This repository has been archived by the owner on Sep 11, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 828
Fix detection of encryption for all users in a room #10487
Merged
Merged
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change | ||||||
---|---|---|---|---|---|---|---|---|
|
@@ -398,16 +398,21 @@ export default async function createRoom(opts: IOpts): Promise<string | null> { | |||||||
export async function canEncryptToAllUsers(client: MatrixClient, userIds: string[]): Promise<boolean> { | ||||||||
try { | ||||||||
const usersDeviceMap = await client.downloadKeys(userIds); | ||||||||
// { "@user:host": { "DEVICE": {...}, ... }, ... } | ||||||||
return Object.values(usersDeviceMap).every( | ||||||||
(userDevices) => | ||||||||
// { "DEVICE": {...}, ... } | ||||||||
Object.keys(userDevices).length > 0, | ||||||||
); | ||||||||
|
||||||||
// There are no devices at all. | ||||||||
if (usersDeviceMap.size === 0) return false; | ||||||||
|
||||||||
for (const devices of usersDeviceMap.values()) { | ||||||||
if (devices.size === 0) { | ||||||||
return false; | ||||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. A comment would be useful here:
Suggested change
|
||||||||
} | ||||||||
} | ||||||||
} catch (e) { | ||||||||
logger.error("Error determining if it's possible to encrypt to all users: ", e); | ||||||||
return false; // assume not | ||||||||
} | ||||||||
|
||||||||
return true; | ||||||||
} | ||||||||
|
||||||||
// Similar to ensureDMExists but also adds creation content | ||||||||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/devices/users/.
I think this is a change of behaviour from before 3.69.0. Are we sure it's what's expected?
It's also inconsistent with the documentation on the function. If there are no users in the room (or rather, in the
userIds
list) then "there is at least one device that we can encrypt to" is trivially true.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry, I misquoted.
If there are no users, then "for every user in a room, <X>" is trivially true, for any <X>.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, this is a change. Not sure if it is correct. If I download the keys for a list of users and I do get an empty response, can I not encrypt to them? 🤔
An empty
userIds
arg is a slightly separate case. If I do not specify a user, I cannot encrypt to them.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If a user has no devices, I don't think I want that to make me stop sending to a whole list of users. I can trivially do the right thing for that user, which is nothing.
Happy to be persuaded though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
worth noting that
downloadKeys
is not a direct map to/keys/query
. As things currently stand,downloadKeys
will return an entry in the map for each user in the input - even if they have no devices (in which case the device map for that user will be empty).So no, it's not a separate case: the question is entirely about the behaviour of the function when the
userIds
arg is empty.Honestly, I think the actual behaviour here is pretty unimportant, provided the documentation matches. Personally, I would have gone for preserving the previous behaviour, but if you want to change it, that's ok, but please update the docs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@andybalaam do you mean a misc case here where some users have devices?
To clarify about the discussion from above:
downloadKeys
→true
false
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
element-hq/element-web#24998
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
First of all, let's clarify. This code is relying on
downloadKeys
only returning devices which have encryption keys. So we're talking about encryption-capable devices here.The whole point of this function is to check that all users in a given list have at least one encryption-capable device - which means we can safely encrypt a room which contains those users.
So, I disagree with you here @andybalaam: if any one of the users in the list has no (encryption-capable) devices, I do not want to start an encrypted room with the whole list.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What Rich said makes perfect sense to me.