Skip to content

Move users_picker profile custom picker to contacts #4231

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
julien-nc wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Move users_picker profile custom picker to contacts #4231

julien-nc wants to merge 6 commits into from
+1,027 −1

Conversation

@julien-nc
Copy link
Member

@julien-nc julien-nc commented Nov 29, 2024
edited
Loading

This replaces #3487. I can't push in the branch there.

@ChristophWurst

  • It's rebased on main
  • Adjusted the vite config
  • The bio processing is now using multi-byte proof functions
  • Nitpick addressed: The condition in the reference provider was inverted
  • Now checks if the profile is enabled (when resolving a link)
  • Fixed widget style issues
  • Fixed the tests
  • Fixed the licenses

About #3487 (review) I'm not sure I see the issue. The frontend is using the ocs/v2.php/core/autocomplete/get endpoint which should respect the sharing settings.

The reference provider now checks if the profile is enabled or not with the IAccountManager::PROPERTY_PROFILE_ENABLED account property.
It seems fine to resolve any /u/USER_ID link as long as the profile is enabled.

@julien-nc julien-nc added enhancement New feature or request 3. to review Waiting for reviews labels Nov 29, 2024
@SebastianKrupinski
Copy link
Contributor

SebastianKrupinski commented Nov 29, 2024

Hi @julien-nc

How do I test? What am I looking for.

@julien-nc
Copy link
Member Author

julien-nc commented Dec 2, 2024

@SebastianKrupinski This adds a "profile picker" entry in the smart picker and a reference widget (link preview) for /u/USER_ID links.

@julien-nc julien-nc force-pushed the enh/noid/profile-picker-move branch 4 times, most recently from 9090d67 to 4fb561f Compare December 4, 2024 14:15
@codecov
Copy link

codecov bot commented Dec 4, 2024
edited
Loading

Codecov Report

❌ Patch coverage is 34.43396% with 139 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
.../components/ProfilePicker/ProfilesCustomPicker.vue 0.00% 72 Missing ⚠️
...nts/ProfilePicker/ProfilePickerReferenceWidget.vue 0.00% 37 Missing ⚠️
src/reference.js 0.00% 17 Missing ⚠️
lib/Reference/ProfilePickerReferenceProvider.php 91.25% 7 Missing ⚠️
lib/Listener/ProfilePickerReferenceListener.php 0.00% 4 Missing ⚠️
lib/AppInfo/Application.php 0.00% 2 Missing ⚠️

📢 Thoughts on this report? Let us know!

@julien-nc
Copy link
Member Author

julien-nc commented Dec 4, 2024
edited
Loading

@SebastianKrupinski I made a few more adjustments. CI is green. It is now ready to be tested.

@ChristophWurst
Copy link
Member

ChristophWurst commented Dec 4, 2024

Dear @julien-nc,

Thank you for your contribution!

About #3487 (review) I'm not sure I see the issue. The frontend is using the ocs/v2.php/core/autocomplete/get endpoint which should respect the sharing settings.

That is correct for the part of searching. But once a reference is selected, there is no more check in ProfilePickerReferenceProvider.
I could abuse that to render a reference to a user I would otherwise not see. The reference contains any non-private data.

I suggest we test this specific scenario and see how the code behaves. I just want to have clarity on this point before the code goes into the main branch.

@ChristophWurst
Copy link
Member

ChristophWurst commented Dec 4, 2024

@julien-nc on a higher level, what do you think about moving the app/code into server instead? The picker picks users, not contacts. There is nothing specific to contacts (or event teams) in the code.

@julien-nc julien-nc force-pushed the enh/noid/profile-picker-move branch 2 times, most recently from a8bdf1e to 686282e Compare December 5, 2024 16:39
@julien-nc
Copy link
Member Author

julien-nc commented Dec 5, 2024

@ChristophWurst Yes we can move it to server.

I'd still like to have your opinion on the last changes. We now check the visibility of the profile fields with the ProfileManager. This respects the scopes and the visibility settings.

I could abuse that to render a reference to a user I would otherwise not see. The reference contains any non-private data.

Now the preview can't display any information that would not be visible by clicking the link to browse the profile page.

@julien-nc julien-nc force-pushed the enh/noid/profile-picker-move branch 2 times, most recently from cbc1051 to a7cc035 Compare December 17, 2024 12:00
ChristophWurst
ChristophWurst reviewed Jan 16, 2025
View reviewed changes
lib/Reference/ProfilePickerReferenceProvider.php
Comment on lines +93 to +140
$userDisplayName = $user->getDisplayName();
$userEmail = $user->getEMailAddress();
$userAvatarUrl = $this->urlGenerator->linkToRouteAbsolute('core.avatar.getAvatar', ['userId' => $userId, 'size' => '64']);

