Feature : room settings - security and privacy

[ganfra]

Content

This PR introduce the new screens of security and privacy, it includes the following change :

• Room details reorganisation
• New Security & Privacy screen
• New Edit Room Address screen

It includes also the necessary changes from the sdk allowing to update and listen those settings.

Motivation and context

Figma : https://www.figma.com/design/7TqjqdMBaPpm3IavKsMYu6/Ask-to-join-(Knocking)?node-id=5147-58412&m=dev
Meta issue : element-hq/element-meta#2631

Screenshots / GIFs

Tests

• Make sure knock requests are enabled
• Open a non DM room where you have some moderator/admin rights
• Open details/ security and privacy
• Play with all the settings and hit save

Tested devices

• Physical
• Emulator
• OS version(s):

Checklist

• Changes have been tested on an Android device or Android emulator with API 24
• UI change has been tested on both light and dark themes
• Accessibility has been taken into account. See https://github.com/element-hq/element-x-android/blob/develop/CONTRIBUTING.md#accessibility
• Pull request is based on the develop branch
• Pull request title will be used in the release note, it clearly define what will change for the user
• Pull request includes screenshots or videos if containing UI changes
• You've made a self review of your PR

[github-actions]

📱 Scan the QR code below to install the build (arm64 only) for this PR.

If you can't scan the QR code you can install the build via this link: https://i.diawi.com/XNfE2U

[codecov]

Codecov Report

Attention: Patch coverage is 88.18061% with 89 lines in your changes missing coverage. Please review.

Project coverage is 83.40%. Comparing base (d00bc30) to head (c10da01).
Report is 126 commits behind head on develop.

Files with missing lines	Patch %	Lines
.../securityandprivacy/SecurityAndPrivacyPresenter.kt	78.01%	10 Missing and 21 partials ⚠️
.../impl/securityandprivacy/SecurityAndPrivacyView.kt	88.54%	9 Missing and 13 partials ⚠️
...atrix/ui/room/address/RoomAddressValidityEffect.kt	73.68%	2 Missing and 3 partials ⚠️
...droid/features/roomdetails/impl/RoomDetailsView.kt	90.47%	0 Missing and 4 partials ⚠️
.../securityandprivacy/SecurityAndPrivacyNavigator.kt	0.00%	4 Missing ⚠️
.../features/roomdetails/impl/RoomDetailsPresenter.kt	78.57%	0 Missing and 3 partials ⚠️
...rivacy/editroomaddress/EditRoomAddressPresenter.kt	95.00%	3 Missing ⚠️
...yandprivacy/editroomaddress/EditRoomAddressView.kt	93.61%	1 Missing and 2 partials ⚠️
...atures/createroom/impl/configureroom/RoomAccess.kt	0.00%	2 Missing ⚠️
...impl/securityandprivacy/SecurityAndPrivacyState.kt	94.59%	1 Missing and 1 partial ⚠️
... and 8 more

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #4212      +/-   ##
===========================================
+ Coverage    83.31%   83.40%   +0.09%     
===========================================
  Files         1881     1896      +15     
  Lines        49101    49752     +651     
  Branches      5769     5856      +87     
===========================================
+ Hits         40909    41498     +589     
- Misses        6116     6139      +23     
- Partials      2076     2115      +39     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[jmartinesp]

LGTM in general, although I have some worries about the error(...) being used while mapping some SDK data.

There are a few nits that I pointed out, but it's mostly naming and asking for more docs/comments, so you can ignore them if you don't agree.

Note I haven't tested the new features yet.

[jmartinesp]

Maybe add some comments on why this is needed?

[jmartinesp]

Is this spacer needed? Also, it seems larger than spacers in other sections, at least it seems larger in the screenshots.

[ganfra]

Removed

[jmartinesp]

Maybe we could add a comment here to to explain encryption can't be disabled once enabled.

[jmartinesp]

🦀 spotted!

[jmartinesp]

Maybe explain why all these are mapped to InviteOnly?

[jmartinesp]

I think this is used in a safe context at the moment (a runCatching wrapped block), but maybe we should be more careful about it? If we add some other usage in the future we might be crashing the app.

Also, documenting why this is not supported would be nice.

[ganfra]

Changed to nullable

[jmartinesp]

Can't this use matchesServer too?

[jmartinesp]

These seem super difficult to follow for me, could we document the different cases?

[ganfra]

Have simplified and added comment

[jmartinesp]

showEnableEncryptionConfirmation maybe?

[bmarty]

Thanks for this huge PR.

I have a concerned about enabling encryption UX which could be improved, maybe discussed with product? I have attached a video of the problem.

[bmarty]

Strange to see this new screen behind isKnockRequestsEnabled since it also allow to for instance enable encryption IIUC.

[ganfra]

Yes this has been discussed, and for now this is what we want...

[bmarty]

Encryption will not be enabled until user press the "Save" button. So maybe show this popup when the user press the Save button?

This is really a problem because the user will strongly think that the encryption is enabled after this popup is closed, and this is enforced by the fact that there is no confirmation when leaving the screen without saving the change.

See the video below:

EnableEncryptionMisleading.mp4

[ganfra]

Yes it's a bit misleading, but this is what product/design want.

[bmarty]

@mxandreas can you see my video ^? And confirm that this is fine. The risk is that user may think they have enabled encryption and this will actually no be the case until the save button has been pressed. Thanks.

[bmarty]

Maybe adding a confirmation dialog when user leaves without saving pending changes can mitigate this.

[mxandreas]

I agree, it can be misleading and mainly due to the popup.

Maybe adding a confirmation dialog when user leaves without saving pending changes can mitigate this.

This is the only consistent/scalable option, I see but not sure how easy it is to be done. Since @gaelledel has been the one driving such details about interaction, I think she needs to make call about this to make sure the bigger picture remains consistent.

[mxandreas]

IMO, we can proceed of releasing this "as is" and apply an update/fix sooner/later, though.

[bmarty]

Small neat, securityAndPrivacyPermissions.value.hasAny seems not to be live, I was on the room details screen when I became admin of the room and the item "Security & Privacy" did not appear. I had to go back to the previous screen and come back to see it.

[ganfra]

Yes it's not live, because powerlevels are not live

[bmarty]

Thanks for the answers to my comments.

I hope we will implement a "Leaving without saving" alert that would be good for the UX and is not hard to do technically speaking.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud