Slack Bot #2632
Slack Bot #2632
Conversation
|
This works now!! 🎉
curl \
-X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer {token}' \
-d '{"channel":"#general","text": "Hello World again!"}' \
https://slack.com/api/chat.postMessageThis is what it'll look like:
I've updated the OP with the two main leftover questions. @brianlovin I'll need your help on the settings UI for this—basically users need to be able to say "On {action} (either new message or new thread atm) send message to {channel}" (where {channel} is just a text input and we show an error if that channel doesn't exist) I don't know where to fit that with the existing invite stuff to be completely honest. There's also the existing connections that won't have the right permissions, I'm trying to figure out how we check that and get us the right permissions for those, that'll also need a UI state to maybe connect again or something? Don't know yet. |
|
Woo woo!!!! Stoked to see this. And I think @uberbryn is the person to make you an admin of the space program slack team. Here are my thoughts from reading your last comment:
Here are my thoughts on the above:
If those assumptions hold, we might end up with something like this:
{
// ...channelSettings
slackBotSettings: {
isEnabled: boolean,
channels: Array<string>,
eventTypes: Array<string>
}
}where where |
That seems like a really unnecessary abstraction? Users would have to click
Syndicating all content to Slack I guess. We should make this happen and see what people do with it imo.
That data model makes sense to me! |
Fair; only case I could think would be people needed different slack teams for importing (eg. import their community) and a team for cross posting (e.g. internal team slack). Guess we'll find this out soon enough...
Fair enough, if we're handling all kinds of event types it makes sense to me to add it and see what happens. |
|
Was just thinking on this a bit more, and I think we will want two Slack auth flows in many cases. Imagine a community first sets up the slack bot. We should definitely not grab member info to queue for invites - we only need the token. So if they do this first, then if they ever choose to import a slack team they'd need to re-auth so we can get the members data with their permission. The opposite flow (import => bot) seems fine to re-use the token, although I don't know how we'll sort out which tokens need extra permissions at this point. We can dig in though. |
|
That seems so hard to do, let's not over-engineer and make it single-connect for v1? |
|
I do not think that we should gather member information if the user is not expecting us to do so. If anything were to happen there it would be pretty bad and hurt the trust we've been building. |
"Connect a Slack team—To invite the members of your Slack team and send new threads to a channel connect it below!" How is that not expected? I feel like we're way overthinking this for the MVP, let's just send new threads to a channel and be done with it? |
It just needs to be useful at the start, and I don't think that having one action to set up both is right. I think that inviting a Slack team is a pretty big decision, and people (especially internal teams, or communities thinking of migrating) will be very intentional about deciding when to pull that trigger. Where sending new thread notifications to a channel is super low pressure, and is actually a huge opportunity for us to build that trust and help communities eventually build up to the decision of doing a full import. I don't want to overthink this for an MVP, but I also don't want to ship something that people are scared to use because they think we're about to swallow their whole team's data. It should be two sections for importing a team versus managing outbound bot pings. We can figure out how to connect those with a single 'connect with slack' button, but I don't feel that the first connection should get all their member info until they explicitly want to import. |
I 100% agree, that's why once you connect a Slack team you'll get two buttons: One to invite and one to add a new message sending thingy, right? Let me figure out tomorrow how hard it would be to add more permissions later, if it's easy let's do it your way, if not let's figure out what else to do. |
|
I think most slack team invites will be internal teams fwiw. I think it won’t be a huge deal to make that decision
…
On Mar 21, 2018 at 12:01 PM, <Max Stoiber ***@***.***)> wrote:
>
>
> I think that inviting a Slack team is a pretty big decision, and people (especially internal teams, or communities thinking of migrating) will be very intentional about deciding when to pull that trigger.
>
>
I 100% agree, that's why once you connect a Slack team you'll get two buttons: One to invite and one to add a new message sending thingy, right?
