Discard messages from non-admins in announcement groups

diff --git a/lib/src/main/java/org/asamk/signal/manager/Manager.java b/lib/src/main/java/org/asamk/signal/manager/Manager.java
index e4342f9a30b29b59870e9c867b2354ca4b96893d..9d0c355b2fe4a6674955fdb8e64b1d5928152af0 100644 (file)
--- a/lib/src/main/java/org/asamk/signal/manager/Manager.java
+++ b/lib/src/main/java/org/asamk/signal/manager/Manager.java
@@ -1874,7 +1874,6 @@ public class Manager implements Closeable {
                 // address/uuid in envelope is sent by server
                 resolveRecipientTrusted(envelope.getSourceAddress());
             }
-            final var notAGroupMember = isNotAGroupMember(envelope, content);
             if (!envelope.isReceipt()) {
                 try {
                     content = decryptMessage(envelope);
@@ -1910,10 +1909,13 @@ public class Manager implements Closeable {
                     queuedActions.addAll(actions);
                 }
             }
+            final var notAllowedToSendToGroup = isNotAllowedToSendToGroup(envelope, content);
             if (isMessageBlocked(envelope, content)) {
                 logger.info("Ignoring a message from blocked user/group: {}", envelope.getTimestamp());
-            } else if (notAGroupMember) {
-                logger.info("Ignoring a message from a non group member: {}", envelope.getTimestamp());
+            } else if (notAllowedToSendToGroup) {
+                logger.info("Ignoring a group message from an unauthorized sender (no member or admin): {} {}",
+                        (envelope.hasSource() ? envelope.getSourceAddress() : content.getSender()).getIdentifier(),
+                        envelope.getTimestamp());
             } else {
                 handler.handleMessage(envelope, content, exception);
             }
@@ -1976,7 +1978,7 @@ public class Manager implements Closeable {
         return sourceContact != null && sourceContact.isBlocked();
     }
 
-    private boolean isNotAGroupMember(
+    private boolean isNotAllowedToSendToGroup(
             SignalServiceEnvelope envelope, SignalServiceContent content
     ) {
         SignalServiceAddress source;
@@ -1988,23 +1990,32 @@ public class Manager implements Closeable {
             return false;
         }
 
-        if (content != null && content.getDataMessage().isPresent()) {
-            var message = content.getDataMessage().get();
-            if (message.getGroupContext().isPresent()) {
-                if (message.getGroupContext().get().getGroupV1().isPresent()) {
-                    var groupInfo = message.getGroupContext().get().getGroupV1().get();
-                    if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
-                        return false;
-                    }
-                }
-                var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
-                var group = getGroup(groupId);
-                if (group != null && !group.isMember(resolveRecipient(source))) {
-                    return true;
-                }
+        if (content == null || !content.getDataMessage().isPresent()) {
+            return false;
+        }
+
+        var message = content.getDataMessage().get();
+        if (!message.getGroupContext().isPresent()) {
+            return false;
+        }
+
+        if (message.getGroupContext().get().getGroupV1().isPresent()) {
+            var groupInfo = message.getGroupContext().get().getGroupV1().get();
+            if (groupInfo.getType() == SignalServiceGroup.Type.QUIT) {
+                return false;
             }
         }
-        return false;
+
+        var groupId = GroupUtils.getGroupId(message.getGroupContext().get());
+        var group = getGroup(groupId);
+        if (group == null) {
+            return false;
+        }
+
+        final var recipientId = resolveRecipient(source);
+        return !group.isMember(recipientId) || (
+                group.isAnnouncementGroup() && !group.isAdmin(recipientId)
+        );
     }
 
     private List<HandleAction> handleMessage(

diff --git a/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfo.java b/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfo.java
index 211e0f96b7b2d2afea44994c82674c682ef29921..60efc84b2df4baf54efef4abd66317f10d1a1481 100644 (file)
--- a/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfo.java
+++ b/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfo.java
@@ -40,6 +40,8 @@ public abstract class GroupInfo {
 
     public abstract int getMessageExpirationTime();
 
+    public abstract boolean isAnnouncementGroup();
+
     public Set<RecipientId> getMembersWithout(RecipientId recipientId) {
         return getMembers().stream().filter(member -> !member.equals(recipientId)).collect(Collectors.toSet());
     }
@@ -54,6 +56,10 @@ public abstract class GroupInfo {
         return getMembers().contains(recipientId);
     }
 
+    public boolean isAdmin(RecipientId recipientId) {
+        return getAdminMembers().contains(recipientId);
+    }
+
     public boolean isPendingMember(RecipientId recipientId) {
         return getPendingMembers().contains(recipientId);
     }

diff --git a/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfoV1.java b/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfoV1.java
index 8cf6cb94773f999d56b18d7752c0480269edc83c..49c9a5042b34187fa17df91705a8dae71a3211f7 100644 (file)
--- a/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfoV1.java
+++ b/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfoV1.java
@@ -89,6 +89,11 @@ public class GroupInfoV1 extends GroupInfo {
         return messageExpirationTime;
     }
 
+    @Override
+    public boolean isAnnouncementGroup() {
+        return false;
+    }
+
     public void addMembers(Collection<RecipientId> members) {
         this.members.addAll(members);
     }

diff --git a/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfoV2.java b/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfoV2.java
index fe82862ec4c3bd7a6961d4ce7bb96f5b471bf0c0..59cfedb542ffed0d99fb94ac6e7fd0a6351d02e4 100644 (file)
--- a/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfoV2.java
+++ b/lib/src/main/java/org/asamk/signal/manager/storage/groups/GroupInfoV2.java
@@ -7,6 +7,7 @@ import org.asamk.signal.manager.storage.recipients.RecipientResolver;
 import org.signal.storageservice.protos.groups.AccessControl;
 import org.signal.storageservice.protos.groups.Member;
 import org.signal.storageservice.protos.groups.local.DecryptedGroup;
+import org.signal.storageservice.protos.groups.local.EnabledState;
 import org.signal.zkgroup.groups.GroupMasterKey;
 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
 import org.whispersystems.signalservice.api.util.UuidUtil;
@@ -146,4 +147,9 @@ public class GroupInfoV2 extends GroupInfo {
                 ? this.group.getDisappearingMessagesTimer().getDuration()
                 : 0;
     }
+
+    @Override
+    public boolean isAnnouncementGroup() {
+        return this.group != null && this.group.getIsAnnouncementGroup() == EnabledState.ENABLED;
+    }
 }