Make the default value for the 'trusted' checkbox configurable

Also remove the `message_storage` setting.
This commit is contained in:
JC Brand 2018-05-18 12:21:02 +02:00
parent e82112715d
commit 2508ef0e9e
8 changed files with 76 additions and 37 deletions

View File

@ -14,7 +14,8 @@
- Support for rendering URLs sent according to XEP-0066 Out of Band Data.
- Geo-URIs (e.g. from Conversations) are now replaced by links to openstreetmap (works in reverse also)
- Add a checkbox to indicate whether a trusted device is being used or not.
If the device is not trusted, then all user data is deleted from the cache upon logout.
If the device is not trusted, sessionStorage is used and all user data is deleted from the browser cache upon logout.
If the device is trusted, localStorage is used and user data is cached indefinitely.
### Bugfixes

View File

@ -927,28 +927,6 @@ Message carbons is the XEP (Jabber protocol extension) specifically drafted to
solve this problem, while `forward_messages`_ uses
`stanza forwarding <http://www.xmpp.org/extensions/xep-0297.html>`_
message_storage
----------------
* Default: ``session``
Valid options: ``session``, ``local``.
This option determines the type of `browser storage <https://developer.mozilla.org/en-US/docs/Web/Guide/API/DOM/Storage>`_
(``localStorage`` or ``sessionStorage``) used by converse.js to cache messages (private and group).
The main difference between the two is that `sessionStorage` only persists while
the current tab or window containing a converse.js instance is open. As soon as
it's closed, the data is cleared.
Data in `localStorage` on the other hand is kept indefinitely, which can have
privacy implications on public computers or when multiple people are using the
same computer.
See also the `storage`_ option, which applies to other cached data, such as
which chats you have open, what features the XMPP server supports and what
your online status is.
muc_disable_moderator_commands
------------------------------
@ -1269,17 +1247,20 @@ privacy perspective a better choice.
The main difference between the two is that `sessionStorage` only persists while
the current tab or window containing a converse.js instance is open. As soon as
it's closed, the data is cleared.
it's closed, the data is cleared (as long as there aren't any other tabs with
the same domain open).
Data in `localStorage` on the other hand is kept indefinitely.
The data that is cached includes which chats you had open, what features the
XMPP server supports and what your online status was.
The data that is cached includes your sent and received messages, which chats you had
open, what features the XMPP server supports and what your online status was.
See also `trusted`_.
.. note::
When the user checks the checkbox labeled "This is a trusted device", then
the storage setting will automatically be set to localStorage.
Since version 1.0.7, the store for messages is now configurable separately with
the `message_storage`_ option, to allow you to cache messages for longer in the
browser (with `localStorage`) while still using `sessionStorage` for other
data.
.. note::
Between versions 0.8.0 and 1.0.7, setting the value of this option to "local"
@ -1295,6 +1276,7 @@ data.
storage), to address the above issue.
sticky_controlbox
-----------------
@ -1352,6 +1334,21 @@ If set to ``false``, this feature is disabled.
If set to ``a resource name``, converse.js will synchronize only with a client that has that particular resource assigned to it.
trusted
-------
* Default: ``true``
This setting determines whether the default value of the "This is a trusted device" checkbox in the login form.
When the current device is not trusted, then localStorage and sessionStorage
will be cleared when the user logs out, thereby removing all cached data.
Clearing the cache in this way makes Converse.js much slower when the user logs
in again, because all data needs to be fetch anew.
See also `storage`_.
time_format
-----------

