switch to another settings key for e2e url previews to protect on change

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2018-06-22 18:44:54 +01:00 · 2018-06-22 18:44:54 +01:00 · acbc84a69c
parent ed4b82f8fc
commit acbc84a69c
3 changed files with 16 additions and 25 deletions
--- a/src/components/structures/RoomView.js
+++ b/src/components/structures/RoomView.js
@ -620,26 +620,11 @@ module.exports = React.createClass({
    },

    _updatePreviewUrlVisibility: function({roomId}) {
-        const levels = [
-            SettingLevel.ROOM_DEVICE,
-            SettingLevel.ROOM_ACCOUNT,
-        ];
-        let showUrlPreview;
-        // in e2ee rooms only care about room-device and room-account, so that user has to explicitly enable previews
-        if (MatrixClientPeg.get().isRoomEncrypted(roomId)) {
-            for (const level of levels) {
-                const value = SettingsStore.getValueAt(level, "urlPreviewsEnabled", roomId, true, true);
-                if (value === Boolean(value)) { // if is Boolean
-                    showUrlPreview = value;
-                    break;
-                }
-            }
-
-            showUrlPreview = showUrlPreview || false;
-        } else {
-            showUrlPreview = SettingsStore.getValue("urlPreviewsEnabled", roomId);
-        }
-        this.setState({showUrlPreview});
+        // URL Previews in E2EE rooms can be a privacy leak so use a different setting which is per-room explicit
+        const key = MatrixClientPeg.get().isRoomEncrypted(roomId) ? 'urlPreviewsEnabled_e2ee' : 'urlPreviewsEnabled';
+        this.setState({
+            showUrlPreview: SettingsStore.getValue(key, roomId),
+        });
    },

    onRoom: function(room) {
--- a/src/components/views/room_settings/UrlPreviewSettings.js
+++ b/src/components/views/room_settings/UrlPreviewSettings.js
@ -50,7 +50,6 @@ module.exports = React.createClass({
        let previewsForAccount = null;
        let previewsForRoom = null;

-
        if (!isEncrypted) {
            // Only show account setting state and room state setting state in non-e2ee rooms where they apply
            const accountEnabled = SettingsStore.getValueAt(SettingLevel.ACCOUNT, "urlPreviewsEnabled");
@ -73,7 +72,7 @@ module.exports = React.createClass({
                    <label>
                        <SettingsFlag name="urlPreviewsEnabled"
                                      level={SettingLevel.ROOM}
-                                      roomId={this.props.room.roomId}
+                                      roomId={roomId}
                                      isExplicit={true}
                                      manualSave={true}
                                      ref="urlPreviewsRoom" />
@ -94,10 +93,10 @@ module.exports = React.createClass({
            );
        }

-        const previewsForRoomAccount = (
-            <SettingsFlag name="urlPreviewsEnabled"
+        const previewsForRoomAccount = ( // in an e2ee room we use a special key to enforce per-room opt-in
+            <SettingsFlag name={isEncrypted ? 'urlPreviewsEnabled_e2ee' : 'urlPreviewsEnabled'}
                          level={SettingLevel.ROOM_ACCOUNT}
-                          roomId={this.props.room.roomId}
+                          roomId={roomId}
                          manualSave={true}
                          ref="urlPreviewsSelf"
            />
--- a/src/settings/Settings.js
+++ b/src/settings/Settings.js
@ -238,6 +238,13 @@ export const SETTINGS = {
        },
        default: true,
    },
+    "urlPreviewsEnabled_e2ee": {
+        supportedLevels: ['room-device', 'room-account'],
+        displayName: {
+            "room-account": _td("Enable URL previews for this room (only affects you)"),
+        },
+        default: false,
+    },
    "roomColor": {
        supportedLevels: LEVELS_ROOM_SETTINGS_WITH_ROOM,
        displayName: _td("Room Colour"),