apitech
/
Rocket.Chat
mirror of https://github.com/RocketChat/Rocket.Chat
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into develop

Browse Source
pull/23958/head^2
Diego Sampaio 3 years ago
parent 37714424bf 4e8ba1542d
commit 775584f181
No known key found for this signature in database
GPG Key ID: E060152B30502562
12 changed files with 425 additions and 131 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      .github/history-manual.json
  2. 158
      .github/history.json
  3. 186
      HISTORY.md
  4. 4
      app/api/server/v1/roles.ts
  5. 17
      app/api/server/v1/users.js
  6. 8
      app/lib/server/functions/getFullUserData.js
  7. 6
      app/ui-message/client/message.js
  8. 5
      client/lib/userData.ts
  9. 3
      client/startup/startup.ts
  10. 122
      package-lock.json
  11. 22
      package.json
  12. 15
      server/methods/reportMessage.js

10
.github/history-manual.json
Unescape View File

@ -130,5 +130,15 @@
"contributors": [
"sampaiodiego"
]
}],
"4.3.2": [{
"title": "[FIX] Security Hotfix (https://docs.rocket.chat/guides/security/security-updates)",
"userLogin": "sampaiodiego",
"contributors": [
"sampaiodiego",
"yash-rajpal",
"pierre-lehnen-rc",
"gronke"
]
}]
}

158
.github/history.json
Unescape View File

@ -68754,6 +68754,162 @@
"5.0"
],
"pull_requests": []
},
"4.3.1": {
"node_version": "12.22.1",
"npm_version": "6.14.1",
"apps_engine_version": "1.29.1",
"mongo_versions": [
"3.6",
"4.0",
"4.2",
"4.4",
"5.0"
],
"pull_requests": [
{
"pr": "24107",
"title": "[FIX][APPS] Action buttons not removed when app is disabled or uninstalled",
"userLogin": "d-gubert",
"description": "Fixes a problem where action buttons registered by any app would not be removed if the app was disabled or uninstalled",
"milestone": "4.3.1",
"contributors": [
"d-gubert",
"web-flow"
]
},
{
"pr": "24105",
"title": "[FIX][APPS] Prevents emails from being sent when apps framework is disabled",
"userLogin": "d-gubert",
"description": "Introduction of new event `IPreEmailSent` was breaking the email function when the Apps-Engine framework was disabled in the administration",
"milestone": "4.3.1",
"contributors": [
"d-gubert"
]
},
{
"pr": "24096",
"title": "[FIX] Ensure Firefox 91 ESR support",
"userLogin": "tassoevan",
"description": "It:\r\n- Adds `Firefox ESR` to `browserslist`;\r\n- Upgrades `@rocket.chat/fuselage-hooks` to overcome a bug related to Firefox implementation of `ResizeObserver` API.",
"milestone": "4.3.1",
"contributors": [
"tassoevan",
"web-flow"
]
},
{
"pr": "24091",
"title": "Chore: Update Livechat to 1.11.1",
"userLogin": "MartinSchoeler",
"milestone": "4.3.1",
"contributors": [
"MartinSchoeler"
]
},
{
"pr": "24067",
"title": "[FIX] Omnichannel enabled setting not working when creating rooms",
"userLogin": "murtaza98",
"milestone": "4.3.1",
"contributors": [
"murtaza98",
"web-flow"
]
},
{
"pr": "23981",
"title": "[FIX] Enter not working on modal's multi-line input",
"userLogin": "murtaza98",
"description": "Right now, if we try to press enter for a new line on multi-line modal input... it auto triggers the submit event. This PR fixes this behaviour by not submitting the modal in case the enter was pressed within an input text with multiline expected",
"milestone": "4.3.1",
"contributors": [
"murtaza98",
"web-flow",
"tiagoevanp"
]
},
{
"pr": "24039",
"title": "[FIX] Omnichannel Current chats pagination not working",
"userLogin": "murtaza98",
"milestone": "4.3.1",
"contributors": [
"murtaza98",
"KevLehman",
"web-flow"
]
}
]
},
"4.3.2": {
"node_version": "12.22.1",
"npm_version": "6.14.1",
"apps_engine_version": "1.29.2",
"mongo_versions": [
"3.6",
"4.0",
"4.2",
"4.4",
"5.0"
],
"pull_requests": [
{
"pr": "24068",
"title": "[FIX] Integration section crashing opening in My Account",
"userLogin": "dougfabris",
"milestone": "4.3.2",
"contributors": [
"dougfabris",
"tassoevan",
"web-flow",
"gabriellsh"
]
},
{
"pr": "24171",
"title": "Chore: Update Apps-Engine to 1.29.2",
"userLogin": "d-gubert",
"milestone": "4.3.2",
"contributors": [
"d-gubert"
]
},
{
"pr": "24158",
"title": "[FIX] App Framework Enable hanging indefinitely",
"userLogin": "geekgonecrazy",
"milestone": "4.3.2",
"contributors": [
"geekgonecrazy",
"d-gubert",
"web-flow"
]
},
{
"pr": "24090",
"title": "[FIX] CSV Importer failing to import users",
"userLogin": "pierre-lehnen-rc",
"description": "- Update use of `setRealName` function to `_setRealName`.",
"milestone": "4.3.2",
"contributors": [
"pierre-lehnen-rc",
"matheusbsilva137",
"web-flow"
]
},
{
"pr": "24142",
"title": "[FIX][ENTERPRISE] Leading slashes in Engagement Dashboard API requests",
"userLogin": "matheusbsilva137",
"description": "- Remove trailing slashes from Engagement Dashboard API requests;",
"milestone": "4.3.2",
"contributors": [
"matheusbsilva137"
]
}
]
}
}
}
}

