fix: Validate other members UserName and DisplayName in E2EI [WPB-10402] #2932
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ers_username_and_displayname_in_e2ei
borichellow
requested review from
MohamadJaara,
vitorhugods,
mchenani,
ohassine and
saleniuk
mchenani
reviewed
Aug 5, 2024
| @@ -114,13 +114,13 @@ internal class FetchMLSVerificationStatusUseCaseImpl( | |||
| // check that all identities are valid and name and handle are matching | |||
| for ((userId, wireIdentity) in ccIdentity) { | |||
| val persistedMemberInfo = dbData.members[userId] | |||
| val isUserVerified = wireIdentity.firstOrNull { | |||
| val isUserVerified = wireIdentity.none { | |||
mchenani
reviewed
Aug 5, 2024
Comment on lines
39
to
45
| override suspend operator fun invoke(userId: UserId): Boolean = | ||
| if (isE2EIEnabledUseCase()) { | ||
| mlsConversationRepository.getUserIdentity(userId).fold({ false }, { it.isUserMLSVerified() } | ||
| ) | ||
| val nameHandle = userRepository.getNameAndHandler(userId).getOrNull() | ||
| mlsConversationRepository.getUserIdentity(userId).fold({ false }, { it.isUserMLSVerified(nameHandle) }) | ||
| } else { | ||
| false | ||
| } |
There was a problem hiding this comment.
suggestion:
override suspend operator fun invoke(userId: UserId): Boolean = isE2EIEnabledUseCase() && userRepository.getNameAndHandler(userId).getOrNull()?.let { nameHandle -> mlsConversationRepository.getUserIdentity(userId).fold( onSuccess = { it.isUserMLSVerified(nameHandle) }, onFailure = { false } ) } ?: false
There was a problem hiding this comment.
I tried even shorter:
override suspend operator fun invoke(userId: UserId): Boolean =
isE2EIEnabledUseCase() && userRepository.getNameAndHandler(userId).flatMap { nameHandle ->
mlsConversationRepository.getUserIdentity(userId).map { it.isUserMLSVerified(nameHandle) }
}.getOrElse(false)
but i don't like it. Yes it's 3 lines instead of 6, but IMO if else is more readable and easier to understand in that case :)
mchenani
approved these changes
Aug 5, 2024
Datadog ReportAll test runs ✅ 2 Total Test Services: 0 Failed, 2 Passed Test Services
|
…ers_username_and_displayname_in_e2ei
mchenani
approved these changes
Aug 7, 2024
alexandreferris
approved these changes
Aug 8, 2024
persistence/src/commonMain/kotlin/com/wire/kalium/persistence/dao/UserDAO.kt
Outdated
Show resolved
Hide resolved
|
borichellow
deleted the
fix/validate_other_members_username_and_displayname_in_e2ei
branch
echoes-hq
bot
added
the
echoes: unplanned
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What's new in this PR?
Issues
The checking "if user has valid E2EI" was not full in Participants list and UserProfile.
We should also check if users
displayNameandhandleare the same as in E2EI certificate.Causes (Optional)
Was not implemented.
Solutions
Implement it and add/update tests for new scenarios.