From 7cf18923b59d630d8d6694c73d33218a6f7d943d Mon Sep 17 00:00:00 2001 From: Marcel Hibbe Date: Tue, 10 May 2022 16:08:18 +0200 Subject: [PATCH] add check if delete message is allowed to be executed Signed-off-by: Marcel Hibbe --- .../talk/controllers/ChatController.kt | 88 +++++++++++-------- .../talk/utils/AttendeePermissionsUtil.kt | 2 +- 2 files changed, 50 insertions(+), 40 deletions(-) diff --git a/app/src/main/java/com/nextcloud/talk/controllers/ChatController.kt b/app/src/main/java/com/nextcloud/talk/controllers/ChatController.kt index 10d395472..8c55ab763 100644 --- a/app/src/main/java/com/nextcloud/talk/controllers/ChatController.kt +++ b/app/src/main/java/com/nextcloud/talk/controllers/ChatController.kt @@ -2513,50 +2513,60 @@ class ChatController(args: Bundle) : } fun deleteMessage(message: IMessage?) { - var apiVersion = 1 - // FIXME Fix API checking with guests? - if (conversationUser != null) { - apiVersion = ApiUtils.getChatApiVersion(conversationUser, intArrayOf(1)) - } - - ncApi?.deleteChatMessage( - credentials, - ApiUtils.getUrlForChatMessage( - apiVersion, - conversationUser?.baseUrl, - roomToken, - message?.id + if (!AttendeePermissionsUtil(currentConversation!!.permissions) + .canPostChatShareItemsDoReaction(conversationUser!!) + ) { + Log.e( + TAG, "Deletion of message is skipped because of restrictions by permissions. " + + "This method should not have been called!" ) - )?.subscribeOn(Schedulers.io()) - ?.observeOn(AndroidSchedulers.mainThread()) - ?.subscribe(object : Observer { - override fun onSubscribe(d: Disposable) { - // unused atm - } + Toast.makeText(context, R.string.nc_common_error_sorry, Toast.LENGTH_LONG).show() + } else { + var apiVersion = 1 + // FIXME Fix API checking with guests? + if (conversationUser != null) { + apiVersion = ApiUtils.getChatApiVersion(conversationUser, intArrayOf(1)) + } - override fun onNext(t: ChatOverallSingleMessage) { - if (t.ocs.meta.statusCode == HttpURLConnection.HTTP_ACCEPTED) { - Toast.makeText( - context, R.string.nc_delete_message_leaked_to_matterbridge, - Toast.LENGTH_LONG - ).show() + ncApi?.deleteChatMessage( + credentials, + ApiUtils.getUrlForChatMessage( + apiVersion, + conversationUser?.baseUrl, + roomToken, + message?.id + ) + )?.subscribeOn(Schedulers.io()) + ?.observeOn(AndroidSchedulers.mainThread()) + ?.subscribe(object : Observer { + override fun onSubscribe(d: Disposable) { + // unused atm } - } - override fun onError(e: Throwable) { - Log.e( - TAG, - "Something went wrong when trying to delete message with id " + - message?.id, - e - ) - Toast.makeText(context, R.string.nc_common_error_sorry, Toast.LENGTH_LONG).show() - } + override fun onNext(t: ChatOverallSingleMessage) { + if (t.ocs.meta.statusCode == HttpURLConnection.HTTP_ACCEPTED) { + Toast.makeText( + context, R.string.nc_delete_message_leaked_to_matterbridge, + Toast.LENGTH_LONG + ).show() + } + } - override fun onComplete() { - // unused atm - } - }) + override fun onError(e: Throwable) { + Log.e( + TAG, + "Something went wrong when trying to delete message with id " + + message?.id, + e + ) + Toast.makeText(context, R.string.nc_common_error_sorry, Toast.LENGTH_LONG).show() + } + + override fun onComplete() { + // unused atm + } + }) + } } fun replyPrivately(message: IMessage?) { diff --git a/app/src/main/java/com/nextcloud/talk/utils/AttendeePermissionsUtil.kt b/app/src/main/java/com/nextcloud/talk/utils/AttendeePermissionsUtil.kt index 61f8a5491..60fcdf304 100644 --- a/app/src/main/java/com/nextcloud/talk/utils/AttendeePermissionsUtil.kt +++ b/app/src/main/java/com/nextcloud/talk/utils/AttendeePermissionsUtil.kt @@ -34,7 +34,7 @@ class AttendeePermissionsUtil(flag: Int) { if (CapabilitiesUtil.hasSpreedFeatureCapability(user, "chat-permission")) { return canPostChatShareItemsDoReaction } - // if capability is not available the spreed version doesn't support to restrict this + // if capability is not available then the spreed version doesn't support to restrict this return true }