Let me figure out tomorrow how hard it would be to add more permissions later, if it's easy let's do it your way, if not let's figure out what else to do.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub (#2632 (comment)), or mute the thread (https://github.com/notifications/unsubscribe-auth/AEstaCNjZK5mjvEKSsibCdH54dd7rOa-ks5tgqOjgaJpZM4SzaBk).
|
|
Disagree based on the imports we've seen so far though. but maybe. Anyways, synced on video chat and Max and I were talking about the same thing: we request the permissions up front, but let the import itself be explicit so that we never store member data until the user is ready. |
Well damn, as far as I can tell this basically means anybody who connected a Slack team before this PR will need to do it again. 😕 |
|
There's two different flows here: First-time connection
Previously connected Slack teams
At the end, both of them see two buttons: One to "Invite their Slack team members to the Spectrum community" and one to "Send new threads in their community to a channel in Slack". I'm thinking about where to put the API call to check the permissions. Maybe we just add a flag in a migration to all existing connections that says "They don't have permissions, ask again", then we don't even have to do that API call? |
|
Turns out, we actually import members on connect right now from athena. Good news is that it'll be easy to refactor since that's just a job we can trigger at any time! |
|
Doing a bunch of UI tweaks in the settings pane right now to make it fit with no longer only being there to invite folks, it'd be great to get a hand with those. This is a first rough WIP:
Obviously missing is the second section to enable webhooks, no clue how to make that happen just yet! |
- Split into two components, one for members inviting and one general - Add intermediate state for importing members (WIP)
|
I really want to e2e test this UI but the existing community settings tests are in #2354 ugh |
😵 oh no! Hopefully we can get it on alpha today, I don't see why not :) |
|
Happy to help with the UI and wiring up the new channelSettings stuff |
|
Please jump in! Would love any help! |
Instead of immediately loading the entire members data from Slack when folks connect their team, we now only do it once they click "Import"! :tada: :tada: :tada: This works really nicely, see https://i.imgur.com/QLX75wF.gif
|
The latest commit now means we only import member data once folks click "Import members"!!! 🎉 Look at it: |
|
@mxstbr we lost the rule to ignore console logs in migrations :) |
|
We never had that rule in the first place, console.logs aren't allowed anywhere—only flow 😉 /cc @orta that patch with the rate limiting fixed Peril for large PRs! 🎉 |
|
We had an ignore directory rule there. But no worries, will just switch to error |
|
Writing tests for this is a bit tricky as it would require handling 3rd party oauth (not possibly with cypress afaik) or mocking out entire request flows to and from slack api. I'm honestly not sure how to go about this properly - in the meantime I at least added checks around who should have access to querying slack settings on communities and channels. So @mxstbr this is ready for your code review. I also refactored the permission logic today to be separated from the context constructor; lmk if you're happy with how all that looks! |
Wait hold on, why? I thought we were happy with that? |
api/types/ChannelSlackSettings.js
Outdated
| } | ||
|
|
||
| type ChannelSlackSettings { | ||
| botConnection: BotConnection |
There was a problem hiding this comment.
This name is confusing: botConnection is not a connection. (as per the Relay spec and how we use it elsewhere) If you want this to be a connection just like all our other connections (which it should be), please make it conformant by adding edges, nodes and page info:
type BotSettings {
threadCreated: String
}
type BotConnectionEdge {
node: BotSettings!
}
type BotConnection {
pageInfo: PageInfo!
edges: [BotConnectionEdge!]
}You don't have to build the actual pagination for now, but at least this sets us up to do it properly in the future.
|
Getting this locally after connecting a Slack team:
Maybe I need some updated secrets or something? |
Asked about this on Twitter and you said it looked good! Anyways, the reason is to keep permissions away from the schema and pushed down into business logic. Writing them as resolver wrappers is still a bit more tightly integrated, but it makes for a nice experience.
I don't want it to be a relay connection spec field. I am trying to communicate how the bot is connected to the slack team, so connection came to mind. Open to other naming ideas!
Console logs? |
They weren't in the schema before though, just packed into the GraphQL context so that they're easy to call.
Oh I see, I totally misinterpreted that name. I think we probably shouldn't call it |
|
Re the error you're seeing after connecting a slack team: for some reason we have 2 spectrum apps on Slack, and the secrets were mismatched. I updated the |
Will update now. |
|
Named |
Status
Deploy after merge (delete what needn't be deployed)
Release notes for users (delete if codebase-only change)