible * Add an on conflict suffix to the group register to avoid race conditions * Remove user profile API documentation changes * Update patchCPAValues endpoint and docs to return the updated information * Merge two similar error conditions * Use a route function for ListCPAValues * Remove badly used translation string * Remove unused get in register group method * Adds input sanitization and validation to the CPA API endpoints * Takes login outside of one test case to make it clear it affects multiple t.Runs * Fix wrap error and return code when property field has been deleted * Fix receiver name * Adds comment to move the CPA group ID to the db cache * Set the PerPage of CPA fields to the fields limit * Update server/channels/app/custom_profile_attributes_test.go Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Standardize group ID access * Avoid polluting the state between tests * Use specific errors for the retrieval of CPA group --------- Co-authored-by: Scott Bishel <scott.bishel@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
2025-01-13 12:12:38 -05:00
target_type:
type: string
Merge the Integrated Boards MVP feature branch (#35796) * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 05:36:35 -04:00
description: The scope level (system, team, channel)
protected:
type: boolean
description: Whether this field is protected from API modification
permission_field:
type: string
description: Permission level for editing the field definition
enum: [none, sysadmin, member]
permission_values:
type: string
description: Permission level for setting values on objects
enum: [none, sysadmin, member]
permission_options:
type: string
description: Permission level for managing options on select/multiselect fields
enum: [none, sysadmin, member]
Custom profile attributes field endpoints (#29662) * Adds the main Property System Architecture components This change adds the necessary migrations for the Property Groups, Fields and Values tables to be created, the store layer and a Property Service that can be used from the app layer. * Adds Custom Profile Attributes endpoints and app layer * implement get and patch cpa values * run i18n-extract * Update property field type to use user instead of person * Update PropertyFields to allow for unique nondeleted fields and remove redundant indexes * Update PropertyValues to allow for unique nondeleted fields and remove redundant indexes * Use StringMap instead of the map[string]any on property fields * Add i18n strings * Revert "Use StringMap instead of the map[string]any on property fields" This reverts commit e2735ab0f8589d2524d636419ca0cb144575c4d6. * Cast JSON binary data to string and add todo note for StringMap use * Add mocks to the retrylayer tests * Cast JSON binary data to string in property value store * Check for binary parameter instead of casting to string for JSON data * Fix bad merge * Check property field type is one of the allowed ones * Avoid reusing err variable to be explicit about the returned value * Merge Property System Migrations into one file * Adds NOT NULL to timestamps at the DB level * Update stores to use tableSelectQuery instead of a slice var * Update PropertyField model translations to be more explicit and avoid repetition * Update PropertyValue model translations to be more explicit and avoid repetition * Use ExecBuilder instead of ToSql&Exec * Update property field errors to add context * Ensure PerPage is greater than zero * Update store errors to give more context * Use ExecBuilder in the property stores where possible * Add an on conflict suffix to the group register to avoid race conditions * Remove user profile API documentation changes * Update patchCPAValues endpoint and docs to return the updated information * Merge two similar error conditions * Use a route function for ListCPAValues * Remove badly used translation string * Remove unused get in register group method * Adds input sanitization and validation to the CPA API endpoints * Takes login outside of one test case to make it clear it affects multiple t.Runs * Fix wrap error and return code when property field has been deleted * Fix receiver name * Adds comment to move the CPA group ID to the db cache * Set the PerPage of CPA fields to the fields limit * Update server/channels/app/custom_profile_attributes_test.go Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Standardize group ID access * Avoid polluting the state between tests * Use specific errors for the retrieval of CPA group --------- Co-authored-by: Scott Bishel <scott.bishel@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
2025-01-13 12:12:38 -05:00
create_at:
type: integer
format: int64
update_at:
type: integer
format: int64
delete_at:
type: integer
format: int64
Merge the Integrated Boards MVP feature branch (#35796) * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 05:36:35 -04:00
created_by:
type: string
description: User ID of the user who created this property field
updated_by:
type: string
description: User ID of the user who last updated this property field
Custom profile attributes field endpoints (#29662) * Adds the main Property System Architecture components This change adds the necessary migrations for the Property Groups, Fields and Values tables to be created, the store layer and a Property Service that can be used from the app layer. * Adds Custom Profile Attributes endpoints and app layer * implement get and patch cpa values * run i18n-extract * Update property field type to use user instead of person * Update PropertyFields to allow for unique nondeleted fields and remove redundant indexes * Update PropertyValues to allow for unique nondeleted fields and remove redundant indexes * Use StringMap instead of the map[string]any on property fields * Add i18n strings * Revert "Use StringMap instead of the map[string]any on property fields" This reverts commit e2735ab0f8589d2524d636419ca0cb144575c4d6. * Cast JSON binary data to string and add todo note for StringMap use * Add mocks to the retrylayer tests * Cast JSON binary data to string in property value store * Check for binary parameter instead of casting to string for JSON data * Fix bad merge * Check property field type is one of the allowed ones * Avoid reusing err variable to be explicit about the returned value * Merge Property System Migrations into one file * Adds NOT NULL to timestamps at the DB level * Update stores to use tableSelectQuery instead of a slice var * Update PropertyField model translations to be more explicit and avoid repetition * Update PropertyValue model translations to be more explicit and avoid repetition * Use ExecBuilder instead of ToSql&Exec * Update property field errors to add context * Ensure PerPage is greater than zero * Update store errors to give more context * Use ExecBuilder in the property stores where possible * Add an on conflict suffix to the group register to avoid race conditions * Remove user profile API documentation changes * Update patchCPAValues endpoint and docs to return the updated information * Merge two similar error conditions * Use a route function for ListCPAValues * Remove badly used translation string * Remove unused get in register group method * Adds input sanitization and validation to the CPA API endpoints * Takes login outside of one test case to make it clear it affects multiple t.Runs * Fix wrap error and return code when property field has been deleted * Fix receiver name * Adds comment to move the CPA group ID to the db cache * Set the PerPage of CPA fields to the fields limit * Update server/channels/app/custom_profile_attributes_test.go Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Standardize group ID access * Avoid polluting the state between tests * Use specific errors for the retrieval of CPA group --------- Co-authored-by: Scott Bishel <scott.bishel@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
2025-01-13 12:12:38 -05:00
PropertyFieldPatch:
type: object
properties:
name:
type: string
type:
type: string
attrs:
type: object
PropertyValue:
type: object
properties:
id:
type: string
target_id:
type: string
target_type:
type: string
group_id:
type: string
field_id:
type: string
value:
type: string
create_at:
type: integer
format: int64
update_at:
type: integer
format: int64
delete_at:
type: integer
format: int64
Merge the Integrated Boards MVP feature branch (#35796) * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-27 05:36:35 -04:00
created_by:
type: string
description: User ID of the user who created this property value
updated_by:
type: string
description: User ID of the user who last updated this property value
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
FileInfoList:
type: object
properties:
order:
type: array
items:
type: string
example:
- file_info_id1
- file_info_id2
file_infos:
type: object
additionalProperties:
$ref: "#/components/schemas/FileInfo"
next_file_id:
type: string
description: The ID of next file info. Not omitted when empty or not relevant.
prev_file_id:
type: string
description: The ID of previous file info. Not omitted when empty or not relevant.
PostList:
type: object
properties:
order:
type: array
items:
type: string
example:
- post_id1
- post_id12
posts:
type: object
additionalProperties:
$ref: "#/components/schemas/Post"
next_post_id:
type: string
description: The ID of next post. Not omitted when empty or not relevant.
prev_post_id:
type: string
description: The ID of previous post. Not omitted when empty or not relevant.
has_next:
type: boolean
description: Whether there are more items after this page.
PostListWithSearchMatches:
type: object
properties:
order:
type: array
items:
type: string
example:
- post_id1
- post_id12
posts:
type: object
additionalProperties:
$ref: "#/components/schemas/Post"
matches:
description: A mapping of post IDs to a list of matched terms within the post.
This field will only be populated on servers running version 5.1 or
greater with Elasticsearch enabled.
type: object
additionalProperties:
type: array
items:
type: string
example:
post_id1:
- search match 1
- search match 2
PostMetadata:
type: object
description: Additional information used to display a post.
properties:
embeds:
type: array
description: >
Information about content embedded in the post including OpenGraph
previews, image link previews, and message attachments.
This field will be null if the post does not contain embedded content.
items:
type: object
properties:
type:
type: string
description: The type of content that is embedded in this point.
enum:
- image
- message_attachment
- opengraph
- link
url:
type: string
description: The URL of the embedded content, if one exists.
data:
type: object
description: >
Any additional information about the embedded content. Only
used at this time to store OpenGraph metadata.
This field will be null for non-OpenGraph embeds.
emojis:
type: array
description: >
The custom emojis that appear in this point or have been used in
reactions to this post. This field will be null if the post does not contain custom emojis.
items:
$ref: "#/components/schemas/Emoji"
files:
type: array
description: >
The FileInfo objects for any files attached to the post. This field
will be null if the post does not have any file attachments.
items:
$ref: "#/components/schemas/FileInfo"
images:
type: object
description: >
An object mapping the URL of an external image to an object
containing the dimensions of that image. This field will be
null if the post or its embedded content does not reference any external images.
items:
type: object
properties:
height:
type: integer
width:
type: integer
reactions:
type: array
description: >
Any reactions made to this point. This field will be null if no
reactions have been made to this post.
items:
$ref: "#/components/schemas/Reaction"
priority:
type: object
description: >
Post priority set for this post. This field will be null if no
priority metadata has been set.
properties:
priority:
type: string
description: The priority label of a post, could be either empty, important, or urgent.
requested_ack:
type: boolean
description: Whether the post author has requested for acknowledgements or not.
acknowledgements:
type: array
description: >
Any acknowledgements made to this point.
items:
$ref: "#/components/schemas/PostAcknowledgement"
TeamMap:
type: object
description: A mapping of teamIds to teams.
properties:
team_id:
$ref: "#/components/schemas/Team"
TeamMember:
type: object
properties:
team_id:
description: The ID of the team this member belongs to.
type: string
user_id:
description: The ID of the user this member relates to.
type: string
roles:
description: The complete list of roles assigned to this team member, as a
space-separated list of role names, including any roles granted
implicitly through permissions schemes.
type: string
delete_at:
description: The time in milliseconds that this team member was deleted.
type: integer
scheme_user:
description: Whether this team member holds the default user role defined by the
team's permissions scheme.
type: boolean
scheme_admin:
description: Whether this team member holds the default admin role defined by the
team's permissions scheme.
type: boolean
explicit_roles:
description: The list of roles explicitly assigned to this team member, as a
space separated list of role names. This list does *not* include any
roles granted implicitly through permissions schemes.
type: string
TeamUnread:
type: object
properties:
team_id:
type: string
msg_count:
type: integer
mention_count:
type: integer
ChannelUnread:
type: object
properties:
team_id:
type: string
channel_id:
type: string
msg_count:
type: integer
mention_count:
type: integer
ChannelUnreadAt:
type: object
properties:
team_id:
description: The ID of the team the channel belongs to.
type: string
channel_id:
description: The ID of the channel the user has access to..
type: string
msg_count:
description: No. of messages the user has already read.
type: integer
mention_count:
description: No. of mentions the user has within the unread posts of the channel.
type: integer
last_viewed_at:
description: time in milliseconds when the user last viewed the channel.
type: integer
Session:
type: object
properties:
create_at:
description: The time in milliseconds a session was created
type: integer
format: int64
device_id:
type: string
expires_at:
description: The time in milliseconds a session will expire
type: integer
format: int64
id:
type: string
is_oauth:
type: boolean
last_activity_at:
description: The time in milliseconds of the last activity of a session
type: integer
format: int64
props:
type: object
roles:
type: string
team_members:
type: array
items:
$ref: "#/components/schemas/TeamMember"
token:
type: string
user_id:
type: string
FileInfo:
type: object
properties:
id:
description: The unique identifier for this file
type: string
user_id:
description: The ID of the user that uploaded this file
type: string
post_id:
description: If this file is attached to a post, the ID of that post
type: string
create_at:
description: The time in milliseconds a file was created
type: integer
format: int64
update_at:
description: The time in milliseconds a file was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a file was deleted
type: integer
format: int64
name:
description: The name of the file
type: string
extension:
description: The extension at the end of the file name
type: string
size:
description: The size of the file in bytes
type: integer
mime_type:
description: The MIME type of the file
type: string
width:
description: If this file is an image, the width of the file
type: integer
height:
description: If this file is an image, the height of the file
type: integer
has_preview_image:
description: If this file is an image, whether or not it has a preview-sized
version
type: boolean
Preference:
type: object
properties:
user_id:
description: The ID of the user that owns this preference
type: string
category:
type: string
name:
type: string
value:
type: string
UserAuthData:
type: object
properties:
auth_data:
description: Service-specific authentication data
type: string
auth_service:
description: The authentication service such as "email", "gitlab", or "ldap"
type: string
required:
- auth_data
- auth_service
UserAutocomplete:
type: object
properties:
users:
description: A list of users that are the main result of the query
type: array
items:
$ref: "#/components/schemas/User"
out_of_channel:
description: A special case list of users returned when autocompleting in a
specific channel. Omitted when empty or not relevant
type: array
items:
$ref: "#/components/schemas/User"
UserAutocompleteInTeam:
type: object
properties:
in_team:
description: A list of user objects in the team
type: array
items:
$ref: "#/components/schemas/User"
UserAutocompleteInChannel:
type: object
properties:
in_channel:
description: A list of user objects in the channel
type: array
items:
$ref: "#/components/schemas/User"
out_of_channel:
description: A list of user objects not in the channel
type: array
items:
$ref: "#/components/schemas/User"
IncomingWebhook:
type: object
properties:
id:
description: The unique identifier for this incoming webhook
type: string
create_at:
description: The time in milliseconds a incoming webhook was created
type: integer
format: int64
update_at:
description: The time in milliseconds a incoming webhook was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a incoming webhook was deleted
type: integer
format: int64
channel_id:
description: The ID of a public channel or private group that receives the
webhook payloads
type: string
description:
description: The description for this incoming webhook
type: string
display_name:
description: The display name for this incoming webhook
type: string
OutgoingWebhook:
type: object
properties:
id:
description: The unique identifier for this outgoing webhook
type: string
create_at:
description: The time in milliseconds a outgoing webhook was created
type: integer
format: int64
update_at:
description: The time in milliseconds a outgoing webhook was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a outgoing webhook was deleted
type: integer
format: int64
creator_id:
description: The Id of the user who created the webhook
type: string
team_id:
description: The ID of the team that the webhook watchs
type: string
channel_id:
description: The ID of a public channel that the webhook watchs
type: string
description:
description: The description for this outgoing webhook
type: string
display_name:
description: The display name for this outgoing webhook
type: string
trigger_words:
description: List of words for the webhook to trigger on
type: array
items:
type: string
trigger_when:
description: When to trigger the webhook, `0` when a trigger word is present at
all and `1` if the message starts with a trigger word
type: integer
callback_urls:
description: The URLs to POST the payloads to when the webhook is triggered
type: array
items:
type: string
content_type:
description: The format to POST the data in, either `application/json` or
`application/x-www-form-urlencoded`
default: application/x-www-form-urlencoded
type: string
Reaction:
type: object
properties:
user_id:
description: The ID of the user that made this reaction
type: string
post_id:
description: The ID of the post to which this reaction was made
type: string
emoji_name:
description: The name of the emoji that was used for this reaction
type: string
create_at:
description: The time in milliseconds this reaction was made
type: integer
format: int64
NewTeamMember:
type: object
properties:
id:
description: The user's ID.
type: string
username:
type: string
first_name:
type: string
last_name:
type: string
nickname:
type: string
position:
description: The user's position field value.
type: string
create_at:
description: The creation timestamp of the team member record.
type: integer
NewTeamMembersList:
type: object
properties:
has_next:
description: Indicates if there is another page of new team members that can be fetched.
type: boolean
items:
description: List of new team members.
type: array
items:
$ref: "#/components/schemas/NewTeamMember"
total_count:
description: The total count of new team members for the given time range.
