Closed mcsescott closed 1 month ago
Do you see this when running locally and/or remotely post deploy? I have a feeling this is an oversight..
Indeed, locally running functions don't pre-approve files.slack.com - IIUC individual domains including subdomains need to be explicitly approved when running deno. Working on a fix here: https://github.com/slackapi/deno-slack-runtime/pull/66
I believe this will also be an issue once deployed to Slack hosting; we are also working on a fix on that end.
Yes, I just verified both slack run
and slack deploy
get the error.
In addition, I also noticed I need to provide the domain of my workspace... XXXX.enterprise.slack.com
I would think that should be allowed, but I can understand why it isn't.
It seems initially we didn't want to pre-approve files.slack.com in order to ensure admins can gate access to file uploading features via domain approval, but given that file uploading requires its own specific scope (files:write
), I think that's an acceptable path to ensure admins have control over apps with this feature.
Separate topic: @mcsescott what are you building such that you needed to access the X.enterprise.slack.com URL? I wonder if this falls into the same category.
👋 Hi @filmaj You know I'm always trying to push the boundaries....
Use case: Because the APIs aren't available to read a Canvas, the workaround we were given by the Canvas PM was to download the file and parse the contents.
I actually have it working now, but have added the domains to my manifest.
And we very much appreciate you boldly going where (clearly) no coded workflows have gone before. 👨🚀 ⭐
Just wanted to verify that the use case was one that would be more widely needed. I think we should consider adding some kind of blanket pre-approval for a bunch of Slack domains, including *.enterprise.slack.com
. For example, if you decide to deploy your app to a different workspace with a different workspace URL, womp womp, you need to edit the manifest.
I will bring this up internally and see what we can do.
Hey @mcsescott , FYI if you update your deno-slack-hooks to 1.3.1 (should be referenced in your slack.json
) local-running apps now automatically approve files.slack.com
. We also just deployed changes to the run-on-slack environment to do the same.
Thank you sir!
Writing a NextGen app, and I'm trying to download a file from Slack. I get the following error when running the custom function:
I thought all the
slack.com
URLs were allowed?I am using the latest CLI and SDK versions.