From f6d41bcf5b337ebe280ff142c686f80e30627b1f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Espino=20Garc=C3=ADa?= <larkox@gmail.com>
Date: Fri, 1 Dec 2023 10:50:57 +0100
Subject: [PATCH] Fix 55496 (#25585)

---
 server/channels/app/post.go      | 11 ++++++
 server/channels/app/post_test.go | 64 ++++++++++++++++++++++++++++++++
 2 files changed, 75 insertions(+)

diff --git a/server/channels/app/post.go b/server/channels/app/post.go
index 859a23738a..a9bd444fcc 100644
--- a/server/channels/app/post.go
+++ b/server/channels/app/post.go
@@ -760,6 +760,17 @@ func (a *App) UpdatePost(c request.CTX, receivedUpdatedPost *model.Post, safeUpd
 
 	a.invalidateCacheForChannelPosts(rpost.ChannelId)
 
+	userID := c.Session().UserId
+	sanitizedPost, err := a.SanitizePostMetadataForUser(c, rpost, userID)
+	if err != nil {
+		mlog.Error("Failed to sanitize post metadata for user", mlog.String("user_id", userID), mlog.Err(err))
+
+		// If we failed to sanitize the post, we still want to remove the metadata.
+		sanitizedPost = rpost.Clone()
+		sanitizedPost.Metadata = nil
+	}
+	rpost = sanitizedPost
+
 	return rpost, nil
 }
 
diff --git a/server/channels/app/post_test.go b/server/channels/app/post_test.go
index 554c7b5dd5..cfcf7df04f 100644
--- a/server/channels/app/post_test.go
+++ b/server/channels/app/post_test.go
@@ -1449,6 +1449,70 @@ func TestUpdatePost(t *testing.T) {
 		require.Nil(t, err)
 		assert.Equal(t, testPost.GetProps(), model.StringInterface{"previewed_post": referencedPost.Id})
 	})
+
+	t.Run("sanitizes post metadata appropriately", func(t *testing.T) {
+		th := Setup(t).InitBasic()
+		defer th.TearDown()
+
+		th.App.UpdateConfig(func(cfg *model.Config) {
+			*cfg.ServiceSettings.SiteURL = "http://mymattermost.com"
+		})
+
+		th.AddUserToChannel(th.BasicUser, th.BasicChannel)
+
+		user1 := th.CreateUser()
+		user2 := th.CreateUser()
+		directChannel, err := th.App.createDirectChannel(th.Context, user1.Id, user2.Id)
+		require.Nil(t, err)
+
+		th.Context.Session().UserId = th.BasicUser.Id
+
+		testCases := []struct {
+			Description string
+			Channel     *model.Channel
+			Author      string
+			Length      int
+		}{
+			{
+				Description: "removes metadata from post for members who cannot read channel",
+				Channel:     directChannel,
+				Author:      user1.Id,
+				Length:      0,
+			},
+			{
+				Description: "does not remove metadata from post for members who can read channel",
+				Channel:     th.BasicChannel,
+				Author:      th.BasicUser.Id,
+				Length:      1,
+			},
+		}
+
+		for _, testCase := range testCases {
+			t.Run(testCase.Description, func(t *testing.T) {
+				referencedPost := &model.Post{
+					ChannelId: testCase.Channel.Id,
+					Message:   "hello world",
+					UserId:    testCase.Author,
+				}
+				_, err = th.App.CreatePost(th.Context, referencedPost, testCase.Channel, false, false)
+				require.Nil(t, err)
+
+				previewPost := &model.Post{
+					ChannelId: th.BasicChannel.Id,
+					UserId:    th.BasicUser.Id,
+				}
+				previewPost, err = th.App.CreatePost(th.Context, previewPost, th.BasicChannel, false, false)
+				require.Nil(t, err)
+
+				permalink := fmt.Sprintf("%s/%s/pl/%s", *th.App.Config().ServiceSettings.SiteURL, th.BasicTeam.Name, referencedPost.Id)
+				previewPost.Message = permalink
+				previewPost, err = th.App.UpdatePost(th.Context, previewPost, false)
+				require.Nil(t, err)
+
+				require.Len(t, previewPost.Metadata.Embeds, testCase.Length)
+			})
+		}
+	})
 }
 
 func TestSearchPostsForUser(t *testing.T) {