Implement Room Privacy Modes

cmd/server/main.go

@@ -34,6 +34,7 @@ import (
 	"github.com/ssb-ngi-pointer/go-ssb-room/internal/network"
 	"github.com/ssb-ngi-pointer/go-ssb-room/internal/repo"
 	"github.com/ssb-ngi-pointer/go-ssb-room/internal/signinwithssb"
+	"github.com/ssb-ngi-pointer/go-ssb-room/roomdb"
 	"github.com/ssb-ngi-pointer/go-ssb-room/roomdb/sqlite"
 	"github.com/ssb-ngi-pointer/go-ssb-room/roomsrv"
 	mksrv "github.com/ssb-ngi-pointer/go-ssb-room/roomsrv"
@@ -53,6 +54,8 @@ var (
 	logToFile       string
 	repoDir         string
 
+	privacyMode = roomdb.ModeUnknown
+
 	// helper
 	log kitlog.Logger
 
@@ -101,6 +104,16 @@ func initFlags() {
 
 	flag.BoolVar(&flagPrintVersion, "version", false, "print version number and build date")
 
+	flag.Func("mode", "the privacy mode (values: open, community, restricted) determining room access controls", func(val string) error {
+		pm := roomdb.ParsePrivacyMode(val)
+		err := pm.IsValid()
+		if err != nil {
+			return fmt.Errorf("%s, valid values are open, community, restricted", err)
+		}
+		privacyMode = pm
+		return nil
+	})
+
 	flag.Parse()
 
 	if logToFile != "" {
@@ -201,20 +214,25 @@ func runroomsrv() error {
 
 	r := repo.New(repoDir)
 
-	// open the sqlite version of the admindb
+	// open the sqlite version of the roomdb
 	db, err := sqlite.Open(r)
 	if err != nil {
 		return fmt.Errorf("failed to initiate database: %w", err)
 	}
 
 	bridge := signinwithssb.NewSignalBridge()
+	// the privacy mode flag was passed => update it in the database
+	if privacyMode != roomdb.ModeUnknown {
+		db.Config.SetPrivacyMode(ctx, privacyMode)
+	}
 
 	// create the shs+muxrpc server
 	roomsrv, err := mksrv.New(
 		db.Members,
 		db.Aliases,
 		db.AuthWithSSB,
 		bridge,
+		db.Config,
 		httpsDomain,
 		opts...)
 	if err != nil {
@@ -264,6 +282,7 @@ func runroomsrv() error {
 			Aliases:       db.Aliases,
 			AuthFallback:  db.AuthFallback,
 			AuthWithSSB:   db.AuthWithSSB,
+			Config:        db.Config,
 			DeniedKeys:    db.DeniedKeys,
 			Invites:       db.Invites,
 			Notices:       db.Notices,

muxrpc/handlers/tunnel/server/plugin.go

@@ -7,6 +7,7 @@ import (
 	"go.cryptoscope.co/muxrpc/v2"
 	"go.cryptoscope.co/muxrpc/v2/typemux"
 
+	"github.com/ssb-ngi-pointer/go-ssb-room/roomdb"
 	"github.com/ssb-ngi-pointer/go-ssb-room/roomstate"
 	refs "go.mindeco.de/ssb-refs"
 )
@@ -22,11 +23,13 @@ import (
 }
 */
 
-func New(log kitlog.Logger, self refs.FeedRef, m *roomstate.Manager) *Handler {
+func New(log kitlog.Logger, self refs.FeedRef, m *roomstate.Manager, members roomdb.MembersService, config roomdb.RoomConfig) *Handler {
 	var h = new(Handler)
 	h.self = self
 	h.logger = log
 	h.state = m
+	h.members = members
+	h.config = config
 
 	return h
 }

muxrpc/handlers/tunnel/server/state.go

@@ -5,9 +5,11 @@ package server
 import (
 	"context"
 	"encoding/json"
+	"fmt"
 	"time"
 
 	"github.com/ssb-ngi-pointer/go-ssb-room/internal/network"
+	"github.com/ssb-ngi-pointer/go-ssb-room/roomdb"
 	"github.com/ssb-ngi-pointer/go-ssb-room/roomstate"
 	refs "go.mindeco.de/ssb-refs"
 