186
HISTORY.md
Unescape View File

@ -1,4 +1,105 @@
# 4.3.2
`2022-01-19 · 5 🐛 · 1 🔍 · 10 👩💻👨💻`
### Engine versions
- Node: `12.22.1`
- NPM: `6.14.1`
- MongoDB: `3.6, 4.0, 4.2, 4.4, 5.0`
- Apps-Engine: `1.29.2`
### 🐛 Bug fixes
- **ENTERPRISE:** Leading slashes in Engagement Dashboard API requests ([#24142](https://github.com/RocketChat/Rocket.Chat/pull/24142))
- Remove trailing slashes from Engagement Dashboard API requests;
- App Framework Enable hanging indefinitely ([#24158](https://github.com/RocketChat/Rocket.Chat/pull/24158))
- CSV Importer failing to import users ([#24090](https://github.com/RocketChat/Rocket.Chat/pull/24090))
- Update use of `setRealName` function to `_setRealName`.
- Integration section crashing opening in My Account ([#24068](https://github.com/RocketChat/Rocket.Chat/pull/24068))
- Security Hotfix (https://docs.rocket.chat/guides/security/security-updates)
<details>
<summary>🔍 Minor changes</summary>
- Chore: Update Apps-Engine to 1.29.2 ([#24171](https://github.com/RocketChat/Rocket.Chat/pull/24171))
</details>
### 👩💻👨💻 Contributors 😍
- [@gronke](https://github.com/gronke)
### 👩💻👨💻 Core Team 🤓
- [@d-gubert](https://github.com/d-gubert)
- [@dougfabris](https://github.com/dougfabris)
- [@gabriellsh](https://github.com/gabriellsh)
- [@geekgonecrazy](https://github.com/geekgonecrazy)
- [@matheusbsilva137](https://github.com/matheusbsilva137)
- [@pierre-lehnen-rc](https://github.com/pierre-lehnen-rc)
- [@sampaiodiego](https://github.com/sampaiodiego)
- [@tassoevan](https://github.com/tassoevan)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 4.3.1
`2022-01-05 · 6 🐛 · 1 🔍 · 6 👩💻👨💻`
### Engine versions
- Node: `12.22.1`
- NPM: `6.14.1`
- MongoDB: `3.6, 4.0, 4.2, 4.4, 5.0`
- Apps-Engine: `1.29.1`
### 🐛 Bug fixes
- **APPS:** Action buttons not removed when app is disabled or uninstalled ([#24107](https://github.com/RocketChat/Rocket.Chat/pull/24107))
Fixes a problem where action buttons registered by any app would not be removed if the app was disabled or uninstalled
- **APPS:** Prevents emails from being sent when apps framework is disabled ([#24105](https://github.com/RocketChat/Rocket.Chat/pull/24105))
Introduction of new event `IPreEmailSent` was breaking the email function when the Apps-Engine framework was disabled in the administration
- Ensure Firefox 91 ESR support ([#24096](https://github.com/RocketChat/Rocket.Chat/pull/24096))
It:
- Adds `Firefox ESR` to `browserslist`;
- Upgrades `@rocket.chat/fuselage-hooks` to overcome a bug related to Firefox implementation of `ResizeObserver` API.
- Enter not working on modal's multi-line input ([#23981](https://github.com/RocketChat/Rocket.Chat/pull/23981))
Right now, if we try to press enter for a new line on multi-line modal input... it auto triggers the submit event. This PR fixes this behaviour by not submitting the modal in case the enter was pressed within an input text with multiline expected
- Omnichannel Current chats pagination not working ([#24039](https://github.com/RocketChat/Rocket.Chat/pull/24039))
- Omnichannel enabled setting not working when creating rooms ([#24067](https://github.com/RocketChat/Rocket.Chat/pull/24067))
<details>
<summary>🔍 Minor changes</summary>
- Chore: Update Livechat to 1.11.1 ([#24091](https://github.com/RocketChat/Rocket.Chat/pull/24091))
</details>
### 👩💻👨💻 Core Team 🤓
- [@KevLehman](https://github.com/KevLehman)
- [@MartinSchoeler](https://github.com/MartinSchoeler)
- [@d-gubert](https://github.com/d-gubert)
- [@murtaza98](https://github.com/murtaza98)
- [@tassoevan](https://github.com/tassoevan)
- [@tiagoevanp](https://github.com/tiagoevanp)
# 4.3.0
`2021-12-28 · 7 🎉 · 5 🚀 · 26 🐛 · 37 🔍 · 28 👩💻👨💻`
@ -110,7 +211,7 @@
=================================
```
- Jitsi call already ended ([#23904](https://github.com/RocketChat/Rocket.Chat/pull/23904) by [@Aman-Maheshwari](https://github.com/Aman-Maheshwari) & [@yash-rajpal](https://github.com/yash-rajpal))
- Jitsi call already ended ([#23904](https://github.com/RocketChat/Rocket.Chat/pull/23904) by [@Aman-Maheshwari](https://github.com/Aman-Maheshwari))
- Fix Jitsi timeout update -- which caused the "Jitsi call already ended" error when trying to join a call some time after its creation;
@ -141,9 +242,9 @@
A rule on the user notification streamer was changed recently, and the check for writing on the streamer was wrong. Changed it to allow all logged users.
- Popover position for arabic languages ([#23888](https://github.com/RocketChat/Rocket.Chat/pull/23888) by [@yash-rajpal](https://github.com/yash-rajpal))
- Popover position for arabic languages ([#23888](https://github.com/RocketChat/Rocket.Chat/pull/23888))
- Removing Edit message from messageBox on room changed ([#23910](https://github.com/RocketChat/Rocket.Chat/pull/23910) by [@yash-rajpal](https://github.com/yash-rajpal))
- Removing Edit message from messageBox on room changed ([#23910](https://github.com/RocketChat/Rocket.Chat/pull/23910))
Removing edit message from messageBox and local storage on messageBox destroyed.
@ -304,7 +405,6 @@
- [@qwertiko](https://github.com/qwertiko)
- [@rafaelblink](https://github.com/rafaelblink)
- [@sidmohanty11](https://github.com/sidmohanty11)
- [@yash-rajpal](https://github.com/yash-rajpal)
### 👩💻👨💻 Core Team 🤓
@ -328,6 +428,7 @@
- [@tassoevan](https://github.com/tassoevan)
- [@thassiov](https://github.com/thassiov)
- [@tiagoevanp](https://github.com/tiagoevanp)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 4.2.2
`2021-12-14 · 1 🐛 · 1 🔍 · 2 👩💻👨💻`
@ -776,7 +877,7 @@
### 🚀 Improvements
- Add markdown to custom fields in user Info ([#20947](https://github.com/RocketChat/Rocket.Chat/pull/20947) by [@yash-rajpal](https://github.com/yash-rajpal))
- Add markdown to custom fields in user Info ([#20947](https://github.com/RocketChat/Rocket.Chat/pull/20947))
Added markdown to custom fields to render links
@ -1004,7 +1105,6 @@
- [@cuonghuunguyen](https://github.com/cuonghuunguyen)
- [@dependabot[bot]](https://github.com/dependabot[bot])
- [@wolbernd](https://github.com/wolbernd)
- [@yash-rajpal](https://github.com/yash-rajpal)
### 👩💻👨💻 Core Team 🤓
@ -1024,6 +1124,7 @@
- [@tassoevan](https://github.com/tassoevan)
- [@thassiov](https://github.com/thassiov)
- [@tiagoevanp](https://github.com/tiagoevanp)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 4.0.5
