From 5548a2898046ff5d09add654c64406239ddb54f6 Mon Sep 17 00:00:00 2001
From: Aman Agrawal <amanagr@zulip.com>
Date: Tue, 5 Mar 2024 09:59:50 +0000
Subject: [PATCH] message_fetch: Allow spectators to access all messages view.

---
 web/src/narrow.js             |  2 ++
 zerver/views/message_fetch.py | 15 +++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/web/src/narrow.js b/web/src/narrow.js
index cc276672d0..619c69ef1b 100644
--- a/web/src/narrow.js
+++ b/web/src/narrow.js
@@ -157,6 +157,8 @@ export function activate(raw_terms, opts) {
     if (
         page_params.is_spectator &&
         raw_terms.length &&
+        // Allow spectator to access all messages view.
+        !filter.is_in_home() &&
         raw_terms.some(
             (raw_term) => !hash_parser.allowed_web_public_narrows.includes(raw_term.operator),
         )
diff --git a/zerver/views/message_fetch.py b/zerver/views/message_fetch.py
index 1dbc333306..6cd79e4919 100644
--- a/zerver/views/message_fetch.py
+++ b/zerver/views/message_fetch.py
@@ -78,6 +78,20 @@ def get_search_fields(
     }
 
 
+def clean_narrow_for_web_public_api(narrow: OptionalNarrowListT) -> OptionalNarrowListT:
+    if narrow is None:
+        return None
+
+    # Remove {'operator': 'in', 'operand': 'home', 'negated': False} from narrow.
+    # This is to allow spectators to access all messages. The narrow should still pass
+    # is_web_public_narrow check after this change.
+    return [
+        term
+        for term in narrow
+        if not (term["operator"] == "in" and term["operand"] == "home" and not term["negated"])
+    ]
+
+
 @has_request_variables
 def get_messages_backend(
     request: HttpRequest,
@@ -117,6 +131,7 @@ def get_messages_backend(
         # non-web-public stream messages) via this path.
         if not realm.allow_web_public_streams_access():
             raise MissingAuthenticationError
+        narrow = clean_narrow_for_web_public_api(narrow)
         if not is_web_public_narrow(narrow):
             raise MissingAuthenticationError
         assert narrow is not None