This reverts commit a768b94471.
d2ddfc7 was enough to fix#989. Removing unregistered members from the
group (as opposed to silently ignorning them) creates greater potential
for getting out of sync with the member lists on other devices.
// FREEBIE
Rotate signed prekey every 48hrs, waiting for online access if
necessary. After a rotation attempt is made, schedule the next run for
48hrs in the future.
We use a timeout to "wake up" and handle the rotation. This timeout gets
set on startup and whenever the next rotation time is changed. For
paranoia's sake, always clear the current timeout before setting the
next one.
Since new registrations necessarily upload new signed keys, we reset the
scheduled time to T+48hrs on `registration_done` events.
// FREEBIE
Previously, updateNumbers would throw an Error, so the whole group
update was discarded.
Signal-Android handles this the same way in
GroupMessageProcessor.handleGroupUpdate().
Closes#1056
If some future client ever sends us an arbitrary timer value which we do
not currently support, present it as a duration in seconds in timer
update messages and ui, where we would otherwise have rendered nothing,
e.g., "You set the timer to ."
// FREEBIE
Don't set lastMessage, let it update itself as needed, such as when
first rendering a conversation list item, and when its messages are
sent, received, or destroyed.
Let received_at be the current time for keychanges. This avoids them
being inserted in the wrong place in the thread.
Use the newmessage event to trigger frontend listeners to add them to
the conversation view if it is open.
Turns out there's no garauntee that Android will send us contact info
with phone numbers in e164 format. When that happens, we fail to update
the correct contact. Fix by performing validation on the incoming number
before attempting to merge changes to the name, avatar, or color.
Fixes#903
Add a special type of collection just for retrieving group ids, which
doesn't incur the overhead of initializing a conversation model along
with all its group members.
There are some cases when we want to initialize a group object without
loading its contacts, such as while processing delivery receipts. We
really only need to load the contacts for a group/convo when we are
rendering it, so let the front end handle those cases (which most of
them do already).
TimestampView's getRelativeTimeSpanString called moment() twice while
calculating the timeout. If there was a minute/hour/day wrap between
these 2 calls, the calculated delay was 0 and thus no timer was
scheduled, since if (this.delay) evaluated to false.
Fixes: #857, #460
// FREEBIE
Usually new elements are inserted in a predictable order relative to the
sort order of the models/collection, but it's not garaunteed. This fixes
up message element insertion to handle the general case where elements
can be added in any order and must be displayed in correct order as
determined by the collection's sort function. In the worst case, we'll
have to iterate over the entire list of elements to find the right spot,
but in practice most of the time we can short circuit based on the index
of the model or by looking for the predecessor or successor of the
element in question.
This breaks the css-purity of our mixin but is necessary in order to
apply the initial offset of the hourglass animation dynamically, since
jquery can't manipulate arbitrary css on psuedo elements.
When initialized, or when expiration-related attributes change, expiring
messages will set timers to self-destruct. On self-destruct they trigger
'expired' events so that frontend listeners can clean up any collections
and views referencing them.
At startup, load all messages pending expiration so they can start their
timers even if they haven't been loaded in the frontend yet.
Todo: Remove expired conversation snippets from the left pane.
Test page loads fixtures and renders the inbox view. This may be useful
for smoke testing style changes or generating screenshots with
pseudo-realistic data.
Includes a couple small changes to get rendering working outside the
app.
Use emojijs for replacing unicode with image tags for display. We were
already using it to replace colons with unicode. Additionally it has
a companion data repo that is kept up to date with images from all
the common image sets.
// FREEBIE
Move away from inline style attributes for setting contact colors.
Apply colors by name via css classes instead. Also lays groundwork
for syncing contact colors.
// FREEBIE
Fix some visual bugs occuring at large font size:
* Contact names break onto the next line after their avatars in
message detail screen
* Settings menu font-size failed to scale
* Handle Content overflow in modals.
// FREEBIE
Let momentjs handle proper pluralization of relative times. This comes
at the sacrifice of displaying 'minutes' in the conversation list
timestamp rather than 'min'. Note that we don't use moment's fromNow
instance method so as to preserve the rounding logic that matches the
Android client.
// FREEBIE
In some cases, we have already received a read receipt for an incoming
message by the time we go to create a notification about it. In this
case, we should skip the notification.
