feat: Contact::lookup_id_by_addr_ex: Prefer returning accepted contacts

We don't want to prefer returning verified contacts because e.g. if a bot was reinstalled and its key changed, it may not be verified, and we don't want to bring the user to the old chat if they click on the bot email address. But trying to return accepted contacts increases security and doesn't break the described scenario.
2026-05-16 13:26:38 +03:00 · 2025-08-05 13:20:00 -03:00
parent f5f4026dbb
commit 615c80bef4
4 changed files with 62 additions and 16 deletions
--- a/src/contact.rs
+++ b/src/contact.rs
@@ -807,14 +807,28 @@ impl Contact {
            .query_get_value(
                "SELECT id FROM contacts
                 WHERE addr=?1 COLLATE NOCASE
-                 AND id>?2 AND origin>=?3 AND (? OR blocked=?)
-                 ORDER BY last_seen DESC, fingerprint DESC LIMIT 1",
+                     AND id>?2 AND origin>=?3 AND (? OR blocked=?)
+                 ORDER BY
+                     (
+                         SELECT COUNT(*) FROM chats c
+                         INNER JOIN chats_contacts cc
+                         ON c.id=cc.chat_id
+                         WHERE c.type=?
+                             AND c.id>?
+                             AND c.blocked=?
+                             AND cc.contact_id=contacts.id
+                     ) DESC,
+                     last_seen DESC, fingerprint DESC
+                 LIMIT 1",
                (
                    &addr_normalized,
                    ContactId::LAST_SPECIAL,
                    min_origin as u32,
                    blocked.is_none(),
-                    blocked.unwrap_or_default(),
+                    blocked.unwrap_or(Blocked::Not),
+                    Chattype::Single,
+                    constants::DC_CHAT_ID_LAST_SPECIAL,
+                    blocked.unwrap_or(Blocked::Not),
                ),
            )
            .await?;