`2021-10-25 · 1 🐛 · 1 🔍 · 2 👩💻👨💻`
@ -3221,15 +3322,15 @@
- **ENTERPRISE:** Omnichannel Monitors can't forward chats to departments that they are not supervising ([#22142](https://github.com/RocketChat/Rocket.Chat/pull/22142))
- Adding Custom Fields to show on user info check ([#20955](https://github.com/RocketChat/Rocket.Chat/pull/20955) by [@yash-rajpal](https://github.com/yash-rajpal))
- Adding Custom Fields to show on user info check ([#20955](https://github.com/RocketChat/Rocket.Chat/pull/20955))
The setting custom fields to show under user info was not being used when rendering fields in user info. This pr adds those checks and only renders the fields mentioned under in admin -> accounts -> Custom Fields to Show in User Info.
- Adding permission 'add-team-channel' for Team Channels Contextual bar ([#21591](https://github.com/RocketChat/Rocket.Chat/pull/21591) by [@yash-rajpal](https://github.com/yash-rajpal))
- Adding permission 'add-team-channel' for Team Channels Contextual bar ([#21591](https://github.com/RocketChat/Rocket.Chat/pull/21591))
Added 'add-team-channel' permission to the 2 buttons in team channels contextual bar, for adding channels to teams.
- Adding retentionEnabledDefault check before showing warning message ([#20692](https://github.com/RocketChat/Rocket.Chat/pull/20692) by [@yash-rajpal](https://github.com/yash-rajpal))
- Adding retentionEnabledDefault check before showing warning message ([#20692](https://github.com/RocketChat/Rocket.Chat/pull/20692))
Added check for retentionEnabledDefault before showing prune warning message.
@ -3491,7 +3592,7 @@
}
```
- Visibility of burger menu on certain width ([#20736](https://github.com/RocketChat/Rocket.Chat/pull/20736) by [@yash-rajpal](https://github.com/yash-rajpal))
- Visibility of burger menu on certain width ([#20736](https://github.com/RocketChat/Rocket.Chat/pull/20736))
Burger was not visible on a certain width, specifically between 600 to 780. if width is more than 780px sidebar is shown, if less than 600 then burger icon was shown. But it wasn't shown between 600px to 780 px.
It was because for showing burger icon we were only checking for `isMobile` which is lenght only less than 600. So i added one more check for condition if length is less than 780 px.
@ -3674,7 +3775,6 @@
- [@siva2204](https://github.com/siva2204)
- [@sumukhah](https://github.com/sumukhah)
- [@umakantv](https://github.com/umakantv)
- [@yash-rajpal](https://github.com/yash-rajpal)
### 👩💻👨💻 Core Team 🤓
@ -3695,6 +3795,7 @@
- [@tassoevan](https://github.com/tassoevan)
- [@thassiov](https://github.com/thassiov)
- [@tiagoevanp](https://github.com/tiagoevanp)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 3.14.5
`2021-06-06 · 1 🚀 · 1 🐛 · 1 👩💻👨💻`
@ -4044,7 +4145,7 @@
![image](https://user-images.githubusercontent.com/17487063/113359447-2d1b5500-931e-11eb-81fa-86f60fcee3a9.png)
- Checking 'start-discussion' Permission for MessageBox Actions ([#21564](https://github.com/RocketChat/Rocket.Chat/pull/21564) by [@yash-rajpal](https://github.com/yash-rajpal))
- Checking 'start-discussion' Permission for MessageBox Actions ([#21564](https://github.com/RocketChat/Rocket.Chat/pull/21564))
Permissions 'start-discussion-other-user' and 'start-discussion' are checked everywhere before letting anyone start any discussions, this permission check was missing for message box actions, so added it.
@ -4308,7 +4409,6 @@
- [@sauravjoshi23](https://github.com/sauravjoshi23)
- [@sumukhah](https://github.com/sumukhah)
- [@wolbernd](https://github.com/wolbernd)
- [@yash-rajpal](https://github.com/yash-rajpal)
### 👩💻👨💻 Core Team 🤓
@ -4329,6 +4429,7 @@
- [@tassoevan](https://github.com/tassoevan)
- [@thassiov](https://github.com/thassiov)
- [@tiagoevanp](https://github.com/tiagoevanp)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 3.13.5
`2021-05-27 · 1 🐛 · 1 👩💻👨💻`
@ -4651,7 +4752,7 @@
- Add missing `unreads` field to `users.info` REST endpoint ([#20905](https://github.com/RocketChat/Rocket.Chat/pull/20905))
- Added hideUnreadStatus check before showing unread messages on roomList ([#20867](https://github.com/RocketChat/Rocket.Chat/pull/20867) by [@yash-rajpal](https://github.com/yash-rajpal))
- Added hideUnreadStatus check before showing unread messages on roomList ([#20867](https://github.com/RocketChat/Rocket.Chat/pull/20867))
Added hide unread counter check, if the show unread messages is turned off, now unread messages badge won't be shown to user.
@ -4774,7 +4875,7 @@
- Replace wrong field description on Room Information panel ([#21395](https://github.com/RocketChat/Rocket.Chat/pull/21395) by [@rafaelblink](https://github.com/rafaelblink))
- Reply count of message is decreased after a message from thread is deleted ([#19977](https://github.com/RocketChat/Rocket.Chat/pull/19977) by [@yash-rajpal](https://github.com/yash-rajpal))
- Reply count of message is decreased after a message from thread is deleted ([#19977](https://github.com/RocketChat/Rocket.Chat/pull/19977))
The reply count now is decreased if a message from a thread is deleted.
@ -4991,7 +5092,7 @@
- Regression: When only 'teams' type is provided, show only rooms with teamMain on `rooms.adminRooms` endpoint ([#21322](https://github.com/RocketChat/Rocket.Chat/pull/21322))
- Release 3.13.0 ([#21437](https://github.com/RocketChat/Rocket.Chat/pull/21437) by [@PriyaBihani](https://github.com/PriyaBihani) & [@cuonghuunguyen](https://github.com/cuonghuunguyen) & [@fcecagno](https://github.com/fcecagno) & [@lucassartor](https://github.com/lucassartor) & [@shrinish123](https://github.com/shrinish123) & [@yash-rajpal](https://github.com/yash-rajpal))
- Release 3.13.0 ([#21437](https://github.com/RocketChat/Rocket.Chat/pull/21437) by [@PriyaBihani](https://github.com/PriyaBihani) & [@cuonghuunguyen](https://github.com/cuonghuunguyen) & [@fcecagno](https://github.com/fcecagno) & [@lucassartor](https://github.com/lucassartor) & [@shrinish123](https://github.com/shrinish123))
- Update Apps-Engine version ([#21398](https://github.com/RocketChat/Rocket.Chat/pull/21398))
@ -5019,7 +5120,6 @@
- [@shrinish123](https://github.com/shrinish123)
- [@sumukhah](https://github.com/sumukhah)
- [@vova-zush](https://github.com/vova-zush)