// FREEBIE
This commit stops the MessageView from adding the attachment more than once. Previously an attachment was appended to the MessageView every time an update
event was emitted, which happens when forwarding.
// FREEBIE
This commit changes the inbox to stop video and audio elements when selecting a new conversation, and to not stop such elements when the same
conversation was selected (fixes#391).
// FREEBIE
Despite the "click to save"-description of unsupported file types, clicking them did not save them.
This commit implements a Save-As dialog instead of opening the file in chrome.
// FREEBIE
If a user has no groups, no group sync message is sent. This is a normal
result that should result in a success event rather than a timeout.
// FREEBIE
Add a section under settings for performing a contact sync from your
mobile device. This just re-runs the same import operation that occurs
at install/link time.
// FREEBIE
Fixes a session management problem where, after resolving a conflict
with some contact, that contact would get bad mac as a result of us
sending them a new prekey message before processing a pending conflicted
prekey message received from them earlier.
Fixes#806
// FREEBIE
* libsignal.Curve is now a synchronous interface.
* libsignal.Curve.async is now the asynchronous interface.
* Fixes bugs in session management.
// FREEBIE
The getDeviceObjectsForNumber method returns device objects that contain
nothing but the encodedNumber property. Instead, just deal in deviceIds
until a SignalProtocolAddress is constructed to manage both the number
and deviceId.
// FREEBIE
Now that we simply establish and save a session via SessionBuilder
rather than saving the keys to pass in during encrypt, we can stop
caching them in memory in between the identity key check and the
encryption step.
// FREEBIE
* Apply the same rounding to in message bubbles and conversation list.
Also make them consistent with Android's relative times. Fixes#682
* Show full timestamps when hovering on relative time
* Compute timestamp update delays more precisely:
Set timestamps to self-update as soon as they are able to change
rather than a fixed time since the last update.
* Refactor for customizable/localizable relative times
* Update timestamp tests
* Log timestamp update intervals to help debug #460
In the case of a double send (same message encrypted and sent twice due
to key conflict bug), we would mark the first instance read twice rather
than marking both instances read. Fix by searching for matching messages
that have not yet been marked read.
// FREEBIE
When deleting all messages in a conversation, the entry in the left pane
should be inserted into the alphabetical portion of the list. To keep it
in this collection, do not nullify active_at.
To ensure the list view is keeping itself correctly sorted, make sure
that resorting behavior is triggered any time a relevant attribute is
changed.
This fixes deleted conversations jumping to the top of the list, and
conversation order scrambling when getting a group or contact sync
message from our master device.
Fixes#734
// FREEBIE
For messages that failed to send due to network errors, this change
allows retrying them directly from the main conversation view rather
than only from the message detail view.
// FREEBIE
Previously, if a message was sent in between the receive time of an
incoming message and the time it is actually added to the conversation's
message collection (which only occurs later after several async
callbacks), the incoming message would be inserted not-at-the-end of the
collection since it is ordered by receive time. This tricked the front
end into assuming the message was an older message instead of a new one.
Fixes#490
// FREEBIE
The onChangeActiveAt listener promotes newly activated conversations to
the top of the inbox. By firing on an 'add' event, if the conversation
list happened to load after the inbox frontend was initialized, each new
entry would be incorrectly moved to the top, effectively reversing the
list.
// FREEBIE
Prevent races between encrypt and decrypt calls, and other read/write
operations on the session store by serializing session io ops per
device.
Possible fix for #535
// FREEBIE
Remove individual messages from Notifications when marked read.
Previously this was only done from the conversation model when marking
the entire conversation as read.
Fixes#717
// FREEBIE
Order conversation list by timestamp instead of active_at. The former is
the send time of the most recent message. The latter is typically the
receive time of that message. This can cause mis-ordering if you send a
message while processing a backlog of incoming messages.
Fixes#617
// FREEBIE
Don't save the change until we successfully process the message, but
make it first so that the user sees the error disappear when the new key
is accepted.
// FREEBIE
Previously, we switched to not updating the notification popup on a
removal, since this usually respawns a new notification popup
unexpectedly. However, when the last relevant notification is cleared
(ie, by opening/reading the thread before the notification times out and
disappears on its own) we should clear the existing popup if there is
one.
