MatrixSynapse/synapse/groups/groups_server.py

964 lines
32 KiB
Python
Raw Normal View History

2017-07-10 16:44:15 +02:00
# -*- coding: utf-8 -*-
# Copyright 2017 Vector Creations Ltd
# Copyright 2018 New Vector Ltd
2017-07-10 16:44:15 +02:00
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import logging
2017-07-10 16:44:15 +02:00
2018-07-09 08:09:20 +02:00
from six import string_types
from twisted.internet import defer
2017-07-10 16:44:15 +02:00
2018-07-09 08:09:20 +02:00
from synapse.api.errors import SynapseError
from synapse.types import GroupID, RoomID, UserID, get_domain_from_id
2019-04-03 17:00:44 +02:00
from synapse.util.async_helpers import concurrently_execute
2017-07-10 16:44:15 +02:00
logger = logging.getLogger(__name__)
# TODO: Allow users to "knock" or simpkly join depending on rules
# TODO: Federation admin APIs
# TODO: is_priveged flag to users and is_public to users and rooms
# TODO: Audit log for admins (profile updates, membership changes, users who tried
# to join but were rejected, etc)
# TODO: Flairs
class GroupsServerHandler(object):
def __init__(self, hs):
self.hs = hs
self.store = hs.get_datastore()
self.room_list_handler = hs.get_room_list_handler()
self.auth = hs.get_auth()
self.clock = hs.get_clock()
self.keyring = hs.get_keyring()
self.is_mine_id = hs.is_mine_id
self.signing_key = hs.config.signing_key[0]
self.server_name = hs.hostname
self.attestations = hs.get_groups_attestation_signing()
self.transport_client = hs.get_federation_transport_client()
self.profile_handler = hs.get_profile_handler()
2017-07-10 16:44:15 +02:00
# Ensure attestations get renewed
hs.get_groups_attestation_renewer()
2017-07-11 10:58:59 +02:00
@defer.inlineCallbacks
2019-06-20 11:32:02 +02:00
def check_group_is_ours(
self, group_id, requester_user_id, and_exists=False, and_is_admin=None
):
2017-07-11 10:58:59 +02:00
"""Check that the group is ours, and optionally if it exists.
If group does exist then return group.
2017-07-12 15:11:59 +02:00
Args:
group_id (str)
and_exists (bool): whether to also check if group exists
and_is_admin (str): whether to also check if given str is a user_id
that is an admin
2017-07-11 10:58:59 +02:00
"""
if not self.is_mine_id(group_id):
raise SynapseError(400, "Group not on this server")
group = yield self.store.get_group(group_id)
if and_exists and not group:
raise SynapseError(404, "Unknown group")
2019-06-20 11:32:02 +02:00
is_user_in_group = yield self.store.is_user_in_group(
requester_user_id, group_id
)
2017-10-27 12:08:19 +02:00
if group and not is_user_in_group and not group["is_public"]:
raise SynapseError(404, "Unknown group")
2017-07-12 12:43:39 +02:00
if and_is_admin:
is_admin = yield self.store.is_user_admin_in_group(group_id, and_is_admin)
if not is_admin:
raise SynapseError(403, "User is not admin in group")
2017-07-11 10:58:59 +02:00
defer.returnValue(group)
2017-07-10 16:44:40 +02:00
@defer.inlineCallbacks
def get_group_summary(self, group_id, requester_user_id):
2017-07-12 15:11:59 +02:00
"""Get the summary for a group as seen by requester_user_id.
The group summary consists of the profile of the room, and a curated
list of users and rooms. These list *may* be organised by role/category.
The roles/categories are ordered, and so are the users/rooms within them.
A user/room may appear in multiple roles/categories.
