App: [HOLD for payment 2023-07-24] [$1000] Web- Flagged as a violation message from the concierge can be deleted in room

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!

Action Performed:

Go to any Public room that User A has created and User B is a member of that group
Send a message from User A
Go to User B and Flag it as Violation (Spam).
Now go to User A and notice that a message from the concierge appears.
As User A, delete the message from the concierge.

Expected Result:

Flagged as a violation message from the concierge can’t be deleted

Actual Result:

Flagged as a violation

Workaround:

Unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

Android / native
Android / Chrome
iOS / native
iOS / Safari
MacOS / Chrome / Safari
MacOS / Desktop

Version Number: 1.3.33-4 Reproducible in staging?: y Reproducible in production?: y If this was caught during regression testing, add the test name, ID and link from TestRail: Email or phone of affected tester (no customers): Logs: https://stackoverflow.com/c/expensify/questions/4856 Notes/Photos/Videos: Any additional supporting documentation

https://github.com/Expensify/App/assets/93399543/6cac7cf6-1ddc-4d87-92bf-0257331a5636

https://github.com/Expensify/App/assets/93399543/8c95e9a5-2246-402c-94d5-f02f911532f5

Expensify/Expensify Issue URL: Issue reported by: @daveSeife Slack conversation: https://expensify.slack.com/archives/C049HHMV9SM/p1687896716749819

View all open jobs on GitHub

Upwork Automation - Do Not Edit

Upwork Job URL: https://www.upwork.com/jobs/~012848636c2b7e6eeb
Upwork Job ID: 1676954069734211584
Last Price Increase: 2023-07-06

About this issue

Original URL
State: closed
Created a year ago
Comments: 33 (16 by maintainers)

Most upvoted comments

Reviewed details for @eVoloshchak. These details are accurate based on summary from Business Reviewer and are now approved for payment in NewDot.

JmillsExpensify on Aug 3, 2023

Regression Test Proposal

Go to any Public room that User A has created and User B is a member of that group
Send a message from User A
Go to User B and Flag it as Violation (Spam).
Now go to User A and notice that a message from the concierge appears.
As User A, long press or right-click on the message from concierge
Verify there is no option to delete the message

Do we agree 👍 or 👎

eVoloshchak on Jul 25, 2023

📣 @daveSeife 🎉 An offer has been automatically sent to your Upwork account for the Reporter role 🎉 Thanks for contributing to the Expensify app!

Upwork job

Accepted the offer. Thank you!

daveSeife on Jul 11, 2023

@eVoloshchak My bad, when I mistakenly merged the commit of this PR into another PR. So created another PR to review.

dukenv0307 on Jul 11, 2023

While both proposals would resolve the issue, I think @dukenv0307’s proposal is better

Adding a check directly to canDeleteReportAction is better, currently the function isn’t doing when the comment says it’s supposed to do: Can only delete if the author is this user and the action is an ADDCOMMENT action or an IOU action in an unsettled report, or if the user is a policy admin

Can only delete if the author is this user, this definitely shouldn’t return true for a message sent by Concierge

🎀👀🎀 C+ reviewed! cc: @johncschuster

eVoloshchak on Jul 10, 2023