[FIX] Anonymous chat read (#14717)

* Prevent errors when allowing anonymous read * getSingleMessage for anonymous users * Fix register user when allow read and write anonymous is enabled * Fix anonymous with sidebar extended as default Co-authored-by: ubergeekzone <ubergeekzone@gmail.com>
7 years ago · d7a99685f9
parent 0dec9891ee
commit d7a99685f9
7 changed files with 17 additions and 12 deletions
--- a/app/emoji/client/emojiPicker.js
+++ b/app/emoji/client/emojiPicker.js
@ -13,7 +13,7 @@ const getEmojiElement = (emoji, image) => image && `<li class="emoji-${ emoji }

 const createEmojiList = (category, actualTone) => {
 	const html = Object.values(emoji.packages).map((emojiPackage) => {
-		if (!emojiPackage.emojisByCategory[category]) {
+		if (!emojiPackage.emojisByCategory || !emojiPackage.emojisByCategory[category]) {
 			return;
 		}

--- a/app/lib/server/methods/getSingleMessage.js
+++ b/app/lib/server/methods/getSingleMessage.js
@ -7,10 +7,6 @@ Meteor.methods({
 	getSingleMessage(msgId) {
 		check(msgId, String);

-		if (!Meteor.userId()) {
-			throw new Meteor.Error('error-invalid-user', 'Invalid user', { method: 'getSingleMessage' });
-		}
-
 		const msg = Messages.findOneById(msgId);

 		if (!msg || !msg.rid) {
--- a/app/ui-master/client/main.js
+++ b/app/ui-master/client/main.js
@ -184,7 +184,7 @@ Template.main.helpers({
 	hasUsername() {
 		const uid = Meteor.userId();
 		const user = uid && Users.findOne({ _id: uid }, { fields: { username: 1 } });
-		return (user && user.username) || settings.get('Accounts_AllowAnonymousRead');
+		return (user && user.username) || (!uid && settings.get('Accounts_AllowAnonymousRead'));
 	},
 	requirePasswordChange() {
 		const user = Meteor.user();
@ -194,7 +194,7 @@ Template.main.helpers({
 		const user = Meteor.user();

 		// User is already using 2fa
-		if (user.services.totp !== undefined && user.services.totp.enabled) {
+		if (!user || (user.services.totp !== undefined && user.services.totp.enabled)) {
 			return false;
 		}

--- a/app/ui-sidenav/client/roomList.js
+++ b/app/ui-sidenav/client/roomList.js
@ -125,6 +125,9 @@ Template.roomList.helpers({

 	noSubscriptionText() {
 		const instance = Template.instance();
+		if (instance.data.anonymous) {
+			return 'No_channels_yet';
+		}
 		return roomTypes.roomTypes[instance.data.identifier].getUiText(UiTextContext.NO_ROOMS_SUBSCRIBED) || 'No_channels_yet';
 	},

--- a/app/ui-sidenav/client/sidebarItem.js
+++ b/app/ui-sidenav/client/sidebarItem.js
@ -75,8 +75,6 @@ Template.sidebarItem.onCreated(function() {
 	this.lastMessageTs = new ReactiveVar();
 	this.timeAgoInterval;

-	// console.log('sidebarItem.onCreated');
-
 	this.autorun(() => {
 		const currentData = Template.currentData();

@ -98,7 +96,7 @@ Template.sidebarItem.onCreated(function() {

 		const otherUser = settings.get('UI_Use_Real_Name') ? currentData.lastMessage.u.name || currentData.lastMessage.u.username : currentData.lastMessage.u.username;
 		const renderedMessage = renderMessageBody(currentData.lastMessage).replace(/<br\s?\\?>/g, ' ');
-		const sender = this.user._id === currentData.lastMessage.u._id ? t('You') : otherUser;
+		const sender = this.user && this.user._id === currentData.lastMessage.u._id ? t('You') : otherUser;

 		if (currentData.t === 'd' && Meteor.userId() !== currentData.lastMessage.u._id) {
 			this.renderedMessage = currentData.lastMessage.msg === '' ? t('Sent_an_attachment') : renderedMessage;
--- a/app/ui-utils/client/lib/messageContext.js
+++ b/app/ui-utils/client/lib/messageContext.js
@ -10,7 +10,7 @@ import { AutoTranslate } from '../../../autotranslate/client';
 export function messageContext({ rid } = Template.instance()) {
 	const uid = Meteor.userId();
 	return {
-		u: Users.findOne({ _id: uid }, { fields: { name: 1, username: 1 } }),
+		u: Users.findOne({ _id: uid }, { fields: { name: 1, username: 1 } }) || {},
 		room: Rooms.findOne({ _id: rid }, {
 			reactive: false,
 			fields: {
--- a/server/methods/browseChannels.js
+++ b/server/methods/browseChannels.js
@ -5,6 +5,7 @@ import s from 'underscore.string';
 import { hasPermission } from '../../app/authorization';
 import { Rooms, Users } from '../../app/models';
 import { Federation } from '../../app/federation/server';
+import { settings } from '../../app/settings/server';

 const sortChannels = function(field, direction) {
 	switch (field) {
@ -57,11 +58,13 @@ Meteor.methods({
 			limit,
 		};

+		const canViewAnonymous = settings.get('Accounts_AllowAnonymousRead') === true;
+
 		const user = Meteor.user();

 		if (type === 'channels') {
 			const sort = sortChannels(sortBy, sortDirection);
-			if (!hasPermission(user._id, 'view-c-room')) {
+			if ((!user && !canViewAnonymous) || (user && !hasPermission(user._id, 'view-c-room'))) {
 				return;
 			}

@ -85,6 +88,11 @@ Meteor.methods({
 			};
 		}

+		// non-logged id user
+		if (!user) {
+			return;
+		}
+
 		// type === users
 		if (!hasPermission(user._id, 'view-outside-room') || !hasPermission(user._id, 'view-d-room')) {
 			return;