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-10 16:44:40 +02:00
2019-06-20 11:32:02 +02:00
is_user_in_group = yield self.store.is_user_in_group(
requester_user_id, group_id
)
2017-07-10 16:44:40 +02:00
profile = yield self.get_group_profile(group_id, requester_user_id)
users, roles = yield self.store.get_users_for_summary_by_role(
2019-06-20 11:32:02 +02:00
group_id, include_private=is_user_in_group
2017-07-10 16:44:40 +02:00
)
# TODO: Add profiles to users
rooms, categories = yield self.store.get_rooms_for_summary_by_category(
2019-06-20 11:32:02 +02:00
group_id, include_private=is_user_in_group
2017-07-10 16:44:40 +02:00
)
for room_entry in rooms:
room_id = room_entry["room_id"]
joined_users = yield self.store.get_users_in_room(room_id)
entry = yield self.room_list_handler.generate_room_entry(
2019-06-20 11:32:02 +02:00
room_id, len(joined_users), with_alias=False, allow_private=True
2017-07-10 16:44:40 +02:00
)
2017-10-05 12:43:22 +02:00
entry = dict(entry) # so we don't change whats cached
entry.pop("room_id", None)
2017-07-10 16:44:40 +02:00
room_entry["profile"] = entry
rooms.sort(key=lambda e: e.get("order", 0))
for entry in users:
user_id = entry["user_id"]
if not self.is_mine_id(requester_user_id):
attestation = yield self.store.get_remote_attestation(group_id, user_id)
if not attestation:
continue
entry["attestation"] = attestation
else:
entry["attestation"] = self.attestations.create_attestation(
2019-06-20 11:32:02 +02:00
group_id, user_id
2017-07-10 16:44:40 +02:00
)
user_profile = yield self.profile_handler.get_profile_from_cache(user_id)
entry.update(user_profile)
2017-07-10 16:44:40 +02:00
users.sort(key=lambda e: e.get("order", 0))
membership_info = yield self.store.get_users_membership_info_in_group(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id
)
2019-06-20 11:32:02 +02:00
defer.returnValue(
{
"profile": profile,
"users_section": {
"users": users,
"roles": roles,
"total_user_count_estimate": 0, # TODO
},
"rooms_section": {
"rooms": rooms,
"categories": categories,
"total_room_count_estimate": 0, # TODO
},
"user": membership_info,
}
)
2017-07-10 16:44:40 +02:00
@defer.inlineCallbacks
2019-06-20 11:32:02 +02:00
def update_group_summary_room(
self, group_id, requester_user_id, room_id, category_id, content
):
2017-07-12 15:11:59 +02:00
"""Add/update a room to the group summary
"""
2017-10-26 18:20:24 +02:00
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-10-26 18:20:24 +02:00
)
2017-07-10 16:44:40 +02:00
2017-10-11 14:15:44 +02:00
RoomID.from_string(room_id) # Ensure valid room id
2017-07-10 16:44:40 +02:00
order = content.get("order", None)
is_public = _parse_visibility_from_contents(content)
yield self.store.add_room_to_summary(
group_id=group_id,
room_id=room_id,
category_id=category_id,
order=order,
is_public=is_public,
)
defer.returnValue({})
@defer.inlineCallbacks
2019-06-20 11:32:02 +02:00
def delete_group_summary_room(
self, group_id, requester_user_id, room_id, category_id
):
2017-07-12 15:11:59 +02:00
"""Remove a room from the summary
"""
2017-10-26 18:20:24 +02:00
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-10-26 18:20:24 +02:00
)
2017-07-10 16:44:40 +02:00
yield self.store.remove_room_from_summary(
2019-06-20 11:32:02 +02:00
group_id=group_id, room_id=room_id, category_id=category_id
2017-07-10 16:44:40 +02:00
)
defer.returnValue({})
@defer.inlineCallbacks
def set_group_join_policy(self, group_id, requester_user_id, content):
"""Sets the group join policy.
Currently supported policies are:
- "invite": an invite must be received and accepted in order to join.
- "open": anyone can join.
