Skip to content

Commit

Permalink
Merge branch 'develop' of github.com:RocketChat/Rocket.Chat into imp/…
Browse files Browse the repository at this point in the history
…retention

* 'develop' of github.com:RocketChat/Rocket.Chat: (36 commits)
  refactor: IntegrationHistory out of DB Watcher (#32502)
  fix: Message update being broadcasted without updated values (#32472)
  test: make api teams test fully independent (#31756)
  test: Fix test name (#32490)
  fix: streams being called with no logged user (#32489)
  feat: Un-encrypted messages not allowed in E2EE rooms (#32040)
  feat(UiKit): Users select (#31455)
  fix: Re-login same browser tab issues (#32479)
  chore: move all webclient code out of the COSS folders (#32273)
  chore(deps): bump thehanimo/pr-title-checker from 1.3.7 to 1.4.1 (#30619)
  fix: Don't show join default channels option for edit user form  (#31750)
  fix: CAS user merge not working (#32444)
  fix: Overriding Retention Policy not working (#32454)
  fix: `rooms.export` endpoint generates an empty export when given an invalid date (#32364)
  fix: "Allow Password Change for OAuth Users" setting is not honored in the "Forgot Password" flow (#32398)
  fix: Bypass trash when removing OTR system messages and read receipts (#32269)
  fix: Monitors dissapearing from Unit upon edit (#32393)
  fix: Link image preview not opening in gallery (#32391)
  feat: Allow visitors & integrations to access downloaded files after a room has closed (#32439)
  regression: Users tab misaligned (#32451)
  ...
  • Loading branch information
gabriellsh committed May 28, 2024
2 parents ed03337 + b21d32b commit db22715
Show file tree
Hide file tree
Showing 510 changed files with 4,841 additions and 1,473 deletions.
5 changes: 5 additions & 0 deletions .changeset/angry-rocks-try.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@rocket.chat/meteor": patch
---

Fixed an issue causing monitors to dissapear from a saved unit every time a user saved the item. This was caused by the UI not sending the correct _id of the monitors that were already saved, and this caused the Backend to ignore them and remove from the list.
5 changes: 5 additions & 0 deletions .changeset/breezy-geckos-sparkle.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@rocket.chat/meteor': patch
---

Fix an issue where read receipts menu item wasn't considering the enabled setting to be displayed
5 changes: 5 additions & 0 deletions .changeset/cold-beds-hope.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@rocket.chat/meteor': patch
---

Fixes an issue not allowing override retention policy in channels
6 changes: 6 additions & 0 deletions .changeset/cuddly-cycles-nail.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
"@rocket.chat/fuselage-ui-kit": minor
"@rocket.chat/ui-kit": minor
---

Introduced new elements for apps to select users
5 changes: 5 additions & 0 deletions .changeset/cuddly-maps-peel.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@rocket.chat/meteor": patch
---

Fixed streams being called when the user is not logged in
5 changes: 5 additions & 0 deletions .changeset/cuddly-owls-join.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@rocket.chat/meteor': patch
---

Fixed an issue that prevented CAS users from being merged with existing user data on login
5 changes: 5 additions & 0 deletions .changeset/fair-grapes-thank.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@rocket.chat/meteor": minor
---

Allow visitors & integrations to access downloaded files after a room has closed. This was a known limitation in our codebase, where visitors were only able to access uploaded files in a livechat conversation while the conversation was open.
5 changes: 5 additions & 0 deletions .changeset/four-onions-camp.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@rocket.chat/meteor': patch
---

When using `DISABLE_DB_WATCHERS=true` this fixes message updates with URLs that were missing the link preview.
6 changes: 6 additions & 0 deletions .changeset/ninety-rivers-mix.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
"@rocket.chat/meteor": patch
"@rocket.chat/rest-typings": minor
---

Fixed issue with "Export room as file" feature (`rooms.export` endpoint) generating an empty export when given an invalid date
6 changes: 6 additions & 0 deletions .changeset/real-bobcats-train.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
'@rocket.chat/rest-typings': patch
'@rocket.chat/meteor': patch
---

Don't show Join default channels option on edit user form.
5 changes: 5 additions & 0 deletions .changeset/shy-oranges-provide.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@rocket.chat/meteor": patch
---

Fixes link image preview not opening in gallery mode
8 changes: 8 additions & 0 deletions .changeset/slow-cars-press.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
'@rocket.chat/i18n': minor
'@rocket.chat/meteor': minor
---

Introduced a new setting which doesn't allow users to access encrypted rooms until E2EE is configured and also doesn't allow users to send un-encrypted messages in encrypted rooms.

