# This is a combination of 9 commits.

# This is the 1st commit message:

feat: add option to force passwords in public conversations

Signed-off-by: Anna Larch <anna@nextcloud.com>

# The commit message #2 will be skipped:

# fixup! feat: add option to force passwords in public conversations

# The commit message #3 will be skipped:

# fixup! feat: add option to force passwords in public conversations

# The commit message #4 will be skipped:

# fixup! feat: add option to force passwords in public conversations

# The commit message #5 will be skipped:

# fixup! fixup! feat: add option to force passwords in public conversations

# The commit message #6 will be skipped:

# fixup! fixup! feat: add option to force passwords in public conversations

# The commit message #7 will be skipped:

# fixup! feat: add option to force passwords in public conversations

# The commit message #8 will be skipped:

# fixup! feat: add option to force passwords in public conversations

# The commit message #9 will be skipped:

# fixup! feat: add option to force passwords in public conversations

docs/capabilities.md

@@ -166,3 +166,7 @@
 * `config => call => start-without-media` (local) - Boolean, whether media should be disabled when starting or joining a conversation
 * `config => call => max-duration` - Integer, maximum call duration in seconds. Please note that this should only be used with system cron and with a reasonable high value, due to the expended duration until the background job ran.
 * `config => call => blur-virtual-background` (local) - Boolean, whether blur background is set by default when joining a conversation
+
+## 21
+* `config => conversations => force-passwords` - Whether passwords are enforced for public rooms
+* `conversation-creation-password` - Whether the endpoints for creating public conversations or making a conversation public support setting a password

docs/conversation.md

@@ -115,7 +115,6 @@
 ## Creating a new conversation
 
 *Note:* Creating a conversation as a child breakout room, will automatically set the lobby when breakout rooms are not started and will always overwrite the room type with the parent room type. Also, moderators of the parent conversation will be automatically added as moderators.
-
 * Method: `POST`
 * Endpoint: `/room`
 * Data:
@@ -128,13 +127,15 @@
 | `roomName`   | string | Conversation name up to 255 characters (Not available for `roomType = 1`)                                                                                                |
 | `objectType` | string | Type of an object this room references, currently only allowed value is `room` to indicate the parent of a breakout room (See [Object types](constants.md#object-types)) |
 | `objectId`   | string | Id of an object this room references, room token is used for the parent of a breakout room                                                                               |
+| `password`   | string | Password for the room (only available with `conversation-creation-password` capability)                                                                                  |
 
 * Response:
     - Status code:
         + `200 OK` When the "one to one" conversation already exists
         + `201 Created` When the conversation was created
         + `400 Bad Request` When an invalid conversation type was given
         + `400 Bad Request` When the conversation name is empty for `type = 3`
+        + `400 Bad Request` When a password is required for a public room or when the password is invalid according to the password policy
         + `401 Unauthorized` When the user is not logged in
         + `404 Not Found` When the target to invite does not exist
 

docs/settings.md

@@ -113,5 +113,6 @@ Legend:
 | `conversations_files`                | string<br>`1` or `0`                                             | `1`        | No   | 🖌️    | Whether the files app integration is enabled allowing to start conversations in the right sidebar                                                                                                                                                                                |
 | `conversations_files_public_shares`  | string<br>`1` or `0`                                             | `1`        | No   | 🖌️    | Whether the public share integration is enabled allowing to start conversations in the right sidebar on the public share page (Requires `conversations_files` also to be enabled)                                                                                                |
 | `enable_matterbridge`                | string<br>`1` or `0`                                             | `0`        | No   | 🖌️    | Whether the Matterbridge integration is enabled and can be configured                                                                                                                                                                                                            |
+| `force_passwords`                    | string<br>`1` or `0`                                             | `0`        | No   | ️      | Whether public chats are forced to use a password                                                                                                                                                                                                                                |
 | `inactivity_lock_after_days`         | int                                                              | `0`        | No   |        | A duration (in days) after which rooms are locked. Calculated from the last activity in the room.                                                                                                                                                                                |
 | `inactivity_enable_lobby`            | string<br>`1` or `0`                                             | `0`        | No   |        | Additionally enable the lobby for inactive rooms so they can only be read by moderators.                                                                                                                                                                                         |

