We basically want to annotate certain messages (adding links) but it does not
seem to be possible using Slack API. Only way to modify is to give permission
to the user who posted that message and modify it as that user.
I can delete other users comments or file.
I have tried to update others messages using legacy token, app token's with
full permissions but no success. I called Slack API as a owner or admin.
I used chat.update Slack api method.
The response from the api call is an error "cant_update_message"
"headers": {
....
},
"ok": false,
"error": "cant_update_message"
}
Well it is not possible even if you are an admin, as slack article say:
Mistkaes Mistakes sometimes happen. Fortunately, members can edit and delete the messages they send in Slack (if allowed by Workspace Owners and Admins). Workspace Owners can also delete messages in public channels and private channels they've joined.
Slack Roles are the following:
Owner
Admin
Permissions
Owner and admin permissions:
Manage or #mention user groups
Set private channel retention
Delete a channel
Rename a channel if you created the channel you can rename it.
Make a public channel private
Create a private shared channel
Create a shared channel
Delete your own messages
Remove people from channels
Invite Guests to a public channel
Invite a Single-Channel Guest to a private channel
Delete other people's messages
Invite new Guest members
Deactivate a member's account
Promote a Workspace Admin
Only Owners
Demote a Workspace Admin
Promote a Workspace Owner
Turn on Approved Apps
All of these permissions are allowed to them just, if you want to know all permissions, read more
It is only possible to edit your own messages (assuming this is allows in your workspace), but never the messages of others. That is the same for all users including admins and owners. And its the same with the API method chat.update.
But there is a workaround: Your app can gather tokens from every user in your workspace and then use those token to impersonate each users allowing your app to change every message. This will require each user to install the app once. Your app then just needs to use the matching token to update each message.
Note that this workaround has some obvious drawbacks, e.g. giving your app access to all message and channels on the workspace and also requires some organizational effort to maintain.
Related
Requirement: Continuously manage membership of a private channel based on external-to-slack criteria, preventing channel members from kicking the bot from the channel!
I can't find a way to meet:
Allow a Slack bot to manage a private channel it's a member of: inviting and kicking users at-will,
Prevent users of the channel from kicking the Slack bot.
Under Settings & Permissions -> Permissions -> Channel Management there's the People who can remove members from private channels: option.
If I choose Everyone, then
Is satisfied: bot can kick users,
Isn't satisfied: Users can kick the bot.
If I choose Workspace Admins and Owners only, then
Isn't satisfied: bot can't kick users because it's not admin or owner,
Is satisfied: Users can't kick the bot!
Would love a workaround this this...
Solution was at Oauth request time ask for the groups:write scope for both the bot and the user. Then when making the conversations.kick API call pass the user token (who has Owner or Admin privileges).
Following this approaches lets your bot (acting as the user who installed it) to kick private channel members when People who can remove members from private channels = Workspace Admins and Owners only.
I have a slack application and I have authenticated using this application. When I list all the channels, some of the private channels are not listed. Do we need the access token of workspace admin to list all the private and public channels?
Stumbled across this question when Googling for a similar issue in a large org - I was getting the public channels, but not all of them were showing.
Turns out Slack has a default limit of returning 100 channels. To bypass this, simply pass a limit: 9999 parameter, eg:
app.client.conversations.list({
token: process.env.SLACK_BOT_TOKEN,
limit: 9999
}).then((res: any) => {...})
See also: conversations.list API
Here is how Slack's security architecture works, which explains why you don't get all private channels with conversations.list.
A user only can only see private channel he is a member of. That includes users with admins and owner role, so even the creator of a workspace does not see private channels he is not invited to.
There are two types of tokens:
User token inherit the access rights from the user who installs the
Slack app. So if you installed a Slack app it can only see the
private channels that you are a member of.
Its a bit different with bot token. With a bot token the app can
only see private channel the bot user is a member of.
There are two workarounds to get access to all channels:
Generic user
Ensure a the generic user (e.g. slackadmin) is a member of all private channels. Then using his access token a Slack app also has access to all those private channels. This is an organizational solution.
Collect all user tokens
Collect the tokens of all users on your workspace and then use those tokens to access all conversations incl. private channels their are a member of.
This can be achieved by asking every user to install your Slack app once (via standard OAuth "Add to Slack" process), which is called a configuration in Slack terms.
response = client.conversations_list(types="public_channel, private_channel")
See https://slack.dev/python-slackclient/conversations.html
It always updates my user profile instead of the user that I specify in X-Slack-User:
https://slack.com/api/users.profile.set?token=yadayadayada&X-Slack-User=XYZ23456&Content-type=application/json&charset=utf-8&profile={"status_text": "Test #1","status_emoji": ":gb:","status_expiration": "5"}
The user Ids that I tried to specify are valid ones, I'm an admin and I created an app with the required rights, the legacy token did no good as well, this works, but just for my user, X-Slack-User is not working in my case.
I'm on a free plan so passing "user" as a param doesn't work for me, as states the API: "ID of user to change. This argument may only be specified by team admins on paid teams."
Is there maybe another way to update the status of other users on a free plan Slack?
As you already stated the API method users.profile.set can only be used to change the profile of other users if you are an admin and on a paid team. A property X-Slack-User is not part of the API, so it will not work either.
There is a workaround for teams on a free plan tough:
The API method will always work to change the profile for the owner of a token. You could collect tokens from all you users and then use those to change the status for each user. For that each user will have to install your app though OAuth once. This will create individual tokens for each user, which your app needs to store. This is called "configurations".
Imagine I have a Slack app. After someone logs in with his or her Slack account,
I get their team ID.
Is it possible to use this team ID to get a list of all users that belong to
the same team as the logged in one?
What I tried
I looked at the users.list request
in the Slack docs, but it appears that it returns only those users who are in
the same team as me (i. e. I can get a list of my colleagues, but not those of
another user). In particular, there is no way to specify the team id.
Yes, that is possible. The Slack team is linked to the access token you use for users.list. If you use your own access token, you will of course only get the users from your own team.
To get the users from other Slack teams you need to use the access token your Slack app received during installation to that team (e.g. via Slack button). Your Slack app will also need the OAuth permission scopes users:read.
In messaging platforms like Slack and HipChat you can integrate apps that can post messages to groups without them being sent from a user e.g.
Defect Management System: A new defect was logged at 12pm
Instead of:
John Smith: A new defect was logged at 12pm
Is it possible to do the same thing in Yammer?
There are two options available for you:
1 - You can create a new user on Yammer, name it however you want (e.g., "Defect Management System" with a snazzy avatar), then take the user's OAUTH token and use it to impersonate that user programmatically. This is fine for quick development.
2 - You can create a new user on Yammer, name it however you want, then register a new app on Yammer to get a permanent token and client ID, then use those to impersonate that user programmatically. This is the right way to do it. You can read more about how to do this on https://developer.yammer.com/introduction/#gs-registerapp.
This is an example of a user that we impersonate. It is a bot on our network. It is a separate account in AD and is registered as an app in Yammer and interacts with Yammer automatically.
You are always impersonating a user in Yammer via the API, there isn't a way to impersonate a group, in the way that Slack does (i.e. being able to override the username displayed and replace it with a bot for example in your payload)
If this app is for internal use, you could consider creating a dummy user as a bot to post defects, and then using Custom Object Types & Actions in Open Graph to further customize the messages. Obviously there are some business & administration considerations in doing that, not just development ones.