Sometimes a broad distinction of just a channelID or a userID
is not enough to efficiently send a websocket event to users.
In several cases, depending on the user and channel, we might
need to modify the message. Therefore, we introduce the
concept of a channel hook that will get executed if the scope
is set to a channel. This hook can be populated at the app layer
to perform any application specific logic to the event.
Care must be taken to avoid race conditions as the passed event
is not deep copied. It is left to the user to treat it carefully.
For this issue, the main problem was that since we don't know
which users have permissions to which channels, we had to go through
_all_ members of a channel to figure that out. This was redundant
since a large portion of those users might not even be connected
at that time.
We solve this with the channel hook where we push this check
to be performed later while actually sending the event. This
reduces the computation to be done only for _connected_ users
rather than _all_ users of a channel.
The next iteration of this should be to use websocket subscriptions
to monitor exactly which users are on that channel to even
trim down that list. That is a larger initiative to be taken later.
Tested locally with a channel of 50 users. Here are rough results:
```
With PR:
patchPost 97ms
createPost 90ms
Master:
patchPost 306ms
createPost - 298ms
```
https://mattermost.atlassian.net/browse/MM-42810
```release-note
Improve performance while sending messages
with permalinks to channels with large number of users.
```
* add teams to allowed frame-ancestors
* fix unit tests
* set SameSite attribute for session cookie
* further restrict ancestors
* skip landing page if in iframe
* Only set cookie SameSite=None if embedded in iframe
* don't set MMEMBED cookie on landing page (check only)
* fully parse MMEMBED cookie
* add comment
* more comments
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* WIP
* Add rate limiting for desktop token API
* Missing mocks
* Style fixes
* Update snapshots
* Maybe use an actual redirect link :P
* Refactoring for tests
* Add tests for server
* Fix lint issue
* Fix tests
* Fix lint
* Add front-end screen component
* Component logic
* Style changes
* Quick style fix
* Lint fixes
* Initial PR feedback
* Enable logging into the browser as well when completing the login process
* Refactor to push more logic to the other component
* Remove unnecessary helper code
* Fix i18n
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* calls will notify in GM/DM channels for call started posts
* fix types
* add registerDesktopNotificationHook
* remove callsWillNotify
* cleanup unused types
* use an args object to shorten params
* add CUSTOM_CALLS_RECORDING to constants
* update for guest demotion and sysadmin edits
* update unit test
* update unit test
* use existing disabled flag
* remove commented line
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* Revert "Revert "[MM-52547] Include current user profile in every redux action (#23219)""
This reverts commit 8f96888b1a.
* Revert "Revert "[MM-52546] webapp/channels : Update current user and status on WebSocket reconnect (#23071)""
This reverts commit 69ee162a6e.
* MM-53647 Fix overwriting the current user with sanitized data
* [MM-53124] Add optional Forgot Password custom link to override the default flow on the login page
* Fix i18n
* Fix test
* Added the enable/disable flag
* Fix test
* Fix e2e
* Add blockable link for the Customization navigation
* temp commit
* update test to allow bot creation
* add bot check to updateUser and deleteUser
* add more unit tests
* lint fixes
* lint fix
* update based on doc
* add more unit tests
* lint fixes
* fix unit tests
* fix unit tests
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
For MySQL, a query for type LEFT JOIN .. IS NULL
leads to a nested antijoin which leads to poor performance.
We fix this by rewriting the query to avoid the antijoin.
See the JIRA epic for more context behind this.
We also make another improvement to remove the DISTINCT
clause. It didn't serve any purpose since userids would
already be unique.
https://mattermost.atlassian.net/browse/MM-53406
```release-note
NONE
```
In a single createPost flow, there were
3 separate calls to App.IsCRTEnabled. This
showed up very slightly in the CPU profiles.
Not a big deal, but good to get it out of
the way.
```release-note
NONE
```
* Revert "[MM-52547] Include current user profile in every redux action (#23219)"
This reverts commit a85c0b87b8.
* Revert "[MM-52546] webapp/channels : Update current user and status on WebSocket reconnect (#23071)"
This reverts commit 6d3354266a.
* Remove global draft feature flag
* More removal - in progress
* Removed the rest in webapp
* Removed the rest in webapp
* Fix tests
* Update feature_flags.go
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* Add TimeBetweenBatches config value for data retention
* adding feature flag for data retention concurrency
---------
Co-authored-by: Julien Tant <julien@craftyx.fr>
Co-authored-by: Mattermost Build <build@mattermost.com>
The UpdateProductNotices method runs in a separate goroutine
which modifies a global structure called noticesCache.
This creates race condition when one test finishes
but the goroutine hasn't finished running.
To fix this, we simply prevent the spawning of the goroutine
by disabling the feature in the config.
Ideally, we'd not have global state in the first place.
But that's a separate matter.
https://mattermost.atlassian.net/browse/MM-52646
```release-note
NONE
```
Remove changes related to the unshipped threads everywhere feature, including commits b8da473da7 and 9f9e19e05d.
Since a version of Playbooks shipped calling this experimental API, keep a `nil` implementation to avoid breaking compatibility. We remove the hooks altogether, but keep the numbering again to avoid breaking compatbility.
Fixes: https://mattermost.atlassian.net/browse/MM-53358
