1104 commits

Author	SHA1	Message	Date
Nick Misasi	cbdf5536fd	Add structured JSON output for recap summarization (#35496) ... * Add structured outputs, response sanitization, and session context for recaps - Wrap BridgeClient to strip markdown code fencing from LLM JSON responses, using explicit delegation to prevent unsanitized methods from leaking - Add JSONOutputFormat schema to SummarizePosts for structured LLM output - Pass user session in recap worker context for session-dependent code paths - Pre-parse min plugin version semver at package level to avoid repeated parsing - Hoist static JSON schema to package-level var to avoid per-call allocation Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Fix stripMarkdownCodeFencing to handle single-line fenced payloads Address CodeRabbit feedback: the function previously returned the original string when fenced JSON had no newline (e.g. ```json {"a":1}```), which would break downstream JSON parsing. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Handle case/spacing variants for single-line fenced language tags Address CodeRabbit feedback: use case-insensitive comparison for the "json" language tag and check for whitespace separator, so inputs like ```JSON {"a":1}``` are handled correctly. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Revert BridgeClient wrapper and keep only structured output changes Remove the BridgeClient wrapper, stripMarkdownCodeFencing, and semver pre-parse from agents.go. The scope of this PR is limited to adding JSONOutputFormat structured outputs for recaps and the worker session context fix. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Fix lint: use any instead of interface{} and fix gofmt formatting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-05 19:06:05 +00:00
Felipe Martin	7e7a1b582f	fix: only match root-level JSONL files when importing a zip (#35481) ... * fix: only match root-level JSONL files when importing a zip When importing a Mattermost export zip, the code iterated over all files to find the first .jsonl by extension. Exported attachments under data/ could themselves be .jsonl files, causing the import to pick an attachment as the manifest instead of the actual root-level JSONL file. Extract an IsRootJsonlFile helper in the imports package and use it in the import process worker, mmctl validator, and bulk import test to restrict the search to files with no directory component. * test: add integration test for import with nested JSONL decoy file Verify that BulkImportWithPath correctly picks the root-level JSONL manifest and ignores a decoy .jsonl inside a subdirectory, covering the fix from ad7f230f06.	2026-03-05 15:20:17 +01:00
Devin Binnie	885ebdd4f1	[MM-67425] Add an unsupported Desktop App setting and screen for users (#35382) ... * [MM-67425] Add an unsupported Desktop App setting and screen for users * Remove console.log statements * Fix e2e test config * Add e2e test * PR feedback * Update server/channels/web/static.go Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * PR feedback * Fix i18n * PR feedback * PR feedback * PR feedback * Gofmt --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>	2026-03-04 15:16:11 +00:00
Miguel de la Cruz	062abe90bd	Includes deleted remote cluster infos to correctly show shared user information (#35192) ... * Includes deleted remote cluster infos to correctly show shared user information * Addressing review comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-04 14:46:10 +01:00
Ben Schumacher	60fbce7d03	[MM-67671] Add CJK Post search support for PostgreSQL (#35260) ... Add LIKE-based CJK (Chinese, Japanese, Korean) search support for PostgreSQL, gated behind a `CJKSearch` feature flag. PostgreSQL's built-in full-text search (`to_tsvector`/`to_tsquery`) does not support CJK languages because it relies on whitespace-based tokenization, which doesn't work for logographic/syllabic scripts that don't use spaces between words. This PR adds a `LIKE`-based fallback for search terms containing CJK characters. **How it works:** When the `CJKSearch` feature flag is enabled and a search term contains CJK characters (Han, Hiragana, Katakana, or Hangul), the query builder generates `LIKE '%term%'` clauses instead of `to_tsvector @@ to_tsquery` expressions. Case-sensitive `LIKE` is used rather than `ILIKE` since CJK scripts have no letter casing, which also allows potential use of standard B-tree indexes.	2026-02-25 10:18:51 -05:00
Harshil Sharma	b96f7c1a8d	Content flagging actions implementation tests (#35035) ... * Added tests for TestGetFlaggingConfiguration * added tests for RemoveFlaggedPost * added tests for KeepFlaggedPost * Added tests for scrubPost and keep flagged post APp layer functions * Added tests for DeleteAllForPost * added tests for DeleteAllPostRemindersForPost * Added tests for DataSpillageFooter * Added tests for KeepRemoveFlaggedMessageConfirmationModal * Added tests for KeepRemoveFlaggedMessageConfirmationModal * Fixed lint errors * lint fix * Fixed query param * fixed tests * Used middleware to check for content flagging basic checks * Added TestRequireContentFlaggingEnabled * Updated tests * refactoring to reduce code duplication * review fixes --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-23 06:15:40 +05:30
Ben Cooke	100cde3a1a	[MM-67587] Exclude system messages from autotranslation queue (#35267)	2026-02-20 15:09:23 -05:00
David Krauser	c45ba96139	[MM-67565] Prevent setting protected=true on fields without source_plugin_id (#35265) ... Add validation to block updates that would create orphaned protected fields (protected=true but no source_plugin_id), which cannot be modified by anyone. Includes test coverage for single and bulk update paths.	2026-02-19 10:39:33 -05:00
Andre Vasconcelos	5f9ecb7e55	MM-67091 Fixing notification titles rendering encoded values as-is (#35001) ... * fix: ensuring that webapp and mobile notifications decode special characters * fix: linter error * Replacing anonymous function with existing utility to escape regex * Added missing characters to webapp handling, excluded markdown renderer from being affected - Added tests that explicitly check for script injection	2026-02-19 13:44:36 +02:00
Pablo Vélez	71780f4e0a	MM-66909 - Fix BoR sender not seeing priority label on new post (#34964) ... * MM-66909 - Fix BoR sender not seeing priority label on new post * Use RequestContextWithMaster for BoR priority fetching * fix linter * Add BoR post priority unit test * unique error code and remove webapp workaround * fix translation * remove unnecessary line --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-17 20:10:30 -05:00
Scott Bishel	ad39398eee	Add support for channel mentions in webhook attachments (#34235) ... * Add support for channel mentions in webhook attachments Implement client-side channel mention rendering in incoming webhook attachments. Channel mentions (~channel-name) now render as clickable links in attachment content fields (pretext, text, field values) while correctly remaining as plain text in title/label fields.	2026-02-16 13:31:32 -07:00
Felipe Martin	1be8a68dd7	feat: pluginapi: filewillbedownloaded / sendtoastmessage (#34596) ... * feat: filewillbedonwloaded hook * feat: error popup * chore: make generated pluginapi * tests * feat: different errors for different download types * feat: allow toast positions * fix: avoid using deprecated i18n function * feat: add plugin API to show toasts * feat: downloadType parameter * tests: updated tests * chore: make check-style * chore: i18n * chore: missing fields in tests * chore: sorted i18n for webapp * chore: run mmjstool * test: fixed webapp tests with new changes * test: missing mocks * fix: ensure one-file attachments (previews) are handler properly as thumbnails * chore: lint * test: added new logic to tests * chore: lint * Add SendToastMessage API and FileWillBeDownloaded hook - Introduced SendToastMessage method for sending toast notifications to users with customizable options. - Added FileWillBeDownloaded hook to handle file download requests, allowing plugins to control access to files. - Updated related types and constants for file download handling. - Enhanced PluginSettings to include HookTimeoutSeconds for better timeout management. * Update webapp/channels/src/components/single_image_view/single_image_view.tsx Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * chore: copilot reviews * test: head requests * chore: linted the webapp * tests: fixed path * test: fixed mocked args * allow sending message to a connection directly * fix: hook thread safety * chore: formatting * chore: remove configuration from system console * chore: release version * chore: update signature * chore: update release version * chore: addressed comments * fix: update file rejection handling to use 403 Forbidden status and include rejection reason header * Fix nil pointer panic in runFileWillBeDownloadedHook The atomic.Value in runFileWillBeDownloadedHook can be nil if no plugins implement the FileWillBeDownloaded hook. This causes a panic when trying to assert the nil interface to string. This fix adds a nil check before the type assertion, defaulting to an empty string (which allows the download) when no hooks have run. Fixes: - TestUploadDataMultipart/success panic - TestUploadDataMultipart/resume_success panic * test: move the logout test last * chore: restored accidential deletion * chore: lint * chore: make generated * refactor: move websocket events to new package * chore: go vet * chore: missing mock * chore: revert incorrect fmt * chore: import ordering * chore: npm i18n-extract * chore: update constants.tsx from master * chore: make i18n-extract * revert: conflict merge * fix: add missing isFileRejected prop to SingleImageView tests * fix: mock fetch in SingleImageView tests for async thumbnail check The component now performs an async fetch to check thumbnail availability before rendering. Tests need to mock fetch and use waitFor to handle the async state updates. * refactor: move hook logic to app layer * chore: update version to 11.5 * Scope file download rejection toast to the requesting connection Thread the Connection-Id header through RunFileWillBeDownloadedHook and sendFileDownloadRejectedEvent so the WebSocket event is sent only to the connection that initiated the download, instead of all connections for the user. --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2026-02-16 17:10:39 +01:00