"""
yield self.check_group_is_ours(
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
)
join_policy = _parse_join_policy_from_contents(content)
if join_policy is None:
2019-06-20 11:32:02 +02:00
raise SynapseError(400, "No value specified for 'm.join_policy'")
yield self.store.set_group_join_policy(group_id, join_policy=join_policy)
defer.returnValue({})
@defer.inlineCallbacks
def get_group_categories(self, group_id, requester_user_id):
2017-07-12 15:11:59 +02:00
"""Get all categories in a group (as seen by user)
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-10 16:44:40 +02:00
2019-06-20 11:32:02 +02:00
categories = yield self.store.get_group_categories(group_id=group_id)
2017-07-10 16:44:40 +02:00
defer.returnValue({"categories": categories})
@defer.inlineCallbacks
def get_group_category(self, group_id, requester_user_id, category_id):
2017-07-12 15:11:59 +02:00
"""Get a specific category in a group (as seen by user)
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-10 16:44:40 +02:00
res = yield self.store.get_group_category(
2019-06-20 11:32:02 +02:00
group_id=group_id, category_id=category_id
2017-07-10 16:44:40 +02:00
)
defer.returnValue(res)
@defer.inlineCallbacks
def update_group_category(self, group_id, requester_user_id, category_id, content):
2017-07-12 15:11:59 +02:00
"""Add/Update a group category
"""
2017-10-26 18:20:24 +02:00
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-10-26 18:20:24 +02:00
)
2017-07-10 16:44:40 +02:00
is_public = _parse_visibility_from_contents(content)
profile = content.get("profile")
yield self.store.upsert_group_category(
group_id=group_id,
category_id=category_id,
is_public=is_public,
profile=profile,
)
defer.returnValue({})
@defer.inlineCallbacks
def delete_group_category(self, group_id, requester_user_id, category_id):
2017-07-12 15:11:59 +02:00
"""Delete a group category
"""
2017-10-26 18:20:24 +02:00
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-10-26 18:20:24 +02:00
)
2017-07-10 16:44:40 +02:00
yield self.store.remove_group_category(
2019-06-20 11:32:02 +02:00
group_id=group_id, category_id=category_id
2017-07-10 16:44:40 +02:00
)
defer.returnValue({})
@defer.inlineCallbacks
def get_group_roles(self, group_id, requester_user_id):
2017-07-12 15:11:59 +02:00
"""Get all roles in a group (as seen by user)
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-10 16:44:40 +02:00
2019-06-20 11:32:02 +02:00
roles = yield self.store.get_group_roles(group_id=group_id)
2017-07-10 16:44:40 +02:00
defer.returnValue({"roles": roles})
@defer.inlineCallbacks
def get_group_role(self, group_id, requester_user_id, role_id):
2017-07-12 15:11:59 +02:00
"""Get a specific role in a group (as seen by user)
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-10 16:44:40 +02:00
2019-06-20 11:32:02 +02:00
res = yield self.store.get_group_role(group_id=group_id, role_id=role_id)
2017-07-10 16:44:40 +02:00
defer.returnValue(res)
@defer.inlineCallbacks
def update_group_role(self, group_id, requester_user_id, role_id, content):
2017-07-12 15:11:59 +02:00
"""Add/update a role in a group
"""
2017-10-26 18:20:24 +02:00
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-10-26 18:20:24 +02:00
)
2017-07-10 16:44:40 +02:00
is_public = _parse_visibility_from_contents(content)
profile = content.get("profile")
yield self.store.upsert_group_role(
2019-06-20 11:32:02 +02:00
group_id=group_id, role_id=role_id, is_public=is_public, profile=profile
2017-07-10 16:44:40 +02:00
)
defer.returnValue({})
@defer.inlineCallbacks
def delete_group_role(self, group_id, requester_user_id, role_id):
2017-07-12 15:11:59 +02:00
"""Remove role from group
"""
2017-10-26 18:20:24 +02:00
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-10-26 18:20:24 +02:00
)
2017-07-10 16:44:40 +02:00
2019-06-20 11:32:02 +02:00
yield self.store.remove_group_role(group_id=group_id, role_id=role_id)
2017-07-10 16:44:40 +02:00
defer.returnValue({})
@defer.inlineCallbacks
2019-06-20 11:32:02 +02:00
def update_group_summary_user(
self, group_id, requester_user_id, user_id, role_id, content
):
2017-07-12 15:11:59 +02:00
"""Add/update a users entry in the group summary
"""
