Skip to content

Fixes confidentiality handling of NoteForm component

Marc Saleiko requested to merge ms-fix-note-form-internal into master

What does this MR do and why?

The merge request updates the NoteForm component to correctly handle the confidentiality of notes.

Previously, the confidentiality of a note was not being passed correctly to the CommentFieldLayout component. A draft reply was always marked as not confidential which is not true for replies to internal comments/discussions.

This was noticed on Service Desk issues, where we display a warning that external participants will receive a notification of the new comment on non-confidential notes. Because the confidentiality was not correctly passed to the underlying component, the warning was also visible for comments in a confidential discussion.

Solves #399828 (closed)

Based on issue reported in #399828 (comment 1562947089)

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After
image image

Please ignore "Resolve thread". That is visible because I had a discussion comment, that I removed before I took the screenshot.

How to set up and validate locally

  1. Make yourself a Service Desk issue. You may use this ruby script which makes the last issue of a given project a Service Desk issue: 
    project = Project.find(7)
issue = project.issues.last
email = 'user@example.com'

issue.update!(author: User.support_bot, service_desk_reply_to: email)
IssueEmailParticipant.create!(issue: issue, email: email)
  2. Open the issue and add a confidential/internal note.
  3. The behavior was described to only occur when you add a comment to that discussion when logged in with a different user than the internal comment author. So impersonate as a different user that has access.
  4. Open the issue and reply to the internal comment. It should not show the external participants warning "X will be notified by your comment" under the editor.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Marc Saleiko

Merge request reports