-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RHS Subscriptions #333
RHS Subscriptions #333
Conversation
Expose a RHS experience for GitLab that showcases the current channels's subscriptions, as well as information on the user currently logged in.
The tests are failing, it seems because there simply is no |
p.API.PublishWebSocketEvent( | ||
WsChannelSubscriptionsUpdated, | ||
map[string]interface{}{"payload": string(payloadJSON)}, | ||
&model.WebsocketBroadcast{ChannelId: channelID}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This constrains the websocket event to members of the channel, /but/ I see there is logic in the plugin around some users being denied access to some subset of projects. Worse, it looks like these permission checks actually involve a round trip per user -- is there some background information I can learn about?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IIUC, but isn't it implied that access to the channel gives access to the subscription information?
So shouldn't this be left to channel admins (by controlling channel memberships)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lieut-data It looks like the /gitlab subscriptions list
command does not filter on any sort of permission checks, which is sort of the equivalent of this websocket message right? I'm thinking we may not need any further access control other than scoping it to the specific channel, as you've done here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome, thank you for this feedback -- will leave this as-is.
Codecov ReportBase: 28.48% // Head: 33.06% // Increases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## master #333 +/- ##
==========================================
+ Coverage 28.48% 33.06% +4.57%
==========================================
Files 20 20
Lines 2619 2683 +64
==========================================
+ Hits 746 887 +141
+ Misses 1789 1689 -100
- Partials 84 107 +23
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, I don't know the Gitlab side of things very well (or plugins in general, tbh) so my review focuses on the actual written code.
I'll defer to the other reviewers on the high-level view.
server/api.go
Outdated
|
||
resp := subscriptionsToResponse(config, subscriptions) | ||
|
||
b, _ := json.Marshal(resp) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should probably check the err returned here. IIRC, we've had some incidents on the server around JSON Marshalling so a quick error check helps.
p.API.PublishWebSocketEvent( | ||
WsChannelSubscriptionsUpdated, | ||
map[string]interface{}{"payload": string(payloadJSON)}, | ||
&model.WebsocketBroadcast{ChannelId: channelID}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IIUC, but isn't it implied that access to the channel gives access to the subscription information?
So shouldn't this be left to channel admins (by controlling channel memberships)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work @lieut-data! I left some non-blocking suggestions and questions. Let me know what you think 👍
.nvmrc
Outdated
@@ -0,0 +1 @@ | |||
16.4.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will cause CI to use this npm version, which is ahead of this project's lockfile version. When you ran npm install
with npm 16.4.0
, did you receive the message of patching up the lockfile? We indeed need to update the project to use node 16+
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, good catch! When my first attempt to compile and deploy failed, I assumed it was the node version and mistakenly copied the version from webapp, then opted not to git add package-lock.json
but forgot about my changes here in .nvmrc
. I'll fix this to point at the latest v14 here which I believe uses the old lock version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please ensure this works locally with nvm install
or nvm use
if you already have this version installed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you do test this out, please remove the node_modules
folder before testing. Likely, there won't be any issues since CI is passing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Gah, I forgot to revert this. One second.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wait, sorry, I've got too much on the go...
Yes, I can confirm this .nvmrc
works locally. What I did forget to revert was the addition of styled-components
to package.json.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(Also triple checked after blowing away node_modules
).
const notSignedInStyle = { | ||
margin: '24px', | ||
display: 'flex', | ||
flexDirection: 'column', | ||
alignItems: 'center', | ||
textAlign: 'center', | ||
}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lieut-data Thoughts on putting these styles in a css file? It's unfortunate that scss isn't available but I think using a regular css file should be manageable in this case
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, now that you've helped me with the node version, I wonder if we'd be open to just depending on the external styled-components
vs. having to export global CSS rules and deal with that complexity? Let me take a stab at seeing how that plays out.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lieut-data In general, our plugins have been using scss
. I know Playbooks is using styled-components
and no scss
now, though I'd like to keep consistency with the other plugin projects our team manages in this aspect.
Using css
instead of scss
can be a pain, because you don't have the same easily accessible nesting capabilities with css
. Of course there's the equivalent syntax in css
, which may not be too bad in this case.