2017-07-18 17:51:25 +02:00
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-07-18 17:51:25 +02:00
)
2017-07-10 16:44:40 +02:00
order = content.get("order", None)
is_public = _parse_visibility_from_contents(content)
yield self.store.add_user_to_summary(
group_id=group_id,
user_id=user_id,
role_id=role_id,
order=order,
is_public=is_public,
)
defer.returnValue({})
@defer.inlineCallbacks
def delete_group_summary_user(self, group_id, requester_user_id, user_id, role_id):
2017-07-12 15:11:59 +02:00
"""Remove a user from the group summary
"""
2017-07-18 17:51:25 +02:00
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-07-18 17:51:25 +02:00
)
2017-07-10 16:44:40 +02:00
yield self.store.remove_user_from_summary(
2019-06-20 11:32:02 +02:00
group_id=group_id, user_id=user_id, role_id=role_id
2017-07-10 16:44:40 +02:00
)
defer.returnValue({})
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
def get_group_profile(self, group_id, requester_user_id):
2017-07-11 10:58:59 +02:00
"""Get the group profile as seen by requester_user_id
"""
yield self.check_group_is_ours(group_id, requester_user_id)
2017-07-11 10:58:59 +02:00
group = yield self.store.get_group(group_id)
if group:
cols = [
2019-06-20 11:32:02 +02:00
"name",
"short_description",
"long_description",
"avatar_url",
"is_public",
]
2018-04-06 17:02:06 +02:00
group_description = {key: group[key] for key in cols}
group_description["is_openly_joinable"] = group["join_policy"] == "open"
2017-07-10 16:44:15 +02:00
defer.returnValue(group_description)
else:
raise SynapseError(404, "Unknown group")
2017-07-20 10:46:33 +02:00
@defer.inlineCallbacks
def update_group_profile(self, group_id, requester_user_id, content):
"""Update the group profile
"""
yield self.check_group_is_ours(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-07-20 10:46:33 +02:00
)
profile = {}
2019-06-20 11:32:02 +02:00
for keyname in ("name", "avatar_url", "short_description", "long_description"):
2017-07-20 10:46:33 +02:00
if keyname in content:
2017-07-20 17:24:18 +02:00
value = content[keyname]
if not isinstance(value, string_types):
2017-07-20 17:24:18 +02:00
raise SynapseError(400, "%r value is not a string" % (keyname,))
profile[keyname] = value
2017-07-20 10:46:33 +02:00
yield self.store.update_group_profile(group_id, profile)
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
def get_users_in_group(self, group_id, requester_user_id):
2017-07-11 15:23:50 +02:00
"""Get the users in group as seen by requester_user_id.
The ordering is arbitrary at the moment
2017-07-11 10:58:59 +02:00
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-11 10:58:59 +02:00
2019-06-20 11:32:02 +02:00
is_user_in_group = yield self.store.is_user_in_group(
requester_user_id, group_id
)
2017-07-10 16:44:15 +02:00
user_results = yield self.store.get_users_in_group(
2019-06-20 11:32:02 +02:00
group_id, include_private=is_user_in_group
2017-07-10 16:44:15 +02:00
)
chunk = []
for user_result in user_results:
g_user_id = user_result["user_id"]
is_public = user_result["is_public"]
is_privileged = user_result["is_admin"]
2017-07-10 16:44:15 +02:00
entry = {"user_id": g_user_id}
profile = yield self.profile_handler.get_profile_from_cache(g_user_id)
entry.update(profile)
2017-07-10 16:44:15 +02:00
entry["is_public"] = bool(is_public)
entry["is_privileged"] = bool(is_privileged)
2017-07-10 16:44:15 +02:00
2017-10-11 15:32:40 +02:00
if not self.is_mine_id(g_user_id):
2019-06-20 11:32:02 +02:00
attestation = yield self.store.get_remote_attestation(
group_id, g_user_id
)
2017-07-10 16:44:15 +02:00
if not attestation:
continue
entry["attestation"] = attestation
else:
entry["attestation"] = self.attestations.create_attestation(
2019-06-20 11:32:02 +02:00
group_id, g_user_id
2017-07-10 16:44:15 +02:00
)
chunk.append(entry)
# TODO: If admin add lists of users whose attestations have timed out
2019-06-20 11:32:02 +02:00
defer.returnValue(
{"chunk": chunk, "total_user_count_estimate": len(user_results)}
)
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
def get_invited_users_in_group(self, group_id, requester_user_id):
"""Get the users that have been invited to a group as seen by requester_user_id.
