fix(communities)_: ensure read-only channels are not encrypted
fixes: status-im/status-desktop#14748
This commit is contained in:
parent
03de0a2c6e
commit
0db114f544
|
@ -1736,27 +1736,32 @@ func (o *Community) HasTokenPermissions() bool {
|
|||
}
|
||||
|
||||
func (o *Community) channelEncrypted(channelID string) bool {
|
||||
return o.channelHasTokenPermissions(o.ChatID(channelID))
|
||||
chatID := o.ChatID(channelID)
|
||||
|
||||
hasPermission := false
|
||||
viewableByEveryone := false
|
||||
|
||||
for _, p := range o.tokenPermissions() {
|
||||
if !includes(p.ChatIds, chatID) {
|
||||
continue
|
||||
}
|
||||
|
||||
hasPermission = true
|
||||
|
||||
if p.Type == protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL &&
|
||||
len(p.TokenCriteria) == 0 {
|
||||
viewableByEveryone = true
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
return hasPermission && !viewableByEveryone
|
||||
}
|
||||
|
||||
func (o *Community) ChannelEncrypted(channelID string) bool {
|
||||
return o.ChannelHasTokenPermissions(o.ChatID(channelID))
|
||||
}
|
||||
|
||||
func (o *Community) channelHasTokenPermissions(chatID string) bool {
|
||||
for _, tokenPermission := range o.tokenPermissions() {
|
||||
if includes(tokenPermission.ChatIds, chatID) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func (o *Community) ChannelHasTokenPermissions(chatID string) bool {
|
||||
o.mutex.Lock()
|
||||
defer o.mutex.Unlock()
|
||||
return o.channelHasTokenPermissions(chatID)
|
||||
return o.channelEncrypted(channelID)
|
||||
}
|
||||
|
||||
func TokenPermissionsByType(permissions map[string]*CommunityTokenPermission, permissionType protobuf.CommunityTokenPermission_Type) []*CommunityTokenPermission {
|
||||
|
|
|
@ -120,7 +120,7 @@ func (s *CommunityEncryptionDescriptionSuite) description() *protobuf.CommunityD
|
|||
"channel-level-permission": &protobuf.CommunityTokenPermission{
|
||||
Id: "channel-level-permission",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: []*protobuf.TokenCriteria{},
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{types.EncodeHex(crypto.CompressPubkey(&s.identity.PublicKey)) + "channelB"},
|
||||
},
|
||||
},
|
||||
|
|
|
@ -219,7 +219,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_Permiss
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{"some-chat-id"},
|
||||
},
|
||||
},
|
||||
|
@ -231,7 +231,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_Permiss
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{"some-chat-id"},
|
||||
},
|
||||
},
|
||||
|
@ -244,7 +244,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_Permiss
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id-1",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{"some-chat-id"},
|
||||
},
|
||||
},
|
||||
|
@ -252,7 +252,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_Permiss
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id-1",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{"some-chat-id"},
|
||||
},
|
||||
&protobuf.CommunityTokenPermission{
|
||||
|
@ -284,7 +284,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_Permiss
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id-2",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{"some-chat-id"},
|
||||
},
|
||||
},
|
||||
|
@ -304,7 +304,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_Permiss
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{""},
|
||||
},
|
||||
},
|
||||
|
@ -316,7 +316,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_Permiss
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{""},
|
||||
},
|
||||
},
|
||||
|
@ -342,7 +342,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestCommunityLevelKeyActions_Permiss
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id-2",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{""},
|
||||
},
|
||||
},
|
||||
|
@ -645,7 +645,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestChannelLevelKeyActions() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
},
|
||||
|
@ -662,7 +662,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestChannelLevelKeyActions() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
},
|
||||
|
@ -680,7 +680,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestChannelLevelKeyActions() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
},
|
||||
|
@ -688,7 +688,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestChannelLevelKeyActions() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
},
|
||||
|
@ -708,7 +708,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestChannelLevelKeyActions() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
},
|
||||
|
@ -716,7 +716,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestChannelLevelKeyActions() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
},
|
||||
|
@ -813,7 +813,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestNilOrigin() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id-2",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
}
|
||||
|
@ -892,7 +892,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestControlNodeChange() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
},
|
||||
|
@ -925,7 +925,7 @@ func (s *CommunityEncryptionKeyActionSuite) TestControlNodeChange() {
|
|||
&protobuf.CommunityTokenPermission{
|
||||
Id: "some-id-2",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: make([]*protobuf.TokenCriteria, 0),
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{chatID},
|
||||
},
|
||||
},
|
||||
|
|
|
@ -748,6 +748,43 @@ func (s *CommunitySuite) TestChannelTokenPermissionsByType() {
|
|||
s.Require().Equal(result[0].ChatIds, viewAndPostPermissions[0].ChatIds)
|
||||
}
|
||||
|
||||
func (s *CommunitySuite) TestChannelEncrypted() {
|
||||
org := s.buildCommunity(&s.identity.PublicKey)
|
||||
someChannelID := "some-channel-id"
|
||||
someChatID := org.ChatID(someChannelID)
|
||||
|
||||
s.Require().False(org.ChannelEncrypted(someChannelID))
|
||||
|
||||
_, err := org.UpsertTokenPermission(&protobuf.CommunityTokenPermission{
|
||||
Id: "A",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_AND_POST_CHANNEL,
|
||||
TokenCriteria: []*protobuf.TokenCriteria{},
|
||||
ChatIds: []string{someChatID},
|
||||
})
|
||||
s.Require().NoError(err)
|
||||
s.Require().True(org.channelEncrypted(someChannelID))
|
||||
|
||||
_, err = org.UpsertTokenPermission(&protobuf.CommunityTokenPermission{
|
||||
Id: "B",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: []*protobuf.TokenCriteria{&protobuf.TokenCriteria{}},
|
||||
ChatIds: []string{someChatID},
|
||||
})
|
||||
s.Require().NoError(err)
|
||||
s.Require().True(org.channelEncrypted(someChannelID))
|
||||
|
||||
// Channels with `view` permission without token requirements shouldn't be encrypted.
|
||||
// See: https://github.com/status-im/status-desktop/issues/14748
|
||||
_, err = org.UpsertTokenPermission(&protobuf.CommunityTokenPermission{
|
||||
Id: "C",
|
||||
Type: protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL,
|
||||
TokenCriteria: []*protobuf.TokenCriteria{},
|
||||
ChatIds: []string{someChatID},
|
||||
})
|
||||
s.Require().NoError(err)
|
||||
s.Require().False(org.channelEncrypted(someChannelID))
|
||||
}
|
||||
|
||||
func (s *CommunitySuite) emptyCommunityDescription() *protobuf.CommunityDescription {
|
||||
return &protobuf.CommunityDescription{
|
||||
Permissions: &protobuf.CommunityPermissions{},
|
||||
|
|
Loading…
Reference in New Issue