mirrors/signal-desktop
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Support for people banned from joining groups via link

Browse source
This commit is contained in:
Scott Nonnenberg 2022-03-14 18:32:07 -07:00 committed by GitHub
parent 1b7496399b
commit f217730b84
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 455 additions and 108 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
_locales/en/messages.json
View file

@ -4059,6 +4059,14 @@
"message": "This group link is no longer valid.",
"description": "Shown if you click a group link and we can't get information about it"
},
"GroupV2--join--link-forbidden--title": {
"message": "Cant Join Group",
"description": "Shown if you click a group link and you have been forbidden from joining via the link"
},
"GroupV2--join--link-forbidden": {
"message": "You can't join this group via the group link because an admin removed you.",
"description": "Shown if you click a group link and you have been forbidden from joining via the link"
},
"GroupV2--join--prompt-with-approval": {
"message": "An admin of this group must approve your request before you can join this group. If approved, your name and photo will be shared with its members.",
"description": "Shown when you click on a group link to confirm, if it requires admin approval"
@ -5688,6 +5696,16 @@
}
}
},
"PendingRequests--deny-for--with-link": {
"message": "Deny request from \"$name$\"? They will not be able to request to join via the group link again.",
"description": "This is the modal content when confirming denying a group request to join",
"placeholders": {
"name": {
"content": "$1",
"example": "Meowsy Purrington"
}
}
},
"PendingInvites--invites": {
"message": "Invited by you",
"description": "This is the title list of all invites"
@ -6070,6 +6088,16 @@
}
}
},
"RemoveGroupMemberConfirmation__description__with-link": {
"message": "Remove \"$name$\" from the group? They will not be able to rejoin via the group link.",
"description": "When confirming the removal of a group member, show this text in the dialog",
"placeholders": {
"name": {
"content": "$1",
"example": "Jane Doe"
}
}
},
"CaptchaDialog__title": {
"message": "Verify to continue messaging",
"description": "Header in the captcha dialog"

17
protos/Groups.proto
View file

@ -45,6 +45,10 @@ message MemberPendingAdminApproval {
uint64 timestamp = 4;
}
message MemberBanned {
bytes userId = 1;
}
message AccessControl {
enum AccessRequired {
UNKNOWN = 0;
@ -72,6 +76,8 @@ message Group {
bytes inviteLinkPassword = 10;
bytes descriptionBytes = 11;
bool announcementsOnly = 12;
repeated MemberBanned membersBanned = 13;
// next: 14
}
message GroupChange {
@ -121,6 +127,14 @@ message GroupChange {
Member.Role role = 2;
}
message AddMemberBannedAction {
MemberBanned added = 1;
}
message DeleteMemberBannedAction {
bytes deletedUserId = 1;
}
message ModifyTitleAction {
bytes title = 1;
}
@ -183,6 +197,9 @@ message GroupChange {
ModifyInviteLinkPasswordAction modifyInviteLinkPassword = 19; // change epoch = 1
ModifyDescriptionAction modifyDescription = 20; // change epoch = 2
ModifyAnnouncementsOnlyAction modifyAnnouncementsOnly = 21; // change epoch = 3
repeated AddMemberBannedAction addMembersBanned = 22; // change epoch = 4
repeated DeleteMemberBannedAction deleteMembersBanned = 23; // change epoch = 4
// next: 24
}
bytes actions = 1; // The serialized actions

19
ts/components/conversation/ContactModal.stories.tsx
View file

@ -22,17 +22,23 @@ const story = storiesOf('Components/Conversation/ContactModal', module);
const defaultContact: ConversationType = getDefaultConversation({
id: 'abcdef',
areWeAdmin: false,
title: 'Pauline Oliveros',
phoneNumber: '(333) 444-5515',
about: '👍 Free to chat',
});
const defaultGroup: ConversationType = getDefaultConversation({
id: 'abcdef',
areWeAdmin: true,
title: "It's a group",
groupLink: 'something',
});
const createProps = (overrideProps: Partial<PropsType> = {}): PropsType => ({
areWeASubscriber: false,
areWeAdmin: boolean('areWeAdmin', overrideProps.areWeAdmin || false),
badges: overrideProps.badges || [],
contact: overrideProps.contact || defaultContact,
conversation: overrideProps.conversation || defaultGroup,
hideContactModal: action('hideContactModal'),
i18n,
isAdmin: boolean('isAdmin', overrideProps.isAdmin || false),
@ -62,6 +68,17 @@ story.add('As admin', () => {
return <ContactModal {...props} />;
});
story.add('As admin with no group link', () => {
const props = createProps({
areWeAdmin: true,
conversation: {
...defaultGroup,
groupLink: undefined,
},
});
return <ContactModal {...props} />;
});
story.add('As admin, viewing non-member of group', () => {
const props = createProps({
isMember: false,