The ordering is arbitrary at the moment
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2019-06-20 11:32:02 +02:00
is_user_in_group = yield self.store.is_user_in_group(
requester_user_id, group_id
)
if not is_user_in_group:
raise SynapseError(403, "User not in group")
invited_users = yield self.store.get_invited_users_in_group(group_id)
user_profiles = []
for user_id in invited_users:
2019-06-20 11:32:02 +02:00
user_profile = {"user_id": user_id}
try:
profile = yield self.profile_handler.get_profile_from_cache(user_id)
user_profile.update(profile)
except Exception as e:
logger.warn("Error getting profile for %s: %s", user_id, e)
user_profiles.append(user_profile)
2019-06-20 11:32:02 +02:00
defer.returnValue(
{"chunk": user_profiles, "total_user_count_estimate": len(invited_users)}
)
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
def get_rooms_in_group(self, group_id, requester_user_id):
2017-07-11 10:58:59 +02:00
"""Get the rooms in group as seen by requester_user_id
2017-07-11 15:23:50 +02:00
This returns rooms in order of decreasing number of joined users
2017-07-11 10:58:59 +02:00
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-11 10:58:59 +02:00
2019-06-20 11:32:02 +02:00
is_user_in_group = yield self.store.is_user_in_group(
requester_user_id, group_id
)
2017-07-10 16:44:15 +02:00
room_results = yield self.store.get_rooms_in_group(
2019-06-20 11:32:02 +02:00
group_id, include_private=is_user_in_group
2017-07-10 16:44:15 +02:00
)
chunk = []
for room_result in room_results:
room_id = room_result["room_id"]
joined_users = yield self.store.get_users_in_room(room_id)
entry = yield self.room_list_handler.generate_room_entry(
2019-06-20 11:32:02 +02:00
room_id, len(joined_users), with_alias=False, allow_private=True
2017-07-10 16:44:15 +02:00
)
if not entry:
continue
entry["is_public"] = bool(room_result["is_public"])
2017-07-10 16:44:15 +02:00
chunk.append(entry)
chunk.sort(key=lambda e: -e["num_joined_members"])
2019-06-20 11:32:02 +02:00
defer.returnValue(
{"chunk": chunk, "total_room_count_estimate": len(room_results)}
)
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
def add_room_to_group(self, group_id, requester_user_id, room_id, content):
"""Add room to group
2017-07-11 10:58:59 +02:00
"""
2017-10-11 14:15:44 +02:00
RoomID.from_string(room_id) # Ensure valid room id
2017-07-12 12:43:39 +02:00
yield self.check_group_is_ours(
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-07-12 12:43:39 +02:00
)
2017-07-10 16:44:15 +02:00
2017-07-11 12:44:08 +02:00
is_public = _parse_visibility_from_contents(content)
2017-07-10 16:44:15 +02:00
yield self.store.add_room_to_group(group_id, room_id, is_public=is_public)
2017-07-10 16:44:15 +02:00
defer.returnValue({})
@defer.inlineCallbacks
2019-06-20 11:32:02 +02:00
def update_room_in_group(
self, group_id, requester_user_id, room_id, config_key, content
):
"""Update room in group
"""
RoomID.from_string(room_id) # Ensure valid room id
yield self.check_group_is_ours(
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
)
if config_key == "m.visibility":