// FREEBIE
If the replay failed due to a bad mac or other decryption error for some
other reason we still want to clear the conflict. If it failed because
it's still in conflict then the newly returned error will reflect that
and be saved.
// FREEBIE
This flow broke a bit with transition to modal debug log.
Restructure such that the loading class can be applied to an appropriate
element inside the modal. Ensure that the input elements are hidden when
submit is clicked, the result elements are shown when the log upload is
completed.
// FREEBIE
Untangle these two views into their component parts, consolidating all
the key conflict logic in the key conflict view. Contact view now simply
renders basic contact info and miscellaneous errors but not conflicts or
message errors.
// FREEBIE
Network errors render as a resend dialogue at the top of the message
detail and need not be re-reported in the contact list or errors
section.
// FREEBIE
Occasionally these will fail if they happen to be executed before the
necessary dependencies (storage, ConversationCollection) are declared.
// FREEBIE
This should really only be called once, from background.js.
Calling it twice can cause doubled listeners for the registration_done
event, which in turn leads to duplicate post-registration callbacks,
dual sync requests, and an eventual datastore inconsistency.
Fixes#670
// FREEBIE
Previously, notifications were persistent until explicitly dismissed
from the notification center (a bell icon in the system tray), but that
ui has been removed from chrome*, so now updating on remove is
unexpectedly creating a new notification pop up.
*http://blog.chromium.org/2015/10/streamlining-notifications-on-desktop.htmlFixes#667
// FREEBIE
Because remote clients will delete all sessions in response to an end
session message, regardless of which device it came from, when our
linked device sends an end session message, we must also end all
sessions with the destination.
This change moves the end session flag processing to processDecrypted,
which is shared between handlers of sent messages, data messages, and
messages which are re-tried after resolving identity conflicts.
// FREEBIE
Help debug bad session errors by logging some envelope info about the
message we are about to decrypt. With this, if there is a decryption
error (e.g., bad mac or no session) it is clear from the logs what
number and device message sent the bad message.
Also log when we send and receive end session messages and when we close
sessions for certain devices.
// FREEBIE
Since the introduction of infinite scroll, the delete messages function
has only deleted the currently loaded set of messages in a conversation.
To fix this, we should fetch all the messages and then delete them.
Fixes#645
// FREEBIE
When `millis_since` becomes larger than one week, `delay` becomes
negative and is set to Zero. This causes an infinite loop and therefore
100% CPU usage (single thread).
// FREEBIE
Some basic modifications to the Confirmation Dialog:
* Always attached to <body> regardless of view that called it.
* Always centered horizontally on screen.
* A black semi-transparent overlay is now displayed over everything, and under
the dialog.
* Various other style changes.
fixes#389
// FREEBIE
Previously we would delete our own key from the trust store when
re-linking, in case it changed. We can also immediately take one step
further and store the new key. Typically this happens in the course of
requesting sync info from the master device, except in the case of
standalone clients.
Closes#596
// FREEBIE
* Move install flow i18n logic to install_view.js (from options.js)
* Switch to using placeholders (instead of jQuery) for i18n messages with html.
* Switch to using moustache template instead of jQuery for i18n substitution.
// FREEBIE
Sometimes an error is thrown while processing groups from a group sync
message. We still want to fire the groupsync event when we're done
handling all the data, even if some of it was bad.
Similar in function to an xhr request, a textsecure.SyncRequest object
is initialized from a message sender and receiver pair and initiates a
request for sync from the master device. It later fires a success event
when both contacts and groups are done syncing, or a timeout event after
one minute.
// FREEBIE
Group updates in which nothing change should still display 'Updated the
group'. Previously they would display as empty message bubbles. Fixed by
ensuring that the 'group_update' attribute is set on the model, even if
it is an empty object.
// FREEBIE
Clear the registration flag when we detect that our credentials have
been invalidated, but retain the knowledge that we've been registered
before, so as to preserve post-first-install behaviors like skipping the
introductory install screens, and accessing the main ui.
Fix#541
// FREEBIE
We should not ack envelope protobufs that fail to decode correctly. If
the server happens to send us such a thing it probably indicates a
protocol mismatch between it and the client, in which case the client
needs to update and re-receive the failed message.
// FREEBIE
The user-agent string includes the information needed (OS + Chrome version) and the console.get() function seems just right. The debugLog itself is not manipulated.
