Skip to content

MM-68992 - add attribute value masking documentation#9000

Open
pvev wants to merge 2 commits into
masterfrom
MM-68992-add-attribute-masking-docs
Open

MM-68992 - add attribute value masking documentation#9000
pvev wants to merge 2 commits into
masterfrom
MM-68992-add-attribute-masking-docs

Conversation

@pvev
Copy link
Copy Markdown
Contributor

@pvev pvev commented May 27, 2026

Summary

Adds attribute value masking documentation

Ticket Link

https://mattermost.atlassian.net/browse/MM-68992

@pvev pvev requested review from Combs7th, davidkrauser and esethna May 27, 2026 10:11
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 27, 2026

Newest code from mattermost has been published to preview environment for Git SHA 3541fde

@amyblais amyblais added this to the v11.8.0 milestone May 28, 2026
@amyblais amyblais added 1: Dev Review Requires review by a core commiter 2: Editor Review Requires review by an editor labels May 28, 2026
davidkrauser
davidkrauser approved these changes May 28, 2026
View reviewed changes
Copy link
Copy Markdown

@davidkrauser davidkrauser left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great - thanks for documenting this. Have a few comments, but pre-approving.

Comment thread source/administration-guide/manage/admin/abac-channel-access-rules.rst Outdated

.. note::

If a policy rule references attribute values you don't hold, those values appear as ``--------`` and the row is read-only. Test and Delete actions are also disabled for those rows. See :ref:`Attribute value masking <administration-guide/manage/admin/abac-system-wide-policies:attribute value masking>` for details.
Copy link
Copy Markdown

@davidkrauser davidkrauser May 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is only for shared_only attributes, right? Should we specify that?

Copy link
Copy Markdown
Contributor Author

@pvev pvev May 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

agree, better to clarify this.

Comment thread source/administration-guide/manage/admin/user-attributes.rst
Attribute access modes
-----------------------

Each user attribute has an **access mode** that controls who can see its values when those values appear in access control policies. The access mode is set per attribute and determines whether an admin editing a policy can see the raw attribute values referenced in its rules.
Copy link
Copy Markdown

@davidkrauser davidkrauser May 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we specify that these access modes are only available for custom plugins to set?

Copy link
Copy Markdown
Contributor Author

@pvev pvev May 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, that makes sense. Is hard even for us internally to get how this exactly works. Will add a new section briefly explaining this. I will ask you again for feedback once done @davidkrauser 👍

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 28, 2026

Newest code from mattermost has been published to preview environment for Git SHA 9f98329

@pvev pvev requested a review from davidkrauser May 29, 2026 08:08
@pvev
Copy link
Copy Markdown
Contributor Author

pvev commented May 29, 2026

@davidkrauser one quick look to commit 9f98329 🙏

@amyblais amyblais removed the 1: Dev Review Requires review by a core commiter label Jun 2, 2026
@pvev
Copy link
Copy Markdown
Contributor Author

pvev commented Jun 2, 2026

@amyblais @marianunez since we are not enabling the FF for this 11.8 release, perhaps we want to hold on this PR so it wont cause confusion on customers.

@amyblais
Copy link
Copy Markdown
Member

amyblais commented Jun 2, 2026

since we are not enabling the FF for this 11.8 release, perhaps we want to hold on this PR so it wont cause confusion on customers.

@pvev Sounds good, I'll rebase it to master.

@amyblais amyblais changed the base branch from v11.8-documentation to master June 2, 2026 15:29
@amyblais amyblais removed this from the v11.8.0 milestone Jun 2, 2026
@amyblais amyblais added Do Not Merge/Awaiting Next Release To be merged with the next release (e.g. API documentation updates) Do Not Merge Should not be merged until this label is removed and removed Do Not Merge/Awaiting Next Release To be merged with the next release (e.g. API documentation updates) labels Jun 2, 2026
@esethna esethna removed their request for review June 2, 2026 15:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@davidkrauser davidkrauser davidkrauser approved these changes

@Combs7th Combs7th Awaiting requested review from Combs7th

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

2: Editor Review Requires review by an editor Do Not Merge Should not be merged until this label is removed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pvev @amyblais @davidkrauser