Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request from GHSA-hjfc-36rw-8gvp
  • Loading branch information
typfel committed May 7, 2021
1 parent 35af3f6 commit bf9db85
Show file tree
Hide file tree
Showing 4 changed files with 32 additions and 11 deletions.
11 changes: 8 additions & 3 deletions Source/Model/Conversation/ZMConversation+Participants.swift
Expand Up @@ -173,7 +173,7 @@ extension ZMConversation {

if !addedRoles.isEmpty {
self.checkIfArchivedStatusChanged(addedSelfUser: addedSelfUser)
self.checkIfVerificationLevelChanged(addedUsers: Set(addedRoles.map { $0.user}))
self.checkIfVerificationLevelChanged(addedUsers: Set(addedRoles.map { $0.user}), addedSelfUser: addedSelfUser)
}
}

Expand Down Expand Up @@ -216,8 +216,13 @@ extension ZMConversation {
}
}

private func checkIfVerificationLevelChanged(addedUsers: Set<ZMUser>) {
self.decreaseSecurityLevelIfNeededAfterDiscovering(clients: Set(addedUsers.flatMap { $0.clients }), causedBy: addedUsers)
private func checkIfVerificationLevelChanged(addedUsers: Set<ZMUser>, addedSelfUser: Bool) {
let clients = Set(addedUsers.flatMap { $0.clients })
self.decreaseSecurityLevelIfNeededAfterDiscovering(clients: clients, causedBy: addedUsers)

if addedSelfUser {
self.increaseSecurityLevelIfNeededAfterTrusting(clients: clients)
}
}

/// Remove participants to the conversation. The method will decide on its own whether
Expand Down
8 changes: 5 additions & 3 deletions Source/Model/Conversation/ZMConversation+SecurityLevel.swift
Expand Up @@ -206,11 +206,13 @@ extension ZMConversation {
}

private func increaseSecurityLevelIfNeeded(for cause: SecurityChangeCause) {
guard securityLevel != .secure &&
guard
securityLevel != .secure &&
allUsersTrusted &&
allParticipantsHaveClients &&
conversationType != .connection else {
return
conversationType.isOne(of: .group, .oneOnOne, .invalid)
else {
return
}

securityLevel = .secure
Expand Down
Expand Up @@ -977,7 +977,7 @@ class ZMConversationTests_SecurityLevel: ZMConversationTestsBase {
let otherUnverifiedUsers = self.setupUnverifiedUsers(count: 1)

// THEN
XCTAssertEqual(conversation.allMessages.count, 2)
XCTAssertEqual(conversation.allMessages.count, 4)
guard let lastMessage1 = conversation.lastMessage as? ZMSystemMessage else {
return XCTFail()
}
Expand All @@ -988,7 +988,7 @@ class ZMConversationTests_SecurityLevel: ZMConversationTestsBase {
_ = self.simulateAdding(users: otherUnverifiedUsers, conversation: conversation, by: selfUser)

// THEN
XCTAssertEqual(conversation.allMessages.count, 3)
XCTAssertEqual(conversation.allMessages.count, 5)
guard let lastMessage2 = conversation.lastMessage as? ZMSystemMessage else {
return XCTFail()
}
Expand All @@ -1012,4 +1012,20 @@ class ZMConversationTests_SecurityLevel: ZMConversationTestsBase {
XCTAssertEqual(conversation.securityLevel, .secure)
}

func testThatSecurityLevelIsIncreased_WhenAddingSelfUserToAnExistingConversation() {
// given
let selfUser = ZMUser.selfUser(in: self.uiMOC)
self.createSelfClient(onMOC: self.uiMOC)
let conversation = ZMConversation.insertNewObject(in: self.uiMOC)
conversation.conversationType = .group
conversation.remoteIdentifier = UUID()


// when
conversation.addParticipantAndUpdateConversationState(user: selfUser, role: nil)

// then
XCTAssertEqual(conversation.securityLevel, .secure)
}

}
4 changes: 1 addition & 3 deletions Tests/Source/Model/User/ZMUserLegalHoldTests.swift
Expand Up @@ -90,9 +90,7 @@ class ZMUserLegalHoldTests: ModelObjectsTests {
// THEN
XCTAssertEqual(selfUser.legalHoldStatus, .enabled)
XCTAssertTrue(selfUser.needsToAcknowledgeLegalHoldStatus)

let lastMessage = conversation.lastMessage as? ZMSystemMessage
XCTAssertEqual(lastMessage?.systemMessageType, .legalHoldEnabled)
XCTAssertTrue(conversation.allMessages.contains(where: { ($0 as? ZMSystemMessage)?.systemMessageType == .legalHoldEnabled }))
XCTAssertTrue(conversation.isUnderLegalHold)
}

Expand Down

0 comments on commit bf9db85

Please sign in to comment.