I'll leave it up to you to decide how to apply styles here. I'm 2/5 on not introducing styled-components
here though. Hopefully you can understand why 🙂
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm happy to keep things simpler for the maintainers and will switch to CSS.
p.API.PublishWebSocketEvent( | ||
WsChannelSubscriptionsUpdated, | ||
map[string]interface{}{"payload": string(payloadJSON)}, | ||
&model.WebsocketBroadcast{ChannelId: channelID}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lieut-data It looks like the /gitlab subscriptions list
command does not filter on any sort of permission checks, which is sort of the equivalent of this websocket message right? I'm thinking we may not need any further access control other than scoping it to the specific channel, as you've done here.
server/api.go
Outdated
|
||
subscriptionResponses = append(subscriptionResponses, SubscriptionResponse{ | ||
RepositoryName: subscription.Repository, | ||
RepositoryURL: gitlabURL.JoinPath(subscription.Repository).String(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just ran into this while deploying:
JoinPath
was added in Go 1.19 https://pkg.go.dev/net/url#URL.JoinPath
The go.mod for this project states that it works with go 1.16.
The mattermost-server project requires go 1.18.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for this: I didn't even check the supported versions on this method!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Just one request to remove the styled-components
dependency. Great work @lieut-data!
color: var(--center-channel-color); | ||
} | ||
|
||
.gitlab-rhs-Connect.gitlab-rhs-Connect.gitlab-rhs-Connect { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just so I understand, is the selector repeated to increase specificity?
webapp/package.json
Outdated
@@ -15,7 +16,8 @@ | |||
"react": "16.8.6", | |||
"react-bootstrap": "0.32.4", | |||
"react-redux": "5.1.1", | |||
"redux": "4.0.1" | |||
"redux": "4.0.1", | |||
"styled-components": "5.3.3" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can remove this since styled-components
is not being used anymore
@spirosoik I'll leave it up to you if you would like to review before merge, or we can call this dev reviewed since @ashishbhate and I both looked at it. As @ashishbhate mentioned, he's not as familiar with the project, which is why I'm giving you a decision here. Please let me know your thoughts |
@spirosoik & @DHaussermann, is there anything you'd like to take a peek at before we merge? |
Hi @lieut-data I took a look at this PR. This is woking as expected. I did see a coupe issues. Points 1. and 2. maybe worth investigating before we merge to see if there are quick solutions.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thanks again, @DHaussermann! re: 1, I'm syncing with Neil on next steps: stay tuned! re: 2, I'm not currently able to reproduce, with subscriptions being added and deleted as the slash commands are being invoked. Is there any extra detail you can help provide on how you reproduced? Subscriptions.-.Websockets.mp4re: 3, I agree with your assessment. |
re: 1, I synced with Neil and we agreed to keep this "apps bar only". Thanks for raising that, @DHaussermann :) |
@lieut-data for 1. this is a bit strange I saw this 2 or 3 times in a row so, I thought it was consistently reproducible. Now I can not see the issue either. Delete works in real time. I wonder if something else may have been happening on the server at the time? I've also gone back and checked 2 other servers and they are working normally as well. Give the relatively low impact and that I have no concrete details. I feel we should consider it resolved. If I see this again - now that I know it intermittent - I'll see if there is info on the network tab I can capture and the I can open a separate issue to prioritize and address. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested and passed as per testing notes above ☝️
For the issues found:
- No change will be made and the icon will only show in the App Bar
- Is no longer reproducible. Dylan will open a new issue with console details if it is seen again
- Is not specific to the GitHub integration
As such no further code changes or functional testing needed for this PR.
LGTM!
@lieut-data Please merge when you have a chance.
Sweet, thank you @DHaussermann :) |
Summary
Highlight channel subscriptions in the RHS:
When there are no subscriptions:
And when not signed in:
For this change, I tried to stick with the existing dependencies as I didn't want to take on ownership of upgrading
package-lock.json
. (The styles would have been much clearer withstyled-components
, or evenSASS
.)For context on this feature, see the private channel https://community.mattermost.com/private-core/channels/gitlab-strategic-integration.