PolicyListManager watch/unwatch should use MatrixRoomReferences. (#42)

Author: Gnuxie

src/appservice/MjolnirManager.ts

@@ -10,6 +10,7 @@ import { randomUUID } from "crypto";
 import EventEmitter from "events";
 import { MatrixEmitter } from "../MatrixEmitter";
 import { Permalinks } from "../commands/interface-manager/Permalinks";
+import { MatrixRoomReference } from "../commands/interface-manager/MatrixRoomReference";
 
 const log = new Logger('MjolnirManager');
 
@@ -238,7 +239,7 @@ export class ManagedMjolnir {
             [mjolnirOwnerId],
             { name: `${mjolnirOwnerId}'s policy room` }
         );
-        const roomRef = Permalinks.forRoom(listRoomId);
+        const roomRef = MatrixRoomReference.fromPermalink(Permalinks.forRoom(listRoomId));
         await this.mjolnir.addProtectedRoom(listRoomId);
         return await this.mjolnir.policyListManager.watchList(roomRef);
     }

src/commands/CommandHandler.ts

@@ -31,7 +31,6 @@ import { LogService, RichReply } from "matrix-bot-sdk";
 import { execSyncCommand } from "./SyncCommand";
 import { execPermissionCheckCommand } from "./PermissionCheckCommand";
 import { execCreateListCommand } from "./CreateBanListCommand";
-import { execUnwatchCommand, execWatchCommand } from "./WatchUnwatchCommand";
 import { execRedactCommand } from "./RedactCommand";
 import { execImportCommand } from "./ImportCommand";
 import { execSetDefaultListCommand } from "./SetDefaultBanListCommand";
@@ -73,6 +72,7 @@ import "./Ban";
 import "./Unban";
 import "./StatusCommand";
 import "./Rules";
+import "./WatchUnwatchCommand";
 import "./Help";
 
 export const COMMAND_PREFIX = "!mjolnir";
@@ -94,10 +94,6 @@ export async function handleCommand(roomId: string, event: { content: { body: st
             return await execPermissionCheckCommand(roomId, event, mjolnir);
         } else if (parts.length >= 5 && parts[1] === 'list' && parts[2] === 'create') {
             return await execCreateListCommand(roomId, event, mjolnir, parts);
-        } else if (parts[1] === 'watch' && parts.length > 1) {
-            return await execWatchCommand(roomId, event, mjolnir, parts);
-        } else if (parts[1] === 'unwatch' && parts.length > 1) {
-            return await execUnwatchCommand(roomId, event, mjolnir, parts);
         } else if (parts[1] === 'redact' && parts.length > 1) {
             return await execRedactCommand(roomId, event, mjolnir, parts);
         } else if (parts[1] === 'import' && parts.length > 2) {

src/commands/CreateBanListCommand.ts

@@ -29,6 +29,7 @@ import { Mjolnir } from "../Mjolnir";
 import PolicyList from "../models/PolicyList";
 import { RichReply } from "matrix-bot-sdk";
 import { Permalinks } from "./interface-manager/Permalinks";
+import { MatrixRoomReference } from "./interface-manager/MatrixRoomReference";
 
 // !mjolnir list create <shortcode> <alias localpart>
 export async function execCreateListCommand(roomId: string, event: any, mjolnir: Mjolnir, parts: string[]) {
@@ -42,7 +43,7 @@ export async function execCreateListCommand(roomId: string, event: any, mjolnir:
         { room_alias_name: aliasLocalpart }
     );
 
