streams: Limit access to public streams for guest users.

With most of the tests tests written by Shubham Dhama.

zerver/lib/streams.py

@@ -55,7 +55,7 @@ def access_stream_common(user_profile: UserProfile, stream: Stream,
         sub = None
 
     # If the stream is in your realm and public, you can access it.
-    if stream.is_public():
+    if stream.is_public() and not user_profile.is_guest:
         return (recipient, sub)
 
     # Or if you are subscribed to the stream, you can access it.
@@ -153,7 +153,7 @@ def can_access_stream_history_by_name(user_profile: UserProfile, stream_name: Te
     except Stream.DoesNotExist:
         return False
 
-    if stream.is_history_realm_public():
+    if stream.is_history_realm_public() and not user_profile.is_guest:
         return True
 
     if stream.is_history_public_to_subscribers():
@@ -183,8 +183,9 @@ def filter_stream_authorization(user_profile: UserProfile,
         if stream.id in streams_subscribed:
             continue
 
-        # The user is not authorized for invite_only streams
-        if stream.invite_only:
+        # Users are not authorized for invite_only streams, and guest
+        # users are not authorized for any streams
+        if stream.invite_only or user_profile.is_guest:
             unauthorized_streams.append(stream)
 
     authorized_streams = [stream for stream in streams if

zerver/tests/test_narrow.py

@@ -429,6 +429,36 @@ class IncludeHistoryTest(ZulipTestCase):
         ]
         self.assertTrue(ok_to_include_history(narrow, user_profile))
 
+        # Tests for guest user
+        guest_user_profile = self.example_user("polonius")
+        # Using 'Cordelia' to compare between a guest and a normal user
+        subscribed_user_profile = self.example_user("cordelia")
+
+        # Guest user can't access public stream
+        self.subscribe(subscribed_user_profile, 'public_stream_2')
+        narrow = [
+            dict(operator='stream', operand='public_stream_2'),
+        ]
+        self.assertFalse(ok_to_include_history(narrow, guest_user_profile))
+        self.assertTrue(ok_to_include_history(narrow, subscribed_user_profile))
+
+        # Definitely, a guest user can't access the unsubscribed private stream
+        self.subscribe(subscribed_user_profile, 'private_stream_3')
+        narrow = [
+            dict(operator='stream', operand='private_stream_3'),
+        ]
+        self.assertFalse(ok_to_include_history(narrow, guest_user_profile))
+        self.assertTrue(ok_to_include_history(narrow, subscribed_user_profile))
+
+        # Guest user can access (history of) subscribed private streams
+        self.subscribe(guest_user_profile, 'private_stream_4')
+        self.subscribe(subscribed_user_profile, 'private_stream_4')
+        narrow = [
+            dict(operator='stream', operand='private_stream_4'),
+        ]
+        self.assertTrue(ok_to_include_history(narrow, guest_user_profile))
+        self.assertTrue(ok_to_include_history(narrow, subscribed_user_profile))
+
 class PostProcessTest(ZulipTestCase):
     def test_basics(self) -> None:
         def verify(in_ids: List[int],

zerver/tests/test_subs.py

@@ -2102,6 +2102,17 @@ class SubscriptionAPITest(ZulipTestCase):
         self.assertEqual(add_event['event']['op'], 'add')
         self.assertEqual(add_event['users'], [self.example_user("iago").id])
 
+    def test_guest_user_subscribe_public(self) -> None:
+        """Guest users cannot subscribe themselves to anything"""
+        guest_user = self.example_user("polonius")
+        guest_email = guest_user.email
+        result = self.common_subscribe_to_streams(guest_email, ["Denmark"])
+        self.assert_json_error(result, "Unable to access stream (Denmark).")
+
+        self.make_stream('private_stream', invite_only=True)
+        result = self.common_subscribe_to_streams(guest_email, ["private_stream"])
+        self.assert_json_error(result, "Unable to access stream (private_stream).")
+
     def test_users_getting_add_peer_event(self) -> None:
         """
         Check users getting add_peer_event is correct
@@ -3125,3 +3136,33 @@ class AccessStreamTest(ZulipTestCase):
         self.common_subscribe_to_streams(sipbtest.email, [mit_stream.name], subdomain="zephyr")
         access_stream_by_id(sipbtest, mit_stream.id)
         access_stream_by_name(sipbtest, mit_stream.name)
+
+    def test_stream_access_by_guest(self) -> None:
+        guest_user_profile = self.example_user('polonius')
+        self.login(guest_user_profile.email)
+        stream_name = "public_stream_1"
+        stream = self.make_stream(stream_name, guest_user_profile.realm, invite_only=False)
+
+        # Guest user don't have access to unsubscribed public streams
+        with self.assertRaisesRegex(JsonableError, "Invalid stream id"):
+            access_stream_by_id(guest_user_profile, stream.id)
+
+        # Guest user have access to subscribed public streams
+        self.subscribe(guest_user_profile, stream_name)
+        (stream_ret, rec_ret, sub_ret) = access_stream_by_id(guest_user_profile, stream.id)
+        self.assertEqual(stream.id, stream_ret.id)
+        self.assertEqual(sub_ret.recipient, rec_ret)
+        self.assertEqual(sub_ret.recipient.type_id, stream.id)
+
+        stream_name = "private_stream_1"
+        stream = self.make_stream(stream_name, guest_user_profile.realm, invite_only=True)
+        # Obviously, a guest user doesn't have access to unsubscribed private streams either
+        with self.assertRaisesRegex(JsonableError, "Invalid stream id"):
+            access_stream_by_id(guest_user_profile, stream.id)
+
+        # Guest user have access to subscribed private streams
+        self.subscribe(guest_user_profile, stream_name)
+        (stream_ret, rec_ret, sub_ret) = access_stream_by_id(guest_user_profile, stream.id)
+        self.assertEqual(stream.id, stream_ret.id)
+        self.assertEqual(sub_ret.recipient, rec_ret)
+        self.assertEqual(sub_ret.recipient.type_id, stream.id)