matrix-org · uhoreg · Sep 6, 2024 · Sep 5, 2024 · Sep 5, 2024 · Sep 5, 2024
@@ -120,50 +120,95 @@ impl From<matrix_sdk_crypto::types::EventEncryptionAlgorithm> for EncryptionAlgo
 /// Strategy to collect the devices that should receive room keys for the
 /// current discussion.
 #[wasm_bindgen()]
-#[derive(Debug, Clone, PartialEq, Eq)]
-pub enum CollectStrategy {
-    /// Device based sharing strategy, excluding devices that are not trusted.
-    /// A device is trusted if any of the following is true:
+#[derive(Debug, Clone, PartialEq)]
+pub struct CollectStrategy {
+    inner: matrix_sdk_crypto::CollectStrategy,
+}
+
+#[wasm_bindgen]
+impl CollectStrategy {
+    /// Tests for equality between two [`CollecStrategy`]s.
+    #[wasm_bindgen]
+    pub fn eq(&self, other: &CollectStrategy) -> bool {
+        self == other
+    }
+}
+
+impl From<CollectStrategy> for matrix_sdk_crypto::CollectStrategy {
+    fn from(value: CollectStrategy) -> Self {
+        value.inner
+    }
+}
+
+impl From<matrix_sdk_crypto::CollectStrategy> for CollectStrategy {
+    fn from(value: matrix_sdk_crypto::CollectStrategy) -> Self {
+        Self { inner: value }
+    }
+}
+
+#[wasm_bindgen]
+impl CollectStrategy {
+    /// Device based sharing strategy.
+    ///
+    /// If `only_allow_trusted_devices` is `true`, devices that are not trusted
+    /// will be excluded from the conversation. A device is trusted if any of
+    /// the following is true:
     ///     - It was manually marked as trusted.
     ///     - It was marked as verified via interactive verification.
     ///     - It is signed by its owner identity, and this identity has been
     ///       trusted via interactive verification.
     ///     - It is the current own device of the user.
-    DeviceBasedStrategyOnlyTrustedDevices,
-    /// Device based sharing strategy, including all devices.
-    DeviceBasedStrategyAllDevices,
+    ///
+    /// If `error_on_verified_user` is `true`, and a verified user has an
+    /// unsigned device, key sharing will fail with an error.
+    ///
+    /// If `error_on_verified_user` is `true`, and a verified user has replaced
+    /// their identity, key sharing will fail with an error.
+    ///
+    /// Otherwise, keys are shared with unsigned devices as normal.
+    ///
+    /// Once the problematic devices are blacklisted or whitelisted the
+    /// caller can retry to share a second time.
+    #[wasm_bindgen(js_name = "deviceBasedStrategy")]
+    pub fn device_based_strategy(
+        only_allow_trusted_devices: bool,
+        error_on_verified_user_problem: bool,
+    ) -> CollectStrategy {
+        Self {
+            inner: matrix_sdk_crypto::CollectStrategy::DeviceBasedStrategy {
+                only_allow_trusted_devices,
+                error_on_verified_user_problem,
+            },
+        }
+    }
+
     /// Share based on identity. Only distribute to devices signed by their
     /// owner. If a user has no published identity he will not receive
     /// any room keys.
-    IdentityBasedStrategy,
+    #[wasm_bindgen(js_name = "identityBasedStrategy")]
+    pub fn identity_based_strategy() -> CollectStrategy {
+        Self { inner: matrix_sdk_crypto::CollectStrategy::IdentityBasedStrategy }
+    }
 }
 
-impl From<CollectStrategy> for matrix_sdk_crypto::CollectStrategy {
-    fn from(value: CollectStrategy) -> Self {
-        match value {
-            CollectStrategy::DeviceBasedStrategyOnlyTrustedDevices => {
-                Self::DeviceBasedStrategy { only_allow_trusted_devices: true }
-            }
-            CollectStrategy::DeviceBasedStrategyAllDevices => {
-                Self::DeviceBasedStrategy { only_allow_trusted_devices: false }
-            }
-            CollectStrategy::IdentityBasedStrategy => Self::IdentityBasedStrategy,
-        }
-    }
+/// The trust level required to decrypt an event
+#[wasm_bindgen]
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub enum TrustRequirement {
+    /// Decrypt events from everyone regardless of trust
+    Untrusted,
+    /// Only decrypt events from cross-signed or legacy devices
+    CrossSignedOrLegacy,
+    /// Only decrypt events from cross-signed devices
+    CrossSigned,
 }
 
-impl From<matrix_sdk_crypto::CollectStrategy> for CollectStrategy {
-    fn from(value: matrix_sdk_crypto::CollectStrategy) -> Self {
+impl From<TrustRequirement> for matrix_sdk_crypto::TrustRequirement {
+    fn from(value: TrustRequirement) -> Self {
         match value {
-            matrix_sdk_crypto::CollectStrategy::DeviceBasedStrategy {
-                only_allow_trusted_devices: true,
-            } => Self::DeviceBasedStrategyOnlyTrustedDevices,
-            matrix_sdk_crypto::CollectStrategy::DeviceBasedStrategy {
-                only_allow_trusted_devices: false,
-            } => Self::DeviceBasedStrategyAllDevices,
-            matrix_sdk_crypto::CollectStrategy::IdentityBasedStrategy => {
-                Self::IdentityBasedStrategy
-            }
+            TrustRequirement::Untrusted => Self::Untrusted,
+            TrustRequirement::CrossSignedOrLegacy => Self::CrossSignedOrLegacy,
+            TrustRequirement::CrossSigned => Self::CrossSigned,
         }
     }
 }

@@ -37,9 +37,9 @@ describe(EncryptionSettings.name, () => {
     test("checks the sharing strategy values", () => {
         const es = new EncryptionSettings();
 
-        es.sharingStrategy = CollectStrategy.DeviceBasedStrategyAllDevices;
+        es.sharingStrategy = CollectStrategy.deviceBasedStrategy(false, false);
 
-        expect(es.sharingStrategy).toStrictEqual(CollectStrategy.DeviceBasedStrategyAllDevices);
+        expect(es.sharingStrategy.eq(CollectStrategy.deviceBasedStrategy(false, false))).toBe(true);
         expect(() => {
             es.historyVisibility = 42;
         }).toThrow();