type: integer
Emoji:
type: object
properties:
id:
description: The ID of the emoji
type: string
creator_id:
description: The ID of the user that made the emoji
type: string
name:
description: The name of the emoji
type: string
create_at:
description: The time in milliseconds the emoji was made
type: integer
format: int64
update_at:
description: The time in milliseconds the emoji was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds the emoji was deleted
type: integer
format: int64
Command:
type: object
properties:
id:
description: The ID of the slash command
type: string
token:
description: The token which is used to verify the source of the payload
type: string
create_at:
description: The time in milliseconds the command was created
type: integer
update_at:
description: The time in milliseconds the command was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds the command was deleted, 0 if never deleted
type: integer
format: int64
creator_id:
description: The user id for the commands creator
type: string
team_id:
description: The team id for which this command is configured
type: string
trigger:
description: The string that triggers this command
type: string
method:
description: Is the trigger done with HTTP Get ('G') or HTTP Post ('P')
type: string
username:
description: What is the username for the response post
type: string
icon_url:
description: The url to find the icon for this users avatar
type: string
auto_complete:
description: Use auto complete for this command
type: boolean
auto_complete_desc:
description: The description for this command shown when selecting the command
type: string
auto_complete_hint:
description: The hint for this command
type: string
display_name:
description: Display name for the command
type: string
description:
description: Description for this command
type: string
url:
description: The URL that is triggered
type: string
AutocompleteSuggestion:
type: object
properties:
Complete:
description: Completed suggestion
type: string
Suggestion:
description: Predicted text user might want to input
type: string
Hint:
description: Hint about suggested input
type: string
Description:
description: Description of the suggested command
type: string
IconData:
description: Base64 encoded svg image
type: string
CommandResponse:
type: object
properties:
ResponseType:
description: The response type either in_channel or ephemeral
type: string
Text:
type: string
Username:
type: string
IconURL:
type: string
GotoLocation:
type: string
Attachments:
type: array
items:
[MM-67739] Rename SlackAttachment to MessageAttachment across the codebase (#35445) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2026-03-10 11:37:21 -04:00
$ref: "#/components/schemas/MessageAttachment"
MessageAttachment:
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
type: object
properties:
Id:
type: string
Fallback:
type: string
Color:
type: string
Pretext:
type: string
AuthorName:
type: string
AuthorLink:
type: string
AuthorIcon:
type: string
Title:
type: string
TitleLink:
type: string
Text:
type: string
Fields:
type: array
items:
[MM-67739] Rename SlackAttachment to MessageAttachment across the codebase (#35445) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2026-03-10 11:37:21 -04:00
$ref: "#/components/schemas/MessageAttachmentField"
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
ImageURL:
type: string
ThumbURL:
type: string
Footer:
type: string
FooterIcon:
type: string
Timestamp:
[MM-67739] Rename SlackAttachment to MessageAttachment across the codebase (#35445) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2026-03-10 11:37:21 -04:00
description: The timestamp of the message attachment, either type of string or integer
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
type: string
[MM-67739] Rename SlackAttachment to MessageAttachment across the codebase (#35445) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2026-03-10 11:37:21 -04:00
MessageAttachmentField:
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
type: object
properties:
Title:
type: string
Value:
description: The value of the attachment, set as string but capable with golang interface
type: string
Short:
type: boolean
StatusOK:
type: object
properties:
status:
description: Will contain "ok" if the request was successful and there was nothing else to return
type: string
OpenGraph:
type: object
description: OpenGraph metadata of a webpage
properties:
type:
type: string
url:
type: string
title:
type: string
description:
type: string
determiner:
type: string
site_name:
type: string
locale:
type: string
locales_alternate:
type: array
items:
type: string
images:
type: array
items:
type: object
description: Image object used in OpenGraph metadata of a webpage
properties:
url:
type: string
secure_url:
type: string
type:
type: string
width:
type: integer
height:
type: integer
videos:
type: array
items:
type: object
description: Video object used in OpenGraph metadata of a webpage
properties:
url:
type: string
secure_url:
type: string
type:
type: string
width:
type: integer
height:
type: integer
audios:
type: array
items:
type: object
description: Audio object used in OpenGraph metadata of a webpage
properties:
url:
type: string
secure_url:
type: string
type:
type: string
article:
type: object
description: Article object used in OpenGraph metadata of a webpage, if type is
article
properties:
published_time:
type: string
modified_time:
type: string
expiration_time:
type: string
section:
type: string
tags:
type: array
items:
type: string
authors:
type: array
items:
type: object
properties:
first_name:
type: string
last_name:
type: string
username:
type: string
gender:
type: string
book:
type: object
description: Book object used in OpenGraph metadata of a webpage, if type is book
properties:
isbn:
type: string
release_date:
type: string
tags:
type: array
items:
type: string
authors:
type: array
items:
type: object
properties:
first_name:
type: string
last_name:
type: string
username:
type: string
gender:
type: string
profile:
type: object
properties:
first_name:
type: string
last_name:
type: string
username:
type: string
gender:
type: string
Audit:
type: object
properties:
id:
type: string
create_at:
description: The time in milliseconds a audit was created
type: integer
format: int64
user_id:
type: string
action:
type: string
extra_info:
type: string
ip_address:
type: string
session_id:
type: string
[MM-63152] LDAP Wizard (#31417) * [MM-63717] LDAP Wizard skeleton (#31029) * add ldap_wizard component to render its admin components * i18n * test adjustment * keys and props fixes * title fix * fix placeholders * fix value initialization * linting * remove all ...props (except custom component); any->unknown * fix i18n (temp, will be changed in later PR) * better return; simplify function checking/calling * [MM-64259] Sections sidebar and navigation (#31059) * initial sections list sidebar * sidebar highlighting and scroll on click * some tidying up * add custom section titles for section sidebar * i18n * updating border on sections * scss style lint * color -> border-color * simplify activeSectionKey initialization; remove trailing newline * add useSectionNavigation; clean up ldap_wizard and scss; PR comments * extract section of code into renderSidebar() --------- Co-authored-by: Asaad Mahmood <asaadmahmood@users.noreply.github.com> * [MM-64296] Add test connection for connection settings panel (#31190) * button -> ldap test connect api * fix console error by sanitizing value in text component * return detailed error as error; adjust button -> primary, flushLeft * middle of redesigning how we do hover text, first button * add hover text to bools and file uploads * i18n * add LdapSettings as api type; add new endpoint to api yaml * allow testing without first enabling LDAP and saving config * i18n id changes * improve TestLdapConnection to current standards * PR comments * safeDereference; cleaner returns * remove hover markdown; formatting and typing simplification * use button for "More Info"; i18n * finish renaming help_text_hover -> help_text_more_info * fix error output * only send bindpassword if it has been changed * fix: don't send blank bindPassword when it is still ***** * merge conflict * [MM-64480] Refactor Admin Definition (#31280) * move ldap definition to its own file for simplicity & context * refactor admin_definition to eliminate circular dependencies * merge conflicts * before: buggy userHasReadPermissinOnSomeResources; after: fix incorrect snapshot * merge conflict: new bindPasssword definition was left behind; fixed. * merge conflict * [MM-63765] LDAP Wizard: User filter expandable section (#31286) * add "more info" hover to user filter help texts; make wider * add expandable_setting type and component * use Dislosure show/hide pattern for accessibility * fix tooltip scss selectors * fix hover -> more_info; make sure translation files are correct * use join('\n\n') instead of the eslint disable line * Revert "use join('\n\n') instead of the eslint disable line" This reverts commit 274667e875b34703f14fee0706cd28b0125cefc9. * [MM-64482] LDAP Wizard - Test User filters (#31312) * initial cut at UI and backend for test filters * api definitions; mocks * clean up to current standards * [MM-64512] - Test user filters UI (#31355) * result_count -> total_count * json cannot marshal error, returning error as string as god intended * render errors with icon, hover text, and better feedback texts * gather the settings that may be in expandable sections * remove success, use error == "" to indicate success * [MM-64536] LDAP Wizard: Test user attributes (#31373) * LdapFilterTestResult -> LdapDiagnosticResult; FilterName -> TestName * implement test_attributes endpoint and limited frontend (first step) * adding EntriesWithValue * [MM-64550] LDAP Wizard: Test user attributes UI (#31374) * [MM-64551] LDAP Wizard: Test group attributes (#31375) * remove Test LDAP button (not needed); reused helptext for other btn * implement test_group_attributes endpoint; button/client-side paths * [MM-64552] LDAP Wizard: Test group attributes UI (#31376) * implement Test Group Attributes button * simplify helper functions (improves useCallback dependencies) * show the default filter that was used on the backend in the tooltip * show the icon when there's an error (e.g. required filter/attribute) * fix infinite rerendering * fix error after failed save; fix navigation unlocked after save * empty * Adjust message feedback given we don't test the schema anymore * improve css; don't use inline styles * removed unneccesary pointer indirection * improved i18n strings and logic * combining filters/attributes/group attributes endpoints improve types * improve help text for User Filter (it's tricky) * AvailableAttrs -> AvailableAttributes * fix for e2e tests (renamed title) * more e2e fixes * skip broken e2e test --------- Co-authored-by: Asaad Mahmood <asaadmahmood@users.noreply.github.com>
2025-06-16 16:19:33 -04:00
LdapSettings:
type: object
properties:
Enable:
type: boolean
EnableSync:
type: boolean
LdapServer:
type: string
LdapPort:
type: integer
ConnectionSecurity:
type: string
BaseDN:
type: string
BindUsername:
type: string
BindPassword:
type: string
MaximumLoginAttempts:
type: integer
UserFilter:
type: string
GroupFilter:
type: string
GuestFilter:
type: string
EnableAdminFilter:
type: boolean
AdminFilter:
type: string
GroupDisplayNameAttribute:
type: string
GroupIdAttribute:
type: string
FirstNameAttribute:
type: string
LastNameAttribute:
type: string
EmailAttribute:
type: string
UsernameAttribute:
type: string
NicknameAttribute:
type: string
IdAttribute:
type: string
PositionAttribute:
type: string
LoginIdAttribute:
type: string
PictureAttribute:
type: string
SyncIntervalMinutes:
type: integer
SkipCertificateVerification:
type: boolean
PublicCertificateFile:
type: string
PrivateKeyFile:
type: string
QueryTimeout:
type: integer
MaxPageSize:
type: integer
LoginFieldName:
type: string
LoginButtonColor:
type: string
LoginButtonBorderColor:
type: string
LoginButtonTextColor:
type: string
LdapDiagnosticResult:
type: object
properties:
test_name:
type: string
description: Name/type of the diagnostic test being performed
test_value:
type: string
description: The actual test value (filter string or attribute name)
total_count:
type: integer
description: Number of entries found by the filter
message:
type: string
description: Optional success/info message
error:
type: string
description: Optional error message if test failed
sample_results:
type: array
description: Array of sample LDAP entries found
items:
type: object
properties:
dn:
type: string
description: Distinguished Name
username:
type: string
description: Username
email:
type: string
description: Email
first_name:
type: string
description: First name
last_name:
type: string
description: Last name
id:
type: string
description: ID attribute
display_name:
type: string
description: Display name for groups
available_attributes:
type: object
description: Map of all available LDAP attributes
additionalProperties:
type: string
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
Config:
type: object
properties:
ServiceSettings:
type: object
properties:
SiteURL:
type: string
ListenAddress:
type: string
ConnectionSecurity:
type: string
TLSCertFile:
type: string
TLSKeyFile:
type: string
UseLetsEncrypt:
type: boolean
LetsEncryptCertificateCacheFile:
type: string
Forward80To443:
type: boolean
ReadTimeout:
type: integer
WriteTimeout:
type: integer
MaximumLoginAttempts:
type: integer
SegmentDeveloperKey:
type: string
GoogleDeveloperKey:
type: string
EnableOAuthServiceProvider:
type: boolean
EnableIncomingWebhooks:
type: boolean
EnableOutgoingWebhooks:
type: boolean
EnableCommands:
type: boolean
EnableOnlyAdminIntegrations:
type: boolean
EnablePostUsernameOverride:
type: boolean
EnablePostIconOverride:
type: boolean
EnableTesting:
type: boolean
EnableDeveloper:
type: boolean
EnableSecurityFixAlert:
type: boolean
EnableInsecureOutgoingConnections:
type: boolean
EnableMultifactorAuthentication:
type: boolean
EnforceMultifactorAuthentication:
type: boolean
AllowCorsFrom:
type: string
SessionLengthWebInDays:
type: integer
SessionLengthMobileInDays:
type: integer
SessionLengthSSOInDays:
type: integer
SessionCacheInMinutes:
type: integer
WebsocketSecurePort:
type: integer
WebsocketPort:
type: integer
WebserverMode:
type: string
EnableCustomEmoji:
type: boolean
RestrictCustomEmojiCreation:
type: string
TeamSettings:
type: object
properties:
SiteName:
type: string
MaxUsersPerTeam:
type: integer
EnableTeamCreation:
type: boolean
EnableUserCreation:
type: boolean
EnableOpenServer:
type: boolean
RestrictCreationToDomains:
type: string
EnableCustomBrand:
type: boolean
CustomBrandText:
type: string
CustomDescriptionText:
type: string
RestrictDirectMessage:
type: string
RestrictTeamInvite:
type: string
RestrictPublicChannelManagement:
type: string
RestrictPrivateChannelManagement:
type: string
RestrictPublicChannelCreation:
type: string
RestrictPrivateChannelCreation:
type: string
RestrictPublicChannelDeletion:
type: string
RestrictPrivateChannelDeletion:
type: string
UserStatusAwayTimeout:
type: integer
MaxChannelsPerTeam:
type: integer
MaxNotificationsPerChannel:
type: integer
SqlSettings:
type: object
properties:
DriverName:
type: string
DataSource:
type: string
DataSourceReplicas:
type: array
items:
type: string
MaxIdleConns:
type: integer
MaxOpenConns:
type: integer
Trace:
type: boolean
AtRestEncryptKey:
type: string
LogSettings:
type: object
properties:
EnableConsole:
type: boolean
ConsoleLevel:
type: string
EnableFile:
type: boolean
FileLevel:
type: string
FileLocation:
type: string
EnableWebhookDebugging:
type: boolean
EnableDiagnostics:
type: boolean
PasswordSettings:
type: object
properties:
MinimumLength:
type: integer
Lowercase:
type: boolean
Number:
type: boolean
Uppercase:
type: boolean
Symbol:
type: boolean
FileSettings:
type: object
properties:
MaxFileSize:
type: integer
DriverName:
type: string
Directory:
type: string
EnablePublicLink:
type: boolean
PublicLinkSalt:
type: string
ThumbnailWidth:
type: integer
ThumbnailHeight:
type: integer
PreviewWidth:
type: integer
PreviewHeight:
type: integer
ProfileWidth:
type: integer
ProfileHeight:
type: integer
InitialFont:
type: string
AmazonS3AccessKeyId:
type: string
AmazonS3SecretAccessKey:
type: string
AmazonS3Bucket:
type: string
AmazonS3Region:
type: string
AmazonS3Endpoint:
type: string
AmazonS3SSL:
type: boolean
Added support for S3 storage classes (#28319) * Added support for S3 storage classes * Added missing translations for S3 storage class * Changed default storage class values to preserve original behaviour * Changed storage class description and example * Fix translations ordering * Change configuration defaults to empty strings * Remove redundant empty string check * Validate storage class variable against constants from S3 API docs * Validate export storage class against constants * Use slices for config validation * Applied patch for translation ordering
2024-11-13 01:59:44 -05:00
AmazonS3StorageClass:
type: string
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
EmailSettings:
type: object
properties:
EnableSignUpWithEmail:
type: boolean
EnableSignInWithEmail:
type: boolean
EnableSignInWithUsername:
type: boolean
SendEmailNotifications:
type: boolean
RequireEmailVerification:
type: boolean
FeedbackName:
type: string
FeedbackEmail:
type: string
FeedbackOrganization:
type: string
SMTPUsername:
type: string
SMTPPassword:
type: string
SMTPServer:
type: string
SMTPPort:
type: string
ConnectionSecurity:
type: string
InviteSalt:
type: string
PasswordResetSalt:
type: string
SendPushNotifications:
type: boolean
PushNotificationServer:
type: string
PushNotificationContents:
type: string
EnableEmailBatching:
type: boolean
EmailBatchingBufferSize:
type: integer
EmailBatchingInterval:
type: integer
RateLimitSettings:
type: object
properties:
Enable:
type: boolean
PerSec:
type: integer
MaxBurst:
type: integer
MemoryStoreSize:
type: integer
VaryByRemoteAddr:
type: boolean
VaryByHeader:
type: string
PrivacySettings:
type: object
properties:
ShowEmailAddress:
type: boolean
ShowFullName:
type: boolean
SupportSettings:
type: object
properties:
TermsOfServiceLink:
type: string
PrivacyPolicyLink:
type: string
AboutLink:
type: string
HelpLink:
type: string
ReportAProblemLink:
type: string
Report a problem (#30444) * Add report a problem type and allow logs config * Improve device type logic * Add tests and minor fixes * Add texts * Fix tests by avoiding circular dependencies * Fix test * Fix useexternallink updating mailtos, and changing the content of query parameters * Fix texts * Fix e2e test * Fix tsc --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2025-04-25 05:08:39 -04:00
ReportAProblemType:
type: string
ReportAProblemMail:
type: string
AllowDownloadLogs:
type: boolean
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
SupportEmail:
type: string
GitLabSettings:
type: object
properties:
Enable:
type: boolean
Secret:
type: string
Id:
type: string
Scope:
type: string
AuthEndpoint:
type: string
TokenEndpoint:
type: string
UserApiEndpoint:
type: string
GoogleSettings:
type: object
properties:
Enable:
type: boolean
Secret:
type: string
Id:
type: string
Scope:
type: string
AuthEndpoint:
type: string
TokenEndpoint:
type: string
UserApiEndpoint:
type: string
Office365Settings:
type: object
properties:
Enable:
type: boolean
Secret:
type: string
Id:
type: string
Scope:
type: string
AuthEndpoint:
type: string
TokenEndpoint:
type: string
UserApiEndpoint:
type: string
LdapSettings:
type: object
properties:
Enable:
type: boolean
LdapServer:
type: string
LdapPort:
type: integer
ConnectionSecurity:
type: string
BaseDN:
type: string
BindUsername:
type: string
BindPassword:
type: string
UserFilter:
type: string
FirstNameAttribute:
type: string
LastNameAttribute:
type: string
EmailAttribute:
type: string
UsernameAttribute:
type: string
NicknameAttribute:
type: string
IdAttribute:
type: string
PositionAttribute:
type: string
