No channel and post id in context from post_menu entry

[sblaisot]

I'm trying to create an app with a post menu.

I use the following in bindings:

  {
    "location": "/post_menu",
    "bindings": [
      {
        "app_id": "hello-world",
        "location": "create-from-post",
        "icon": "icon.png",
        "label": "Create from post",
        "hint": " -- TODO --",
        "description": "Use this post to create an entry.",
        "submit": {
          "path": "/create-from-post",
          "expand": {
            "acting_user": "all",
            "acting_user_access_token": "all",
            "channel": "all",
            "post": "all",
            "root_post": "all",
            "user": "all",
            "oauth2_user": "all"
          },
          "state": "post-menu"
        }
      }
    ]
  }

This is working pretty well, I have an icon in post app-menu that I can click and this fires a call to the /create-from-post endpoint of my app.

However, the incoming call's context doesn't have any information about the channel and post despite the doc says it should include channel and post information for /post_menu bindings.

Here is a sample of payload received from mattermost to the /create-from-post endpoint:

{
  "path": "/create-from-post",
  "expand": {
    "acting_user": "all",
    "acting_user_access_token": "all",
    "channel": "all",
    "post": "all",
    "root_post": "all",
    "user": "all",
    "oauth2_user": "all"
  },
  "state": "post-menu",
  "context": {
    "app_id": "",
    "mattermost_site_url": "http://mattermost:8065",
    "developer_mode": true,
    "app_path": "/plugins/com.mattermost.apps/apps/myapp",
    "bot_user_id": "8sfyfREDACTED4fiih",
    "bot_access_token": "oboREDACTED7ixw",
    "acting_user": {
      "id": "5fy1REDACTED8e4y",
      "create_at": 1678873433478,
      "update_at": 1678873441713,
      "delete_at": 0,
      "username": "myusername",
      "auth_service": "",
      "email": "mm@redacted.tld",
      "nickname": "",
      "first_name": "",
      "last_name": "",
      "position": "",
      "roles": "system_admin system_user",
      "locale": "en",
      "timezone": {
        "automaticTimezone": "Europe/Paris",
        "manualTimezone": "",
        "useAutomaticTimezone": "true"
      },
      "disable_welcome_email": false
    },
    "oauth2": {}
  }
}

Did I miss something ?

Note: I'm using mattermost in docker container from image mattermost/mattermost-enterprise-edition:7.5.0 as shipped within mattermost-app-example's docker-compose.yml

[sblaisot]

Note: I tried upgrading mattermost to 7.8.1 with no success

[mickmister]

Hi @sblaisot, thanks for creating this issue. Are you able to gather any server logs that may be showing some errors for this request?

[mickmister]

You can search for com.mattermost.apps in the logs to find messages specific to the Apps framework

[sblaisot]

here are the logs for com.mattermost.app when clicking on the app icon in the app post menu :

mattermost_1  | {"timestamp":"2023-03-20 16:42:33.664 Z","level":"debug","msg":"CSRF Check failed for request - Please migrate your plugin to either send a CSRF Header or Form Field, XMLHttpRequest is deprecated","caller":"app/plugin_requests.go:200","path":"/plugins/com.mattermost.apps/api/v1/call","ip":"172.19.0.1:40270","session_id":"d1g35gir9tna5b56ga1sxwigbr","user_id":"a3q8phu5e3d47pjyr4jzpnzkry"}
mattermost_1  | {"timestamp":"2023-03-20 16:42:33.674 Z","level":"debug","msg":"failed to expand field acting_user_access_token","caller":"app/plugin_api.go:970","plugin_id":"com.mattermost.apps","path":"/api/v1/call","destination":"hello-world","request_id":"njrs53fnj38w8e51ieepgjje9w","error":"hello-world does not have permission to use Mattermost REST API as connected users: forbidden","plugin_caller":"server/proxy/expand.go:197","from_user_id":"a3q8phu5e3d47pjyr4jzpnzkry"}
mattermost_1  | {"timestamp":"2023-03-20 16:42:33.681 Z","level":"debug","msg":"failed to expand field channel","caller":"app/plugin_api.go:970","plugin_id":"com.mattermost.apps","request_id":"njrs53fnj38w8e51ieepgjje9w","error":"id: s1ho64834if9dq74jr1434piya: : You do not have the appropriate permissions., userId=1srjdsk73ff7idrqdpcc1itpph, permission=read_public_channel,","from_user_id":"a3q8phu5e3d47pjyr4jzpnzkry","path":"/api/v1/call","destination":"hello-world","plugin_caller":"server/proxy/expand.go:197"}
mattermost_1  | {"timestamp":"2023-03-20 16:42:33.681 Z","level":"debug","msg":"failed to expand field oauth2_user","caller":"app/plugin_api.go:970","plugin_id":"com.mattermost.apps","plugin_caller":"server/proxy/expand.go:197","destination":"hello-world","request_id":"njrs53fnj38w8e51ieepgjje9w","from_user_id":"a3q8phu5e3d47pjyr4jzpnzkry","path":"/api/v1/call","error":"hello-world does not have permission to use a remote (3rd party) OAuth2 and store secrets: forbidden"}
mattermost_1  | {"timestamp":"2023-03-20 16:42:33.685 Z","level":"debug","msg":"failed to expand field post","caller":"app/plugin_api.go:970","plugin_id":"com.mattermost.apps","from_user_id":"a3q8phu5e3d47pjyr4jzpnzkry","path":"/api/v1/call","error":"failed to get post qybro84ciiy5uepqxiiwukirma: : You do not have the appropriate permissions., userId=1srjdsk73ff7idrqdpcc1itpph, permission=read_public_channel,","plugin_caller":"server/proxy/expand.go:197","destination":"hello-world","request_id":"njrs53fnj38w8e51ieepgjje9w"}
mattermost_1  | {"timestamp":"2023-03-20 16:42:33.685 Z","level":"debug","msg":"failed to expand field root_post","caller":"app/plugin_api.go:970","plugin_id":"com.mattermost.apps","destination":"hello-world","request_id":"njrs53fnj38w8e51ieepgjje9w","error":"no post ID to expand","plugin_caller":"server/proxy/expand.go:197","from_user_id":"a3q8phu5e3d47pjyr4jzpnzkry","path":"/api/v1/call"}
mattermost_1  | {"timestamp":"2023-03-20 16:42:33.689 Z","level":"debug","msg":"failed to expand field team","caller":"app/plugin_api.go:970","plugin_id":"com.mattermost.apps","destination":"hello-world","request_id":"njrs53fnj38w8e51ieepgjje9w","error":"failed to get team pwipob453trw7bu8o9sgfh39fw: : You do not have the appropriate permissions., userId=1srjdsk73ff7idrqdpcc1itpph, permission=view_team,","plugin_caller":"server/proxy/expand.go:197","from_user_id":"a3q8phu5e3d47pjyr4jzpnzkry","path":"/api/v1/call"}
mattermost_1  | {"timestamp":"2023-03-20 16:42:33.690 Z","level":"debug","msg":"failed to expand field user","caller":"app/plugin_api.go:970","plugin_id":"com.mattermost.apps","destination":"hello-world","request_id":"njrs53fnj38w8e51ieepgjje9w","from_user_id":"a3q8phu5e3d47pjyr4jzpnzkry","path":"/api/v1/call","error":"no user ID to expand","plugin_caller":"server/proxy/expand.go:197"}
mattermost_1  | {"timestamp":"2023-03-20 16:42:33.697 Z","level":"debug","msg":"Handled HTTP request","caller":"app/plugin_api.go:970","plugin_id":"com.mattermost.apps","request_id":"njrs53fnj38w8e51ieepgjje9w","from_user_id":"a3q8phu5e3d47pjyr4jzpnzkry","path":"/api/v1/call","plugin_caller":"server/httpin/service.go:166"}