Only show sent_at for outgoing messages, matching Android.
The received_at timestamp reflects the time a message was saved locally.
It is necessary on both incoming and outgoing messages for sorting
purposes, but can be confusing in the context of an outgoing message
detail view, since users don't think about themselves "receiving" their
own messages, and may even interpret this as the time that a message was
received by their conversation partner's device.
// FREEBIE
This chrome alarm business is in place to help us wake up and check for
messages when running in the background. Without it, chrome will suspend
our app after a short period of inactivity. Upon waking, if the app
discovers it is not linked, it prompts you to link it. However, if
you've declined registration (i.e., because you already maxed out your
linked device limit, but chrome auto-added the app to another machine),
we should just wait until explicitly launched again.
Fixes#519
// FREEBIE
Previously, when processing a backlog of sync messages and their
delivery receipts, we would fail to mark some messages as delivered even
though we got a receipt. This was due to an async race condition between
saving a sync message and fetching it after the receipt arrives.
Fix by re-ordering idb requests such that we save the message first and
fetch it after.
Fixes#479
// FREEBIE
Typically, a view can specify its templateName and then use the default
render method on Whisper.View, except in some special cases like message
view or message detail where other operations are performed during
render.
// FREEBIE
While typing a number, the new contact element is faded out. When the
number becomes valid it is opaque. If the element is clicked while
invalid, it displays 'Invalid number' and waits for the input to change
again. A new conversation is only opened if the number is valid.
// FREEBIE
Refactor libphonenumber.validateNumber into libphonenumber.parseNumber,
which encapsulates the try-catch pattern used in number parsing and
returns an object of info about the input number rather tha throwing
since we expect to get some invalid number inputs the user is typing.
In the conversation model,
* Separate phone number validation from search token updating.
* Perform token update before save if the number was valid.
* Stop storing unneeded number variants as conversation properties.
// FREEBIE
Here lies the remains of the old compose flow, which must eventually be
restored for group creation flow, but will likely be rewritten entirely.
// FREEBIE
Search view triggers an open event when a valid phone number is entered
and the 'Create new contact' card is clicked.
Inbox view should listen and respond to this event. It should also
disregard select events on the new contact element since those are fired
before phone number validation.
Finally, the search view can stop listening to select events because the
inbox view is already doing so.
// FREEBIE
Search box finds or creates a conversation given a phone number in
local (to the user's region) or international format.
Previously you had to enter e164 format to set up the conversation
correctly.
If the number is not valid, do not open the conversation.
TODO: user feedback on invalid numbers.
// FREEBIE
By adding the drag and drop support for media files, the default
event handlers were overwritten. Thus drag and drop did not support
text. Now, the drag and drop listeners revert to the default behaviour
when the user does not drag a file.
Resolves: #478
This file is loaded by the background page, which means it is already
bound to the background page's global context. This was not true at some
time in the distant past but is true now.
// FREEBIE
This line was never being hit due to the duplicate one above (#L166).
Peeking at the server code shows that 403 is only given in response to
registration attempts, where it does in fact indicate an invalid code.
// FREEBIE
Previous commit removed notification models from the global collection
but did not actually update the existing notification.
This commit refactors the notification interface to allow us to update
it without re-surfacing the notifcation onscreen.
// FREEBIE
Fix bug where resending due to failed network connection would fail
silently.
Broken in 7b6820 refactor which changed arguments to transmitMessage
// FREEBIE
Previously, libtextsecure would send a sync message automatically
when appropriate. This fails if any recipient has a key conflict
or if our network connection fails mid-send.
Instead, when appropriate, return a the DataMessage encoded as an array
buffer for later syncing. This lets the application choose when to send
it, which we now do after any successful send to a recipient, rather
than after all recipients are successfully sent to.
Eventually we should move the DataMessage protobuf construction and
group sending logic to the application layer entirely, in which case
we wouldn't need libtextsecure to construct the sync message either.
Fixes#408
Fix bug where re-installing would cause sync messages to fail and
produce unresolvable error indicators on messages that were actually
sent.
// FREEBIE
If you had an inaccurate unread count due to previously broken unread
tracking, it's possible to go negative and never fully recover. Fixed
by clamping to zero.
// FREEBIE
Messages that are received in the active conversation while the window
is focused, are automatically marked as read.