catalintomai	8738f8c4b3	MM-67099 - Membership Sync fix (#35230)	2026-02-16 16:05:04 +01:00
Sven Hüster	65d42edf75	fix guest user import when guest user doesn't have any memberships (#30975) ... * fix guest user import when guest user doesn't have any memberships This PR fixes an issue where a guest user without channel or team memberships is not being imported and the importer will then throw an error and abort. Key changes: 1. Updated validateGuestRoles function to allow system guests without any teams/channels 2. Improved error handling with specific error messages for different validation failures 3. Updated tests to reflect new behavior allowing system guests with no team memberships 4. Added new i18n error messages for better user feedback 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * Extract i18n strings and update English locale - Ran 'make i18n-extract' to extract translation strings from source code - Alphabetically sorted translation keys in server/i18n/en.json - Moved guest user validation error messages to proper alphabetical positions - Removed obsolete/unused translation entries for cleaner locale file Co-authored-by: Jesse Hallam <lieut-data@users.noreply.github.com> * Revert "Extract i18n strings and update English locale" This reverts commit 9d3887cb2e. * actually fix i18n, needs enterprise access * add integration test for importing guest user without team/channel memberships --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Jesse Hallam <lieut-data@users.noreply.github.com> Co-authored-by: Jesse Hallam <jesse@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-16 09:40:49 -04:00
Doug Lauder	944c345687	Fix /share-channel slash command failing on non-leader HA nodes (#35292) ... The Active() check was incorrectly preventing the slash command from working on non-leader nodes in HA clusters. Active() only returns true on the cluster leader (which runs the sync loop), but slash commands can be routed to any node via the load balancer. A nil check is sufficient to verify the service is licensed and configured.	2026-02-16 09:49:49 +01:00
Ben Cooke	96899133c0	[MM-67487] Fix posts since endpoint for auto translations (#35198)	2026-02-13 15:07:14 -05:00
M-ZubairAhmed	cd8b22af99	[MM-65979] Add Prometheus metrics for plugin webapp performance (#35075)	2026-02-13 18:07:54 +05:30
Pablo Vélez	e46bea673d	MM-67312: Restrict Burn-on-Read for self DMs and bot users (#35116) ... * MM-67312: Restrict Burn-on-Read for self DMs and bot users * fix lint issues * use utility function to make code more reliable * add test case for deleted user and handle restrictively that scenario * fix i18n * Allow bots to send BoR; block only self-DMs & DMs with bots * Refactor BoR validation to API layer with individual params * adjust comment * Fix BoR validation to fail-closed when context unavailable * Fix variable shadowing in CreatePost burn-on-read validation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * remove translation entry * fix linter --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Claude <noreply@anthropic.com>	2026-02-12 14:10:05 -05:00
Harshil Sharma	9cb5f15c79	Changes for BoR post soft-deletion (#35100) ... * Draft changes for BoR post soft-deletion * Handled the case for author's BoR post read receipt * lint fix * Updated text * Updated tests * review fixes * review fixes * Paginated and batched temperory post deletion * Updated test * unmocked store * logged instead of erroring out * i18n fix * review fixes	2026-02-12 05:25:49 -05:00
Doug Lauder	61b7fc1594	MM-66789: Include log viewer (system console) in log root path validation (#35221) ... * Include log viewer (system console) in log root path validation * Add informative message to log viewer when no logs are displayed ----- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-11 12:58:58 -05:00
Daniel Espino García	1c7246da68	Autotranslation Frontend integration (#34717) ... * AutoTranslate config settings * comment out Agents provider * Add auto translate timeout config validation * i18n messages for autotranslation config validation * fix test * validate url for libreTranslate * Feedback review * Admin Console UI for Auto-Translation * fix admin console conditional section display * i18n * removed unintentional change Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * update admin.general.localization.autoTranslateProviderDescription newline * fix lint * Fix types * UX feedback review * fix typo in i18n * Fix AutoTranslation feature flag * feedback review * Fix test default values * feedback review * re-add isHidden property to feature discovery * Database Migrations, Indexes and Methods for Auto-Translation * i18n * fix retrylayer and storetest * Fix search query * fix lint * remove the request.CTX and modify Translation model * fix lint and external url * Add settings to playwright * Add empty as a valid value for the Provider * Update jsonb queries * Fix queries and add model methods * fix go lint * go lint fix 2 * fix db migrations * feedback review + store cache * increase migration number * cleanup autotranslation store cache * use NULL as objectType for posts * fix bad merge * fix tests * add missing i18n * Active WebSocket Connection User Tracking * copilot feedback and fix styles * remove duplicate calls * remove early return to mitigate timing attacks * Switch prop bags column to boolean * fix lint * fix tests * Remove database search * use Builder methods * review feedback * AutoTranslation interface with Core Translation Logic * update timeouts to use short/medium/long translations * external exports * add configured languages to autotranslations * added post prop for detected language * fix bugs for storing translation and call translation service * clean up interface * add translations to GetPost repsonses and in the create post response * use metadata for translation information and add new column for state of a translation * change websocket event name * change metadata to a map * single in memory queue in the cluster leader * remove unused definition * Revert "remove unused definition" This reverts commit e3e50cef30. * remove webhub changes * remove last webhub bit * tidy up interface * Frontend integration * tidy up * fix api response for translations * Add Agents provider for auto translations (#34706) * Add LLM backed autotranslation support * Remove AU changes * Remove orphaned tests for deleted GetActiveUserIDsForChannel The GetActiveUserIDsForChannel function was removed from PlatformService as part of the autotranslations refactoring, but its tests were left behind causing linter/vet errors. This removes the orphaned test code: - BenchmarkGetActiveUserIDsForChannel - TestGetActiveUserIDsForChannel - waitForActiveConnections helper 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Add missing i18n translations and fix linter errors - Add 17 missing translation strings for autotranslation feature - Fix shadow variable declarations in post.go and autotranslation.go - Remove unused autoQueueMaxAge constant - Remove unused setupWithFastIteration test function - Use slices.Contains instead of manual loop - Use maps.Copy instead of manual loop - Remove empty if branch 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix tests * Fixes for PR review * add files * Update webapp/channels/src/components/admin_console/localization/localization.scss Co-authored-by: Matthew Birtch <mattbirtch@gmail.com> * fixes * Fixes * Didn't save * Add a translation * Fix translations * Fix shadow err --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Matthew Birtch <mattbirtch@gmail.com> * tidy up code for review * add support for editing posts * i18n-extract * i18n * Rename show translations and add util to get message * Fix get posts, migrations, websockets and configuration styles * Fix CI * i18n-extract * Fix webapp tests * Address UX feedback * i18n-extract * Fix lint * updated shimmer animation, fixed issue with the width on compact icon buttons * fix migrations * fix markdown masking for bold, italics and strikethrough * Address feedback * Add missing changes * Fix and add tests * Fix circular dependencies * lint * lint * lint and i18n * Fix lint * Fix i18n * Minor changes * Add check for whether the channel is translated or not for this user * Fix lint and add missing change * Fix lint * Fix test * Remove uneeded console log * Fix duplicated code * Fix small screen show translation modal * Remove interactions on show translation modal * Disable auto translation when the language is not supported * Fix typo * Fix copy text * Fix updating autotranslation for normal users * Fix autotranslate button showing when it shouldn't * Fix styles * Fix test * Fix frontend member related changes * Revert post improvements and remove duplicated code from bad merge * Address feedback * Fix test and i18n * Fix e2e tests * Revert lingering change from post improvements * Fix lint --------- Co-authored-by: Elias Nahum <nahumhbl@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: BenCookie95 <benkcooke@gmail.com> Co-authored-by: Nick Misasi <nick.misasi@mattermost.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Matthew Birtch <mattbirtch@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-10 17:21:01 +01:00
Christopher Poile	24957f5e22	[MM-63393] Add support for preferred_username claims (#30852) ... * rebased all prev commits into one (see commit desc) add UsePreferredUsername support to gitlab; tests resort en.json update an out of date comment webapp i18n simplify username logic new arguments needed in tests debug statements -- revert * merge conflicts * fix i18n --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-10 10:10:27 -05:00
Ben Cooke	76b3528c2b	[MM-67231] Etag fixes for autotranslations (#35196)	2026-02-09 18:32:26 -05:00