-    const roomRef = Permalinks.forRoom(listRoomId);
+    const roomRef = MatrixRoomReference.fromPermalink(Permalinks.forRoom(listRoomId));
     await mjolnir.policyListManager.watchList(roomRef);
     await mjolnir.addProtectedRoom(listRoomId);
 

src/commands/Help.tsx

@@ -44,8 +44,6 @@ const oldHelpMenu = "" +
 "!mjolnir sync                                                       - Force updates of all lists and re-apply rules\n" +
 "!mjolnir verify                                                     - Ensures Mjolnir can moderate all your rooms\n" +
 "!mjolnir list create <shortcode> <alias localpart>                  - Creates a new ban list with the given shortcode and alias\n" +
-"!mjolnir watch <room alias/ID>                                      - Watches a ban list\n" +
-"!mjolnir unwatch <room alias/ID>                                    - Unwatches a ban list\n" +
 "!mjolnir import <room alias/ID> <list shortcode>                    - Imports bans and ACLs into the given list\n" +
 "!mjolnir default <shortcode>                                        - Sets the default list for commands\n" +
 "!mjolnir protections                                                - List all available protections\n" +

src/commands/WatchUnwatchCommand.ts

@@ -25,32 +25,52 @@ limitations under the License.
  * are NOT distributed, contributed, committed, or licensed under the Apache License.
  */
 
-import { Mjolnir } from "../Mjolnir";
-import { RichReply } from "matrix-bot-sdk";
-import { Permalinks } from "./interface-manager/Permalinks";
-
-// !mjolnir watch <room alias or ID>
-export async function execWatchCommand(roomId: string, event: any, mjolnir: Mjolnir, parts: string[]) {
-    const list = await mjolnir.policyListManager.watchList(Permalinks.forRoom(parts[2]));
-    if (!list) {
-        const replyText = "Cannot watch list due to error - is that a valid room alias?";
-        const reply = RichReply.createFor(roomId, event, replyText, replyText);
-        reply["msgtype"] = "m.notice";
-        mjolnir.client.sendMessage(roomId, reply);
-        return;
-    }
-    await mjolnir.client.unstableApis.addReactionToEvent(roomId, event['event_id'], '✅');
-}
-
-// !mjolnir unwatch <room alias or ID>
-export async function execUnwatchCommand(roomId: string, event: any, mjolnir: Mjolnir, parts: string[]) {
-    const list = await mjolnir.policyListManager.unwatchList(Permalinks.forRoom(parts[2]));
-    if (!list) {
-        const replyText = "Cannot unwatch list due to error - is that a valid room alias?";
-        const reply = RichReply.createFor(roomId, event, replyText, replyText);
-        reply["msgtype"] = "m.notice";
-        mjolnir.client.sendMessage(roomId, reply);
-        return;
-    }
-    await mjolnir.client.unstableApis.addReactionToEvent(roomId, event['event_id'], '✅');
-}
+import { defineInterfaceCommand, findTableCommand } from "./interface-manager/InterfaceCommand";
+import { findPresentationType, parameters, ParsedKeywords } from "./interface-manager/ParameterParsing";
+import { MjolnirContext } from "./CommandHandler";
+import { MatrixRoomReference } from "./interface-manager/MatrixRoomReference";
+import { CommandError, CommandResult } from "./interface-manager/Validation";
+import { tickCrossRenderer } from "./interface-manager/MatrixHelpRenderer";
+import { defineMatrixInterfaceAdaptor } from "./interface-manager/MatrixInterfaceAdaptor";
+
+defineInterfaceCommand({
+    table: "mjolnir",
+    designator: ["watch"],
+    summary: "Watches a list and applies the list's assocated policies to draupnir's protected rooms.",
+    parameters: parameters([
+        {
+            name: 'list',
+            acceptor: findPresentationType("MatrixRoomReference"),
+        }
+    ]),
+    command: async function (this: MjolnirContext, _keywords: ParsedKeywords, list: MatrixRoomReference): Promise<CommandResult<void, CommandError>> {
+        await this.mjolnir.policyListManager.watchList(list);
+        return CommandResult.Ok(undefined);
+    },
+})
+
+defineMatrixInterfaceAdaptor({
+    interfaceCommand: findTableCommand("mjolnir", "watch"),
+    renderer: tickCrossRenderer,
+})
+
+defineInterfaceCommand({
+    table: "mjolnir",
+    designator: ["unwatch"],
+    summary: "Unwatches a list and stops applying the list's assocated policies to draupnir's protected rooms.",
+    parameters: parameters([
+        {
+            name: 'list',
+            acceptor: findPresentationType("MatrixRoomReference"),
+        }
+    ]),
+    command: async function (this: MjolnirContext, _keywords: ParsedKeywords, list: MatrixRoomReference): Promise<CommandResult<void, CommandError>> {
+        await this.mjolnir.policyListManager.unwatchList(list);
+        return CommandResult.Ok(undefined);
+    },
+})
+
+defineMatrixInterfaceAdaptor({
+    interfaceCommand: findTableCommand("mjolnir", "unwatch"),
+    renderer: tickCrossRenderer,
+})

