673 commits

Author	SHA1	Message	Date
Carlos Garcia	2be57a7ec0	adds team member data sanitizing (#35562) ... * adds team member data sanitizing * assert using require * adds data sanitizing to team members for user endpoint * team admin data visibility now tests with different user	2026-04-09 16:12:15 +02:00
Pavel Zeman	6fdef8c9cc	ci: enable fullyparallel mode for server tests (#35816) ... * ci: enable fullyparallel mode for server tests Replace os.Setenv, os.Chdir, and global state mutations with parallel-safe alternatives (t.Setenv, t.Chdir, test hooks) across 37 files. Refactor GetLogRootPath and MM_INSTALL_TYPE to use package-level test hooks instead of environment variables. This enables gotestsum --fullparallel, allowing all test packages to run with maximum parallelism within each shard. Co-authored-by: Claude <claude@anthropic.com> * ci: split fullyparallel from continue-on-error in workflow template - Add new boolean input 'allow-failure' separate from 'fullyparallel' - Change continue-on-error to use allow-failure instead of fullyparallel - Update server-ci.yml to pass allow-failure: true for test coverage job - Allows independent control of parallel execution and failure tolerance Co-authored-by: Claude <claude@anthropic.com> * fix: protect TestOverrideLogRootPath with sync.Mutex for parallel tests - Replace global var TestOverrideLogRootPath with mutex-protected functions - Add SetTestOverrideLogRootPath() and getTestOverrideLogRootPath() functions - Update GetLogRootPath() to use thread-safe getter - Update all test files to use SetTestOverrideLogRootPath() with t.Cleanup() - Fixes race condition when running tests with t.Parallel() Co-authored-by: Claude <claude@anthropic.com> * fix: configure audit settings before server setup in tests - Move ExperimentalAuditSettings from UpdateConfig() to config defaults - Pass audit config via app.Config() option in SetupWithServerOptions() - Fixes audit test setup ordering to configure BEFORE server initialization - Resolves CodeRabbit's audit config timing issue in api4 tests Co-authored-by: Claude <claude@anthropic.com> * fix: implement SetTestOverrideLogRootPath mutex in logger.go The previous commit updated test callers to use SetTestOverrideLogRootPath() but didn't actually create the function in config/logger.go, causing build failures across all CI shards. This commit: - Replaces the exported var TestOverrideLogRootPath with mutex-protected unexported state (testOverrideLogRootPath + testOverrideLogRootMu) - Adds exported SetTestOverrideLogRootPath() setter - Adds unexported getTestOverrideLogRootPath() getter - Updates GetLogRootPath() to use the thread-safe getter - Fixes log_test.go callers that were missed in the previous commit Co-authored-by: Claude <claude@anthropic.com> * fix(test): use SetupConfig for access_control feature flag registration InitAccessControlPolicy() checks FeatureFlags.AttributeBasedAccessControl at route registration time during server startup. Setting the flag via UpdateConfig after Setup() is too late — routes are never registered and API calls return 404. Use SetupConfig() to pass the feature flag in the initial config before server startup, ensuring routes are properly registered. Co-authored-by: Claude <claude@anthropic.com> * fix(test): restore BurnOnRead flag state in TestRevealPost subtest The 'feature not enabled' subtest disables BurnOnRead without restoring it via t.Cleanup. Subsequent subtests inherit the disabled state, which can cause 501 errors when they expect the feature to be available. Add t.Cleanup to restore FeatureFlags.BurnOnRead = true after the subtest completes. Co-authored-by: Claude <claude@anthropic.com> * fix(test): restore EnableSharedChannelsMemberSync flag via t.Cleanup The test disables EnableSharedChannelsMemberSync without restoring it. If the subtest exits early (e.g., require failure), later sibling subtests inherit a disabled flag and become flaky. Add t.Cleanup to restore the flag after the subtest completes. Co-authored-by: Claude <claude@anthropic.com> * Fix test parallelism: use instance-scoped overrides and init-time audit config Replace package-level test globals (TestOverrideInstallType, SetTestOverrideLogRootPath) with fields on PlatformService so each test gets its own instance without process-wide mutation. Fix three audit tests (TestUserLoginAudit, TestLogoutAuditAuthStatus, TestUpdatePasswordAudit) that configured the audit logger after server init — the audit logger only reads config at startup, so pass audit settings via app.Config() at init time instead. Also revert the Go 1.24.13 downgrade and bump mattermost-govet to v2.0.2 for Go 1.25.8 compatibility. * Fix audit unit tests * Fix MMCLOUDURL unit tests * Fixed unit tests using MM_NOTIFY_ADMIN_COOL_OFF_DAYS * Make app migrations idempotent for parallel test safety Change System().Save() to System().SaveOrUpdate() in all migration completion markers. When two parallel tests share a database pool entry, both may race through the check-then-insert migration pattern. Save() causes a duplicate key fatal crash; SaveOrUpdate() makes the second write a harmless no-op. * test: address review feedback on fullyparallel PR - Use SetLogRootPathOverride() setter instead of direct field access in platform/support_packet_test.go and platform/log_test.go (pvev) - Restore TestGetLogRootPath in config/logger_test.go to keep MM_LOG_PATH env var coverage; test uses t.Setenv so it runs serially which is fine (pvev) - Fix misleading comment in config_test.go: code uses t.Setenv, not os.Setenv (jgheithcock) Co-authored-by: Claude <claude@anthropic.com> * fix: add missing os import in post_test.go The os import was dropped during a merge conflict resolution while burn-on-read shared channel tests from master still use os.Setenv. Co-authored-by: Claude <claude@anthropic.com> --------- Co-authored-by: Claude <claude@anthropic.com> Co-authored-by: wiggin77 <wiggin77@warpmail.net> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-08 20:48:36 -04:00
Jesse Hallam	71ca373de7	Generate instead of hard-coding test passwords, enforce new minimum for FIPS, shard CI, fix FIPS builds (#35905) ... * Replace hardcoded test passwords with model.NewTestPassword() Add model.NewTestPassword() utility that generates 14+ character passwords meeting complexity requirements for FIPS compliance. Replace all short hardcoded test passwords across the test suite with calls to this function. * Enforce FIPS compliance for passwords and HMAC keys FIPS OpenSSL requires HMAC keys to be at least 14 bytes. PBKDF2 uses the password as the HMAC key internally, so short passwords cause PKCS5_PBKDF2_HMAC to fail. - Add FIPSEnabled and PasswordFIPSMinimumLength build-tag constants - Raise the password minimum length floor to 14 when compiled with requirefips, applied in SetDefaults only when unset and validated independently in IsValid - Return ErrMismatchedHashAndPassword for too-short passwords in PBKDF2 CompareHashAndPassword rather than a cryptic OpenSSL error - Validate atmos/camo HMAC key length under FIPS and lengthen test keys accordingly - Adjust password validation tests to use PasswordFIPSMinimumLength so they work under both FIPS and non-FIPS builds * CI: shard FIPS test suite and extract merge template Run FIPS tests on PRs that touch go.mod or have 'fips' in the branch name. Shard FIPS tests across 4 runners matching the normal Postgres suite. Extract the test result merge logic into a reusable workflow template to deduplicate the normal and FIPS merge jobs. * more * Fix email test helper to respect FIPS minimum password length * Fix test helpers to respect FIPS minimum password length * Remove unnecessary "disable strict password requirements" blocks from test helpers * Fix CodeRabbit review comments on PR #35905 - Add server-test-merge-template.yml to server-ci.yml pull_request.paths so changes to the reusable merge workflow trigger Server CI validation - Skip merge-postgres-fips-test-results job when test-postgres-normal-fips was skipped, preventing failures due to missing artifacts - Set guest.Password on returned guest in CreateGuestAndClient helper to keep contract consistent with CreateUserWithClient - Use shared LowercaseLetters/UppercaseLetters/NUMBERS/PasswordFIPSMinimumLength constants in NewTestPassword() to avoid drift if FIPS floor changes https://claude.ai/code/session_01HmE9QkZM3cAoXn2J7XrK2f * Rename FIPS test artifact to match server-ci-report pattern The server-ci-report job searches for artifacts matching "*-test-logs", so rename from postgres-server-test-logs-fips to postgres-server-fips-test-logs to be included in the report. --------- Co-authored-by: Claude <noreply@anthropic.com>	2026-04-08 16:49:43 -03:00
Doug Lauder	5b76fb11a5	MM-67647: Rename shared_channel_manager roles to follow system_ prefix convention (#35944) ... * Rename shared_channel_manager and secure_connection_manager roles to use system_ prefix The new roles added in PR #35354 broke the naming convention that all system-level roles stored in Users.Roles are prefixed with "system_". Client-side code (role.includes('system')) and server-side code (explicit switch cases in applyMultiRoleFilters) relied on this convention, causing users assigned to these roles to not appear in the System Console. Also adds both roles to the applyMultiRoleFilters switch statement in user_store.go, which was missing them entirely.	2026-04-08 08:01:33 -04:00