Pablo Vélez	74b5fb066c	MM-67022 - Implement ExpireAt handling for BoR sender to persist countdown (#34796) ... * MM-67022 - Implement ExpireAt handling for BoR sender to persist countdown * enhance read receipt caching, invalidate unread count cache and add GetUnreadCountForPost method * Use dedicated cache for read receipt unread counts * fix vet lint * fix format * Fix BoR sender countdown after reload in clustered setup * Fix cache bypass for BoR sender countdown on clustered servers --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com>	2026-02-09 15:47:27 -05:00
Andre Vasconcelos	13a0d63b3c	MM-67372: Improve link preview metadata handling and filtering (#35178) ... * MM-67372: Filter SVG images from OpenGraph metadata to prevent DoS This commit adds server-side filtering of SVG images from OpenGraph metadata to mitigate a DoS vulnerability where malicious SVG images in og:image tags can crash Chromium-based browsers and Safari. Changes: - Add IsSVGImageURL() helper function in model package to detect SVG URLs - Filter SVG images in parseOpenGraphMetadata() for regular HTML pages - Filter SVG images in parseOpenGraphFromOEmbed() for oEmbed responses - Add defense-in-depth filtering in TruncateOpenGraph() and getImagesForPost() - Add comprehensive tests for all SVG filtering functionality SVG detection is based on: - File extension (.svg, .svgz) - case-insensitive - MIME type (image/svg+xml) Reference: https://issues.chromium.org/issues/40057345 * MM-67372: Filter SVG images from cache/DB and direct SVG URLs This commit addresses remaining attack vectors for the SVG DoS vulnerability: 1. Cache/DB filtering: Apply TruncateOpenGraph when returning OpenGraph from cache or database to filter stale data that was stored before the initial fix was deployed. 2. Direct SVG URLs: Filter PostImage entries with Format="svg" to prevent browser crashes when someone posts a direct link to an SVG file. 3. Embed creation: Skip creating image embeds for SVG images and create link embeds instead. 4. New SVG detection: Return nil instead of creating PostImage when fetching direct SVG URLs to prevent storing them in the database. These changes ensure that even environments with pre-existing malicious link metadata will be protected after a server restart. * MM-67372: Fix test expectation for SVG image handling * Removed duplicate logic in favor of already implemented FilterSVGImages in model * Addressing PR comments * Replacing exact match comparison with prefix check * Added new test cases for unit tests	2026-02-09 16:26:14 +02:00
Ibrahim Serdar Acikgoz	b947f1c38a	Add fileSize limit to extractors (#35200)	2026-02-09 15:22:30 +01:00
Alejandro García Montoro	139ff4ded2	Fix permissions in GetGroupsByNames (#35119) ... The reliance on ViewUsersRestrictions was causing a SQL bug, since the original query did not join with the Users table. Instead, use model.GroupSearchOpts to rely on AllowReference, which should be used to filter the results in all cases, except when the user is a sysadmin (has the PermissionSysconsoleReadUserManagementGroups permission). Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-09 10:13:48 +00:00
David Krauser	1cfe3d92b6	[MM-66836] Integrate PropertyAccessService into API and app layers (#34818) ... Updates all Custom Profile Attribute endpoints and app layer methods to pass caller user IDs through to the PropertyAccessService. This connects the access control service introduced in #34812 to the REST API, Plugin API, and internal app operations. Also updates the OpenAPI spec to document the new field attributes (protected, source_plugin_id, access_mode) and adds notes about protected field restrictions.	2026-02-06 18:06:51 -05:00
David Krauser	63c3c70fe9	[MM-66836] Add some access control mechanisms with a wrapper around the property service (#34812) ... Custom profile attributes (properties) in Mattermost need to support security-critical use cases like Attribute-Based Access Control (ABAC), external identity system synchronization, and privacy-preserving collaboration. Without access controls on these properties, any user or component could modify property fields and values, making them unsuitable for security decisions. Additionally, different properties require different visibility patterns - some need to be publicly readable, some should only be visible to their managing system, and some require privacy-preserving visibility where users can only see shared values. This change introduces the PropertyAccessService, a wrapper around PropertyService that enforces access control for all property operations. This service is introduced in isolation and is not yet hooked up to the Plugin API, REST API, or app layer. It provides the foundation for a single enforcement point that will apply access restrictions consistently across all code paths once integrated.	2026-02-06 16:21:51 -05:00
Daniel Espino García	2bd29c0359	Add the ability to patch channel autotranslations (#35078) ... * Add the ability to patch channel autotranslations * Fix lint * Update docs * Fix CI * Fix CI * Fix mmctl test * Check whether the channel is translated for the user when checking user enabled * Fix wrong uses of patch acrros e2e and frontend * Fix test * Fix wording * Fix tests and column name * Move group constrained test so they don't mess with the basic entities * Fix patch sending too much information	2026-02-06 18:19:06 +01:00
Ibrahim Serdar Acikgoz	c31fe3f244	invalidate channel cache after deleting a channel access control policy (#35174)	2026-02-05 21:45:11 +01:00
Ben Cooke	9ac02ecfdd	Update translation primary key to include objectType (#35040)	2026-02-05 15:00:08 -05:00
Daniel Espino García	1273632d1a	Add endpoint to update channel member autotranslations (#35072) ... * Add endpoint to update channel member autotranslations * Add several improvements and remove unneeded functions * Add user id to audit record * Ensure autotranslation is defined * Update texts * Fix merge * Add new column for channel member autotranslations (#35111) * Minor renamings --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Ben Cooke <benkcooke@gmail.com>	2026-02-05 13:43:50 +01:00
Ibrahim Serdar Acikgoz	a06d5065e7	apply view restrcitions while fetching group members (#35172)	2026-02-05 12:45:57 +01:00
Nick Misasi	0263262ef4	MM-66577 Preserve locale in rewrite prompt (#35013) ... * Preserve rewrite locale in prompt * Add license header to rewrite tests	2026-02-03 11:32:03 -05:00
Ben Cooke	36479bd721	Configurable workers and move sweeper job to job infra (#35007)	2026-02-02 15:52:42 -05:00
Harshil Sharma	990e9b34bf	Removed initial BOR post reveal WS event for post author (#34939) ... * Removed initial BOR post reveal WS event for post author * restored package lock --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-02 16:16:50 +05:30
Jesse Hallam	5bb5261c72	MM-67279: Fix private channel enumeration via /mute slash command (#35099) ... * MM-67279: Fix private channel enumeration via /mute slash command Return the same error message when a user tries to mute a channel they are not a member of as when the channel doesn't exist. This prevents authenticated users from discovering private channels by observing different error responses. * update i18n --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-30 14:43:23 +00:00
Nick Misasi	fe4100956c	[MM-66581] Include some thread context in AI Rewrites prompt (#34931) ... * Include last root, and most recent 10 posts in a thread with the rewrite system prompt * Include user's names in the thread context for better reference * Revert package-lock to master * Fix tests	2026-01-30 09:14:06 -05:00
Doug Lauder	7f6a98fd7a	MM-66789 Restrict log downloads to a root path for support packets (#35014) ... * [MM-66789] Fix arbitrary file read vulnerability in advanced logging Add path validation to prevent reading files outside the logging root directory via GetAdvancedLogs (used in support packet generation). Security controls: - Validate file paths are within logging root before reading - Support MM_LOG_PATH environment variable to allow system admins to configure a custom logging root directory - Resolve symlinks to prevent bypass attacks - Detect and block path traversal attempts Also adds: - Audit logging for support packet generation - Config-time validation that logs errors for paths outside logging root (will become blocking in future version) - Comprehensive test coverage for path validation * Update server/channels/app/platform/log_test.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * fix linter errors * Update server/channels/api4/system.go Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com> * Simplify unit tests for platform/log_test.go by moving some test logic to config/logger_test.go * Fix unit tests requiring logging root to be set * enforce LogSettings.FileLocation path validation; simplify path checking * fix linter errors * use dir in logging root for all unit test logging * MM_LOG_PATH is set once, centrally, for all tests * fix flaky test * fix flaky test --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com>	2026-01-29 13:29:55 -05:00
Jesse Hallam	1346cf529a	MM-67274: Fix panic in getBrowserVersion with empty User-Agent version (#35098) ... * MM-67274: Fix panic in getBrowserVersion with empty User-Agent version Refactor getBrowserVersion to use a table-driven approach that centralizes bounds checking, preventing panic when User-Agent strings contain identifiers like "Mattermost Mobile/" with no version token. * Refactor user agent tests to use structured test cases Move expected values into the testUserAgent struct for clarity, making it easier to see what each test case expects at a glance.	2026-01-29 13:12:35 -05:00
Alejandro García Montoro	7201f42d95	MM-67277: Add check to legacy hasher (#35092) ... * Add check to legacy hasher * Make the linter happy	2026-01-29 17:47:48 +01:00
Christopher Poile	168fb51666	[MM-67202] Validate auth method in account switch (#34981) ... * fix account authorization type switch * improve test clarity * refactor tests for clarity	2026-01-29 16:14:19 +00:00
Christopher Poile	eeaf9c8e3e	Fix bad merge (#35079)	2026-01-27 15:50:38 -05:00
Christopher Poile	fe3052073d	[MM-67074] Integration Action memory use fix (#34896)	2026-01-27 11:54:11 -05:00
Ibrahim Serdar Acikgoz	ced9a56e39	[MM-67126] Deprecate UpdateAccessControlPolicyActiveStatus API in favor of new one (#34940)	2026-01-27 15:49:08 +01:00
