* Refactor property system with app layer routing and access control separation
Establish the app layer as the primary entry point for property operations
with intelligent routing based on group type. This architecture separates
access-controlled operations (CPA groups) from standard operations,
improving performance and code clarity.
Architecture Changes:
- App layer now routes operations based on group type:
- CPA groups -> PropertyAccessService (enforces access control)
- Non-CPA groups -> PropertyService (direct, no access control)
- PropertyAccessService simplified to handle only CPA operations
- Eliminated redundant group type checks throughout the codebase
* Move access control routing into PropertyService
This change makes the PropertyService the main entrypoint for property
related operations, and adds a routing mechanism to decide if extra
behaviors or checks should run for each operation, in this case, the
property access service logic.
To add specific payloads that pluggable checks and operations may
need, we use the request context. When the request comes from the API,
the endpoints are in charge of adding the caller ID to the payload,
and in the case of the plugin API, on receiving a request, the server
automatically tags the context with the plugin ID so the property
service can react accordingly.
Finally, the new design enforces all these checks migrating the actual
property logic to internal, non-exposed methods, so any caller from
the App layer needs to go through the service checks that decide if
pluggable logic is needed, avoiding any possibility of a bypass.
* Fix i18n
* Fix bad error string
* Added nil guards to property methods
* Add check for multiple group IDs on value operations
* Add nil guard to the plugin checker
* Fix build error
* Update value tests
* Fix linter
* Adds early return when content flaggin a thread with no replies
* Fix mocks
* Clean the state of plugin property tests before each run
* Do not wrap appErr on API response and fix i18n
* Fix create property field test
* Remove the need to cache cpaGroupID as part of the property service
* Split the property.go file into multiple
* Not found group doesn't bypass access control check
* Unexport SetPluginCheckerForTests
* Rename plugin context getter to be more PSA specific
---------
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
Updates all Custom Profile Attribute endpoints and app layer methods to pass caller user IDs through to the PropertyAccessService. This connects the access control service introduced in #34812 to the REST API, Plugin API, and internal app operations.
Also updates the OpenAPI spec to document the new field attributes (protected, source_plugin_id, access_mode) and adds notes about protected field restrictions.
* Adds default values to the attrs of CPA fields and refactors the app layer
* Fix mmctl tests
* Fix types and linter
* Fix model test
---------
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
Co-authored-by: Mattermost Build <build@mattermost.com>
* TestPool
* Store infra
* Store tests updates
* Bump maximum concurrent postgres connections
* More infra
* channels/jobs
* channels/app
* channels/api4
* Protect i18n from concurrent access
* Replace some use of os.Setenv
* Remove debug
* Lint fixes
* Fix more linting
* Fix test
* Remove use of Setenv in drafts tests
* Fix flaky TestWebHubCloseConnOnDBFail
* Fix merge
* [MM-62408] Add CI job to generate test coverage (#30284)
* Add CI job to generate test coverage
* Remove use of Setenv in drafts tests
* Fix flaky TestWebHubCloseConnOnDBFail
* Fix more Setenv usage
* Fix more potential flakyness
* Remove parallelism from flaky test
* Remove conflicting env var
* Fix
* Disable parallelism
* Test atomic covermode
* Disable parallelism
* Enable parallelism
* Add upload coverage step
* Fix codecov.yml
* Add codecov.yml
* Remove redundant workspace field
* Add Parallel() util methods and refactor
* Fix formatting
* More formatting fixes
* Fix reporting
* Prevents the API from updating synced CPA values
The patch functions for CPA values now accept a parameter that checks
if they should allow for synced values to be updated, and prevent
those updates if necessary
* Fix linter
* Fix parameter after merge
---------
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
This change automatically removes options and sync attributes when
sanitizing fields that don't support them. As per values, it returns
an error when the value for a text type field is longer than the 64
characters limit we're currently applying.
The PR fixes a bug on the create CPA field endpoint that was causing
the attrs of the CPAField not to be decoded correctly.
