From 859355a3db35ef60626c4ec98c8bdfdfbe9fabb3 Mon Sep 17 00:00:00 2001
From: Tulir Asokan <tulir@maunium.net>
Date: Fri, 7 Oct 2022 21:01:04 +0300
Subject: [PATCH] Implicitly enable private_chat_portal_meta in encrypted rooms

---
 example-config.yaml |  2 +-
 matrix.go           | 21 ++++++++++++++++-----
 portal.go           |  2 +-
 puppet.go           |  5 ++++-
 4 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/example-config.yaml b/example-config.yaml
index 1b662f6..89929d3 100644
--- a/example-config.yaml
+++ b/example-config.yaml
@@ -231,6 +231,7 @@ bridge:
     login_shared_secret_map:
         example.com: foobar
     # Should the bridge explicitly set the avatar and room name for private chat portal rooms?
+    # This is implicitly enabled in encrypted rooms.
     private_chat_portal_meta: false
     # Should group members be synced in parallel? This makes member sync faster
     parallel_member_sync: false
@@ -320,7 +321,6 @@ bridge:
         allow: false
         # Default to encryption, force-enable encryption in all portals the bridge creates
         # This will cause the bridge bot to be in private chats for the encryption to work properly.
-        # It is recommended to also set private_chat_portal_meta to true when using this.
         default: false
         # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
         appservice: false
diff --git a/matrix.go b/matrix.go
index 09ed53c..e249170 100644
--- a/matrix.go
+++ b/matrix.go
@@ -56,10 +56,19 @@ func (br *WABridge) CreatePrivatePortal(roomID id.RoomID, brInviter bridge.User,
 }
 
 func (br *WABridge) createPrivatePortalFromInvite(roomID id.RoomID, inviter *User, puppet *Puppet, portal *Portal) {
+	// TODO check if room is already encrypted
+	var existingEncryption event.EncryptionEventContent
+	var encryptionEnabled bool
+	err := portal.MainIntent().StateEvent(roomID, event.StateEncryption, "", &existingEncryption)
+	if err != nil {
+		portal.log.Warnfln("Failed to check if encryption is enabled in private chat room %s", roomID)
+	} else {
+		encryptionEnabled = existingEncryption.Algorithm == id.AlgorithmMegolmV1
+	}
 	portal.MXID = roomID
 	portal.Topic = PrivateChatTopic
 	_, _ = portal.MainIntent().SetRoomTopic(portal.MXID, portal.Topic)
-	if portal.bridge.Config.Bridge.PrivateChatPortalMeta {
+	if portal.bridge.Config.Bridge.PrivateChatPortalMeta || br.Config.Bridge.Encryption.Default || encryptionEnabled {
 		portal.Name = puppet.Displayname
 		portal.AvatarURL = puppet.AvatarURL
 		portal.Avatar = puppet.Avatar
@@ -71,7 +80,7 @@ func (br *WABridge) createPrivatePortalFromInvite(roomID id.RoomID, inviter *Use
 	portal.log.Infofln("Created private chat portal in %s after invite from %s", roomID, inviter.MXID)
 	intent := puppet.DefaultIntent()
 
-	if br.Config.Bridge.Encryption.Default {
+	if br.Config.Bridge.Encryption.Default || encryptionEnabled {
 		_, err := intent.InviteUser(roomID, &mautrix.ReqInviteUser{UserID: br.Bot.UserID})
 		if err != nil {
 			portal.log.Warnln("Failed to invite bridge bot to enable e2be:", err)
@@ -80,9 +89,11 @@ func (br *WABridge) createPrivatePortalFromInvite(roomID id.RoomID, inviter *Use
 		if err != nil {
 			portal.log.Warnln("Failed to join as bridge bot to enable e2be:", err)
 		}
-		_, err = intent.SendStateEvent(roomID, event.StateEncryption, "", portal.GetEncryptionEventContent())
-		if err != nil {
-			portal.log.Warnln("Failed to enable e2be:", err)
+		if !encryptionEnabled {
+			_, err = intent.SendStateEvent(roomID, event.StateEncryption, "", portal.GetEncryptionEventContent())
+			if err != nil {
+				portal.log.Warnln("Failed to enable e2be:", err)
+			}
 		}
 		br.AS.StateStore.SetMembership(roomID, inviter.MXID, event.MembershipJoin)
 		br.AS.StateStore.SetMembership(roomID, puppet.MXID, event.MembershipJoin)
diff --git a/portal.go b/portal.go
index 92a36e9..3a4e95a 100644
--- a/portal.go
+++ b/portal.go
@@ -1388,7 +1388,7 @@ func (portal *Portal) CreateMatrixRoom(user *User, groupInfo *types.GroupInfo, i
 	if portal.IsPrivateChat() {
 		puppet := portal.bridge.GetPuppetByJID(portal.Key.JID)
 		puppet.SyncContact(user, true, false, "creating private chat portal")
-		if portal.bridge.Config.Bridge.PrivateChatPortalMeta {
+		if portal.bridge.Config.Bridge.PrivateChatPortalMeta || portal.bridge.Config.Bridge.Encryption.Default {
 			portal.Name = puppet.Displayname
 			portal.AvatarURL = puppet.AvatarURL
 			portal.Avatar = puppet.Avatar
diff --git a/puppet.go b/puppet.go
index e973398..b127f06 100644
--- a/puppet.go
+++ b/puppet.go
@@ -265,8 +265,11 @@ func (puppet *Puppet) UpdateName(contact types.ContactInfo, forcePortalSync bool
 }
 
 func (puppet *Puppet) updatePortalMeta(meta func(portal *Portal)) {
-	if puppet.bridge.Config.Bridge.PrivateChatPortalMeta {
+	if puppet.bridge.Config.Bridge.PrivateChatPortalMeta || puppet.bridge.Config.Bridge.Encryption.Allow {
 		for _, portal := range puppet.bridge.GetAllPortalsByJID(puppet.JID) {
+			if !puppet.bridge.Config.Bridge.PrivateChatPortalMeta && !portal.Encrypted {
+				continue
+			}
 			// Get room create lock to prevent races between receiving contact info and room creation.
 			portal.roomCreateLock.Lock()
 			meta(portal)