View File

@ -41,5 +41,43 @@
done();
});
}));
it("checkbox can be set to false by default",
mock.initConverseWithPromises(
null, ['connectionInitialized', 'chatBoxesInitialized'],
{ auto_login: false,
trusted: false,
allow_registration: false },
function (done, _converse) {
test_utils.waitUntil(() => _converse.chatboxviews.get('controlbox'))
.then(function () {
var cbview = _converse.chatboxviews.get('controlbox');
test_utils.openControlBox();
const checkboxes = cbview.el.querySelectorAll('input[type="checkbox"]');
expect(checkboxes.length).toBe(1);
const checkbox = checkboxes[0];
const label = cbview.el.querySelector(`label[for="${checkbox.getAttribute('id')}"]`);
expect(label.textContent).toBe('This is a trusted device');
expect(checkbox.checked).toBe(false);
cbview.el.querySelector('input[name="jid"]').value = 'dummy@localhost';
cbview.el.querySelector('input[name="password"]').value = 'secret';
spyOn(cbview.loginpanel, 'connect');
cbview.delegateEvents();
expect(_converse.storage).toBe('session');
cbview.el.querySelector('input[type="submit"]').click();
expect(_converse.storage).toBe('session');
expect(cbview.loginpanel.connect).toHaveBeenCalled();
checkbox.click();
cbview.el.querySelector('input[type="submit"]').click();
expect(_converse.storage).toBe('local');
done();
});
}));
});
}));

View File

@ -52,12 +52,12 @@
// New functions which don't exist yet can also be added.
clearSession () {
this.__super__.clearSession.apply(this, arguments);
if (!_.isUndefined(this.bookmarks)) {
this.bookmarks.reset();
this.bookmarks.browserStorage._clear();
window.sessionStorage.removeItem(this.bookmarks.fetched_flag);
}
this.__super__.clearSession.apply(this, arguments);
},
ChatRoomView: {
@ -261,9 +261,7 @@
const cache_key = `converse.room-bookmarks${_converse.bare_jid}`;
this.fetched_flag = b64_sha1(cache_key+'fetched');
this.browserStorage = new Backbone.BrowserStorage[_converse.storage](
b64_sha1(cache_key)
);
this.browserStorage = new Backbone.BrowserStorage[_converse.storage](b64_sha1(cache_key));
},
openBookmarkedRoom (bookmark) {

View File

@ -249,7 +249,7 @@
this.addRelatedContact(_converse.roster.findWhere({'jid': this.get('jid')}));
});
this.messages = new _converse.Messages();
this.messages.browserStorage = new Backbone.BrowserStorage[_converse.message_storage](
this.messages.browserStorage = new Backbone.BrowserStorage[_converse.storage](
b64_sha1(`converse.messages${this.get('jid')}${_converse.bare_jid}`));
this.messages.chatbox = this;

View File

@ -478,6 +478,7 @@
if (!this.validate()) { return; }
const form_data = new FormData(ev.target);
_converse.trusted = form_data.get('trusted');
_converse.storage = form_data.get('trusted') ? 'local' : 'session';
let jid = form_data.get('jid');

View File

@ -322,7 +322,6 @@
'pl', 'pt_BR', 'ru', 'tr', 'uk', 'zh_CN', 'zh_TW'
],
message_carbons: true,
message_storage: 'session',
nickname: undefined,
password: undefined,
prebind_url: null,
@ -336,6 +335,7 @@
storage: 'session',
strict_plugin_dependencies: false,
synchronize_availability: true,
trusted: true,
view_mode: 'overlayed', // Choices are 'overlayed', 'fullscreen', 'mobile'
websocket_url: undefined,
whitelisted_plugins: []
@ -652,6 +652,10 @@
if (!_.isUndefined(this.session) && this.session.browserStorage) {
this.session.browserStorage._clear();
}
if (!_converse.trusted) {
window.localStorage.clear();
window.sessionStorage.clear();
}
};
this.logOut = function () {

View File

@ -19,7 +19,7 @@
</div>
{[ } ]}
<div class="form-group form-check">
<input id="converse-login-trusted" type="checkbox" class="form-check-input" name="trusted" checked="checked">
<input id="converse-login-trusted" type="checkbox" class="form-check-input" name="trusted" {[ if (o._converse.trusted) { ]} checked="checked" {[ } ]}>
<label for="converse-login-trusted" class="form-check-label">{{{o.__('This is a trusted device')}}}</label>
<i class="fa fa-info-circle" data-toggle="popover"
data-title="Trusted device?"