RocketChat
[BREAK] Webhook overwriting destination channel
Proposed changes (including videos or screenshots)
This PR fixes an issue where if you set any channel in the object request and that channel is not in the list of allowed channels for that webhook it sends anyway.
Issue(s)
Steps to test or reproduce
- Setup an incoming webhook integration in RC
- Add the sending user to other channels/rooms apart from the room specified in the "Post to Channel" field in the incoming integration settings.
Request example:
{
"text": "Example test",
"channel": ["general-2"]
}
Further comments
Codecov Report
Merging #26875 (2d64146) into develop (d34ce15) will decrease coverage by
0.70%. The diff coverage isn/a.
@@ Coverage Diff @@
## develop #26875 +/- ##
===========================================
- Coverage 46.48% 45.78% -0.70%
===========================================
Files 700 687 -13
Lines 13044 12957 -87
Branches 2235 2217 -18
===========================================
- Hits 6063 5932 -131
- Misses 6652 6707 +55
+ Partials 329 318 -11
| Flag | Coverage Δ | |
|---|---|---|
| e2e | 45.75% <ø> (-0.70%) |
:arrow_down: |
Flags with carried forward coverage won't be shown. Click here to find out more.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
not sure if ignoring the payload is the best approach here.
what happens to third party code that currently uses either
channelorroomIdand update their rocket.chat, their params will be silently ignored, causing all kinds of issues without no previous warning.IMO we should first display and return a warning saying the providing those params is now deprecated, and in the next major version, drop them throwing an error in case they're provided.
I'm open to discuss about this though =)
@sampaiodiego I've done one update, is this what you expected? or should I let the user go through with the flow and just return the usual response but with the additional warning?
Hi,
After discussions with @rodrigok and @milton-rucks, the scope of this PR was changed to allow the user to specify the channel he wants to send the message to if the overrideDestinationChannelEnabled setting is enabled. Otherwise, we should send an error message saying that the webhook doesn't support this update.
The default value for overrideDestinationChannelEnabled is false for newer integrations. I'm creating a migration for the old ones to set the value as true.
🦋 Changeset detected
Latest commit: 2d641466092bc9b1bd71178b3dc293f0b2c4130c
The changes in this PR will be included in the next version bump.
This PR includes changesets to release 24 packages
| Name | Type |
|---|---|
| @rocket.chat/meteor | Patch |
| @rocket.chat/core-typings | Patch |
| @rocket.chat/rest-typings | Patch |
| @rocket.chat/api-client | Patch |
| @rocket.chat/core-services | Patch |
| @rocket.chat/cron | Patch |
| @rocket.chat/model-typings | Patch |
| @rocket.chat/ui-contexts | Patch |
| @rocket.chat/account-service | Patch |
| @rocket.chat/authorization-service | Patch |
| @rocket.chat/ddp-streamer | Patch |
| @rocket.chat/omnichannel-transcript | Patch |
| @rocket.chat/presence-service | Patch |
| @rocket.chat/queue-worker | Patch |
| @rocket.chat/stream-hub-service | Patch |
| @rocket.chat/omnichannel-services | Patch |
| @rocket.chat/pdf-worker | Patch |
| @rocket.chat/presence | Patch |
| rocketchat-services | Patch |
| @rocket.chat/ddp-client | Patch |
| @rocket.chat/fuselage-ui-kit | Patch |
| @rocket.chat/models | Patch |
| @rocket.chat/uikit-playground | Patch |
| @rocket.chat/instance-status | Patch |
Not sure what this means? Click here to learn what changesets are.
Click here if you're a maintainer who wants to add another changeset to this PR
![changeset-bot[bot] avatar](https://avatars.githubusercontent.com/in/28616?v=4 "Published by a pub.dev verified publisher"){kind=small}