From 3b650018e568fe9e1aa5f5663d612e9c493c0445 Mon Sep 17 00:00:00 2001 From: Kevin Aleman Date: Mon, 29 Apr 2024 10:25:22 -0600 Subject: [PATCH 1/3] fix: Server sending 2 notifications when `@all/@here` were used by a user without permissions (#32289) --- .changeset/flat-starfishes-crash.md | 5 ++ .../app/lib/server/methods/sendMessage.ts | 3 +- .../hooks/BeforeSavePreventMention.ts | 13 +--- .../server/services/messages/service.ts | 2 +- .../meteor/tests/e2e/message-mentions.spec.ts | 62 +++++++++++++++++++ 5 files changed, 72 insertions(+), 13 deletions(-) create mode 100644 .changeset/flat-starfishes-crash.md diff --git a/.changeset/flat-starfishes-crash.md b/.changeset/flat-starfishes-crash.md new file mode 100644 index 000000000000..9c5bb2425f19 --- /dev/null +++ b/.changeset/flat-starfishes-crash.md @@ -0,0 +1,5 @@ +--- +'@rocket.chat/meteor': patch +--- + +Fixed a problem in how server was processing errors that was sending 2 ephemeral error messages when @all or @here were used while they were disabled via permissions diff --git a/apps/meteor/app/lib/server/methods/sendMessage.ts b/apps/meteor/app/lib/server/methods/sendMessage.ts index e12ebc2d47e9..5749daa980f3 100644 --- a/apps/meteor/app/lib/server/methods/sendMessage.ts +++ b/apps/meteor/app/lib/server/methods/sendMessage.ts @@ -87,8 +87,9 @@ export async function executeSendMessage(uid: IUser['_id'], message: AtLeast { await expect(poHomeChannel.content.messagePopupUsers.locator('role=listitem >> text="here"')).toBeVisible(); }); + test.describe('Should not allow to send @all mention if permission to do so is disabled', () => { + let targetChannel2: string; + test.beforeAll(async ({ api }) => { + expect((await api.post('/permissions.update', { permissions: [{ '_id': 'mention-all', 'roles': [] }] })).status()).toBe(200); + }); + + test.afterAll(async ({ api }) => { + expect((await api.post('/permissions.update', { permissions: [{ '_id': 'mention-all', 'roles': ['admin', 'owner', 'moderator', 'user'] }] })).status()).toBe(200); + await deleteChannel(api, targetChannel2); + }); + + test('expect to receive an error as notification when sending @all while permission is disabled', async ({ page }) => { + const adminPage = new HomeChannel(page); + + await test.step('create private room', async () => { + targetChannel2 = faker.string.uuid(); + + await poHomeChannel.sidenav.openNewByLabel('Channel'); + await poHomeChannel.sidenav.inputChannelName.type(targetChannel2); + await poHomeChannel.sidenav.btnCreate.click(); + + await expect(page).toHaveURL(`/group/${targetChannel2}`); + }); + await test.step('receive notify message', async () => { + await adminPage.sidenav.openChat(targetChannel2); + await adminPage.content.dispatchSlashCommand('@all'); + await expect(adminPage.content.lastUserMessage).toContainText('Notify all in this room is not allowed'); + }); + }); + }); + + test.describe('Should not allow to send @here mention if permission to do so is disabled', () => { + let targetChannel2: string; + test.beforeAll(async ({ api }) => { + expect((await api.post('/permissions.update', { permissions: [{ '_id': 'mention-here', 'roles': [] }] })).status()).toBe(200); + }); + + test.afterAll(async ({ api }) => { + expect((await api.post('/permissions.update', { permissions: [{ '_id': 'mention-here', 'roles': ['admin', 'owner', 'moderator', 'user'] }] })).status()).toBe(200); + await deleteChannel(api, targetChannel2); + }); + + test('expect to receive an error as notification when sending here while permission is