lib/Capabilities.php

@@ -109,6 +109,7 @@ class Capabilities implements IPublicCapability {
 		'talk-polls-drafts',
 		'download-call-participants',
 		'email-csv-import',
+		'conversation-creation-password',
 	];
 
 	public const CONDITIONAL_FEATURES = [
@@ -224,7 +225,8 @@ public function getCapabilities(): array {
 					'summary-threshold' => 100,
 				],
 				'conversations' => [
-					'can-create' => $user instanceof IUser && !$this->talkConfig->isNotAllowedToCreateConversations($user)
+					'can-create' => $user instanceof IUser && !$this->talkConfig->isNotAllowedToCreateConversations($user),
+					'force-passwords' => $this->talkConfig->isPasswordEnforced(),
 				],
 				'federation' => [
 					'enabled' => false,

lib/Config.php

@@ -705,4 +705,8 @@ public function getInactiveLockTime(): int {
 	public function enableLobbyOnLockedRooms(): bool {
 		return $this->appConfig->getAppValueBool('inactivity_enable_lobby');
 	}
+
+	public function isPasswordEnforced(): bool {
+		return $this->appConfig->getAppValueBool('force_passwords');
+	}
 }

lib/Controller/RoomController.php

@@ -502,16 +502,25 @@ protected function formatRoom(Room $room, ?Participant $currentParticipant, ?arr
 	 * @param 'groups'|'circles'|'' $source Source of the invite ID ('circles' to create a room with a circle, etc.)
 	 * @param string $objectType Type of the object
 	 * @param string $objectId ID of the object
-	 * @return DataResponse<Http::STATUS_OK|Http::STATUS_CREATED, TalkRoom, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error?: string}, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_NOT_FOUND, array<empty>, array{}>
+	 * @param string $password The room password (only available with `conversation-creation-password` capability)
+	 * @return DataResponse<Http::STATUS_OK|Http::STATUS_CREATED, TalkRoom, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error?: string, hint?: string}, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_NOT_FOUND, array<empty>, array{}>
 	 *
 	 * 200: Room already existed
 	 * 201: Room created successfully
-	 * 400: Room type invalid
+	 * 400: Room type invalid or missing or invalid password
 	 * 403: Missing permissions to create room
 	 * 404: User, group or other target to invite was not found
 	 */
 	#[NoAdminRequired]
-	public function createRoom(int $roomType, string $invite = '', string $roomName = '', string $source = '', string $objectType = '', string $objectId = ''): DataResponse {
+	public function createRoom(
+		int $roomType,
+		string $invite = '',
+		string $roomName = '',
+		string $source = '',
+		string $objectType = '',
+		string $objectId = '',
+		string $password = '',
+	): DataResponse {
 		if ($roomType !== Room::TYPE_ONE_TO_ONE) {
 			/** @var IUser $user */
 			$user = $this->userManager->get($this->userId);
@@ -533,7 +542,7 @@ public function createRoom(int $roomType, string $invite = '', string $roomName
 				}
 				return $this->createGroupRoom($invite);
 			case Room::TYPE_PUBLIC:
-				return $this->createEmptyRoom($roomName, true, $objectType, $objectId);
+				return $this->createEmptyRoom($roomName, true, $objectType, $objectId, $password);
 		}
 
 		return new DataResponse([], Http::STATUS_BAD_REQUEST);
@@ -645,10 +654,10 @@ protected function createCircleRoom(string $targetCircleId): DataResponse {
 	}
 
 	/**
-	 * @return DataResponse<Http::STATUS_CREATED, TalkRoom, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error?: string}, array{}>|DataResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>
+	 * @return DataResponse<Http::STATUS_CREATED, TalkRoom, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error?: string, hint?: string}, array{}>|DataResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>
 	 */
 	#[NoAdminRequired]
-	protected function createEmptyRoom(string $roomName, bool $public = true, string $objectType = '', string $objectId = ''): DataResponse {
+	protected function createEmptyRoom(string $roomName, bool $public = true, string $objectType = '', string $objectId = '', string $password = ''): DataResponse {
 		$currentUser = $this->userManager->get($this->userId);
 		if (!$currentUser instanceof IUser) {
 			return new DataResponse([], Http::STATUS_NOT_FOUND);
@@ -686,7 +695,9 @@ protected function createEmptyRoom(string $roomName, bool $public = true, string
 