- [@yash-rajpal](https://github.com/yash-rajpal)
### 👩💻👨💻 Core Team 🤓
@ -5040,6 +5140,7 @@
- [@sampaiodiego](https://github.com/sampaiodiego)
- [@tassoevan](https://github.com/tassoevan)
- [@tiagoevanp](https://github.com/tiagoevanp)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 3.12.7
`2021-05-27 · 1 🐛 · 1 👩💻👨💻`
@ -5115,7 +5216,7 @@
### 🚀 Improvements
- Close Call contextual bar after starting jitsi call. ([#21004](https://github.com/RocketChat/Rocket.Chat/pull/21004) by [@yash-rajpal](https://github.com/yash-rajpal))
- Close Call contextual bar after starting jitsi call. ([#21004](https://github.com/RocketChat/Rocket.Chat/pull/21004))
After jitsi call is started, if the call is started in a new window then we should close contextual tab bar.
So, when 'YES' is pressed on modal, we call handleClose function if openNewWindow is true, as call doesn't starts on tab bar, it starts on new window.
@ -5125,19 +5226,16 @@
- Missing spaces on attachment ([#21020](https://github.com/RocketChat/Rocket.Chat/pull/21020))
- Stopping Jitsi reload ([#20973](https://github.com/RocketChat/Rocket.Chat/pull/20973) by [@yash-rajpal](https://github.com/yash-rajpal))
- Stopping Jitsi reload ([#20973](https://github.com/RocketChat/Rocket.Chat/pull/20973))
The Function where Jitsi call is started gets called many times due to `room.usernames` dep of useMemo, this dep triggers reloading of this function many times.
So removing this dep from useMemo dependencies
### 👩💻👨💻 Contributors 😍
- [@yash-rajpal](https://github.com/yash-rajpal)
### 👩💻👨💻 Core Team 🤓
- [@dougfabris](https://github.com/dougfabris)
- [@tassoevan](https://github.com/tassoevan)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 3.12.0
`2021-02-28 · 5 🎉 · 17 🚀 · 74 🐛 · 30 🔍 · 29 👩💻👨💻`
@ -5186,15 +5284,15 @@
- Added auto-focus for better user-experience. ([#19954](https://github.com/RocketChat/Rocket.Chat/pull/19954) by [@Darshilp326](https://github.com/Darshilp326))
- Added disable button check for send invite button ([#20337](https://github.com/RocketChat/Rocket.Chat/pull/20337) by [@yash-rajpal](https://github.com/yash-rajpal))
- Added disable button check for send invite button ([#20337](https://github.com/RocketChat/Rocket.Chat/pull/20337))
Added Disable check for send invite button. If the text field is empty button would be disabled, and after any valid email is filled, button would get enabled
- Added key prop, removing unwanted warnings ([#20473](https://github.com/RocketChat/Rocket.Chat/pull/20473) by [@yash-rajpal](https://github.com/yash-rajpal))
- Added key prop, removing unwanted warnings ([#20473](https://github.com/RocketChat/Rocket.Chat/pull/20473))
Removes warnings listed on the issue
- Added Markdown links to custom status. ([#20470](https://github.com/RocketChat/Rocket.Chat/pull/20470) by [@yash-rajpal](https://github.com/yash-rajpal))
- Added Markdown links to custom status. ([#20470](https://github.com/RocketChat/Rocket.Chat/pull/20470))
Added markdown links to user's custom status.
@ -5220,7 +5318,7 @@
It brings more flexibility, allowing us to use different hooks and different components for each header
- Check Livechat message length through REST API endpoint ([#20366](https://github.com/RocketChat/Rocket.Chat/pull/20366) by [@yash-rajpal](https://github.com/yash-rajpal))
- Check Livechat message length through REST API endpoint ([#20366](https://github.com/RocketChat/Rocket.Chat/pull/20366))
Added checks for message length for livechat message api, it shouldn't exceed specified character limit.
@ -5269,21 +5367,21 @@
Added tooltips to "Expand" and "Follow Message"/"Unfollow Message" in ThreadView for coherency.
- Added Bio Structure for UserCard, rendering Skeleton View on loading Instead of [Object][Object] ([#20305](https://github.com/RocketChat/Rocket.Chat/pull/20305) by [@yash-rajpal](https://github.com/yash-rajpal))
- Added Bio Structure for UserCard, rendering Skeleton View on loading Instead of [Object][Object] ([#20305](https://github.com/RocketChat/Rocket.Chat/pull/20305))
Added Bio Structure for rendering Skeleton View on loading UserCard.
- Added check for view admin permission page ([#20403](https://github.com/RocketChat/Rocket.Chat/pull/20403) by [@yash-rajpal](https://github.com/yash-rajpal))
- Added check for view admin permission page ([#20403](https://github.com/RocketChat/Rocket.Chat/pull/20403))
Admin Permission page was visible to all, if you add admin/permissions after the base url. This should not be visible to all user, only people with certain permissions should be able to see this page.
I am also able to see permissions page for open workspace of Rocket chat.
![image](https://user-images.githubusercontent.com/58601732/105829728-bfd00880-5fea-11eb-9121-6c53a752f140.png)
- Adding the accidentally deleted tag template, used by other templates ([#20772](https://github.com/RocketChat/Rocket.Chat/pull/20772) by [@yash-rajpal](https://github.com/yash-rajpal))
- Adding the accidentally deleted tag template, used by other templates ([#20772](https://github.com/RocketChat/Rocket.Chat/pull/20772))
Adding back accidentally deleted tag Template.
- Admin cannot clear user details like bio or nickname ([#20785](https://github.com/RocketChat/Rocket.Chat/pull/20785) by [@yash-rajpal](https://github.com/yash-rajpal))
- Admin cannot clear user details like bio or nickname ([#20785](https://github.com/RocketChat/Rocket.Chat/pull/20785))
When the API users.update is called to update user data, it passes data to saveUser function. Here before saving data like bio or nickname we are checking if they are available or not. If data is available then we are saving it, but we are not doing anything when data isn't available.
@ -5291,13 +5389,13 @@
- Admin Panel pages not visible in Safari ([#20912](https://github.com/RocketChat/Rocket.Chat/pull/20912))
- Announcement with multiple lines fixed. ([#20381](https://github.com/RocketChat/Rocket.Chat/pull/20381) by [@yash-rajpal](https://github.com/yash-rajpal))
- Announcement with multiple lines fixed. ([#20381](https://github.com/RocketChat/Rocket.Chat/pull/20381))
Announcements with multiple lines used to break UI for announcements bar. Fixed it by replacing all break lines in announcement with empty space (" ") . The announcement modal would work as usual and show all break lines.
