Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[MM-52887] Fix panic if todo is not part of a project #378

Merged
merged 3 commits into from
Jun 19, 2023
Merged

[MM-52887] Fix panic if todo is not part of a project #378

merged 3 commits into from
Jun 19, 2023

Conversation

hanzei
Copy link
Collaborator

@hanzei hanzei commented May 21, 2023

Summary

According to https://docs.gitlab.com/ee/user/todos.html there are todos that are not part of a project. For example, member access requests for groups are only tied to the group, not a project. This PR fixes the NPE by checking if a project is there first.

There are no tests that cover the outgoing API requests, and hence the changes in this PR are not covered by tests.

Ticket Link

https://mattermost.atlassian.net/browse/MM-52887
Fixes #372

@hanzei
Fix panic if todo is not part of a project
a2703fd 
According to https://docs.gitlab.com/ee/user/todos.html there are todos that are not part of a project. For example member access request for groups are only tied to the group, not a project. This PR fixes the NPE by checking if a projects is there first

There are no tests that cover the outgoing API requests and hence the changes in this PR are not covered by tests
@hanzei hanzei added 2: Dev Review Requires review by a core committer 3: QA Review Requires review by a QA tester labels May 21, 2023
@hanzei hanzei added this to the v1.7.0 milestone May 21, 2023
@hanzei hanzei requested a review from Willyfrog May 21, 2023 07:21
@hanzei hanzei requested review from mickmister and removed request for spirosoik and mickmister May 21, 2023 07:21
@codecov
Copy link

codecov bot commented May 21, 2023
edited

Codecov Report

Patch coverage has no change and project coverage change: -0.02 ⚠️

Comparison is base (4a527b4) 31.20% compared to head (8acc4f4) 31.19%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #378      +/-   ##
==========================================
- Coverage   31.20%   31.19%   -0.02%     
==========================================
  Files          21       21              
  Lines        3778     3780       +2     
==========================================
  Hits         1179     1179              
- Misses       2479     2481       +2     
  Partials      120      120
Impacted Files Coverage Δ
server/plugin.go 15.02% <0.00%> (-0.05%) ⬇️

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

Willyfrog
Willyfrog approved these changes May 22, 2023
View reviewed changes
Copy link

@Willyfrog Willyfrog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thanks for the quick fix

mickmister
mickmister requested changes May 22, 2023
View reviewed changes
Copy link
Member

@mickmister mickmister left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for addressing this @hanzei. I just have one request to make the code even more defensive, by checking that the todo itself is not nil

server/gitlab/api.go Show resolved Hide resolved
server/plugin.go Show resolved Hide resolved
@hanzei hanzei requested a review from mickmister May 22, 2023 21:26
@hanzei
Copy link
Collaborator Author

hanzei commented May 22, 2023

@mickmister Your suggestion seems quite defensive to me, but I don't mind adding that additional layer of protection. Even though I slightly changed it to skip all nil entries.

@hanzei hanzei requested a review from DHaussermann May 23, 2023 11:25
@hanzei hanzei removed the 2: Dev Review Requires review by a core committer label May 23, 2023
@hanzei hanzei mentioned this pull request May 23, 2023
Closed
@DHaussermann
Copy link

@hanzei I tried testing this but I must have misunderstood something. On the existing release I cannot reproduce the panic.
I created a 2nd group that my test user has access to and I have ToDo in multiple projects from multiple groups.

I don't see the crash when trying to pull back the data and the use of the lock field filters all the data as expected.
image

Is there something I've missed in the repro steps?

@hanzei
Copy link
Collaborator Author

hanzei commented May 24, 2023

@DHaussermann In GitLab, users can request access to a group (https://docs.gitlab.com/ee/user/group/#request-access-to-a-group). The group admin then gets a todo item added to their list. On master, the plugin should record a panic in the logs once that todo got added. Can you confirm that?

@hanzei hanzei mentioned this pull request May 26, 2023
Merged
@hanzei
Copy link
Collaborator Author

hanzei commented Jun 5, 2023

@DHaussermann Do you need anything in order to test the PR?

@DHaussermann
Copy link

@hanzei for a reason I never managed to figure out... Most of my test groups are all missing the request link.
I was eventually able to find one that worked as expected and reproduced the panic 👍
Thanks for providing the additional context.

I did test this and the panic is resolved. For the user affected with the pending request the /todo becomes functional again.
The one draw back is that there does not seem to be a message body implemented for the RHS content here.
image
And the shorthand in the ToDo list is missing the name of the requester
image

Please advise if you have any thoughts on next steps. I don't know how much bandwidth it would take to implement a solution for these 2 UI gaps. But, given that if this happened it causes a panic and renders /todo unusable, I'm inclined to accept the PR as is and open follow-up issues in the repo if it requires any significant effort.

@DHaussermann
Copy link

@hanzei Do you have any thoughts you can share on this? Either implementing a solution to the UX gaps or accepting the solution as is. I'm happy to accept this and create follow-up tasks if you don't have the bandwidth to add any more to this.

@Willyfrog
Copy link

@DHaussermann I think it is ok to create follow-up tickets

@DHaussermann DHaussermann mentioned this pull request Jun 12, 2023
Closed
@DHaussermann
Copy link

Tested and passed

LGTM!

@DHaussermann DHaussermann added 4: Reviews Complete All reviewers have approved the pull request and removed 3: QA Review Requires review by a QA tester labels Jun 12, 2023
@DHaussermann
Copy link

Sorry @hanzei - I meant to approve with the comment Monday ☝️

Please merge when you have a chance.

@hanzei hanzei merged commit 9ec4c71 into master Jun 19, 2023
11 checks passed
@hanzei hanzei deleted the MM-52887_todo-without-project branch June 19, 2023 11:45
@mickmister mickmister mentioned this pull request Aug 29, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Willyfrog Willyfrog Willyfrog approved these changes

@mickmister mickmister mickmister approved these changes

@DHaussermann DHaussermann DHaussermann approved these changes

Assignees
No one assigned
Labels
4: Reviews Complete All reviewers have approved the pull request
Projects
None yet
Milestone
v1.7.0
Development

Successfully merging this pull request may close these issues.

Unread messages not displaying in plugin
4 participants
@hanzei @DHaussermann @Willyfrog @mickmister