unified-ci-app[bot]	6662021dd5	Update latest minor version to 11.7.0 (#35964) ... Co-authored-by: unified-ci-app[bot] <121569378+unified-ci-app[bot]@users.noreply.github.com>	2026-04-07 09:34:34 +03:00
Doug Lauder	3888a69479	MM-68158: Fix shared channel remote display and notify UI on invite completion (#35908) ... * MM-68158: Fix shared channel remote display and add WebSocket notification Fix getSharedChannelRemotes API handler passing ChannelId instead of RemoteId to GetRemoteCluster, which always failed the lookup. Add RemoteId to SharedChannelRemoteStatus model and store query. Add shared_channel_remote_updated WebSocket event published from the onInvite callback so the UI refreshes its cached remote names when the async invite completes, instead of showing the generic "Shared with trusted organizations" fallback. * Improved unit tests per review comments	2026-04-03 02:06:01 -04:00
Christopher Speller	9b01e406f4	Move password hashers from server/v8 to server/public to fix module layering violation (#35805)a ... * Move password hashers from server/v8 to server/public to fix layering violation * Revert "Move password hashers from server/v8 to server/public to fix layering violation" This reverts commit 8cad5b8dc9. * invert dependency between hashers and model * make modules-tidy --------- Co-authored-by: Jesse Hallam <jesse@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-04-01 15:20:12 +00:00
Jesse Hallam	f7f2d944e8	upgrade golangci-lint (#35845)	2026-03-30 13:41:32 -03:00
Nick Misasi	c81d0ddd73	Ability to E2E AI Bridge features + Initial Recaps E2E (#35541) ... * Add shared AI bridge seam Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add AI bridge test helper API Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add AI bridge seam test coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Add Playwright AI bridge recap helpers Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap channel persistence test Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Restore bridge client compatibility shim Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Expand recap card in Playwright spec Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Recaps e2e test coverage (#35543) * Add Recaps Playwright page object Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Expand AI recap Playwright coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Format recap Playwright coverage Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap regeneration test flows Co-authored-by: Nick Misasi <nick13misasi@gmail.com> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> * Fix AI bridge lint and OpenAPI docs Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix recap lint shadowing Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Stabilize failed recap regeneration spec Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fill AI bridge i18n strings Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix i18n * Add service completion bridge path and operation tracking fields Extend AgentsBridge with CompleteService for service-based completions, add ClientOperation/OperationSubType tracking to BridgeCompletionRequest, and propagate operation metadata through to the bridge client. Made-with: Cursor * Fill empty i18n translation strings for enterprise keys The previous "Fix i18n" commit added 145 i18n entries with empty translation strings, causing the i18n check to fail in CI. Fill in all translations based on the corresponding error messages in the enterprise and server source code. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Fix i18n * Fix i18n again * Rename Complete/CompleteService to AgentCompletion/ServiceCompletion Align the AgentsBridge interface method names with the underlying bridge client methods they delegate to (AgentCompletion, ServiceCompletion). Made-with: Cursor * Refactor * Add e2eAgentsBridge implementation The new file was missed from the prior refactor commit. Made-with: Cursor * Address CodeRabbit review feedback - Add 400 BadRequest response to AI bridge PUT endpoint OpenAPI spec - Add missing client_operation, operation_sub_type, service_id fields to AIBridgeTestHelperRecordedRequest schema - Deep-clone nested JSON schema values in cloneJSONOutputFormat - Populate ChannelID on recap summary bridge requests - Fix msg_count assertion to mention_count for mark-as-read verification - Make AgentCompletion/ServiceCompletion mutex usage atomic Made-with: Cursor * fix(playwright): align recaps page object with placeholder and channel menu Made-with: Cursor * fix(playwright): update recaps expectEmptyState to match RecapsList empty state After the master merge, the recaps page now renders RecapsList's "You're all caught up" empty state instead of the old placeholder. Made-with: Cursor * chore(playwright): update package-lock.json after npm install Made-with: Cursor * Revert "chore(playwright): update package-lock.json after npm install" This reverts commit 95c670863a. * style(playwright): fix prettier formatting in recaps page object Made-with: Cursor * fix(playwright): handle both recaps empty states correctly The recaps page has two distinct empty states: - Setup placeholder ("Set up your recap") when allRecaps is empty - RecapsList caught-up state ("You're all caught up") when the filtered tab list is empty Split expectEmptyState into expectSetupPlaceholder and expectCaughtUpEmptyState, used by the delete and bridge-unavailable tests respectively. Made-with: Cursor --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 16:20:47 +00:00
Maria A Nunez	ece6b956fa	Add single-channel guest count to support packet stats (#35846) ... Single-channel guests are excluded from billable seat counts for licensing. Include this metric in the support packet so support engineers can understand seat calculation discrepancies. Made-with: Cursor Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-30 11:13:09 -04:00
Carlos Garcia	a19cc4b909	improves time limit checks (#35638) ... * improves time limit checks * consistently check for presence of patch fields * fix variable shadowing in test * allow idempotent pinning operations with time limit expired * new utility function for post limit time check * fix style issue	2026-03-27 16:29:06 +01:00
Miguel de la Cruz	48f2fd0873	Merge the Integrated Boards MVP feature branch (#35796) ... * Add CreatedBy and UpdatedBy to the properties fields and values (#34485) * Add CreatedBy and UpdatedBy to the properties fields and values * Fix types --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds ObjectType to the property fields table (#34908) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Update ObjectType migration setting an empty value and marking the column as not null (#34915) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds uniqueness mechanisms to the property fields (#35058) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Fixing retrylayer mocks * Remove retrylayer duplication * Address review comments * Fix comment to avoid linter issues * Address PR comments * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.down.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update server/channels/db/migrations/postgres/000157_add_object_type_to_property_fields.up.sql Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Update field validation to check only for valid target types * Update migrations to avoid concurrent index creation within a transaction * Update migrations to make all index ops concurrent * Update tests to use valid PSAv2 property fields * Adds a helper for valid PSAv2 TargetTypes --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> * Fix property tests (#35388) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards feature flag (#35378) Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds Integrated Boards MVP API changes (#34822) This PR includes the necessary changes for channels and posts endpoints and adds a set of generic endpoints to retrieve and manage property fields and values following the new Property System approach. Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Mattermost Build <build@mattermost.com> * Property System Architecture permissions for v2 (#35113) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Fix i18n sorting --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Add Views store and app layer (#35361) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor test loops in ViewStore tests for improved readability * change pagination to limit/offset * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * MM-67388, MM-66528, MM-67750: Add View REST API endpoints, websocket events, and sort order (#35442) * Add Views store and app layer for Integrated Boards Implements the View entity (model, SQL store, service, app) as described in the Integrated Boards tech spec. Views are channel-scoped board configurations with typed props (board, kanban subviews) and soft-delete. - public/model: View, ViewBoardProps, Subview, ViewPatch types with PreSave/PreUpdate/IsValid/Patch/Clone/Auditable - Migration 158: Views table with jsonb Props column and indexes - SqlViewStore: CRUD with nil-safe Props marshaling (AppendBinaryFlag) - ViewService: CreateView seeds default kanban subview and links the boards property field; caches boardPropertyFieldID at startup - App layer: CreateView/GetView/GetViewsForChannel/UpdateView/DeleteView with channel-membership permission checks and WebSocket events (view_created, view_updated, view_deleted) - doSetupBoardsPropertyField: registers the Boards property group and board field in NewServer() before ViewService construction - GetFieldByName now returns store.ErrNotFound instead of raw sql.ErrNoRows * Move permission checks out of App layer for views - Remove HasPermissionToChannel calls from all App view methods - Drop userID params from GetView, GetViewsForChannel, UpdateView, DeleteView - Fix doSetupBoardsPropertyField to include required TargetType for PSAv2 field * Make View service generic and enforce board validation in model - Remove board-specific auto-setup from service and server startup - Enforce that board views require Props, at least one subview, and at least one linked property in IsValid() - Move default subview seeding out of app layer; callers must provide valid props - Call PreSave on subviews during PreUpdate to assign IDs to new subviews - Update all tests to reflect the new validation requirements * Restore migrations files to match base branch * Distinguish ErrNotFound from other errors in view store Get * Use CONCURRENTLY and nontransactional for index operations in views migration * Split views index creation into separate nontransactional migrations * Update migrations.list * Update i18n translations for views * Fix makeView helper to include required Props for board view validation * Rename ctx parameter from c to rctx in OAuthProvider mock * Remove views service layer, call store directly from app * Return 500 for unexpected DB errors in GetView, 404 only for not-found * Harden View model: deep-copy Props, validate linked property IDs - Add ViewBoardProps.Clone() to deep-copy LinkedProperties and Subviews - Use it in View.Clone() and View.Patch() to prevent shared-slice aliasing - Iterate over LinkedProperties in View.IsValid() and reject invalid IDs with a dedicated i18n key - Register ViewStore in storetest AssertExpectations so mock expectations are enforced - Add tests covering all new behaviours * Restore autotranslation worker_stopped i18n translation * Fix view store test IDs and improve error handling in app layer - Use model.NewId() for linked property IDs in testUpdateView to fix validation failure (IsValid rejects non-UUID strings) - Fix import grouping in app/view.go (stdlib imports in one block) - Return 404 instead of 500 when Update/Delete store calls return ErrNotFound (e.g. concurrent deletion TOCTOU race) * Add View store mock to retrylayer test genStore helper The View store was added to the store interface but the genStore() helper in retrylayer_test.go was not updated, causing TestRetry to panic. Also removes the duplicate Recap mock registration. * Refactor view deletion and websocket event handling; update SQL store methods to use query builder * revert property field store * Add View API endpoints with OpenAPI spec, client methods, and i18n Implement REST API for channel views (board-type) behind the IntegratedBoards feature flag. Adds CRUD endpoints under /api/v4/channels/{channel_id}/views with permission checks matching the channel bookmark pattern. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove useless migrations * Add cursor-based pagination to View store GetForChannel - Add ViewQueryCursor and ViewQueryOpts types with validation - Return (views, cursor, error) for caller-driven pagination - PerPage clamping: <=0 defaults to 20, >200 clamps to 200 - Support IncludeDeleted filter - Add comprehensive store tests for pagination, cursor edge cases, PerPage clamping, and invalid input rejection - Add app layer test for empty channelID → 400 - Update interface, retrylayer, timerlayer, and mock signatures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add cursor-based pagination to View API for channel views * Enhance cursor handling in getViewsForChannel and update tests for pagination * Refactor test loops in ViewStore tests for improved readability * Refactor loop in TestGetViewsForChannel for improved readability * change pagination to limit/offset * switch to limit/offset pagination * Add upper-bound limits on View Subviews and LinkedProperties Defense-in-depth validation: cap Subviews at 50 and LinkedProperties at 500 to prevent abuse below the 300KB payload limit. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add view sort order API endpoint Add POST /api/v4/channels/{channel_id}/views/{view_id}/sort_order endpoint following the channel bookmarks reorder pattern. Includes store, app, and API layers with full test coverage at each layer. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add connectionId to view WebSocket events and sort_order API spec Thread connectionId from request header through all view handlers (create, update, delete, sort_order) to WebSocket events, matching the channel bookmarks pattern. Add sort_order endpoint to OpenAPI spec. Update minimum server version to 11.6. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove duplicate View/ViewPatch definitions from definitions.yaml The merge from integrated-boards-mvp introduced duplicate View and ViewPatch schema definitions that were already defined earlier in the file with more detail (including ViewBoardProps ref and enums). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update minimum server version to 11.6 in views API spec Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add missing translations for view sort order error messages Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge integrated-boards-mvp into ibmvp_api-views; remove spec files Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix flaky TestViewStore timestamp test on CI Add sleep before UpdateSortOrder to ensure timestamps differ, preventing same-millisecond comparisons on fast CI machines. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * remove duplicate views.yaml imclude * Use c.boolString() for include_deleted query param in GetViewsForChannel Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix views.yaml sort order schema: use integer type and require body Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Refactor view sort order tests to use named IDs instead of array indices Extract idA/idB/idC from views slice and add BEFORE/AFTER comments to make stateful subtest ordering easier to follow. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Return 404 instead of 403 for view operations on deleted channels Deleted channels should appear non-existent to callers rather than revealing their existence via a 403. Detailed error text explains the context for debugging. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * add missing channel deleteat checks * Use c.Params.Page instead of manual page query param parsing in getViewsForChannel c.Params already validates and defaults page/per_page, so the manual parsing was redundant. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add support for total count in views retrieval * Add tests for handling deleted views in GetViewsForChannel and GetView * Short-circuit negative newIndex in UpdateSortOrder before opening transaction Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add per-channel limit on views to bound UpdateSortOrder cost Without a cap, unbounded view creation makes sort-order updates increasingly expensive (CASE WHEN per view, row locks). Adds MaxViewsPerChannel=50 constant and enforces it in the app layer before saving. Includes API and app layer tests. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove include_deleted support from views API Soft-deleted views are structural metadata with low risk, but no other similar endpoint (e.g. channel bookmarks) exposes deleted records without an admin gate. Rather than adding an admin-only permission check for consistency, remove the feature entirely since there is no current use case. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update view permissions to require `create_post` instead of channel management permissions * Remove obsolete view management error messages for direct and group messages --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> * feat(migrations): add user tracking and object type to property fields - Introduced user tracking columns (CreatedBy, UpdatedBy) to PropertyFields and PropertyValues. - Added ObjectType column to PropertyFields with associated unique indexes for legacy and typed properties. - Created new migration scripts for adding and dropping these features, including necessary indexes for data integrity. - Established views for managing property fields with new attributes. This update enhances the schema to support better tracking and categorization of property fields. * Add Property System Architecture v2 API endpoints (#35583) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Require target_type filter when searching property fields * Add objectType validation as part of field.IsValid() * Fix linter * Fix test with bad objecttpye * Fix test grouping --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * MM-67968: Flatten view model — remove icon, subviews, typed board props (#35726) * feat(views): flatten view model by removing icon, subview, and board props Simplifies the View data model as part of MM-67968: removes Icon, Subview, and ViewBoardProps types; renames ViewTypeBoard to ViewTypeKanban; replaces typed Props with StringInterface (map[string]any); adds migration 000167 to drop the Icon column from the Views table. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * feat(api): update views OpenAPI spec to reflect flattened model Removes ViewBoardProps, Subview, and icon from the View and ViewPatch schemas. Changes type enum from board to kanban. Replaces typed props with a free-form StringInterface object. Aligns with MM-67968. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * refactor(views): simplify store by dropping dbView and marshalViewProps StringInterface already implements driver.Valuer and sql.Scanner, so the manual JSON marshal/unmarshal and the dbView intermediate struct were redundant. model.View now scans directly from the database. Also removes the dead ViewMaxLinkedProperties constant and wraps the Commit() error in UpdateSortOrder. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * fix(api): allow arbitrary JSON in view props OpenAPI schema The props field was restricted to string values via additionalProperties: { type: string }, conflicting with the Go model's StringInterface (map[string]any). Changed to additionalProperties: true in View, ViewPatch, and inline POST schemas. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> * Adds basic implementation of the generic redux store for PSAv2 (#35512) * Adds basic implementation of the generic redux store for PSAv2 * Add created_by and updated_by to the test fixtures * Make target_id, target_type and object_type mandatory * Wrap getPropertyFieldsByIds and getPropertyValuesForTargetByFieldIds with createSelector * Address PR comments --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * Adds websocket messages for the PSAv2 API events (#35696) * Adds uniqueness mechanisms to the property fields After adding ObjectType, this commit ensures that both the PSAv1 and PSAv2 schemas are supported, and enforces property uniqueness through both database indexes and a logical check when creating new property fields. * Adds uniqueness check to property updates Updates are covered on this commit and we refactor as well the SQL code to use the squirrel builder and work better with the conditional addition of the `existingID` piece of the query. * Add translations to error messages * Add the permissions to the migrations, model and update the store calls * Adds the property field and property group app layer * Adds authorization helpers for property fields and values * Make sure that users cannot lock themselves out of property fields * Migrate permissions from a JSON column to three normalized columns * Remove the audit comment * Use target level constants in authorization * Log authorization membership failures * Rename admin to sysadmin * Adds the Property System Architecture v2 API endpoints * Adds permission checks to the create field endpoint * Add target access checks to value endpoints * Add default branches for object_type and target_type and extra guards for cursor client4 methods * Fix vet API mismatch * Fix error checks * Fix linter * Add merge semantics for property patch logic and API endpoint * Fix i18n * Fix duplicated patch elements and early return on bad cursor * Update docs to use enums * Fix i18n sorting * Update app layer to return model.AppError * Adds a limit to the number of property values that can be patched in the same request * Adds websocket messages for the PSAv2 API events * Add IsPSAv2 helper to the property field for clarity * Add guard against nil returns on field deletion * Add docs to the websocket endpoints --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> * migrations: consolidate views migrations and reorder after master - Merged 000165 (create Views) with 000167 (drop Icon) since Icon was never needed - Renumbered branch migrations 159-166 → 160-167 so master's 000159 (deduplicate_policy_names) runs first - Regenerated migrations.list Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Add API endpoint to retrieve posts for a specific view (#35604) Automatic Merge * Apply fixes after merge * Return a more specific error from getting multiple fields * Prevent getting broadcast params on field deletion if not needed * Remove duplicated migration code * Update property conflict code to always use master * Adds nil guard when iterating on property fields * Check that permission level is valid before getting rejected by the database * Validate correctness on TargetID for PSAv2 fields * Avoid PSAv1 using permissions or protected * Fix test data after validation change * Fix flaky search test * Adds more posts for filter use cases to properly test exclusions --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> Co-authored-by: Julien Tant <julien@craftyx.fr> Co-authored-by: Mattermost Build <build@mattermost.com> Co-authored-by: Julien Tant <785518+JulienTant@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-27 10:36:35 +01:00
Adam Schildkraut	656a0248eb	Fix datetime MinDate/MaxDate validation and add sub-day relative patterns (#35327) ... * Add H/M/S sub-day units to validateRelativePattern * Fix datetime MinDate/MaxDate to use validateDateTimeFormat * Add H/M/S sub-day resolution to resolveRelativeDateToMoment * Add minDateTime/maxDateTime props to DateTimeInput * Wire min_date/max_date resolution in AppsFormDateTimeField * Align client relative pattern bounds with server validation * Fix allowPastDates when minDateTime is in the past	2026-03-26 17:19:15 -06:00
Rajat Dabade	fac92f4a71	Added FakeSetting for keys generation for support package (#35346) ... Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-27 01:56:06 +05:30
Miguel de la Cruz	58dd9e1bb4	Add property system app layer architecture (#35157) ... * Refactor property system with app layer routing and access control separation Establish the app layer as the primary entry point for property operations with intelligent routing based on group type. This architecture separates access-controlled operations (CPA groups) from standard operations, improving performance and code clarity. Architecture Changes: - App layer now routes operations based on group type: - CPA groups -> PropertyAccessService (enforces access control) - Non-CPA groups -> PropertyService (direct, no access control) - PropertyAccessService simplified to handle only CPA operations - Eliminated redundant group type checks throughout the codebase * Move access control routing into PropertyService This change makes the PropertyService the main entrypoint for property related operations, and adds a routing mechanism to decide if extra behaviors or checks should run for each operation, in this case, the property access service logic. To add specific payloads that pluggable checks and operations may need, we use the request context. When the request comes from the API, the endpoints are in charge of adding the caller ID to the payload, and in the case of the plugin API, on receiving a request, the server automatically tags the context with the plugin ID so the property service can react accordingly. Finally, the new design enforces all these checks migrating the actual property logic to internal, non-exposed methods, so any caller from the App layer needs to go through the service checks that decide if pluggable logic is needed, avoiding any possibility of a bypass. * Fix i18n * Fix bad error string * Added nil guards to property methods * Add check for multiple group IDs on value operations * Add nil guard to the plugin checker * Fix build error * Update value tests * Fix linter * Adds early return when content flaggin a thread with no replies * Fix mocks * Clean the state of plugin property tests before each run * Do not wrap appErr on API response and fix i18n * Fix create property field test * Remove the need to cache cpaGroupID as part of the property service * Split the property.go file into multiple * Not found group doesn't bypass access control check * Unexport SetPluginCheckerForTests * Rename plugin context getter to be more PSA specific --------- Co-authored-by: Miguel de la Cruz <miguel@ctrlz.es>	2026-03-26 07:54:50 +00:00
Alejandro García Montoro	4f16a29cb5	MM-67793: Remove dependency on blang/semver/v4 (#35742) ... * Remove dependency on blang/semver/v4 Instead, consolidate on the usage of Masterminds/semver/v3 * Remove empty line * make modules-tidy	2026-03-25 13:41:33 +00:00
Doug Lauder	f0b2a36dbc	MM-67616: Refactor shared channel membership sync to use ChannelMemberHistory (#35619) ... * Refactor shared channel membership sync to use ChannelMemberHistory (MM-67616) Replace the trigger-time membership sync mechanism with a cursor-based approach using ChannelMemberHistory, aligning membership sync with the established pattern used by posts and reactions. Previously, membership changes were built into SyncMsg at trigger time and sent via a separate TopicChannelMembership code path. This meant removals were lost if a remote was offline, since ChannelMembers hard-deletes rows. Now, membership changes are fetched from ChannelMemberHistory at sync time using the LastMembersSyncAt cursor, detecting both joins and leaves reliably. The data flows through the normal syncForRemote pipeline alongside posts, reactions, and other sync data. Key changes: - Add GetMembershipChanges store method for ChannelMemberHistory - Add fetchMembershipsForSync and sendMembershipSyncData to sync pipeline - Replace HandleMembershipChange with NotifyMembershipChanged (trigger-only) - Remove conflict detection (idempotent add/remove resolves naturally) - Remove per-user membership tracking (GetUserChanges, UpdateUserLastMembershipSyncAt) - Add MembershipErrors to SyncResponse - Keep TopicChannelMembership receiver for one release cycle (backward compat)	2026-03-23 10:12:17 -04:00