 		// Create the room
 		try {
-			$room = $this->roomService->createConversation($roomType, $roomName, $currentUser, $objectType, $objectId);
+			$room = $this->roomService->createConversation($roomType, $roomName, $currentUser, $objectType, $objectId, $password);
+		} catch (PasswordException $e) {
+			return new DataResponse(['error' => 'password', 'hint' => $e->getHint()], Http::STATUS_BAD_REQUEST);
 		} catch (\InvalidArgumentException $e) {
 			return new DataResponse([], Http::STATUS_BAD_REQUEST);
 		}
@@ -1420,21 +1431,35 @@ public function removeAttendeeFromRoom(int $attendeeId): DataResponse {
 	/**
 	 * Allowed guests to join conversation
 	 *
-	 * @return DataResponse<Http::STATUS_OK, array<empty>, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error: 'breakout-room'|'type'|'value'}, array{}>
+	 * Required capability: `conversation-creation-password` for `string $password` parameter
+	 *
+	 * @param string $password New password (only available with `conversation-creation-password` capability)
+	 * @return DataResponse<Http::STATUS_OK, array<empty>, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error: 'breakout-room'|'type'|'value'|'password', hint?: null|string}, array{}>
 	 *
 	 * 200: Allowed guests successfully
 	 * 400: Allowing guests is not possible
 	 */
 	#[NoAdminRequired]
 	#[RequireLoggedInModeratorParticipant]
-	public function makePublic(): DataResponse {
+	public function makePublic(string $password = ''): DataResponse {
+		if ($this->talkConfig->isPasswordEnforced() && $password === '') {
+			return new DataResponse(['error' => 'password', 'hint' => $this->l10n->t('Password needs to be set')], Http::STATUS_BAD_REQUEST);
+		}
+
 		try {
-			$this->roomService->setType($this->room, Room::TYPE_PUBLIC);
+			if ($password !== '') {
+				$this->roomService->makePublicWithPassword($this->room, $password);
+			} else {
+				$this->roomService->setType($this->room, Room::TYPE_PUBLIC);
+			}
+		} catch (PasswordException $e) {
+			return new DataResponse(['error' => 'password', 'hint' => $e->getHint()], Http::STATUS_BAD_REQUEST);
 		} catch (TypeException $e) {
 			return new DataResponse(['error' => $e->getReason()], Http::STATUS_BAD_REQUEST);
 		}
 
 		return new DataResponse();
+
 	}
 
 	/**

lib/Manager.php

@@ -25,6 +25,7 @@
 use OCP\Comments\IComment;
 use OCP\Comments\ICommentsManager;
 use OCP\Comments\NotFoundException;
+use OCP\DB\Exception;
 use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\ICache;
@@ -1108,7 +1109,7 @@ public function getChangelogRoom(string $userId): Room {
 	 * @param string $objectId
 	 * @return Room
 	 */
-	public function createRoom(int $type, string $name = '', string $objectType = '', string $objectId = ''): Room {
+	public function createRoom(int $type, string $name = '', string $objectType = '', string $objectId = '', string $password = ''): Room {
 		$token = $this->getNewToken();
 
 		$insert = $this->db->getQueryBuilder();
@@ -1118,6 +1119,7 @@ public function createRoom(int $type, string $name = '', string $objectType = ''
 					'name' => $insert->createNamedParameter($name),
 					'type' => $insert->createNamedParameter($type, IQueryBuilder::PARAM_INT),
 					'token' => $insert->createNamedParameter($token),
+					'password' => $insert->createNamedParameter($password),
 				]
 			);
 
@@ -1135,6 +1137,7 @@ public function createRoom(int $type, string $name = '', string $objectType = ''
 			'token' => $token,
 			'object_type' => $objectType,
 			'object_id' => $objectId,
+			'password' => $password
 		]);
 