SyncIntervalMinutes:
type: integer
SkipCertificateVerification:
type: boolean
QueryTimeout:
type: integer
MaxPageSize:
type: integer
LoginFieldName:
type: string
ComplianceSettings:
type: object
properties:
Enable:
type: boolean
Directory:
type: string
EnableDaily:
type: boolean
LocalizationSettings:
type: object
properties:
DefaultServerLocale:
type: string
DefaultClientLocale:
type: string
AvailableLocales:
type: string
SamlSettings:
type: object
properties:
Enable:
type: boolean
Verify:
type: boolean
Encrypt:
type: boolean
IdpUrl:
type: string
IdpDescriptorUrl:
type: string
AssertionConsumerServiceURL:
type: string
IdpCertificateFile:
type: string
PublicCertificateFile:
type: string
PrivateKeyFile:
type: string
FirstNameAttribute:
type: string
LastNameAttribute:
type: string
EmailAttribute:
type: string
UsernameAttribute:
type: string
NicknameAttribute:
type: string
LocaleAttribute:
type: string
PositionAttribute:
type: string
LoginButtonText:
type: string
NativeAppSettings:
type: object
properties:
AppDownloadLink:
type: string
AndroidAppDownloadLink:
type: string
IosAppDownloadLink:
type: string
ClusterSettings:
type: object
properties:
Enable:
type: boolean
InterNodeListenAddress:
type: string
InterNodeUrls:
type: array
items:
type: string
MetricsSettings:
type: object
properties:
Enable:
type: boolean
BlockProfileRate:
type: integer
ListenAddress:
type: string
AnalyticsSettings:
type: object
properties:
MaxUsersForStatistics:
type: integer
EnvironmentConfig:
type: object
properties:
ServiceSettings:
type: object
properties:
SiteURL:
type: boolean
ListenAddress:
type: boolean
ConnectionSecurity:
type: boolean
TLSCertFile:
type: boolean
TLSKeyFile:
type: boolean
UseLetsEncrypt:
type: boolean
LetsEncryptCertificateCacheFile:
type: boolean
Forward80To443:
type: boolean
ReadTimeout:
type: boolean
WriteTimeout:
type: boolean
MaximumLoginAttempts:
type: boolean
SegmentDeveloperKey:
type: boolean
GoogleDeveloperKey:
type: boolean
EnableOAuthServiceProvider:
type: boolean
EnableIncomingWebhooks:
type: boolean
EnableOutgoingWebhooks:
type: boolean
EnableCommands:
type: boolean
EnableOnlyAdminIntegrations:
type: boolean
EnablePostUsernameOverride:
type: boolean
EnablePostIconOverride:
type: boolean
EnableTesting:
type: boolean
EnableDeveloper:
type: boolean
EnableSecurityFixAlert:
type: boolean
EnableInsecureOutgoingConnections:
type: boolean
EnableMultifactorAuthentication:
type: boolean
EnforceMultifactorAuthentication:
type: boolean
AllowCorsFrom:
type: boolean
SessionLengthWebInDays:
type: boolean
SessionLengthMobileInDays:
type: boolean
SessionLengthSSOInDays:
type: boolean
SessionCacheInMinutes:
type: boolean
WebsocketSecurePort:
type: boolean
WebsocketPort:
type: boolean
WebserverMode:
type: boolean
EnableCustomEmoji:
type: boolean
RestrictCustomEmojiCreation:
type: boolean
TeamSettings:
type: object
properties:
SiteName:
type: boolean
MaxUsersPerTeam:
type: boolean
EnableTeamCreation:
type: boolean
EnableUserCreation:
type: boolean
EnableOpenServer:
type: boolean
RestrictCreationToDomains:
type: boolean
EnableCustomBrand:
type: boolean
CustomBrandText:
type: boolean
CustomDescriptionText:
type: boolean
RestrictDirectMessage:
type: boolean
RestrictTeamInvite:
type: boolean
RestrictPublicChannelManagement:
type: boolean
RestrictPrivateChannelManagement:
type: boolean
RestrictPublicChannelCreation:
type: boolean
RestrictPrivateChannelCreation:
type: boolean
RestrictPublicChannelDeletion:
type: boolean
RestrictPrivateChannelDeletion:
type: boolean
UserStatusAwayTimeout:
type: boolean
MaxChannelsPerTeam:
type: boolean
MaxNotificationsPerChannel:
type: boolean
SqlSettings:
type: object
properties:
DriverName:
type: boolean
DataSource:
type: boolean
DataSourceReplicas:
type: boolean
MaxIdleConns:
type: boolean
MaxOpenConns:
type: boolean
Trace:
type: boolean
AtRestEncryptKey:
type: boolean
LogSettings:
type: object
properties:
EnableConsole:
type: boolean
ConsoleLevel:
type: boolean
EnableFile:
type: boolean
FileLevel:
type: boolean
FileLocation:
type: boolean
EnableWebhookDebugging:
type: boolean
EnableDiagnostics:
type: boolean
PasswordSettings:
type: object
properties:
MinimumLength:
type: boolean
Lowercase:
type: boolean
Number:
type: boolean
Uppercase:
type: boolean
Symbol:
type: boolean
FileSettings:
type: object
properties:
MaxFileSize:
type: boolean
DriverName:
type: boolean
Directory:
type: boolean
EnablePublicLink:
type: boolean
PublicLinkSalt:
type: boolean
ThumbnailWidth:
type: boolean
ThumbnailHeight:
type: boolean
PreviewWidth:
type: boolean
PreviewHeight:
type: boolean
ProfileWidth:
type: boolean
ProfileHeight:
type: boolean
InitialFont:
type: boolean
AmazonS3AccessKeyId:
type: boolean
AmazonS3SecretAccessKey:
type: boolean
AmazonS3Bucket:
type: boolean
AmazonS3Region:
type: boolean
AmazonS3Endpoint:
type: boolean
AmazonS3SSL:
type: boolean
Added support for S3 storage classes (#28319) * Added support for S3 storage classes * Added missing translations for S3 storage class * Changed default storage class values to preserve original behaviour * Changed storage class description and example * Fix translations ordering * Change configuration defaults to empty strings * Remove redundant empty string check * Validate storage class variable against constants from S3 API docs * Validate export storage class against constants * Use slices for config validation * Applied patch for translation ordering
2024-11-13 01:59:44 -05:00
AmazonS3StorageClass:
type: string
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
EmailSettings:
type: object
properties:
EnableSignUpWithEmail:
type: boolean
EnableSignInWithEmail:
type: boolean
EnableSignInWithUsername:
type: boolean
SendEmailNotifications:
type: boolean
RequireEmailVerification:
type: boolean
FeedbackName:
type: boolean
FeedbackEmail:
type: boolean
FeedbackOrganization:
type: boolean
SMTPUsername:
type: boolean
SMTPPassword:
type: boolean
SMTPServer:
type: boolean
SMTPPort:
type: boolean
ConnectionSecurity:
type: boolean
InviteSalt:
type: boolean
PasswordResetSalt:
type: boolean
SendPushNotifications:
type: boolean
PushNotificationServer:
type: boolean
PushNotificationContents:
type: boolean
EnableEmailBatching:
type: boolean
EmailBatchingBufferSize:
type: boolean
EmailBatchingInterval:
type: boolean
RateLimitSettings:
type: object
properties:
Enable:
type: boolean
PerSec:
type: boolean
MaxBurst:
type: boolean
MemoryStoreSize:
type: boolean
VaryByRemoteAddr:
type: boolean
VaryByHeader:
type: boolean
PrivacySettings:
type: object
properties:
ShowEmailAddress:
type: boolean
ShowFullName:
type: boolean
SupportSettings:
type: object
properties:
TermsOfServiceLink:
type: boolean
PrivacyPolicyLink:
type: boolean
AboutLink:
type: boolean
HelpLink:
type: boolean
ReportAProblemLink:
type: boolean
Report a problem (#30444) * Add report a problem type and allow logs config * Improve device type logic * Add tests and minor fixes * Add texts * Fix tests by avoiding circular dependencies * Fix test * Fix useexternallink updating mailtos, and changing the content of query parameters * Fix texts * Fix e2e test * Fix tsc --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2025-04-25 05:08:39 -04:00
ReportAProblemType:
type: boolean
ReportAProblemMail:
type: boolean
AllowDownloadLogs:
type: boolean
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
SupportEmail:
type: boolean
GitLabSettings:
type: object
properties:
Enable:
type: boolean
Secret:
type: boolean
Id:
type: boolean
Scope:
type: boolean
AuthEndpoint:
type: boolean
TokenEndpoint:
type: boolean
UserApiEndpoint:
type: boolean
GoogleSettings:
type: object
properties:
Enable:
type: boolean
Secret:
type: boolean
Id:
type: boolean
Scope:
type: boolean
AuthEndpoint:
type: boolean
TokenEndpoint:
type: boolean
UserApiEndpoint:
type: boolean
Office365Settings:
type: object
properties:
Enable:
type: boolean
Secret:
type: boolean
Id:
type: boolean
Scope:
type: boolean
AuthEndpoint:
type: boolean
TokenEndpoint:
type: boolean
UserApiEndpoint:
type: boolean
LdapSettings:
type: object
properties:
Enable:
type: boolean
LdapServer:
type: boolean
LdapPort:
type: boolean
ConnectionSecurity:
type: boolean
BaseDN:
type: boolean
BindUsername:
type: boolean
BindPassword:
type: boolean
UserFilter:
type: boolean
FirstNameAttribute:
type: boolean
LastNameAttribute:
type: boolean
EmailAttribute:
type: boolean
UsernameAttribute:
type: boolean
NicknameAttribute:
type: boolean
IdAttribute:
type: boolean
PositionAttribute:
type: boolean
SyncIntervalMinutes:
type: boolean
SkipCertificateVerification:
type: boolean
QueryTimeout:
type: boolean
MaxPageSize:
type: boolean
LoginFieldName:
type: boolean
ComplianceSettings:
type: object
properties:
Enable:
type: boolean
Directory:
type: boolean
EnableDaily:
type: boolean
LocalizationSettings:
type: object
properties:
DefaultServerLocale:
type: boolean
DefaultClientLocale:
type: boolean
AvailableLocales:
type: boolean
SamlSettings:
type: object
properties:
Enable:
type: boolean
Verify:
type: boolean
Encrypt:
type: boolean
IdpUrl:
type: boolean
IdpDescriptorUrl:
type: boolean
AssertionConsumerServiceURL:
type: boolean
IdpCertificateFile:
type: boolean
PublicCertificateFile:
type: boolean
PrivateKeyFile:
type: boolean
FirstNameAttribute:
type: boolean
LastNameAttribute:
type: boolean
EmailAttribute:
type: boolean
UsernameAttribute:
type: boolean
NicknameAttribute:
type: boolean
LocaleAttribute:
type: boolean
PositionAttribute:
type: boolean
LoginButtonText:
type: boolean
NativeAppSettings:
type: object
properties:
AppDownloadLink:
type: boolean
AndroidAppDownloadLink:
type: boolean
IosAppDownloadLink:
type: boolean
ClusterSettings:
type: object
properties:
Enable:
type: boolean
InterNodeListenAddress:
type: boolean
InterNodeUrls:
type: boolean
MetricsSettings:
type: object
properties:
Enable:
type: boolean
BlockProfileRate:
type: boolean
ListenAddress:
type: boolean
AnalyticsSettings:
type: object
properties:
MaxUsersForStatistics:
type: boolean
SamlCertificateStatus:
type: object
properties:
idp_certificate_file:
description: Status is good when `true`
type: boolean
public_certificate_file:
description: Status is good when `true`
type: boolean
private_key_file:
description: Status is good when `true`
type: boolean
feat: Add Microsoft Intune MAM authentication support (#34577) * Add Entra ID token authentication and Intune MAM config exposure * Add Intune MAM toggle to Mobile Security admin console * Add IntuneSettings with the AuthService to use and its own TenantID andClientID for the Entra App registration Include Admin console changes switch from /oauth/entra to /oauth/intune endpoint * openAPI documentation --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: yasser khan <attitude3cena.yf@gmail.com>
2025-12-10 01:31:53 -05:00
IntuneLoginRequest:
type: object
description: Request body for Microsoft Intune MAM authentication using Azure AD/Entra ID access token
required:
- access_token
properties:
access_token:
type: string
description: Microsoft Entra ID access token obtained via MSAL (Microsoft Authentication Library). This token must be scoped to the Intune MAM app registration and will be validated against the configured tenant.
device_id:
type: string
description: Optional mobile device identifier used for push notifications. If provided, the device will be registered for receiving push notifications.
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
Compliance:
type: object
properties:
id:
type: string
create_at:
type: integer
format: int64
user_id:
type: string
status:
type: string
count:
type: integer
desc:
type: string
type:
type: string
start_at:
type: integer
format: int64
end_at:
type: integer
format: int64
keywords:
type: string
emails:
type: string
ClusterInfo:
Update /api/v4/cluster/status docs (#28189) Co-authored-by: Mattermost Build <build@mattermost.com>
2024-09-16 11:51:51 -04:00
type: array
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
properties:
Update /api/v4/cluster/status docs (#28189) Co-authored-by: Mattermost Build <build@mattermost.com>
2024-09-16 11:51:51 -04:00
items:
type: object
properties:
id:
description: The unique ID for the node
type: string
version:
description: The server version the node is on
type: string
schema_version:
description: The number of the latest DB migration successfully executed for the node
type: string
config_hash:
description: The hash of the configuration file the node is using
type: string
ipaddress:
description: The IP address of the node
type: string
hostname:
description: The hostname for this node
type: string
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
AppError:
type: object
properties:
status_code:
type: integer
id:
type: string
message:
type: string
request_id:
type: string
Status:
type: object
properties:
user_id:
type: string
status:
type: string
manual:
type: boolean
last_activity_at:
type: integer
format: int64
OAuthApp:
type: object
properties:
id:
type: string
description: The client id of the application
client_secret:
type: string
description: The client secret of the application
name:
type: string
description: The name of the client application
description:
type: string
description: A short description of the application
icon_url:
type: string
description: A URL to an icon to display with the application
callback_urls:
type: array
items:
type: string
description: A list of callback URLs for the appliation
homepage:
type: string
description: A link to the website of the application
is_trusted:
type: boolean
description: Set this to `true` to skip asking users for permission
create_at:
type: integer
description: The time of registration for the application
format: int64
update_at:
type: integer
description: The last time of update for the application
format: int64
Authorization metadata endpoint and Dynamic Client Registration of Confidential OAuth Apps (#33642) * initial DCR and metadata implementation * check for duplicate registrations * tests and other cleanup * dcr fixes * tidy up unused DCR fields * remove initial access token support * remove duplicate client checks * remove unused store function * remove restrictive redirect url checks * create some constants for endpoints * surface support for implicit grant and add system console setting * fix frontend issues with DCR clients * rate limiting the DCR endpoint * lint * lint and cleanup * remove storage of grants, responses and methods. Just enforce in the code * fix lint and tests * docs and test * accidentally removed comments * fix mock * translations * do not advertise public client capability * validate supplied token_endpoint_auth_method * fix pr comments * updates * add metadata endpoint to docs * add definition * lint * fix client4 * fix client methods * fix client again --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2025-11-11 09:27:18 -05:00
ClientRegistrationRequest:
type: object
description: OAuth 2.0 Dynamic Client Registration request as defined in RFC 7591
required:
- redirect_uris
properties:
redirect_uris:
type: array
items:
type: string
description: Array of redirection URI strings for use in redirect-based flows such as the authorization code and implicit flows
minItems: 1
client_name:
type: string
description: Human-readable string name of the client to be presented to the end-user during authorization
maxLength: 64
client_uri:
type: string
description: URL string of a web page providing information about the client
maxLength: 256
format: uri
ClientRegistrationResponse:
type: object
description: OAuth 2.0 Dynamic Client Registration response as defined in RFC 7591
properties:
client_id:
type: string
description: OAuth 2.0 client identifier string
client_secret:
type: string
description: OAuth 2.0 client secret string
redirect_uris:
type: array
items:
type: string
description: Array of the registered redirection URI strings
token_endpoint_auth_method:
type: string
description: String indicator of the requested authentication method for the token endpoint
enum:
- client_secret_post
- none
grant_types:
type: array
items:
type: string
description: Array of OAuth 2.0 grant type strings that the client can use at the token endpoint
response_types:
type: array
items:
type: string
description: Array of the OAuth 2.0 response type strings that the client can use at the authorization endpoint
scope:
type: string
description: Space-separated list of scope values that the client can use when requesting access tokens
client_name:
type: string
description: Human-readable string name of the client to be presented to the end-user during authorization
client_uri:
type: string
description: URL string of a web page providing information about the client
format: uri
AuthorizationServerMetadata:
type: object
description: OAuth 2.0 Authorization Server Metadata as defined in RFC 8414
properties:
issuer:
type: string
description: The authorization server's issuer identifier, which is a URL that uses the "https" scheme
authorization_endpoint:
type: string
description: URL of the authorization server's authorization endpoint
token_endpoint:
type: string
description: URL of the authorization server's token endpoint
response_types_supported:
type: array
items:
type: string
description: JSON array containing a list of the OAuth 2.0 response_type values that this authorization server supports
registration_endpoint:
type: string
description: URL of the authorization server's OAuth 2.0 Dynamic Client Registration endpoint
scopes_supported:
type: array
items:
type: string
description: JSON array containing a list of the OAuth 2.0 scope values that this authorization server supports
grant_types_supported:
type: array
items:
type: string
description: JSON array containing a list of the OAuth 2.0 grant type values that this authorization server supports
token_endpoint_auth_methods_supported:
type: array
items:
type: string
description: JSON array containing a list of client authentication methods supported by the token endpoint
code_challenge_methods_supported:
type: array
items:
type: string
description: JSON array containing a list of PKCE code challenge methods supported by this authorization server
required:
- issuer
- response_types_supported
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
Job:
type: object
properties:
id:
type: string
description: The unique id of the job
type:
type: string
description: The type of job
create_at:
type: integer
description: The time at which the job was created
format: int64
start_at:
type: integer
description: The time at which the job was started
format: int64
last_activity_at:
type: integer
description: The last time at which the job had activity
format: int64
status:
type: string
description: The status of the job
progress:
type: integer
description: The progress (as a percentage) of the job
data:
type: object
description: A freeform data field containing additional information about the job
UserAccessToken:
type: object
properties:
id:
type: string
description: Unique identifier for the token
token:
type: string
description: The token used for authentication
user_id:
type: string
description: The user the token authenticates for
description:
type: string
description: A description of the token usage
UserAccessTokenSanitized:
type: object
properties:
id:
type: string
description: Unique identifier for the token
user_id:
type: string
description: The user the token authenticates for
description:
type: string
description: A description of the token usage
is_active:
type: boolean
description: Indicates whether the token is active
GlobalDataRetentionPolicy:
type: object
properties:
message_deletion_enabled:
type: boolean
description: Indicates whether data retention policy deletion of messages is
enabled globally.
file_deletion_enabled:
type: boolean
description: Indicates whether data retention policy deletion of file attachments
is enabled globally.
message_retention_cutoff:
type: integer
description: The current server timestamp before which messages should be deleted.
file_retention_cutoff:
type: integer
description: The current server timestamp before which files should be deleted.