Harshil Sharma	c6b205f0d7	Fixed WS payload for post burn event (#34936) ... * Handled WS payload * increased WS faliure timeout to elliminate flakiness * lint fix --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-27 11:57:06 +05:30
Ben Cooke	a1c85007e1	Autotranslations MVP (#34696) ... --------- Co-authored-by: Elias Nahum <nahumhbl@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Nick Misasi <nick.misasi@mattermost.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Matthew Birtch <mattbirtch@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-26 17:05:34 -05:00
Ibrahim Serdar Acikgoz	df00184250	fix merge defect on server/channels/app/post_test.go (#35057)	2026-01-26 13:33:51 +01:00
Alejandro García Montoro	7bbf8c71a2	Add missing check (#35034)	2026-01-24 13:55:59 +01:00
Christopher Poile	9efe617be8	MM-67055: Fix permalink embeds in WebSocket messages (#34893)	2026-01-23 16:11:16 -05:00
Ben Schumacher	ed3a7e8539	Add trigger field to command execution logs (#34950) ... Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-21 11:31:05 +01:00
Jesse Hallam	41e5c7286b	Remove vestigial MySQL support (#34865) ... * Remove legacy quoteColumnName() utility Since Mattermost only supports PostgreSQL, the quoteColumnName() helper that was designed to handle database-specific column quoting is no longer needed. The function was a no-op that simply returned the column name unchanged. Remove the function from utils.go and update status_store.go to use the "Manual" column name directly. * Remove legacy driver checks from store.go Since Mattermost only supports PostgreSQL, remove conditional checks for different database drivers: - Simplify specialSearchChars() to always return PostgreSQL-compatible chars - Remove driver check from computeBinaryParam() - Remove driver check from computeDefaultTextSearchConfig() - Simplify GetDbVersion() to use PostgreSQL syntax directly - Remove switch statement from ensureMinimumDBVersion() - Remove unused driver parameter from versionString() * Remove MySQL alternatives for batch delete operations Since Mattermost only supports PostgreSQL, remove the MySQL-specific DELETE...LIMIT syntax and keep only the PostgreSQL array-based approach: - reaction_store.go: Use PostgreSQL array syntax for PermanentDeleteBatch - file_info_store.go: Use PostgreSQL array syntax for PermanentDeleteBatch - preference_store.go: Use PostgreSQL tuple IN subquery for DeleteInvalidVisibleDmsGms * Remove MySQL alternatives for UPDATE...FROM syntax Since Mattermost only supports PostgreSQL, remove the MySQL-specific UPDATE syntax that joins tables differently: - thread_store.go: Use PostgreSQL UPDATE...FROM syntax in MarkAllAsReadByChannels and MarkAllAsReadByTeam - post_store.go: Use PostgreSQL UPDATE...FROM syntax in deleteThreadFiles * Remove MySQL alternatives for JSON and subquery operations Since Mattermost only supports PostgreSQL, remove the MySQL-specific JSON and subquery syntax: - thread_store.go: Use PostgreSQL JSONB operators for updating participants - access_control_policy_store.go: Use PostgreSQL JSONB @> operator for querying JSON imports - session_store.go: Use PostgreSQL subquery syntax for Cleanup - job_store.go: Use PostgreSQL subquery syntax for Cleanup * Remove MySQL alternatives for CTE queries Since Mattermost only supports PostgreSQL, simplify code that uses CTEs (Common Table Expressions): - channel_store.go: Remove MySQL CASE-based fallback in UpdateLastViewedAt and use PostgreSQL CTE exclusively - draft_store.go: Remove driver checks in DeleteEmptyDraftsByCreateAtAndUserId, DeleteOrphanDraftsByCreateAtAndUserId, and determineMaxDraftSize * Remove driver checks in migrate.go and schema_dump.go Simplify migration code to use PostgreSQL driver directly since PostgreSQL is the only supported database. * Remove driver checks in sqlx_wrapper.go Always apply lowercase named parameter transformation since PostgreSQL is the only supported database. * Remove driver checks in user_store.go Simplify user store functions to use PostgreSQL-only code paths: - Remove isPostgreSQL parameter from helper functions - Use LEFT JOIN pattern instead of subqueries for bot filtering - Always use case-insensitive LIKE with lower() for search - Remove MySQL-specific role filtering alternatives * Remove driver checks in post_store.go Simplify post_store.go to use PostgreSQL-only code paths: - Inline getParentsPostsPostgreSQL into getParentsPosts - Use PostgreSQL TO_CHAR/TO_TIMESTAMP for date formatting in analytics - Use PostgreSQL array syntax for batch deletes - Simplify determineMaxPostSize to always use information_schema - Use PostgreSQL jsonb subtraction for thread participants - Always execute RefreshPostStats (PostgreSQL materialized views) - Use materialized views for AnalyticsPostCountsByDay - Simplify AnalyticsPostCountByTeam to always use countByTeam * Remove driver checks in channel_store.go Simplify channel_store.go to use PostgreSQL-only code paths: - Always use sq.Dollar.ReplacePlaceholders for UNION queries - Use PostgreSQL LEFT JOIN for retention policy exclusion - Use PostgreSQL jsonb @> operator for access control policy imports - Simplify buildLIKEClause to always use LOWER() for case-insensitive search - Simplify buildFulltextClauseX to always use PostgreSQL to_tsvector/to_tsquery - Simplify searchGroupChannelsQuery to use ARRAY_TO_STRING/ARRAY_AGG * Remove driver checks in file_info_store.go Simplify file_info_store.go to use PostgreSQL-only code paths: - Always use PostgreSQL to_tsvector/to_tsquery for file search - Use file_stats materialized view for CountAll() - Use file_stats materialized view for GetStorageUsage() when not including deleted - Always execute RefreshFileStats() for materialized view refresh * Remove driver checks in attributes_store.go Simplify attributes_store.go to use PostgreSQL-only code paths: - Always execute RefreshAttributes() for materialized view refresh - Remove isPostgreSQL parameter from generateSearchQueryForExpression - Always use PostgreSQL LOWER() LIKE LOWER() syntax for case-insensitive search * Remove driver checks in retention_policy_store.go Simplify retention_policy_store.go to use PostgreSQL-only code paths: - Remove isPostgres parameter from scanRetentionIdsForDeletion - Always use pq.Array for scanning retention IDs - Always use pq.Array for inserting retention IDs - Remove unused json import * Remove driver checks in property stores Simplify property_field_store.go and property_value_store.go to use PostgreSQL-only code paths: - Always use PostgreSQL type casts (::text, ::jsonb, ::bigint, etc.) - Remove isPostgres variable and conditionals * Remove driver checks in channel_member_history_store.go Simplify PermanentDeleteBatch to use PostgreSQL-only code path: - Always use ctid-based subquery for DELETE with LIMIT * Remove remaining driver checks in user_store.go Simplify user_store.go to use PostgreSQL-only code paths: - Use LEFT JOIN for bot exclusion in AnalyticsActiveCountForPeriod - Use LEFT JOIN for bot exclusion in IsEmpty * Simplify fulltext search by consolidating buildFulltextClause functions Remove convertMySQLFullTextColumnsToPostgres and consolidate buildFulltextClause and buildFulltextClauseX into a single function that takes variadic column arguments and returns sq.Sqlizer. * Simplify SQL stores leveraging PostgreSQL-only support - Simplify UpdateMembersRole in channel_store.go and team_store.go to use UPDATE...RETURNING instead of SELECT + UPDATE - Simplify GetPostReminders in post_store.go to use DELETE...RETURNING - Simplify DeleteOrphanedRows queries by removing MySQL workarounds for subquery locking issues - Simplify UpdateUserLastSyncAt to use UPDATE...FROM...RETURNING instead of fetching user first then updating - Remove MySQL index hint workarounds in ORDER BY clauses - Update outdated comments referencing MySQL - Consolidate buildFulltextClause and remove convertMySQLFullTextColumnsToPostgres * Remove MySQL-specific test artifacts - Delete unused MySQLStopWords variable and stop_word.go file - Remove redundant testSearchEmailAddressesWithQuotes test (already covered by testSearchEmailAddresses) - Update comment that referenced MySQL query planning * Remove MySQL references from server code outside sqlstore - Update config example and DSN parsing docs to reflect PostgreSQL-only support - Remove mysql:// scheme check from IsDatabaseDSN - Simplify SanitizeDataSource to only handle PostgreSQL - Remove outdated MySQL comments from model and plugin code * Remove MySQL references from test files - Update test DSNs to use PostgreSQL format - Remove dead mysql-replica flag and replicaFlag variable - Simplify tests that had MySQL/PostgreSQL branches * Update docs and test config to use PostgreSQL - Update mmctl config set example to use postgres driver - Update test-config.json to use PostgreSQL DSN format * Remove MySQL migration scripts, test data, and docker image Delete MySQL-related files that are no longer needed: - ESR upgrade scripts (esr.*.mysql.*.sql) - MySQL schema dumps (mattermost-mysql-*.sql) - MySQL replication test scripts (replica-*.sh, mysql-migration-test.sh) - MySQL test warmup data (mysql_migration_warmup.sql) - MySQL docker image reference from mirror-docker-images.json * Remove MySQL references from webapp - Simplify minimumHashtagLength description to remove MySQL-specific configuration note - Remove unused HIDE_MYSQL_STATS_NOTIFICATION preference constant - Update en.json i18n source file * clean up e2e-tests * rm server/tests/template.load * Use teamMemberSliceColumns() in UpdateMembersRole RETURNING clause Refactor to use the existing helper function instead of hardcoding the column names, ensuring consistency if the columns are updated. * u.id -> u.Id * address code review feedback --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-20 21:01:59 +00:00
Christopher Poile	dcda5304ff	Suppress SiteURL log error when in CI or local_testing mode (#34982)	2026-01-20 14:58:08 -05:00