112
ts/components/conversation/ContactModal.tsx
View file

@ -2,7 +2,9 @@
// SPDX-License-Identifier: AGPL-3.0-only
import React, { useEffect, useState } from 'react';
import type { ReactNode } from 'react';
import * as log from '../../logging/log';
import { missingCaseError } from '../../util/missingCaseError';
import { About } from './About';
import { Avatar } from '../Avatar';
@ -14,13 +16,14 @@ import { BadgeDialog } from '../BadgeDialog';
import type { BadgeType } from '../../badges/types';
import { SharedGroupNames } from '../SharedGroupNames';
import { ConfirmationDialog } from '../ConfirmationDialog';
import { RemoveGroupMemberConfirmationDialog } from './RemoveGroupMemberConfirmationDialog';
export type PropsDataType = {
areWeASubscriber: boolean;
areWeAdmin: boolean;
badges: ReadonlyArray<BadgeType>;
contact?: ConversationType;
conversationId?: string;
conversation?: ConversationType;
readonly i18n: LocalizerType;
isAdmin: boolean;
isMember: boolean;
@ -50,12 +53,18 @@ enum ContactModalView {
ShowingBadges,
}
enum SubModalState {
None = 'None',
ToggleAdmin = 'ToggleAdmin',
MemberRemove = 'MemberRemove',
}
export const ContactModal = ({
areWeASubscriber,
areWeAdmin,
badges,
contact,
conversationId,
conversation,
hideContactModal,
i18n,
isAdmin,
@ -72,14 +81,78 @@ export const ContactModal = ({
}
const [view, setView] = useState(ContactModalView.Default);
const [confirmToggleAdmin, setConfirmToggleAdmin] = useState(false);
const [subModalState, setSubModalState] = useState<SubModalState>(
SubModalState.None
);
useEffect(() => {
if (conversationId) {
if (conversation?.id) {
// Kick off the expensive hydration of the current sharedGroupNames
updateConversationModelSharedGroups(conversationId);
updateConversationModelSharedGroups(conversation.id);
}
}, [conversation?.id, updateConversationModelSharedGroups]);
let modalNode: ReactNode;
switch (subModalState) {
case SubModalState.None:
modalNode = undefined;
break;
case SubModalState.ToggleAdmin:
if (!conversation?.id) {
log.warn('ContactModal: ToggleAdmin state - missing conversationId');
modalNode = undefined;
break;
}
modalNode = (
<ConfirmationDialog
actions={[
{
action: () => toggleAdmin(conversation.id, contact.id),
text: isAdmin
? i18n('ContactModal--rm-admin')
: i18n('ContactModal--make-admin'),
},
]}
i18n={i18n}
onClose={() => setSubModalState(SubModalState.None)}
>
{isAdmin
? i18n('ContactModal--rm-admin-info', [contact.title])
: i18n('ContactModal--make-admin-info', [contact.title])}
</ConfirmationDialog>
);
break;
case SubModalState.MemberRemove:
if (!contact || !conversation?.id) {
log.warn(
'ContactModal: MemberRemove state - missing contact or conversationId'
);
modalNode = undefined;
break;
}
modalNode = (
<RemoveGroupMemberConfirmationDialog
conversation={contact}
group={conversation}
i18n={i18n}
onClose={() => {
setSubModalState(SubModalState.None);
}}
onRemove={() => {
removeMemberFromGroup(conversation?.id, contact.id);
}}
/>
);
break;
default: {
const state: never = subModalState;
log.warn(`ContactModal: unexpected ${state}!`);
modalNode = undefined;
break;
}
}
}, [conversationId, updateConversationModelSharedGroups]);
switch (view) {
case ContactModalView.Default: {
@ -155,12 +228,12 @@ export const ContactModal = ({
<span>{i18n('showSafetyNumber')}</span>
</button>
)}
{!contact.isMe && areWeAdmin && isMember && conversationId && (
{!contact.isMe && areWeAdmin && isMember && conversation?.id && (
<>
<button
type="button"
className="ContactModal__button ContactModal__make-admin"
onClick={() => setConfirmToggleAdmin(true)}
onClick={() => setSubModalState(SubModalState.ToggleAdmin)}
>
<div className="ContactModal__bubble-icon">
<div className="ContactModal__make-admin__bubble-icon" />
@ -174,9 +247,7 @@ export const ContactModal = ({
<button
type="button"
className="ContactModal__button ContactModal__remove-from-group"
onClick={() =>
removeMemberFromGroup(conversationId, contact.id)
}
onClick={() => setSubModalState(SubModalState.MemberRemove)}
>
<div className="ContactModal__bubble-icon">
<div className="ContactModal__remove-from-group__bubble-icon" />
@ -186,24 +257,7 @@ export const ContactModal = ({
</>
)}
</div>
{confirmToggleAdmin && conversationId && (
<ConfirmationDialog
actions={[
{
action: () => toggleAdmin(conversationId, contact.id),
text: isAdmin
? i18n('ContactModal--rm-admin')
: i18n('ContactModal--make-admin'),
},
]}
i18n={i18n}
onClose={() => setConfirmToggleAdmin(false)}
>
{isAdmin
? i18n('ContactModal--rm-admin-info', [contact.title])
: i18n('ContactModal--make-admin-info', [contact.title])}
</ConfirmationDialog>
)}
{modalNode}
</div>
</Modal>
);