DataRetentionPolicyWithoutId:
type: object
properties:
display_name:
type: string
description: The display name for this retention policy.
post_duration:
type: integer
description: >
The number of days a message will be retained before being deleted by this policy.
If this value is less than 0, the policy has infinite retention (i.e. messages
are never deleted).
DataRetentionPolicy:
allOf:
- $ref: "#/components/schemas/DataRetentionPolicyWithoutId"
- type: object
properties:
id:
type: string
description: The ID of this retention policy.
DataRetentionPolicyWithTeamAndChannelCounts:
allOf:
- $ref: "#/components/schemas/DataRetentionPolicy"
- type: object
properties:
team_count:
type: integer
description: The number of teams to which this policy is applied.
channel_count:
type: integer
description: The number of channels to which this policy is applied.
DataRetentionPolicyWithTeamAndChannelIds:
allOf:
- $ref: "#/components/schemas/DataRetentionPolicyWithoutId"
- type: object
properties:
team_ids:
type: array
items:
type: string
description: The IDs of the teams to which this policy should be applied.
channel_ids:
type: array
items:
type: string
description: The IDs of the channels to which this policy should be applied.
DataRetentionPolicyCreate:
allOf:
- $ref: "#/components/schemas/DataRetentionPolicyWithTeamAndChannelIds"
required:
- display_name
- post_duration
DataRetentionPolicyForTeam:
type: object
properties:
team_id:
type: string
description: The team ID.
post_duration:
type: integer
description: The number of days a message will be retained before being deleted by this policy.
RetentionPolicyForTeamList:
type: object
properties:
policies:
type: array
items:
$ref: "#/components/schemas/DataRetentionPolicyForTeam"
description: The list of team policies.
total_count:
type: integer
description: The total number of team policies.
DataRetentionPolicyForChannel:
type: object
properties:
channel_id:
type: string
description: The channel ID.
post_duration:
type: integer
description: The number of days a message will be retained before being deleted by this policy.
RetentionPolicyForChannelList:
type: object
properties:
policies:
type: array
items:
$ref: "#/components/schemas/DataRetentionPolicyForChannel"
description: The list of channel policies.
total_count:
type: integer
description: The total number of channel policies.
UserNotifyProps:
type: object
properties:
email:
type: string
description: Set to "true" to enable email notifications, "false" to disable.
Defaults to "true".
push:
type: string
description: Set to "all" to receive push notifications for all activity,
"mention" for mentions and direct messages only, and "none" to
disable. Defaults to "mention".
desktop:
type: string
description: Set to "all" to receive desktop notifications for all activity,
"mention" for mentions and direct messages only, and "none" to
disable. Defaults to "all".
desktop_sound:
type: string
description: Set to "true" to enable sound on desktop notifications, "false" to
disable. Defaults to "true".
mention_keys:
type: string
description: A comma-separated list of words to count as mentions. Defaults to
username and @username.
channel:
type: string
description: Set to "true" to enable channel-wide notifications (@channel, @all,
etc.), "false" to disable. Defaults to "true".
first_name:
type: string
description: Set to "true" to enable mentions for first name. Defaults to "true"
if a first name is set, "false" otherwise.
Update api user endpoint docs to fix useAutomaticTimezone type and document more fields (#33901)
2025-09-16 08:58:31 -04:00
auto_responder_message:
type: string
description: The message sent to users when they are auto-responded to.
Defaults to "".
push_threads:
type: string
description: Set to "all" to enable mobile push notifications for followed threads and "none" to disable.
Defaults to "all".
comments:
type: string
description: Set to "any" to enable notifications for comments to any post you have
replied to, "root" for comments on your posts, and "never" to disable. Only
affects users with collapsed reply threads disabled.
Defaults to "never".
desktop_threads:
type: string
description: Set to "all" to enable desktop notifications for followed threads and "none" to disable.
Defaults to "all".
email_threads:
type: string
description: Set to "all" to enable email notifications for followed threads and "none" to disable.
Defaults to "all".
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
Timezone:
type: object
properties:
useAutomaticTimezone:
Update api user endpoint docs to fix useAutomaticTimezone type and document more fields (#33901)
2025-09-16 08:58:31 -04:00
type: string
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
description: Set to "true" to use the browser/system timezone, "false" to set
manually. Defaults to "true".
manualTimezone:
type: string
description: Value when setting manually the timezone, i.e. "Europe/Berlin".
automaticTimezone:
type: string
description: This value is set automatically when the "useAutomaticTimezone" is
set to "true".
ChannelNotifyProps:
type: object
properties:
email:
type: string
description: Set to "true" to enable email notifications, "false" to disable, or
"default" to use the global user notification setting.
push:
type: string
description: Set to "all" to receive push notifications for all activity,
"mention" for mentions and direct messages only, "none" to disable,
or "default" to use the global user notification setting.
desktop:
type: string
description: Set to "all" to receive desktop notifications for all activity,
"mention" for mentions and direct messages only, "none" to disable,
or "default" to use the global user notification setting.
mark_unread:
type: string
description: Set to "all" to mark the channel unread for any new message,
"mention" to mark unread for new mentions only. Defaults to "all".
PluginManifest:
type: object
properties:
id:
type: string
description: Globally unique identifier that represents the plugin.
name:
type: string
description: Name of the plugin.
description:
type: string
description: Description of what the plugin is and does.
version:
type: string
description: Version number of the plugin.
min_server_version:
type: string
description: |
The minimum Mattermost server version required for the plugin.
Available as server version 5.6.
backend:
type: object
description: Deprecated in Mattermost 5.2 release.
properties:
executable:
type: string
description: Path to the executable binary.
server:
type: object
properties:
executables:
type: object
description: Paths to executable binaries, specifying multiple entry points
for different platforms when bundled together in a single
plugin.
properties:
linux-amd64:
type: string
darwin-amd64:
type: string
windows-amd64:
type: string
executable:
type: string
description: Path to the executable binary.
webapp:
type: object
properties:
bundle_path:
type: string
description: Path to the webapp JavaScript bundle.
settings_schema:
type: object
description: Settings schema used to define the System Console UI for the plugin.
MarketplacePlugin:
type: object
properties:
homepage_url:
type: string
description: URL that leads to the homepage of the plugin.
icon_data:
type: string
description: Base64 encoding of a plugin icon SVG.
download_url:
type: string
description: URL to download the plugin.
release_notes_url:
type: string
description: URL that leads to the release notes of the plugin.
labels:
type: array
items:
type: string
description: A list of the plugin labels.
signature:
type: string
description: Base64 encoded signature of the plugin.
manifest:
$ref: "#/components/schemas/PluginManifest"
installed_version:
type: string
description: Version number of the already installed plugin, if any.
PushNotification:
type: object
properties:
ack_id:
type: string
platform:
type: string
server_id:
type: string
device_id:
type: string
post_id:
type: string
category:
type: string
sound:
type: string
message:
type: string
badge:
type: number
cont_ava:
type: number
team_id:
type: string
channel_id:
type: string
root_id:
type: string
channel_name:
type: string
type:
type: string
sender_id:
type: string
sender_name:
type: string
override_username:
type: string
override_icon_url:
type: string
from_webhook:
type: string
version:
type: string
is_id_loaded:
type: boolean
PluginStatus:
type: object
properties:
plugin_id:
type: string
description: Globally unique identifier that represents the plugin.
name:
type: string
description: Name of the plugin.
description:
type: string
description: Description of what the plugin is and does.
version:
type: string
description: Version number of the plugin.
cluster_id:
type: string
description: ID of the cluster in which plugin is running
plugin_path:
type: string
description: Path to the plugin on the server
state:
type: number
description: State of the plugin
enum:
- NotRunning
- Starting
- Running
- FailedToStart
- FailedToStayRunning
- Stopping
PluginManifestWebapp:
type: object
properties:
id:
type: string
description: Globally unique identifier that represents the plugin.
version:
type: string
description: Version number of the plugin.
webapp:
type: object
properties:
bundle_path:
type: string
description: Path to the webapp JavaScript bundle.
Role:
type: object
properties:
id:
type: string
description: The unique identifier of the role.
name:
type: string
description: The unique name of the role, used when assigning roles to
users/groups in contexts.
display_name:
type: string
description: The human readable name for the role.
description:
type: string
description: A human readable description of the role.
permissions:
type: array
items:
type: string
description: A list of the unique names of the permissions this role grants.
scheme_managed:
type: boolean
description: indicates if this role is managed by a scheme (true), or is a custom
stand-alone role (false).
Scheme:
type: object
properties:
id:
type: string
description: The unique identifier of the scheme.
name:
type: string
description: The human readable name for the scheme.
description:
type: string
description: A human readable description of the scheme.
create_at:
type: integer
format: int64
description: The time at which the scheme was created.
update_at:
type: integer
format: int64
description: The time at which the scheme was last updated.
delete_at:
type: integer
format: int64
description: The time at which the scheme was deleted.
scope:
type: string
description: The scope to which this scheme can be applied, either "team" or
"channel".
default_team_admin_role:
type: string
description: The id of the default team admin role for this scheme.
default_team_user_role:
type: string
description: The id of the default team user role for this scheme.
default_channel_admin_role:
type: string
description: The id of the default channel admin role for this scheme.
default_channel_user_role:
type: string
description: The id of the default channel user role for this scheme.
TermsOfService:
type: object
properties:
id:
type: string
description: The unique identifier of the terms of service.
create_at:
type: integer
format: int64
description: The time at which the terms of service was created.
user_id:
type: string
description: The unique identifier of the user who created these terms of service.
text:
type: string
description: The text of terms of service. Supports Markdown.
UserTermsOfService:
type: object
properties:
user_id:
type: string
description: The unique identifier of the user who performed this terms of
service action.
terms_of_service_id:
type: string
description: The unique identifier of the terms of service the action was
performed on.
create_at:
description: The time in milliseconds that this action was performed.
type: integer
format: int64
PostIdToReactionsMap:
type: object
additionalProperties:
type: array
items:
$ref: "#/components/schemas/Reaction"
Product:
type: object
properties:
id:
type: string
name:
type: string
description:
type: string
price_per_seat:
type: string
add_ons:
type: array
items:
$ref: "#/components/schemas/AddOn"
AddOn:
type: object
properties:
id:
type: string
name:
type: string
display_name:
type: string
price_per_seat:
type: string
ProductLimits:
type: object
properties:
boards:
$ref: "#/components/schemas/BoardsLimits"
nullable: true
files:
$ref: "#/components/schemas/FilesLimits"
nullable: true
integrations:
$ref: "#/components/schemas/IntegrationsLimits"
nullable: true
messages:
$ref: "#/components/schemas/MessagesLimits"
nullable: true
teams:
$ref: "#/components/schemas/TeamsLimits"
nullable: true
BoardsLimits:
type: object
properties:
cards:
type: integer
nullable: true
views:
type: integer
nullable: true
FilesLimits:
type: object
properties:
total_storage:
type: integer
format: int64
nullable: true
IntegrationsLimits:
type: object
properties:
enabled:
type: integer
nullable: true
MessagesLimits:
type: object
properties:
history:
type: integer
nullable: true
TeamsLimits:
type: object
properties:
active:
type: integer
nullable: true
PaymentSetupIntent:
type: object
properties:
id:
type: string
client_secret:
type: string
PaymentMethod:
type: object
properties:
type:
type: string
last_four:
type: integer
exp_month:
type: integer
exp_year:
type: integer
card_brand:
type: string
name:
type: string
Address:
type: object
properties:
city:
type: string
country:
type: string
line1:
type: string
line2:
type: string
postal_code:
type: string
state:
type: string
CloudCustomer:
type: object
properties:
id:
type: string
creator_id:
type: string
create_at:
type: integer
format: int64
email:
type: string
name:
type: string
num_employees:
type: string
contact_first_name:
type: string
contact_last_name:
type: string
billing_address:
$ref: "#/components/schemas/Address"
company_address:
$ref: "#/components/schemas/Address"
payment_method:
$ref: "#/components/schemas/PaymentMethod"
Subscription:
type: object
properties:
id:
type: string
customer_id:
type: string
product_id:
type: string
add_ons:
type: array
items:
type: string
start_at:
type: integer
format: int64
end_at:
type: integer
format: int64
create_at:
type: integer
format: int64
seats:
type: integer
dns:
type: string
SubscriptionStats:
type: object
properties:
remaining_seats:
type: integer
is_paid_tier:
type: string
Invoice:
type: object
properties:
id:
type: string
number:
type: string
create_at:
type: integer
format: int64
total:
type: integer
format: int64
tax:
type: integer
format: int64
status:
type: string
period_start:
type: integer
format: int64
period_end:
type: integer
format: int64
subscription_id:
type: string
item:
type: array
items:
$ref: "#/components/schemas/InvoiceLineItem"
InvoiceLineItem:
type: object
properties:
price_id:
type: string
total:
type: integer
format: int64
quantity:
type: integer
format: int64
price_per_unit:
type: integer
format: int64
description:
type: string
metadata:
type: array
items:
type: string
Group:
type: object
properties:
id:
type: string
name:
type: string
display_name:
type: string
description:
type: string
source:
type: string
remote_id:
type: string
create_at:
type: integer
format: int64
update_at:
type: integer
format: int64
delete_at:
type: integer
format: int64
has_syncables:
type: boolean
Fixed API return type in documentation (#28984) Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com>
2024-11-19 04:29:17 -05:00
GroupMember:
type: object
properties:
group_id:
type: string
user_id:
type: string
create_at:
type: integer
format: int64
delete_at:
type: integer
format: int64
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
GroupSyncableTeam:
type: object
properties:
team_id:
type: string
group_id:
type: string
auto_add:
type: boolean
create_at:
type: integer
format: int64
delete_at:
type: integer
format: int64
update_at:
type: integer
format: int64
GroupSyncableChannel:
type: object
properties:
channel_id:
type: string
group_id:
type: string
auto_add:
type: boolean
create_at:
type: integer
format: int64
delete_at:
type: integer
format: int64
update_at:
type: integer
format: int64
GroupSyncableTeams:
type: object
properties:
team_id:
type: string
team_display_name:
type: string
team_type:
type: string
group_id:
type: string
auto_add:
type: boolean
create_at:
type: integer
format: int64
delete_at:
type: integer
format: int64
update_at:
type: integer
format: int64
GroupSyncableChannels:
type: object
properties:
channel_id:
type: string
channel_display_name:
type: string
channel_type:
type: string
team_id:
type: string
team_display_name:
type: string
team_type:
type: string
group_id:
type: string
auto_add:
type: boolean
create_at:
type: integer
format: int64
delete_at:
type: integer
format: int64
update_at:
type: integer
format: int64
ChannelModeration:
type: object
properties:
name:
type: string
roles:
$ref: "#/components/schemas/ChannelModeratedRoles"
ChannelModeratedRoles:
type: object
properties:
guests:
$ref: "#/components/schemas/ChannelModeratedRole"
members:
$ref: "#/components/schemas/ChannelModeratedRole"
ChannelModeratedRole:
type: object
properties:
value:
type: boolean
enabled:
type: boolean
ChannelModeratedRolesPatch:
type: object
properties:
guests:
type: boolean
members:
type: boolean
ChannelModerationPatch:
type: object
properties:
name:
type: string
roles:
$ref: "#/components/schemas/ChannelModeratedRolesPatch"
ChannelMemberCountByGroup:
description: An object describing group member information in a channel
type: object
properties:
group_id:
type: string
description: ID of the group
channel_member_count:
type: number
description: Total number of group members in the channel
channel_member_timezones_count:
type: number
description: Total number of unique timezones for the group members in the channel
LDAPGroupsPaged:
description: A paged list of LDAP groups
type: object
properties:
count:
type: number
description: Total number of groups
groups:
type: array
items:
$ref: "#/components/schemas/LDAPGroup"
LDAPGroup:
description: A LDAP group
type: object
properties:
has_syncables:
type: boolean
mattermost_group_id:
type: string
primary_key:
type: string
name:
type: string
SidebarCategory:
description: User's sidebar category
type: object
properties:
id:
type: string
user_id:
type: string
team_id:
type: string
display_name:
type: string
type:
type: string
enum:
- channels
- custom
- direct_messages
- favorites
SidebarCategoryWithChannels:
description: User's sidebar category with it's channels
type: object
properties:
id:
type: string
user_id:
type: string
team_id:
type: string
display_name:
type: string
type:
type: string
enum:
- channels
- custom
- direct_messages
- favorites
channel_ids:
type: array
items:
type: string
OrderedSidebarCategories:
description: List of user's categories with their channels
type: object
properties:
order:
type: array
items:
type: string
categories:
type: array
items:
$ref: "#/components/schemas/SidebarCategoryWithChannels"
Bot:
description: A bot account
type: object
properties:
user_id:
description: The user id of the associated user entry.
type: string
create_at:
description: The time in milliseconds a bot was created
type: integer
format: int64
update_at:
description: The time in milliseconds a bot was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a bot was deleted
type: integer
format: int64
username:
type: string
display_name:
type: string
description:
type: string
owner_id:
description: The user id of the user that currently owns this bot.
type: string
Server_Busy:
type: object
properties:
busy:
description: True if the server is marked as busy (under high load)
type: boolean
expires:
description: timestamp - number of seconds since Jan 1, 1970 UTC.
type: integer
format: int64
GroupWithSchemeAdmin:
description: group augmented with scheme admin information
type: object
properties:
group:
$ref: "#/components/schemas/Group"
scheme_admin:
type: boolean
GroupsAssociatedToChannels:
description: a map of channel id(s) to the set of groups that constrain the corresponding channel in a team
type: object
additionalProperties:
type: array
items:
$ref: "#/components/schemas/GroupWithSchemeAdmin"
OrphanedRecord:
description: an object containing information about an orphaned record.
type: object
properties:
parent_id:
type: string
description: the id of the parent relation (table) entry.
child_id:
type: string
description: the id of the child relation (table) entry.