 		$event = new RoomCreatedEvent($room);
@@ -1409,4 +1412,18 @@ protected function loadLastMessageInfo(IQueryBuilder $query): void {
 		$query->selectAlias('c.expire_date', 'comment_expire_date');
 		$query->selectAlias('c.meta_data', 'comment_meta_data');
 	}
+
+	/**
+	 * @param int $roomId
+	 * @param string $password
+	 * @throws Exception
+	 */
+	public function setPublic(int $roomId, string $password = ''): void {
+		$update = $this->db->getQueryBuilder();
+		$update->update('talk_rooms')
+			->set('type', $update->createNamedParameter(Room::TYPE_PUBLIC, IQueryBuilder::PARAM_INT))
+			->set('password', $update->createNamedParameter($password, IQueryBuilder::PARAM_STR))
+			->where($update->expr()->eq('id', $update->createNamedParameter($roomId, IQueryBuilder::PARAM_INT)));
+		$update->executeStatement();
+	}
 }

lib/ResponseDefinitions.php

@@ -361,6 +361,7 @@
  *         },
  *         conversations: array{
  *             can-create: bool,
+ *     		   force-passwords: bool,
  *         },
  *         federation: array{
  *             enabled: bool,

lib/Service/RoomService.php

@@ -57,6 +57,7 @@
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\HintException;
 use OCP\IDBConnection;
+use OCP\IL10N;
 use OCP\IUser;
 use OCP\Log\Audit\CriticalActionPerformedEvent;
 use OCP\Security\Events\ValidatePasswordPolicyEvent;
@@ -80,6 +81,7 @@ public function __construct(
 		protected IEventDispatcher $dispatcher,
 		protected IJobList $jobList,
 		protected LoggerInterface $logger,
+		protected IL10N $l10n,
 	) {
 	}
 
@@ -127,17 +129,13 @@ public function createOneToOneConversation(IUser $actor, IUser $targetUser): Roo
 	}
 
 	/**
-	 * @param int $type
-	 * @param string $name
-	 * @param IUser|null $owner
-	 * @param string $objectType
-	 * @param string $objectId
 	 * @return Room
 	 * @throws InvalidArgumentException on too long or empty names
 	 * @throws InvalidArgumentException unsupported type
 	 * @throws InvalidArgumentException invalid object data
+	 * @throws PasswordException empty or invalid password
 	 */
-	public function createConversation(int $type, string $name, ?IUser $owner = null, string $objectType = '', string $objectId = ''): Room {
+	public function createConversation(int $type, string $name, ?IUser $owner = null, string $objectType = '', string $objectId = '', string $password = ''): Room {
 		$name = trim($name);
 		if ($name === '' || mb_strlen($name) > 255) {
 			throw new InvalidArgumentException('name');
@@ -167,7 +165,20 @@ public function createConversation(int $type, string $name, ?IUser $owner = null
 			throw new InvalidArgumentException('object');
 		}
 
-		$room = $this->manager->createRoom($type, $name, $objectType, $objectId);
+		if ($type !== Room::TYPE_PUBLIC || !$this->config->isPasswordEnforced()) {
+			$room = $this->manager->createRoom($type, $name, $objectType, $objectId);
+		} elseif ($password === '') {
+			throw new PasswordException(PasswordException::REASON_VALUE, $this->l10n->t('Password needs to be set'));
+		} else {
+			$event = new ValidatePasswordPolicyEvent($password);
+			try {
+				$this->dispatcher->dispatchTyped($event);
+			} catch (HintException $e) {
+				throw new PasswordException(PasswordException::REASON_VALUE, $e->getHint());
+			}
+			$passwordHash = $this->hasher->hash($password);
+			$room = $this->manager->createRoom($type, $name, $objectType, $objectId, $passwordHash);
+		}
 
 		if ($owner instanceof IUser) {
 			$this->participantService->addUsers($room, [[
@@ -177,8 +188,8 @@ public function createConversation(int $type, string $name, ?IUser $owner = null
 				'participantType' => Participant::OWNER,
 			]], null);
 		}
-
 		return $room;
+
 	}
 
 	public function prepareConversationName(string $objectName): string {
@@ -545,6 +556,44 @@ public function setType(Room $room, int $newType, bool $allowSwitchingOneToOne =
 		$this->dispatcher->dispatchTyped($event);
 	}
 