is_public = _parse_visibility_dict(content)
yield self.store.update_room_in_group_visibility(
2019-06-20 11:32:02 +02:00
group_id, room_id, is_public=is_public
)
else:
raise SynapseError(400, "Uknown config option")
defer.returnValue({})
2017-09-26 16:52:41 +02:00
@defer.inlineCallbacks
def remove_room_from_group(self, group_id, requester_user_id, room_id):
2017-09-26 16:52:41 +02:00
"""Remove room from group
"""
yield self.check_group_is_ours(
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-09-26 16:52:41 +02:00
)
yield self.store.remove_room_from_group(group_id, room_id)
2017-09-26 16:52:41 +02:00
defer.returnValue({})
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
def invite_to_group(self, group_id, user_id, requester_user_id, content):
2017-07-11 10:58:59 +02:00
"""Invite user to group
"""
2017-07-12 12:43:39 +02:00
group = yield self.check_group_is_ours(
group_id, requester_user_id, and_exists=True, and_is_admin=requester_user_id
2017-07-10 16:44:15 +02:00
)
# TODO: Check if user knocked
# TODO: Check if user is already invited
content = {
2019-06-20 11:32:02 +02:00
"profile": {"name": group["name"], "avatar_url": group["avatar_url"]},
2017-07-10 16:44:15 +02:00
"inviter": requester_user_id,
}
if self.hs.is_mine_id(user_id):
2017-07-10 15:52:27 +02:00
groups_local = self.hs.get_groups_local_handler()
res = yield groups_local.on_invite(group_id, user_id, content)
local_attestation = None
2017-07-10 16:44:15 +02:00
else:
local_attestation = self.attestations.create_attestation(group_id, user_id)
2019-06-20 11:32:02 +02:00
content.update({"attestation": local_attestation})
2017-07-10 16:44:15 +02:00
res = yield self.transport_client.invite_to_group_notification(
get_domain_from_id(user_id), group_id, user_id, content
)
2017-08-25 12:21:34 +02:00
user_profile = res.get("user_profile", {})
yield self.store.add_remote_profile_cache(
user_id,
displayname=user_profile.get("displayname"),
avatar_url=user_profile.get("avatar_url"),
)
2017-07-10 16:44:15 +02:00
if res["state"] == "join":
if not self.hs.is_mine_id(user_id):
remote_attestation = res["attestation"]
yield self.attestations.verify_attestation(
2019-06-20 11:32:02 +02:00
remote_attestation, user_id=user_id, group_id=group_id
2017-07-10 16:44:15 +02:00
)
else:
remote_attestation = None
yield self.store.add_user_to_group(
2019-06-20 11:32:02 +02:00
group_id,
user_id,
2017-07-10 16:44:15 +02:00
is_admin=False,
is_public=False, # TODO
local_attestation=local_attestation,
remote_attestation=remote_attestation,
)
elif res["state"] == "invite":
2019-06-20 11:32:02 +02:00
yield self.store.add_group_invite(group_id, user_id)
defer.returnValue({"state": "invite"})
2017-07-10 16:44:15 +02:00
elif res["state"] == "reject":
2019-06-20 11:32:02 +02:00
defer.returnValue({"state": "reject"})
2017-07-10 16:44:15 +02:00
else:
raise SynapseError(502, "Unknown state returned by HS")
@defer.inlineCallbacks
2018-04-06 12:37:49 +02:00
def _add_user(self, group_id, user_id, content):
"""Add a user to a group based on a content dict.
2017-07-11 10:58:59 +02:00
See accept_invite, join_group.
