Support filtering on comment visibility for subscriptions #626
Comments
mickmister
added
Help Wanted
mickmister
added
Help Wanted
hanzei
removed
the
Up For Grabs
|
The
|
|
It may be helpful to use the BackendSelector component introduced in #583, to reuse code being used to introduce a new filter selector. |
|
Hi @mickmister, please check it out |
|
@sanjaydemansol Based on the discussion in the thread you linked, I think we are ok using the |
|
@sanjaydemansol Please take a look at the mattermost-plugin-jira/server/client.go Line 44 in b62a305 This is the method you can use to perform these API calls. Please take a look at pieces of code that are using this method |
|
@mickmister Please look at our plan for solving this issue. |
@mickmister I have updated this comment with the new pdf |
|
@Nityanand13 The document looks good to me 👍 For the last section:
Just to be clear, this situation is:
I think the behavior for this is fine (not creating the post). I think logging a message with log level |
|
Closing issues due to inactivity. This issue can be re-opened with more interest from our community. |
github-project-automation
bot
moved this from Submitted
to Done
in Brightscout Plugin Maintenance
github-project-automation
bot
moved this from Done
to Todo
in Brightscout Plugin Maintenance
Summary
When creating a comment in Jira, it's possible to make it so the comment is only visible to specific groups of users. This is a security issue because a private comment could be posted to a channel that has MM users that should not see this comment. The subscriptions could support filtering on certain Jira groups.
When a comment is created/updated, the Jira plugin is notified through a webhook. The comment payload does not contain information on the comment visibility, so we need to fetch the comment during this time of processing the webhook call. This should only be done if necessary (if the subscription has a filter set up to filter on comment visibility). In order to ensure we get all possible information about the comment when we fetch it, we should use the author's access token to fetch the comment. We can use the URL in the webhook payload located at
Comment.Self:mattermost-plugin-jira/server/testdata/webhook-issue-comment-created-indentation.json
Lines 122 to 125 in 7c1ed9b
The subscription modal should support a new "field" to filter on,
Comment Visibility. We will need to have an option to allow/reject certain visibilities, just as the other fields work.We can fetch the available roles using Jira's project API
rest/api/2/project/{project_key}, then examine theRolesproperty of the project.The text was updated successfully, but these errors were encountered: