[BREAKING] Change the behaviour of the unverfied devices blacklist flag

Previously the global flag was used as a way to completely ignore the per-room option. This commit makes the per-room and global settings be more flexible to allow users to, for example, blacklist unverified devices in all room with the exception of one or two. This is done by making the global setting a device-level default and the per-room option allowing for 3 states: true, false, and unset (use device default).

Signed-off-by: Travis Ralston <travpc@gmail.com>

src/client.js

@@ -543,11 +543,10 @@ async function _setDeviceVerification(
 
 /**
  * Set the global override for whether the client should ever send encrypted
- * messages to unverified devices.  If false, it can still be overridden
+ * messages to unverified devices.  This provides the default for rooms which
- * per-room.  If true, it overrides the per-room settings.
+ * do not specify a value.
  *
- * @param {boolean} value whether to unilaterally blacklist all
+ * @param {boolean} value whether to blacklist all unverified devices by default
- * unverified devices
  */
 MatrixClient.prototype.setGlobalBlacklistUnverifiedDevices = function(value) {
     if (this._crypto === null) {
@@ -557,8 +556,7 @@ MatrixClient.prototype.setGlobalBlacklistUnverifiedDevices = function(value) {
 };
 
 /**
- * @return {boolean} whether to unilaterally blacklist all
+ * @return {boolean} whether to blacklist all unverified devices by default
- * unverified devices
  */
 MatrixClient.prototype.getGlobalBlacklistUnverifiedDevices = function() {
     if (this._crypto === null) {

src/crypto/algorithms/megolm.js

@@ -541,6 +541,12 @@ MegolmEncryption.prototype._getDevicesInRoom = function(room) {
         return u.userId;
     });
 
+    // The global value is treated as a default for when rooms don't specify a value.
+    let isBlacklisting = this._crypto.getBlacklistUnverifiedDevices();
+    if (room.getBlacklistUnverifiedDevices() !== null) {
+        isBlacklisting = room.getBlacklistUnverifiedDevices();
+    }
+
     // We are happy to use a cached version here: we assume that if we already
     // have a list of the user's devices, then we already share an e2e room
     // with them, which means that they will have announced any new devices via
@@ -564,9 +570,7 @@ MegolmEncryption.prototype._getDevicesInRoom = function(room) {
                 }
 
                 if (userDevices[deviceId].isBlocked() ||
-                    (userDevices[deviceId].isUnverified() &&
+                    (userDevices[deviceId].isUnverified() && isBlacklisting)
-                     (room.getBlacklistUnverifiedDevices() ||
-                      this._crypto.getGlobalBlacklistUnverifiedDevices()))
                    ) {
                     delete userDevices[deviceId];
                 }

src/crypto/index.js

@@ -192,18 +192,17 @@ Crypto.prototype.getDeviceEd25519Key = function() {
 
 /**
  * Set the global override for whether the client should ever send encrypted
- * messages to unverified devices.  If false, it can still be overridden
+ * messages to unverified devices.  This provides the default for rooms which
- * per-room.  If true, it overrides the per-room settings.
+ * do not specify a value.
  *
- * @param {boolean} value whether to unilaterally blacklist all
+ * @param {boolean} value whether to blacklist all unverified devices by default
- * unverified devices
  */
 Crypto.prototype.setGlobalBlacklistUnverifiedDevices = function(value) {
     this._globalBlacklistUnverifiedDevices = value;
 };
 
 /**
- * @return {boolean} whether to unilaterally blacklist all unverified devices
+ * @return {boolean} whether to blacklist all unverified devices by default
  */
 Crypto.prototype.getGlobalBlacklistUnverifiedDevices = function() {
     return this._globalBlacklistUnverifiedDevices;

src/models/room.js

@@ -169,7 +169,8 @@ function Room(roomId, opts) {
         this._pendingEventList = [];
     }
 
-    this._blacklistUnverifiedDevices = false; // read by megolm
+    // read by megolm; boolean value - null indicates "use global value"
+    this._blacklistUnverifiedDevices = null;
 }
 utils.inherits(Room, EventEmitter);
 
@@ -307,8 +308,8 @@ Room.prototype.setUnreadNotificationCount = function(type, count) {
 
 /**
  * Whether to send encrypted messages to devices within this room.
- * Will be ignored if MatrixClient's blacklistUnverifiedDevices setting is true.
+ * @param {Boolean} value true to blacklist unverified devices, null
- * @param {boolean} value if true, blacklist unverified devices.
+ * to use the global value for this room.
  */
 Room.prototype.setBlacklistUnverifiedDevices = function(value) {
     this._blacklistUnverifiedDevices = value;
@@ -316,8 +317,8 @@ Room.prototype.setBlacklistUnverifiedDevices = function(value) {
 
 /**
  * Whether to send encrypted messages to devices within this room.
- * Will be ignored if MatrixClient's blacklistUnverifiedDevices setting is true.
+ * @return {Boolean} true if blacklisting unverified devices, null
- * @return {boolean} true if blacklisting unverified devices.
+ * if the global value should be used for this room.
  */
 Room.prototype.getBlacklistUnverifiedDevices = function() {
     return this._blacklistUnverifiedDevices;