Daniel Espino García	b5a816a657	Add audits for accessing posts without membership (#31266) ... * Add audits for accessing posts without membership * Fix tests * Use correct audit level * Address feedback * Add missing checks all over the app * Fix lint * Fix test * Fix tests * Fix enterprise test * Add missing test and docs * Fix merge * Fix lint * Add audit logs on the web socket hook for permalink posts * Fix lint * Fix merge conflicts * Handle all events with "non_channel_member_access" parameter * Fix lint and tests * Fix merge * Fix tests	2026-01-20 10:38:27 +01:00
Nick Misasi	b2f93dec1a	[MM-67118] Add Agents to @ mention autocomplete in channel (#34881) ... * Add support for autocomplete of plugin-created bots * stashing * Add support for including agents in the autocomplete list for @ mentions * Change server response to be users rather than interface * fix	2026-01-19 16:10:57 -05:00
Pablo Vélez	be3b5d4b7c	MM-66092 - enhance user permissions data structure validations (#34654) ... * MM-66092 - enhance permissions validations * Remove unnecessary empty role updates from tests * Strengthen scheme role validation in member role updates including imports --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-16 10:59:07 -04:00
Christopher Poile	38b413a276	MM-67077: Remove PSD file previews (#34898) ... * remove image preview support for PSD files * remove psd as a supported image type in webapp * remove unneeded comments	2026-01-15 13:39:46 -05:00
Nick Misasi	8e4cadbc88	[MM-66359] Recaps MVP (#34337) ... * initial commit for POC of Plugin Bridge * Updates * POC for plugin bridge * Updates from collaboration * Fixes * Refactor Plugin Bridge to use HTTP/REST instead of RPC - Remove ExecuteBridgeCall hook and Context.SourcePluginId - Implement HTTP-based bridge using existing PluginHTTP infrastructure - Add CallPlugin API method with endpoint parameter instead of method name - Update CallPluginBridge to construct HTTP POST requests - Add proper headers: Mattermost-User-Id, Mattermost-Plugin-ID - Use 'com.mattermost.server' as plugin ID for core server calls - Update ai.go to use REST endpoint /inter-plugin/v1/completion - Add comprehensive spec documentation in server/spec.md - Add MIGRATION_GUIDE.md for plugin developers - Fix 401/404 issues by setting correct headers and URL paths * Improve Plugin Bridge security and architecture - Create ServeInternalPluginRequest for internal plugin calls (core + plugin-to-plugin) - Move header-setting logic from CallPluginBridge to ServeInternalPluginRequest - Improve separation of concerns: business logic vs HTTP transport - Add security documentation explaining header protection Security Improvements: - ServeInternalPluginRequest is NOT exposed as HTTP route (internal only) - Headers (Mattermost-User-Id, Mattermost-Plugin-ID) are set by trusted server code - External requests cannot spoof these headers (stripped by servePluginRequest) - Core calls use 'com.mattermost.server' as plugin ID for authorization - Plugin-to-plugin calls use real plugin ID (enforced by server) Backward Compatibility: - Keep ServeInterPluginRequest for existing API.PluginHTTP callers (deprecated) - All tests pass Docs: - Update spec.md with security model explanation - Update MIGRATION_GUIDE.md with correct header usage examples * Space * cursor please stop creating markdown files * Fix style * Fix i18n, linter * REMOVE MARKDOWN * Remove CallPlugin method from plugin API interface Per review feedback, this method is no longer needed. Co-authored-by: Nick Misasi <nickmisasi@users.noreply.github.com> * Remove CallPlugin method implementation from PluginAPI Co-authored-by: Nick Misasi <nickmisasi@users.noreply.github.com> * fixes * Add AI OpenAPI spec * fix openapi spec * Use agents client (#34225) * Use agents client * Remove default agent * Fixes * fix: modify system prompts to ensure JSON is being returned * Base implementation for recaps working * small fixes * Adjustments * remove webapp changes * Add feature flags for rewrites and ai bridge, clean up * Remove comments that aren't helpful * Fix i18n * Remove rewrites * Fix tests * Fix i18n * adjust i18n again * Add back translations * Remove leftover mock code * remove model file * Changes from PR review * Make the real substitutions * Include a basic invokation of the client with noop to ensure build works * more fix * Remove unneeded change * Updates from review * Fixes * Remove some logic from rewrites to clean up branch * Use v1.5.0 of agents plugin * A bunch more additions for general UX flow * Add missing files * Add mocks * Fixes for vet-api, i18n, build, types, etc * One more linter fix * Fix i18n and some tests * Refactors and cleanup in backend code * remove rogue markdown file * fixes after refactors from backend * Add back renamed files, and add tests * More self code review * More fixes * More refactors * Fix call stack exceeded bug * Include read messages if there are no unreads * Fix test failure: use correct error message key for recap permission denied The getRecapAndCheckOwnership function was using strings.ToLower(callerName) to generate error keys, which caused 'GetRecap' to become 'getrecap' instead of the expected 'get'. Changed to use the correct static key that matches the en.json localization file. Fixes TestGetRecap/get_recap_by_non-owner test failure. Co-authored-by: Nick Misasi <nickmisasi@users.noreply.github.com> * Consolidate permission errors down to a single string * Fixes for i18n, worktrees making this difficult * Fix i18n * Fix i18n once and for all (for real) (final) * Fix duplicate getAgents method in client4.ts * Remove duplicate ai state from initial_state.ts * Fix types * Fix tests * Fix return type of GetAgents and GetServices * Add tests for recaps components * Fix types * Update i18n * Fixes * Fixes * More cleanup * Revert random file * Use undefined * fix linter * Address feedback * Missed a git add * Fixes * Fix i18n * Remove fallback * Fixes for PR --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Nick Misasi <nickmisasi@users.noreply.github.com> Co-authored-by: Christopher Speller <crspeller@gmail.com> Co-authored-by: Felipe Martin <me@fmartingr.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-13 11:59:22 -05:00
Jesse Hallam	65d69b0498	Use testify ElementsMatch instead of sorting slices before comparison (#34899) ... Simplifies test code by using ElementsMatch which handles order-independent slice comparison. Removes custom sort implementations and manual sorting that was only needed for equality checks. Co-authored-by: Mattermost Build <build@mattermost.com>	2026-01-13 11:40:03 -04:00
Ben Schumacher	43bfdbfd1b	[MM-66840] Add CPU cores and total memory to Support Packet (#34658) ... * [MM-66840] Add CPU cores and total memory to support packet Add system resource information to support packet diagnostics to help with troubleshooting and capacity analysis. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Clarify that memory is in MB * Add comment clarifying CPU/memory are host values Clarifies that the CPU cores and total memory values in the support packet represent the host machine's resources, not any container limits that may be configured in Docker or Kubernetes environments. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>	2026-01-13 16:23:32 +01:00
Andre Vasconcelos	d9123c33f1	MM-67037 Skipping flaky test TestAddChannelMemberNoUserRequestor (#34805) ... * Skipping flaky test flagged in PR#34803 * Skipping flaky test for JIRA issue MM-67041	2026-01-12 11:06:09 +02:00
Rajat Dabade	c7f6efdfb0	Guest cannot add file to post without upload_file permission (#34538) ... * Guest cannot add file to post without upload_file permission * Move checks to api layer, addd checks in update patch post scheduled post * Minor * Linter fixes * i18n translations * removed the duplicated check from scheduled_post app layer * Move scheduled post permission test from app layer to API layer The permission check for updating scheduled posts belonging to other users was moved from the app layer to the API layer in the PR. This commit moves the corresponding test to the API layer to match. * Move scheduled post delete permission check to API layer Move the permission check for deleting scheduled posts from the app layer to the API layer, consistent with update permission check. Also enhance API tests to verify posts aren't modified after forbidden operations. * Fix inconsistent status code for non-existent scheduled post Return StatusNotFound instead of StatusInternalServerError when a scheduled post doesn't exist in UpdateScheduledPost, matching the API layer behavior. * Fix flaky TestAddUserToChannelCreatesChannelMemberHistoryRecord test Use ElementsMatch instead of Equal to compare user ID slices since the order returned from GetUsersInChannelDuring is not guaranteed. --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Jesse Hallam <jesse@mattermost.com>	2026-01-07 10:40:05 -04:00
Rajat Dabade	0481bd1fb0	Fliter post in search api with no read content channel permission (#34620) ... * Fliter post in search api with no read content channel permission * Added test * Review comments * reverted the unnecessary code * linter fixes * Fix filter functions to handle non-existent channels gracefully When filtering posts/files by channel permissions, GetChannels() returns a 404 error if all requested channels don't exist. This caused the entire filter operation to fail. Now we ignore 404 errors and continue processing, allowing non-existent channels to be filtered out as expected. --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Jesse Hallam <jesse@mattermost.com>	2026-01-07 10:21:55 -04:00
Joram Wilander	d844530496	Fix copyright date and address for email footers (#34813) ... * Fix copyright date and address for email footers * Update footer for email template	2026-01-05 13:59:37 -05:00
M-ZubairAhmed	cc427af41b	[MM-66827] Omit invite_id from team creation response based on permissions (#34693)	2026-01-05 13:48:19 +00:00
Harshil Sharma	7c94aed6ba	Added debug log to indicate the job is not running as the node is not a leader node (#34701) ... * Added debug log to indicate the job is not running as the node is not cluster node * Setting log level to info for debugging test server issue * testing * Removed debugging code --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2025-12-18 10:16:48 +05:30
Ibrahim Serdar Acikgoz	bbac501431	fix build error (#34783)	2025-12-17 16:19:09 +00:00
