feat: If it's unclear who verified a contact, mark it as verified by itself

Hocuri · link2xt · commit 5bc12ea2006b · 2025-04-30T21:34:35.000Z
diff --git a/deltachat-ffi/src/lib.rs b/deltachat-ffi/src/lib.rs
@@ -4361,6 +4361,7 @@ pub unsafe extern "C" fn dc_contact_get_verifier_id(contact: *mut dc_contact_t)
         .context("failed to get verifier")
         .log_err(ctx)
         .unwrap_or_default()
+        .unwrap_or_default()
         .unwrap_or_default();
 
     verifier_contact_id.to_u32()
diff --git a/deltachat-jsonrpc/src/api/types/contact.rs b/deltachat-jsonrpc/src/api/types/contact.rs
@@ -77,6 +77,7 @@ impl ContactObject {
         let verifier_id = contact
             .get_verifier_id(context)
             .await?
+            .flatten()
             .map(|contact_id| contact_id.to_u32());
 
         Ok(ContactObject {
diff --git a/src/contact.rs b/src/contact.rs
@@ -1547,11 +1547,14 @@ impl Contact {
 
     /// Returns the `ContactId` that verified the contact.
     ///
-    /// If the function returns non-zero result,
+    /// If this returns Some(_),
     /// display green checkmark in the profile and "Introduced by ..." line
     /// with the name and address of the contact
     /// formatted by [Self::get_name_n_addr].
-    pub async fn get_verifier_id(&self, context: &Context) -> Result<Option<ContactId>> {
+    ///
+    /// If this returns `Some(None)`, then the contact is verified,
+    /// but it's unclear by whom.
+    pub async fn get_verifier_id(&self, context: &Context) -> Result<Option<Option<ContactId>>> {
         let verifier_id: u32 = context
             .sql
             .query_get_value("SELECT verifier FROM contacts WHERE id=?", (self.id,))
@@ -1560,8 +1563,10 @@ impl Contact {
 
         if verifier_id == 0 {
             Ok(None)
+        } else if verifier_id == self.id.to_u32() {
+            Ok(Some(None))
         } else {
-            Ok(Some(ContactId::new(verifier_id)))
+            Ok(Some(Some(ContactId::new(verifier_id))))
         }
     }
 
diff --git a/src/sql/migrations.rs b/src/sql/migrations.rs
@@ -1466,19 +1466,16 @@ fn migrate_pgp_contacts(
                 );
                 Ok(id)
             };
-            let mut original_contact_id_from_addr = |addr: &str| -> Result<u32> {
-                if addr_cmp(addr, &self_addr) || addr.is_empty() {
-                    // TODO not sure what to do when addr is empty,
-                    // i.e. the contact was verified before we recorded who introduced whom.
-                    // Right now, we put ContactId::SELF, i.e. mark it as directly verified by us.
-                    // An alternative would be putting `new_id` here,
-                    // in order to record that it's unclear who verified.
-
-                    return Ok(1); // ContactId::SELF
+            let mut original_contact_id_from_addr = |addr: &str, default: u32| -> Result<u32> {
+                if addr_cmp(addr, &self_addr) {
+                    Ok(1) // ContactId::SELF
+                } else if addr.is_empty() {
+                    Ok(default)
+                } else {
+                    original_contact_id_from_addr_stmt
+                        .query_row((addr,), |row| row.get(0))
+                        .with_context(|| format!("Original contact '{addr}' not found"))
                 }
-                original_contact_id_from_addr_stmt
-                    .query_row((addr,), |row| row.get(0))
-                    .with_context(|| format!("Verifier '{addr}' not found in original contacts"))
             };
 
             let Some(autocrypt_key) = autocrypt_key else {
@@ -1500,15 +1497,19 @@ fn migrate_pgp_contacts(
             };
             let new_id = insert_contact(verified_key).context("Step 13")?;
             verified_pgp_contacts.insert(original_id.try_into().context("Step 14")?, new_id);
-            let verifier_id = original_contact_id_from_addr(&verifier).context("Step 15")?;
+            // If the original verifier is unknown, we represent this in the database
+            // by putting `new_id` into the place of the verifier,
+            // i.e. we say that this contact verified itself.
+            let verifier_id =
+                original_contact_id_from_addr(&verifier, new_id).context("Step 15")?;
             verifications.insert(new_id, verifier_id);
 
             let Some(secondary_verified_key) = secondary_verified_key else {
                 continue;
             };
             let new_id = insert_contact(secondary_verified_key).context("Step 16")?;
             let verifier_id: u32 =
-                original_contact_id_from_addr(&secondary_verifier).context("Step 17")?;
+                original_contact_id_from_addr(&secondary_verifier, new_id).context("Step 17")?;
             // Only use secondary verification if there is no primary verification:
             verifications.entry(new_id).or_insert(verifier_id);
         }
@@ -1524,20 +1525,26 @@ fn migrate_pgp_contacts(
 
         for (&new_contact, &verifier_original_contact) in &verifications {
             let verifier = if verifier_original_contact == 1 {
-                Some(&1) // Verified by ContactId::SELF
+                1 // Verified by ContactId::SELF
+            } else if verifier_original_contact == new_contact {
+                new_contact // unkwnown verifier
             } else {
                 // `verifications` contains the original contact id.
                 // We need to get the new, verified-pgp-identified contact id.
-                verified_pgp_contacts.get(&verifier_original_contact)
+                match verified_pgp_contacts.get(&verifier_original_contact) {
+                    Some(v) => *v,
+                    None => {
+                        warn!(context, "Couldn't find PGP-contact for {verifier_original_contact} who verified {new_contact}");
+                        continue;
+                    }
+                }
             };
-            if let Some(&verifier) = verifier {
-                transaction
-                    .execute(
-                        "UPDATE contacts SET verifier=? WHERE id=?",
-                        (verifier, new_contact),
-                    )
-                    .context("Step 18")?;
-            }
+            transaction
+                .execute(
+                    "UPDATE contacts SET verifier=? WHERE id=?",
+                    (verifier, new_contact),
+                )
+                .context("Step 18")?;
         }
         info!(context, "Migrated verifications: {verifications:?}");
     }
diff --git a/src/sql/migrations/migrations_tests.rs b/src/sql/migrations/migrations_tests.rs
@@ -171,7 +171,7 @@ async fn test_pgp_contacts_migration_verified() -> Result<()> {
         pgp_bob.fingerprint().unwrap(),
         pgp_bob.public_key(&t).await?.unwrap().dc_fingerprint()
     );
-    assert_eq!(pgp_bob.get_verifier_id(&t).await?.unwrap(), ContactId::SELF);
+    assert_eq!(pgp_bob.get_verifier_id(&t).await?, Some(None));
 
     Ok(())
 }

Original file line number	Diff line number	Diff line change
`@@ -171,7 +171,7 @@ async fn test_pgp_contacts_migration_verified() -> Result<()> {`
`171`	`171`	`pgp_bob.fingerprint().unwrap(),`
`172`	`172`	`pgp_bob.public_key(&t).await?.unwrap().dc_fingerprint()`
`173`	`173`	`);`
`174`		`- assert_eq!(pgp_bob.get_verifier_id(&t).await?.unwrap(), ContactId::SELF);`
	`174`	`+ assert_eq!(pgp_bob.get_verifier_id(&t).await?, Some(None));`
`175`	`175`
`176`	`176`	`Ok(())`
`177`	`177`	`}`