New room setup for E2EE feature which helps users to setup their E2EE keys and introduced states to E2EE feature.
7 changes: 7 additions & 0 deletions .changeset/smooth-knives-turn.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
"@rocket.chat/meteor": patch
---

Executing a logout and login action in the same "tab/instance", some streams were not being recreated, causing countless types of bugs.

PS: as a workaround reloading after logout or login in also solves the problem.
6 changes: 6 additions & 0 deletions .changeset/strong-humans-bow.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
"@rocket.chat/fuselage-ui-kit": minor
"@rocket.chat/ui-kit": minor
---

Introduced new elements for apps to select channels
5 changes: 5 additions & 0 deletions .changeset/unlucky-berries-guess.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@rocket.chat/meteor': minor
---

Replace the read receipt receipt indicator in order to improve the accessibility complience
5 changes: 5 additions & 0 deletions .changeset/weak-starfishes-fail.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@rocket.chat/meteor': patch
---

Fixes the missing spacing on don`t ask again checkbox inside modals
8 changes: 8 additions & 0 deletions .changeset/weak-turkeys-sit.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
"@rocket.chat/meteor": patch
---

Fixed a bad behavior with the interaction between OTR system messages & trash collection. We use trash collection as a temporary storage that holds recently deleted items from some collections. Messages is one of those. This was causing "User joined OTR" messages to be viewable when querying the trash collection.
Since OTR messages are by definition private, code was updated to bypass trash collection when removing these special messages.

Note: this only applies to these system messages. OTR user's messages are not stored on the database.
9 changes: 9 additions & 0 deletions .changeset/wicked-points-deliver.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
'@rocket.chat/meteor': patch
---

This fuselage`s bump fixes:
- The message toolbar visibility on hover (Firefox ESR)
- `Bubble` missing font-family

[more details](https://github.com/RocketChat/fuselage/releases/tag/%40rocket.chat%2Ffuselage%400.53.7)
5 changes: 5 additions & 0 deletions .changeset/wise-pianos-explode.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@rocket.chat/meteor": patch
---

Fixed issue with external users being able to reset their passwords even when the "Allow Password Change for OAuth Users" setting is disabled
2 changes: 1 addition & 1 deletion .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,6 @@ apps/meteor/server/startup/migrations @RocketChat/Architecture
/apps/meteor/ee/app/canned-responses @RocketChat/omnichannel
/apps/meteor/ee/app/livechat @RocketChat/omnichannel
/apps/meteor/ee/app/livechat-enterprise @RocketChat/omnichannel
/apps/meteor/ee/client/omnichannel @RocketChat/omnichannel
/apps/meteor/client/omnichannel @RocketChat/omnichannel
/apps/meteor/client/components/omnichannel @RocketChat/omnichannel
/apps/meteor/client/components/voip @RocketChat/omnichannel
2 changes: 1 addition & 1 deletion .github/workflows/pr-title-checker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,6 @@ jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: thehanimo/pr-title-checker@v1.3.7
- uses: thehanimo/pr-title-checker@v1.4.1
with:
GITHUB_TOKEN: ${{ secrets.RC_TITLE_CHECKER }}
1 change: 0 additions & 1 deletion apps/meteor/.storybook/main.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ module.exports = {
'../client/**/*.stories.{js,tsx}',
'../app/**/*.stories.{js,tsx}',
'../ee/app/**/*.stories.{js,tsx}',
'../ee/client/**/*.stories.{js,tsx}',
],
addons: [
'@storybook/addon-essentials',
Expand Down
2 changes: 2 additions & 0 deletions apps/meteor/app/api/server/v1/permissions.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { isBodyParamsValidPermissionUpdate } from '@rocket.chat/rest-typings';
import { Meteor } from 'meteor/meteor';

import { hasPermissionAsync } from '../../../authorization/server/functions/hasPermission';
import { notifyOnPermissionChangedById } from '../../../lib/server/lib/notifyListener';
import { API } from '../api';