6
ts/components/conversation/ContactSpoofingReviewDialog.stories.tsx
View file

@ -23,6 +23,7 @@ const story = storiesOf(
const getCommonProps = () => ({
getPreferredBadge: () => undefined,
i18n,
group: getDefaultConversation(),
onBlock: action('onBlock'),
onBlockAndReportSpam: action('onBlockAndReportSpam'),
onClose: action('onClose'),
@ -51,7 +52,10 @@ story.add('Direct conversations with same title', () => (
<ContactSpoofingReviewDialog
{...getCommonProps()}
type={ContactSpoofingType.MultipleGroupMembersWithSameTitle}
areWeAdmin={areWeAdmin}
group={{
...getDefaultConversation(),
areWeAdmin,
}}
collisionInfoByTitle={{
Alice: times(2, () => ({
oldName: 'Alicia',

23
ts/components/conversation/ContactSpoofingReviewDialog.tsx
View file

@ -43,7 +43,7 @@ type PropsType = {
}
| {
type: ContactSpoofingType.MultipleGroupMembersWithSameTitle;
areWeAdmin: boolean;
group: ConversationType;
collisionInfoByTitle: Record<
string,
Array<{
@ -78,13 +78,20 @@ export const ContactSpoofingReviewDialog: FunctionComponent<PropsType> =
const [confirmationState, setConfirmationState] = useState<
| undefined
| {
type: ConfirmationStateType;
type: ConfirmationStateType.ConfirmingGroupRemoval;
affectedConversation: ConversationType;
group: ConversationType;
}
| {
type:
| ConfirmationStateType.ConfirmingDelete
| ConfirmationStateType.ConfirmingBlock;
affectedConversation: ConversationType;
}
>();
if (confirmationState) {
const { affectedConversation, type } = confirmationState;
const { type, affectedConversation } = confirmationState;
switch (type) {
case ConfirmationStateType.ConfirmingDelete:
case ConfirmationStateType.ConfirmingBlock:
@ -140,10 +147,12 @@ export const ContactSpoofingReviewDialog: FunctionComponent<PropsType> =
}}
/>
);
case ConfirmationStateType.ConfirmingGroupRemoval:
case ConfirmationStateType.ConfirmingGroupRemoval: {
const { group } = confirmationState;
return (
<RemoveGroupMemberConfirmationDialog
conversation={affectedConversation}
group={group}
i18n={i18n}
onClose={() => {
setConfirmationState(undefined);
@ -153,6 +162,7 @@ export const ContactSpoofingReviewDialog: FunctionComponent<PropsType> =
}}
/>
);
}
default:
throw missingCaseError(type);
}
@ -227,7 +237,7 @@ export const ContactSpoofingReviewDialog: FunctionComponent<PropsType> =
break;
}
case ContactSpoofingType.MultipleGroupMembersWithSameTitle: {
const { areWeAdmin, collisionInfoByTitle } = props;
const { group, collisionInfoByTitle } = props;
const unsortedConversationInfos = concat(
// This empty array exists to appease Lodash's type definitions.
@ -254,7 +264,7 @@ export const ContactSpoofingReviewDialog: FunctionComponent<PropsType> =
</h2>
{conversationInfos.map((conversationInfo, index) => {
let button: ReactNode;
if (areWeAdmin) {
if (group.areWeAdmin) {
button = (
<Button
variant={ButtonVariant.SecondaryAffirmative}
@ -262,6 +272,7 @@ export const ContactSpoofingReviewDialog: FunctionComponent<PropsType> =
setConfirmationState({
type: ConfirmationStateType.ConfirmingGroupRemoval,
affectedConversation: conversationInfo.conversation,
group,
});
}}
>

14
ts/components/conversation/RemoveGroupMemberConfirmationDialog.tsx
View file

@ -6,12 +6,14 @@ import React from 'react';
import type { ConversationType } from '../../state/ducks/conversations';
import type { LocalizerType } from '../../types/Util';
import { isAccessControlEnabled } from '../../groups/util';
import { ConfirmationDialog } from '../ConfirmationDialog';
import { Intl } from '../Intl';
import { ContactName } from './ContactName';
type PropsType = {
group: ConversationType;
conversation: ConversationType;
i18n: LocalizerType;
onClose: () => void;
@ -19,7 +21,14 @@ type PropsType = {
};
export const RemoveGroupMemberConfirmationDialog: FunctionComponent<PropsType> =
({ conversation, i18n, onClose, onRemove }) => (
({ conversation, group, i18n, onClose, onRemove }) => {
const descriptionKey = isAccessControlEnabled(
group.accessControlAddFromInviteLink
)
? 'RemoveGroupMemberConfirmation__description__with-link'
: 'RemoveGroupMemberConfirmation__description';
return (
<ConfirmationDialog
actions={[
{
@ -33,7 +42,7 @@ export const RemoveGroupMemberConfirmationDialog: FunctionComponent<PropsType> =
title={
<Intl
i18n={i18n}
id="RemoveGroupMemberConfirmation__description"
id={descriptionKey}
components={{
name: <ContactName title={conversation.title} />,
}}
@ -41,3 +50,4 @@ export const RemoveGroupMemberConfirmationDialog: FunctionComponent<PropsType> =
}
/>
);
};