2017-07-11 10:58:59 +02:00
"""
if not self.hs.is_mine_id(user_id):
2019-06-20 11:32:02 +02:00
local_attestation = self.attestations.create_attestation(group_id, user_id)
2017-07-10 16:44:15 +02:00
remote_attestation = content["attestation"]
yield self.attestations.verify_attestation(
2019-06-20 11:32:02 +02:00
remote_attestation, user_id=user_id, group_id=group_id
2017-07-10 16:44:15 +02:00
)
else:
local_attestation = None
2017-07-10 16:44:15 +02:00
remote_attestation = None
2017-07-11 12:44:08 +02:00
is_public = _parse_visibility_from_contents(content)
2017-07-10 16:44:15 +02:00
yield self.store.add_user_to_group(
2019-06-20 11:32:02 +02:00
group_id,
user_id,
2017-07-10 16:44:15 +02:00
is_admin=False,
is_public=is_public,
local_attestation=local_attestation,
remote_attestation=remote_attestation,
)
defer.returnValue(local_attestation)
@defer.inlineCallbacks
def accept_invite(self, group_id, requester_user_id, content):
"""User tries to accept an invite to the group.
This is different from them asking to join, and so should error if no
invite exists (and they're not a member of the group)
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
is_invited = yield self.store.is_user_invited_to_local_group(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id
)
if not is_invited:
raise SynapseError(403, "User not invited to group")
2018-04-06 12:37:49 +02:00
local_attestation = yield self._add_user(group_id, requester_user_id, content)
2019-06-20 11:32:02 +02:00
defer.returnValue({"state": "join", "attestation": local_attestation})
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
2018-03-28 18:18:02 +02:00
def join_group(self, group_id, requester_user_id, content):
"""User tries to join the group.
This will error if the group requires an invite/knock to join
"""
2018-04-05 18:32:20 +02:00
group_info = yield self.check_group_is_ours(
group_id, requester_user_id, and_exists=True
)
2019-06-20 11:32:02 +02:00
if group_info["join_policy"] != "open":
2018-03-28 18:18:02 +02:00
raise SynapseError(403, "Group is not publicly joinable")
2018-04-06 12:37:49 +02:00
local_attestation = yield self._add_user(group_id, requester_user_id, content)
2018-03-28 18:18:02 +02:00
2019-06-20 11:32:02 +02:00
defer.returnValue({"state": "join", "attestation": local_attestation})
2018-03-28 18:18:02 +02:00
@defer.inlineCallbacks
def knock(self, group_id, requester_user_id, content):
2017-07-11 10:58:59 +02:00
"""A user requests becoming a member of the group
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-11 10:58:59 +02:00
raise NotImplementedError()
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
def accept_knock(self, group_id, requester_user_id, content):
2017-07-11 10:58:59 +02:00
"""Accept a users knock to the room.
Errors if the user hasn't knocked, rather than inviting them.
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-11 10:58:59 +02:00
raise NotImplementedError()
2017-07-10 16:44:15 +02:00
@defer.inlineCallbacks
def remove_user_from_group(self, group_id, user_id, requester_user_id, content):
"""Remove a user from the group; either a user is leaving or an admin
kicked them.
2017-07-11 10:58:59 +02:00
"""
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2017-07-11 10:58:59 +02:00
2017-07-10 16:44:15 +02:00
is_kick = False
if requester_user_id != user_id:
is_admin = yield self.store.is_user_admin_in_group(
group_id, requester_user_id
)
if not is_admin:
raise SynapseError(403, "User is not admin in group")
is_kick = True
2019-06-20 11:32:02 +02:00
yield self.store.remove_user_from_group(group_id, user_id)
2017-07-10 16:44:15 +02:00
if is_kick:
if self.hs.is_mine_id(user_id):
2017-07-10 15:52:27 +02:00
groups_local = self.hs.get_groups_local_handler()
yield groups_local.user_removed_from_group(group_id, user_id, {})
2017-07-10 16:44:15 +02:00
else:
yield self.transport_client.remove_user_from_group_notification(
get_domain_from_id(user_id), group_id, user_id, {}
)
2017-08-25 12:21:34 +02:00
if not self.hs.is_mine_id(user_id):
yield self.store.maybe_delete_remote_profile_cache(user_id)
2017-07-10 16:44:15 +02:00
defer.returnValue({})
@defer.inlineCallbacks
def create_group(self, group_id, requester_user_id, content):
group = yield self.check_group_is_ours(group_id, requester_user_id)
2017-07-11 10:58:59 +02:00
2017-07-10 16:44:15 +02:00
logger.info("Attempting to create group with ID: %r", group_id)