Julien Tant	1dea4b1378	Add unit tests for ScheduledPost model (#35565) ... * Add unit tests for ScheduledPost model Cover all methods: BaseIsValid, IsValid, PreSave, PreUpdate, ToPost, Auditable, RestoreNonUpdatableFields, SanitizeInput, and GetPriority. Includes validation branch coverage through Draft delegation chain. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Address review findings for ScheduledPost tests - Use require.Nil on valid-path validation checks (match post_test.go) - Use require.Error/require.Nil on error-path ToPost subtests - Add require.NotNil guards for inner pointer fields before dereference - Add ToPost test for non-nil Metadata with empty Priority Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix typo in ScheduledPost.ToPost comment Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Seed real metadata fields in ToPost preservation tests Populate Embeds in both metadata subtests and assert they survive ToPost(), catching any replacement of the metadata struct. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Improve ScheduledPost Auditable metadata test to verify content preservation Seed a real PostMetadata with an emoji and assert the auditable output matches metadata.Auditable() instead of just checking non-nil. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-18 09:14:17 -07:00
David Krauser	1db8697315	[MM-67514] Fix crash when AppDownloadLink is set to a malformed URL (#35462) ... This commit fixes a crash in the webapp when native link URLs are malformed. Now we catch the exception instead of crashing, and we also validate URLs on the server side to avoid malformed URLs in the first place.	2026-03-16 15:25:50 -04:00
David Krauser	7425c6817b	[MM-67741] Scope role_updated WS events to affected team/channel (#35497) ... With this change, we now scope role_updated websocket events to users that need to receive them. Built-in and unowned role broadcast globally, team-scheme roles emit one event per team using the role, channel-scheme roles emit one event per channel using the role. To efficiently find a role's owning scheme, a schemeid column is added to the roles table. The ID is set when the scheme creates its related roles.	2026-03-16 14:36:55 -04:00
Nick Misasi	0192d529ed	PermissionManageOauth removal impact (#35554) ... * Restore manage oauth permission Co-authored-by: Nick Misasi <nick13misasi@gmail.com> * Fix migration test lint assertion Co-authored-by: Nick Misasi <nick13misasi@gmail.com> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com>	2026-03-15 12:05:29 -04:00
Maria A Nunez	2efee7ec28	Add single-channel guests filter and channel count column to System Console Users (#35517) ... * Add single-channel guests filter and channel count column to System Console Users - Add guest_filter query parameter to Reports API with store-level filtering by guest channel membership count (all, single_channel, multi_channel) - Add channel_count field to user report responses and CSV exports - Add grouped guest role filter options in the filter popover - Add toggleable Channel count column to the users table - Add GuestFilter and SearchTerm to Go client GetUsersForReporting - Add tests: API parsing, API integration, app job dedup, webapp utils, E2E column data rendering Made-with: Cursor * Fix gofmt alignment and isolate guest store tests - Align GuestFilter constants to satisfy gofmt - Move guest user/channel setup into a nested sub-test to avoid breaking existing ordering and role filter assertions Made-with: Cursor * Exclude archived channels from guest filter queries and ChannelCount The ChannelMembers subqueries for guest_filter (single/multi channel) and the ChannelCount column did not join with Channels to check DeleteAt = 0. Since channel archival soft-deletes (sets DeleteAt) but leaves ChannelMembers rows intact, archived channel memberships were incorrectly counted, potentially misclassifying guests between single-channel and multi-channel filters and inflating ChannelCount. - Join ChannelMembers with Channels (DeleteAt = 0) in all three subqueries in applyUserReportFilter and GetUserReport - Add store test covering archived channel exclusion - Tighten existing guest filter test assertions with found-flags and exact count checks Made-with: Cursor * Exclude DM/GM from guest channel counts, validate GuestFilter, fix dropdown divider - Scope ChannelCount and guest filter subqueries to Open/Private channel types only (exclude DM and GM), so a guest with one team channel plus a DM is correctly classified as single-channel - Add GuestFilter validation in UserReportOptions.IsValid with AllowedGuestFilters whitelist - Add API test for invalid guest_filter rejection (400) - Add store regression test for DM/GM exclusion - Fix role filter dropdown: hide the divider above the first group heading via CSS rule on DropDown__group:first-child - Update E2E test label to match "Guests in a single channel" wording Made-with: Cursor * Add store test coverage for private and GM channel types Private channels (type P) should be counted in ChannelCount and guest filters, while GM channels (type G) should not. Add a test that creates a guest with memberships in an open channel, a private channel, and a GM, then asserts ChannelCount = 2, multi-channel filter includes the guest, and single-channel filter excludes them. Made-with: Cursor * Add server i18n translation for invalid_guest_filter error The new error ID model.user_report_options.is_valid.invalid_guest_filter was missing from server/i18n/en.json, causing CI to fail. Made-with: Cursor * Make filter dropdown dividers full width Remove the horizontal inset from grouped dropdown separators so the system user role filter dividers span edge to edge across the menu. Leave the unrelated webapp/package-lock.json change uncommitted. Made-with: Cursor * Optimize guest channel report filters. Use per-user channel count subqueries for the single- and multi-channel guest filters so the report avoids aggregating all channel memberships before filtering guests.	2026-03-12 12:50:53 -04:00
Harshil Sharma	52858082fe	Anonymous URLs (#35493) ... * COmposing messages with redacted URLs * Handled non member channels * Some refinements * Optimizations * lint fixes * cleaned up hasObfuscatedSlug test * Fixed a test * Added system console setting * WIP * fixed channel seelection double selection bug * LInt fixes * i18n fixes * fixed test * CI * renamed setting * lint fixes * lint fixes * WIP * Combined TeamSignupDisplayNamePage and TeamUrl component into a single CreateTeamForm component * Converted CreateTeamForm to functional component * Refactored to mnake code cleaner * Handle team creation with setting enabled * Skipped team URL step if secure URL feature is enabled * Managed button text and steps in team creation flow * lint fixes * Don't register team URL path when using secure URL * Display team display name instead of name in system console top nav bar * Fixed tests * Fixed coderabbit issues * Fixed type errors * Optimization * improvements * Handled API errors during team creation when using secure URL setting * Some refinements * Added test * Updaetd tests, and trimming when reading instead of writing * Added tests for new components * Added BackstageNavbar tests * Restored package lock * lint fix * Updaetd plugin API * Updated team creation tests * Added tests for ChannelNameFormField * Added plugin API tests * Updated API terst * Review fixes * Added test for ConvertGmToChannelModal component * Added EA license check for secure urls feature * restored package lock * Fixed GM conversion test * Fixed team creation tests * remove message composition changes * remove message composition changes * remove message composition changes * restored a file * lint fix * renamed feature * used model.SafeDereference * Added E2E tests * add secure URL Playwright coverage Expand the secure URLs Playwright coverage to validate creation, routing, rename flows, system console configuration, and search/navigation behavior while adding the page objects needed to keep the tests maintainable. Made-with: Cursor * rename secure URLs copy to anonymous URLs Align the admin console and Playwright coverage with the Anonymous URLs feature name while preserving the existing UseAnonymousURLs config behavior and validating the renamed test surfaces. Made-with: Cursor * Update team creation CTA for anonymous URLs Show Create in the single-step anonymous URL flow while preserving Next and Finish in the standard team creation flow. Update unit and Playwright coverage to match the revised create-team UX. Made-with: Cursor --------- Co-authored-by: maria.nunez <maria.nunez@mattermost.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-12 10:32:29 -04:00
Ben Schumacher	b6e5264731	[MM-67739] Rename SlackAttachment to MessageAttachment across the codebase (#35445) ... Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-10 16:37:21 +01:00