1
ts/components/conversation/Timeline.stories.tsx
View file

@ -492,6 +492,7 @@ const renderTypingBubble = () => (
);
const useProps = (overrideProps: Partial<PropsType> = {}): PropsType => ({
conversation: overrideProps.conversation || getDefaultConversation(),
discardMessages: action('discardMessages'),
getPreferredBadge: () => undefined,
i18n,

6
ts/components/conversation/Timeline.tsx
View file

@ -94,7 +94,7 @@ export type PropsDataType = {
type PropsHousekeepingType = {
id: string;
areWeAdmin?: boolean;
conversation: ConversationType;
isConversationSelected: boolean;
isGroupV1AndDisabled?: boolean;
isIncomingMessageRequest: boolean;
@ -734,10 +734,10 @@ export class Timeline extends React.Component<
public override render(): JSX.Element | null {
const {
acknowledgeGroupMemberNameCollisions,
areWeAdmin,
clearInvitedUuidsForNewlyCreatedGroup,
closeContactSpoofingReview,
contactSpoofingReview,
conversation,
getPreferredBadge,
getTimestampForMessage,
haveNewest,
@ -1018,7 +1018,7 @@ export class Timeline extends React.Component<
<ContactSpoofingReviewDialog
{...commonProps}
type={ContactSpoofingType.MultipleGroupMembersWithSameTitle}
areWeAdmin={Boolean(areWeAdmin)}
group={conversation}
collisionInfoByTitle={contactSpoofingReview.collisionInfoByTitle}
/>
);

14
ts/components/conversation/conversation-details/PendingInvites.tsx
View file

@ -14,6 +14,7 @@ import { ConfirmationDialog } from '../../ConfirmationDialog';
import { PanelSection } from './PanelSection';
import { PanelRow } from './PanelRow';
import { ConversationDetailsIcon, IconType } from './ConversationDetailsIcon';
import { isAccessControlEnabled } from '../../../groups/util';
export type PropsType = {
readonly conversation?: ConversationType;
@ -147,6 +148,7 @@ export const PendingInvites: React.ComponentType<PropsType> = ({
{stagedMemberships && stagedMemberships.length && (
<MembershipActionConfirmation
approvePendingMembership={approvePendingMembership}
conversation={conversation}
i18n={i18n}
members={conversation.sortedGroupMembers || []}
onClose={() => setStagedMemberships(null)}
@ -161,6 +163,7 @@ export const PendingInvites: React.ComponentType<PropsType> = ({
function MembershipActionConfirmation({
approvePendingMembership,
conversation,
i18n,
members,
onClose,
@ -169,6 +172,7 @@ function MembershipActionConfirmation({
stagedMemberships,
}: {
approvePendingMembership: (conversationId: string) => void;
conversation: ConversationType;
i18n: LocalizerType;
members: Array<ConversationType>;
onClose: () => void;
@ -222,6 +226,7 @@ function MembershipActionConfirmation({
onClose={onClose}
>
{getConfirmationMessage({
conversation,
i18n,
members,
ourUuid,
@ -232,11 +237,13 @@ function MembershipActionConfirmation({
}
function getConfirmationMessage({
conversation,
i18n,
members,
ourUuid,
stagedMemberships,
}: Readonly<{
conversation: ConversationType;
i18n: LocalizerType;
members: ReadonlyArray<ConversationType>;
ourUuid: string;
@ -251,7 +258,12 @@ function getConfirmationMessage({
// Requesting a membership since they weren't added by anyone
if (membershipType === StageType.DENY_REQUEST) {
return i18n('PendingRequests--deny-for', {
const key = isAccessControlEnabled(
conversation.accessControlAddFromInviteLink
)
? 'PendingRequests--deny-for--with-link'
: 'PendingRequests--deny-for';
return i18n(key, {
name: firstMembership.member.title,
});
}