disabled', async ({ page }) => { + const adminPage = new HomeChannel(page); + + await test.step('create private room', async () => { + targetChannel2 = faker.string.uuid(); + + await poHomeChannel.sidenav.openNewByLabel('Channel'); + await poHomeChannel.sidenav.inputChannelName.type(targetChannel2); + await poHomeChannel.sidenav.btnCreate.click(); + + await expect(page).toHaveURL(`/group/${targetChannel2}`); + }); + await test.step('receive notify message', async () => { + await adminPage.sidenav.openChat(targetChannel2); + await adminPage.content.dispatchSlashCommand('@here'); + await expect(adminPage.content.lastUserMessage).toContainText('Notify all in this room is not allowed'); + }); + }); + }); + test.describe('users not in channel', () => { let targetChannel: string; let targetChannel2: string; From bc50dd54a2b2a4c122cad68b50de249e77a915e6 Mon Sep 17 00:00:00 2001 From: Kevin Aleman Date: Mon, 29 Apr 2024 11:33:09 -0600 Subject: [PATCH 2/3] fix: `UserDataFiles` store uploads not proxied through server because of missing setting (#32182) --- .changeset/lazy-gorilas-shop.md | 6 ++++++ apps/meteor/server/settings/file-upload.ts | 21 +++++++++++++++++++++ packages/i18n/src/locales/en.i18n.json | 6 ++++++ 3 files changed, 33 insertions(+) create mode 100644 .changeset/lazy-gorilas-shop.md diff --git a/.changeset/lazy-gorilas-shop.md b/.changeset/lazy-gorilas-shop.md new file mode 100644 index 000000000000..c71610f703fc --- /dev/null +++ b/.changeset/lazy-gorilas-shop.md @@ -0,0 +1,6 @@ +--- +"@rocket.chat/meteor": patch +"@rocket.chat/i18n": patch +--- + +Fixed an issue with object storage settings that was not allowing admins to decide if files generated via "Export conversation" feature were being proxied through server or not. diff --git a/apps/meteor/server/settings/file-upload.ts b/apps/meteor/server/settings/file-upload.ts index 4be9dfd117a7..76e788cda0e2 100644 --- a/apps/meteor/server/settings/file-upload.ts +++ b/apps/meteor/server/settings/file-upload.ts @@ -187,6 +187,13 @@ export const createFileUploadSettings = () => value: 'AmazonS3', }, }); + await this.add('FileUpload_S3_Proxy_UserDataFiles', false, { + type: 'boolean', + enableQuery: { + _id: 'FileUpload_Storage_Type', + value: 'AmazonS3', + }, + }); }); await this.section('Google Cloud Storage', async function () { @@ -244,6 +251,13 @@ export const createFileUploadSettings = () => value: 'GoogleCloudStorage', }, }); + await this.add('FileUpload_GoogleStorage_Proxy_UserDataFiles', false, { + type: 'boolean', + enableQuery: { + _id: 'FileUpload_Storage_Type', + value: 'GoogleCloudStorage', + }, + }); }); await this.section('File System', async function () { @@ -302,6 +316,13 @@ export const createFileUploadSettings = () => value: 'Webdav', }, }); + await this.add('FileUpload_Webdav_Proxy_UserDataFiles', false, { + type: 'boolean', + enableQuery: { + _id: 'FileUpload_Storage_Type', + value: 'Webdav', + }, + }); }); await this.add('FileUpload_Enabled_Direct', true, { diff --git a/packages/i18n/src/locales/en.i18n.json b/packages/i18n/src/locales/en.i18n.json index 24fb91023e1a..5ac14f5a3b6b 100644 --- a/packages/i18n/src/locales/en.i18n.json +++ b/packages/i18n/src/locales/en.i18n.json @@ -2360,6 +2360,8 @@ "FileUpload_GoogleStorage_Proxy_Uploads": "Proxy Uploads", "FileUpload_GoogleStorage_Proxy_Uploads_Description": "Proxy upload file transmissions through your server instead of direct access to the asset's URL", "FileUpload_GoogleStorage_Secret": "Google Storage Secret", + "FileUpload_GoogleStorage_Proxy_UserDataFiles": "Proxy