API.v1.addRoute(
Expand Down Expand Up @@ -70,6 +71,7 @@ API.v1.addRoute(

for await (const permission of bodyParams.permissions) {
await Permissions.setRoles(permission._id, permission.roles);
void notifyOnPermissionChangedById(permission._id);
}

const result = (await Meteor.callAsync('permissions/get')) as IPermission[];
Expand Down
4 changes: 2 additions & 2 deletions apps/meteor/app/api/server/v1/roles.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { getUsersInRolePaginated } from '../../../authorization/server/functions
import { hasPermissionAsync } from '../../../authorization/server/functions/hasPermission';
import { hasRoleAsync, hasAnyRoleAsync } from '../../../authorization/server/functions/hasRole';
import { apiDeprecationLogger } from '../../../lib/server/lib/deprecationWarningLogger';
import { notifyListenerOnRoleChanges } from '../../../lib/server/lib/notifyListenerOnRoleChanges';
import { notifyOnRoleChanged } from '../../../lib/server/lib/notifyListener';
import { settings } from '../../../settings/server/index';
import { API } from '../api';
import { getPaginationItems } from '../helpers/getPaginationItems';
Expand Down Expand Up @@ -180,7 +180,7 @@ API.v1.addRoute(

await Roles.removeById(role._id);

void notifyListenerOnRoleChanges(role._id, 'removed', role);
void notifyOnRoleChanged(role, 'removed');

return API.v1.success();
},
Expand Down
20 changes: 4 additions & 16 deletions apps/meteor/app/api/server/v1/rooms.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import { Media } from '@rocket.chat/core-services';
import type { IRoom, IUpload } from '@rocket.chat/core-typings';
import { Messages, Rooms, Users, Uploads } from '@rocket.chat/models';
import type { Notifications } from '@rocket.chat/rest-typings';
import { isGETRoomsNameExists, isRoomsImagesProps, isRoomsMuteUnmuteUserProps } from '@rocket.chat/rest-typings';
import { isGETRoomsNameExists, isRoomsImagesProps, isRoomsMuteUnmuteUserProps, isRoomsExportProps } from '@rocket.chat/rest-typings';
import { Meteor } from 'meteor/meteor';

import { isTruthy } from '../../../../lib/isTruthy';
Expand Down Expand Up @@ -599,15 +599,11 @@ API.v1.addRoute(

API.v1.addRoute(
'rooms.export',
{ authRequired: true },
{ authRequired: true, validateParams: isRoomsExportProps },
{
async post() {
const { rid, type } = this.bodyParams;

if (!rid || !type || !['email', 'file'].includes(type)) {
throw new Meteor.Error('error-invalid-params');
}

if (!(await hasPermissionAsync(this.userId, 'mail-messages', rid))) {
throw new Meteor.Error('error-action-not-allowed', 'Mailing is not allowed');
}
Expand All @@ -627,12 +623,8 @@ API.v1.addRoute(
const { dateFrom, dateTo } = this.bodyParams;
const { format } = this.bodyParams;

if (!['html', 'json'].includes(format || '')) {
throw new Meteor.Error('error-invalid-format');
}

const convertedDateFrom = new Date(dateFrom || '');
const convertedDateTo = new Date(dateTo || '');
const convertedDateFrom = dateFrom ? new Date(dateFrom) : new Date(0);
const convertedDateTo = dateTo ? new Date(dateTo) : new Date();
convertedDateTo.setDate(convertedDateTo.getDate() + 1);

if (convertedDateFrom > convertedDateTo) {
Expand All @@ -658,10 +650,6 @@ API.v1.addRoute(
throw new Meteor.Error('error-invalid-recipient');
}

if (messages?.length === 0) {
throw new Meteor.Error('error-invalid-messages');
}

const result = await dataExport.sendViaEmail(
{
rid,
Expand Down
1 change: 1 addition & 0 deletions apps/meteor/app/authorization/client/index.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import { hasAllPermission, hasAtLeastOnePermission, hasPermission, userHasAllPermission } from './hasPermission';
import { hasRole, hasAnyRole } from './hasRole';
import './restrictedRoles';

export { hasAllPermission, hasAtLeastOnePermission, hasRole, hasAnyRole, hasPermission, userHasAllPermission };
12 changes: 12 additions & 0 deletions apps/meteor/app/authorization/client/restrictedRoles.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
import { Meteor } from 'meteor/meteor';

import { sdk } from '../../utils/client/lib/SDKClient';
import { AuthorizationUtils } from '../lib';