The conversation appears as unread for a split second as the incoming message
arrives but it gets marked as read as soon as the message is displayed.
The window title now shows the global number of unread messages as
"Signal (1)". This way the user can see the number of unread messages
in the task bar and when alt-tabbing.
Resolves: #384
Fixed the global counting of unread messages. This makes the "unreadCount"
variable in storage to stay in sync with the sum of unread messages in each
conversation. To achieve this, the controller_view updates the global
variable whenever messages are received or read.
encryptMessageFor now requires an array buffer instead of a protobuf.
By converting the message to an array buffer outside the Promise.all, we
avoid allocating a new copy for each device.
// FREEBIE
We don't need to keep them in memory if we're done viewing them,
plus it avoids having to re-render a large collection when we re-open a
conversation. Now that we only load a sensible number of messages at a
time, caching them between usages is less valuable. Removing them from
the collection should free them for garbage collection.
// FREEBIE
Messages with images or media were causing the scroll position to jump
around when they loaded, because rendering them changed the height of their
elements from 0 to full-height sometime after they were inserted into
the DOM.
Now when rendering attachments, we wait for them to load so they can
render at full height immediately, then warn our parent message list
before and after a potential height change, so the scroll position can
be saved and reset.
// FREEBIE
Only load the most recent messages when initially rendering a
conversation. Scrolling to the top of a message list loads older
messages.
This required some slight refactoring of how we insert message elements
into the dom. If the message is added to the end of the collection,
append it at the end. Otherwise, assume it is an older message and
prepend it.
When adding elements to the top, reset the scrollPosition to its
previous distance from scrollHeight. This keeps the current set of
elements fixed in the viewport.
// FREEBIE
Add db adapter support for clean cursor termination when passing
options.index and options.limit together. Previously this would cause a
crash because options.conditions was undefined.
// FREEBIE
Renames extension.windows.beforeUnload to onSuspend, to match the
underlying chrome api call. onClosed fires when the frontend app window
is closed, while onSuspend fires when the background page is closed or
refreshed (which amounts to an app restart).
Frontend views are initialized iff the inbox window is opened, and so
should always be listening to onClosed in order to know when they are no
longer needed.
// FREEBIE
1. Update chrome version because v40 fails to clear the session store
2. Add message view to test page and fix bad reference to chrome
3. Update the message view template in tests with new timestmap markup
// FREEBIE
Create a cleaner seperation between generating notifications
and updating frontend conversation views. The former is now
handled by `conversation.notify` while the latter is achieved
by triggering an event on the conversation model, which will
only be acted on if there are any views listening for it.
Additionally, instead of re-fetching the entire message history,
which is overkill, just add or update the new/modified message.
This will help speed up the newmessage event handler and also
help avoid unnecessary re-rendering when resolving key conflicts.
// FREEBIE
Follow up to b0da4910. When inferring membership of the sender in an
unknown group, remember to save and return the group members.
Generally, this should only effect standalone clients unless someone
managed to clear their groups db table, since linked clients get group
info synced at registration.
// FREEBIE
If you're the last member of the group, it doesn't make sense to send
messages to it. Previously, we would wait forever for a callback,
causing a stuck pending state indicator.
// FREEBIE
Follow up to ddd2e67eb5
but for incoming messages.
* Conflict state sometimes failed to be removed even though the
conflict was resolved.
* Messages failed to re-render after a conflict. We want to
re-render only the error state on outgoing messages, to avoid
flickering attachments. On incoming messages, we need to call
render to populate the message text, avatar, etc...
// FREEBIE
Display format consistent with Android:
* relative time for everything from today
* Day of week + time for within the past 7 days
* Static Month Day time for everything older
Each timestamp will only update as often as needed to stay accurate,
which is once a minute, once an hour, once a week, or never.
// FREEBIE
* Don't open message detail views from message detail views
* When message errors change, re-render the error state, but
not the message markup and contents.
* Fix renderErrors bug not removing the error class correctly.
// FREEBIE
Previously, with a mix of text and media messages in conflict,
asynchronous callbacks aligned so as to fail to remove some of
the conflict objects on messages.
Fix by serializing conflict processing, but making sure to move
on through the message list even if some conflict resolutions fail.
Fixes#370
// FREEBIE