User Data Files", + "FileUpload_GoogleStorage_Proxy_UserDataFiles_Description": "Proxy user data file transmissions through your server instead of direct access to the asset's URL", "FileUpload_GoogleStorage_Secret_Description": "Please follow [these instructions](https://github.com/CulturalMe/meteor-slingshot#google-cloud) and paste the result here.", "FileUpload_json_web_token_secret_for_files": "File Upload Json Web Token Secret", "FileUpload_json_web_token_secret_for_files_description": "File Upload Json Web Token Secret (Used to be able to access uploaded files without authentication)", @@ -2390,6 +2392,8 @@ "FileUpload_S3_Proxy_Avatars_Description": "Proxy avatar file transmissions through your server instead of direct access to the asset's URL", "FileUpload_S3_Proxy_Uploads": "Proxy Uploads", "FileUpload_S3_Proxy_Uploads_Description": "Proxy upload file transmissions through your server instead of direct access to the asset's URL", + "FileUpload_S3_Proxy_UserDataFiles": "Proxy User Data Files", + "FileUpload_S3_Proxy_UserDataFiles_Description": "Proxy user data file transmissions through your server instead of direct access to the asset's URL", "Hold_Call_EE_only": "Hold Call (Enterprise Edition only)", "FileUpload_S3_Region": "Region", "FileUpload_S3_SignatureVersion": "Signature Version", @@ -2401,6 +2405,8 @@ "FileUpload_Webdav_Proxy_Avatars_Description": "Proxy avatar file transmissions through your server instead of direct access to the asset's URL", "FileUpload_Webdav_Proxy_Uploads": "Proxy Uploads", "FileUpload_Webdav_Proxy_Uploads_Description": "Proxy upload file transmissions through your server instead of direct access to the asset's URL", + "FileUpload_Webdav_Proxy_UserDataFiles": "Proxy User Data Files", + "FileUpload_Webdav_Proxy_UserDataFiles_Description": "Proxy user data file transmissions through your server instead of direct access to the asset's URL", "FileUpload_Webdav_Server_URL": "WebDAV Server Access URL", "FileUpload_Webdav_Upload_Folder_Path": "Upload Folder Path", "FileUpload_Webdav_Upload_Folder_Path_Description": "WebDAV folder path which the files should be uploaded to", From 6205ef14f0bb106044dda57f73bd5b28f89cb660 Mon Sep 17 00:00:00 2001 From: Yash Rajpal <58601732+yash-rajpal@users.noreply.github.com> Date: Mon, 29 Apr 2024 23:45:34 +0530 Subject: [PATCH 3/3] fix: Video Conf call joined translation param (#32327) --- .changeset/shiny-crabs-peel.md | 5 +++++ .../src/blocks/VideoConferenceBlock/VideoConferenceBlock.tsx | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 .changeset/shiny-crabs-peel.md diff --git a/.changeset/shiny-crabs-peel.md b/.changeset/shiny-crabs-peel.md new file mode 100644 index 000000000000..f4d066827bfc --- /dev/null +++ b/.changeset/shiny-crabs-peel.md @@ -0,0 +1,5 @@ +--- +'@rocket.chat/fuselage-ui-kit': patch +--- + +Fix translation param on video conf joined message diff --git a/packages/fuselage-ui-kit/src/blocks/VideoConferenceBlock/VideoConferenceBlock.tsx b/packages/fuselage-ui-kit/src/blocks/VideoConferenceBlock/VideoConferenceBlock.tsx index 58980848856d..81cfbe3f88bf 100644 --- a/packages/fuselage-ui-kit/src/blocks/VideoConferenceBlock/VideoConferenceBlock.tsx +++ b/packages/fuselage-ui-kit/src/blocks/VideoConferenceBlock/VideoConferenceBlock.tsx @@ -180,7 +180,7 @@ const VideoConferenceBlock = ({ {data.users.length > MAX_USERS ? t('__usersCount__member_joined', { - usersCount: data.users.length - MAX_USERS, + count: data.users.length - MAX_USERS, }) : t('joined')}