switch to another settings key for e2e url previews to protect on change

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>

src/components/structures/RoomView.js

@@ -620,26 +620,11 @@ module.exports = React.createClass({
     },
 
     _updatePreviewUrlVisibility: function({roomId}) {
-        const levels = [
+        // URL Previews in E2EE rooms can be a privacy leak so use a different setting which is per-room explicit
-            SettingLevel.ROOM_DEVICE,
+        const key = MatrixClientPeg.get().isRoomEncrypted(roomId) ? 'urlPreviewsEnabled_e2ee' : 'urlPreviewsEnabled';
-            SettingLevel.ROOM_ACCOUNT,
+        this.setState({
-        ];
+            showUrlPreview: SettingsStore.getValue(key, roomId),
-        let showUrlPreview;
+        });
-        // in e2ee rooms only care about room-device and room-account, so that user has to explicitly enable previews
-        if (MatrixClientPeg.get().isRoomEncrypted(roomId)) {
-            for (const level of levels) {
-                const value = SettingsStore.getValueAt(level, "urlPreviewsEnabled", roomId, true, true);
-                if (value === Boolean(value)) { // if is Boolean
-                    showUrlPreview = value;
-                    break;
-                }
-            }
-
-            showUrlPreview = showUrlPreview || false;
-        } else {
-            showUrlPreview = SettingsStore.getValue("urlPreviewsEnabled", roomId);
-        }
-        this.setState({showUrlPreview});
     },
 
     onRoom: function(room) {

src/components/views/room_settings/UrlPreviewSettings.js

@@ -50,7 +50,6 @@ module.exports = React.createClass({
         let previewsForAccount = null;
         let previewsForRoom = null;
 
-
         if (!isEncrypted) {
             // Only show account setting state and room state setting state in non-e2ee rooms where they apply
             const accountEnabled = SettingsStore.getValueAt(SettingLevel.ACCOUNT, "urlPreviewsEnabled");
@@ -73,7 +72,7 @@ module.exports = React.createClass({
                     <label>
                         <SettingsFlag name="urlPreviewsEnabled"
                                       level={SettingLevel.ROOM}
-                                      roomId={this.props.room.roomId}
+                                      roomId={roomId}
                                       isExplicit={true}
                                       manualSave={true}
                                       ref="urlPreviewsRoom" />
@@ -94,10 +93,10 @@ module.exports = React.createClass({
             );
         }
 
-        const previewsForRoomAccount = (
+        const previewsForRoomAccount = ( // in an e2ee room we use a special key to enforce per-room opt-in
-            <SettingsFlag name="urlPreviewsEnabled"
+            <SettingsFlag name={isEncrypted ? 'urlPreviewsEnabled_e2ee' : 'urlPreviewsEnabled'}
                           level={SettingLevel.ROOM_ACCOUNT}
-                          roomId={this.props.room.roomId}
+                          roomId={roomId}
                           manualSave={true}
                           ref="urlPreviewsSelf"
             />

src/settings/Settings.js

@@ -238,6 +238,13 @@ export const SETTINGS = {
         },
         default: true,
     },
+    "urlPreviewsEnabled_e2ee": {
+        supportedLevels: ['room-device', 'room-account'],
+        displayName: {
+            "room-account": _td("Enable URL previews for this room (only affects you)"),
+        },
+        default: false,
+    },
     "roomColor": {
         supportedLevels: LEVELS_ROOM_SETTINGS_WITH_ROOM,
         displayName: _td("Room Colour"),