$bioProperty = $account->getProperty(IAccountManager::PROPERTY_BIOGRAPHY);
$bio = null;
$fullBio = null;
if ($this->profileManager->isProfileFieldVisible(IAccountManager::PROPERTY_BIOGRAPHY, $user, $currentUser)) {
$fullBio = $bioProperty->getValue();
$bio = $fullBio !== ''
? (mb_strlen($fullBio) > 80
? (mb_substr($fullBio, 0, 80) . '...')
: $fullBio)
: null;
}
$headline = $account->getProperty(IAccountManager::PROPERTY_HEADLINE);
$location = $account->getProperty(IAccountManager::PROPERTY_ADDRESS);
$website = $account->getProperty(IAccountManager::PROPERTY_WEBSITE);
$organisation = $account->getProperty(IAccountManager::PROPERTY_ORGANISATION);
$role = $account->getProperty(IAccountManager::PROPERTY_ROLE);

// for clients who can't render the reference widgets
$reference->setTitle($userDisplayName);
$reference->setDescription($userEmail ?? $userDisplayName);
$reference->setImageUrl($userAvatarUrl);

$isLocationVisible = $this->profileManager->isProfileFieldVisible(IAccountManager::PROPERTY_ADDRESS, $user, $currentUser);

// for the Vue reference widget
$reference->setRichObject(
self::RICH_OBJECT_TYPE,
[
'user_id' => $userId,
'title' => $userDisplayName,
'subline' => $userEmail ?? $userDisplayName,
'email' => $userEmail,
'bio' => $bio,
'full_bio' => $fullBio,
'headline' => $this->profileManager->isProfileFieldVisible(IAccountManager::PROPERTY_HEADLINE, $user, $currentUser) ? $headline->getValue() : null,
'location' => $isLocationVisible ? $location->getValue() : null,
'location_url' => $isLocationVisible ? $this->getOpenStreetLocationUrl($location->getValue()) : null,
'website' => $this->profileManager->isProfileFieldVisible(IAccountManager::PROPERTY_WEBSITE, $user, $currentUser) ? $website->getValue() : null,
'organisation' => $this->profileManager->isProfileFieldVisible(IAccountManager::PROPERTY_ORGANISATION, $user, $currentUser) ? $organisation->getValue() : null,
'role' => $this->profileManager->isProfileFieldVisible(IAccountManager::PROPERTY_ROLE, $user, $currentUser) ? $role->getValue() : null,
'url' => $referenceText,
]
);
return $reference;
Copy link
Member

@ChristophWurst ChristophWurst Jan 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With these new checks it looks like we are only exposing data that should be visible to the active user 👍

Looks good

andrey18106 added a commit to nextcloud/users_picker that referenced this pull request Jan 21, 2025
@andrey18106
feat: v1.2.0 maintenance update
e422db5 
chore: bump app version, NC30-31
chore: update changelog
enh: migrate adjustments from (nextcloud/contacts#4231)
chore: update npm packages

Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
@andrey18106 andrey18106 mentioned this pull request Jan 21, 2025
Merged
andrey18106 added a commit to nextcloud/users_picker that referenced this pull request Jan 21, 2025
@andrey18106
feat: v1.2.0 maintenance update (#21)
3fd3f31 
chore: bump app version, NC30-31
chore: update changelog
enh: migrate adjustments from (nextcloud/contacts#4231)
chore: update npm packages

Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
andrey18106 and others added 4 commits January 12, 2026 11:25
@andrey18106 @julien-nc
feat(picker): Move users_picker profile custom picker to contacts
0a4b32c 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc
chore: fix licenses
b086f6c 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc
fix: profile picker tests
f14afb5 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc
feat(profilepicker): check fields visibility in reference provider
d0bc3c1 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc julien-nc force-pushed the enh/noid/profile-picker-move branch from a7cc035 to d0bc3c1 Compare January 12, 2026 10:26
@julien-nc
feat(profilepicker): migrate to vue 3
de80604 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc
feat(profilepicker): fix CI errors
98d8e16 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc julien-nc force-pushed the enh/noid/profile-picker-move branch from da271f4 to 98d8e16 Compare January 13, 2026 11:02
@ChristophWurst ChristophWurst removed their request for review January 13, 2026 12:31
@ChristophWurst
Copy link
Member

ChristophWurst commented Jan 13, 2026

Is the plan to move the user picker into the Contacts app still?

@julien-nc
Copy link
Member Author

julien-nc commented Jan 13, 2026
edited
Loading

No. Let's decide how to move it to server. Should it be a shipped app or in the core? I leaning towards a shipped app to isolate it (and make the move simpler 😁 ).

@ChristophWurst
Copy link
Member

ChristophWurst commented Jan 14, 2026

I'm fine with either. Shipped app is easy to set up, but cumbersome to maintain. Moving to server is more work now but easier to keep alive in the long run because it will live in a very active repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChristophWurst ChristophWurst ChristophWurst left review comments

@hamza221 hamza221 Awaiting requested review from hamza221 hamza221 is a code owner

@SebastianKrupinski SebastianKrupinski Awaiting requested review from SebastianKrupinski SebastianKrupinski is a code owner

@GVodyanov GVodyanov Awaiting requested review from GVodyanov GVodyanov is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

3. to review Waiting for reviews enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@julien-nc @SebastianKrupinski @ChristophWurst @andrey18106