UserThread:
description: a thread that user is following
type: object
properties:
id:
type: string
description: ID of the post that is this thread's root
reply_count:
type: integer
description: number of replies in this thread
last_reply_at:
type: integer
format: int64
description: timestamp of the last post to this thread
last_viewed_at:
type: integer
format: int64
description: timestamp of the last time the user viewed this thread
participants:
type: array
description: list of users participating in this thread. only includes IDs unless 'extended' was set to 'true'
items:
changed api spec definition for userThread (#34819)
2026-01-07 09:10:42 -05:00
$ref: "#/components/schemas/User"
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
post:
$ref: "#/components/schemas/Post"
RelationalIntegrityCheckData:
description: an object containing the results of a relational integrity check.
type: object
properties:
parent_name:
type: string
description: the name of the parent relation (table).
child_name:
type: string
description: the name of the child relation (table).
parent_id_attr:
type: string
description: the name of the attribute (column) containing the parent id.
child_id_attr:
type: string
description: the name of the attribute (column) containing the child id.
records:
description: the list of orphaned records found.
type: array
items:
$ref: "#/components/schemas/OrphanedRecord"
IntegrityCheckResult:
description: an object with the result of the integrity check.
type: object
properties:
data:
$ref: "#/components/schemas/RelationalIntegrityCheckData"
err:
type: string
description: a string value set in case of error.
UploadSession:
description: an object containing information used to keep track of a file upload.
type: object
properties:
id:
description: The unique identifier for the upload.
type: string
type:
description: The type of the upload.
type: string
enum:
- attachment
- import
create_at:
description: The time the upload was created in milliseconds.
type: integer
format: int64
user_id:
description: The ID of the user performing the upload.
type: string
channel_id:
description: The ID of the channel to upload to.
type: string
filename:
description: The name of the file to upload.
type: string
file_size:
description: The size of the file to upload in bytes.
type: integer
format: int64
file_offset:
description: The amount of data uploaded in bytes.
type: integer
format: int64
Notice:
type: object
properties:
id:
description: Notice ID
type: string
sysAdminOnly:
description: Does this notice apply only to sysadmins
type: boolean
teamAdminOnly:
description: Does this notice apply only to team admins
type: boolean
action:
description: "Optional action to perform on action button click. (defaults to closing the notice)"
type: string
actionParam:
description: "Optional action parameter. \nExample: {\"action\": \"url\", actionParam: \"/console/some-page\"}"
type: string
actionText:
description: Optional override for the action button text (defaults to OK)
type: string
description:
description: "Notice content. Use {{Mattermost}} instead of plain text to support white-labeling. Text supports Markdown."
type: string
image:
description: URL of image to display
type: string
title:
description: "Notice title. Use {{Mattermost}} instead of plain text to support white-labeling. Text supports Markdown."
type: string
SharedChannel:
type: object
properties:
id:
description: Channel id of the shared channel
type: string
team_id:
type: string
home:
description: Is this the home cluster for the shared channel
type: boolean
readonly:
description: Is this shared channel shared as read only
type: boolean
name:
description: Channel name as it is shared (may be different than original channel name)
type: string
display_name:
description: Channel display name as it appears locally
type: string
purpose:
type: string
header:
type: string
creator_id:
description: Id of the user that shared the channel
type: string
create_at:
description: Time in milliseconds that the channel was shared
type: integer
update_at:
description: Time in milliseconds that the shared channel record was last updated
type: integer
remote_id:
description: Id of the remote cluster where the shared channel is homed
type: string
Adds Remote Cluster related API endpoints (#27432) * Adds Remote Cluster related API endpoints New endpoints for the following routes are added: - Get Remote Clusters at `GET /api/v4/remotecluster` - Create Remote Cluster at `POST /api/v4/remotecluster` - Accept Remote Cluster invite at `POST /api/v4/remotecluster/accept_invite` - Generate Remote Cluster invite at `POST /api/v4/remotecluster/{remote_id}/generate_invite` - Get Remote Cluster at `GET /api/v4/remotecluster/{remote_id}` - Patch Remote Cluster at `PATCH /api/v4/remotecluster/{remote_id}` - Delete Remote Cluster at `DELETE /api/v4/remotecluster/{remote_id}` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Update server/channels/api4/remote_cluster_test.go Co-authored-by: Doug Lauder <wiggin77@warpmail.net> * Fix AppError names --------- Co-authored-by: Doug Lauder <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-07-04 04:35:26 -04:00
RemoteCluster:
type: object
properties:
remote_id:
type: string
remote_team_id:
type: string
name:
type: string
display_name:
type: string
site_url:
description: URL of the remote cluster
type: string
Adds default team to the remote cluster entity (#27863) * Adds default team to the remote cluster entity A new DefaultTeamId field is added to the RemoteCluster entity and its endpoints, and used when receiving channel invites to choose in which team to create a new channel. This will be later extended with the ability for the system admin to manually accept invites, choosing which team to create the channel on each. This use case will be triggered when the DefaultTeamId field is empty, which now simply chooses the first team it finds in the database as a fallback. * Fix migrations list * Fixes channelinvite test case * Fix i18n * Fix migration list
2024-08-08 10:36:27 -04:00
default_team_id:
description: The team where channels from invites are created
type: string
Adds Remote Cluster related API endpoints (#27432) * Adds Remote Cluster related API endpoints New endpoints for the following routes are added: - Get Remote Clusters at `GET /api/v4/remotecluster` - Create Remote Cluster at `POST /api/v4/remotecluster` - Accept Remote Cluster invite at `POST /api/v4/remotecluster/accept_invite` - Generate Remote Cluster invite at `POST /api/v4/remotecluster/{remote_id}/generate_invite` - Get Remote Cluster at `GET /api/v4/remotecluster/{remote_id}` - Patch Remote Cluster at `PATCH /api/v4/remotecluster/{remote_id}` - Delete Remote Cluster at `DELETE /api/v4/remotecluster/{remote_id}` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Update server/channels/api4/remote_cluster_test.go Co-authored-by: Doug Lauder <wiggin77@warpmail.net> * Fix AppError names --------- Co-authored-by: Doug Lauder <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-07-04 04:35:26 -04:00
create_at:
description: Time in milliseconds that the remote cluster was created
type: integer
Adds logical deletes to shared channel remotes and remote clusters (#28159) * Adds logical deletes to shared channel remotes and remote clusters Instead of physically deleting the shared channel remote and remote clusters records when a channel is unshared, a remote uninvited or a remote cluster is deleted, now those have a logical `DeleteAt` field that is set. This allows us to safely restore shared channels between two remote clusters (as of now resetting the cursor without backfilling their contents) and to know which connections were established in the past and now are severed. * Delete the index in remoteclusters before adding the new column * Fix bad error check
2024-09-12 07:55:11 -04:00
delete_at:
description: Time in milliseconds that the remote cluster record was deleted
type: integer
Adds Remote Cluster related API endpoints (#27432) * Adds Remote Cluster related API endpoints New endpoints for the following routes are added: - Get Remote Clusters at `GET /api/v4/remotecluster` - Create Remote Cluster at `POST /api/v4/remotecluster` - Accept Remote Cluster invite at `POST /api/v4/remotecluster/accept_invite` - Generate Remote Cluster invite at `POST /api/v4/remotecluster/{remote_id}/generate_invite` - Get Remote Cluster at `GET /api/v4/remotecluster/{remote_id}` - Patch Remote Cluster at `PATCH /api/v4/remotecluster/{remote_id}` - Delete Remote Cluster at `DELETE /api/v4/remotecluster/{remote_id}` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Update server/channels/api4/remote_cluster_test.go Co-authored-by: Doug Lauder <wiggin77@warpmail.net> * Fix AppError names --------- Co-authored-by: Doug Lauder <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-07-04 04:35:26 -04:00
last_ping_at:
description: Time in milliseconds when the last ping to the remote cluster was run
type: integer
token:
type: string
remote_token:
type: string
topics:
type: string
creator_id:
type: string
plugin_id:
type: string
options:
description: A bitmask with a set of option flags
type: integer
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
RemoteClusterInfo:
type: object
properties:
display_name:
description: The display name for the remote cluster
type: string
create_at:
description: The time in milliseconds a remote cluster was created
type: integer
format: int64
last_ping_at:
description: The time in milliseconds a remote cluster was last pinged successfully
type: integer
format: int64
Adds Shared Channel related API endpoints (#27436) * Adds Shared Channel management API endpoints New endpoints for the following routes are added: - Get Shared Channel Remotes by Remote Cluster at `GET /api/v4/remotecluster/{remote_id}/sharedchannelremotes` - Invite Remote Cluster to Channel at `POST /api/v4/remotecluster/{remote_id}/channels/invite` - Uninvite Remote Cluster to Channel at `POST /api/v4/remotecluster/{remote_id}/channels/uninvite` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Adds i18n messages for API errors * Fix pagination flaky test * Fix linter * Adds the posibility of filtering shared channel remotes by home --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2024-08-29 06:46:37 -04:00
SharedChannelRemote:
type: object
properties:
id:
description: The id of the shared channel remote
type: string
channel_id:
description: The id of the channel
type: string
creator_id:
description: Id of the user that invited the remote to share the channel
type: string
create_at:
description: Time in milliseconds that the remote was invited to the channel
type: integer
update_at:
description: Time in milliseconds that the shared channel remote record was last updated
type: integer
Adds logical deletes to shared channel remotes and remote clusters (#28159) * Adds logical deletes to shared channel remotes and remote clusters Instead of physically deleting the shared channel remote and remote clusters records when a channel is unshared, a remote uninvited or a remote cluster is deleted, now those have a logical `DeleteAt` field that is set. This allows us to safely restore shared channels between two remote clusters (as of now resetting the cursor without backfilling their contents) and to know which connections were established in the past and now are severed. * Delete the index in remoteclusters before adding the new column * Fix bad error check
2024-09-12 07:55:11 -04:00
delete_at:
description: Time in milliseconds that the shared chanenl remote record was deleted
type: integer
Adds Shared Channel related API endpoints (#27436) * Adds Shared Channel management API endpoints New endpoints for the following routes are added: - Get Shared Channel Remotes by Remote Cluster at `GET /api/v4/remotecluster/{remote_id}/sharedchannelremotes` - Invite Remote Cluster to Channel at `POST /api/v4/remotecluster/{remote_id}/channels/invite` - Uninvite Remote Cluster to Channel at `POST /api/v4/remotecluster/{remote_id}/channels/uninvite` These endpoints are planned to be used from the system console, and gated through the `manage_secure_connections` permission. * Adds i18n messages for API errors * Fix pagination flaky test * Fix linter * Adds the posibility of filtering shared channel remotes by home --------- Co-authored-by: Mattermost Build <build@mattermost.com>
2024-08-29 06:46:37 -04:00
is_invite_accepted:
description: Indicates if the invite has been accepted by the remote
type: boolean
is_invite_confirmed:
description: Indicates if the invite has been confirmed by the remote
type: boolean
remote_id:
description: Id of the remote cluster that the channel is shared with
type: string
last_post_update_at:
description: Time in milliseconds of the last post in the channel that was synchronized with the remote update_at
type: integer
last_post_id:
description: Id of the last post in the channel that was synchronized with the remote
type: string
last_post_create_at:
description: Time in milliseconds of the last post in the channel that was synchronized with the remote create_at
type: string
last_post_create_id:
type: string
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
SystemStatusResponse:
type: object
properties:
AndroidLatestVersion:
description: Latest Android version supported
type: string
AndroidMinVersion:
description: Minimum Android version supported
type: string
DesktopLatestVersion:
description: Latest desktop version supported
type: string
DesktopMinVersion:
description: Minimum desktop version supported
type: string
IosLatestVersion:
description: Latest iOS version supported
type: string
IosMinVersion:
description: Minimum iOS version supported
type: string
database_status:
description: Status of database ("OK" or "UNHEALTHY"). Included when get_server_status parameter set.
type: string
filestore_status:
description: Status of filestore ("OK" or "UNHEALTHY"). Included when get_server_status parameter set.
type: string
status:
description: Status of server ("OK" or "UNHEALTHY"). Included when get_server_status parameter set.
type: string
CanReceiveNotifications:
description: Whether the device id provided can receive notifications ("true", "false" or "unknown"). Included when device_id parameter set.
type: string
UserThreads:
type: object
properties:
total:
description: Total number of threads (used for paging)
type: integer
threads:
description: Array of threads
type: array
items:
$ref: "#/components/schemas/UserThread"
LicenseRenewalLink:
type: object
properties:
renewal_link:
description: License renewal link
type: string
System:
type: object
properties:
name:
description: System property name
type: string
value:
description: System property value
type: string
PostsUsage:
type: object
properties:
count:
type: number
description: Total no. of posts
StorageUsage:
type: object
properties:
bytes:
type: number
description: Total file storage usage for the instance in bytes rounded down to the most significant digit
Add common code for AI workflows (#34381) * Add common /ai endpoints for agents and services and common component for agent selection * Fix vet api * Add a bunch of redux stuff * Fixes * Missed an add * fix types * Add a hook to determine if bridge is enabled * Add debounce to hook to prevent double fetches from PLUGIN_* and CONFIG_CHANGED event both firing when a plugin state is changed * Fix i18n * Rename to remove 'AI' (#34393) --------- Co-authored-by: Christopher Speller <crspeller@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2025-11-04 10:16:43 -05:00
BridgeAgentInfo:
type: object
properties:
id:
type: string
description: Unique identifier for the agent
displayName:
type: string
description: Human-readable name for the agent
username:
type: string
description: Username associated with the agent bot
service_id:
type: string
description: ID of the service providing this agent
service_type:
type: string
description: Type of the service (e.g., openai, anthropic)
BridgeServiceInfo:
type: object
properties:
id:
type: string
description: Unique identifier for the LLM service
name:
type: string
description: Name of the LLM service
type:
type: string
description: Type of the service (e.g., openai, anthropic, azure)
AgentsResponse:
type: object
properties:
agents:
type: array
items:
$ref: "#/components/schemas/BridgeAgentInfo"
description: List of available agents
ServicesResponse:
type: object
properties:
services:
type: array
items:
$ref: "#/components/schemas/BridgeServiceInfo"
description: List of available LLM services
Autotranslations MVP (#34696) --------- Co-authored-by: Elias Nahum <nahumhbl@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Nick Misasi <nick.misasi@mattermost.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Matthew Birtch <mattbirtch@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2026-01-26 17:05:34 -05:00
AgentsIntegrityResponse:
type: object
properties:
available:
type: boolean
description: Whether the AI plugin bridge is available
reason:
type: string
description: Reason code if not available (translation ID)
Ability to E2E AI Bridge features + Initial Recaps E2E (#35541) * Add shared AI bridge seam Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add AI bridge test helper API Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add AI bridge seam test coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add Playwright AI bridge recap helpers Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap channel persistence test Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Restore bridge client compatibility shim Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Expand recap card in Playwright spec Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Recaps e2e test coverage (#35543) * Add Recaps Playwright page object Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Expand AI recap Playwright coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Format recap Playwright coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap regeneration test flows Co-authored-by: Nick Misasi <nick13misasi@gmail.com> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> * Fix AI bridge lint and OpenAPI docs Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap lint shadowing Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Stabilize failed recap regeneration spec Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fill AI bridge i18n strings Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix i18n * Add service completion bridge path and operation tracking fields Extend AgentsBridge with CompleteService for service-based completions, add ClientOperation/OperationSubType tracking to BridgeCompletionRequest, and propagate operation metadata through to the bridge client. Made-with: Cursor * Fill empty i18n translation strings for enterprise keys The previous "Fix i18n" commit added 145 i18n entries with empty translation strings, causing the i18n check to fail in CI. Fill in all translations based on the corresponding error messages in the enterprise and server source code. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Fix i18n * Fix i18n again * Rename Complete/CompleteService to AgentCompletion/ServiceCompletion Align the AgentsBridge interface method names with the underlying bridge client methods they delegate to (AgentCompletion, ServiceCompletion). Made-with: Cursor * Refactor * Add e2eAgentsBridge implementation The new file was missed from the prior refactor commit. Made-with: Cursor * Address CodeRabbit review feedback - Add 400 BadRequest response to AI bridge PUT endpoint OpenAPI spec - Add missing client_operation, operation_sub_type, service_id fields to AIBridgeTestHelperRecordedRequest schema - Deep-clone nested JSON schema values in cloneJSONOutputFormat - Populate ChannelID on recap summary bridge requests - Fix msg_count assertion to mention_count for mark-as-read verification - Make AgentCompletion/ServiceCompletion mutex usage atomic Made-with: Cursor * fix(playwright): align recaps page object with placeholder and channel menu Made-with: Cursor * fix(playwright): update recaps expectEmptyState to match RecapsList empty state After the master merge, the recaps page now renders RecapsList's "You're all caught up" empty state instead of the old placeholder. Made-with: Cursor * chore(playwright): update package-lock.json after npm install Made-with: Cursor * Revert "chore(playwright): update package-lock.json after npm install" This reverts commit 95c670863a55f1549d266baccc1e2fcf8a7cd74e. * style(playwright): fix prettier formatting in recaps page object Made-with: Cursor * fix(playwright): handle both recaps empty states correctly The recaps page has two distinct empty states: - Setup placeholder ("Set up your recap") when allRecaps is empty - RecapsList caught-up state ("You're all caught up") when the filtered tab list is empty Split expectEmptyState into expectSetupPlaceholder and expectCaughtUpEmptyState, used by the delete and bridge-unavailable tests respectively. Made-with: Cursor --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-30 12:20:47 -04:00
AIBridgeTestHelperStatus:
type: object
properties:
available:
type: boolean
description: Whether the mocked AI bridge should be reported as available
reason:
type: string
description: Optional reason code when the mocked AI bridge is unavailable
AIBridgeTestHelperFeatureFlags:
type: object
properties:
enable_ai_plugin_bridge:
type: boolean
description: Override for the EnableAIPluginBridge feature flag in test mode
enable_ai_recaps:
type: boolean
description: Override for the EnableAIRecaps feature flag in test mode
AIBridgeTestHelperCompletion:
type: object
properties:
completion:
type: string
description: Mocked completion payload returned for a queued bridge operation
error:
type: string
description: Mocked error message returned for a queued bridge operation
status_code:
type: integer
description: Optional HTTP-style status code associated with a mocked error
AIBridgeTestHelperMessage:
type: object
properties:
role:
type: string
description: Role associated with the message payload
message:
type: string
description: Message content sent through the AI bridge
file_ids:
type: array
description: Optional file IDs attached to the bridge message
items:
type: string
AIBridgeTestHelperConfig:
type: object
properties:
status:
$ref: "#/components/schemas/AIBridgeTestHelperStatus"
agents:
type: array
items:
$ref: "#/components/schemas/BridgeAgentInfo"
description: Mock agent list returned from the bridge
services:
type: array
items:
$ref: "#/components/schemas/BridgeServiceInfo"
description: Mock service list returned from the bridge
agent_completions:
type: object
description: Queued mocked completion responses keyed by explicit bridge operation name
additionalProperties:
type: array
items:
$ref: "#/components/schemas/AIBridgeTestHelperCompletion"
feature_flags:
$ref: "#/components/schemas/AIBridgeTestHelperFeatureFlags"
record_requests:
type: boolean
description: Whether bridge requests should be recorded for later inspection
AIBridgeTestHelperRecordedRequest:
type: object
properties:
operation:
type: string
description: Explicit bridge operation key such as recap_summary or rewrite
client_operation:
type: string
description: Client-facing operation routed through the bridge client
operation_sub_type:
type: string
description: Optional subtype used to disambiguate bridge requests
session_user_id:
type: string
description: Session user ID used when invoking the bridge
user_id:
type: string
description: Optional effective user ID passed through the bridge request
channel_id:
type: string
description: Optional channel context passed through the bridge request
agent_id:
type: string
description: Agent ID targeted by the bridge completion request
service_id:
type: string
description: Service ID targeted by the bridge completion request
messages:
type: array
items:
$ref: "#/components/schemas/AIBridgeTestHelperMessage"
description: Bridge messages sent for the recorded request
json_output_format:
type: object
description: Optional JSON schema requested for structured bridge output
additionalProperties: true
AIBridgeTestHelperState:
type: object
properties:
status:
$ref: "#/components/schemas/AIBridgeTestHelperStatus"
agents:
type: array
items:
$ref: "#/components/schemas/BridgeAgentInfo"
description: Current mocked agent list
services:
type: array
items:
$ref: "#/components/schemas/BridgeServiceInfo"
description: Current mocked service list
agent_completions:
type: object
description: Remaining queued mocked completions keyed by bridge operation
additionalProperties:
type: array
items:
$ref: "#/components/schemas/AIBridgeTestHelperCompletion"
feature_flags:
$ref: "#/components/schemas/AIBridgeTestHelperFeatureFlags"
record_requests:
type: boolean
description: Whether bridge request recording is currently enabled
recorded_requests:
type: array
description: Recorded bridge requests captured while record_requests was enabled
items:
$ref: "#/components/schemas/AIBridgeTestHelperRecordedRequest"
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
PostAcknowledgement:
type: object
properties:
user_id:
description: The ID of the user that made this acknowledgement.
