[HOLD for payment 2023-12-28] [$500] Mentioning an email with double @ sign results in an invalid email mention

[m-natarajan]

If you haven’t already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!

---

Action Performed:

1. Open any chat
2. Type @ and select any email from suggestions
3. Move the cursor to the beginning
4. Add another @ sign
5. Hit the send button
6. Click on the mentioned email

Expected Result:

The valid email is mentioned

Actual Result:

Invalid email is mentioned

Workaround:

unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

• Android / native
• Android / Chrome
• iOS / native
• iOS / Safari
• MacOS / Chrome / Safari
• MacOS / Desktop

Version Number: 1.3.78-2
Reproducible in staging?: y
Reproducible in production?: y
If this was caught during regression testing, add the test name, ID and link from TestRail:
Email or phone of affected tester (no customers):
Logs: https://stackoverflow.com/c/expensify/questions/4856
Notes/Photos/Videos: Any additional supporting documentation

web.mov

desktop.mov

RPReplay_Final1696444877.MP4

RPReplay_Final1696444780.MP4

Screen_Recording_20231004_232047_New.Expensify.MP4

Screen_Recording_20231004_232235_Chrome.MP4

Recording.481.mp4

Expensify/Expensify Issue URL:
Issue reported by: @adeel0202
Slack conversation: https://expensify.slack.com/archives/C049HHMV9SM/p1696445508377469

View all open jobs on GitHub

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~016783de9809fcb5bd
• Upwork Job ID: 1710001713857413120
• Last Price Increase: 2023-12-07
• Automatic offers:
• Victor-Nyagudi | Contributor | 28037832

[melvin-bot]

Job added to Upwork: https://www.upwork.com/jobs/~016783de9809fcb5bd

[melvin-bot]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @Santhosh-Sellavel (External)

[abdel-h66]

Proposal

Please re-state the problem that we are trying to solve in this issue.

Mentions with Double leading @ redirect to the wrong route

What is the root cause of that problem?

To correctly calculate the display name or the login of the mentioned user, we only remove the leading @
using

App/src/components/HTMLEngineProvider/HTMLRenderers/MentionUserRenderer.js

Lines 45 to 50 in 8d42ad3

	} else if (!_.isEmpty(props.tnode.data)) {
	// We need to remove the LTR unicode and leading @ from data as it is not part of the login
	displayNameOrLogin = props.tnode.data.replace(CONST.UNICODE.LTR, '').slice(1);
	accountID = _.first(PersonalDetailsUtils.getAccountIDsByLogins([displayNameOrLogin]));
	navigationRoute = ROUTES.DETAILS.getRoute(displayNameOrLogin);

This only remove the first @ and the LTR unicode, but in the case of having the double @ it will keep it and causes the navigation link to contain that extra @

What changes do you think we should make in order to solve the problem?

We can use the following regex to remove all the leading @ and correctly calculate the navigation link

 displayNameOrLogin = props.tnode.data.replace(/^((CONST\.UNICODE\.LTR)*@)*/, '')

Test 1: Removing multiple leading @ characters

const str = '@@@hello world';
const result = str.replace(/^((CONST\.UNICODE\.LTR)*@)*/, '');
console.log(result); // Output: 'hello world'

Test 2: Removing one leading @ character

const str = '@hello world';
const result = str.replace(/^((CONST\.UNICODE\.LTR)*@)*/, '');
console.log(result); // Output: 'hello world'

What alternative solutions did you explore? (Optional)

N/A

[akamefi202]

Proposal

Please re-state the problem that we are trying to solve in this issue.

Mentioning an email with double @ sign results in an invalid email mention.

What is the root cause of that problem?

The root cause is replace regex of userMentions in ExpensiMark class of expensify-common repo.
https://github.com/Expensify/expensify-common/blob/bc275547d5e0e36cfd25169bdb6eb0ae3f505bf2/lib/ExpensiMark.js#L111-L120

Currently, it inputs the whole string inside <mention-user> tag if the string is matched with regex.
So even if the string contains multiple @ characters at the first, <mention-user> tag will include all those @ characters too.