177
ts/groups.ts
View file

@ -74,13 +74,15 @@ import { UUID, isValidUuid } from './types/UUID';
import type { UUIDStringType } from './types/UUID';
import * as Errors from './types/errors';
import { SignalService as Proto } from './protobuf';
import { isNotNil } from './util/isNotNil';
import { isAccessControlEnabled } from './groups/util';
import {
conversationJobQueue,
conversationQueueJobEnum,
} from './jobs/conversationJobQueue';
import AccessRequiredEnum = Proto.AccessControl.AccessRequired;
type AccessRequiredEnum = Proto.AccessControl.AccessRequired;
export { joinViaLink } from './groups/joinViaLink';
@ -271,7 +273,7 @@ export const ID_LENGTH = 32;
const TEMPORAL_AUTH_REJECTED_CODE = 401;
const GROUP_ACCESS_DENIED_CODE = 403;
const GROUP_NONEXISTENT_CODE = 404;
const SUPPORTED_CHANGE_EPOCH = 2;
const SUPPORTED_CHANGE_EPOCH = 4;
export const LINK_VERSION_ERROR = 'LINK_VERSION_ERROR';
const GROUP_INVITE_LINK_PASSWORD_LENGTH = 16;
@ -582,7 +584,7 @@ function buildGroupProto(
export async function buildAddMembersChange(
conversation: Pick<
ConversationAttributesType,
'id' | 'publicParams' | 'revision' | 'secretParams'
'bannedMembersV2' | 'id' | 'publicParams' | 'revision' | 'secretParams'
>,
conversationIds: ReadonlyArray<string>
): Promise<undefined | Proto.GroupChange.Actions> {
@ -621,6 +623,7 @@ export async function buildAddMembersChange(
const addMembers: Array<Proto.GroupChange.Actions.AddMemberAction> = [];
const addPendingMembers: Array<Proto.GroupChange.Actions.AddMemberPendingProfileKeyAction> =
[];
const actions = new Proto.GroupChange.Actions();
await Promise.all(
conversationIds.map(async conversationId => {
@ -679,10 +682,22 @@ export async function buildAddMembersChange(
addPendingMembers.push(addPendingMemberAction);
}
const doesMemberNeedUnban = conversation.bannedMembersV2?.includes(uuid);
if (doesMemberNeedUnban) {
const uuidCipherTextBuffer = encryptUuid(clientZkGroupCipher, uuid);
const deleteMemberBannedAction =
new Proto.GroupChange.Actions.DeleteMemberBannedAction();
deleteMemberBannedAction.deletedUserId = uuidCipherTextBuffer;
actions.deleteMembersBanned = actions.deleteMembersBanned || [];
actions.deleteMembersBanned.push(deleteMemberBannedAction);
}
})
);
const actions = new Proto.GroupChange.Actions();
if (!addMembers.length && !addPendingMembers.length) {
// This shouldn't happen. When these actions are passed to `modifyGroupV2`, a warning
// will be logged.
@ -920,9 +935,11 @@ export function buildAccessControlMembersChange(
// TODO AND-1101
export function buildDeletePendingAdminApprovalMemberChange({
group,
ourUuid,
uuid,
}: {
group: ConversationAttributesType;
ourUuid: UUIDStringType;
uuid: UUIDStringType;
}): Proto.GroupChange.Actions {
const actions = new Proto.GroupChange.Actions();
@ -944,6 +961,18 @@ export function buildDeletePendingAdminApprovalMemberChange({
deleteMemberPendingAdminApproval,
];
const doesMemberNeedBan =
!group.bannedMembersV2?.includes(uuid) && uuid !== ourUuid;
if (doesMemberNeedBan) {
const addMemberBannedAction =
new Proto.GroupChange.Actions.AddMemberBannedAction();
addMemberBannedAction.added = new Proto.MemberBanned();
addMemberBannedAction.added.userId = uuidCipherTextBuffer;
actions.addMembersBanned = [addMemberBannedAction];
}
return actions;
}
@ -990,11 +1019,13 @@ export function buildAddMember({
group,
profileKeyCredentialBase64,
serverPublicParamsBase64,
uuid,
}: {
group: ConversationAttributesType;
profileKeyCredentialBase64: string;
serverPublicParamsBase64: string;
joinFromInviteLink?: boolean;
uuid: UUIDStringType;
}): Proto.GroupChange.Actions {
const MEMBER_ROLE_ENUM = Proto.Member.Role;
@ -1023,6 +1054,18 @@ export function buildAddMember({
actions.version = (group.revision || 0) + 1;
actions.addMembers = [addMember];
const doesMemberNeedUnban = group.bannedMembersV2?.includes(uuid);
if (doesMemberNeedUnban) {
const clientZkGroupCipher = getClientZkGroupCipher(group.secretParams);
const uuidCipherTextBuffer = encryptUuid(clientZkGroupCipher, uuid);
const deleteMemberBannedAction =
new Proto.GroupChange.Actions.DeleteMemberBannedAction();
deleteMemberBannedAction.deletedUserId = uuidCipherTextBuffer;
actions.deleteMembersBanned = [deleteMemberBannedAction];
}
return actions;
}
@ -1057,11 +1100,13 @@ export function buildDeletePendingMemberChange({
}
export function buildDeleteMemberChange({
uuid,
group,
ourUuid,
uuid,
}: {
uuid: UUIDStringType;
group: ConversationAttributesType;
ourUuid: UUIDStringType;
uuid: UUIDStringType;
}): Proto.GroupChange.Actions {
const actions = new Proto.GroupChange.Actions();
@ -1077,6 +1122,19 @@ export function buildDeleteMemberChange({
actions.version = (group.revision || 0) + 1;
actions.deleteMembers = [deleteMember];
const doesMemberNeedBan =
!group.bannedMembersV2?.includes(uuid) && uuid !== ourUuid;