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
* Move the sanitization and validation of CPA values to the model
* Fix CI
* Use proper IDs instead of strings
---------
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
Co-authored-by: Mattermost Build <build@mattermost.com>
* test: Add unit tests for custom profile attributes select options
* feat: Add custom profile attributes model with validation and constants
* refactor: Trim spaces from name and color in custom profile attribute select option constructor
* gofmt
* refactor: Fix typo in custom profile attributes select option function name
* feat: Add IsValid method to validate CustomProfileAttributesSelectOptions
* refactor: Replace map[string]bool with map[string]struct{} for key existence check
* refactor: Rename NewCustomProfileAttributeSelectOption to NewCustomProfileAttributesSelectOption
* feat: Add validation to prevent empty custom profile attribute options
* refactor: Add validation and creation methods for custom profile attributes
* feat: Add index number to validation error messages in custom profile attributes
* fix tests
* add default visibility
* feat: Add comprehensive test cases for custom profile attributes field validation
* fix: Update custom profile attributes map keys to use capitalized names
* feat: Add support for lowercase and title case keys in custom profile attributes map
* test: Add comprehensive test for NewCustomProfileAttributesSelectOptionFromMap
* feat: Add validation for custom profile attributes fields
* refactor: Update CustomProfileAttributesSelectOption constructor to prioritize ID parameter
* test: Add test cases for preserving IDs in custom profile attributes
* feat: Enhance ID validation and trimming in custom profile attributes
* don't do validation in constructor
* test: Add test case for preserving option IDs when patching select field
* improve test
* i18n
* refactor: Modify CustomProfileAttributesSelectOption to use lowercase JSON keys
* fix casing in custom profilte attributes test
* refactor: Use consistent "ValidateCPAField" in error messages for custom profile attributes
* use custom types rather than string
* lint
* fix api test
* refactor: Make color field optional in custom profile attributes
* style
* generic options
* removed unused i18n
* test: Add tests for NewCPAFieldFromPropertyField and CPAFieldToPropertyField
* test: Add test case for property field with empty attributes
* refactor: Cleanup whitespace and remove empty Attrs in custom profile attributes test
* test: Add test case for CPA field with empty attributes
* refactor: Improve custom profile attributes field handling and validation
* refactor: Move validateCustomProfileAttributesField to Validate method on CPAField struct
* use CPAField
* code style
* add validation and tests
* tests
* i18n
* err->appErr
* fix TestDeleteCPAField test
* i18n
* Add SAML and LDAP attr
* rename CustomProfileAttributes in method to CPA
* rename CPASortOrder method
* rearrange consts
* use Len test method
* sanitize and validate
* manage error the same way property field and value do
* fix: Update test error ID for custom profile attributes validation
* test: Update error ID expectations in custom profile attributes tests
* refactor: Convert CPAAttrs.SortOrder from string to int
* json uses float64
* feat: Add length validation for custom profile attribute option name and color
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* Adds websocket messages to Custom Profile Attributes
The app layer now fires a websocket event as part of the operations
over Custom Profile Attribute fields and values. It updates as well
the Patch method for CPA values so all the changes are commited as
part of the same transaction.
To be able to do this last operation, the change adds methods to
upsert CPA values in both the store and the property service.
