Partial merge of develop to experimental

Does not include #2336 as the file has been moved out from underneath it: will do this separately
2019-01-03 15:02:58 +00:00 · 2019-01-03 15:02:58 +00:00 · 7d161de35b
commit 7d161de35b
parent 00405e7f22
77 changed files with 3526 additions and 598 deletions
--- a/src/utils/MultiInviter.js
+++ b/src/utils/MultiInviter.js
@ -1,6 +1,6 @@
 /*
 Copyright 2016 OpenMarket Ltd
-Copyright 2017 New Vector Ltd
+Copyright 2017, 2018 New Vector Ltd

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@ -17,9 +17,9 @@ limitations under the License.

 import MatrixClientPeg from '../MatrixClientPeg';
 import {getAddressType} from '../UserAddress';
-import {inviteToRoom} from '../RoomInvite';
 import GroupStore from '../stores/GroupStore';
 import Promise from 'bluebird';
+import {_t} from "../languageHandler";

 /**
 * Invites multiple addresses to a room or group, handling rate limiting from the server
@ -49,7 +49,7 @@ export default class MultiInviter {
     * Invite users to this room. This may only be called once per
     * instance of the class.
     *
-     * @param {array} addresses Array of addresses to invite
+     * @param {array} addrs Array of addresses to invite
     * @returns {Promise} Resolved when all invitations in the queue are complete
     */
    invite(addrs) {
@ -88,12 +88,30 @@ export default class MultiInviter {
        return this.errorTexts[addr];
    }

+    async _inviteToRoom(roomId, addr) {
+        const addrType = getAddressType(addr);
+
+        if (addrType === 'email') {
+            return MatrixClientPeg.get().inviteByEmail(roomId, addr);
+        } else if (addrType === 'mx-user-id') {
+            const profile = await MatrixClientPeg.get().getProfileInfo(addr);
+            if (!profile) {
+                return Promise.reject({errcode: "M_NOT_FOUND", error: "User does not have a profile."});
+            }
+
+            return MatrixClientPeg.get().invite(roomId, addr);
+        } else {
+            throw new Error('Unsupported address');
+        }
+    }
+
+
    _inviteMore(nextIndex) {
        if (this._canceled) {
            return;
        }

-        if (nextIndex == this.addrs.length) {
+        if (nextIndex === this.addrs.length) {
            this.busy = false;
            this.deferred.resolve(this.completionStates);
            return;
@ -111,7 +129,7 @@ export default class MultiInviter {

        // don't re-invite (there's no way in the UI to do this, but
        // for sanity's sake)
-        if (this.completionStates[addr] == 'invited') {
+        if (this.completionStates[addr] === 'invited') {
            this._inviteMore(nextIndex + 1);
            return;
        }
@ -120,7 +138,7 @@ export default class MultiInviter {
        if (this.groupId !== null) {
            doInvite = GroupStore.inviteUserToGroup(this.groupId, addr);
        } else {
-            doInvite = inviteToRoom(this.roomId, addr);
+            doInvite = this._inviteToRoom(this.roomId, addr);
        }

        doInvite.then(() => {
@ -129,29 +147,34 @@ export default class MultiInviter {
            this.completionStates[addr] = 'invited';

            this._inviteMore(nextIndex + 1);
-        }, (err) => {
+        }).catch((err) => {
            if (this._canceled) { return; }

            let errorText;
            let fatal = false;
-            if (err.errcode == 'M_FORBIDDEN') {
+            if (err.errcode === 'M_FORBIDDEN') {
                fatal = true;
-                errorText = 'You do not have permission to invite people to this room.';
-            } else if (err.errcode == 'M_LIMIT_EXCEEDED') {
+                errorText = _t('You do not have permission to invite people to this room.');
+            } else if (err.errcode === 'M_LIMIT_EXCEEDED') {
                // we're being throttled so wait a bit & try again
                setTimeout(() => {
                    this._inviteMore(nextIndex);
                }, 5000);
                return;
+            } else if(err.errcode === "M_NOT_FOUND") {
+                errorText = _t("User %(user_id)s does not exist", {user_id: addr});
            } else {
-                errorText = 'Unknown server error';
+                errorText = _t('Unknown server error');
            }
            this.completionStates[addr] = 'error';
            this.errorTexts[addr] = errorText;
            this.busy = !fatal;
+            this.fatal = fatal;

            if (!fatal) {
                this._inviteMore(nextIndex + 1);
+            } else {
+                this.deferred.resolve(this.completionStates);
            }
        });
    }
--- a/src/utils/PasswordScorer.js
+++ b/src/utils/PasswordScorer.js
@ -0,0 +1,84 @@
+/*
+Copyright 2018 New Vector Ltd
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import Zxcvbn from 'zxcvbn';
+
+import MatrixClientPeg from '../MatrixClientPeg';
+import { _t, _td } from '../languageHandler';
+
+const ZXCVBN_USER_INPUTS = [
+    'riot',
+    'matrix',
+];
+
+// Translations for zxcvbn's suggestion strings
+_td("Use a few words, avoid common phrases");
+_td("No need for symbols, digits, or uppercase letters");
+_td("Use a longer keyboard pattern with more turns");
+_td("Avoid repeated words and characters");
+_td("Avoid sequences");
+_td("Avoid recent years");
+_td("Avoid years that are associated with you");
+_td("Avoid dates and years that are associated with you");
+_td("Capitalization doesn't help very much");
+_td("All-uppercase is almost as easy to guess as all-lowercase");
+_td("Reversed words aren't much harder to guess");
+_td("Predictable substitutions like '@' instead of 'a' don't help very much");
+_td("Add another word or two. Uncommon words are better.");
+
+// and warnings
+_td("Repeats like \"aaa\" are easy to guess");
+_td("Repeats like \"abcabcabc\" are only slightly harder to guess than \"abc\"");
+_td("Sequences like abc or 6543 are easy to guess");
+_td("Recent years are easy to guess");
+_td("Dates are often easy to guess");
+_td("This is a top-10 common password");
+_td("This is a top-100 common password");
+_td("This is a very common password");
+_td("This is similar to a commonly used password");
+_td("A word by itself is easy to guess");
+_td("Names and surnames by themselves are easy to guess");
+_td("Common names and surnames are easy to guess");
+
+/**
+ * Wrapper around zxcvbn password strength estimation
+ * Include this only from async components: it pulls in zxcvbn
+ * (obviously) which is large.
+ */
+export function scorePassword(password) {
+    if (password.length === 0) return null;
+
+    const userInputs = ZXCVBN_USER_INPUTS.slice();
+    userInputs.push(MatrixClientPeg.get().getUserIdLocalpart());
+
+    let zxcvbnResult = Zxcvbn(password, userInputs);
+    // Work around https://github.com/dropbox/zxcvbn/issues/216
+    if (password.includes(' ')) {
+        const resultNoSpaces = Zxcvbn(password.replace(/ /g, ''), userInputs);
+        if (resultNoSpaces.score < zxcvbnResult.score) zxcvbnResult = resultNoSpaces;
+    }
+
+    for (let i = 0; i < zxcvbnResult.feedback.suggestions.length; ++i) {
+        // translate suggestions
+        zxcvbnResult.feedback.suggestions[i] = _t(zxcvbnResult.feedback.suggestions[i]);
+    }
+    // and warning, if any
+    if (zxcvbnResult.feedback.warning) {
+        zxcvbnResult.feedback.warning = _t(zxcvbnResult.feedback.warning);
+    }
+
+    return zxcvbnResult;
+}