Maria A Nunez	461db71178	Add single-channel guest tracking and reporting (#35451) ... * Add single-channel guest tracking and reporting - Add AnalyticsGetSingleChannelGuestCount store method to count guests in exactly one channel - Exclude single-channel guests from active user seat count in GetServerLimits - Add single-channel guest count to standard analytics response - Add Single-channel Guests card to System Statistics page with overage warning - Add Single-channel guests row to Edition and License page with overage styling - Add dismissible admin-only banner when single-channel guest limit is exceeded - Gate feature behind non-Entry SKU and guest accounts enabled checks - Re-fetch server limits on config changes for reactive UI updates - Fix label alignment in license details panel Made-with: Cursor * Refine single-channel guest tracking - Remove license GuestAccounts feature check from shouldTrackSingleChannelGuests (only config matters) - Re-add getServerLimits calls on page mount for fresh data - Remove config-change reactivity code (componentDidUpdate, useEffect) - Add server i18n translations for error strings - Sync webapp i18n via extract - Add inline comments for business logic - Restore struct field comments in ServerLimits model - Add Playwright E2E tests for single-channel guest feature - Fix label alignment in license details panel Made-with: Cursor * Guests over limit fixes and PR feedback * Fix linter issues and code quality improvements - Use max() builtin to clamp adjusted user count instead of if-statement (modernize linter) - Change banner type from ADVISOR to CRITICAL for proper red color styling Made-with: Cursor * Fix overage warnings incorrectly counting single-channel guests Single-channel guests are free and should not trigger license seat overage warnings. Update all overage checks to use serverLimits.activeUserCount (seat-adjusted, excluding SCG) instead of the raw total_users_count or TOTAL_USERS analytics stat. - UserSeatAlertBanner on License page: use serverLimits.activeUserCount - UserSeatAlertBanner on Site Statistics page: use serverLimits.activeUserCount - ActivatedUserCard display and overage check: use serverLimits.activeUserCount - OverageUsersBanner: use serverLimits.activeUserCount Made-with: Cursor * Use license.Users as fallback for singleChannelGuestLimit before limits load This prevents the SingleChannelGuestsCard from showing a false overage state before serverLimits has been fetched, while still rendering the card immediately on page load. Made-with: Cursor * Fix invite modal overage banner incorrectly counting single-channel guests Made-with: Cursor * Fix invitation modal tests missing limits entity in mock state Made-with: Cursor * Fix tests * Add E2E test for single-channel guest exceeded limit scenario Made-with: Cursor * Fix TypeScript errors in single channel guests E2E test Made-with: Cursor * Fix channel name validation error caused by unawaited async getRandomId() Made-with: Cursor * Add contextual tooltips to stat cards when guest accounts are enabled Made-with: Cursor * Code review feedback: query builder, readability, tooltips, and alignment fixes Made-with: Cursor * Fix license page tooltip alignment, width, and SaveLicense SCG exclusion Made-with: Cursor * Fix banner dismiss, license spacing, and add dismiss test Made-with: Cursor * Exclude DM/GM channels from single-channel guest count and fix E2E tests Filter the AnalyticsGetSingleChannelGuestCount query to only count memberships in public/private channels, excluding DMs and GMs. Update store tests with DM-only, GM-only, and mixed membership cases. Fix E2E overage test to mock the server limits API instead of skipping, and correct banner locator to use data-testid. Made-with: Cursor	2026-03-10 10:31:10 -04:00
Christopher Poile	2ada8d7659	MM-67540 - Allow searching public channel messages without channel membership (#35298) ... * UpdateByQuery methods for channel_type; rewrite reindexChannelPosts log pre-fetch error in channel Update and upgrade reindexChannelPosts to error level * add backfill orchestration, config listener, webapp toggle changes fix misleading backfill complete log when SaveOrUpdate fails * add integration & unit tests for public channel search and backfill * fix nil pointer dereference on UpdateByQuery response and log partial failures * add tests for compliance mode override and P channel post leakage * update system console snapshots * add instructions to error message * improve compliance-mode test * getAllChannels doesn't filter by O/S, need to do ourselves * in search, load channel info for channels we're not a member of * blank commit -- something is wrong with github, maybe this will help * improve channelType passing; error msg; simplify settings naming * debug logging for timing backfill and channel change; TO BE REVERTED * fix getMissingChannelsFromFiles in search as well * blank commit	2026-03-09 14:07:44 -04:00
Maria A Nunez	f1b9aa052e	Rename Content Flagging to Data Spillage Handling (#35407) ... * Rename Content Flagging to Data Spillage Handling Update all user-facing text to use "Data Spillage Handling" and "Quarantine for Review" terminology. Rename i18n keys that referenced content flagging. Auto-patch bot display name on pre-existing servers. Co-authored-by: Cursor <cursoragent@cursor.com> * Fixed searchable stringgs * Revert unintended package-lock.json changes Co-authored-by: Cursor <cursoragent@cursor.com> * Fix i18n extract check: correct typo and key ordering Fix "posed" -> "posted" typo in keep/remove quarantine modal defaultMessages. Move admin.contentFlagging.title to correct alphabetical position in en.json. Co-authored-by: Cursor <cursoragent@cursor.com> * Fix webapp tests for Data Spillage Handling rename Update test assertions to match renamed i18n strings: notification settings, content reviewers, and additional settings tests now expect the new quarantine terminology. Co-authored-by: Cursor <cursoragent@cursor.com> * Use translatable i18n strings for notification messages Replace hardcoded "flagged for review" notification templates with i18n.T() calls using "quarantined for review" terminology. Add six new server i18n keys for author, reporter, and reviewer notifications. Co-authored-by: Cursor <cursoragent@cursor.com> * Fix server i18n key mismatches and update test assertions Rename remaining app.content_flagging.* keys to app.data_spillage.* in server/i18n/en.json to match Go code references. Fix the quarantine_post_confirmation key name. Update test assertions to match new "quarantined for review" terminology. Co-authored-by: Cursor <cursoragent@cursor.com> * Fix gofmt formatting in content_flagging.go Co-authored-by: Cursor <cursoragent@cursor.com> * Prevent nil bot on PatchBot failure in getContentReviewBot Use a separate variable for PatchBot result so the original bot is preserved if the display name update fails. Co-authored-by: Cursor <cursoragent@cursor.com> * Reorder server i18n keys after extract Run mmgotool i18n extract to sort entries into correct alphabetical order. Co-authored-by: Cursor <cursoragent@cursor.com> * Replace i18n.T() with fmt.Sprintf for notification messages and fix test assertions Use direct string formatting for bot notification messages instead of i18n translation keys, which were being removed by mmgotool i18n extract due to indirect key references. Also update test expectations for renamed error keys (content_flagging -> data_spillage). Co-authored-by: Cursor <cursoragent@cursor.com> * Update default quarantine reasons to DISC-aligned terminology Replace generic content moderation reasons with defense/intelligence sector terminology: Classification mismatch, Need-to-know violation, PII exposure, OPSEC concern, CUI violation, Unauthorized disclosure, and Other. Updated across model, API tests, webapp tests, and e2e tests. Co-authored-by: Cursor <cursoragent@cursor.com> * Adding a string missing from bad merge * Update remaining flagged terminology and icon for data spillage rename - Change post menu icon from flag-outline to alert-outline - Update reviewer notification: "quarantined" -> "submitted" a message - Update action notifications: "flagged message" -> "quarantined message" - Update modal errors: "flagging" -> "quarantining" this message - Update report title: "flagged" -> "submitted" a message for review - Update e2e page object locator for renamed menu item Made-with: Cursor * Fix tests * Fix quarantine icon alignment in post dot menu Use AlertOutlineIcon React component with size={18} instead of raw <i> tag to match the sizing of all other menu item icons. Made-with: Cursor * Fixed E2E tests * Missing test fix * Fix E2E tests --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-06 21:15:01 -05:00
Doug Lauder	e31f471498	MM-67647 Add roles for shared channels management (#35354) ... * Add shared_channel_manager and secure_connection_manager built-in roles Introduce two new delegated admin roles for granular Shared Channels permission management, allowing admins to assign shared channel and secure connection management to specific non-admin users without granting full System Admin or System Manager access. - shared_channel_manager: grants manage_shared_channels permission - secure_connection_manager: grants manage_secure_connections permission Includes server role definitions, app migrations, permissions migrations, System Console UI support, and API permission tests.	2026-03-06 10:51:21 -05:00
Guillermo Vayá	f5fe8ded6b	[MM-67377] Fix (#35336) ... fix MM-67377	2026-03-06 13:39:48 +01:00
unified-ci-app[bot]	7f0fa4937d	Update latest minor version to 11.6.0 (#35479) ... Automatic Merge	2026-03-05 08:55:22 +01:00
Ben Cooke	e296a314bb	[MM-67677] Adjust max autotranslations workers to 64 (#35463)	2026-03-04 16:29:40 -05:00
