Skip to content

WPB-21704 [fix] manage Channels via TM #4847

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
battermann merged 6 commits into from
Nov 13, 2025
Merged

WPB-21704 [fix] manage Channels via TM #4847

battermann merged 6 commits into from
Nov 13, 2025

Conversation

@battermann
Copy link
Contributor

@battermann battermann commented Nov 10, 2025
edited
Loading

https://wearezeta.atlassian.net/browse/WPB-21704

Checklist

  • Add a new entry in an appropriate subdirectory of changelog.d
  • Read and follow the PR guidelines

@zebot zebot added the ok-to-test Approved for running tests in CI, overrides not-ok-to-test if both labels exist label Nov 10, 2025
@battermann battermann changed the title WPB-20429 [fix] replace the members of a channels for tm WPB-21704 [fix] replace the members of a channels for tm Nov 11, 2025
@battermann battermann changed the title WPB-21704 [fix] replace the members of a channels for tm WPB-21704 [fix] manage Channels via TM Nov 11, 2025
@battermann battermann force-pushed the WPB-20429-replace-the-members-of-a-channels-for-tm-fix branch from c8243e2 to c9ba2fd Compare November 11, 2025 14:03
@battermann battermann marked this pull request as ready for review November 11, 2025 14:17
@battermann battermann requested review from a team as code owners November 11, 2025 14:17
@battermann battermann requested a review from Copilot November 11, 2025 14:18
Copilot AI reviewed Nov 11, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes a bug where team admins received 403 errors when attempting to manage channels they were members of with conversation_role set to wire_member. The fix introduces a new ManageChannels permission that allows team admins/owners to manage channels regardless of their conversation role.

  • Introduces a new ManageChannels hidden permission for team owners and admins
  • Refactors permission checking logic to use ActorContext instead of ConvOrTeamMember to properly handle both conversation and team member contexts
  • Updates all channel management operations (add, remove, replace members, rename, etc.) to respect the new permission

Reviewed Changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated no comments.

Show a summary per file
File Description
libs/wire-api/src/Wire/API/Team/Member.hs Adds the ManageChannels hidden permission to the HiddenPerm enum and assigns it to owner/admin roles
services/galley/src/Galley/API/Util.hs Replaces ensureChannelAndTeamAdmin with ensureManageChannelsPermission and refactors ConvOrTeamMember to ActorContext
services/galley/src/Galley/API/Action.hs Updates permission checks to use ActorContext and adds channelAdminOverride logic to bypass conversation role checks for team admins with ManageChannels
services/galley/src/Galley/API/Update.hs Introduces MLSCommitMode type, updates member operations to use new permission checks, and improves channel-specific removal logic
services/galley/src/Galley/API/Query.hs Simplifies ensureConvAdmin to use the new hasManageChannelsPermission helper
services/galley/src/Galley/API/Public/Conversation.hs Updates API endpoints to pass WithoutCommit mode to addMembers and replaceMembers
services/galley/test/integration/API.hs Updates test expectation from InternalAdd to ExternalAdd to match new behavior
integration/test/Test/Channels.hs Adds comprehensive integration test covering add, remove, and replace member operations for team admins managing channels
changelog.d/3-bug-fixes/WPB-21704 Documents the bug fix in the changelog

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@battermann
test
db28250
@battermann
fix bug by introducing a new team member permission ManageChannels
8c64c29 
determin join type by MLSCommitMode flag

more test cases and fixes

removed obsolete code

fix old test

ConvOrTeamMember with ActorContext

add commet

check ManageChannels permission instead of team member status
@battermann
changelog
309b754
@battermann
clean up
82268b7
@battermann
moved test and fixed implementation
99f08df
@battermann battermann force-pushed the WPB-20429-replace-the-members-of-a-channels-for-tm-fix branch from 94a3e46 to 99f08df Compare November 12, 2025 17:42
@battermann battermann merged commit 40d69f1 into develop Nov 13, 2025
10 checks passed
@battermann battermann deleted the WPB-20429-replace-the-members-of-a-channels-for-tm-fix branch November 13, 2025 11:27
This was referenced Nov 26, 2025
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@blackheaven blackheaven blackheaven approved these changes

@stefanwire stefanwire stefanwire approved these changes

Assignees

No one assigned

Labels

ok-to-test Approved for running tests in CI, overrides not-ok-to-test if both labels exist

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@battermann @blackheaven @stefanwire @zebot