chore: don't allow to report own messages and user actions menu divid…

…ers (#30173)
RocketChat · Aug 28, 2023 · 1fbbb62 · 1fbbb62
1 parent 470c29d
commit 1fbbb62
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 10 deletions.
diff --git a/.changeset/many-icons-provide.md b/.changeset/many-icons-provide.md
@@ -0,0 +1,5 @@
+---
+'@rocket.chat/meteor': patch
+---
+
+Don't allow to report self messages
diff --git a/apps/meteor/app/ui-utils/client/lib/messageActionDefault.ts b/apps/meteor/app/ui-utils/client/lib/messageActionDefault.ts
@@ -171,16 +171,16 @@ Meteor.startup(async () => {
 			const { message = messageArgs(this).msg, chat } = props;
 			await chat?.messageEditing.editMessage(message);
 		},
-		condition({ message, subscription, settings, room }) {
+		condition({ message, subscription, settings, room, user }) {
 			if (subscription == null) {
 				return false;
 			}
 			if (isRoomFederated(room)) {
-				return message.u._id === Meteor.userId();
+				return message.u._id === user?._id;
 			}
 			const canEditMessage = hasAtLeastOnePermission('edit-message', message.rid);
 			const isEditAllowed = settings.Message_AllowEditing;
-			const editOwn = message.u && message.u._id === Meteor.userId();
+			const editOwn = message.u && message.u._id === user?._id;
 			if (!(canEditMessage || (isEditAllowed && editOwn))) {
 				return false;
 			}
@@ -214,12 +214,12 @@ Meteor.startup(async () => {
 		async action(this: unknown, _, { message = messageArgs(this).msg, chat }) {
 			await chat?.flows.requestMessageDeletion(message);
 		},
-		condition({ message, subscription, room, chat }) {
+		condition({ message, subscription, room, chat, user }) {
 			if (!subscription) {
 				return false;
 			}
 			if (isRoomFederated(room)) {
-				return message.u._id === Meteor.userId();
+				return message.u._id === user?._id;
 			}
 			const isLivechatRoom = roomCoordinator.isLivechatRoom(room.t);
 			if (isLivechatRoom) {
@@ -248,11 +248,12 @@ Meteor.startup(async () => {
 				},
 			});
 		},
-		condition({ subscription, room }) {
+		condition({ subscription, room, message, user }) {
 			const isLivechatRoom = roomCoordinator.isLivechatRoom(room.t);
-			if (isLivechatRoom) {
+			if (isLivechatRoom || message.u._id === user?._id) {
 				return false;
 			}
+
 			return Boolean(subscription);
 		},
 		order: 9,

diff --git a/apps/meteor/client/views/room/hooks/useUserInfoActions/actions/useRemoveUserAction.tsx b/apps/meteor/client/views/room/hooks/useUserInfoActions/actions/useRemoveUserAction.tsx
@@ -94,7 +94,7 @@ export const useRemoveUserAction = (
 						content: room?.teamMain ? t('Remove_from_team') : t('Remove_from_room'),
 						icon: 'cross' as const,
 						onClick: removeUserOptionAction,
-						type: 'management' as const,
+						type: 'moderation' as const,
 						variant: 'danger' as const,
 				  }
 				: undefined,

diff --git a/apps/meteor/client/views/room/hooks/useUserInfoActions/actions/useReportUser.tsx b/apps/meteor/client/views/room/hooks/useUserInfoActions/actions/useReportUser.tsx
@@ -46,7 +46,7 @@ export const useReportUser = (user: Pick<IUser, '_id' | 'username' | 'name'>): U
 					icon: 'warning' as const,
 					content: t('Report'),
 					onClick: action,
-					type: 'management' as const,
+					type: 'moderation' as const,
 					variant: 'danger' as const,
 			  }
 			: undefined;

diff --git a/apps/meteor/client/views/room/hooks/useUserInfoActions/useUserInfoActions.ts b/apps/meteor/client/views/room/hooks/useUserInfoActions/useUserInfoActions.ts
@@ -17,7 +17,7 @@ import { useRedirectModerationConsole } from './actions/useRedirectModerationCon
 import { useRemoveUserAction } from './actions/useRemoveUserAction';
 import { useReportUser } from './actions/useReportUser';
 
-export type UserInfoActionType = 'communication' | 'privileges' | 'management';
+export type UserInfoActionType = 'communication' | 'privileges' | 'management' | 'moderation';
 
 export type UserInfoAction = {
 	content: string;