- Atlassian Crowd login with 2FA enabled ([#20834](https://github.com/RocketChat/Rocket.Chat/pull/20834))
- Attachment download from title fixed ([#20585](https://github.com/RocketChat/Rocket.Chat/pull/20585) by [@yash-rajpal](https://github.com/yash-rajpal))
- Attachment download from title fixed ([#20585](https://github.com/RocketChat/Rocket.Chat/pull/20585))
Added target = '_self' to attachment link, this seems to fix the problem, without this attribute, error page is displayed.
@ -5388,7 +5486,7 @@
![image](https://user-images.githubusercontent.com/2493803/106494751-90f9dc80-6499-11eb-901b-5e4dbdc678ba.png)
- Fix Empty highlighted words field ([#20329](https://github.com/RocketChat/Rocket.Chat/pull/20329) by [@yash-rajpal](https://github.com/yash-rajpal))
- Fix Empty highlighted words field ([#20329](https://github.com/RocketChat/Rocket.Chat/pull/20329))
Able to Empty the highlighted text field in preferences
@ -5444,7 +5542,7 @@
- Add a new setting ("Add Reply-To header") in the Email settings' page to control when the Reply-To header is used in e-mail notifications;
- The new setting is turned off (`false` value) by default.
- New Integration page was not being displayed ([#20670](https://github.com/RocketChat/Rocket.Chat/pull/20670) by [@yash-rajpal](https://github.com/yash-rajpal))
- New Integration page was not being displayed ([#20670](https://github.com/RocketChat/Rocket.Chat/pull/20670))
- Notification worker stopping on error ([#20605](https://github.com/RocketChat/Rocket.Chat/pull/20605))
@ -5658,7 +5756,6 @@
- [@paulobernardoaf](https://github.com/paulobernardoaf)
- [@pierreozoux](https://github.com/pierreozoux)
- [@rafaelblink](https://github.com/rafaelblink)
- [@yash-rajpal](https://github.com/yash-rajpal)
### 👩💻👨💻 Core Team 🤓
@ -5677,6 +5774,7 @@
- [@sampaiodiego](https://github.com/sampaiodiego)
- [@tassoevan](https://github.com/tassoevan)
- [@tiagoevanp](https://github.com/tiagoevanp)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 3.11.5
`2021-04-20 · 1 🐛 · 1 👩💻👨💻`
@ -5739,7 +5837,7 @@
### 🐛 Bug fixes
- Attachment download from title fixed ([#20585](https://github.com/RocketChat/Rocket.Chat/pull/20585) by [@yash-rajpal](https://github.com/yash-rajpal))
- Attachment download from title fixed ([#20585](https://github.com/RocketChat/Rocket.Chat/pull/20585))
Added target = '_self' to attachment link, this seems to fix the problem, without this attribute, error page is displayed.
@ -5758,7 +5856,6 @@
### 👩💻👨💻 Contributors 😍
- [@lolimay](https://github.com/lolimay)
- [@yash-rajpal](https://github.com/yash-rajpal)
### 👩💻👨💻 Core Team 🤓
@ -5766,6 +5863,7 @@
- [@renatobecker](https://github.com/renatobecker)
- [@sampaiodiego](https://github.com/sampaiodiego)
- [@tiagoevanp](https://github.com/tiagoevanp)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 3.11.0
`2021-01-31 · 8 🎉 · 9 🚀 · 52 🐛 · 44 🔍 · 32 👩💻👨💻`
@ -5871,7 +5969,7 @@
Made user avatar change buttons to be descriptive of what they do.
- Tooltip added for Kebab menu on chat header ([#20116](https://github.com/RocketChat/Rocket.Chat/pull/20116) by [@yash-rajpal](https://github.com/yash-rajpal))
- Tooltip added for Kebab menu on chat header ([#20116](https://github.com/RocketChat/Rocket.Chat/pull/20116))
Added the missing Tooltip for kebab menu on chat header.
![tooltip after](https://user-images.githubusercontent.com/58601732/104031406-b07f4b80-51f2-11eb-87a4-1e8da78a254f.gif)
@ -5893,12 +5991,12 @@
Users can be removed from channels without any error message.
- Added context check for closing active tabbar for member-list ([#20228](https://github.com/RocketChat/Rocket.Chat/pull/20228) by [@yash-rajpal](https://github.com/yash-rajpal))
- Added context check for closing active tabbar for member-list ([#20228](https://github.com/RocketChat/Rocket.Chat/pull/20228))
When we click on a username and then click on see user's full profile, a tab gets active and shows us the user's profile, the problem occurs when the tab is still active and we try to see another user's profile. In this case, tabbar gets closed.
To resolve this, added context check for closing action of active tabbar.
- Added Margin between status bullet and status label ([#20199](https://github.com/RocketChat/Rocket.Chat/pull/20199) by [@yash-rajpal](https://github.com/yash-rajpal))
- Added Margin between status bullet and status label ([#20199](https://github.com/RocketChat/Rocket.Chat/pull/20199))
Added Margins between status bullet and status label
@ -5963,7 +6061,7 @@
After changes made on https://github.com/RocketChat/Rocket.Chat/pull/19931, the `Livechat.RegisterGuest` method started removing properties from the visitor inappropriately. The properties that did not receive value were removed from the object.
Those changes were made to support the new Contact Form, but now the form has its own method to deal with Contact data so those changes are no longer necessary.
- Markdown added for Header Room topic ([#20021](https://github.com/RocketChat/Rocket.Chat/pull/20021) by [@yash-rajpal](https://github.com/yash-rajpal))
- Markdown added for Header Room topic ([#20021](https://github.com/RocketChat/Rocket.Chat/pull/20021))
With the new 3.10.0 version update the Links in topic section below room name were not working, for more info refer issue #20018
@ -6043,7 +6141,7 @@
![image](https://user-images.githubusercontent.com/27704687/106056093-0a29b600-60cd-11eb-8038-eabbc0d8fb03.png)
- Status circle in profile section ([#20016](https://github.com/RocketChat/Rocket.Chat/pull/20016) by [@yash-rajpal](https://github.com/yash-rajpal))
- Status circle in profile section ([#20016](https://github.com/RocketChat/Rocket.Chat/pull/20016))
The Status Circle in status message text input is now centered vertically.
@ -6247,7 +6345,6 @@
- [@sushant52](https://github.com/sushant52)
- [@tlskinneriv](https://github.com/tlskinneriv)
- [@wggdeveloper](https://github.com/wggdeveloper)
- [@yash-rajpal](https://github.com/yash-rajpal)
- [@zdumitru](https://github.com/zdumitru)
### 👩💻👨💻 Core Team 🤓
@ -6265,6 +6362,7 @@
- [@tassoevan](https://github.com/tassoevan)
- [@thassiov](https://github.com/thassiov)
- [@tiagoevanp](https://github.com/tiagoevanp)
- [@yash-rajpal](https://github.com/yash-rajpal)
# 3.10.5
`2021-01-27 · 1 🐛 · 1 👩💻👨💻`