@@[email protected] => <mention-user>@@[email protected]</mention-user>

That's why the app shows invalid email with @ characters at first, on the mentioned email.

What changes do you think we should make in order to solve the problem?

We need to update replace regex of userMentions to input only one @ character inside <mention-user> tag.
Rest of @ characters should stay outside of <mention-user> tag.

name: 'userMentions',
regex: new RegExp(`[a-zA-Z0-9.!$%&+/=?^\`{|}-]?(@*?)(@${CONST.REG_EXP.EMAIL_PART})(?!((?:(?!<a).)+)?<\\/a>|[^<]*(<\\/pre>|<\\/code>))`, 'gm'),
replacement: (match, g1, g2) => {
    if (!Str.isValidMention(match)) {
        return match;
    }
    return `${g1}<mention-user>${g2}</mention-user>`;
},

As a result, the app will show valid email although the user inputs multiple @ characters at first.

@@[email protected] => @<mention-user>@[email protected]</mention-user>

What alternative solutions did you explore? (Optional)

N/A

[Victor-Nyagudi]

Proposal

Please re-state the problem that we are trying to solve in this issue.

Mentioning an email with double @ sign results in an invalid email mention

What is the root cause of that problem?

We're matching multiple @ signs in the regex of user mentions rule in ExpensiMark i.e. the @+ in the @+${CONST.REG_EXP.EMAIL_PART} section matches one or more @ symbols.

regex: new RegExp(`[a-zA-Z0-9.!$%&+/=?^\`{|}-]?@+${CONST.REG_EXP.EMAIL_PART}(?!((?:(?!<a).)+)?<\\/a>|[^<]*(<\\/pre>|<\\/code>))`, 'gm'),

What changes do you think we should make in order to solve the problem?

I propose removing the + after the @ symbol so only one @ is matched.

regex: new RegExp(`[a-zA-Z0-9.!$%&+/=?^\`{|}-]?@${CONST.REG_EXP.EMAIL_PART}(?!((?:(?!<a).)+)?<\\/a>|[^<]*(<\\/pre>|<\\/code>))`, 'gm'),

This is what the regex will capture whenever there are multiple leading @ symbols after this change.

@@@@[email protected]

This behavior is also consistent with what we currently have when there are multiple leading @ symbols for @here mentions.

Demo after changes

expensify-fix-double-at-symbol-bug-demo.mov

What alternative solutions did you explore? (Optional)

None as of yet.

[melvin-bot]

@Santhosh-Sellavel Uh oh! This issue is overdue by 2 days. Don't forget to update your issues!

[Santhosh-Sellavel]

Thanks, @akamefi202 @Victor-Nyagudi Both of your proposals work.

I like your @Victor-Nyagudi as its cleaner and does the job. Wondering why + was added in the first place, are we missing something?

[Victor-Nyagudi]

I'm not sure either, @Santhosh-Sellavel.

I looked through the merged PRs dealing with mentions, and I didn't find any that added the +. It's possible it may have always been there from the beginning.

EDIT: Specified what the PRs I looked at dealt with.

[melvin-bot]

Triggered auto assignment to @abekkala (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

[melvin-bot]

Bug0 Triage Checklist (Main S/O)

• This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
• This bug is not a duplicate report (check E/App issues and #expensify-bugs)
  • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
• This bug is reproducible using the reproduction steps in the OP. S/O
  • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
  • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
• This issue is filled out as thoroughly and clearly as possible
  • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
• I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

[abekkala]

@Santhosh-Sellavel do you have any further input for the proposals that were provided?

[melvin-bot]

📣 It's been a week! Do we have any satisfactory proposals yet? Do we need to adjust the bounty for this issue? 💸

[Santhosh-Sellavel]

Asked here for clarifications regarding this proposal.

