mirror of
https://github.com/vector-im/hydrogen-web.git
synced 2024-12-23 03:25:12 +01:00
when tracking room, check roomId isn't on user we shouldn't share with
This commit is contained in:
parent
860f435855
commit
31579b4945
@ -120,6 +120,7 @@ export class DeviceTracker {
|
|||||||
const txn = await this._storage.readWriteTxn([
|
const txn = await this._storage.readWriteTxn([
|
||||||
this._storage.storeNames.roomSummary,
|
this._storage.storeNames.roomSummary,
|
||||||
this._storage.storeNames.userIdentities,
|
this._storage.storeNames.userIdentities,
|
||||||
|
this._storage.storeNames.deviceIdentities, // to remove all devices in _removeRoomFromUserIdentity
|
||||||
]);
|
]);
|
||||||
try {
|
try {
|
||||||
let isTrackingChanges;
|
let isTrackingChanges;
|
||||||
@ -127,9 +128,13 @@ export class DeviceTracker {
|
|||||||
isTrackingChanges = room.writeIsTrackingMembers(true, txn);
|
isTrackingChanges = room.writeIsTrackingMembers(true, txn);
|
||||||
const members = Array.from(memberList.members.values());
|
const members = Array.from(memberList.members.values());
|
||||||
log.set("members", members.length);
|
log.set("members", members.length);
|
||||||
|
// TODO: should we remove any userIdentities we should not share the key with??
|
||||||
|
// e.g. as an extra security measure if we had a mistake in other code?
|
||||||
await Promise.all(members.map(async member => {
|
await Promise.all(members.map(async member => {
|
||||||
if (shouldShareKey(member.membership, historyVisibility)) {
|
if (shouldShareKey(member.membership, historyVisibility)) {
|
||||||
await this._addRoomToUserIdentity(member.roomId, member.userId, txn);
|
await this._addRoomToUserIdentity(member.roomId, member.userId, txn);
|
||||||
|
} else {
|
||||||
|
await this._removeRoomFromUserIdentity(member.roomId, member.userId, txn);
|
||||||
}
|
}
|
||||||
}));
|
}));
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
|
Loading…
Reference in New Issue
Block a user