4
app/api/server/v1/roles.ts
Unescape View File

@ -179,6 +179,10 @@ API.v1.addRoute(
throw new Meteor.Error('error-invalid-role-properties', 'The role properties are invalid.');
}
if (!(await hasPermissionAsync(this.userId, 'access-permissions'))) {
throw new Meteor.Error('error-action-not-allowed', 'Accessing permissions is not allowed');
}
const roleData = {
roleId: bodyParams.roleId,
name: bodyParams.name,

17
app/api/server/v1/users.js
Unescape View File

@ -227,11 +227,18 @@ API.v1.addRoute(
const { username, userId } = this.requestParams();
const { fields } = this.parseJsonQuery();
const user = getFullUserDataByIdOrUsername({
userId: this.userId,
filterId: userId,
filterUsername: username,
});
check(userId, Match.Maybe(String));
check(username, Match.Maybe(String));
if (userId !== undefined && username !== undefined) {
throw new Meteor.Error('invalid-filter', 'Cannot filter by id and username at once');
}
if (!userId && !username) {
throw new Meteor.Error('invalid-filter', 'Must filter by id or username');
}
const user = getFullUserDataByIdOrUsername({ userId: this.userId, filterId: userId, filterUsername: username });
if (!user) {
return API.v1.failure('User not found.');

8
app/lib/server/functions/getFullUserData.js
Unescape View File

@ -75,20 +75,22 @@ const removePasswordInfo = (user) => {
delete user.services.email2fa;
delete user.services.totp;
}
return user;
};
export function getFullUserDataByIdOrUsername({ userId, filterId, filterUsername }) {
const caller = Users.findOneById(userId, { fields: { username: 1 } });
const myself = userId === filterId || filterUsername === caller.username;
const canViewAllInfo = myself || hasPermission(userId, 'view-full-other-user-info');
const targetUser = filterId || filterUsername;
const myself = (filterId && targetUser === userId) || (filterUsername && targetUser === caller.username);
const canViewAllInfo = !!myself || hasPermission(userId, 'view-full-other-user-info');
const fields = getFields(canViewAllInfo);
const options = {
fields,
};
const user = Users.findOneByIdOrUsername(filterId || filterUsername, options);
const user = Users.findOneByIdOrUsername(targetUser, options);
if (!user) {
return null;
}

6
app/ui-message/client/message.js
Unescape View File

@ -1,4 +1,5 @@
import _ from 'underscore';
import dompurify from 'dompurify';
import { Meteor } from 'meteor/meteor';
import { Tracker } from 'meteor/tracker';
import { Template } from 'meteor/templating';
@ -32,9 +33,8 @@ const renderBody = (msg, settings) => {
// render template
} else if (messageType.message) {
msg.msg = escapeHTML(msg.msg);
msg = TAPi18n.__(messageType.message, {
...(typeof messageType.data === 'function' && messageType.data(msg)),
});
msg = TAPi18n.__(messageType.message, { ...(typeof messageType.data === 'function' && messageType.data(msg)) });
msg = dompurify.sanitize(msg);
} else if (msg.u && msg.u.username === settings.Chatops_Username) {
msg.html = msg.msg;
msg = renderMentions(msg);

5
client/lib/userData.ts
Unescape View File

@ -58,6 +58,9 @@ export const synchronizeUserData = async (uid: Meteor.User['_id']): Promise<RawU
return;
}
// Remove data from any other user that we may have retained
Meteor.users.remove({ _id: { $ne: uid } });
cancel?.();
cancel = await Notifications.onUser('userData', (data: IUserDataEvent) => {
@ -90,3 +93,5 @@ export const synchronizeUserData = async (uid: Meteor.User['_id']): Promise<RawU
return userData;
};
export const removeLocalUserData = (): number => Meteor.users.remove({});

3
client/startup/startup.ts
Unescape View File

@ -13,7 +13,7 @@ import { getUserPreference, t } from '../../app/utils/client';
import 'highlight.js/styles/github.css';
import { UserStatus } from '../../definition/UserStatus';
import * as banners from '../lib/banners';
import { synchronizeUserData } from '../lib/userData';
import { synchronizeUserData, removeLocalUserData } from '../lib/userData';
import { fireGlobalEvent } from '../lib/utils/fireGlobalEvent';
if (window.DISABLE_ANIMATION) {
@ -39,6 +39,7 @@ Meteor.startup(() => {
Tracker.autorun(async () => {
const uid = Meteor.userId();
if (!uid) {
removeLocalUserData();
return;
}
if (!Meteor.status().connected) {