Ibrahim Serdar Acikgoz	1c68d36a03	Filter burn on read posts from search results (#34747)	2025-12-17 16:23:26 +01:00
Pablo Vélez	2bb714a8e1	MM-66948: Filter expired BoR from flagged posts (#34744) ... Co-authored-by: Mattermost Build <build@mattermost.com>	2025-12-17 11:45:44 +01:00
Ibrahim Serdar Acikgoz	7dce49ee84	Fix an issue where files for BoR messages were not properly deleted (#34743)	2025-12-17 10:19:04 +01:00
Jesse Hallam	6404ab29ac	MM-66424: Improve team filtering in common teams API (#34454) ... * add Client4.GetDirectOrGroupMessageMembersCommonTeams * Improve team filtering in common teams API Filter the common teams to only include teams the requesting user is a member of, ensuring proper access control. * simplify GetDirectOrGroupMessageMembersCommonTeamsAsUser	2025-12-15 15:06:48 -04:00
Jesse Hallam	54f2e9b4af	MM-66943: Fix SavePluginConfig wiping other plugins' configs (#34733)	2025-12-12 16:45:51 -04:00
Daniel Espino García	4c25967c17	[MM-66799] Remove magic link users password (#34616) ... Co-authored-by: Mattermost Build <build@mattermost.com>	2025-12-12 16:25:38 +01:00
Harshil Sharma	61651b0df7	User id auth control (#34441) ... * Disabled user ID auth if email and username login are disabled * Added tests * lint fix --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2025-12-12 10:53:46 +05:30
Jesse Hallam	6ef73af2cc	MM-65960: Avoid replica race lag when accessing TelemetryID (#34586) ... * avoid replica race lag when remembering ServerID In an HA environment, with a master and read replica, querying the server id from the store runs the risk of returning a value saved to master but not yet replicated. Avoid this by using the telemetry service value directly when available. Fixes: MM-65960 * Add Get(ByName)WithContext * explicitly use master for ServerId * mock GetByNameWithContext * more mocking * more mocks	2025-12-11 17:34:36 -04:00
Daniel Espino García	2884751a85	[MM-66708] Disallow interacting with password and login method for magic link accounts (#34615) ... * [MM-66708] Disallow interacting with password and login method for magic link accounts * Fix test and update getLoginType response --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2025-12-11 17:38:39 +01:00
Jesse Hallam	219530c82c	Add fast test hasher to speed up CI tests (#34707) ... The production password hasher uses PBKDF2 with 600,000 iterations, which is slow especially when combined with race detection. This adds a fast test hasher (work factor 1) that can be used during tests to speed up user creation. The fast hasher is only available in non-production builds via build tags, ensuring it cannot be used in production.	2025-12-11 09:46:21 -04:00
Ibrahim Serdar Acikgoz	084006c0ea	[MM-61758] Burn on read feature (#34703) ... * Add read receipt store for burn on read message types * update mocks * fix invalidation target * have consistent case on index creation * Add temporary posts table * add mock * add transaction support * reflect review comments * wip: Add reveal endpoint * user check error id instead * wip: Add ws events and cleanup for burn on read posts * add burn endpoint for explicitly burning messages * add translations * Added logic to associate files of BoR post with the post * Added test * fixes * disable pinning posts and review comments * MM-66594 - Burn on read UI integration (#34647) * MM-66244 - add BoR visual components to message editor * MM-66246 - BoR visual indicator for sender and receiver * MM-66607 - bor - add timer countdown and autodeletion * add the system console max time to live config * use the max expire at and create global scheduler to register bor messages * use seconds for BoR config values in BE * implement the read by text shown in the tooltip logic * unestack the posts from same receiver and BoR and fix styling * avoid opening reply RHS * remove unused dispatchers * persis the BoR label in the drafts * move expiration value to metadata * adjust unit tests to metadata insted of props * code clean up and some performance improvements; add period grace for deletion too * adjust migration serie number * hide bor messages when config is off * performance improvements on post component and code clean up * keep bor existing post functionality if config is disabled * Add read receipt store for burn on read message types * Add temporary posts table * add transaction support * reflect review comments * wip: Add reveal endpoint * user check error id instead * wip: Add ws events and cleanup for burn on read posts * avoid reacting to unrevealed bor messages * adjust migration number * Add read receipt store for burn on read message types * have consistent case on index creation * Add temporary posts table * add mock * add transaction support * reflect review comments * wip: Add reveal endpoint * user check error id instead * wip: Add ws events and cleanup for burn on read posts * add burn endpoint for explicitly burning messages * adjust post reveal and type with backend changes * use real config values, adjust icon usage and style * adjust the delete from from sender and receiver * improve self deleting logic by placing in badge, use burn endpoint * adjust websocket events handling for the read by sender label information * adjust styling for concealed and error state * update burn-on-read post event handling for improved recipient tracking and multi-device sync * replace burn_on_read with type in database migrations and model * remove burn_on_read metadata from PostMetadata and related structures * Added logic to associate files of BoR post with the post * Added test * adjust migration name and fix linter * Add read receipt store for burn on read message types * update mocks * have consistent case on index creation * Add temporary posts table * add mock * add transaction support * reflect review comments * wip: Add reveal endpoint * user check error id instead * wip: Add ws events and cleanup for burn on read posts * add burn endpoint for explicitly burning messages * Added logic to associate files of BoR post with the post * Added test * disable pinning posts and review comments * show attachment on bor reveal * remove unused translation * Enhance burn-on-read post handling and refine previous post ID retrieval logic * adjust the returning chunk to work with bor messages * read temp post from master db * read from master * show the copy link button to the sender * revert unnecessary check * restore correct json tag * remove unused error handling and clarify burn-on-read comment * improve type safety and use proper selectors * eliminate code duplication in deletion handler * optimize performance and add documentation * delete bor message for sender once all receivers reveal it * add burn on read to scheduled posts * add feature enable check * use master to avoid all read recipients race condition --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com> Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com> * squash migrations into single file * add configuration for the scheduler * don't run messagehasbeenposted hook * remove parallel tests on burn on read * add clean up for closing opened modals from previous tests * simplify delete menu item rendering * add cleanup step to close open modals after each test to prevent pollution * streamline delete button visibility logic for Burn on Read posts * improve reliability of closing post menu and modals by using body ESC key --------- Co-authored-by: Harshil Sharma <harshilsharma63@gmail.com> Co-authored-by: Pablo Vélez <pablovv2012@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2025-12-11 07:59:50 +01:00
Jesse Hallam	cd17b61de4	MM-66757: Improve WebSocket user update events (#34600) ... * improve TestUserUpdateEvents * improve CheckUserSanitization * check user sanitization in TestUserUpdateEvents * minimally sanitize user sent to event creator	2025-12-10 15:15:31 -04:00
Elias Nahum	4589005a54	feat: Add Microsoft Intune MAM authentication support (#34577) ... * Add Entra ID token authentication and Intune MAM config exposure * Add Intune MAM toggle to Mobile Security admin console * Add IntuneSettings with the AuthService to use and its own TenantID andClientID for the Entra App registration Include Admin console changes switch from /oauth/entra to /oauth/intune endpoint * openAPI documentation --------- Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: yasser khan <attitude3cena.yf@gmail.com>	2025-12-10 08:31:53 +02:00
M-ZubairAhmed	761e56bb11	[MM-66791] Add permission check before resolving channel mentions (#34679)	2025-12-09 13:46:45 +00:00
Jesse Hallam	fcdd6962ff	MM-65575: Fix server panic when bot posts trigger persistent notifications (#34174) ... * reproduce panic with test * allow bots in the profile map * explicitly prevent sending notifications to bots * persistent notifications: handle senders not in the channel	2025-12-08 20:41:29 +00:00
Jesse Hallam	5956e4d624	Fix PluginHTTPStream request body closing before read (#34434) ... * Fix regression in PluginHTTPStream where request body closed prematurely When WriteHeader was called before reading the request body in inter-plugin communication, the body would be closed prematurely due to defer r.Body.Close() executing when the function returned (after starting the response goroutine). This fix moves defer r.Body.Close() into the goroutine to ensure the request body remains available until after the response is fully processed. Added test case TestInterpluginPluginHTTPWithBodyAfterWriteHeader to verify the fix and prevent future regressions. * Fix resource leak by closing request body in all PluginHTTPStream error paths --------- Co-authored-by: Christopher Speller <crspeller@gmail.com>	2025-12-01 08:26:33 -08:00
Jesse Hallam	61db53dd1a	[MM-66718] Remove unneeded HTML templates watcher (#34557) ... * [MM-66718] Remove unneeded HTML templates watcher The templates package currently supports filesystem watching to automatically reload templates when files change. This feature is unnecessary in production and adds complexity. Changes: - Removed NewWithWatcher() function from templates package - Removed Close() method from Container - Removed watch-related fields (watch, stop, stopped) from Container - Removed fsnotify dependency usage - Updated server.go to use New() instead of NewWithWatcher() - Updated email/helper_test.go to use New() - Removed watcher-related tests from templates_test.go Template updates now require a server restart, which provides clearer behavior and reduces code complexity. * Remove unused fsnotify dependency	2025-11-27 16:24:59 -04:00
