MM-68829 Improving UX for DMs sent on PR comments

[avasconcelos114]

Summary

This PR mainly does two things to improve the general experience of receiving DM notifications from the GitHub bot

• Preventing edit or delete PR message events from sending a "new comment" DM notification
• Improving logic that cleans body to prevent issues with html comments in the message from interfering with visibility of message

Ticket Link

Fixes: https://mattermost.atlassian.net/browse/MM-68829

QA Notes

The main webhook event affected by this is the PR commenting, which mainly consists of:

• Notification received by someone who was mentioned in a PR comment (that is neither the author nor the user posting the comment)
• Notification received by the author of the PR

We'll want to make sure that editing a PR comment does not send a new notification to the users as a DM

We might also want to run some regression tests on the following DM notifications to confirm they still append a quote with the body of the comment as well:

• commentMentionNotification — DMs users @mentioned in an issue
• commentAuthorIssueNotification — DMs the issue author when someone comments on their issue
• commentAssigneePullRequestNotification — DMs PR assignees when someone comments on the PR conversation
• commentAssigneeIssueNotification — DMs issue assignees when someone comments on the issue
• commentAssigneeSelfMentionPullRequestNotification — DMs PR assignees who were also @mentioned in the comment
• commentAssigneeSelfMentionIssueNotification — DMs issue assignees who were also @mentioned in the comment

Change Impact: 🟡 Medium

Reasoning: The PR adds new notification handlers for PR review comments and refines message-body cleaning logic used across DM notifications; these are user-facing changes spanning multiple files and flows but remain localized to notification handling with added tests.

Regression Risk: Moderate. New early-return guards and DM-sending paths reduce spam risk but introduce additional code paths (user mapping, permission checks, muted-user filtering) that could silently fail; the cleanBody template helper is exercised via templates but lacks dedicated unit tests.

** QA Recommendation:** Perform manual QA focusing on PR comment workflows: confirm edits/deletes do not produce new DMs and verify quoted comment bodies for the listed notification types (commentMentionNotification, commentAuthorIssueNotification, commentAssigneePullRequestNotification, commentAssigneeIssueNotification, commentAssigneeSelfMentionPullRequestNotification, commentAssigneeSelfMentionIssueNotification) are cleaned correctly. Automated tests cover many cases but do not fully eliminate the need for targeted manual verification.

Generated by CodeRabbitAI

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: b5104e85-4c09-40bc-b843-c93d991a7920

📥 Commits

Reviewing files that changed from the base of the PR and between c49b18c and 42b3f35.

📒 Files selected for processing (1)

• server/plugin/webhook.go

🚧 Files skipped from review as they are similar to previous changes (1)

• server/plugin/webhook.go

---

📝 Walkthrough

Walkthrough

Adds mention and author notification flows for PR review comments. Introduces cleanBody template function, invokes mention/author handlers on created review comments, parses mentioned users, enforces permission and mute checks, sends direct posts or DMs, and updates tests and mocks.

Changes

Review Comment Mention and Author Notifications

Layer / File(s)	Summary
Body cleanup template utility server/plugin/template.go	cleanBody removes GitHub notification footers and HTML comments from bodies; review comment notification templates now use this for quoted bodies.
Test mock builder parameterization server/plugin/test_utils.go	GetMockPullRequestReviewCommentEvent now accepts action, body, and sender and sets PullRequest.User.Login to MockIssueAuthor.
Webhook dispatcher wiring server/plugin/webhook.go	PullRequestReviewCommentEvent handler calls new mention and author notification handlers in addition to the base post handler.
PR review comment post handler refactor server/plugin/webhook.go, server/plugin/webhook_test.go	postPullRequestReviewCommentEvent now only runs for created actions and uses the updated message template variable; tests updated for non-created actions and CreatePost error/success paths.
Mention and author notification handlers server/plugin/webhook.go, server/plugin/webhook_test.go	Adds handleReviewCommentMentionNotification and handleReviewCommentAuthorNotification to clean and parse comment bodies, resolve usernames/author, enforce private-repo permissions and mute filtering, create direct mention posts or author DMs, and trigger refresh; tests cover suppression, mapping misses, and successful notifications.
Issue comment assignee notification action filtering server/plugin/webhook.go, server/plugin/webhook_test.go	handleCommentAssigneeNotification returns early for edited and deleted actions; tests assert these actions are ignored.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

A rabbit hops through mentions and DMs with glee,
Cleaning tails of footers so messages are free,
Authors and mentions now get a polite ping,
Tests hum along as the notification bells ring,
🐰✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Improving UX for DMs sent on PR comments' directly reflects the main objective of the PR: improving direct-message notifications for pull request comments, which is the primary change across all modified files.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fixing_edit_dm_spam

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@server/plugin/webhook.go`:
- Around line 1106-1111: The comparisons that suppress self/author mentions are
using case-sensitive equality against event.GetSender().GetLogin() and
event.GetPullRequest().GetUser().GetLogin(), so usernames with different casing
can bypass suppression; update those checks to perform case-insensitive
comparisons (e.g., use strings.EqualFold or compare lowercased strings) for the
expressions that reference username, event.GetSender().GetLogin(), and
event.GetPullRequest().GetUser().GetLogin(); make the same change at the other
occurrence around lines 1143-1145 so both sender and PR author checks are
case-insensitive.
- Around line 1091-1097: The code reads the comment body into body and only
strips the email footer before calling parseGitHubUsernamesFromText, but HTML
comment blocks (<!-- ... -->) can still contain mentions and trigger DMs; before
calling parseGitHubUsernamesFromText, remove or sanitize any HTML comments from
the comment text (the variable body produced from event.GetComment().GetBody())
so mentions inside <!-- --> are ignored, then pass the cleaned body to
parseGitHubUsernamesFromText (update the body variable or use a new cleanedBody)
to ensure hidden-comment mentions are not parsed.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 03b5dc71-be81-4372-b8f0-96ade155671a

📥 Commits

Reviewing files that changed from the base of the PR and between 5e32dfe and c49b18c.

📒 Files selected for processing (4)

• server/plugin/template.go
• server/plugin/test_utils.go
• server/plugin/webhook.go
• server/plugin/webhook_test.go

[nang2049]

handleCommentMentionNotification filters out mentioned users who are also assignees. Maybe worth mirroring the skip logic for consistency and to avoid double DM?

[nang2049]

We can check if handleCommentAssigneeNotification caller already filters out edit and delete actions. If yes this guard is dead code.

[avasconcelos114]

The caller (handleWebhook) doesn't filter out by action, this has been done for each individual handler previously but this handler in particular was missing it

I'm wondering if we want to move the guard up to handleWebhook but not entirely certain as this would deviate from how every other webhook event is processed (specific action-related guards happening at the handler function-level), what do you think works best here?

[nang2049]

nit: this if cleaned == "" { return "" } block returns "" either way. Just return cleaned

[nang2049]

LGTM otherwise :)