if (doesMemberNeedBan) {
const addMemberBannedAction =
new Proto.GroupChange.Actions.AddMemberBannedAction();
addMemberBannedAction.added = new Proto.MemberBanned();
addMemberBannedAction.added.userId = uuidCipherTextBuffer;
actions.addMembersBanned = [addMemberBannedAction];
}
return actions;
}
@ -3548,12 +3606,12 @@ function extractDiffs({
});
}
const linkPreviouslyEnabled =
old.accessControl?.addFromInviteLink === ACCESS_ENUM.ANY ||
old.accessControl?.addFromInviteLink === ACCESS_ENUM.ADMINISTRATOR;
const linkCurrentlyEnabled =
current.accessControl?.addFromInviteLink === ACCESS_ENUM.ANY ||
current.accessControl?.addFromInviteLink === ACCESS_ENUM.ADMINISTRATOR;
const linkPreviouslyEnabled = isAccessControlEnabled(
old.accessControl?.addFromInviteLink
);
const linkCurrentlyEnabled = isAccessControlEnabled(
current.accessControl?.addFromInviteLink
);
if (!linkPreviouslyEnabled && linkCurrentlyEnabled) {
details.push({
@ -3808,6 +3866,8 @@ function extractDiffs({
});
}
// Note: currently no diff generated for bannedMembersV2 changes
// final processing
let message: MessageAttributesType | undefined;
@ -3967,6 +4027,9 @@ async function applyGroupChange({
> = fromPairs(
(result.pendingAdminApprovalV2 || []).map(member => [member.uuid, member])
);
const bannedMembers: Record<UUIDStringType, UUIDStringType> = fromPairs(
(result.bannedMembersV2 || []).map(uuid => [uuid, uuid])
);
// version?: number;
result.revision = version;
@ -4388,6 +4451,32 @@ async function applyGroupChange({
result.announcementsOnly = announcementsOnly;
}
if (actions.addMembersBanned && actions.addMembersBanned.length > 0) {
actions.addMembersBanned.forEach(uuid => {
if (bannedMembers[uuid]) {
log.warn(
`applyGroupChange/${logId}: Attempt to add banned member failed; was already in banned list.`
);
return;
}
bannedMembers[uuid] = uuid;
});
}
if (actions.deleteMembersBanned && actions.deleteMembersBanned.length > 0) {
actions.deleteMembersBanned.forEach(uuid => {
if (!bannedMembers[uuid]) {
log.warn(
`applyGroupChange/${logId}: Attempt to remove banned member failed; was not in banned list.`
);
return;
}
delete bannedMembers[uuid];
});
}
if (ourUuid) {
result.left = !members[ourUuid];
}
@ -4396,6 +4485,7 @@ async function applyGroupChange({
result.membersV2 = values(members);
result.pendingMembersV2 = values(pendingMembers);
result.pendingAdminApprovalV2 = values(pendingAdminApprovalMembers);
result.bannedMembersV2 = values(bannedMembers);
return {
newAttributes: result,
@ -4650,6 +4740,9 @@ async function applyGroupState({
// announcementsOnly
result.announcementsOnly = groupState.announcementsOnly;
// membersBanned
result.bannedMembersV2 = groupState.membersBanned;
return {
newAttributes: result,
newProfileKeys,
@ -4759,6 +4852,8 @@ type DecryptedGroupChangeActions = {
modifyAnnouncementsOnly?: {
announcementsOnly: boolean;
};
addMembersBanned?: ReadonlyArray<UUIDStringType>;
deleteMembersBanned?: ReadonlyArray<UUIDStringType>;
} & Pick<
Proto.GroupChange.IActions,
| 'modifyAttributesAccess'
@ -5286,6 +5381,42 @@ function decryptGroupChange(
};
}
// addMembersBanned
if (actions.addMembersBanned && actions.addMembersBanned.length > 0) {
result.addMembersBanned = actions.addMembersBanned
.map(item => {
if (!item.added || !item.added.userId) {
log.warn(
`decryptGroupChange/${logId}: addMembersBanned had a blank entry`
);
return null;
}
return normalizeUuid(
decryptUuid(clientZkGroupCipher, item.added.userId),
'addMembersBanned.added.userId'
);
})
.filter(isNotNil);
}
// deleteMembersBanned
if (actions.deleteMembersBanned && actions.deleteMembersBanned.length > 0) {
result.deleteMembersBanned = actions.deleteMembersBanned
.map(item => {
if (!item.deletedUserId) {
log.warn(
`decryptGroupChange/${logId}: deleteMembersBanned had a blank entry`
);
return null;
}
return normalizeUuid(
decryptUuid(clientZkGroupCipher, item.deletedUserId),
'deleteMembersBanned.deletedUserId'
);
})
.filter(isNotNil);
}
return result;
}
@ -5344,6 +5475,7 @@ type DecryptedGroupState = {
descriptionBytes?: Proto.GroupAttributeBlob;
avatar?: string;
announcementsOnly?: boolean;
membersBanned?: Array<UUIDStringType>;
};
function decryptGroupState(
@ -5479,6 +5611,27 @@ function decryptGroupState(
const { announcementsOnly } = groupState;
result.announcementsOnly = Boolean(announcementsOnly);
// membersBanned
const { membersBanned } = groupState;
if (membersBanned && membersBanned.length > 0) {
result.membersBanned = membersBanned
.map(item => {
if (!item.userId) {
log.warn(
`decryptGroupState/${logId}: membersBanned had a blank entry`
);
return null;
}
return normalizeUuid(
decryptUuid(clientZkGroupCipher, item.userId),
'membersBanned.added.userId'
);
})
.filter(isNotNil);
} else {
result.membersBanned = [];
}
result.avatar = dropNull(groupState.avatar);
return result;