Meteor.startup(async () => {
const result = await sdk.call('license:isEnterprise');
if (result) {
// #ToDo: Load this from the server with an API call instead of having a duplicate list
AuthorizationUtils.addRolePermissionWhiteList('guest', ['view-d-room', 'view-joined-room', 'view-p-room', 'start-discussion']);
}
});
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import { Permissions } from '@rocket.chat/models';
import type { ServerMethods } from '@rocket.chat/ui-contexts';
import { Meteor } from 'meteor/meteor';

import { notifyOnPermissionChangedById } from '../../../lib/server/lib/notifyListener';
import { CONSTANTS, AuthorizationUtils } from '../../lib';
import { hasPermissionAsync } from '../functions/hasPermission';

Expand Down Expand Up @@ -41,11 +42,15 @@ Meteor.methods<ServerMethods>({
action: 'Adding_permission',
});
}

// for setting-based-permissions, authorize the group access as well
if (permission.groupPermissionId) {
await Permissions.addRole(permission.groupPermissionId, role);
void notifyOnPermissionChangedById(permission.groupPermissionId);
}

await Permissions.addRole(permission._id, role);

void notifyOnPermissionChangedById(permission._id);
},
});
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import { Permissions } from '@rocket.chat/models';
import type { ServerMethods } from '@rocket.chat/ui-contexts';
import { Meteor } from 'meteor/meteor';

import { notifyOnPermissionChangedById } from '../../../lib/server/lib/notifyListener';
import { CONSTANTS } from '../../lib';
import { hasPermissionAsync } from '../functions/hasPermission';

Expand Down Expand Up @@ -36,10 +37,12 @@ Meteor.methods<ServerMethods>({

// for setting based permissions, revoke the group permission once all setting permissions
// related to this group have been removed

if (permission.groupPermissionId) {
await Permissions.removeRole(permission.groupPermissionId, role);
void notifyOnPermissionChangedById(permission.groupPermissionId);
}

await Permissions.removeRole(permission._id, role);
void notifyOnPermissionChangedById(permission._id);
},
});
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
import { Meteor } from 'meteor/meteor';
import { Tracker } from 'meteor/tracker';

import { hasPermission } from '../../../../../app/authorization/client';
import { settings } from '../../../../../app/settings/client';
import { sdk } from '../../../../../app/utils/client/lib/SDKClient';
import { hasPermission } from '../../../authorization/client';
import { settings } from '../../../settings/client';
import { sdk } from '../../../utils/client/lib/SDKClient';
import { CannedResponse } from '../collections/CannedResponse';

const events = {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import type { Document, UpdateResult } from 'mongodb';
import { callbacks } from '../../../../lib/callbacks';
import { roomCoordinator } from '../../../../server/lib/rooms/roomCoordinator';
import { checkUsernameAvailability } from '../../../lib/server/functions/checkUsernameAvailability';
import { notifyOnIntegrationChangedByChannels } from '../../../lib/server/lib/notifyListener';
import { getValidRoomName } from '../../../utils/server/lib/getValidRoomName';

const updateFName = async (rid: string, displayName: string): Promise<(UpdateResult | Document)[]> => {
Expand Down Expand Up @@ -73,10 +74,13 @@ export async function saveRoomName(

if (room.name && !isDiscussion) {
await Integrations.updateRoomName(room.name, slugifiedRoomName);
void notifyOnIntegrationChangedByChannels([slugifiedRoomName]);
}

if (sendMessage) {
await Message.saveSystemMessage('r', rid, displayName, user);
}

await callbacks.run('afterRoomNameChange', { rid, name: displayName, oldName: room.name });
return displayName;
}
Loading

0 comments on commit db22715

Please sign in to comment.