fix(api): Properly typed defaultPermissions update

Signed-off-by: Joas Schilling <coding@schilljs.com>

lib/Controller/RoomController.php

@@ -17,6 +17,7 @@ use OCA\Talk\Exceptions\ForbiddenException;
 use OCA\Talk\Exceptions\InvalidPasswordException;
 use OCA\Talk\Exceptions\ParticipantNotFoundException;
 use OCA\Talk\Exceptions\RoomNotFoundException;
+use OCA\Talk\Exceptions\RoomProperty\DefaultPermissionsException;
 use OCA\Talk\Exceptions\RoomProperty\SipConfigurationException;
 use OCA\Talk\Exceptions\UnauthorizedException;
 use OCA\Talk\Federation\Authenticator;
@@ -2110,7 +2111,7 @@ class RoomController extends AEnvironmentAwareController {
 	 * @param 'call'|'default' $mode Level of the permissions ('call' (removed in Talk 20), 'default')
 	 * @param int<0, 255> $permissions New permissions
 	 * @psalm-param int-mask-of<Attendee::PERMISSIONS_*> $permissions
-	 * @return DataResponse<Http::STATUS_OK, TalkRoom, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error: 'breakout-room'|'mode'|'type'}, array{}>
+	 * @return DataResponse<Http::STATUS_OK, TalkRoom, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, array{error: 'breakout-room'|'mode'|'type'|'value'}, array{}>
 	 *
 	 * 200: Permissions updated successfully
 	 * 400: Updating permissions is not possible
@@ -2124,10 +2125,8 @@ class RoomController extends AEnvironmentAwareController {
 
 		try {
 			$this->roomService->setDefaultPermissions($this->room, $permissions);
-		} catch (\InvalidArgumentException $e) {
-			/** @var 'breakout-room'|'type' $error */
-			$error = $e->getMessage();
-			return new DataResponse(['error' => $error], Http::STATUS_BAD_REQUEST);
+		} catch (DefaultPermissionsException $e) {
+			return new DataResponse(['error' => $e->getReason()], Http::STATUS_BAD_REQUEST);
 		}
 
 		return new DataResponse($this->formatRoom($this->room, $this->participant));

lib/Exceptions/RoomProperty/DefaultPermissionsException.php

@@ -0,0 +1,31 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Talk\Exceptions\RoomProperty;
+
+class DefaultPermissionsException extends \InvalidArgumentException {
+	public const REASON_BREAKOUT_ROOM = 'breakout-room';
+	public const REASON_TYPE = 'type';
+	public const REASON_VALUE = 'value';
+
+	/**
+	 * @param self::REASON_* $reason
+	 */
+	public function __construct(
+		protected string $reason,
+	) {
+		parent::__construct($reason);
+	}
+
+	/**
+	 * @return self::REASON_*
+	 */
+	public function getReason(): string {
+		return $this->reason;
+	}
+}

lib/Service/RoomService.php

@@ -27,6 +27,7 @@ use OCA\Talk\Events\RoomModifiedEvent;
 use OCA\Talk\Events\RoomPasswordVerifyEvent;
 use OCA\Talk\Events\RoomSyncedEvent;
 use OCA\Talk\Exceptions\RoomNotFoundException;
+use OCA\Talk\Exceptions\RoomProperty\DefaultPermissionsException;
 use OCA\Talk\Exceptions\RoomProperty\SipConfigurationException;
 use OCA\Talk\Manager;
 use OCA\Talk\Model\Attendee;
@@ -187,18 +188,23 @@ class RoomService {
 	}
 
 	/**
-	 * @throws InvalidArgumentException
+	 * @throws DefaultPermissionsException
 	 */
 	public function setDefaultPermissions(Room $room, int $permissions): void {
 		if ($room->getType() === Room::TYPE_ONE_TO_ONE
 			|| $room->getType() === Room::TYPE_ONE_TO_ONE_FORMER
 			|| $room->getType() === Room::TYPE_NOTE_TO_SELF) {
-			throw new \InvalidArgumentException('type');
+			throw new DefaultPermissionsException(DefaultPermissionsException::REASON_TYPE);
 		}
 
 		if ($room->getObjectType() === BreakoutRoom::PARENT_OBJECT_TYPE) {
 			// Do not allow manual changing the permissions in breakout rooms
-			throw new InvalidArgumentException('breakout-room');
+			throw new DefaultPermissionsException(DefaultPermissionsException::REASON_BREAKOUT_ROOM);
+		}
+
+		if ($permissions < 0 || $permissions > 255) {
+			// Do not allow manual changing the permissions in breakout rooms
+			throw new DefaultPermissionsException(DefaultPermissionsException::REASON_VALUE);
 		}
 
 		$oldPermissions = $room->getDefaultPermissions();
@@ -1041,8 +1047,8 @@ class RoomService {
 			try {
 				$this->setDefaultPermissions($local, $host['defaultPermissions']);
 				$changed[] = ARoomModifiedEvent::PROPERTY_DEFAULT_PERMISSIONS;
-			} catch (\InvalidArgumentException $e) {
-				$this->logger->error('An error (' . $e->getMessage() . ') occurred while trying to sync defaultPermissions of ' . $local->getId() . ' to ' . $host['defaultPermissions'], ['exception' => $e]);
+			} catch (DefaultPermissionsException $e) {
+				$this->logger->error('An error (' . $e->getReason() . ') occurred while trying to sync defaultPermissions of ' . $local->getId() . ' to ' . $host['defaultPermissions'], ['exception' => $e]);
 			}
 		}
 		if (isset($host['avatarVersion']) && $host['avatarVersion'] !== $local->getAvatar()) {