type: string
post_id:
description: The ID of the post to which this acknowledgement was made.
type: string
acknowledged_at:
description: The time in milliseconds in which this acknowledgement was made.
type: integer
format: int64
[CLD-6324] Cloud IP Filtering (#24726) * Initial comit for ip filtering service implementation * Add audit logs for IP Filters * start of webapp work * Stashing * Updates based on Agniva's feedback around service vs einterface * Updates completed * Commit before refactoring, everything's working * First pass of cleanup complete, front-end tests added * actually add files * Updates to some translation strings, running i18n-extract * Lock everything behind a feature flag * Fix tests, try to fix some linter stuff * Fixed linter for JS, on to scss * Fixed linter for scss * Fix linter * More fixes for pipeline * Support for IPV6 * Remove tsx file that was removed in masteR * Revert package.json and package-lock.json to master, add cidr-regex dep into channels/package.json * Another commit to force fix Github * Fixes around IPV6. Some suggestions from Matt re: UX review. Fixing pipelines for tests and types on new cidr-regex package * Changes to address Matt's feedback * A few more changes for clean up * Add support for permissions * Fix vet for OpenAPI spec * Actually add the yaml file for openapi * Add permission migration to allow support for IP Filtering * Fix tests * Final fixes from Matt * Remove cancel button from page, update link outs to documentation * Update test to account for removed cancel button * Adjustments based on feedback from Harrison * More fixes from PR feedback * Add a t to fix translations that doesn't seem to be breaking anyone else? * More fix * updates for PR feedback * Fix linter * Fix types * Now fix the linter again * Add back tests because Harrison was able to get them running * Adjustments for PR feedback * Remove admin_definition.jsx * Fix linter * [CLD-6453] IP Filtering notification email for sysadmins (#25224) * Initial commit for IP filtering alert email * Updates to style for email, addition of ip_filtering email: * Fix pipelines * Adjustments from Matt's feedback * Padding changes * template diff (#25249) Co-authored-by: Gabe Jackson <3694686+gabrieljackson@users.noreply.github.com> * Fix hardcoded true, remove bool return value --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Gabe Jackson <3694686+gabrieljackson@users.noreply.github.com> * Lock feature behind enterprise license. Drop cidr-regex in favour of ipaddr.js dependency. Refactor isIpAddressWithinRanges to use ipaddr.js * Add a couple server tests * fix linter * Fix types from merge conflicts --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Gabe Jackson <3694686+gabrieljackson@users.noreply.github.com>
2023-11-14 09:12:04 -05:00
AllowedIPRange:
type: object
properties:
CIDRBlock:
description: An IP address range in CIDR notation
type: string
Description:
description: A description for the CIDRBlock
type: string
[MM-55017] Add API method to get users for Admin Reporting (#25499) * Add store method to get reporting data * Some store changes * Added app layer * Added API call, some miscellaneous fixes * Fix lint * Fix serialized check * Add API docs * Fix user store tests leaking users * Fix test * PR feedback * Add filtering for role/team/activated user, filter out bot users * Fix mock * Fix test * Oops * Switch to using struct filter * More PR feedback * Fix gen * Fix test * Fix API docs * Fix test * Fix possible SQL injection, some query optimization * Fix migrations * Oops * Add role to API * Fix check * Add Client4 API call for load testing * Fix test * Update server/channels/store/storetest/user_store.go Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com> * PR feedback --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com>
2023-12-08 10:30:08 -05:00
UserReport:
type: object
properties:
id:
type: string
create_at:
description: The time in milliseconds a user was created
type: integer
format: int64
Fix user reports API docs (#29506) Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com>
2024-12-16 02:13:20 -05:00
update_at:
description: The time in milliseconds a user was last updated
type: integer
format: int64
delete_at:
description: The time in milliseconds a user was deleted
type: integer
format: int64
[MM-55017] Add API method to get users for Admin Reporting (#25499) * Add store method to get reporting data * Some store changes * Added app layer * Added API call, some miscellaneous fixes * Fix lint * Fix serialized check * Add API docs * Fix user store tests leaking users * Fix test * PR feedback * Add filtering for role/team/activated user, filter out bot users * Fix mock * Fix test * Oops * Switch to using struct filter * More PR feedback * Fix gen * Fix test * Fix API docs * Fix test * Fix possible SQL injection, some query optimization * Fix migrations * Oops * Add role to API * Fix check * Add Client4 API call for load testing * Fix test * Update server/channels/store/storetest/user_store.go Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com> * PR feedback --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com>
2023-12-08 10:30:08 -05:00
username:
type: string
Fix user reports API docs (#29506) Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com>
2024-12-16 02:13:20 -05:00
auth_data:
type: string
auth_service:
type: string
[MM-55017] Add API method to get users for Admin Reporting (#25499) * Add store method to get reporting data * Some store changes * Added app layer * Added API call, some miscellaneous fixes * Fix lint * Fix serialized check * Add API docs * Fix user store tests leaking users * Fix test * PR feedback * Add filtering for role/team/activated user, filter out bot users * Fix mock * Fix test * Oops * Switch to using struct filter * More PR feedback * Fix gen * Fix test * Fix API docs * Fix test * Fix possible SQL injection, some query optimization * Fix migrations * Oops * Add role to API * Fix check * Add Client4 API call for load testing * Fix test * Update server/channels/store/storetest/user_store.go Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com> * PR feedback --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com>
2023-12-08 10:30:08 -05:00
email:
type: string
Fix user reports API docs (#29506) Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com>
2024-12-16 02:13:20 -05:00
nickname:
[MM-55017] Add API method to get users for Admin Reporting (#25499) * Add store method to get reporting data * Some store changes * Added app layer * Added API call, some miscellaneous fixes * Fix lint * Fix serialized check * Add API docs * Fix user store tests leaking users * Fix test * PR feedback * Add filtering for role/team/activated user, filter out bot users * Fix mock * Fix test * Oops * Switch to using struct filter * More PR feedback * Fix gen * Fix test * Fix API docs * Fix test * Fix possible SQL injection, some query optimization * Fix migrations * Oops * Add role to API * Fix check * Add Client4 API call for load testing * Fix test * Update server/channels/store/storetest/user_store.go Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com> * PR feedback --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com>
2023-12-08 10:30:08 -05:00
type: string
Fix user reports API docs (#29506) Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com>
2024-12-16 02:13:20 -05:00
first_name:
type: string
last_name:
type: string
position:
type: string
roles:
type: string
locale:
type: string
timezone:
$ref: "#/components/schemas/Timezone"
disable_welcome_email:
type: boolean
last_login:
[MM-55017] Add API method to get users for Admin Reporting (#25499) * Add store method to get reporting data * Some store changes * Added app layer * Added API call, some miscellaneous fixes * Fix lint * Fix serialized check * Add API docs * Fix user store tests leaking users * Fix test * PR feedback * Add filtering for role/team/activated user, filter out bot users * Fix mock * Fix test * Oops * Switch to using struct filter * More PR feedback * Fix gen * Fix test * Fix API docs * Fix test * Fix possible SQL injection, some query optimization * Fix migrations * Oops * Add role to API * Fix check * Add Client4 API call for load testing * Fix test * Update server/channels/store/storetest/user_store.go Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com> * PR feedback --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com>
2023-12-08 10:30:08 -05:00
description: Last time the user was logged in
type: integer
format: int64
last_status_at:
description: Last time the user's status was updated
type: integer
format: int64
last_post_date:
description: Last time the user made a post within the given date range
type: integer
format: int64
days_active:
description: Total number of days a user posted within the given date range
type: integer
total_posts:
description: Total number of posts made by a user within the given date range
type: integer
[CLD-6678] Various improvements for IP filtering feature (#25485) * Add GetInstallation function, allow IP Filtering page to fetch installation state, other fixes for IP filter feature * Fix pipelines * Run make build-templates * Fixing i18n * Fix openapi docs * Fix openapi docs again * make build-templates * Update test to ensure that spinner is removed after installation becomes stable * Fix types, style * update openapi because I can't validate locally... * Updates according to Matt's feedback * Add a limit to number of times installation is requested before an error is displayed * Make button disable immediately * Updates based on PR feedback * A couple missed occurrences of whitespace * Grammar fix in failed to fetch error --------- Co-authored-by: Gabe Jackson <3694686+gabrieljackson@users.noreply.github.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2023-11-28 09:09:50 -05:00
Installation:
type: object
properties:
id:
description: A unique identifier
type: string
allowed_ip_ranges:
$ref: "#/components/schemas/AllowedIPRange"
state:
description: The current state of the installation
type: string
Add support for dynamic fetching of preview modal content from S3 bucket (#33380) * Add support for dynamic fetching of preview modal content from S3 bucket * Update server/channels/api4/cloud.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update webapp/channels/src/components/cloud_preview_modal/cloud_preview_modal_controller.test.tsx Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Fixes for CI pipelines * Add definitions for openapi spec * Use any instead of interface{} * Update translations * Add the translations * Hook should only run fetch when in cloud preview --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-07-15 12:58:18 -04:00
MessageDescriptor:
type: object
properties:
id:
description: The i18n message ID
type: string
defaultMessage:
description: The default message text
type: string
values:
description: Optional values for message interpolation
type: object
additionalProperties: true
PreviewModalContentData:
type: object
properties:
skuLabel:
$ref: "#/components/schemas/MessageDescriptor"
title:
$ref: "#/components/schemas/MessageDescriptor"
subtitle:
$ref: "#/components/schemas/MessageDescriptor"
videoUrl:
description: URL of the video content
type: string
videoPoster:
description: URL of the video poster/thumbnail image
type: string
useCase:
description: The use case category for this content
type: string
Added post limit warning (#26793) * Renamed user limit API to app limit API * Added post warning limit * Added tests * Fixed types * Renamed AppLimits to ServerLimits * Fixed tests and review fixes * Updated generated code * Updated server i18n * Fixed TestCreateUserOrGuest test * Exclude deleted posts from post count for liims * Reduced limits for ease of testing * Restored original limts
2024-04-18 02:20:30 -04:00
ServerLimits:
Added API to return user count bands and user count (#25796)
2023-12-21 08:00:19 -05:00
type: object
properties:
maxUsersLimit:
description: The maximum number of users allowed on server
type: integer
format: int64
activeUserCount:
description: The number of active users in the server
type: integer
format: int64
[WIP] [MM-55031] OAuth Outgoing Connection App integration (#25379) * OAuthOutgoingConnection model * added store * make generated * add missing license headers * fix receiver name * i18n * i18n sorting * update migrations from master * make migrations-extract * update retrylayer tests * replaced sql query with id pagination * fixed flaky tests * missing columns * missing columns on save/update * typo * improved tests * remove enum from mysql colum * add password credentials to store * license changes * OAuthOutgoingConnectionInterface * Oauth -> OAuth * make generated * merge migrations * renamed migrations * model change suggestions * refactor test functionsn * migration typo * refactor store table names * updated sanitize test * cleanup merge * refactor symbol * list endpoint * oauthoutgoingconnection -> outgoingoauthconnection * signature change * i18n update * granttype typo * naming * api list * uppercase typo * i18n * missing license header * fixed path in comments * updated openapi definitions * sanitize connections * make generated * test license and no feature flag * removed t.fatal * updated testhelper calls * yaml schema fixes * switched interface name * suggested translation * missing i18n translation * address comments * updated i18n
2023-12-26 04:46:20 -05:00
# Outgoing OAuth Connections
OutgoingOAuthConnectionGetItem:
type: object
properties:
id:
description: The unique identifier for the outgoing OAuth connection.
type: string
name:
description: The name of the outgoing OAuth connection.
type: string
create_at:
description: The time in milliseconds the outgoing OAuth connection was created.
type: integer
format: int64
update_at:
description: The time in milliseconds the outgoing OAuth connection was last updated.
type: integer
format: int64
grant_type:
description: The grant type of the outgoing OAuth connection.
type: string
audiences:
description: The audiences of the outgoing OAuth connection.
type: string
Webapp - Outgoing OAuth Connections (#25507) * added store * make generated * add missing license headers * fix receiver name * i18n * i18n sorting * update migrations from master * make migrations-extract * update retrylayer tests * replaced sql query with id pagination * fixed flaky tests * missing columns * missing columns on save/update * typo * improved tests * remove enum from mysql colum * add password credentials to store * license changes * OAuthOutgoingConnectionInterface * Oauth -> OAuth * make generated * copied over installed_oauth_apps component and renamed things to installed_outgoing_oauth_connections * merge migrations * renamed migrations * model change suggestions * refactor test functionsn * migration typo * refactor store table names * updated sanitize test * cleanup merge * refactor symbol * "installed outgoing oauth connections" page works * move things into a nested folder * add and edit page stubs work * list endpoint * oauthoutgoingconnection -> outgoingoauthconnection * signature change * i18n update * granttype typo * naming * api list * uppercase typo * i18n * missing license header * fixed path in comments * updated openapi definitions * changes to support selecting command request url * sanitize connections * make generated * test license and no feature flag * removed t.fatal * updated testhelper calls * yaml schema fixes * switched interface name * suggested translation * missing i18n translation * management permission * moved permission initalization to proper place * endpoints * put tests * error check typo * fixed specific enttity urls * tests * read permission check * updated openapi definitions * i18n * GetConnectionByAudience method * notes * replaced GetConnectionsByAudience with a filter * added custom oauth token object * updated interface and usage * properly set enterprise interface * move retrieval logic to impl * webhook tests * translations * i18n: updates * address comments * endpoint and tests * i18n * api docs * fixed endpoint path * sq.like * use filter object instead of parameters * set url values if not empty * typos * converted some components to function components, and move around files * correctly check token url * restore flag to previous value * added command oauth handler * update enterprise imports * migrate last component to function component * Added enterprise import * refactor permissions and add necessary webapp code * Check correct flag in permission tree * allow partial updates * sort i18n webapp * missing test modification * fixed webapp i18n sorting * allow validating stored connections * added missing translation * fix finished adding connection link and text on result page * added missing permission to smoke tests * missing role in smoke test * updated translations * updated translations * support editing client secret on existing connection * fix some i18n strings * updated translations * better error messages * progress on using react select for command request url while maintaining typed in value * remove writeheader, test * HasValidGrantType * end early to avoid nil pointer errors * move slash command request url input box into its own component * wrap components related to oauth connections in config check * fix tests * i18n-extract * change some i18n strings to say "Outgoing OAuth 2.0 Connections" * remove debug code * fixed i18n * updated i18n file * feature configuration backend * typo * add system console setting * Revert "typo" This reverts commit 669da23e8ee47525ccaa6f59cbbd20bf8a121191. * Revert "updated i18n file" This reverts commit d0882c0dd7587533f0d0f7a7b7b190684186158a. * Revert "fixed i18n" This reverts commit 3108866bc19139182dfd094921c56cdefc4695ea. * fixed i18n * updated i18n file * typo * updated i18n * updated i18n * updated i18n * updated version to 9.6 * replace feature flag with system console configuration * i18n * updated tests * pr feedback * fix styling of disabled text box * fix styling of action links in integration console * server changes for validation feature * webapp changes for validation feature * pencil icon styling * styling fixes for oauth audience correct configuration message * fix sanitize test * remove max lengths from outgoing oauth connection form * use config var in webapp instead of feature flag * change asterisks to bullets * update api docs for validate endpoint * feedback from ux review * fix lint, types, tests * fix stylelint * implement validation button under the token url input * support wildcard for matching audience urls * updates for styling * update snapshots * add doc links for the outgoing oauth connections feature * change doc links to use permalink * add docs link to system console * fix: use limitedreader in json decoding * fix: form error in validation * management permission can read now * updated api documentation * doc typo * require one permission to read only * fix api connection list audience filter * fix audience matching and add loading indicator * fix team permissions on outgoing oauth connection api calls * fix api doc and test, for adding team id to query params * handle read permissions by adding a team in the payload * missing teamid query parameter in test * change validate button logic to not require audience urls to be filled out * fix redux type --------- Co-authored-by: Felipe Martin <me@fmartingr.com>
2024-02-09 14:49:49 -05:00
OutgoingOAuthConnectionPostItem:
type: object
properties:
name:
description: The name of the outgoing OAuth connection.