[melvin-bot]

@abekkala, @Santhosh-Sellavel Uh oh! This issue is overdue by 2 days. Don't forget to update your issues!

[abekkala]

@getusha can you respond to @Santhosh-Sellavel question

Asked here for clarifications regarding this #28946 (comment).

[Victor-Nyagudi]

@abekkala They responded.

[melvin-bot]

Reviewing label has been removed, please complete the "BugZero Checklist".

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.4.14-6 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• Update expensify-common commit hash in package.json #33142

If no regressions arise, payment will be issued on 2023-12-28. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

• External issue reporter
• Contributor that fixed the issue
• Contributor+ that helped on the issue and/or PR

For reference, here are some details about the assignees on this issue:

• @Victor-Nyagudi requires payment automatic offer (Contributor)
• @Santhosh-Sellavel requires payment through NewDot Manual Requests
• @adeel0202 requires payment (Needs manual offer from BZ)

[melvin-bot]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@Santhosh-Sellavel] The PR that introduced the bug has been identified. Link to the PR:
• [@Santhosh-Sellavel] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
• [@Santhosh-Sellavel] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
• [@Santhosh-Sellavel] Determine if we should create a regression test for this bug.
• [@Santhosh-Sellavel] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
• [@abekkala / @kadiealexander] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

[melvin-bot]

@amyevans, @abekkala, @kadiealexander, @Victor-Nyagudi, @Santhosh-Sellavel Eep! 4 days overdue now. Issues have feelings too...

[melvin-bot]

@amyevans, @abekkala, @kadiealexander, @Victor-Nyagudi, @Santhosh-Sellavel Huh... This is 4 days overdue. Who can take care of this?

[Santhosh-Sellavel]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@Santhosh-Sellavel] The PR that introduced the bug has been identified. Link to the PR: feat: add rules to recognize user and @here mentions expensify-common#524
• [@Santhosh-Sellavel] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment: https://github.com/Expensify/expensify-common/pull/524/files#r1357339778
• [@Santhosh-Sellavel] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion: N/A
• [@Santhosh-Sellavel] Determine if we should create a regression test for this bug. Yes
• [@Santhosh-Sellavel] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again. [HOLD for payment 2023-12-28] [$500] Mentioning an email with double @ sign results in an invalid email mention #28946 (comment)
• [@abekkala / @kadiealexander] Link the GH issue for creating/updating the regression test once above steps have been agreed upon: https://github.com/Expensify/Expensify/issues/356530

[Santhosh-Sellavel]

Bug: Mentioning an email with double @ sign results in an invalid email mention

Steps:

1. Log into an account and open a report
2. Type '@' in the composer followed by the valid email of someone you've chatted with before. You can also optionally select one from the mentions' suggestions list.
3. Place the cursor at the beginning of the composer, type another '@' sign, and then send the message.
4. Verify that only the first '@' sign before the email and the email is highlighted e.g. @@[email protected].
5. Repeat step 2 and then send the message.
6. Verify that a regular mention with one '@' sign works as usual.

[abekkala]

I'm back from ooo, unassigning @kadiealexander and creating regression test GH and payment today

[abekkala]

@Victor-Nyagudi payment sent and contract ended - thank you! 🎉

[abekkala]

@adeel0202 payment offer sent in Upwork - once accepted, I can process payment

[abekkala]

@Santhosh-Sellavel - [$500] to be made via New Dot

[adeel0202]

@adeel0202 payment offer sent in Upwork - once accepted, I can process payment

Thanks. I've accepted.

[abekkala]

@adeel0202 payment sent and contract ended - thank you! 🎉

[abekkala]

@Santhosh-Sellavel have you requested/received your payment in NewDot?

[Santhosh-Sellavel]

Requested on ND

[abekkala]

PAYMENTS:

Muhammad Adeel Nawaz paid ✅
Victor-Nyagudi paid ✅

Santosh - requested payment [$500] in ND

[JmillsExpensify]

$500 payment approved for @Santhosh-Sellavel based on this comment.