46
ts/groups/joinViaLink.ts
View file

@ -11,6 +11,7 @@ import {
LINK_VERSION_ERROR,
parseGroupLink,
} from '../groups';
import * as Errors from '../types/errors';
import * as Bytes from '../Bytes';
import { longRunningTaskWrapper } from '../util/longRunningTaskWrapper';
import { isGroupV1 } from '../util/whatTypeOfConversation';
@ -24,16 +25,19 @@ import * as log from '../logging/log';
import { showToast } from '../util/showToast';
import { ToastAlreadyGroupMember } from '../components/ToastAlreadyGroupMember';
import { ToastAlreadyRequestedToJoin } from '../components/ToastAlreadyRequestedToJoin';
import { HTTPError } from '../textsecure/Errors';
import { isAccessControlEnabled } from './util';
export async function joinViaLink(hash: string): Promise<void> {
let inviteLinkPassword: string;
let masterKey: string;
try {
({ inviteLinkPassword, masterKey } = parseGroupLink(hash));
} catch (error) {
const errorString = error && error.stack ? error.stack : error;
} catch (error: unknown) {
const errorString = Errors.toLogFormat(error);
log.error(`joinViaLink: Failed to parse group link ${errorString}`);
if (error && error.name === LINK_VERSION_ERROR) {
if (error instanceof Error && error.name === LINK_VERSION_ERROR) {
showErrorDialog(
window.i18n('GroupV2--join--unknown-link-version'),
window.i18n('GroupV2--join--unknown-link-version--title')
@ -84,28 +88,35 @@ export async function joinViaLink(hash: string): Promise<void> {
suppressErrorDialog: true,
task: () => getPreJoinGroupInfo(inviteLinkPassword, masterKey),
});
} catch (error) {
const errorString = error && error.stack ? error.stack : error;
} catch (error: unknown) {
const errorString = Errors.toLogFormat(error);
log.error(
`joinViaLink/${logId}: Failed to fetch group info - ${errorString}`
);
if (
error instanceof HTTPError &&
error.responseHeaders['x-signal-forbidden-reason']
) {
showErrorDialog(
error.code && error.code === 403
? window.i18n('GroupV2--join--link-revoked')
: window.i18n('GroupV2--join--general-join-failure'),
error.code && error.code === 403
? window.i18n('GroupV2--join--link-revoked--title')
: window.i18n('GroupV2--join--general-join-failure--title')
window.i18n('GroupV2--join--link-forbidden'),
window.i18n('GroupV2--join--link-forbidden--title')
);
} else if (error instanceof HTTPError && error.code === 403) {
showErrorDialog(
window.i18n('GroupV2--join--link-revoked'),
window.i18n('GroupV2--join--link-revoked--title')
);
} else {
showErrorDialog(
window.i18n('GroupV2--join--general-join-failure'),
window.i18n('GroupV2--join--general-join-failure--title')
);
}
return;
}
const ACCESS_ENUM = Proto.AccessControl.AccessRequired;
if (
result.addFromInviteLink !== ACCESS_ENUM.ADMINISTRATOR &&
result.addFromInviteLink !== ACCESS_ENUM.ANY
) {
if (!isAccessControlEnabled(result.addFromInviteLink)) {
log.error(
`joinViaLink/${logId}: addFromInviteLink value of ${result.addFromInviteLink} is invalid`
);
@ -124,7 +135,8 @@ export async function joinViaLink(hash: string): Promise<void> {
| undefined = result.avatar ? { loading: true } : undefined;
const memberCount = result.memberCount || 1;
const approvalRequired =
result.addFromInviteLink === ACCESS_ENUM.ADMINISTRATOR;
result.addFromInviteLink ===
Proto.AccessControl.AccessRequired.ADMINISTRATOR;
const title =
decryptGroupTitle(result.title, secretParams) ||
window.i18n('unknownGroup');

