Merge pull request #235 from threema-ch/issue-231

Make it impossible to open or edit own contact.

This PR also excludes the admin from the list of group members.

Fixes #231, obsoletes #232 and #233.

src/controller_model/contact.ts

@@ -69,6 +69,7 @@ export class ContactControllerModel implements threema.ControllerModel {
                 break;
 
             case ControllerModelMode.VIEW:
+            case ControllerModelMode.CHAT:
                 this.subject = this.contact.displayName;
                 this.access = this.contact.access;
                 break;
@@ -79,7 +80,6 @@ export class ContactControllerModel implements threema.ControllerModel {
 
             default:
                 $log.error('Invalid controller model mode: ', this.getMode());
-
         }
     }
 
@@ -99,6 +99,10 @@ export class ContactControllerModel implements threema.ControllerModel {
         return this.identity !== undefined && this.identity.length === 8;
     }
 
+    public canView(): boolean {
+        return this.contact.id !== this.webClientService.me.id;
+    }
+
     public canEdit(): boolean {
         return this.access !== undefined && (
             this.access.canChangeAvatar === true

src/controller_model/distributionList.ts

@@ -57,6 +57,7 @@ export class DistributionListControllerModel implements threema.ControllerModel
                 break;
 
             case ControllerModelMode.VIEW:
+            case ControllerModelMode.CHAT:
                 this.subject = this.distributionList.displayName;
                 this.members = this.distributionList.members;
                 break;
@@ -85,6 +86,10 @@ export class DistributionListControllerModel implements threema.ControllerModel
             }).length > 0;
     }
 
+    public canView(): boolean {
+        return true;
+    }
+
     public canEdit(): boolean {
         // a distribution list can always be edited
         return true;

src/controller_model/group.ts

@@ -62,6 +62,7 @@ export class GroupControllerModel implements threema.ControllerModel {
                 break;
 
             case ControllerModelMode.VIEW:
+            case ControllerModelMode.CHAT:
                 this.subject = this.group.displayName;
                 this.members = this.group.members;
                 break;
@@ -93,6 +94,10 @@ export class GroupControllerModel implements threema.ControllerModel {
             }).length > 0;
     }
 
+    public canView(): boolean {
+        return true;
+    }
+
     public canEdit(): boolean {
         return this.group.access !== undefined && (
                 this.group.access.canChangeAvatar === true

src/partials/messenger.receiver/group.html

@@ -15,7 +15,9 @@
 			<md-card-content>
 				<eee-contact-badge
 						eee-identity="ctrl.receiver.administrator"
-						eee-linked="true"></eee-contact-badge>
+						eee-linked="ctrl.receiver.administrator != ctrl.me.id"
+                        ng-class="{'linked': ctrl.receiver.administrator != ctrl.me.id}">
+                </eee-contact-badge>
 			</md-card-content>
 
 			<md-card-title>
@@ -25,10 +27,12 @@
 			</md-card-title>
 			<md-card-content>
 				<ul class="member-list">
-					<li ng-repeat="memberIdentity in ctrl.receiver.members">
+					<li ng-repeat="memberIdentity in ctrl.receiver.members" ng-if="memberIdentity != ctrl.receiver.administrator">
 						<eee-contact-badge
 								eee-identity="memberIdentity"
-								eee-linked="true"></eee-contact-badge>
+								eee-linked="memberIdentity != ctrl.me.id"
+                                ng-class="{'linked': memberIdentity != ctrl.me.id}">
+                        </eee-contact-badge>
 					</li>
 				</ul>
 
@@ -51,4 +55,4 @@
 			</section>
 		</md-card-content>
 	</md-card>
-</div>
+</div>

src/partials/messenger.ts

@@ -158,6 +158,7 @@ class SettingsController {
 
 class ConversationController {
     public name = 'navigation';
+    private logTag: string = '[ConversationController]';
 
     // Angular services
     private $stateParams;
@@ -176,6 +177,9 @@ class ConversationController {
     private $mdDialog: ng.material.IDialogService;
     private $mdToast: ng.material.IToastService;
 
+    // Controller model
+    private controllerModel: threema.ControllerModel;
+
     // DOM Elements
     private domChatElement: HTMLElement;
 