type: string
client_id:
description: The client ID of the outgoing OAuth connection.
type: string
client_secret:
description: The client secret of the outgoing OAuth connection.
type: string
credentials_username:
description: The username of the credentials of the outgoing OAuth connection.
type: string
credentials_password:
description: The password of the credentials of the outgoing OAuth connection.
type: string
oauth_token_url:
description: The OAuth token URL of the outgoing OAuth connection.
type: string
grant_type:
description: The grant type of the outgoing OAuth connection.
type: string
audiences:
description: The audiences of the outgoing OAuth connection.
type: string
Feature scheduled messages (#28932) * Create scheduled post api (#27920) * Added migration files for Postgres * Added migrations for MySQL * Added store method * Added API and store tests * Renamed migration after syncing with master * Added app layer tests * API is ready * API is ready * API is ready * Renamed migration after syncing with master * Updated migration list * Fixed retry layer tests * Allowed posts with empty messages * Review fixes * Reverted an incorrect change * Renamed migration and fixed ID assignment * CI * Send post button changes (#28019) * added Split button * WIP * Added core menu options * WIP * WIP * WIP * Handled displaying error in creating scheduled post * lint fixes * webapp i18n fix * Review fixes * Fixed a webapp test * A few more fixes * Removed a duplicate comment * Scheduled post job (#28088) * Added the job function * Added query for fetching scheduled posts for pricessing * WIP * WIP * WIP * WIP * WIP * WIP * Reafactoring of scheduled post job * Lint fixes * Updated i18n files * FInishing touches * Added tests for GetScheduledPosts * Added tests for PermanentlyDeleteScheduledPosts * Updated all layer * Some changes as discussed with team * Added tests for UpdatedScheduledPost * Code review refactoring * Added job test * MM-60120 - Custom time selection (#28120) * Added a common date time picker modal and used it for post reminder * Added a common date time picker modal and used it for post reminderggp * Added modal for custom schedule time and fixed TZ issue * WIP * Removed event from useSubmit hook * Removed event from useSubmit hook * Added timezone handling * fixed type error * Updated i18n strings * Minor cleanup * updated snapshots * review fixes * Handled event * Supported for having a DM thread open in RHS while in a regular channel * Review fixes * MM-60136 - Scheduled messages tab (#28133) * WIP * WIP * Created Tabs and Tab wrapper with added styling * Added API to get scheduled posts * WIP * Displated scheduled post count * i18n fix * Added tests * Handled asetting active tab absed on URL: * Reverted unintended change * Added API to client ad OpenAPI specs * Renamed file * Adding fileinfo to schedule posts * Partial review fixes * Made get scheduled post API return posts by teamID * review fixes * Moved scheduled post redux code to MM-redux package * Usedd selector factory * WIP: * WIP: * Lint fix * Fixed an incorrect openapi spec file * Removed redundent permission check * Clreaed scheduled post data on logout * Removed unused i18n string: * lint fix * Render scheduled posts (#28208) * WIP * WIP * Created Tabs and Tab wrapper with added styling * Added API to get scheduled posts * WIP * Displated scheduled post count * i18n fix * Added tests * Handled asetting active tab absed on URL: * Reverted unintended change * Added API to client ad OpenAPI specs * Renamed file * Created common component for draft list item * WIP * WIP * Adding fileinfo to schedule posts * Basic rendering * Added count badge to tabs * WIP * Made the Drafts LHS iteam appear if no drafts exist but scheduled posts do * Fixed icon size * Partial review fixes * Made get scheduled post API return posts by teamID * Handled initial vs team switch load * Displayed scheduled date in panel header * Added error message and error indiocator * WIP * review fixes * WIP Adding error reason tag * Added error codes * Moved scheduled post redux code to MM-redux package * Usedd selector factory * WIP: * WIP: * Lint fix * Fixed an incorrect openapi spec file * Removed redundent permission check * Clreaed scheduled post data on logout * Removed unused i18n string: * lint fix * Opened rescheduling modal * Updated graphic for empty state of schduled post list * Added delete scheduled post option and modal * Badge and timezone fix * WIP: * Added send now confirmation modal * lint * Webapp i18n fix * Fixed webapp test * Fixed a bug where DM/GM scheduled posts weren't immideatly showing up in UI * Minor fixes * WIP * Review fixes * Review fixes * Optimisations * Fixed reducer name * Moment optimizatin * Updated route check * MM-60144 - added API to update a scheduled post (#28248) * WIP * Added api and ap layer for update scheduled post ̛̦̄ * Added API to OpenAI specs, Go client and TS client * removed permissio check * Added tests * Fixed tests * Added PreUpdate method on scheduled post model * MM-60131 - Reschedule post integration (#28281) * Handled rescheduling post in webapp * Added error handling * MM-60146 - Delete scheduled post api (#28265) * WIP * Added api and ap layer for update scheduled post ̛̦̄ * Added API to OpenAI specs, Go client and TS client * removed permissio check * Added tests * Fixed tests * Added PreUpdate method on scheduled post model * Added delete scheduled post API * Added API to Go client and OpenAPI specs * Added API to TS client * Added tests * CI * Rmeoved two incorrect code comments * MM-60653 - Integrated delete scheduled post API (#28296) * Integrated delete scheduled apost API * Lint fix * Review fixes * Excluded draft checks from scheduled posts (#28370) * Excluded draft checks from scheduled posts * Added a removed todo * MM-60125 - Scheduled post channel indicator (#28320) * Integrated delete scheduled apost API * Lint fix * Added state for storing scheduled posts by channel ID * Refactored redux store to store scheudled posts by ID, thens tore IDs everywhere * Refactored redux store to store scheudled posts by ID, thens tore IDs everywhere * WIP * Added scheduled post indiocator * Handled single and multiple scheudled posts * Review fixes * Fixed styling and handled center channel, RHS and threads view * Lint fix * i18n fix * Fixed a cycling dependency * Lint fix * Added some more comments * Updated styling * Review fixes * Added common component for remote user time and scheduled post indicator * Updated scheduled post count * Minor change * Moved CSS code around * Fixed a bug where files in scheduled post didn't show up until refresh (#28359) --------- Co-authored-by: Daniel Espino García <larkox@gmail.com> * Scheduled post config (#28485) * Added config * Added config on server and webapp side * Added config check in server and webapp * Added license check * Added license check * Added placeholder help text * Added license check to job * Fixed job test * Review fixes * Updated English text * Review fixes * MM-60118 - Added index on ScheduledPosts table (#28579) * Added index * Updated indexes * Scheduled posts misc fixes (#28625) * Added detailed logging for scheduled post job * Limited scheduled posts processing to 24 hours * Marked old scheduled posts as unable to send * Added t5ests * converted some logs to trace level * Fixed a bug causing error message to show up on deleting a scheduled post in a deleted thread (#28630) * Fixed scheduled posts link in RHS (#28659) * Fixed scheduled posts link in RHS * Review fixes * Fix permission name in scheduled posts by team (#28580) * Fix permission name * fix wording --------- Co-authored-by: Mattermost Build <build@mattermost.com> * FIxed width of generic modal header to fix browser channel modal (#28639) * Only consider error-free scheduled posts for indicator in channel and RHS (#28683) * Show only errro free scheudled posts in post box indicator * Fixed a bug to handle no scheduled posts * Fixed draft and scheudled post UI in mobile view (#28680) * MM-60873 and MM-60872 - Fixed a bug with updating scheduled posts (#28656) * Fixed a bug with updating scheduled posts * Better selectors * MOved shceuled post message length validation to app layer * MM-60732 - Scheduled posts channel link now takes you to the first scheduled post in channel/thread in list (#28768) * Ordered scheudle dposts by schgeudled at nad create at * Ordered in client * Added scroll to target * Removed classname prop * Fixed tests * Added doc * Import fix * MM-60961 - Fixed a bug where API used incoming create at date for scheduled post (#28703) * Fixed a bug where API used incoming create at date for scheduled post * Stopped sending created at value for scheduled post * MM-60785 - Fixed a bug where scheduled posts of channel we are no longer member of didn't show up (#28637) * Fixed a bug where scheduled posts of channel we are no longer member of didn't show up * Added a comment * CI * Used data loader to optimise laoding missing channels * Minor refactoring * MM-60963 - Added common checks for post and scheduled posts (#28713) * Added commen checks for post and scheuled posts * Sanitised scheduled posts * Fixed tests * Splitted post checks into app and context functions * Added checks on scheduiled posts job as well: * i18n fix * Fixed a test * Renamed a func * removed duplicate check * Scheduled posts UI fixes (#28828) * Fixed send button and time picker borders * Fixed center alignment of time picker * Removed on for today and tomorrow * Lint fix * Date time modal hover state fix * Badge fix * Fixed a mnerge issue * Scheduled Post send now and add schedule on draft (#28851) * Added send now option on scheduled posts * Minor refactoring * WIP * WIP * WIP * Lint fix * i18n fix * Snapshot update * Review fixes * Scheduled post inline editing (#28893) * Added send now option on scheduled posts * Minor refactoring * WIP * WIP * WIP * Lint fix * i18n fix * Snapshot update * Displayed editing component in scheduled post * Added handling for updating scheduled post * Handle events * Fixed escape key issue in scheudled post editing * Fixes * Displayed error message for editing error * Don't show mention warning * Handled dev mode (#28918) * MInor fixes * client fix * Fixes * CI * Removed dev mode behaviour temperorily (#29008) --------- Co-authored-by: Daniel Espino García <larkox@gmail.com> Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2024-11-04 01:09:35 -05:00
ScheduledPost:
type: object
properties:
id:
type: string
create_at:
description: The time in milliseconds a scheduled post was created
type: integer
format: int64
update_at:
description: The time in milliseconds a scheduled post was last updated
type: integer
format: int64
user_id:
type: string
channel_id:
type: string
root_id:
type: string
message:
type: string
props:
type: object
file_ids:
type: array
items:
type: string
scheduled_at:
description: The time in milliseconds a scheduled post is scheduled to be sent at
type: integer
format: int64
processed_at:
description: The time in milliseconds a scheduled post was processed at
type: integer
format: int64
error_code:
type: string
description: Explains the error behind why a scheduled post could not have been sent
metadata:
$ref: "#/components/schemas/PostMetadata"
[MM-61756] Attribute Based Access Control - Phase 1 (#30785) Attribute Based Access Control - Base * MM-63662 * MM-63919 * MM-63954 * MM-63955 * MM-63425 * MM-63426 * MM-63458 * MM-63459 * MM-63603 * MM-63845 * MM-64146 * MM-64199 * MM-64201 * MM-64233 * MM-64247 * MM-64268 --------- Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com> Co-authored-by: Pablo Andrés Vélez Vidal <pablovv2012@gmail.com> Co-authored-by: abhijit-singh <abhijitsingh0702@gmail.com> Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com>
2025-05-15 05:33:08 -04:00
AccessControlFieldsAutocompleteResponse:
type: object
properties:
fields:
type: array
items:
type: object
properties:
name:
type: string
description: The name of the field.
description:
type: string
description: A description of the field.
AccessControlPoliciesWithCount:
type: object
properties:
policies:
type: array
items:
$ref: "#/components/schemas/AccessControlPolicy"
total_count:
type: integer
description: The total number of policies.
AccessControlPolicy:
type: object
properties:
id:
type: string
description: The unique identifier of the policy.
name:
type: string
description: The unique name for the policy.
display_name:
type: string
description: The human-readable name for the policy.
description:
type: string
description: A description of the policy.
expression:
type: string
description: The CEL expression defining the policy rules.
is_active:
type: boolean
description: Whether the policy is currently active and enforced.
create_at:
type: integer
format: int64
description: The time in milliseconds the policy was created.
update_at:
type: integer
format: int64
description: The time in milliseconds the policy was last updated.
delete_at:
type: integer
format: int64
description: The time in milliseconds the policy was deleted.
AccessControlPolicySearch:
type: object
properties:
term:
type: string
description: The search term to match against policy names or display names.
Fix issues with access_control_policies/search endpoint functionality and docs (#34564) * Fix issues with access_control_policies/search endpoint functionality and docs * Undo
2025-11-25 14:04:14 -05:00
type:
type: string
description: The type of policy (e.g., 'parent' or 'channel').
parent_id:
type: string
description: The ID of the parent policy to search within.
ids:
type: array
items:
type: string
description: List of policy IDs to filter by.
active:
[MM-61756] Attribute Based Access Control - Phase 1 (#30785) Attribute Based Access Control - Base * MM-63662 * MM-63919 * MM-63954 * MM-63955 * MM-63425 * MM-63426 * MM-63458 * MM-63459 * MM-63603 * MM-63845 * MM-64146 * MM-64199 * MM-64201 * MM-64233 * MM-64247 * MM-64268 --------- Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com> Co-authored-by: Pablo Andrés Vélez Vidal <pablovv2012@gmail.com> Co-authored-by: abhijit-singh <abhijitsingh0702@gmail.com> Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com>
2025-05-15 05:33:08 -04:00
type: boolean
description: Filter policies by active status.
Fix issues with access_control_policies/search endpoint functionality and docs (#34564) * Fix issues with access_control_policies/search endpoint functionality and docs * Undo
2025-11-25 14:04:14 -05:00
include_children:
type: boolean
description: Whether to include child policies in the result.
cursor:
$ref: "#/components/schemas/AccessControlPolicyCursor"
limit:
[MM-61756] Attribute Based Access Control - Phase 1 (#30785) Attribute Based Access Control - Base * MM-63662 * MM-63919 * MM-63954 * MM-63955 * MM-63425 * MM-63426 * MM-63458 * MM-63459 * MM-63603 * MM-63845 * MM-64146 * MM-64199 * MM-64201 * MM-64233 * MM-64247 * MM-64268 --------- Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com> Co-authored-by: Pablo Andrés Vélez Vidal <pablovv2012@gmail.com> Co-authored-by: abhijit-singh <abhijitsingh0702@gmail.com> Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com>
2025-05-15 05:33:08 -04:00
type: integer
Fix issues with access_control_policies/search endpoint functionality and docs (#34564) * Fix issues with access_control_policies/search endpoint functionality and docs * Undo
2025-11-25 14:04:14 -05:00
description: The maximum number of policies to return.
AccessControlPolicyCursor:
type: object
properties:
id:
type: string
description: The ID of the policy to start searching after.
[MM-61756] Attribute Based Access Control - Phase 1 (#30785) Attribute Based Access Control - Base * MM-63662 * MM-63919 * MM-63954 * MM-63955 * MM-63425 * MM-63426 * MM-63458 * MM-63459 * MM-63603 * MM-63845 * MM-64146 * MM-64199 * MM-64201 * MM-64233 * MM-64247 * MM-64268 --------- Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com> Co-authored-by: Pablo Andrés Vélez Vidal <pablovv2012@gmail.com> Co-authored-by: abhijit-singh <abhijitsingh0702@gmail.com> Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com>
2025-05-15 05:33:08 -04:00
AccessControlPolicyTestResponse:
type: object
properties:
users:
type: array
items:
$ref: "#/components/schemas/User"
description: A list of users affected by the policy expression.
total_count:
type: integer
description: The total number of users affected.
ChannelSearch: # Added based on dataretention.yaml and access_control.go usage
type: object
properties:
term:
type: string
description: The string to search in the channel name, display name, and purpose.
team_ids:
type: array
items:
type: string
description: Filters results to channels belonging to the given team ids.
public:
type: boolean
description: Filters results to only return Public / Open channels.
private:
type: boolean
description: Filters results to only return Private channels.
deleted:
type: boolean
description: Filters results to only return deleted / archived channels.
include_deleted:
type: boolean
description: Whether to include deleted channels in the search results.
# Add other potential search fields like not_associated_to_group, exclude_default_channels etc.
ChannelsWithCount: # Added based on access_control.go usage
type: object
properties:
channels:
$ref: "#/components/schemas/ChannelListWithTeamData" # Referencing existing type used in similar contexts
total_count:
type: integer
description: The total number of channels.
ExpressionError:
type: object
properties:
message:
type: string
description: The error message.
field:
type: string
description: The field related to the error, if applicable.
line:
type: integer
description: The line number where the error occurred in the expression.
column:
type: integer
description: The column number where the error occurred in the expression.
QueryExpressionParams:
type: object
properties:
expression:
type: string
description: The policy expression to test.
term:
type: string
description: A search term to filter users against whom the expression is tested.
limit:
type: integer
description: The maximum number of users to return.
after:
type: string
description: The ID of the user to start the test after (for pagination).
Fix issues with access_control_policies/search endpoint functionality and docs (#34564) * Fix issues with access_control_policies/search endpoint functionality and docs * Undo
2025-11-25 14:04:14 -05:00
channelId:
type: string
description: The channel ID to contextually test the expression against (required for channel admins).
