From 376293d20612998f93e995f938de5302ac343695 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 27 Oct 2020 10:12:03 +0100 Subject: [PATCH 1/8] Make possible to verify a subset of the room properties Signed-off-by: Joas Schilling --- .../features/bootstrap/FeatureContext.php | 30 +++++++++++++++---- 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/tests/integration/features/bootstrap/FeatureContext.php b/tests/integration/features/bootstrap/FeatureContext.php index 891f30d8e63..25aed02c352 100644 --- a/tests/integration/features/bootstrap/FeatureContext.php +++ b/tests/integration/features/bootstrap/FeatureContext.php @@ -169,12 +169,30 @@ public function userIsParticipantOfRooms($user, TableNode $formData = null) { $participantNames[$lastParticipantKey] .= ' [exact order]'; } - return [ - 'id' => self::$tokenToIdentifier[$room['token']], - 'type' => (string) $room['type'], - 'participantType' => (string) $room['participantType'], - 'participants' => implode(', ', $participantNames), - ]; + $data = []; + if (isset($expectedRoom['id'])) { + $data['id'] = self::$tokenToIdentifier[$room['token']]; + } + if (isset($expectedRoom['name'])) { + $data['name'] = $room['name']; + } + if (isset($expectedRoom['type'])) { + $data['type'] = (string) $room['type']; + } + if (isset($expectedRoom['hasPassword'])) { + $data['hasPassword'] = (string) $room['hasPassword']; + } + if (isset($expectedRoom['readOnly'])) { + $data['readOnly'] = (string) $room['readOnly']; + } + if (isset($expectedRoom['participantType'])) { + $data['participantType'] = (string) $room['participantType']; + } + if (isset($expectedRoom['participants'])) { + $data['participants'] = implode(', ', $participantNames); + } + + return $data; }, $rooms, $formData->getHash())); } From 0c85220ef2c1dae567f2e6979a1a346dfb3de577 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Thu, 12 Nov 2020 20:55:16 +0100 Subject: [PATCH 2/8] Make possible to verify room data also for single rooms MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Until now it was possible to verify the room data when getting the full room list with the "user is participant of the following rooms" step. Now the same can be optionally done when using "user is participant of room XXX" too. Signed-off-by: Daniel Calviño Sánchez --- .../features/bootstrap/FeatureContext.php | 31 +++++++++++++++++-- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/tests/integration/features/bootstrap/FeatureContext.php b/tests/integration/features/bootstrap/FeatureContext.php index 25aed02c352..627e27da58c 100644 --- a/tests/integration/features/bootstrap/FeatureContext.php +++ b/tests/integration/features/bootstrap/FeatureContext.php @@ -143,6 +143,14 @@ public function userIsParticipantOfRooms($user, TableNode $formData = null) { return; } + $this->assertRooms($rooms, $formData); + } + + /** + * @param array $rooms + * @param TableNode $formData + */ + private function assertRooms($rooms, TableNode $formData) { Assert::assertCount(count($formData->getHash()), $rooms, 'Room count does not match'); Assert::assertEquals($formData->getHash(), array_map(function ($room, $expectedRoom) { $participantNames = array_map(function ($participant) { @@ -202,10 +210,11 @@ public function userIsParticipantOfRooms($user, TableNode $formData = null) { * @param string $user * @param string $isOrNotParticipant * @param string $identifier + * @param TableNode|null $formData */ - public function userIsParticipantOfRoom($user, $isOrNotParticipant, $identifier) { + public function userIsParticipantOfRoom($user, $isOrNotParticipant, $identifier, TableNode $formData = null) { if (strpos($user, 'guest') === 0) { - $this->guestIsParticipantOfRoom($user, $isOrNotParticipant, $identifier); + $this->guestIsParticipantOfRoom($user, $isOrNotParticipant, $identifier, $formData); return; } @@ -229,6 +238,15 @@ public function userIsParticipantOfRoom($user, $isOrNotParticipant, $identifier) foreach ($rooms as $room) { if (self::$tokenToIdentifier[$room['token']] === $identifier) { Assert::assertEquals($isParticipant, true, 'Room ' . $identifier . ' found in user´s room list'); + + if ($formData) { + $this->sendRequest('GET', '/apps/spreed/api/v1/room/' . self::$identifierToToken[$identifier]); + + $rooms = [$this->getDataFromResponse($this->response)]; + + $this->assertRooms($rooms, $formData); + } + return; } } @@ -240,8 +258,9 @@ public function userIsParticipantOfRoom($user, $isOrNotParticipant, $identifier) * @param string $guest * @param string $isOrNotParticipant * @param string $identifier + * @param TableNode|null $formData */ - private function guestIsParticipantOfRoom($guest, $isOrNotParticipant, $identifier) { + private function guestIsParticipantOfRoom($guest, $isOrNotParticipant, $identifier, TableNode $formData = null) { $this->setCurrentUser($guest); $this->sendRequest('GET', '/apps/spreed/api/v1/room/' . self::$identifierToToken[$identifier]); @@ -249,6 +268,12 @@ private function guestIsParticipantOfRoom($guest, $isOrNotParticipant, $identifi $isParticipant = $isOrNotParticipant === 'is'; + if ($formData) { + $rooms = [$response]; + + $this->assertRooms($rooms, $formData); + } + if ($isParticipant) { $this->assertStatusCode($this->response, 200); Assert::assertEquals(self::$userToSessionId[$guest], $response['sessionId']); From e2eee4f35adcb995146e77d181f84b416c51fcff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Fri, 20 Nov 2020 12:10:38 +0100 Subject: [PATCH 3/8] Add integration tests for password request rooms MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Daniel Calviño Sánchez --- .../features/bootstrap/FeatureContext.php | 24 +++ .../conversation/password-request.feature | 154 ++++++++++++++++++ 2 files changed, 178 insertions(+) create mode 100644 tests/integration/features/conversation/password-request.feature diff --git a/tests/integration/features/bootstrap/FeatureContext.php b/tests/integration/features/bootstrap/FeatureContext.php index 627e27da58c..56d6ce2bc5a 100644 --- a/tests/integration/features/bootstrap/FeatureContext.php +++ b/tests/integration/features/bootstrap/FeatureContext.php @@ -447,6 +447,30 @@ public function userGetsTheRoomForLastShare($user, $statusCode) { self::$tokenToIdentifier[$response['token']] = $identifier; } + /** + * @Then /^user "([^"]*)" creates the password request room for last share with (\d+)$/ + * + * @param string $user + * @param int $statusCode + */ + public function userCreatesThePasswordRequestRoomForLastShare($user, $statusCode) { + $shareToken = $this->sharingContext->getLastShareToken(); + + $this->setCurrentUser($user); + $this->sendRequest('POST', '/apps/spreed/api/v1/publicshareauth', ['shareToken' => $shareToken]); + $this->assertStatusCode($this->response, $statusCode); + + if ($statusCode !== '201') { + return; + } + + $response = $this->getDataFromResponse($this->response); + + $identifier = 'password request for last share room'; + self::$identifierToToken[$identifier] = $response['token']; + self::$tokenToIdentifier[$response['token']] = $identifier; + } + /** * @Then /^user "([^"]*)" joins room "([^"]*)" with (\d+)$/ * diff --git a/tests/integration/features/conversation/password-request.feature b/tests/integration/features/conversation/password-request.feature new file mode 100644 index 00000000000..4f39dd1eb4b --- /dev/null +++ b/tests/integration/features/conversation/password-request.feature @@ -0,0 +1,154 @@ +Feature: conversation/password-request + + Background: + Given user "participant1" exists + Given user "participant2" exists + + Scenario: create password-request room for file shared by link + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + When user "guest" creates the password request room for last share with 201 + Then user "participant1" is participant of room "password request for last share room" + | name | type | participantType | participants | + | welcome.txt | 3 | 1 | participant1-displayname | + And user "guest" is not participant of room "password request for last share room" + + Scenario: create password-request room for folder shared by link + Given user "participant1" creates folder "/test" + And user "participant1" shares "test" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + When user "guest" creates the password request room for last share with 201 + Then user "participant1" is participant of room "password request for last share room" + | name | type | participantType | participants | + | test | 3 | 1 | participant1-displayname | + And user "guest" is not participant of room "password request for last share room" + + Scenario: create password-request room for folder reshared by link + Given user "participant1" creates folder "/test" + And user "participant1" shares "test" with user "participant2" with OCS 100 + And user "participant2" shares "test" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + When user "guest" creates the password request room for last share with 201 + Then user "participant2" is participant of room "password request for last share room" + | name | type | participantType | participants | + | test | 3 | 1 | participant2-displayname | + And user "participant1" is not participant of room "password request for last share room" + And user "guest" is not participant of room "password request for last share room" + + Scenario: create password-request room for file shared by link but not protected by Talk + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + When user "guest" creates the password