From 37c9d6d40fa99e060821d8c2cfcdc00963becb44 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 14 Sep 2022 13:46:13 +0200 Subject: [PATCH 1/3] Only post flow messages when people have permissions Signed-off-by: Joas Schilling --- lib/Flow/Operation.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lib/Flow/Operation.php b/lib/Flow/Operation.php index cf95d3ada2a..2ae2e97dee0 100644 --- a/lib/Flow/Operation.php +++ b/lib/Flow/Operation.php @@ -29,6 +29,7 @@ use OCA\Talk\Exceptions\ParticipantNotFoundException; use OCA\Talk\Exceptions\RoomNotFoundException; use OCA\Talk\Manager as TalkManager; +use OCA\Talk\Model\Attendee; use OCA\Talk\Participant; use OCA\Talk\Room; use OCP\EventDispatcher\Event; @@ -116,7 +117,17 @@ public function onEvent(string $eventName, Event $event, IRuleMatcher $ruleMatch } $room = $this->getRoom($token, $uid); + if (!($room->getReadOnly() !== Room::READ_WRITE)) { + // Ignore conversation because it is locked + continue; + } + $participant = $this->getParticipant($uid, $room); + if (!($participant->getPermissions() & Attendee::PERMISSIONS_CHAT)) { + // Ignore conversation because the user has no permissions + continue; + } + $this->chatManager->sendMessage( $room, $participant, From 1f037bad00c31710fba78cd7633bdc633c4d3a56 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 14 Sep 2022 13:46:32 +0200 Subject: [PATCH 2/3] Also filter out conversations where the user has no chat permissions Signed-off-by: Joas Schilling --- src/views/FlowPostToConversation.vue | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/views/FlowPostToConversation.vue b/src/views/FlowPostToConversation.vue index 179e88ff0c1..754a4157df8 100644 --- a/src/views/FlowPostToConversation.vue +++ b/src/views/FlowPostToConversation.vue @@ -18,7 +18,7 @@ import NcMultiselect from '@nextcloud/vue/dist/Components/NcMultiselect.js' import axios from '@nextcloud/axios' import { generateOcsUrl } from '@nextcloud/router' -import { FLOW, CONVERSATION } from '../constants.js' +import { FLOW, CONVERSATION, PARTICIPANT } from '../constants.js' export default { name: 'FlowPostToConversation', @@ -80,6 +80,7 @@ export default { axios.get(generateOcsUrl('/apps/spreed/api/v4/room')).then((response) => { this.roomOptions = response.data.ocs.data.filter(function(room) { return room.readOnly === CONVERSATION.STATE.READ_WRITE + && (room.permissions & PARTICIPANT.PERMISSIONS.CHAT) !== 0 }) }) }, From add1d45da840c9a0dfecadd2d6048bb393d69888 Mon Sep 17 00:00:00 2001 From: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Date: Thu, 15 Sep 2022 14:27:29 +0200 Subject: [PATCH 3/3] Update lib/Flow/Operation.php MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com> Signed-off-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> --- lib/Flow/Operation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Flow/Operation.php b/lib/Flow/Operation.php index 2ae2e97dee0..0555e78e82c 100644 --- a/lib/Flow/Operation.php +++ b/lib/Flow/Operation.php @@ -117,7 +117,7 @@ public function onEvent(string $eventName, Event $event, IRuleMatcher $ruleMatch } $room = $this->getRoom($token, $uid); - if (!($room->getReadOnly() !== Room::READ_WRITE)) { + if ($room->getReadOnly() !== Room::READ_WRITE) { // Ignore conversation because it is locked continue; }