From 5742c24114ea8857115f970581400d9809ad7960 Mon Sep 17 00:00:00 2001
From: Kerry <kerrya@element.io>
Date: Fri, 2 Dec 2022 15:59:46 +1300
Subject: [PATCH] Only display bulk unverified sessions nag when current
 session is verified (PSG-893) (#9656)

* test bulk unverified sessions toast behaviour

* unverified sessions toast text tweak

* only show bulk unverified sessions toast when current device is verified

* add more assertions for show/hide toast, fix strict errors

* fix strict error

* really fix strict error
---
 src/DeviceListener.ts                     |  8 ++++++--
 src/i18n/strings/en_EN.json               |  2 +-
 src/toasts/BulkUnverifiedSessionsToast.ts |  2 +-
 test/DeviceListener-test.ts               | 15 ++++++++++-----
 4 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/src/DeviceListener.ts b/src/DeviceListener.ts
index 1f49c3b34d..6142621c31 100644
--- a/src/DeviceListener.ts
+++ b/src/DeviceListener.ts
@@ -306,6 +306,9 @@ export default class DeviceListener {
         // Unverified devices that have appeared since then
         const newUnverifiedDeviceIds = new Set<string>();
 
+        const isCurrentDeviceTrusted = crossSigningReady &&
+            await (cli.checkDeviceTrust(cli.getUserId()!, cli.deviceId!)).isCrossSigningVerified();
+
         // as long as cross-signing isn't ready,
         // you can't see or dismiss any device toasts
         if (crossSigningReady) {
@@ -313,7 +316,7 @@ export default class DeviceListener {
             for (const device of devices) {
                 if (device.deviceId === cli.deviceId) continue;
 
-                const deviceTrust = await cli.checkDeviceTrust(cli.getUserId(), device.deviceId);
+                const deviceTrust = await cli.checkDeviceTrust(cli.getUserId()!, device.deviceId!);
                 if (!deviceTrust.isCrossSigningVerified() && !this.dismissed.has(device.deviceId)) {
                     if (this.ourDeviceIdsAtStart.has(device.deviceId)) {
                         oldUnverifiedDeviceIds.add(device.deviceId);
@@ -329,7 +332,8 @@ export default class DeviceListener {
         logger.debug("Currently showing toasts for: " + Array.from(this.displayingToastsForDeviceIds).join(','));
 
         // Display or hide the batch toast for old unverified sessions
-        if (oldUnverifiedDeviceIds.size > 0) {
+        // don't show the toast if the current device is unverified
+        if (oldUnverifiedDeviceIds.size > 0 && isCurrentDeviceTrusted) {
             showBulkUnverifiedSessionsToast(oldUnverifiedDeviceIds);
         } else {
             hideBulkUnverifiedSessionsToast();
diff --git a/src/i18n/strings/en_EN.json b/src/i18n/strings/en_EN.json
index 7e8ba41bfa..6a6e9e80a9 100644
--- a/src/i18n/strings/en_EN.json
+++ b/src/i18n/strings/en_EN.json
@@ -809,7 +809,7 @@
     "Yes": "Yes",
     "No": "No",
     "Help improve %(analyticsOwner)s": "Help improve %(analyticsOwner)s",
-    "You have unverified logins": "You have unverified logins",
+    "You have unverified sessions": "You have unverified sessions",
     "Review to ensure your account is safe": "Review to ensure your account is safe",
     "Review": "Review",
     "Later": "Later",
diff --git a/src/toasts/BulkUnverifiedSessionsToast.ts b/src/toasts/BulkUnverifiedSessionsToast.ts
index 0113f2f030..ae512df7ed 100644
--- a/src/toasts/BulkUnverifiedSessionsToast.ts
+++ b/src/toasts/BulkUnverifiedSessionsToast.ts
@@ -38,7 +38,7 @@ export const showToast = (deviceIds: Set<string>) => {
 
     ToastStore.sharedInstance().addOrReplaceToast({
         key: TOAST_KEY,
-        title: _t("You have unverified logins"),
+        title: _t("You have unverified sessions"),
         icon: "verification_warning",
         props: {
             description: _t("Review to ensure your account is safe"),
diff --git a/test/DeviceListener-test.ts b/test/DeviceListener-test.ts
index 3e76af5bb7..527a7f8c7b 100644
--- a/test/DeviceListener-test.ts
+++ b/test/DeviceListener-test.ts
@@ -414,11 +414,16 @@ describe('DeviceListener', () => {
                     expect(BulkUnverifiedSessionsToast.showToast).not.toHaveBeenCalled();
                 });
 
-                it('hides toast when only unverified device is the current device', async () => {
-                    mockClient!.getStoredDevicesForUser.mockReturnValue([
-                        currentDevice,
-                    ]);
-                    mockClient!.checkDeviceTrust.mockReturnValue(deviceTrustUnverified);
+                it('hides toast when current device is unverified', async () => {
+                    // device2 verified, current and device3 unverified
+                    mockClient!.checkDeviceTrust.mockImplementation((_userId, deviceId) => {
+                        switch (deviceId) {
+                            case device2.deviceId:
+                                return deviceTrustVerified;
+                            default:
+                                return deviceTrustUnverified;
+                        }
+                    });
                     await createAndStart();
                     expect(BulkUnverifiedSessionsToast.hideToast).toHaveBeenCalled();
                     expect(BulkUnverifiedSessionsToast.showToast).not.toHaveBeenCalled();