-
Notifications
You must be signed in to change notification settings - Fork 10.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Users can mention here
and all
even without permission
#29907
Conversation
🦋 Changeset detectedLatest commit: 4511596 The changes in this PR will be included in the next version bump. This PR includes changesets to release 24 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Codecov Report
@@ Coverage Diff @@
## develop #29907 +/- ##
===========================================
+ Coverage 47.85% 48.52% +0.67%
===========================================
Files 671 697 +26
Lines 13494 13906 +412
Branches 2438 2445 +7
===========================================
+ Hits 6457 6748 +291
- Misses 6659 6777 +118
- Partials 378 381 +3
Flags with carried forward coverage won't be shown. Click here to find out more. |
Proposed changes (including videos or screenshots)
@all
and@here
mentions callbacks verifications only after mentions are parsed.Issue(s)
Steps to test or reproduce
Insert a regular user (which has only the
user
role assigned to it) "A" in a room. Then, as an admin, remove themention-all
andmention-here
permissions from the user role.Logged in as user "A", try to send a message tagging
@all
and@here
.Current behavior: the message is sent.
Expected behavior: an error is thrown and the message is not sent. An ephemeral message is also sent in the room, informing that tagging
@all
and@here
is not allowed.Note: this works the same with room scoped roles (eg Moderator, Leader, Owner). If the user has global OR room permission to mention
@all
and@here
, then the message will be accepted.Further comments
SUP-294