Allow to limit who can create public and open conversations

[nickvergessen]

How to use GitHub

• Please use the 👍 reaction to show that you are interested into the same feature.
• Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
• Subscribe to receive notifications on status change and new comments.

---

Is your feature request related to a problem? Please describe. In some situations (schools) it might be okay for users to be able to create group conversations but not public/open conversations.

Currently there is only a single setting:

• Limit creating a public and group conversation

We would need to split this into 2:

• Limit creating group conversations (basically the current one)
• Limit creating public and open conversations (new, but should copy config value from above on migration)

[vitormattos]

Context

Now we have the appvalue start_conversations that as described on settings.md is List of group ids that are allowed to create conversations.

Looking the code, the frontend add the group ids to this app setting to allow the members of group.

When a group is deleted, this app setting is updated and the group id is removed from list.

The backend return this appsetting as initial state to all users and guests and in administration settings.

Other point that this value is used is to return a hash of talk app on the header of request on key X-Nextcloud-Talk-Hash when the user get the rooms list and the data of a single room. The hash is generated with other settings. But, I didn't found a place that this hash is validated, I only found the methods setNextcloudTalkHash and updateTalkVersionHash but both didn't validate and throw an error or stop a flow.

I also identified a config (capability): conversation->can-create that return a boolean value to the authenticated user.

To do

• [x] create 2 other app settings, suggestion: start_group_conversation and start_public_conversation
• [x] change the generation of header X-Nextcloud-Talk-Hash and use both new settings to generate the hash
• [x] Update the settings.md and put the new settings
• [x] Return new settings as initial state in same places that start_conversations is returned as initial state
• [x] Remove from new settings the group ids that are deleted
• [x] Add new capability with two new boolean values: can-create-public-conversation and can-create-group-conversation

@nickvergessen can you verify that these steps are ok?

[nickvergessen]

But, I didn't found a place that this hash is validated

The hash is used by mobile clients and the frontend to decide whether the user needs to do a page reload when switching conversations, joining calls, etc.

[thoys1]

Can we extend the feature request to prohibit creating private chats at all? This would be a necessary feature for schools. Students should be allowed to write in groups created by the teacher, but only special user groups should be allowed to write private messages to group members.

Thank you very much

[Franz-Heinz]

It would be great to get the possibility to deny public/open conversations, soon. In order to have an easy option to configure it, I would suggest that in addition to the possibility to limit this to certain groups there should be a checkbox for deactivating public/open conversations with one click for the whole instance.

Certainly it would be great if there was a checkbox like "only be able to create group conversations with groups you are a member of", too.

Of course there might be better ways to phrase this features.