diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php index 8ec6e6d05e6..8f65a6932be 100644 --- a/lib/Controller/PageController.php +++ b/lib/Controller/PageController.php @@ -160,8 +160,6 @@ public function index(string $token = '', string $callUser = '', string $passwor $token = ''; } - $this->talkSession->removePasswordForRoom($token); - if ($room instanceof Room && $room->hasPassword()) { // If the user joined themselves or is not found, they need the password. try { @@ -172,12 +170,14 @@ public function index(string $token = '', string $callUser = '', string $passwor } if ($requirePassword) { + $password = $password !== '' ? $password : (string) $this->talkSession->getPasswordForRoom($token); $passwordVerification = $room->verifyPassword($password); if ($passwordVerification['result']) { - $this->talkSession->setPasswordForRoom($token, $token); + $this->talkSession->setPasswordForRoom($token, $password); } else { + $this->talkSession->removePasswordForRoom($token); if ($passwordVerification['url'] === '') { return new TemplateResponse($this->appName, 'authenticate', [ 'wrongpw' => $password !== '', @@ -226,13 +226,14 @@ protected function guestEnterRoom(string $token, string $password): Response { ])); } - $this->talkSession->removePasswordForRoom($token); if ($room->hasPassword()) { - $passwordVerification = $room->verifyPassword($password); + $password = $password !== '' ? $password : (string) $this->talkSession->getPasswordForRoom($token); + $passwordVerification = $room->verifyPassword($password); if ($passwordVerification['result']) { - $this->talkSession->setPasswordForRoom($token, $token); + $this->talkSession->setPasswordForRoom($token, $password); } else { + $this->talkSession->removePasswordForRoom($token); if ($passwordVerification['url'] === '') { return new TemplateResponse($this->appName, 'authenticate', [ 'wrongpw' => $password !== '', diff --git a/lib/Controller/RoomController.php b/lib/Controller/RoomController.php index 8277e26009e..bef74ff4681 100644 --- a/lib/Controller/RoomController.php +++ b/lib/Controller/RoomController.php @@ -879,10 +879,11 @@ public function joinRoom(string $token, string $password = ''): DataResponse { $user = $this->userManager->get($this->userId); try { + $result = $room->verifyPassword((string) $this->session->getPasswordForRoom($token)); if ($user instanceof IUser) { - $newSessionId = $room->joinRoom($user, $password, $this->session->getPasswordForRoom($token) === $room->getToken()); + $newSessionId = $room->joinRoom($user, $password, $result['result']); } else { - $newSessionId = $room->joinRoomGuest($password, $this->session->getPasswordForRoom($token) === $room->getToken()); + $newSessionId = $room->joinRoomGuest($password, $result['result']); } } catch (InvalidPasswordException $e) { return new DataResponse([], Http::STATUS_FORBIDDEN); diff --git a/tests/acceptance/features/conversation-public.feature b/tests/acceptance/features/conversation-public.feature index 04fa07f7f93..9e9f384537b 100644 --- a/tests/acceptance/features/conversation-public.feature +++ b/tests/acceptance/features/conversation-public.feature @@ -33,6 +33,8 @@ Feature: conversation And I see that the current page is the Authenticate page for the public conversation link I wrote down And I authenticate with password "abcdef" in public conversation Then I see that the current page is the public conversation link I wrote down + And I see that the chat is shown in the main view + And I see that the sidebar is open Scenario: join a public conversation protected by password with an invalid password Given I act as John @@ -47,3 +49,78 @@ Feature: conversation And I see that the current page is the Authenticate page for the public conversation link I wrote down And I authenticate with password "fedcba" in public conversation Then I see that the current page is the Wrong password page for the public conversation link I wrote down + + Scenario: join again a public conversation protected by password + Given I act as John + And I am logged in + And I have opened the Talk app + And I create a public conversation named "Public" + And I protect the conversation with the password "abcdef" + And I see that the conversation is password protected + And I write down the public conversation link + And I act as Jane + And I visit the public conversation link I wrote down + And I see that the current page is the Authenticate page for the public conversation link I wrote down + And I authenticate with password "abcdef" in public conversation + And I see that the current page is the public conversation link I wrote down + And I see that the chat is shown in the main view + And I see that the sidebar is open + When I visit the Home page + And I visit the public conversation link I wrote down + Then I see that the current page is the Authenticate page for the public conversation link I wrote down + + Scenario: join a public conversation protected by password with a valid password as a user + Given I act as John + And I am logged in + And I have opened the Talk app + And I create a public conversation named "Public" + And I protect the conversation with the password "abcdef" + And I see that the conversation is password protected + And I write down the public conversation link + When I act as Jane + And I am logged in as the admin + And I visit the public conversation link I wrote down + And I see that the current page is the Authenticate page for the public conversation link I wrote down + And I authenticate with password "abcdef" in public conversation + Then I see that the current page is the public conversation link I wrote down + And I see that the "Public" conversation is active + And I see that the chat is shown in the main view + And I see that the sidebar is open + And I see that the number of participants shown in the list is "2" + + Scenario: join a public conversation protected by password with an invalid password as a user + Given I act as John + And I am logged in + And I have opened the Talk app + And I create a public conversation named "Public" + And I protect the conversation with the password "abcdef" + And I see that the conversation is password protected + And I write down the public conversation link + When I act as Jane + And I am logged in as the admin + And I visit the public conversation link I wrote down + And I see that the current page is the Authenticate page for the public conversation link I wrote down + And I authenticate with password "fedcba" in public conversation + Then I see that the current page is the Wrong password page for the public conversation link I wrote down + + Scenario: join again a public conversation protected by password as a user + Given I act as John + And I am logged in + And I have opened the Talk app + And I create a public conversation named "Public" + And I protect the conversation with the password "abcdef" + And I see that the conversation is password protected + And I write down the public conversation link + And I act as Jane + And I am logged in as the admin + And I visit the public conversation link I wrote down + And I see that the current page is the Authenticate page for the public conversation link I wrote down + And I authenticate with password "abcdef" in public conversation + And I see that the current page is the public conversation link I wrote down + And I see that the "Public" conversation is active + And I see that the chat is shown in the main view + And I see that the sidebar is open + And I see that the number of participants shown in the list is "2" + When I visit the Home page + And I visit the public conversation link I wrote down + Then I see that the current page is the Authenticate page for the public conversation link I wrote down