request room for last share with 404 + + + + # Creating and joining the password request room is a two steps process. + # Technically one guest or user could create the room and a different one + # join it, but it does not really matter who created the room, only who joins + # it and talks with the owner (and, besides that, the WebUI joins the room + # immediately after creating it). + + Scenario: guest can join the password request room + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + When user "guest" joins room "password request for last share room" with 200 + Then user "guest" is participant of room "password request for last share room" + + Scenario: user can join the password request room + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "participant2" creates the password request room for last share with 201 + When user "participant2" joins room "password request for last share room" with 200 + Then user "participant2" is participant of room "password request for last share room" + + Scenario: owner can join the password request room + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + When user "participant1" joins room "password request for last share room" with 200 + + + + Scenario: guest leaves the password request room + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + And user "guest" joins room "password request for last share room" with 200 + And user "participant1" joins room "password request for last share room" with 200 + When user "guest" leaves room "password request for last share room" with 200 + Then user "participant1" is not participant of room "password request for last share room" + And user "guest" is not participant of room "password request for last share room" + + Scenario: user leaves the password request room + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "participant2" creates the password request room for last share with 201 + And user "participant2" joins room "password request for last share room" with 200 + And user "participant1" joins room "password request for last share room" with 200 + When user "participant2" leaves room "password request for last share room" with 200 + Then user "participant1" is not participant of room "password request for last share room" + And user "participant2" is not participant of room "password request for last share room" + + Scenario: owner leaves the password request room + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + And user "guest" joins room "password request for last share room" with 200 + And user "participant1" joins room "password request for last share room" with 200 + When user "participant1" leaves room "password request for last share room" with 200 + Then user "participant1" is not participant of room "password request for last share room" + And user "guest" is not participant of room "password request for last share room" + + + + Scenario: guest can start a call + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + And user "guest" joins room "password request for last share room" with 200 + When user "guest" joins call "password request for last share room" with 200 + Then user "guest" sees 1 peers in call "password request for last share room" with 200 + And user "participant1" sees 1 peers in call "password request for last share room" with 200 + + Scenario: owner can join a call + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + And user "guest" joins room "password request for last share room" with 200 + And user "participant1" joins room "password request for last share room" with 200 + And user "guest" joins call "password request for last share room" with 200 + When user "participant1" joins call "password request for last share room" with 200 + Then user "guest" sees 2 peers in call "password request for last share room" with 200 + And user "participant1" sees 2 peers in call "password request for last share room" with 200 + + + + Scenario: participants can send and receive chat messages + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + And user "participant1" joins room "password request for last share room" with 200 + And user "guest" joins room "password request for last share room" with 200 + When user "participant1" sends message "Message 1" to room "password request for last share room" with 201 + And user "guest" sends message "Message 2" to room "password request for last share room" with 201 + Then user "participant1" sees the following messages in room "password request for last share room" with 200 + | room | actorType | actorId | actorDisplayName | message | messageParameters | + | password request for last share room | guests | guest | | Message 2 | [] | + | password request for last share room | users | participant1 | participant1-displayname | Message 1 | [] | + And user "guest" sees the following messages in room "password request for last share room" with 200 + | room | actorType | actorId | actorDisplayName | message | messageParameters | + | password request for last share room | guests | guest | | Message 2 | [] | + | password request for last share room | users | participant1 | participant1-displayname | Message 1 | [] | From bd01cd62c35bafaa5df7bfc4a28bf45111c6b505 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Fri, 20 Nov 2020 12:39:58 +0100 Subject: [PATCH 4/8] Fix additional participants being able to join a password request room MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes a regression introduced in 4afa2d7946. The active guests are only those who are currently in a call, and not those who are currently in the conversation. Therefore other guests or users were not prevented from joining a password request conversation if a guest was in the conversation but not in the call. Fortunately in practice this was not a problem, as the Web UI starts a call immediately after joining the conversation, which made the guest immediately active and thus prevented others from joining. Signed-off-by: Daniel Calviño Sánchez --- lib/PublicShareAuth/Listener.php | 4 +- .../features/bootstrap/FeatureContext.php | 4 ++ .../conversation/password-request.feature | 37 +++++++++++++++++++ 3 files changed, 43 insertions(+), 2 deletions(-) diff --git a/lib/PublicShareAuth/Listener.php b/lib/PublicShareAuth/Listener.php index a0518504f26..746f815b0b3 100644 --- a/lib/PublicShareAuth/Listener.php +++ b/lib/PublicShareAuth/Listener.php @@ -89,7 +89,7 @@ public static function preventExtraUsersFromJoining(Room $room, string $userId): } catch (ParticipantNotFoundException $e) { } - if ($room->getActiveGuests() > 0 || \count($room->getParticipantUserIds()) > 1) { + if ($room->getNumberOfParticipants(false) > 1) { throw new \OverflowException('Only the owner and another participant are allowed in rooms to request the password for a share'); } } @@ -108,7 +108,7 @@ public static function preventExtraGuestsFromJoining(Room $room): void { return; } - if ($room->getActiveGuests() > 0 || \count($room->getParticipantUserIds()) > 1) { + if ($room->getNumberOfParticipants(false) > 1) { throw new \OverflowException('Only the owner and another participant are allowed in rooms to request the password for a share'); } } diff --git a/tests/integration/features/bootstrap/FeatureContext.php b/tests/integration/features/bootstrap/FeatureContext.php index 56d6ce2bc5a..b3ffaf4c3a5 100644 --- a/tests/integration/features/bootstrap/FeatureContext.php +++ b/tests/integration/features/bootstrap/FeatureContext.php @@ -487,6 +487,10 @@ public function userJoinsRoom($user, $identifier, $statusCode, TableNode $formDa ); $this->assertStatusCode($this->response, $statusCode); + if ($statusCode !== '200') { + return; + } + $response = $this->getDataFromResponse($this->response); if (array_key_exists('sessionId', $response)) { // In the chat guest users are identified by their sessionId. The diff --git a/tests/integration/features/conversation/password-request.feature b/tests/integration/features/conversation/password-request.feature index 4f39dd1eb4b..c0cfa71d2e7 100644 --- a/tests/integration/features/conversation/password-request.feature +++ b/tests/integration/features/conversation/password-request.feature @@ -3,6 +3,7 @@ Feature: conversation/password-request Background: Given user "participant1" exists Given user "participant2" exists + Given user "participant3" exists Scenario: create password-request room for file shared by link Given user "participant1" shares "welcome.txt" by link with OCS 100 @@ -74,6 +75,42 @@ Feature: conversation/password-request And user "guest" creates the password request room for last share with 201 When user "participant1" joins room "password request for last share room" with 200 + Scenario: other guests can not join the password request room when a guest already joined + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + And user "guest" joins room "password request for last share room" with 200 + When user "guest2" joins room "password request for last share room" with 404 + Then user "guest2" is not participant of room "password request for last share room" + + Scenario: other guests can not join the password request room when a user already joined + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "participant2" creates the password request room for last share with 201 + And user "participant2" joins room "password request for last share room" with 200 + When user "guest" joins room "password request for last share room" with 404 + Then user "guest" is not