122
package-lock.json generated
Unescape View File

@ -5337,23 +5337,23 @@
}
},
"@rocket.chat/css-in-js": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/css-in-js/-/css-in-js-0.31.0.tgz",
"integrity": "sha512-sE9aoRrClXsMhXwMrjWyLgkH3piqe3xYJunxjD/8JcFGFFxSTCTcgQhaC9X+4Wk6NHDCcH+uP6jA4N438gYyxw==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/css-in-js/-/css-in-js-0.31.1.tgz",
"integrity": "sha512-ggftLsbS8/NU54LkTDXjE3gyyj1JGdXOuseHxb/tnKmHtC85B5F00nFLhbdGjksoVCPjpXq1PstEhAaFESzaOw==",
"requires": {
"@emotion/hash": "^0.8.0",
"@rocket.chat/css-supports": "^0.31.0",
"@rocket.chat/memo": "^0.31.0",
"@rocket.chat/stylis-logical-props-middleware": "^0.31.0",
"@rocket.chat/css-supports": "^0.31.1",
"@rocket.chat/memo": "^0.31.1",
"@rocket.chat/stylis-logical-props-middleware": "^0.31.1",
"stylis": "^4.0.10"
}
},
"@rocket.chat/css-supports": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/css-supports/-/css-supports-0.31.0.tgz",
"integrity": "sha512-++HuLIPJoDsMYxdyFbB2d2SHdDBVBdJRKL+6vyfjteuR89tdhfN9qlfonzw3zArQzwT4NbE2tGID6ccsJhGF5g==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/css-supports/-/css-supports-0.31.1.tgz",
"integrity": "sha512-i/85P3RYeDQ5gyMAGu4ci0AAOiL7q4GIQV6bsaXgeykZnXCuGnt9vcdNkeavLh/tgNAMUZnTr2/+IAfoopBtDA==",
"requires": {
"@rocket.chat/memo": "^0.31.0",
"@rocket.chat/memo": "^0.31.1",
"tslib": "^2.3.1"
},
"dependencies": {
@ -5365,9 +5365,9 @@
}
},
"@rocket.chat/emitter": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/emitter/-/emitter-0.31.0.tgz",
"integrity": "sha512-mVe5yCZDIbuAeGVuuu2neQNJnUCKMXnv3goCi/hJCDkbDhaxnfsKBwEct26Oo+x8tyrL4v1axAlUN9Xy4y6oSQ=="
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/emitter/-/emitter-0.31.1.tgz",
"integrity": "sha512-dLD8xdfgFosnkQlsuhfiAX80SLPmuhNsbuxg4CZfSP60hnJo4deZqDB8GsBHVoa3z3amHdNkTXNHsW5eMUKWZA=="
},
"@rocket.chat/eslint-config": {
"version": "0.4.0",
@ -5450,9 +5450,9 @@
}
},
"@rocket.chat/fuselage-polyfills": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-polyfills/-/fuselage-polyfills-0.31.0.tgz",
"integrity": "sha512-7BWXFcFJST17jzxo7Pv+3jN10zbwv5x66cq6VsUosZCr2AQYLb1764ZtirzY93mnEPPxR0OtnH/788LnexRjqw==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-polyfills/-/fuselage-polyfills-0.31.1.tgz",
"integrity": "sha512-NAk726MPA/lV960GTx7Irgfy18bvOMxPsdnr4WxeQhRCq6l3HDKYIHQh7vfVOdGE74ws5Lvx9g8mPcHcmm+dKA==",
"requires": {
"@juggle/resize-observer": "^3.3.1",
"clipboard-polyfill": "^3.0.3",
@ -5463,19 +5463,19 @@
}
},
"@rocket.chat/fuselage-tokens": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-tokens/-/fuselage-tokens-0.31.0.tgz",
"integrity": "sha512-ZUAvWUTVCcqSMH0L4I7dzsOokvKaAxefS5e826PicRNOx7+yYQVUA1U9zfpEADurvqleX88JszEYgdPsPX56+Q=="
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-tokens/-/fuselage-tokens-0.31.1.tgz",
"integrity": "sha512-9zWiIyFJA2XaVxU9gS65KA7n/IS92afuq881MA6e0CC8qfZr0R9uhvM09eIdYXoQdQTTaGtQ0k9PsJ8Fm04ybg=="
},
"@rocket.chat/fuselage-ui-kit": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-ui-kit/-/fuselage-ui-kit-0.31.0.tgz",
"integrity": "sha512-HB3dkV11ZlZ/C42LTv3QsQ+aslXjMChYRL+g1et0EYeWaBp5IvQyGwHG38Dl/AaH41GmkzUYQnoZ3Ii21plphA==",
"requires": {
"@rocket.chat/fuselage": "^0.31.0",
"@rocket.chat/fuselage-hooks": "^0.31.0",
"@rocket.chat/styled": "^0.31.0",
"@rocket.chat/ui-kit": "^0.31.0",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-ui-kit/-/fuselage-ui-kit-0.31.1.tgz",
"integrity": "sha512-4iXQNIvS4PrC8NV+oDXpLEVT3vrvM5odVq0atN7KVbPD1era8ggXt6AKoTSSPj4XogJ5cKLux9W76bTIl1a4bQ==",
"requires": {
"@rocket.chat/fuselage": "^0.31.1",
"@rocket.chat/fuselage-hooks": "^0.31.1",
"@rocket.chat/styled": "^0.31.1",
"@rocket.chat/ui-kit": "^0.31.1",
"tslib": "^2.3.1"
},
"dependencies": {
@ -5514,9 +5514,9 @@
}
},
"@rocket.chat/fuselage-hooks": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-hooks/-/fuselage-hooks-0.31.0.tgz",
"integrity": "sha512-bo9oOskDxMTVrm30OdCh0diFMQgOn6Yz0xo1+NhwHADVOew3NbBA1QgiLNOC8dGjcYo3TN2t/lDvf7rgjB9wbg=="
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-hooks/-/fuselage-hooks-0.31.1.tgz",
"integrity": "sha512-pAnY6itGrgeeJXOCGHnoLBY5Ppd50oyfgfD243cSZxGu8OiquVRLJLFJBHMPAveYAbc05q4A/Kz1iEXgxBJXlw=="
},
"@rocket.chat/fuselage-tokens": {
"version": "0.31.1",
@ -5548,9 +5548,9 @@
}
},
"@rocket.chat/icons": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/icons/-/icons-0.31.0.tgz",
"integrity": "sha512-F3rMdEzpJo/evxk6ettkInhFiuQa7F6+LM1yvhQrf3Gr+1ni54d2phuYPbi1VIYE+VFixN+F0Ed8Jptac1Iy1Q=="
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/icons/-/icons-0.31.1.tgz",
"integrity": "sha512-srtdItEGeU4eYWrI/q41LGAcCOtCCiIUlDg/lbjAAk85QP9YXwcjpeOKLBTRwshR5yOXd71LLZ6rgvHsyMbikQ=="
},
"@rocket.chat/livechat": {
"version": "1.11.2",
@ -5621,19 +5621,19 @@
}
},
"@rocket.chat/logo": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/logo/-/logo-0.31.0.tgz",
"integrity": "sha512-JjKCQ1LY0zy7pQ8xtjaK/3x12jcq6nbX71FmWuGWAM9OSZCBlZfBMMIA9RyK1a29aufx6Z4nsvRy9Q0QpI3RMQ==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/logo/-/logo-0.31.1.tgz",
"integrity": "sha512-e2Mwpjo+k/gAZ9p+cN84HsKPzzhN3O/i72ZhC3r8RzarwdAsLGbCNcIuxOaZ3Ci+DpdleeCbKfewmx9vtdzh6w==",
"requires": {
"@rocket.chat/fuselage-hooks": "^0.31.0",
"@rocket.chat/styled": "^0.31.0",
"@rocket.chat/fuselage-hooks": "^0.31.1",
"@rocket.chat/styled": "^0.31.1",
"tslib": "^2.3.1"
},
"dependencies": {
"@rocket.chat/fuselage-hooks": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-hooks/-/fuselage-hooks-0.31.0.tgz",
"integrity": "sha512-bo9oOskDxMTVrm30OdCh0diFMQgOn6Yz0xo1+NhwHADVOew3NbBA1QgiLNOC8dGjcYo3TN2t/lDvf7rgjB9wbg=="
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/fuselage-hooks/-/fuselage-hooks-0.31.1.tgz",
"integrity": "sha512-pAnY6itGrgeeJXOCGHnoLBY5Ppd50oyfgfD243cSZxGu8OiquVRLJLFJBHMPAveYAbc05q4A/Kz1iEXgxBJXlw=="
},
"tslib": {
"version": "2.3.1",
@ -5643,9 +5643,9 @@
}
},
"@rocket.chat/memo": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/memo/-/memo-0.31.0.tgz",
"integrity": "sha512-1zYkueN/x6juDXBwZFmgfanNMgn27LLe7seUdVQAYtjx+bEk7A6nUM45LdzALNtyrf1iy9Ned1WW1NYPTDQYKw==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/memo/-/memo-0.31.1.tgz",
"integrity": "sha512-c4AJlmJg2lnONqr70SED6FjLpOEAolRfSxQTbqDwmG6OatTvANiWb8ymwU0TqmKinpjn/pjiAx7pkGvGhdmhwg==",
"requires": {
"tslib": "^2.3.1"
},
@ -5658,9 +5658,9 @@
}
},
"@rocket.chat/message-parser": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/message-parser/-/message-parser-0.31.0.tgz",
"integrity": "sha512-zPVvKoUJ4XriP1us+wvOprP9QvRf3XJ5ZfGpepPb5AyyADbaslgGsDXQ0dMUnv5a3uE2BN2uqjQugCjbjLyK6Q=="
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/message-parser/-/message-parser-0.31.1.tgz",
"integrity": "sha512-JYFN6zbcaqZ4cD8EMiJdgg/YcV7UBaL5iFXw0BrpMY04v6kH1DzQd9d2Aldmd5v/sdg4f84DVVFWS/1CIVPJQg=="
},
"@rocket.chat/mp3-encoder": {
"version": "0.24.0",
@ -5713,9 +5713,9 @@
}
},
"@rocket.chat/string-helpers": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/string-helpers/-/string-helpers-0.31.0.tgz",
"integrity": "sha512-1b2U3kDFBufPN+OEiRSatrm+8/8C+15fOlOdjoY/LMbK7309VQWl3Awl7z/F4xOfIZ62+346i1qiF9yXDeOYhQ==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/string-helpers/-/string-helpers-0.31.1.tgz",
"integrity": "sha512-xo9RU5mhQAY+puuunolstWHuU9FlXBHL4cZFBT11YJmyU26Obq6Ub63o0vy0/9ZkuyoUP8Q+ftStLVZy4Kbi7A==",
"requires": {
"tslib": "^2.3.1"
},
@ -5728,11 +5728,11 @@
}
},
"@rocket.chat/styled": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/styled/-/styled-0.31.0.tgz",
"integrity": "sha512-k+rXAGc3tQM9Y9xY+V0fhPPXEL0LQUnfGM4wHrYQoNag2gQW0tzd0lBi6lnvltIkgl8NlCT9lYLT3Nz5EMjcRQ==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/styled/-/styled-0.31.1.tgz",
"integrity": "sha512-unZBS30sDkEXIC3FCQrVYzeW7C2kqWANspcDGWvK7B/lZ7EUhweQLsgbptNJPKjBKKiIiD1ZxMKagF9AgWGi4w==",
"requires": {
"@rocket.chat/css-in-js": "^0.31.0",
"@rocket.chat/css-in-js": "^0.31.1",
"tslib": "^2.3.1"
},
"dependencies": {
@ -5744,11 +5744,11 @@
}
},
"@rocket.chat/stylis-logical-props-middleware": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/stylis-logical-props-middleware/-/stylis-logical-props-middleware-0.31.0.tgz",
"integrity": "sha512-KWW2/oQEGKhoagQAyoqAcSvu5Hn+pYXgKeqJuG/hVACTFLSUB7DAZoUQPFw2W2EXEbCzm3CQ8iIhW6sF/v2OBw==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/stylis-logical-props-middleware/-/stylis-logical-props-middleware-0.31.1.tgz",
"integrity": "sha512-Ll4qBT1PZGwDathckgmGzOwwf40brq6hFweRg5lFs/M07FFG1by1pg9Kf4hZErUNGWtf+59YpZvsRCR1Fw8fPQ==",
"requires": {
"@rocket.chat/css-supports": "^0.31.0",
"@rocket.chat/css-supports": "^0.31.1",
"tslib": "^2.3.1"
},
"dependencies": {
@ -5760,9 +5760,9 @@
}
},
"@rocket.chat/ui-kit": {
"version": "0.31.0",
"resolved": "https://registry.npmjs.org/@rocket.chat/ui-kit/-/ui-kit-0.31.0.tgz",
"integrity": "sha512-8TlZeVkOyQhwYForg7io7+kRRN7k3gv90eACKJY9m8nOdywEig8cGwKuPCfYPThcB6WzOle2JrfhSzYGFIPw8w=="
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/@rocket.chat/ui-kit/-/ui-kit-0.31.1.tgz",
"integrity": "sha512-xo+5eN1U4gjbZdbUX7+mTPepBPQeTmi36mJsjbPa4p9PCitexE4KZLrGLh8aau7p1kXIdai+dLh/Bs7tyXa4Cg=="
},
"@samverschueren/stream-to-observable": {
"version": "0.3.1",

