-
Notifications
You must be signed in to change notification settings - Fork 84
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[GH-326] Added subscription flag for filtering out confidential issues, and disallow guests from creating subscriptions #376
Conversation
… subscriptions (#37) * [MI-3045]:Added checks for confidential issues * [MI-3045]:Added unit test cases * [MI-3045]:Fixed self review comments * [MI-3045]:Fixed unit test cases * [MI-3045]:Fixed lint errors * [MI-3045]:Fixed review comments * [MI-3045]:Fixed context deadline error * [MI-3045]:Fixed review comments * [MI-3045]:Fixed statements
Hello @Kshitij-Katiyar, Thanks for your pull request! A Core Committer will review your pull request soon. For code contributions, you can learn more about the review process here. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #376 +/- ##
==========================================
+ Coverage 33.40% 33.99% +0.59%
==========================================
Files 22 22
Lines 3979 3992 +13
==========================================
+ Hits 1329 1357 +28
+ Misses 2519 2499 -20
- Partials 131 136 +5 ☔ View full report in Codecov by Sentry. |
@@ -21,6 +21,7 @@ const commandHelp = `* |/gitlab connect| - Connect your Mattermost account to yo | |||
* |/gitlab subscriptions add owner[/repo] [features]| - Subscribe the current channel to receive notifications about opened merge requests and issues for a group or repository | |||
* |features| is a comma-delimited list of one or more the following: | |||
* issues - includes new and closed issues | |||
* confidential_issues - includes new and closed confidential issues |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We may want to make this opt-in, so as to not break existing subscriptions. If this is the case, the flag should be exclude_confidential_issues
. Thoughts on this? @jupenur @esarafianou
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mickmister Fixed all the review comments apart for this one. Waiting for replies.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hanzei Do you have an opinion on this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mickmister Hadn't been notified about this ping and bumped into it today.
The ideal behavior is secure by default. That would mean excluding confidential issues by default.
Since this is a breaking change for existing subscriptions, we can consider a major release.
…#38) * [MI-3060]:Fixed review comments of PR mattermost#376 on gitlab plugin * [MI-3060]:Fixed test cases * [MI-3060]:Updated the msg * [MI-3060]:Fixed the test cases
This PR has been automatically labelled "stale" because it hasn't had recent activity. |
@Kshitij-Katiyar Heads up that there are conflicts to resolve here |
@mickmister Fixed the merge conflicts |
@@ -21,6 +21,7 @@ const commandHelp = `* |/gitlab connect| - Connect your Mattermost account to yo | |||
* |/gitlab subscriptions add owner[/repo] [features]| - Subscribe the current channel to receive notifications about opened merge requests and issues for a group or repository | |||
* |features| is a comma-delimited list of one or more the following: | |||
* issues - includes new and closed issues | |||
* confidential_issues - includes new and closed confidential issues |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hanzei Do you have an opinion on this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This PR has been automatically labelled "stale" because it hasn't had recent activity. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@DHaussermann The PR is ready for your review |
This PR has been automatically labelled "stale" because it hasn't had recent activity. |
@Kshitij-Katiyar Heads up that there are conflicts to resolve here |
@Kshitij-Katiyar gentle reminder to resolve the conflicts |
@hanzei resolved the conflicts. |
@raghavaggarwal2308 While testing this PR, none of the above conditions were found working. The guest user on MM was able to create a subscription and also there wasn't any flag for confidential issues in subscription slash command. Please go-through this once. |
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @raghavaggarwal2308 for the assistance.
The above PR has been tested for the following features:-
- There is a seperate flag added for creating a subscription for confidential issues.
- A user with a guest access of any repo on Gitlab cannot create a subscription in MM.
The PR was working fine for both the above conditions, LGTM. Approved.
Summary
Issue