participant of room "password request for last share room" + + Scenario: other users can not join the password request room when a guest already joined + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + And user "guest" joins room "password request for last share room" with 200 + When user "participant2" joins room "password request for last share room" with 404 + Then user "participant2" is not participant of room "password request for last share room" + + Scenario: other users can not join the password request room when a user already joined + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "participant2" creates the password request room for last share with 201 + And user "participant2" joins room "password request for last share room" with 200 + When user "participant3" joins room "password request for last share room" with 404 + Then user "participant3" is not participant of room "password request for last share room" + Scenario: guest leaves the password request room From 23d077ad7cada538bb15de0423a7738cc7cc343b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Tue, 24 Nov 2020 10:13:30 +0100 Subject: [PATCH 5/8] Fix owner being able to add more users to a password request room MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Only the owner and another participant will be allowed to join a password request room, so there is no point in being able to add more participants to those rooms. Although throwing the exception in the listener is enough to prevent adding the participants unhandled exceptions in the endpoint are returned as error 404, but the expected error would be 400. To minimize conflicts with other pull requests and backports it is explicitly checked if the room is a password request room instead of refactoring the code to handle the exception. Signed-off-by: Daniel Calviño Sánchez --- docs/participant.md | 2 +- lib/Controller/RoomController.php | 2 +- lib/PublicShareAuth/Listener.php | 34 +++++++++++++++++++ .../conversation/password-request.feature | 11 ++++++ 4 files changed, 47 insertions(+), 2 deletions(-) diff --git a/docs/participant.md b/docs/participant.md index bb72dd0e42c..ea014f9cf30 100644 --- a/docs/participant.md +++ b/docs/participant.md @@ -40,7 +40,7 @@ Base endpoint is: `/ocs/v2.php/apps/spreed/api/v1` - Status code: + `200 OK` + `400 Bad Request` When the source type is unknown, currently `users`, `groups`, `emails` are supported. `circles` are supported with `circles-support` capability - + `400 Bad Request` When the conversation is a one-to-one conversation + + `400 Bad Request` When the conversation is a one-to-one conversation or a conversation to request a password for a share + `403 Forbidden` When the current user is not a moderator or owner + `404 Not Found` When the conversation could not be found for the participant + `404 Not Found` When the user or group to add could not be found diff --git a/lib/Controller/RoomController.php b/lib/Controller/RoomController.php index 04a0b06b55e..65d6f56dd6a 100644 --- a/lib/Controller/RoomController.php +++ b/lib/Controller/RoomController.php @@ -903,7 +903,7 @@ public function getParticipants(): DataResponse { * @return DataResponse */ public function addParticipantToRoom(string $newParticipant, string $source = 'users'): DataResponse { - if ($this->room->getType() === Room::ONE_TO_ONE_CALL) { + if ($this->room->getType() === Room::ONE_TO_ONE_CALL || $this->room->getObjectType() === 'share:password') { return new DataResponse([], Http::STATUS_BAD_REQUEST); } diff --git a/lib/PublicShareAuth/Listener.php b/lib/PublicShareAuth/Listener.php index 746f815b0b3..5c6dbf78821 100644 --- a/lib/PublicShareAuth/Listener.php +++ b/lib/PublicShareAuth/Listener.php @@ -24,6 +24,7 @@ namespace OCA\Talk\PublicShareAuth; +use OCA\Talk\Events\AddParticipantsEvent; use OCA\Talk\Events\JoinRoomGuestEvent; use OCA\Talk\Events\JoinRoomUserEvent; use OCA\Talk\Events\RoomEvent; @@ -57,6 +58,11 @@ public static function register(IEventDispatcher $dispatcher): void { }; $dispatcher->addListener(Room::EVENT_BEFORE_GUEST_CONNECT, $listener); + $listener = static function (AddParticipantsEvent $event) { + self::preventExtraUsersFromBeingAdded($event->getRoom(), $event->getParticipants()); + }; + $dispatcher->addListener(Room::EVENT_BEFORE_USERS_ADD, $listener); + $listener = static function (RoomEvent $event) { self::destroyRoomOnParticipantLeave($event->getRoom()); }; @@ -113,6 +119,34 @@ public static function preventExtraGuestsFromJoining(Room $room): void { } } + /** + * Prevents other users from being added to the room (as they will not be + * able to join). + * + * This method should be called before a user is added to a room. + * + * @param Room $room + * @param array[] $participants + * @throws \OverflowException + */ + public static function preventExtraUsersFromBeingAdded(Room $room, array $participants): void { + if ($room->getObjectType() !