src/models/PolicyListManager.ts

@@ -30,7 +30,6 @@ import { Mjolnir } from "../Mjolnir";
 import { MatrixDataManager, RawSchemedData, SCHEMA_VERSION_KEY } from "./MatrixDataManager";
 import { MatrixRoomReference } from "../commands/interface-manager/MatrixRoomReference";
 import { PolicyList, WATCHED_LISTS_EVENT_TYPE, WARN_UNPROTECTED_ROOM_EVENT_PREFIX } from "./PolicyList";
-import { Permalinks } from "../commands/interface-manager/Permalinks";
 
 type WatchedListsEvent = RawSchemedData & { references?: string[]; };
 /**
@@ -70,18 +69,16 @@ export class PolicyListManager extends MatrixDataManager<WatchedListsEvent> {
         return list;
     }
 
-    public async watchList(roomRef: string): Promise<PolicyList | null> {
-        const joinedRooms = await this.mjolnir.client.getJoinedRooms();
-        const permalink = Permalinks.parseUrl(roomRef);
-        if (!permalink.roomIdOrAlias)
-            return null;
-
-        const roomId = await this.mjolnir.client.resolveRoom(permalink.roomIdOrAlias);
-        if (!joinedRooms.includes(roomId)) {
-            await this.mjolnir.client.joinRoom(roomId, permalink.viaServers);
-        }
-
-        if (this.policyLists.find(b => b.roomId === roomId)) {
+    /**
+     * Watching a list applies all of its policies to a protected room.
+     * @param roomRef A matrix room reference to a policy list that should be watched.
+     *
+     * @returns The list that has been watched or null if the manager was already
+     * watching the list.
+     */
+    public async watchList(roomRef: MatrixRoomReference): Promise<PolicyList | null> {
+        const roomId = await roomRef.joinClient(this.mjolnir.client);
+        if (this.policyLists.find(b => b.roomId === roomId.toRoomIdOrAlias())) {
             // This room was already in our list of policy rooms, nothing else to do.
             // Note that we bailout *after* the call to `joinRoom`, in case a user
             // calls `watchList` in an attempt to repair something that was broken,
@@ -90,21 +87,21 @@ export class PolicyListManager extends MatrixDataManager<WatchedListsEvent> {
             return null;
         }
 
-        const list = await this.addPolicyList(roomId, roomRef);
+        const list = await this.addPolicyList(roomId.toRoomIdOrAlias(), roomRef.toPermalink());
 
         await this.storeMatixData();
-        await this.warnAboutUnprotectedPolicyListRoom(roomId);
-
+        await this.warnAboutUnprotectedPolicyListRoom(roomId.toRoomIdOrAlias());
         return list;
     }
 
-    public async unwatchList(roomRef: string): Promise<PolicyList | null> {
-        const permalink = Permalinks.parseUrl(roomRef);
-        if (!permalink.roomIdOrAlias)
-            return null;
-
-        const roomId = await this.mjolnir.client.resolveRoom(permalink.roomIdOrAlias);
-        const list = this.policyLists.find(b => b.roomId === roomId) || null;
+    /**
+     * Stop watching the list and applying its associated policies.
+     * @param roomRef A matrix room reference to a list that should be unwatched.
+     * @returns The list being unwatched or null if we were not watching the list.
+     */
+    public async unwatchList(roomRef: MatrixRoomReference): Promise<PolicyList | null> {
+        const roomId = await roomRef.resolve(this.mjolnir.client);
+        const list = this.policyLists.find(b => b.roomId === roomId.toRoomIdOrAlias()) || null;
         if (list) {
             this.policyLists.splice(this.policyLists.indexOf(list), 1);
             this.mjolnir.ruleServer?.unwatch(list);

test/integration/banListTest.ts

@@ -10,6 +10,7 @@ import { ALL_RULE_TYPES, Recommendation, RULE_SERVER, RULE_USER, SERVER_RULE_TYP
 import AccessControlUnit, { Access, EntityAccess } from "../../src/models/AccessControlUnit";
 import { randomUUID } from "crypto";
 import { MatrixSendClient } from "../../src/MatrixEmitter";
+import { MatrixRoomReference } from "../../src/commands/interface-manager/MatrixRoomReference";
 
 /**
  * Create a policy rule in a policy room.
@@ -262,7 +263,7 @@ describe('Test: ACL updates will batch when rules are added in succession.', fun
         // Flood the watched list with banned servers, which should prompt Mjolnir to update server ACL in protected rooms.
         const banListId = await moderator.createRoom({ invite: [mjolnirId] });
         await mjolnir.client.joinRoom(banListId);
-        await mjolnir.policyListManager.watchList(Permalinks.forRoom(banListId));
+        await mjolnir.policyListManager.watchList(MatrixRoomReference.fromRoomId(banListId));
         const acl = new ServerAcl(serverName).denyIpAddresses().allowServer("*");
         const evilServerCount = 200;
         for (let i = 0; i < evilServerCount; i++) {
@@ -327,7 +328,7 @@ describe('Test: unbaning entities via the PolicyList.', function() {
         await moderator.setUserPowerLevel(await mjolnir.client.getUserId(), banListId, 100);
         await moderator.sendStateEvent(banListId, 'org.matrix.mjolnir.shortcode', '', { shortcode: "unban-test" });
         await mjolnir.client.joinRoom(banListId);
-        await mjolnir.policyListManager.watchList(Permalinks.forRoom(banListId));
+        await mjolnir.policyListManager.watchList(MatrixRoomReference.fromRoomId(banListId));
         // we use this to compare changes.
         const banList = new PolicyList(banListId, banListId, moderator);
         // we need two because we need to test the case where an entity has all rule types in the list
@@ -402,7 +403,7 @@ describe('Test: should apply bans to the most recently active rooms first', func
         // Flood the watched list with banned servers, which should prompt Mjolnir to update server ACL in protected rooms.
         const banListId = await moderator.createRoom({ invite: [mjolnirId] });
         await mjolnir.client.joinRoom(banListId);
-        await mjolnir.policyListManager.watchList(Permalinks.forRoom(banListId));
+        await mjolnir.policyListManager.watchList(MatrixRoomReference.fromRoomId(banListId));
 
         await mjolnir.protectedRoomsTracker.syncLists();
 
@@ -506,7 +507,7 @@ describe('Test: AccessControlUnit interaction with policy lists.', function() {
         assertAccess(Access.Allowed, aclUnit.getAccessForUser('@someone:matrix.org', "CHECK_SERVER"));
 
         // protect a room and check that only bad.example.com, *.ddns.example.com are in the deny ACL and not matrix.org
-        await mjolnir.policyListManager.watchList(policyList.roomRef);
+        await mjolnir.policyListManager.watchList(MatrixRoomReference.fromPermalink(policyList.roomRef));
         const protectedRoom = await mjolnir.client.createRoom();
         await mjolnir.protectedRoomsTracker.addProtectedRoom(protectedRoom);
         await mjolnir.protectedRoomsTracker.syncLists();

test/integration/banPropagationTest.ts

@@ -2,8 +2,8 @@ import expect from "expect";
 import { Mjolnir } from "../../src/Mjolnir";
 import { newTestUser } from "./clientHelper";
 import { getFirstEventMatching } from './commands/commandUtils';
-import { Permalinks } from "matrix-bot-sdk";
 import { RULE_USER } from "../../src/models/ListRule";
+import { MatrixRoomReference } from "../../src/commands/interface-manager/MatrixRoomReference";
 