* Fix i18n strings
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>
* refactor: Move property value sanitization to model layer
* feat: Add value sanitization for custom profile attributes
* refactor: Update custom profile attributes to use json.RawMessage
* refactor: Update patchCustomProfileAttribute to handle json.RawMessage directly
* refactor: Refactor custom profile attributes handler with improved validation
* refactor: Rename `patchCustomProfileAttribute` to `patchCPAValues`
* refactor: Replace ReturnJSON with json.NewEncoder and add error logging
* feat: Add encoding/json import to property_value.go
* refactor: Update property value tests to use json.RawMessage
* fix: Convert string value to json.RawMessage in property value test
* fix: Convert string literals to json.RawMessage in property value tests
* fix: Add missing encoding/json import in custom_profile_attributes.go
* fix: Preserve JSON RawMessage type in listCPAValues function
* fix: Update custom profile attributes test to use json.RawMessage
* feat: Add json import to custom_profile_attributes_test.go
* refactor: Update ListCPAValues and PatchCPAValues to use json.RawMessage
* refactor: Rename `actualValue` to `updatedValue` in custom profile attributes test
* refactor: Improve user permission and audit logging for custom profile attributes patch
* refactor: Optimize CPA field lookup by using ListCPAFields() and map
* fix: Correct user ID reference in custom profile attributes patch endpoint
* refactor: Change patchCPAValues to use map[string]json.RawMessage for results
* refactor: format and fix tests
* test: Add comprehensive unit tests for sanitizePropertyValue function
* test: Add test case for invalid property value type
* feat: Use `model.NewId()` to generate valid IDs in custom profile attributes tests
* refactor: Replace hardcoded IDs with dynamic variables in custom profile attributes test
* refactor: restore variable name
* refactor: drop undesired changes
* chore: refresh app layers
* feat: Update API definition to support string or string array values for custom profile attributes
* test: Add test cases for multiselect custom profile attribute values
* test: Add tests for multiselect custom profile attribute values
* test: Isolate array value test in separate t.Run
* test: Add test case for multiselect array values in custom profile attributes
* refactor: Move array value test from TestCreateCPAField to TestPatchCPAValue
* test: Update custom profile attributes test assertions
* test: add test case for handling array values in GetCPAValue
* test: Add array value tests for property value store
* refactor(store): no need to convert to json the rawmessage
* chore: lint
* i18n
* use model to interface with sqlx
* fix: Allow empty strings for text, date, and select profile attributes
* refactor: Filter out empty strings in multiselect and multiuser fields
* refactor: Update multiuser field sanitization to validate and error on invalid IDs
* refactor: Simplify sanitizePropertyValue function with reduced code duplication
* fix: Allow empty user ID in custom profile attribute sanitization
* refactor: Convert comment-based subtests to nested t.Run in TestSanitizePropertyValue
* refactor: Convert comment-based subtests to nested t.Run tests in TestSanitizePropertyValue
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* Adds Custom Profile Attributes feature license and API endpoints check
* Fix linter
* Remove the specific license feature and fallback to checking for license presence
* Add translation
* Update the checks and tests to enable endpoints only for Enterprise licenses
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* Adds the main Property System Architecture components
This change adds the necessary migrations for the Property Groups,
Fields and Values tables to be created, the store layer and a Property
Service that can be used from the app layer.
* Adds Custom Profile Attributes endpoints and app layer
* implement get and patch cpa values
* run i18n-extract
* Update property field type to use user instead of person
* Update PropertyFields to allow for unique nondeleted fields and remove redundant indexes
* Update PropertyValues to allow for unique nondeleted fields and remove redundant indexes
* Use StringMap instead of the map[string]any on property fields
* Add i18n strings
* Revert "Use StringMap instead of the map[string]any on property fields"
This reverts commit e2735ab0f8.
* Cast JSON binary data to string and add todo note for StringMap use
* Add mocks to the retrylayer tests
* Cast JSON binary data to string in property value store
* Check for binary parameter instead of casting to string for JSON data
* Fix bad merge
* Check property field type is one of the allowed ones
* Avoid reusing err variable to be explicit about the returned value
* Merge Property System Migrations into one file
* Adds NOT NULL to timestamps at the DB level
* Update stores to use tableSelectQuery instead of a slice var
* Update PropertyField model translations to be more explicit and avoid repetition
* Update PropertyValue model translations to be more explicit and avoid repetition
* Use ExecBuilder instead of ToSql&Exec
* Update property field errors to add context
* Ensure PerPage is greater than zero
* Update store errors to give more context
* Use ExecBuilder in the property stores where possible
* Add an on conflict suffix to the group register to avoid race conditions
* Remove user profile API documentation changes
* Update patchCPAValues endpoint and docs to return the updated information
* Merge two similar error conditions
* Use a route function for ListCPAValues
* Remove badly used translation string
* Remove unused get in register group method
* Adds input sanitization and validation to the CPA API endpoints
* Takes login outside of one test case to make it clear it affects multiple t.Runs
* Fix wrap error and return code when property field has been deleted
* Fix receiver name
* Adds comment to move the CPA group ID to the db cache
* Set the PerPage of CPA fields to the fields limit
* Update server/channels/app/custom_profile_attributes_test.go
Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
* Standardize group ID access
* Avoid polluting the state between tests
* Use specific errors for the retrieval of CPA group
---------
Co-authored-by: Scott Bishel <scott.bishel@mattermost.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