@@ -210,6 +214,7 @@ class ConversationController {
         '$stateParams', '$state', '$timeout', '$log', '$scope', '$rootScope',
         '$mdDialog', '$mdToast', '$location', '$translate',
         'WebClientService', 'StateService', 'ReceiverService', 'MimeService', 'VersionService',
+        'ControllerModelService',
     ];
     constructor($stateParams: threema.ConversationStateParams,
                 $state: ng.ui.IStateService,
@@ -225,7 +230,8 @@ class ConversationController {
                 stateService: StateService,
                 receiverService: ReceiverService,
                 mimeService: MimeService,
-                versionService: VersionService) {
+                versionService: VersionService,
+                controllerModelService: ControllerModelService) {
         this.$stateParams = $stateParams;
         this.$timeout = $timeout;
         this.$log = $log;
@@ -282,6 +288,39 @@ class ConversationController {
                 this.receiver.type = this.type;
             }
 
+            // Initialize controller model
+            const mode = ControllerModelMode.CHAT;
+            switch (this.receiver.type) {
+                case 'me':
+                    $log.warn(this.logTag, 'Cannot chat with own contact');
+                    $state.go('messenger.home');
+                    return;
+                case 'contact':
+                    this.controllerModel = controllerModelService.contact(
+                        this.receiver as threema.ContactReceiver, mode);
+                    break;
+                case 'group':
+                    this.controllerModel = controllerModelService.group(
+                        this.receiver as threema.GroupReceiver, mode);
+                    break;
+                case 'distributionList':
+                    this.controllerModel = controllerModelService.distributionList(
+                        this.receiver as threema.DistributionListReceiver, mode);
+                    break;
+                default:
+                    $log.error(this.logTag, 'Cannot initialize controller model:',
+                        'Invalid receiver type "' + this.receiver.type + '"');
+                    $state.go('messenger.home');
+                    return;
+            }
+
+            // Check if this receiver may be viewed
+            if (this.controllerModel.canView() === false) {
+                $log.warn(this.logTag, 'Cannot view this receiver, redirecting to home');
+                $state.go('messenger.home');
+                return;
+            }
+
             // initial set locked state
             this.locked = this.receiver.locked;
 
@@ -882,10 +921,12 @@ class MessengerController {
 }
 
 class ReceiverDetailController {
+    private logTag: string = '[ReceiverDetailController]';
 
     public $mdDialog: any;
     public $state: ng.ui.IStateService;
     public receiver: threema.Receiver;
+    public me: threema.MeReceiver;
     public title: string;
     public fingerPrint?: string;
     private fingerPrintService: FingerPrintService;
@@ -913,6 +954,7 @@ class ReceiverDetailController {
         this.contactService = contactService;
 
         this.receiver = webClientService.receivers.getData($stateParams);
+        this.me = webClientService.me;
 
         // Append members
         if (this.receiver.type === 'contact') {
@@ -948,6 +990,10 @@ class ReceiverDetailController {
         }
 
         switch (this.receiver.type) {
+            case 'me':
+                $log.warn(this.logTag, 'Cannot view own contact');
+                $state.go('messenger.home');
+                return;
             case 'contact':
                 this.controllerModel = controllerModelService
                     .contact(this.receiver as threema.ContactReceiver, ControllerModelMode.VIEW);
@@ -961,13 +1007,23 @@ class ReceiverDetailController {
                     .distributionList(this.receiver as threema.DistributionListReceiver, ControllerModelMode.VIEW);
                 break;
             default:
-                $log.warn('Invalid receiver type:', this.receiver.type);
+                $log.error(this.logTag, 'Cannot initialize controller model:',
+                    'Invalid receiver type "' + this.receiver.type + '"');
+                $state.go('messenger.home');
+                return;
+        }
+
+        // If this receiver may not be viewed, navigate to "home" view
+        if (this.controllerModel.canView() === false) {
+            $log.warn(this.logTag, 'Cannot view this receiver, redirecting to home');
+            this.$state.go('messenger.home');
+            return;
         }
 
-        // if this receiver was removed, navigation to "home" view
+        // If this receiver is removed, navigate to "home" view
         this.controllerModel.setOnRemoved((receiverId: string) => {
-            // go "home"
-            this.$state.go('messenger.home', null, {location: 'replace'});
+            $log.warn(this.logTag, 'Receiver removed, redirecting to home');
+            this.$state.go('messenger.home');
         });
 