[MM-61756] Attribute Based Access Control - Phase 1 (#30785) Attribute Based Access Control - Base * MM-63662 * MM-63919 * MM-63954 * MM-63955 * MM-63425 * MM-63426 * MM-63458 * MM-63459 * MM-63603 * MM-63845 * MM-64146 * MM-64199 * MM-64201 * MM-64233 * MM-64247 * MM-64268 --------- Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com> Co-authored-by: Pablo Andrés Vélez Vidal <pablovv2012@gmail.com> Co-authored-by: abhijit-singh <abhijitsingh0702@gmail.com> Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com>
2025-05-15 05:33:08 -04:00
CELExpression:
type: object
properties:
expression:
type: string
description: The CEL expression to visualize.
Fix issues with access_control_policies/search endpoint functionality and docs (#34564) * Fix issues with access_control_policies/search endpoint functionality and docs * Undo
2025-11-25 14:04:14 -05:00
channelId:
type: string
description: The channel ID to contextually test the expression against (required for channel admins).
[MM-61756] Attribute Based Access Control - Phase 1 (#30785) Attribute Based Access Control - Base * MM-63662 * MM-63919 * MM-63954 * MM-63955 * MM-63425 * MM-63426 * MM-63458 * MM-63459 * MM-63603 * MM-63845 * MM-64146 * MM-64199 * MM-64201 * MM-64233 * MM-64247 * MM-64268 --------- Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com> Co-authored-by: Pablo Andrés Vélez Vidal <pablovv2012@gmail.com> Co-authored-by: abhijit-singh <abhijitsingh0702@gmail.com> Co-authored-by: Harrison Healey <harrisonmhealey@gmail.com>
2025-05-15 05:33:08 -04:00
VisualExpression:
type: object
properties:
conditions:
type: array
items:
$ref: "#/components/schemas/Condition"
description: The visual AST for the CEL expression
Condition:
type: object
properties:
attribute:
type: string
description: The attribute name.
operator:
type: string
description: The operator of a single condition.
value:
type: string
description: The value.
value_type:
type: string
description: The value type.
Added patch channel API doc for channel banner (#32100) * Added patch channel API doc for channel banner * Fixed typo
2025-07-07 01:11:29 -04:00
ChannelBanner:
type: object
properties:
enabled:
type: boolean
description: enabled indicates whether the channel banner is enabled or not
text:
type: string
description: text is the actual text that renders in the channel banner. Markdown is supported.
background_color:
type: string
Migrate content flagging settings to database (#33989) * lint fix * CI * added new migration mocks * Used setup for tests * some comment * Removed unnecesseery nil check * Form validation * WIP tests * WIP tests * WIP tests * fix: mock content flagging config selector with correct reasons format Co-authored-by: aider (anthropic/claude-sonnet-4-20250514) <aider@aider.chat> * fix: add mock for getContentFlaggingConfig in flag post modal test Co-authored-by: aider (anthropic/claude-sonnet-4-20250514) <aider@aider.chat> * Updated error code order in API docs * removed empty files * Added tests * lint fixes * minor tweak * lint fix * type fix * fixed test * nit * test enhancements * API WIP * API WIP * creating values * creating content flagging channel and properties * Able to save properties * Added another property field * WIP * WIP * Added validations * Added data validations and hidden post if confifgured to * lint fixes * Added API spec * Added some tests * Added tests for getContentReviewBot * test: add comprehensive tests for getContentReviewChannels function * Added more app layer tests * Added TestCanFlagPost * test: Add comprehensive tests for FlagPost function * Added all app layer tests * Removed a file that was reamoved downstream * test: add content flagging test file * test: add comprehensive tests for FlagContentRequest.IsValid method * Added model tests * test: add comprehensive tests for SqlPropertyValueStore.CreateMany * test: add comprehensive tests for flagPost() API function * Added API tests * linter fix * WIP * sent post flagging confirmation message * fixed i18n nissues * fixed i18n nissues * CI * WIP * WIP * Added API call * test: add test for Client4.flagPost API call in FlagPostModal * fix: remove userEvent.setup() from flag post modal test * test: wrap submit button click in act for proper state updates * Updated tests * lint fix * Updated test * fix: reset contentFlaggingGroupId for test isolation in content flagging tests * removed cached group ID * removed debug log * CI * Updated to allow special characters in comments * Handled empty comment * Created getContentFlaggingFields API * created getPostPropertyValues API * Used finally * WIP * Created useContentFlaggingFields hook * WIP * WIP * Added option to retain data for reviewers * Displayed deleted post's preview * DIsplayed all properties * Adding field name i18n * WIP - managing i18n able texts * Finished displaying all fields * Manual cleanup * lint fixes * team role filter logic fix * Fixed tests * created new API to fetch flagged posts * lint fix * Added new client methods * test: add comprehensive tests for content flagging APIs * Added new API tests * fixed openapi spec * Fixed DataSpillageReport tests * Fixed PostMarkdown test * Fixed PostPreviewPropertyRenderer test * Added metadata to card renderer * test fixes * Added no comment placeholder * Added view detail button * Created RemoveFlaggedMessageConfirmationModal modal * Added key and remove flag request modal * IMplemented delete flagged post * Handled edge cases of deleting flagged post * keep message * UI integration * Added WS event for post report update and handled deleted files of flagged post * Added error handling in keep/remove forms * i18n fixes * Fixed test * Updated OpenAPI specs * fixed types * fixed types * refactoring * refactor: improve test mocking for data spillage report component * test mock updates * Fixed tests * Updated reducer * not resetting mocks * Added migrations for content flagging tables * Created new structure * review fixes * Used correct ot name * WIP * review fixes * review fixes * Added new property translations * CI * CI * CI * Improved test * fixed test * CI * New UI component * WIP * Updated settings APIs * cached DB data * used cached reviewer data * Updated tests * Lint fixes * test: add tests for saveContentFlaggingSettings and getContentFlaggingSettings APIs * test fix * test: add tests for SaveContentFlaggingConfig and GetContentFlaggingConfigReviewerIDs * Updated tests * test: add content flagging test for local cache layer * test: add comprehensive tests for content flagging store cache * Updated tests * lint fix * Updated mobile text * Added content flagging SQL store mocks * Added API specs for new APIs * fixed tests * feat: add TestContentFlaggingStore function for content flagging store testing * feat: add comprehensive tests for content flagging store * Added SQL store tests * test: add content flagging test for local cache layer * test: add tests for content flagging store caching * Added cache layer tests * Updated tests * Fixed * Handled JSON error * fixes * fixes * Fixed retry layer test * fixerdf i18n * Fixed test * CI * building index concurrently * CI * fixed a test * CI * cleanup * Integrate flag post api (#33798) * WIP * WIP * Added API call * test: add test for Client4.flagPost API call in FlagPostModal * fix: remove userEvent.setup() from flag post modal test * test: wrap submit button click in act for proper state updates * Updated tests * lint fix * CI * Updated to allow special characters in comments * Handled empty comment * Used finally * CI * Fixed test * Spillage card integration (#33832) * Created getContentFlaggingFields API * created getPostPropertyValues API * WIP * Created useContentFlaggingFields hook * WIP * WIP * Added option to retain data for reviewers * Displayed deleted post's preview * DIsplayed all properties * Adding field name i18n * WIP - managing i18n able texts * Finished displaying all fields * Manual cleanup * lint fixes * team role filter logic fix * Fixed tests * created new API to fetch flagged posts * lint fix * Added new client methods * test: add comprehensive tests for content flagging APIs * Added new API tests * fixed openapi spec * Fixed DataSpillageReport tests * Fixed PostMarkdown test * Fixed PostPreviewPropertyRenderer test * Added metadata to card renderer * test fixes * Added no comment placeholder * Fixed test * refactor: improve test mocking for data spillage report component * test mock updates * Updated reducer * not resetting mocks * WIP * review fixes * CI * Fixed * fixes * Content flagging actions implementation (#33852) * Added view detail button * Created RemoveFlaggedMessageConfirmationModal modal * Added key and remove flag request modal * IMplemented delete flagged post * Handled edge cases of deleting flagged post * keep message * UI integration * Added WS event for post report update and handled deleted files of flagged post * Added error handling in keep/remove forms * i18n fixes * Updated OpenAPI specs * fixed types * fixed types * refactoring * Fixed tests * review fixes * Added new property translations * Improved test * fixed test * CI * fixes * CI * fixed a test * CI * Review fixes --------- Co-authored-by: aider (anthropic/claude-sonnet-4-20250514) <aider@aider.chat>
2025-10-13 02:54:01 -04:00
description: background_color is the HEX color code for the banner's background
ContentFlaggingConfig:
type: object
properties:
EnableContentFlagging:
type: boolean
description: Flag to enable or disable content flagging feature
example: true
NotificationSettings:
$ref: '#/components/schemas/NotificationSettings'
AdditionalSettings:
$ref: '#/components/schemas/AdditionalSettings'
ReviewerSettings:
$ref: '#/components/schemas/ReviewerSettings'
NotificationSettings:
type: object
properties:
EventTargetMapping:
$ref: '#/components/schemas/EventTargetMapping'
required:
- EventTargetMapping
EventTargetMapping:
type: object
properties:
assigned:
type: array
items:
type: string
description: List of targets to notify when content is assigned
example: [ ]
dismissed:
type: array
items:
type: string
description: List of targets to notify when content is dismissed
example: [ ]
flagged:
type: array
items:
type: string
description: List of targets to notify when content is flagged
example: [ "reviewers" ]
removed:
type: array
items:
type: string
description: List of targets to notify when content is removed
example: [ ]
required:
- assigned
- dismissed
- flagged
- removed
AdditionalSettings:
type: object
properties:
Reasons:
type: array
items:
type: string
description: Predefined reasons for flagging content
example: [ "reason 1", "reason 2", "reason 3" ]
ReporterCommentRequired:
type: boolean
description: Whether a comment is required from the reporter
example: false
ReviewerCommentRequired:
type: boolean
description: Whether a comment is required from the reviewer
example: false
HideFlaggedContent:
type: boolean
description: Whether to hide flagged content from general view
example: true
required:
- Reasons
- ReporterCommentRequired
- ReviewerCommentRequired
- HideFlaggedContent
ReviewerSettings:
type: object
properties:
CommonReviewers:
type: boolean
description: Whether to use common reviewers across all teams
example: true
SystemAdminsAsReviewers:
type: boolean
description: Whether system administrators can act as reviewers
example: false
TeamAdminsAsReviewers:
type: boolean
description: Whether team administrators can act as reviewers
example: true
CommonReviewerIds:
type: array
items:
type: string
description: List of user IDs designated as common reviewers
example: [ "onymzj7qcjnz7dcnhtjp1noc3w" ]
TeamReviewersSetting:
type: object
additionalProperties:
$ref: '#/components/schemas/TeamReviewerConfig'
description: Team-specific reviewer configuration, keyed by team ID
example:
"8guxic3sg7nijeu5dgxt1fh4ia":
Enabled: true
ReviewerIds: [ ]
"u1ujk34a47gfxp856pdczs9gey":
Enabled: false
ReviewerIds: [ ]
required:
- CommonReviewers
- SystemAdminsAsReviewers
- TeamAdminsAsReviewers
- CommonReviewerIds
- TeamReviewersSetting
TeamReviewerConfig:
type: object
properties:
Enabled:
type: boolean
description: Whether team-specific reviewers are enabled for this team
example: true
ReviewerIds:
type: array
items:
type: string
description: List of user IDs designated as reviewers for this specific team
example: [ ]
required:
- Enabled
- ReviewerIds
[MM-65956] Tweak auto add to make it consistent with child policies (#33990)
2025-11-19 15:18:45 -05:00
AccessControlPolicyActiveUpdateRequest:
type: object
properties:
entries:
type: array
items:
$ref: "#/components/schemas/AccessControlPolicyActiveUpdate"
AccessControlPolicyActiveUpdate:
type: object
properties:
id:
type: string
description: The ID of the policy.
active:
type: boolean
description: The active status of the policy.
[MM-66359] Recaps MVP (#34337) * initial commit for POC of Plugin Bridge * Updates * POC for plugin bridge * Updates from collaboration * Fixes * Refactor Plugin Bridge to use HTTP/REST instead of RPC - Remove ExecuteBridgeCall hook and Context.SourcePluginId - Implement HTTP-based bridge using existing PluginHTTP infrastructure - Add CallPlugin API method with endpoint parameter instead of method name - Update CallPluginBridge to construct HTTP POST requests - Add proper headers: Mattermost-User-Id, Mattermost-Plugin-ID - Use 'com.mattermost.server' as plugin ID for core server calls - Update ai.go to use REST endpoint /inter-plugin/v1/completion - Add comprehensive spec documentation in server/spec.md - Add MIGRATION_GUIDE.md for plugin developers - Fix 401/404 issues by setting correct headers and URL paths * Improve Plugin Bridge security and architecture - Create ServeInternalPluginRequest for internal plugin calls (core + plugin-to-plugin) - Move header-setting logic from CallPluginBridge to ServeInternalPluginRequest - Improve separation of concerns: business logic vs HTTP transport - Add security documentation explaining header protection Security Improvements: - ServeInternalPluginRequest is NOT exposed as HTTP route (internal only) - Headers (Mattermost-User-Id, Mattermost-Plugin-ID) are set by trusted server code - External requests cannot spoof these headers (stripped by servePluginRequest) - Core calls use 'com.mattermost.server' as plugin ID for authorization - Plugin-to-plugin calls use real plugin ID (enforced by server) Backward Compatibility: - Keep ServeInterPluginRequest for existing API.PluginHTTP callers (deprecated) - All tests pass Docs: - Update spec.md with security model explanation - Update MIGRATION_GUIDE.md with correct header usage examples * Space * cursor please stop creating markdown files * Fix style * Fix i18n, linter * REMOVE MARKDOWN * Remove CallPlugin method from plugin API interface Per review feedback, this method is no longer needed. Co-authored-by: Nick Misasi <nickmisasi@users.noreply.github.com> * Remove CallPlugin method implementation from PluginAPI Co-authored-by: Nick Misasi <nickmisasi@users.noreply.github.com> * fixes * Add AI OpenAPI spec * fix openapi spec * Use agents client (#34225) * Use agents client * Remove default agent * Fixes * fix: modify system prompts to ensure JSON is being returned * Base implementation for recaps working * small fixes * Adjustments * remove webapp changes * Add feature flags for rewrites and ai bridge, clean up * Remove comments that aren't helpful * Fix i18n * Remove rewrites * Fix tests * Fix i18n * adjust i18n again * Add back translations * Remove leftover mock code * remove model file * Changes from PR review * Make the real substitutions * Include a basic invokation of the client with noop to ensure build works * more fix * Remove unneeded change * Updates from review * Fixes * Remove some logic from rewrites to clean up branch * Use v1.5.0 of agents plugin * A bunch more additions for general UX flow * Add missing files * Add mocks * Fixes for vet-api, i18n, build, types, etc * One more linter fix * Fix i18n and some tests * Refactors and cleanup in backend code * remove rogue markdown file * fixes after refactors from backend * Add back renamed files, and add tests * More self code review * More fixes * More refactors * Fix call stack exceeded bug * Include read messages if there are no unreads * Fix test failure: use correct error message key for recap permission denied The getRecapAndCheckOwnership function was using strings.ToLower(callerName) to generate error keys, which caused 'GetRecap' to become 'getrecap' instead of the expected 'get'. Changed to use the correct static key that matches the en.json localization file. Fixes TestGetRecap/get_recap_by_non-owner test failure. Co-authored-by: Nick Misasi <nickmisasi@users.noreply.github.com> * Consolidate permission errors down to a single string * Fixes for i18n, worktrees making this difficult * Fix i18n * Fix i18n once and for all (for real) (final) * Fix duplicate getAgents method in client4.ts * Remove duplicate ai state from initial_state.ts * Fix types * Fix tests * Fix return type of GetAgents and GetServices * Add tests for recaps components * Fix types * Update i18n * Fixes * Fixes * More cleanup * Revert random file * Use undefined * fix linter * Address feedback * Missed a git add * Fixes * Fix i18n * Remove fallback * Fixes for PR --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Nick Misasi <nickmisasi@users.noreply.github.com> Co-authored-by: Christopher Speller <crspeller@gmail.com> Co-authored-by: Felipe Martin <me@fmartingr.com> Co-authored-by: Mattermost Build <build@mattermost.com>
2026-01-13 11:59:22 -05:00
Recap:
type: object
properties:
id:
type: string
description: Unique identifier for the recap
user_id:
type: string
description: ID of the user who created the recap
title:
type: string
description: AI-generated title for the recap (max 5 words)
create_at:
type: integer
format: int64
description: The time in milliseconds the recap was created
update_at:
type: integer
format: int64
description: The time in milliseconds the recap was last updated
delete_at:
type: integer
format: int64
description: The time in milliseconds the recap was deleted
read_at:
type: integer
format: int64
description: The time in milliseconds the recap was marked as read
total_message_count:
type: integer
description: Total number of messages summarized across all channels
status:
type: string
enum: [pending, processing, completed, failed]
description: Current status of the recap job
bot_id:
type: string
description: ID of the AI agent/bot used to generate this recap
channels:
type: array
items:
$ref: "#/components/schemas/RecapChannel"
description: List of channel summaries included in this recap
RecapChannel:
type: object
properties:
id:
type: string
description: Unique identifier for the recap channel
recap_id:
type: string
description: ID of the parent recap
channel_id:
type: string
description: ID of the channel that was summarized
channel_name:
type: string
description: Display name of the channel
highlights:
type: array
items:
type: string
description: Key discussion points and important information from the channel
action_items:
type: array
items:
type: string
description: Tasks, todos, and action items mentioned in the channel
source_post_ids:
type: array
items:
type: string
description: IDs of the posts used to generate this summary
create_at:
type: integer
format: int64
description: The time in milliseconds the recap channel was created
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com>
2023-06-27 10:10:13 -04:00
externalDocs:
description: Find out more about Mattermost
url: 'https://about.mattermost.com'
security:
- bearerAuth: []
Reference in a new issue Copy permalink