 // We will need to disable this in tests that are banning people otherwise it will cause
 // mocha to hang for awhile until it times out waiting for a response to a prompt.
@@ -28,7 +28,7 @@ describe("Ban propagation test", function() {
         const policyListId = await moderator.createRoom({ invite: [mjolnirId] });
         await moderator.setUserPowerLevel(mjolnirId, policyListId, 100);
         await mjolnir.client.joinRoom(policyListId);
-        await mjolnir.policyListManager.watchList(Permalinks.forRoom(policyListId));
+        await mjolnir.policyListManager.watchList(MatrixRoomReference.fromRoomId(policyListId));
 
         // check for the prompt
         const promptEvent = await getFirstEventMatching({

test/integration/protectedRoomsConfigTest.ts

@@ -1,14 +1,14 @@
 
 import { strict as assert } from "assert";
-import { MatrixClient, Permalinks, UserID } from "matrix-bot-sdk";
+import { MatrixClient, Permalinks } from "matrix-bot-sdk";
+import { MatrixRoomReference } from "../../src/commands/interface-manager/MatrixRoomReference";
 import { MatrixSendClient } from "../../src/MatrixEmitter";
 import { Mjolnir } from "../../src/Mjolnir";
 import PolicyList from "../../src/models/PolicyList";
 import { newTestUser } from "./clientHelper";
-import { createBanList, getFirstReaction } from "./commands/commandUtils";
+import { createBanList } from "./commands/commandUtils";
 
 async function createPolicyList(client: MatrixClient): Promise<PolicyList> {
-    const serverName = new UserID(await client.getUserId()).domain;
     const policyListId = await client.createRoom({ preset: "public_chat" });
     return new PolicyList(policyListId, Permalinks.forRoom(policyListId), client);
 }
@@ -37,15 +37,15 @@ describe('Test: config.protectAllJoinedRooms behaves correctly.', function() {
         await mjolnir.protectedRoomsTracker.syncLists();
         (await getProtectedRoomsFromAccountData(mjolnir.client))
             .forEach(roomId => assert.equal(implicitlyProtectedRooms.includes(roomId), false));
-        
+
         // ... but they are protected
         mjolnir.protectedRoomsTracker.getProtectedRooms()
             .forEach(roomId => assert.equal(implicitlyProtectedRooms.includes(roomId), true));
 
         // We create one policy list with Mjolnir, and we watch another that is maintained by someone else.
         const policyListShortcode = await createBanList(mjolnir.managementRoomId, mjolnir.matrixEmitter, moderator);
         const unprotectedWatchedList = await createPolicyList(moderator);
-        await mjolnir.policyListManager.watchList(unprotectedWatchedList.roomRef);
+        await mjolnir.policyListManager.watchList(MatrixRoomReference.fromPermalink(unprotectedWatchedList.roomRef));
         await mjolnir.protectedRoomsTracker.syncLists();
 
         // We expect that the watched list will not be protected, despite config.protectAllJoinedRooms being true

tsconfig.json

@@ -30,6 +30,8 @@
         "./test/integration/banListTest.ts",
         "./test/integration/reportPollingTest",
         "./test/integration/policyConsumptionTest.ts",
-        "./test/integration/protectionSettingsTest.ts"
+        "./test/integration/protectionSettingsTest.ts",
+        "./test/integration/banPropagationTest.ts",
+        "./test/integration/protectedRoomsConfigTest.ts",
     ]
 }