Now that we have identified the true fix
from Bifrost side, we will slowly revert
the changes that have happened.
Starting with this first fix, we will revert
to writing out non-encoded paths while still
doing the double read. This will break uploading
files with + for a short while, and then
the new Bifrost fix should fix that as well.
https://mattermost.atlassian.net/browse/MM-53747
```release-note
NONE
```
* drop public submodule replace directive
During development of the public/ submodule, a replace directive remained that was both unnecessary and harmful as discussed in https://community.mattermost.com/private-core/pl/w77sh7igwpfb9ecj5o4jjjbbyo.
Remove that, and bump the explicit dependency (even though we use go.work) to v0.0.6 so the import paths match (e.g. `mattermost` vs `mattermost-server`).
* make modules-tidy
* consistently setup-go-work
* fix build-api-spec
* fix mmctl test template
* fix workflow copy/paste typo
We do a check to see if a non-encoded path is present
or not, and in that case, choose not to encode it.
This accrues an additional StatFile call. But after
we have encoded all paths to the new style, we will
get rid of this.
https://mattermost.atlassian.net/browse/MM-53709
```release-note
NONE
```
* add base for calling the endpoint
* add endpoint and handler
* update store and layers
* call the endpoint
* align types
* update app layers
* generate mocks
* complete handler
* finish store query
* add todos
* add ui for member count
* add selector
* add a todo
* add cache layer
* optimize calls in FE
* handle invalidation of the cache
* fix go style
* fix test
* use existing channel layer count
* fix import error
* delete unnecessary code
* write tests for channel cache layer
* fix testname
* fix mocks
* fix cache layer test
* fix a test
* really fix the test
* write more tests for server
* address PR comments
* remove comment
* rename more_channels to browse_channels
* fix style
* update snapshot
* add translations
* Revert "add translations"
This reverts commit 56476a5dab.
* add only related translations
* address PR review points
* add test
* fix test
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
There was already a cache present for emoji names. But we weren't using
it for the GetMultipleByName method. Now we implement that method
to look up the cache for every emoji name passed.
Secondly, a bigger problem was that we were making the DB call for system
emojis as well. Since system emojis aren't stored in the DB, it would
fall through the cache layer and always make a redundant DB call. In the
profiles, this should up as taking 16% of the total time to serve
a getPostsForChannel API endpoint.
We fix this by filtering the emojis to only custom emojis
before making the call.
https://mattermost.atlassian.net/browse/MM-53669
```release-note
NONE
```
* [MM-53192] Patch full name leak in Insights team_members API
* Update server/channels/app/team.go
Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com>
---------
Co-authored-by: Ibrahim Serdar Acikgoz <serdaracikgoz86@gmail.com>
Sometimes a broad distinction of just a channelID or a userID
is not enough to efficiently send a websocket event to users.
In several cases, depending on the user and channel, we might
need to modify the message. Therefore, we introduce the
concept of a channel hook that will get executed if the scope
is set to a channel. This hook can be populated at the app layer
to perform any application specific logic to the event.
Care must be taken to avoid race conditions as the passed event
is not deep copied. It is left to the user to treat it carefully.
For this issue, the main problem was that since we don't know
which users have permissions to which channels, we had to go through
_all_ members of a channel to figure that out. This was redundant
since a large portion of those users might not even be connected
at that time.
We solve this with the channel hook where we push this check
to be performed later while actually sending the event. This
reduces the computation to be done only for _connected_ users
rather than _all_ users of a channel.
The next iteration of this should be to use websocket subscriptions
to monitor exactly which users are on that channel to even
trim down that list. That is a larger initiative to be taken later.
Tested locally with a channel of 50 users. Here are rough results:
```
With PR:
patchPost 97ms
createPost 90ms
Master:
patchPost 306ms
createPost - 298ms
```
https://mattermost.atlassian.net/browse/MM-42810
```release-note
Improve performance while sending messages
with permalinks to channels with large number of users.
```
* add teams to allowed frame-ancestors
* fix unit tests
* set SameSite attribute for session cookie
* further restrict ancestors
* skip landing page if in iframe
* Only set cookie SameSite=None if embedded in iframe
* don't set MMEMBED cookie on landing page (check only)
* fully parse MMEMBED cookie
* add comment
* more comments
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* WIP
* Add rate limiting for desktop token API
* Missing mocks
* Style fixes
* Update snapshots
* Maybe use an actual redirect link :P
* Refactoring for tests
* Add tests for server
* Fix lint issue
* Fix tests
* Fix lint
* Add front-end screen component
* Component logic
* Style changes
* Quick style fix
* Lint fixes
* Initial PR feedback
* Enable logging into the browser as well when completing the login process
* Refactor to push more logic to the other component
* Remove unnecessary helper code
* Fix i18n
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* calls will notify in GM/DM channels for call started posts
* fix types
* add registerDesktopNotificationHook
* remove callsWillNotify
* cleanup unused types
* use an args object to shorten params
* add CUSTOM_CALLS_RECORDING to constants
* update for guest demotion and sysadmin edits
* update unit test
* update unit test
* use existing disabled flag
* remove commented line
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
* Revert "Revert "[MM-52547] Include current user profile in every redux action (#23219)""
This reverts commit 8f96888b1a.
* Revert "Revert "[MM-52546] webapp/channels : Update current user and status on WebSocket reconnect (#23071)""
This reverts commit 69ee162a6e.
* MM-53647 Fix overwriting the current user with sanitized data
* [MM-53124] Add optional Forgot Password custom link to override the default flow on the login page
* Fix i18n
* Fix test
* Added the enable/disable flag
* Fix test
* Fix e2e
* Add blockable link for the Customization navigation
* temp commit
* update test to allow bot creation
* add bot check to updateUser and deleteUser
* add more unit tests
* lint fixes
* lint fix
* update based on doc
* add more unit tests
* lint fixes
* fix unit tests
* fix unit tests
---------
Co-authored-by: Mattermost Build <build@mattermost.com>
For MySQL, a query for type LEFT JOIN .. IS NULL
leads to a nested antijoin which leads to poor performance.
We fix this by rewriting the query to avoid the antijoin.
See the JIRA epic for more context behind this.
We also make another improvement to remove the DISTINCT
clause. It didn't serve any purpose since userids would
already be unique.
https://mattermost.atlassian.net/browse/MM-53406
```release-note
NONE
```
In a single createPost flow, there were
3 separate calls to App.IsCRTEnabled. This
showed up very slightly in the CPU profiles.
Not a big deal, but good to get it out of
the way.
```release-note
NONE
```
