diff options
-rw-r--r-- | lib/Service/ParticipantService.php | 13 | ||||
-rw-r--r-- | tests/integration/features/conversation/join-listable.feature | 15 |
2 files changed, 21 insertions, 7 deletions
diff --git a/lib/Service/ParticipantService.php b/lib/Service/ParticipantService.php index da15b56ed..d11bf996e 100644 --- a/lib/Service/ParticipantService.php +++ b/lib/Service/ParticipantService.php @@ -260,17 +260,16 @@ class ParticipantService { try { $attendee = $this->attendeeMapper->findByActor($room->getId(), Attendee::ACTOR_USERS, $user->getUID()); } catch (DoesNotExistException $e) { - if (!$event->getPassedPasswordProtection() && !$room->verifyPassword($password)['result']) { - throw new InvalidPasswordException('Provided password is invalid'); - } - // queried here to avoid loop deps $manager = \OC::$server->get(\OCA\Talk\Manager::class); + $isListableByUser = $manager->isRoomListableByUser($room, $user->getUID()); + + if (!$isListableByUser && !$event->getPassedPasswordProtection() && !$room->verifyPassword($password)['result']) { + throw new InvalidPasswordException('Provided password is invalid'); + } // User joining a group or public call through listing - if (($room->getType() === Room::TYPE_GROUP || $room->getType() === Room::TYPE_PUBLIC) && - $manager->isRoomListableByUser($room, $user->getUID()) - ) { + if (($room->getType() === Room::TYPE_GROUP || $room->getType() === Room::TYPE_PUBLIC) && $isListableByUser) { $this->addUsers($room, [[ 'actorType' => Attendee::ACTOR_USERS, 'actorId' => $user->getUID(), diff --git a/tests/integration/features/conversation/join-listable.feature b/tests/integration/features/conversation/join-listable.feature index d78f222c2..9200263c2 100644 --- a/tests/integration/features/conversation/join-listable.feature +++ b/tests/integration/features/conversation/join-listable.feature @@ -95,3 +95,18 @@ Feature: conversation/join-listable | regular-user | USER | users | | user-guest@example.com | USER | users | | "guest" | GUEST | guests | + + # ----------------------------------------------------------------------------- + # Join listed conversation which has a password + # ----------------------------------------------------------------------------- + Scenario: Only users with accounts can join an all-listed group room + Given user "creator" creates room "room" (v4) + | roomType | 3 | + | roomName | room | + When user "creator" sets password "foobar" for room "room" with 200 (v4) + And user "creator" allows listing room "room" for "all" with 200 (v4) + When user "regular-user" joins room "room" with 200 (v4) + Then user "creator" sees the following attendees in room "room" with 200 (v4) + | actorId | participantType | actorType | + | creator | OWNER | users | + | regular-user | USER | users | |