Devin Binnie	885ebdd4f1	[MM-67425] Add an unsupported Desktop App setting and screen for users (#35382) ... * [MM-67425] Add an unsupported Desktop App setting and screen for users * Remove console.log statements * Fix e2e test config * Add e2e test * PR feedback * Update server/channels/web/static.go Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * PR feedback * Fix i18n * PR feedback * PR feedback * PR feedback * Gofmt --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>	2026-03-04 15:16:11 +00:00
Ben Schumacher	a9a3d3f889	[MM-65587] Remove unused audit log file rotation settings (#35170) ... Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-03-04 13:54:17 +01:00
Maria A Nunez	e6cd18c90b	Fix IntuneSettings config access tags to use correct permission ID (#35414) ... IntuneSettings fields had access:"mobile_intune" tags, but no matching permission exists in AllPermissions. Changed to "environment_mobile_security" to match the existing permissions defined in permission.go. Also added TestConfigAccessTagsMapToValidPermissions to validate all config access tags resolve to real permissions. Jira https://mattermost.atlassian.net/browse/MM-67693 Co-authored-by: Cursor <cursoragent@cursor.com>	2026-02-27 17:53:11 -05:00
Ben Schumacher	60fbce7d03	[MM-67671] Add CJK Post search support for PostgreSQL (#35260) ... Add LIKE-based CJK (Chinese, Japanese, Korean) search support for PostgreSQL, gated behind a `CJKSearch` feature flag. PostgreSQL's built-in full-text search (`to_tsvector`/`to_tsquery`) does not support CJK languages because it relies on whitespace-based tokenization, which doesn't work for logographic/syllabic scripts that don't use spaces between words. This PR adds a `LIKE`-based fallback for search terms containing CJK characters. **How it works:** When the `CJKSearch` feature flag is enabled and a search term contains CJK characters (Han, Hiragana, Katakana, or Hangul), the query builder generates `LIKE '%term%'` clauses instead of `to_tsvector @@ to_tsquery` expressions. Case-sensitive `LIKE` is used rather than `ILIKE` since CJK scripts have no letter casing, which also allows potential use of standard B-tree indexes.	2026-02-25 10:18:51 -05:00
Harshil Sharma	b96f7c1a8d	Content flagging actions implementation tests (#35035) ... * Added tests for TestGetFlaggingConfiguration * added tests for RemoveFlaggedPost * added tests for KeepFlaggedPost * Added tests for scrubPost and keep flagged post APp layer functions * Added tests for DeleteAllForPost * added tests for DeleteAllPostRemindersForPost * Added tests for DataSpillageFooter * Added tests for KeepRemoveFlaggedMessageConfirmationModal * Added tests for KeepRemoveFlaggedMessageConfirmationModal * Fixed lint errors * lint fix * Fixed query param * fixed tests * Used middleware to check for content flagging basic checks * Added TestRequireContentFlaggingEnabled * Updated tests * refactoring to reduce code duplication * review fixes --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-23 06:15:40 +05:30
Ben Cooke	334c1bcbb7	update default worker count for autotranslations (#35355)	2026-02-20 15:09:47 -05:00
Nick Misasi	5d3a04760b	[MM-67605] Add DCR redirect URI allowlist for OAuth DCR (#35291) ... * [MM-67605] Add DCR redirect URI allowlist enforcement Introduce ServiceSettings.DCRRedirectURIAllowlist with glob-based validation and enforce it during OAuth dynamic client registration to block unapproved redirect URIs. Add System Console wiring and tests for config validation, wildcard matching semantics, API error behavior, and localhost wildcard support. Co-authored-by: Cursor <cursoragent@cursor.com> * Fix pre-commit checks: TypeScript type assertion, gofmt, and regenerate CI artifacts - admin_definition_dcr_allowlist.test.tsx: Add AdminDefinitionSettingInput type assertion for 'multiple' property - oauth_dcr_test.go: Fix comment spacing (gofmt) - Regenerate mocks, go.sum, gen-serialized, mmctl-docs per CI requirements Co-authored-by: Cursor <cursoragent@cursor.com> * Revert unnecessary pre-commit regenerations Revert mmctl docs, mocks, go.sum, and gen-serialized to master. Keep only the TypeScript and gofmt fixes from the previous commit. Co-authored-by: Cursor <cursoragent@cursor.com> * Fix import order in admin_definition_dcr_allowlist.test.tsx Co-authored-by: Cursor <cursoragent@cursor.com> * Fix i18n * Update server/public/model/oauth_dcr.go Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com> * Fix --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-19 01:06:08 +00:00
Ben Cooke	324b4937fd	libre key fix (#35297)	2026-02-18 13:01:03 -05:00
Scott Bishel	53aa05d8c6	Interactive Dialog - DateTime manual entry and timezone support (#34932) ... * Respect user display preferences for date and time formatting User Preference Support: - Read isUseMilitaryTime preference from user settings - Apply 24-hour format when enabled (14:00 instead of 2:00 PM) - Apply 12-hour format when disabled (2:00 PM instead of 14:00) - Pass useTime prop to Timestamp component with correct hourCycle/hour12 Date Formatting Consistency: - Create formatDateForDisplay() utility in date_utils.ts - Centralize date formatting logic (month: 'short', day/year: 'numeric') - Use consistent "Jan 15, 2025" format across all date/datetime fields - Replace DateTime.fromJSDate().toLocaleString() which varies by browser Components Updated: - DateTimeInput: Use isMilitaryTime for dropdown and selected time display - DateTimeInput: Use formatDateForDisplay for date display - AppsFormDateField: Use formatDateForDisplay instead of inline Intl code Tests Added: - 4 tests for user preference handling (military time, locale) - 5 tests for formatDateForDisplay utility - Updated snapshot for Timestamp changes Benefits: - Single source of truth for date formatting - Easy to change format globally by updating one function - Respects user preferences consistently - Fixes inconsistency where datetime showed "1/1/2026" vs date showing "Jan 1, 2026" 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * Add timezone and manual time entry support for datetime fields Object Model: - Create DialogDateTimeConfig with TimeInterval, LocationTimezone, AllowManualTimeEntry - Add DateTimeConfig field to DialogElement - Keep legacy MinDate, MaxDate, TimeInterval for fallback Timezone Support (location_timezone): - Display datetime in specific IANA timezone (e.g., "Europe/London", "Asia/Tokyo") - Show timezone indicator: "🌍 Times in GMT" - Preserve timezone through all operations - Fix momentToString to clone before converting to UTC (prevents mutation) - Use moment.tz array syntax for timezone-safe moment creation - Generate time intervals starting at midnight in display timezone Manual Time Entry (allow_manual_time_entry): - Add parseTimeString() function supporting multiple formats: - 12-hour: 12a, 12:30p, 3:45pm - 24-hour: 14:30, 9:15 - Add TimeInputManual component with text input - Conditional rendering: manual input OR dropdown - No rounding for manual entry (exact minutes preserved) - No auto-advance (validation only, show error for invalid format) - Respects user's 12h/24h preference for placeholder Critical Bug Fixes: - Fix getTimeInIntervals to return Moment[] instead of Date[] (preserves timezone) - Fix momentToString mutation: use .clone() before .utc() - Use .clone() when calling .startOf('day') to preserve timezone - Use moment.tz([...], timezone) array syntax instead of .tz().hour() mutation - Display selected time using .format() instead of Timestamp component - Fix null handling: optional fields start empty, show '--:--' - Manual entry gets exact current time, dropdown gets rounded time Component Updates: - DateTimeInput: Add TimeInputManual component, parseTimeString, timezone handling - AppsFormDateTimeField: Extract config, timezone indicator, pass timezone to child - Modal components: Handle Moment | null signatures - CSS: Add manual entry input styles with error states Features: - Timezone-aware time generation (dropdown starts at midnight in display TZ) - Manual entry works with timezones (creates moments in correct TZ) - Optional fields start empty (null value, no display default) - Required datetime fields get rounded default from apps_form_component 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * Fix momentToString mutation - clone before converting to UTC Prevents .utc() from mutating the original moment object. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * Add E2E test for 12h/24h time preference support Test MM-T2530H verifies that datetime fields respect user's display preference: - Sets preference to 24-hour format - Verifies dropdown shows times as 14:00, 15:00, etc. - Verifies selected time displays in 24-hour format - Changes preference to 12-hour format - Verifies dropdown shows times as 2:00 PM, 3:00 PM, etc. Uses cy.apiSaveClockDisplayModeTo24HourPreference() to set user preference. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * Auto-round time to interval boundaries in DateTimeInput Automatically rounds displayed time to timePickerInterval to ensure consistent behavior across all callers. Problem: - DND modal and Custom Status modal showed unrounded times (e.g., 13:47) - Should show rounded times (e.g., 14:00) to match dropdown intervals - Some callers pre-rounded, others didn't (inconsistent) Solution: - Add useEffect in DateTimeInput that auto-rounds on mount - Only calls handleChange if time needs rounding - Uses timePickerInterval prop or 30-minute default - Harmless for callers that already pre-round (no change triggered) Behavior: - DND modal: Now shows 14:00 instead of 13:47 - Custom Status: Still works (already pre-rounded, so no-op) - Post Reminder: Still works (already pre-rounded, so no-op) - Interactive Dialog: Still works (uses custom intervals) Added 3 unit tests for auto-rounding behavior. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * lint fix * Add deferred login cleanup to post_test.go 'not logged in' test Ensures the test helper is logged back in after the logout test completes, preventing test state issues for subsequent tests. Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * Add unit tests for parseTimeString and timezone handling parseTimeString tests (9 test cases): - 12-hour format with AM/PM (12a, 3:30pm, etc.) - 24-hour format (14:30, 23:59, etc.) - Time without minutes (defaults to :00) - Invalid hours, minutes, and formats - Edge cases (midnight 12:00am, noon 12:00pm) Timezone handling tests (3 test cases): - Preserve timezone in getTimeInIntervals - Generate intervals starting at midnight in timezone - Timezone conversion pattern verification Total: 12 new tests added (32 total in file) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * Add E2E tests and webhook support for timezone/manual entry E2E Tests Added (MM-T2530O through MM-T2530S): - MM-T2530O: Manual time entry basic functionality - MM-T2530P: Manual time entry multiple formats (12a, 14:30, 9pm) - MM-T2530Q: Manual time entry invalid format handling - MM-T2530R: Timezone support dropdown (London GMT) - MM-T2530S: Timezone support manual entry (London GMT) Webhook Server Support: - Added getTimezoneManualDialog() to webhook_utils.js - Added 'timezone-manual' case to webhook_serve.js - Dialog with 3 fields: local manual, London dropdown, London manual Bug Fixes: - Skip auto-rounding for allowManualTimeEntry fields (preserve exact minutes) - Generate dropdown options even when displayTime is null (use currentTime fallback) - Scope Cypress selectors with .within() to avoid duplicate ID issues All tests passing (13 total datetime tests). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * Fix ESLint no-multi-spaces in apps.ts Remove extra spacing before comments to comply with ESLint rules. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * Fix gofmt formatting in integration_action.go Align Options, MultiSelect, and Refresh field spacing to match Go formatting standards. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * more lint fixes * css lint fix * i18n-extract * lint fixes * update snapshot * Fix modal scroll containment for datetime fields The .modal-overflow class was applying overflow: visible to .modal-body, which broke scroll containment when datetime fields were present. This caused the entire form to scroll instead of scrolling within the modal-body viewport. Changes: - Remove .modal-body overflow override from .modal-overflow class to preserve scroll containment while still allowing date/time popups to display correctly via z-index - Remove italic styling from timezone indicator for cleaner appearance - Remove redundant "Time" label from manual time entry input (aria-label is sufficient for accessibility) - Add CSS rule to ensure "(optional)" label text is not bold Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> * fixes for cypress tests * fix for using timezone crossing dates * fix dateonly strings parse failures * regex fix * linter fix --------- Co-authored-by: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com> Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-16 13:32:31 -07:00
Scott Bishel	ad39398eee	Add support for channel mentions in webhook attachments (#34235) ... * Add support for channel mentions in webhook attachments Implement client-side channel mention rendering in incoming webhook attachments. Channel mentions (~channel-name) now render as clickable links in attachment content fields (pretext, text, field values) while correctly remaining as plain text in title/label fields.	2026-02-16 13:31:32 -07:00
Felipe Martin	1be8a68dd7	feat: pluginapi: filewillbedownloaded / sendtoastmessage (#34596) ... * feat: filewillbedonwloaded hook * feat: error popup * chore: make generated pluginapi * tests * feat: different errors for different download types * feat: allow toast positions * fix: avoid using deprecated i18n function * feat: add plugin API to show toasts * feat: downloadType parameter * tests: updated tests * chore: make check-style * chore: i18n * chore: missing fields in tests * chore: sorted i18n for webapp * chore: run mmjstool * test: fixed webapp tests with new changes * test: missing mocks * fix: ensure one-file attachments (previews) are handler properly as thumbnails * chore: lint * test: added new logic to tests * chore: lint * Add SendToastMessage API and FileWillBeDownloaded hook - Introduced SendToastMessage method for sending toast notifications to users with customizable options. - Added FileWillBeDownloaded hook to handle file download requests, allowing plugins to control access to files. - Updated related types and constants for file download handling. - Enhanced PluginSettings to include HookTimeoutSeconds for better timeout management. * Update webapp/channels/src/components/single_image_view/single_image_view.tsx Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * chore: copilot reviews * test: head requests * chore: linted the webapp * tests: fixed path * test: fixed mocked args * allow sending message to a connection directly * fix: hook thread safety * chore: formatting * chore: remove configuration from system console * chore: release version * chore: update signature * chore: update release version * chore: addressed comments * fix: update file rejection handling to use 403 Forbidden status and include rejection reason header * Fix nil pointer panic in runFileWillBeDownloadedHook The atomic.Value in runFileWillBeDownloadedHook can be nil if no plugins implement the FileWillBeDownloaded hook. This causes a panic when trying to assert the nil interface to string. This fix adds a nil check before the type assertion, defaulting to an empty string (which allows the download) when no hooks have run. Fixes: - TestUploadDataMultipart/success panic - TestUploadDataMultipart/resume_success panic * test: move the logout test last * chore: restored accidential deletion * chore: lint * chore: make generated * refactor: move websocket events to new package * chore: go vet * chore: missing mock * chore: revert incorrect fmt * chore: import ordering * chore: npm i18n-extract * chore: update constants.tsx from master * chore: make i18n-extract * revert: conflict merge * fix: add missing isFileRejected prop to SingleImageView tests * fix: mock fetch in SingleImageView tests for async thumbnail check The component now performs an async fetch to check thumbnail availability before rendering. Tests need to mock fetch and use waitFor to handle the async state updates. * refactor: move hook logic to app layer * chore: update version to 11.5 * Scope file download rejection toast to the requesting connection Thread the Connection-Id header through RunFileWillBeDownloadedHook and sendFileDownloadRejectedEvent so the WebSocket event is sent only to the connection that initiated the download, instead of all connections for the user. --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2026-02-16 17:10:39 +01:00
Pablo Vélez	37a9a30f40	Mm 66813 sso callback metadata (#34955) ... * MM-66813 - Add server origin verification to mobile SSO callbacks * Enhance mobile SSO security and deprecate code-exchange * Update code-exchange deprecation to follow MM standards * Use config SiteURL for srv param, fix flow terminology --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-16 11:07:02 -05:00
Daniel Espino García	d87527b374	[MM-67488] Set autotranslation feature flag default to true (#35288)	2026-02-16 12:53:29 +01:00
M-ZubairAhmed	cd8b22af99	[MM-65979] Add Prometheus metrics for plugin webapp performance (#35075)	2026-02-13 18:07:54 +05:30
Carlos Garcia	feca30d85f	support for Elastic(Open)search CJK analysis plugins (#34784) ... * support for Elastic(Open)search CJK analysis plugins * addresses PR review comments * addresses PR comments * moves CJK based tests to own file and adds some more Dockerfile for open and elasticsearch are changed to install required plugins for testing or running locally. * properly sort error messages * fix style issues * removes trailing space	2026-02-12 10:05:23 +01:00
Pablo Vélez	2bb605cb56	MM-66625 - Drop EnableChannelScopeAccessControl; use permission system only (#35232)	2026-02-12 01:07:15 -05:00
Christopher Poile	24957f5e22	[MM-63393] Add support for preferred_username claims (#30852) ... * rebased all prev commits into one (see commit desc) add UsePreferredUsername support to gitlab; tests resort en.json update an out of date comment webapp i18n simplify username logic new arguments needed in tests debug statements -- revert * merge conflicts * fix i18n --------- Co-authored-by: Mattermost Build <build@mattermost.com>	2026-02-10 10:10:27 -05:00
Ben Schumacher	9e7cd64800	[MM-67502] Sanitize secret plugin settings inside sections (#35214)	2026-02-10 08:24:21 +01:00
Ben Cooke	76b3528c2b	[MM-67231] Etag fixes for autotranslations (#35196)	2026-02-09 18:32:26 -05:00