[sblaisot]

Oh, it seems I was missing act_as_user permission in my manifest.

after adding it, I now have all team, channel and post infos.

This can be closed (but should probably be documented in https://developers.mattermost.com/integrate/apps/structure/bindings/#call-context-data

[mickmister]

@sblaisot That seems odd that this permission is required for this. Maybe the bot isn't a member of that specific channel?

[mickmister]

For the post_menu use case, it seems act_as_user is appropriate. Maybe the framework should not allow for binding locations like post_menu if act_as_user is absent

[hanzei]

I don't think this is about the location. The expand fails if PermissionActAsUser is not granted and the bot doesn't have permission to read whatever should be expanded. IMO the code works as intended, and the log messages make it clear what is going wrong.

[akuzia]

@hanzei there is a similar problem with /command binding. Even if bot has act_as_bot & act_as_user permissions and is a member of the channel there is still no channel_id in the context (for bindings & sub requests, cant check others for now).

Request body:

{
    "path": "/mattermost/app/form",
    "expand": {},
    "values": {
        "query": "select now()"
    },
    "context": {
        "app_id": "",
        "mattermost_site_url": "https://mmtest.retailcrm.tech",
        "developer_mode": true,
        "app_path": "/plugins/com.mattermost.apps/apps/demobot",
        "bot_user_id": "hktnj1pc3j8d8mb94hpry4x9xy",
        "bot_access_token": "mktfhmjkj3r85xzrzjwrfucq7h",
        "oauth2": {}
    },
    "raw_command": "/bot test --query \"select now()\""
}

[hanzei]

@akuzia Do you see an related log messages in the server logs?

[akuzia]

@hanzei cannot find anything useful in grepd by com.mattermost.apps logs. Only messages are:

debug [2023-03-23 10:53:54.112 +03:00] Handled HTTP request                          caller="app/plugin_api.go:970" plugin_id=com.mattermost.apps from_user_id=eoxm6g17gprnjmiyyt1pc4tfje path=/api/v1/call request_id=pyuts38eptg1pcriyxdsccmh4o plugin_caller="server/httpin/service.go:166"
debug [2023-03-23 10:53:54.373 +03:00] Handled HTTP request                          caller="app/plugin_api.go:970" plugin_id=com.mattermost.apps request_id=94k7msfcs3fojfunod1t3jjuac from_user_id=eoxm6g17gprnjmiyyt1pc4tfje path=/api/v1/bindings plugin_caller="server/httpin/service.go:166"
debug [2023-03-23 10:53:57.748 +03:00] Handled HTTP request                          caller="app/plugin_api.go:970" plugin_id=com.mattermost.apps request_id=j7ico5jripf5jphqm33ncqeiyo from_user_id=eoxm6g17gprnjmiyyt1pc4tfje path=/api/v1/bindings plugin_caller="server/httpin/service.go:166"
debug [2023-03-23 10:54:00.941 +03:00] Handled HTTP request                          caller="app/plugin_api.go:970" plugin_id=com.mattermost.apps plugin_caller="server/httpin/service.go:166" request_id=8pwwdwiczfy5dxcm4ufc3bjada from_user_id=eoxm6g17gprnjmiyyt1pc4tfje path=/api/v1/bindings