15
ts/groups/util.ts Normal file
View file

@ -0,0 +1,15 @@
// Copyright 2022 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
import { SignalService as Proto } from '../protobuf';
const ACCESS_ENUM = Proto.AccessControl.AccessRequired;
export function isAccessControlEnabled(
accessControl: number | undefined
): boolean {
return (
accessControl === ACCESS_ENUM.ANY ||
accessControl === ACCESS_ENUM.ADMINISTRATOR
);
}

1
ts/model-types.d.ts vendored
View file

@ -344,6 +344,7 @@ export type ConversationAttributesType = {
membersV2?: Array<GroupV2MemberType>;
pendingMembersV2?: Array<GroupV2PendingMemberType>;
pendingAdminApprovalV2?: Array<GroupV2PendingAdminApprovalType>;
bannedMembersV2?: Array<UUIDStringType>;
groupInviteLinkPassword?: string;
previousGroupV1Id?: string;
previousGroupV1Members?: Array<string>;

31
ts/models/conversations.ts
View file

@ -52,7 +52,7 @@ import { sniffImageMimeType } from '../util/sniffImageMimeType';
import { isValidE164 } from '../util/isValidE164';
import type { MIMEType } from '../types/MIME';
import { IMAGE_JPEG, IMAGE_GIF, IMAGE_WEBP } from '../types/MIME';
import { UUID, UUIDKind, isValidUuid } from '../types/UUID';
import { UUID, isValidUuid, UUIDKind } from '../types/UUID';
import type { UUIDStringType } from '../types/UUID';
import { deriveAccessKey, decryptProfileName, decryptProfile } from '../Crypto';
import * as Bytes from '../Bytes';
@ -582,8 +582,13 @@ export class ConversationModel extends window.Backbone
);
}
const ourUuid = window.textsecure.storage.user
.getCheckedUuid(UUIDKind.ACI)
.toString();
return window.Signal.Groups.buildDeletePendingAdminApprovalMemberChange({
group: this.attributes,
ourUuid,
uuid,
});
}
@ -660,10 +665,19 @@ export class ConversationModel extends window.Backbone
this.get('announcementsOnly') &&
!toRequest.get('capabilities')?.announcementGroup
) {
log.warn(`addMember/${idLog}: ${conversationId} needs to upgrade.`);
log.warn(
`addMember/${idLog}: ${toRequest.idForLogging()} needs to upgrade.`
);
return undefined;
}
const uuid = toRequest.get('uuid');
if (!uuid) {
throw new Error(
`addMember/${idLog}: ${toRequest.idForLogging()} is missing a uuid!`
);
}
// We need the user's profileKeyCredential, which requires a roundtrip with the
// server, and most definitely their profileKey. A getProfiles() call will
// ensure that we have as much as we can get with the data we have.
@ -691,6 +705,7 @@ export class ConversationModel extends window.Backbone
group: this.attributes,
profileKeyCredentialBase64,
serverPublicParamsBase64: window.getServerPublicParams(),
uuid,
});
}
@ -769,8 +784,13 @@ export class ConversationModel extends window.Backbone
);
}
const ourUuid = window.textsecure.storage.user
.getCheckedUuid(UUIDKind.ACI)
.toString();
return window.Signal.Groups.buildDeleteMemberChange({
group: this.attributes,
ourUuid,
uuid,
});
}
@ -2260,12 +2280,7 @@ export class ConversationModel extends window.Backbone
name: 'addMembersV2',
createGroupChange: () =>
window.Signal.Groups.buildAddMembersChange(
{
id: this.id,
publicParams: this.get('publicParams'),
revision: this.get('revision'),
secretParams: this.get('secretParams'),
},
this.attributes,
conversationIds
),
});

2
ts/state/smart/ContactModal.tsx
View file

@ -40,7 +40,7 @@ const mapStateToProps = (state: StateType): PropsDataType => {
areWeAdmin,
badges: getBadgesSelector(state)(contact.badges),
contact,
conversationId,
conversation: currentConversation,
i18n: getIntl(state),
isAdmin,
isMember,

7
ts/state/smart/Timeline.tsx
View file

@ -284,11 +284,8 @@ const mapStateToProps = (state: StateType, props: ExternalProps) => {
return {
id,
...pick(conversation, [
'areWeAdmin',
'unreadCount',
'isGroupV1AndDisabled',
]),
...pick(conversation, ['unreadCount', 'isGroupV1AndDisabled']),
conversation,
isConversationSelected: state.conversations.selectedConversationId === id,
isIncomingMessageRequest: Boolean(
conversation.messageRequestsEnabled &&