== 'share:password') { + return; + } + + // Events with more than one participant can be directly aborted, as + // when the owner is added during room creation or a user self-joins the + // event will always have just one participant. + if (count($participants) > 1) { + throw new \OverflowException('Only the owner and another participant are allowed in rooms to request the password for a share'); + } + + $participant = $participants[0]; + if ($participant['participantType'] !== Participant::OWNER && $participant['participantType'] !== Participant::USER_SELF_JOINED) { + throw new \OverflowException('Only the owner and another participant are allowed in rooms to request the password for a share'); + } + } + /** * Destroys the PublicShareAuth room as soon as one of the participant * leaves the room. diff --git a/tests/integration/features/conversation/password-request.feature b/tests/integration/features/conversation/password-request.feature index c0cfa71d2e7..d8a1b83febc 100644 --- a/tests/integration/features/conversation/password-request.feature +++ b/tests/integration/features/conversation/password-request.feature @@ -113,6 +113,17 @@ Feature: conversation/password-request + Scenario: owner can not add other users to a password request room + Given user "participant1" shares "welcome.txt" by link with OCS 100 + | password | 123456 | + | sendPasswordByTalk | true | + And user "guest" creates the password request room for last share with 201 + And user "participant1" joins room "password request for last share room" with 200 + When user "participant1" adds "participant2" to room "password request for last share room" with 400 + Then user "participant2" is not participant of room "password request for last share room" + + + Scenario: guest leaves the password request room Given user "participant1" shares "welcome.txt" by link with OCS 100 | password | 123456 | From e16027ad0c3e4bab8e10877e5d3e7c48b9efbc0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Tue, 24 Nov 2020 10:14:01 +0100 Subject: [PATCH 6/8] Inform the user if an error occurred when adding participants MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Daniel Calviño Sánchez --- src/components/RightSidebar/Participants/ParticipantsTab.vue | 1 + 1 file changed, 1 insertion(+) diff --git a/src/components/RightSidebar/Participants/ParticipantsTab.vue b/src/components/RightSidebar/Participants/ParticipantsTab.vue index 6397e7da955..3ec9d12cf66 100644 --- a/src/components/RightSidebar/Participants/ParticipantsTab.vue +++ b/src/components/RightSidebar/Participants/ParticipantsTab.vue @@ -208,6 +208,7 @@ export default { this.cancelableGetParticipants() } catch (exception) { console.debug(exception) + showError(t('spreed', 'An error occurred while adding the participants')) } }, From 4e62ee90912fc047511ea84777bb864e16b69e97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Tue, 24 Nov 2020 10:14:16 +0100 Subject: [PATCH 7/8] Do not show the search box in password request rooms MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Daniel Calviño Sánchez --- src/components/RightSidebar/RightSidebar.vue | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/components/RightSidebar/RightSidebar.vue b/src/components/RightSidebar/RightSidebar.vue index c48fc033010..a98d4839563 100644 --- a/src/components/RightSidebar/RightSidebar.vue +++ b/src/components/RightSidebar/RightSidebar.vue @@ -156,7 +156,7 @@ export default { displaySearchBox() { return this.canFullModerate && (this.conversation.type === CONVERSATION.TYPE.GROUP - || this.conversation.type === CONVERSATION.TYPE.PUBLIC) + || (this.conversation.type === CONVERSATION.TYPE.PUBLIC && this.conversation.objectType !== 'share:password')) }, isSearching() { return this.searchText !== '' From 5d033454d684f766566a87fa886ccfcd25d78ec2 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Fri, 27 Nov 2020 09:27:01 +0100 Subject: [PATCH 8/8] No participants means everything is okay Signed-off-by: Joas Schilling --- lib/PublicShareAuth/Listener.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/PublicShareAuth/Listener.php b/lib/PublicShareAuth/Listener.php index 5c6dbf78821..192c9f26231 100644 --- a/lib/PublicShareAuth/Listener.php +++ b/lib/PublicShareAuth/Listener.php @@ -134,6 +134,10 @@ public static function preventExtraUsersFromBeingAdded(Room $room, array $partic return; } + if (empty($participants)) { + return; + } + // Events with more than one participant can be directly aborted, as // when the owner is added during room creation or a user self-joins the // event will always have just one participant.