22
package.json
Unescape View File

@ -177,20 +177,20 @@
"@nivo/line": "0.62.0",
"@nivo/pie": "0.73.0",
"@rocket.chat/apps-engine": "^1.29.2",
"@rocket.chat/css-in-js": "^0.31.0",
"@rocket.chat/emitter": "^0.31.0",
"@rocket.chat/css-in-js": "^0.31.1",
"@rocket.chat/emitter": "^0.31.1",
"@rocket.chat/fuselage": "^0.6.3-dev.392",
"@rocket.chat/fuselage-hooks": "^0.6.3-dev.392",
"@rocket.chat/fuselage-polyfills": "^0.31.0",
"@rocket.chat/fuselage-tokens": "^0.31.0",
"@rocket.chat/fuselage-ui-kit": "^0.31.0",
"@rocket.chat/icons": "^0.31.0",
"@rocket.chat/logo": "^0.31.0",
"@rocket.chat/memo": "^0.31.0",
"@rocket.chat/message-parser": "^0.31.0",
"@rocket.chat/fuselage-polyfills": "^0.31.1",
"@rocket.chat/fuselage-tokens": "^0.31.1",
"@rocket.chat/fuselage-ui-kit": "^0.31.1",
"@rocket.chat/icons": "^0.31.1",
"@rocket.chat/logo": "^0.31.1",
"@rocket.chat/memo": "^0.31.1",
"@rocket.chat/message-parser": "^0.31.1",
"@rocket.chat/mp3-encoder": "^0.24.0",
"@rocket.chat/string-helpers": "^0.31.0",
"@rocket.chat/ui-kit": "^0.31.0",
"@rocket.chat/string-helpers": "^0.31.1",
"@rocket.chat/ui-kit": "^0.31.1",
"@slack/client": "^4.12.0",
"@types/cookie": "^0.4.1",
"@types/lodash": "^4.14.177",

15
server/methods/reportMessage.js
Unescape View File

@ -2,7 +2,8 @@ import { Meteor } from 'meteor/meteor';
import { check } from 'meteor/check';
import { Messages } from '../../app/models/server';
import { Reports } from '../../app/models/server/raw';
import { Reports, Rooms } from '../../app/models/server/raw';
import { canAccessRoomAsync } from '../../app/authorization/server/functions/canAccessRoom';
Meteor.methods({
async reportMessage(messageId, description) {
@ -28,7 +29,17 @@ Meteor.methods({
});
}
await Reports.createWithMessageDescriptionAndUserId(message, description, Meteor.userId());
const uid = Meteor.userId();
const { rid } = message;
// If the user can't access the room where the message is, report that the message id is invalid
const room = await Rooms.findOneById(rid);
if (!room || !(await canAccessRoomAsync(room, { _id: uid }))) {
throw new Meteor.Error('error-invalid-message_id', 'Invalid message id', {
method: 'reportMessage',
});
}
await Reports.createWithMessageDescriptionAndUserId(message, description, uid);
return true;
},

Write Preview
Loading…
Cancel
Save