@@ -20,7 +22,9 @@ type Handler struct {
 	logger kitlog.Logger
 	self   refs.FeedRef
 
-	state *roomstate.Manager
+	state   *roomstate.Manager
+	members roomdb.MembersService
+	config  roomdb.RoomConfig
 }
 
 func (h *Handler) isRoom(context.Context, *muxrpc.Request) (interface{}, error) {
@@ -57,7 +61,7 @@ func (h *Handler) leave(_ context.Context, req *muxrpc.Request) (interface{}, er
 	return false, nil
 }
 
-func (h *Handler) endpoints(_ context.Context, req *muxrpc.Request, snk *muxrpc.ByteSink) error {
+func (h *Handler) endpoints(ctx context.Context, req *muxrpc.Request, snk *muxrpc.ByteSink) error {
 	level.Debug(h.logger).Log("called", "endpoints")
 
 	toPeer := newForwarder(snk)
@@ -70,6 +74,21 @@ func (h *Handler) endpoints(_ context.Context, req *muxrpc.Request, snk *muxrpc.
 		return err
 	}
 
+	pm, err := h.config.GetPrivacyMode(ctx)
+	if err != nil {
+		return fmt.Errorf("running with unknown privacy mode")
+	}
+
+	switch pm {
+	case roomdb.ModeCommunity:
+		fallthrough
+	case roomdb.ModeRestricted:
+		_, err := h.members.GetByFeed(ctx, *ref)
+		if err != nil {
+			return fmt.Errorf("external user are not allowed to enumerate members")
+		}
+	}
+
 	has := h.state.AlreadyAdded(*ref, req.Endpoint())
 	if !has {
 		// just send the current state to the new peer

muxrpc/test/go/utils_test.go

@@ -90,7 +90,7 @@ func makeNamedTestBot(t testing.TB, name string, opts []roomsrv.Option) (roomdb.
 		}
 	})
 	sb := signinwithssb.NewSignalBridge()
-	theBot, err := roomsrv.New(db.Members, db.Aliases, db.AuthWithSSB, sb, name, botOptions...)
+	theBot, err := roomsrv.New(db.Members, db.Aliases, db.AuthWithSSB, sb, db.Config, name, botOptions...)
 	r.NoError(err)
 	return db.Members, theBot
 }

muxrpc/test/nodejs/setup_test.go

@@ -123,7 +123,9 @@ func (ts *testSession) startGoServer(
 	sb := signinwithssb.NewSignalBridge()
 	authSessionsDB := new(mockdb.FakeAuthWithSSBService)
 
-	srv, err := roomsrv.New(membersDB, aliasDB, authSessionsDB, sb, "go.test.room.server", opts...)
+	fakeConfig := new(mockdb.FakeRoomConfig)
+
+	srv, err := roomsrv.New(membersDB, aliasDB, authSessionsDB, sb, fakeConfig, "go.test.room.server", opts...)
 	r.NoError(err, "failed to init tees a server")
 	ts.t.Logf("go server: %s", srv.Whoami().Ref())
 	ts.t.Cleanup(func() {

roomdb/interface.go

@@ -17,6 +17,11 @@ import (
 	refs "go.mindeco.de/ssb-refs"
 )
 
+type RoomConfig interface {
+	GetPrivacyMode(context.Context) (PrivacyMode, error)
+	SetPrivacyMode(context.Context, PrivacyMode) error
+}
+
 // AuthFallbackService allows password authentication which might be helpful for scenarios
 // where one lost access to his ssb device or key.
 type AuthFallbackService interface {
@@ -196,3 +201,5 @@ type NoticesService interface {
 //go:generate go run github.com/maxbrunsfeld/counterfeiter/v6 -o mockdb/members.go . MembersService
 
 //go:generate go run github.com/maxbrunsfeld/counterfeiter/v6 -o mockdb/pages.go . NoticesService
+
+//go:generate go run github.com/maxbrunsfeld/counterfeiter/v6 -o mockdb/roomconfig.go . RoomConfig