Nick Misasi	507b20cd07	Fix 500 error when agents plugin isn't active or installed (#34573)	2025-11-27 06:52:38 -08:00
Felipe Martin	c5028108c0	fix: avoid validating channel memberships if the array is empty (#34495) ... * fix: avoid validating channel memberships if the array is empty * tests * remove log line --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2025-11-26 17:53:13 +00:00
Elias Nahum	1022cd44c0	MM-65756 Database Migrations, Indexes and Methods for Auto-Translation (#34047) ... * AutoTranslate config settings * comment out Agents provider * Add auto translate timeout config validation * i18n messages for autotranslation config validation * fix test * validate url for libreTranslate * Feedback review * Admin Console UI for Auto-Translation * fix admin console conditional section display * i18n * removed unintentional change Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * update admin.general.localization.autoTranslateProviderDescription newline * fix lint * Fix types * UX feedback review * fix typo in i18n * Fix AutoTranslation feature flag * feedback review * Fix test default values * feedback review * re-add isHidden property to feature discovery * Database Migrations, Indexes and Methods for Auto-Translation * i18n * fix retrylayer and storetest * Fix search query * fix lint * remove the request.CTX and modify Translation model * fix lint and external url * Add settings to playwright * Add empty as a valid value for the Provider * Update jsonb queries * Fix queries and add model methods * fix go lint * go lint fix 2 * fix db migrations * feedback review + store cache * increase migration number * cleanup autotranslation store cache * use NULL as objectType for posts * fix bad merge * fix tests * add missing i18n * Switch prop bags column to boolean * fix lint * fix tests * Remove database search * use Builder methods --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: BenCookie95 <benkcooke@gmail.com>	2025-11-22 09:32:01 +08:00
Devin Binnie	f1f862cd5a	[MM-66684] Amend CheckIfRestrictedDM to ensure that plugin bots and bot owned by the current user aren't restricted (#34543) ... Co-authored-by: Mattermost Build <build@mattermost.com>	2025-11-20 10:55:13 -05:00
Rahim Rahman	edb05c7ea5	Magic link (passwordless) authentication for guests (#34264) ... * Add EasyLogin configuration (#34217) * add easy login config * add easy login to the invite modal * add to the query parameters * Add an API to get login method for the login id (#34223) * add an api to get login method for the login id * do not return errors if user is not found * Add support for Easy Login invitation link sending (#34224) This generates Easy Login token types when requested. The server doesn't do anything with these tokens, yet - that will come in a future change. * Add support for logging in with easy login (#34236) * Fix E2E tests (#34240) * Prevent easy login accounts to reset their password (#34262) * Add easy login support to login api and limit token to 5 min (#34259) * webapp easy login ui mods (#34237) * webapp easy login ui mods * easy login i18n * lint issues * getUserLoginType * using the real API * easylogin proper redirect * remove unneeded functions and files * duplicated localization * remove easylogin * using EnableEasyLogin setting * localization fix * fix lint issue * remove excessive setIsWaiting * changed logic to make it more readable * renaming component to make easier editable * password will disappear when username change * login test * text for easy login password * Add app links to emails * Update templates and always land in the landing screen * Update svg image, improve checks on server, fix linking page and show deactivated on login type * Update naming * Fix mocks and imports * Remove all sessions on disable and forbid user promotion * Fix layer and tests * Address feedback * Fix tests * Fix missing string * Fix texts * Fix tests * Fix constant name * Fix tests * Fix test * Address feedback * Fix lint * Fix test * Address feedback * Fix test --------- Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com> Co-authored-by: David Krauser <david@krauser.org> Co-authored-by: Daniel Espino <larkox@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2025-11-20 14:06:23 +01:00
Carlos Garcia	4ba7f7e16e	MM-66202: Migrate to aws-sdk-go-v2 (#34496) ... * updated aws-sdk dependency to aws-sdk-go-v2 * simplify error handling in case of timeout errors --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2025-11-20 11:26:09 +01:00
Harshil Sharma	c9d10edf02	Content flagging manage deleted post only (#34481) ... * WIP * Handled missing managed by property value * LInt fixes * Updated logs * CI --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2025-11-20 10:09:36 +05:30
Ibrahim Serdar Acikgoz	fc93ede640	[MM-65956] Tweak auto add to make it consistent with child policies (#33990)	2025-11-19 20:18:45 +00:00
Ben Schumacher	97dedb9de5	Migrate from gopkg.in/yaml.v3 to github.com/goccy/go-yaml (#34510) ... Co-authored-by: Claude <noreply@anthropic.com>	2025-11-18 08:52:05 +01:00
Scott Bishel	b1338853a1	Add cursor-based Posts Reporting API for compliance and auditing (#34252) ... * Add cursor-based Posts Reporting API for compliance and auditing Implements a new admin-only endpoint for retrieving posts with efficient cursor-based pagination, designed for compliance, auditing, and archival workflows. Key Features: - Cursor-based pagination using composite (time, ID) keys for consistent performance regardless of dataset size (~10ms per page at any depth) - Flexible time range queries with optional upper/lower bounds - Support for both create_at and update_at time fields - Ascending or descending sort order - Optional metadata enrichment (files, reactions, acknowledgements) - System admin only access (requires manage_system permission) - License enforcement for compliance features API Endpoint: POST /api/v4/reports/posts - Request: JSON body with channel_id, cursor_time, cursor_id, and options - Response: Posts map + next_cursor object (null when pagination complete) - Max page size: 1000 posts per request (MaxReportingPerPage constant) Implementation: - Store Layer: Direct SQL queries with composite index on (ChannelId, CreateAt, Id) - App Layer: Permission checks, optional metadata enrichment, post hooks - API Layer: Parameter validation, system admin enforcement, license checks - Data Model: ReportPostOptions, ReportPostOptionsCursor, ReportPostListResponse Code Quality Improvements: - Added MaxReportingPerPage constant (1000) to eliminate magic numbers - Removed unused StartTime field from ReportPostOptions - Added fmt import for dynamic error messages Testing: - 14 comprehensive store layer unit tests - 12 API layer integration tests covering permissions, pagination, filters - All tests passing Documentation: - POSTS_REPORTING.md: Developer reference with Go structs and usage examples - POSTS_REPORTING_API_SPEC.md: Complete technical specification - GET_POSTS_API_IMPROVEMENTS.md: Implementation analysis and design rationale - POSTS_TIME_RANGE_FEATURE.md: Archived time range feature for future use Performance: Cursor-based pagination maintains consistent ~10ms query time at any dataset depth, compared to offset-based pagination which degrades significantly (Page 1 = 10ms, Page 1000 = 10 seconds). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * lint fixes * lint fixes * gofmt * i18n-extract * Add Enterprise license requirement to posts reporting API Enforce Enterprise license (tier 20+) for the new posts reporting endpoint to align with compliance feature licensing. Professional tier is insufficient. Changes: - Add MinimumEnterpriseLicense check in GetPostsForReporting app layer - Add test coverage for license validation (no license and Professional tier) All existing tests pass with new license enforcement. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * i18n-extract * add licensing to api documentation * Test SSH signing * Add mmctl command for posts reporting API Adds mmctl report posts command to retrieve posts from a channel for administrative reporting purposes. Supports cursor-based pagination with configurable sorting, filtering, and time range options. Includes database migration for updateat+id index to support efficient cursor-based queries when sorting by update_at. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Refactor posts reporting API cursor to opaque token and improve layer separation This addresses code review feedback by transforming the cursor from exposed fields to an opaque token and improving architectural layer separation. **Key Changes:** 1. **Opaque Cursor Implementation** - Transform cursor from split fields (cursor_time, cursor_id) to single opaque base64-encoded string - Cursor now self-contained with all query parameters embedded - When cursor provided, embedded parameters take precedence over request body - Clients treat cursor as opaque token and pass unchanged 2. **Field Naming** - Rename ExcludeChannelMetadataSystemPosts → ExcludeSystemPosts - Now excludes ALL system posts (any type starting with "system_") - Clearer and more consistent naming 3. **Layer Separation** - Move cursor decoding from store layer to model layer - Create ReportPostQueryParams struct for resolved parameters - Store layer receives pre-resolved parameters (no business logic) - Add ResolveReportPostQueryParams() function in model layer 4. **Code Quality** - Add type-safe constants (ReportingTimeFieldCreateAt, ReportingSortDirectionAsc, etc.) - Replace magic number 9223372036854775807 with math.MaxInt64 - Remove debug SQL logging (info disclosure risk) - Update mmctl to use constants and fix NextCursor pointer access 5. **Tests** - Update all 17 store test calls to use new resolution pattern - Add comprehensive test for DESC + end_time boundary behavior 6. **API Documentation** - Update OpenAPI spec to reflect opaque cursor