     }
@@ -1002,6 +1058,8 @@ class ReceiverDetailController {
  * fields, validate and save routines are implemented in the specific ControllerModel
  */
 class ReceiverEditController {
+    private logTag: string = '[ReceiverEditController]';
+
     public $mdDialog: any;
     public $state: ng.ui.IStateService;
     private $translate: ng.translate.ITranslateService;
@@ -1028,8 +1086,11 @@ class ReceiverEditController {
         this.$translate = $translate;
 
         const receiver = webClientService.receivers.getData($stateParams);
-
         switch (receiver.type) {
+            case 'me':
+                $log.warn(this.logTag, 'Cannot edit own contact');
+                $state.go('messenger.home');
+                return;
             case 'contact':
                 this.controllerModel = controllerModelService.contact(
                     receiver as threema.ContactReceiver,
@@ -1049,10 +1110,21 @@ class ReceiverEditController {
                 );
                 break;
             default:
-                $log.warn('Invalid receiver type:', receiver.type);
+                $log.error(this.logTag, 'Cannot initialize controller model:',
+                    'Invalid receiver type "' + receiver.type + '"');
+                $state.go('messenger.home');
+                return;
         }
-        this.execute = new ExecuteService($log, $timeout, 1000);
         this.type = receiver.type;
+
+        // If this receiver may not be viewed, navigate to "home" view
+        if (this.controllerModel.canView() === false) {
+            $log.warn(this.logTag, 'Cannot view this receiver, redirecting to home');
+            this.$state.go('messenger.home');
+            return;
+        }
+
+        this.execute = new ExecuteService($log, $timeout, 1000);
     }
 
     public save(): void {
@@ -1071,7 +1143,8 @@ class ReceiverEditController {
     }
 
     public isSaving(): boolean {
-        return this.execute.isRunning();
+        return this.execute !== undefined
+            && this.execute.isRunning();
     }
 
     public showError(errorCode): void {
@@ -1093,8 +1166,8 @@ class ReceiverEditController {
  * fields, validate and save routines are implemented in the specific ControllerModel
  */
 class ReceiverCreateController {
-    public static $inject = ['$stateParams', '$mdDialog', '$mdToast', '$translate',
-        '$timeout', '$state', '$log', 'ControllerModelService'];
+    private logTag: string = '[ReceiverEditController]';
+
     public $mdDialog: any;
     private loading = false;
     private $timeout: ng.ITimeoutService;
@@ -1108,6 +1181,8 @@ class ReceiverCreateController {
 
     public controllerModel: threema.ControllerModel;
 
+    public static $inject = ['$stateParams', '$mdDialog', '$mdToast', '$translate',
+        '$timeout', '$state', '$log', 'ControllerModelService'];
     constructor($stateParams: threema.CreateReceiverStateParams, $mdDialog, $mdToast, $translate,
                 $timeout: ng.ITimeoutService, $state: ng.ui.IStateService, $log: ng.ILogService,
                 controllerModelService: ControllerModelService) {
@@ -1119,8 +1194,11 @@ class ReceiverCreateController {
         this.$translate = $translate;
 
         this.type = $stateParams.type;
-
         switch (this.type) {
+            case 'me':
+                $log.warn(this.logTag, 'Cannot create own contact');
+                $state.go('messenger.home');
+                return;
             case 'contact':
                 this.controllerModel = controllerModelService.contact(null, ControllerModelMode.NEW);
                 if ($stateParams.initParams !== null) {

src/sass/components/_receiver_badge.scss

@@ -11,7 +11,6 @@
   }
 }
 .receiver-badge {
-  @include mouse-hand;
   display: flex;
   flex-direction: row;
   align-items: center !important;
@@ -56,4 +55,8 @@
       color: #757575;
     }
   }
-}
+}
+
+.linked .receiver-badge {
+    @include mouse-hand;
+}

src/threema.d.ts

@@ -366,6 +366,7 @@ declare namespace threema {
         isLoading: boolean;
         save(): any;
         isValid(): boolean;
+        canView(): boolean;
         canEdit(): boolean;
         getMode(): number;
         setOnRemoved(callback: any): void;

src/types/enums.ts

@@ -19,4 +19,5 @@ export enum ControllerModelMode {
     NEW = 1,
     VIEW = 2,
     EDIT = 3,
+    CHAT = 4,
 }