+	/**
+	 * @throws PasswordException|TypeException
+	 */
+	public function makePublicWithPassword(Room $room, string $password): void {
+		if ($room->getType() === Room::TYPE_PUBLIC) {
+			return;
+		}
+
+		if ($room->getType() !== Room::TYPE_GROUP) {
+			throw new TypeException(TypeException::REASON_TYPE);
+		}
+
+		if ($password === '') {
+			throw new PasswordException(PasswordException::REASON_VALUE, $this->l10n->t('Password needs to be set'));
+		}
+
+		$event = new ValidatePasswordPolicyEvent($password);
+		try {
+			$this->dispatcher->dispatchTyped($event);
+		} catch (HintException $e) {
+			throw new PasswordException(PasswordException::REASON_VALUE, $e->getHint());
+		}
+
+		$event = new BeforeRoomModifiedEvent($room, ARoomModifiedEvent::PROPERTY_TYPE, Room::TYPE_PUBLIC, $room->getType());
+		$this->dispatcher->dispatchTyped($event);
+		$event = new BeforeRoomModifiedEvent($room, ARoomModifiedEvent::PROPERTY_PASSWORD, $password);
+		$this->dispatcher->dispatchTyped($event);
+
+		$passwordHash = $this->hasher->hash($password);
+		$this->manager->setPublic($room->getId(), $passwordHash);
+		$room->setType(Room::TYPE_PUBLIC);
+
+		$event = new RoomModifiedEvent($room, ARoomModifiedEvent::PROPERTY_TYPE, Room::TYPE_PUBLIC, $room->getType());
+		$this->dispatcher->dispatchTyped($event);
+		$event = new RoomModifiedEvent($room, ARoomModifiedEvent::PROPERTY_PASSWORD, $password);
+		$this->dispatcher->dispatchTyped($event);
+	}
+
 	/**
 	 * @param Room $room
 	 * @param int $newState Currently it is only allowed to change between
@@ -1221,4 +1270,42 @@ public function deleteRoom(Room $room): void {
 	public function getInactiveRooms(\DateTime $inactiveSince): array {
 		return $this->manager->getInactiveRooms($inactiveSince);
 	}
+
+	/**
+	 * @param Room $room
+	 * @param int $oldType
+	 * @param int $newType
+	 * @param bool $allowSwitchingOneToOne
+	 * @return void
+	 */
+	public function validateRoomTypeSwitch(Room $room, int $oldType, int $newType, bool $allowSwitchingOneToOne): void {
+		if (!$allowSwitchingOneToOne && $oldType === Room::TYPE_ONE_TO_ONE) {
+			throw new TypeException(TypeException::REASON_TYPE);
+		}
+
+		if ($oldType === Room::TYPE_ONE_TO_ONE_FORMER) {
+			throw new TypeException(TypeException::REASON_TYPE);
+		}
+
+		if ($oldType === Room::TYPE_NOTE_TO_SELF) {
+			throw new TypeException(TypeException::REASON_TYPE);
+		}
+
+		if (!in_array($newType, [Room::TYPE_GROUP, Room::TYPE_PUBLIC, Room::TYPE_ONE_TO_ONE_FORMER], true)) {
+			throw new TypeException(TypeException::REASON_VALUE);
+		}
+
+		if ($newType === Room::TYPE_ONE_TO_ONE_FORMER && $oldType !== Room::TYPE_ONE_TO_ONE) {
+			throw new TypeException(TypeException::REASON_VALUE);
+		}
+
+		if ($room->getBreakoutRoomMode() !== BreakoutRoom::MODE_NOT_CONFIGURED) {
+			throw new TypeException(TypeException::REASON_BREAKOUT_ROOM);
+		}
+
+		if ($room->getObjectType() === BreakoutRoom::PARENT_OBJECT_TYPE) {
+			throw new TypeException(TypeException::REASON_BREAKOUT_ROOM);
+		}
+	}
+
 }