format - Update all request/response examples - Clarify end_time behavior with sort directions **Files Changed:** - Model layer: public/model/post.go - App layer: channels/app/report.go - Store layer: channels/store/store.go, channels/store/sqlstore/post_store.go - Tests: channels/store/storetest/post_store.go - Mocks: channels/store/storetest/mocks/PostStore.go - API: channels/api4/report.go, channels/api4/report_test.go - mmctl: cmd/mmctl/commands/report.go - Docs: api/v4/source/reports.yaml 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix unhandled parse errors in cursor decoding Address security finding: cursor decoding was silently ignoring parse errors from strconv functions, which could lead to unexpected behavior when malformed cursors are provided. Changes: - Add explicit error handling for strconv.Atoi (version parsing) - Add explicit error handling for strconv.ParseBool (includeDeleted, excludeSystemPosts) - Add explicit error handling for strconv.ParseInt (timestamp parsing) - Return clear error messages indicating which field failed to parse This prevents silent failures where malformed values would default to zero-values (0, false) and potentially alter query behavior without warning. Addresses DryRun Security finding: "Unhandled Errors in Cursor Parsing" 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix linting issues - Remove unused reportPostCursorV1 struct (unused) - Remove obsolete +build comment (buildtag) - Use maps.Copy instead of manual loop (mapsloop) - Modernize for loop with range over int (rangeint) - Apply gofmt formatting 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix gofmt formatting issues Fix alignment in struct literals and constant declarations: - Align map keys in report_test.go request bodies - Align struct fields in ReportPostOptions initialization - Align reporting constant declarations 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Update mmctl tests for opaque cursor and add i18n translations Update report_test.go to align with the refactored Posts Reporting API: - Replace split cursor flags (cursor-time, cursor-id) with single opaque cursor flag - Update field name: ExcludeChannelMetadataSystemPosts → ExcludeSystemPosts - Update all mock expectations to use new ReportPostOptionsCursor structure - Replace test cursor values with base64-encoded opaque cursor strings Add English translations for cursor decoding error messages in i18n/en.json. Minor API documentation fix in reports.yaml (remove "all" from description). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Update mmctl tests for opaque cursor and add i18n translations Update report_test.go to align with the refactored Posts Reporting API: - Replace split cursor flags (cursor-time, cursor-id) with single opaque cursor flag - Update field name: ExcludeChannelMetadataSystemPosts → ExcludeSystemPosts - Update all mock expectations to use new ReportPostOptionsCursor structure - Replace test cursor values with base64-encoded opaque cursor strings Add English translations for cursor decoding error messages in i18n/en.json. Minor API documentation fix in reports.yaml (remove "all" from description). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * more lint fixes * remove index update files * Remove end_time parameter from Posts Reporting API Align with other cursor-based APIs in the codebase by removing the end_time parameter. The caller now controls when to stop pagination by simply not making another request, which is the same pattern used by GetPostsSinceForSync, MessageExport, and GetPostsBatchForIndexing. Changes: - Remove EndTime field from ReportPostOptions and ReportPostQueryParams - Remove EndTime filtering logic from store layer - Remove tests that used end_time parameter 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Refactor posts reporting API for security and validation Address security review feedback by consolidating parameter resolution and validation in the API layer, with comprehensive validation of all cursor fields to prevent SQL injection and invalid queries. Changes: - Move parameter resolution from model to API layer for clearer separation - Add ReportPostQueryParams.Validate() with inline validation for all fields - Validate ChannelId, TimeField, SortDirection, and CursorId format - Add start_time parameter for time-bounded queries - Cap per_page at 100-1000 instead of rejecting invalid values - Export DecodeReportPostCursorV1() for API layer use - Simplify app layer to receive pre-validated parameters - Check channel existence when results are empty (better error messages) Testing: - Add 10 model tests for validation and malformed cursor scenarios - Add 4 API tests for cursors with invalid field values - Refactor 13 store tests to use buildReportPostQueryParams() helper - All 31 tests pass Documentation: - Update OpenAPI spec with start_time, remove unused end_time - Update markdown docs with start_time examples Security improvements: - Whitelist validation prevents SQL injection in TimeField/SortDirection - Format validation ensures ChannelId and CursorId are valid IDs - Single validation point for both cursor and options paths - Defense in depth: validation + parameterized queries + store layer whitelist 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Improve posts reporting query efficiency and safety Replace SELECT * and nested OR/AND conditions with explicit column selection and PostgreSQL row value comparison for better performance and maintainability. Changes: - Use postSliceColumns() instead of SELECT * for explicit column selection - Replace Squirrel OR/AND with row value comparison: (timeField, Id) > (?, ?) - Use fmt.Sprintf for safer string formatting in WHERE clause Query improvements: Before: WHERE (CreateAt > ?) OR (CreateAt = ? AND Id > ?) After: WHERE (CreateAt, Id) > (?, ?) Benefits: - Explicit column selection prevents issues if table schema changes - Row value comparison is more concise and better optimized by PostgreSQL - Follows existing patterns in post_store.go (postSliceColumns) - Standard SQL:2003 syntax 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Change posts reporting response from map to ordered array Replace the Posts map with an ordered array to preserve query sort order and provide a more natural API response for sequential processing. Changes: - ReportPostListResponse.Posts: map[string]*Post → []*Post - Store layer returns posts array directly (already sorted by query) - App layer iterates by index for metadata enrichment - Remove applyPostsWillBeConsumedHook call (not applicable to reporting) - Update API tests to iterate arrays instead of map lookups - Update store tests to convert array to map for deduplication checks - Remove unused "maps" import Benefits: - Preserves query sort order (ASC/DESC, create_at/update_at) - More natural for sequential processing/export workflows - Simpler response structure for reporting/compliance use cases - Aligns with message export/compliance patterns (no plugin hooks) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix linting issues in posts reporting tests Replace inefficient loops with append(...) for better performance. Changes: - Use append(postSlice, result.Posts...) instead of loop - Simplifies code and follows staticcheck recommendations 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Fix store test AppError nil checking Use require.Nil instead of require.NoError for *AppError returns to avoid Go interface nil pointer issues. When DecodeReportPostCursorV1 returns nil *AppError and it's assigned to error interface, the interface becomes non-nil even though the pointer is nil. This causes require.NoError to fail incorrectly. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2025-11-17 09:02:19 -07:00
Nick Misasi	91dfcbbdd1	Integration permission management changes (#34421) ... * Support for permissions allowing end users to create and manage their own integrations if sysadmin deems necessary * Adjustments based on new understanding * remove extra functions now that we've consolidated * Fix webapp i18n * Update snapshots * Fix test * Fix some tests, refactor some more, and add a few extra * fix linter * Update snapshots * Fix test * Missed some cleanup * Fix e2e * Fi * Fix * Fixes from PR feedback * Update snapshots * Fix tests * Fix slash command list endpoint per PR feedback. Remove changes around OAuth Apps * Further reversions of oauth stuff * Update tests * Small changes to fix when customOnly=false * Remove extra perm from cypress * Fixes from Eva's feedback * Fix i18n * More fixing * More fixing	2025-11-13 11:12:30 +00:00
Miguel de la Cruz	ef16fcfad2	Adds default values to the attrs of CPA fields and refactors the app layer (#34408) ... * Adds default values to the attrs of CPA fields and refactors the app layer * Fix mmctl tests * Fix types and linter * Fix model test --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com>	2025-11-13 12:00:54 +01:00
Ben Schumacher	9a74ab5009	[MM-66438] Add SAML provider type to Support Packet (#34378) ... Co-authored-by: Claude <noreply@anthropic.com>	2025-11-13 10:30:59 +01:00
Eva Sarafianou	0d181ca215	Push Proxy Authentication (#34211) ... * Initial Implementation of Push Proxy Authentication * Include Config Listener for Leader plus delete startup function as job scheduler runs on initialization * Remove push proxy auth from local imports * Add push proxy auth to external imports * Add push proxy auth error messages * Update error codes * Fix enterprise dep definition * make i18n-extract * Mock System store Get * m * m * m * m * Update serverID header * Add install type env var to docker * Update Push Proxy config with new options Global, US, Germany and Japan. Previous configurations will keep working * use model.SafeDereference * Delete token when new push proxy URL is empty * ServerID header only if auth token is available --------- Co-authored-by: Daniel Schalla <daniel@mattermost.com> Co-authored-by: Nick Misasi <nick.misasi@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2025-11-12 20:16:44 +02:00
Ben Schumacher	a7a8941adb	Add documentation for audit levels (#34457) ... Co-authored-by: Claude <noreply@anthropic.com>	2025-11-12 14:07:12 +01:00