add get_webxdc_memberlist

2026-05-21 15:56:30 +03:00 · 2025-01-12 05:38:13 +01:00
parent a6a733c636
commit 07225c825b
3 changed files with 56 additions and 4 deletions
--- a/deltachat-jsonrpc/src/api.rs
+++ b/deltachat-jsonrpc/src/api.rs
@@ -2250,6 +2250,20 @@ impl CommandApi {
        WebxdcMessageInfo::get_for_message(&ctx, MsgId::new(instance_msg_id)).await
    }

+    /// Returns webxdc memberlist, each member is a tuple (private user id, display_name)
+    /// Only includes members that have a known public key in the database
+    async fn get_webxdc_memberlist(
+        &self,
+        account_id: u32,
+        instance_msg_id: u32,
+    ) -> Result<Vec<(String, String)>> {
+        let ctx = self.get_context(account_id).await?;
+        Message::load_from_db(&ctx, MsgId::new(instance_msg_id))
+            .await?
+            .get_webxdc_memberlist(&ctx)
+            .await
+    }
+
    /// Get href from a WebxdcInfoMessage which might include a hash holding
    /// information about a specific position or state in a webxdc app (optional)
    async fn get_webxdc_href(&self, account_id: u32, info_msg_id: u32) -> Result<Option<String>> {
--- a/src/contact.rs
+++ b/src/contact.rs
@@ -1600,6 +1600,18 @@ WHERE addr=?
        &self.addr
    }

+    /// Get display name. This is the name as defined by the contact himself,
+    /// modified by the user or, if both are unset, an empty string.
+    pub fn get_display_name_without_email(&self) -> String {
+        if !self.name.is_empty() {
+            return self.name.clone();
+        }
+        if !self.authname.is_empty() {
+            return self.authname.clone();
+        }
+        String::new()
+    }
+
    /// Get a summary of name and address.
    ///
    /// The returned string is either "Name (email@domain.com)" or just
--- a/src/webxdc.rs
+++ b/src/webxdc.rs
@@ -36,7 +36,7 @@ use tokio::{fs::File, io::BufReader};

 use crate::chat::{self, Chat};
 use crate::constants::Chattype;
-use crate::contact::ContactId;
+use crate::contact::{self, ContactId};
 use crate::context::Context;
 use crate::events::EventType;
 use crate::key::self_fingerprint;
@@ -979,11 +979,37 @@ impl Message {
        })
    }

+    fn get_webxdc_user_id(&self, pub_key_fingerprint_hex: &str) -> String {
+        let data = format!("{}-{}", pub_key_fingerprint_hex, self.rfc724_mid);
+        let hash = Sha256::digest(data.as_bytes());
+        format!("{:x}", hash)
+    }
+
    async fn get_webxdc_self_addr(&self, context: &Context) -> Result<String> {
        let fingerprint = self_fingerprint(context).await?;
-        let data = format!("{}-{}", fingerprint, self.rfc724_mid);
-        let hash = Sha256::digest(data.as_bytes());
-        Ok(format!("{hash:x}"))
+        Ok(self.get_webxdc_user_id(fingerprint))
+    }
+
+    /// Returns webxdc memberlist, each member is a tuple (private user id, display_name)
+    /// Only includes members that have a known public key in the database and does not include self contact.
+    pub async fn get_webxdc_memberlist(&self, context: &Context) -> Result<Vec<(String, String)>> {
+        // We could do the following to increase privacy:
+        // - remove displayname (not that big of a deal in reality)
+        // - only show people in the list that send an status update before in the group (would decrease usefulness, but would still bring enough benefit, if only as internal function to match avatars)
+        let contacts = chat::get_chat_contacts(context, self.get_chat_id()).await?;
+        let mut memberlist = Vec::with_capacity(contacts.len());
+        for contact_id in contacts {
+            let contact = contact::Contact::get_by_id(context, contact_id).await?;
+            if let Some(fingerprint) = contact.fingerprint() {
+                // TODO: think about whether we want to expose the nickname the user set for the contact here or just the name the contact set themselves?
+                // The former could be interpreted as privacy risk
+                // A. a webxdc could leak nicknames you set for users in the group,
+                // B. while the second could be seen as less useful/convenient for users "why are the contacts called differently in the webxdc"
+                let display_name = contact.get_display_name_without_email();
+                memberlist.push((self.get_webxdc_user_id(&fingerprint.hex()), display_name));
+            }
+        }
+        Ok(memberlist)
    }

    /// Get link attached to an info message.