# parsing the id into a GroupID validates it.
group_id_obj = GroupID.from_string(group_id)
2017-07-10 16:44:15 +02:00
if group:
raise SynapseError(400, "Group already exists")
2019-06-20 11:32:02 +02:00
is_admin = yield self.auth.is_server_admin(
UserID.from_string(requester_user_id)
)
2017-07-11 12:45:32 +02:00
if not is_admin:
2017-10-19 13:13:44 +02:00
if not self.hs.config.enable_group_creation:
2017-10-19 14:36:06 +02:00
raise SynapseError(
2019-06-20 11:32:02 +02:00
403, "Only a server admin can create groups on this server"
2017-10-19 14:36:06 +02:00
)
localpart = group_id_obj.localpart
2017-10-19 13:13:44 +02:00
if not localpart.startswith(self.hs.config.group_creation_prefix):
raise SynapseError(
400,
2019-06-20 11:32:02 +02:00
"Can only create groups with prefix %r on this server"
% (self.hs.config.group_creation_prefix,),
2017-10-19 14:36:06 +02:00
)
2017-07-10 16:44:15 +02:00
profile = content.get("profile", {})
name = profile.get("name")
avatar_url = profile.get("avatar_url")
short_description = profile.get("short_description")
long_description = profile.get("long_description")
2017-08-25 12:21:34 +02:00
user_profile = content.get("user_profile", {})
2017-07-10 16:44:15 +02:00
yield self.store.create_group(
group_id,
requester_user_id,
2017-07-10 16:44:15 +02:00
name=name,
avatar_url=avatar_url,
short_description=short_description,
long_description=long_description,
)
if not self.hs.is_mine_id(requester_user_id):
2017-07-10 16:44:15 +02:00
remote_attestation = content["attestation"]
yield self.attestations.verify_attestation(
2019-06-20 11:32:02 +02:00
remote_attestation, user_id=requester_user_id, group_id=group_id
2017-07-10 16:44:15 +02:00
)
2017-10-26 18:20:24 +02:00
local_attestation = self.attestations.create_attestation(
2019-06-20 11:32:02 +02:00
group_id, requester_user_id
2017-10-26 18:20:24 +02:00
)
2017-07-10 16:44:15 +02:00
else:
local_attestation = None
remote_attestation = None
yield self.store.add_user_to_group(
2019-06-20 11:32:02 +02:00
group_id,
requester_user_id,
2017-07-10 16:44:15 +02:00
is_admin=True,
is_public=True, # TODO
local_attestation=local_attestation,
remote_attestation=remote_attestation,
)
if not self.hs.is_mine_id(requester_user_id):
2017-08-25 12:21:34 +02:00
yield self.store.add_remote_profile_cache(
requester_user_id,
2017-08-25 12:21:34 +02:00
displayname=user_profile.get("displayname"),
avatar_url=user_profile.get("avatar_url"),
)
2019-06-20 11:32:02 +02:00
defer.returnValue({"group_id": group_id})
2017-07-11 12:44:08 +02:00
2019-04-03 17:00:44 +02:00
@defer.inlineCallbacks
def delete_group(self, group_id, requester_user_id):
"""Deletes a group, kicking out all current members.
Only group admins or server admins can call this request
Args:
group_id (str)
request_user_id (str)
Returns:
Deferred
"""
2019-06-20 11:32:02 +02:00
yield self.check_group_is_ours(group_id, requester_user_id, and_exists=True)
2019-04-03 17:00:44 +02:00
# Only server admins or group admins can delete groups.
2019-06-20 11:32:02 +02:00
is_admin = yield self.store.is_user_admin_in_group(group_id, requester_user_id)
2019-04-03 17:00:44 +02:00
if not is_admin:
is_admin = yield self.auth.is_server_admin(
2019-06-20 11:32:02 +02:00
UserID.from_string(requester_user_id)
2019-04-03 17:00:44 +02:00
)
if not is_admin:
raise SynapseError(403, "User is not an admin")
# Before deleting the group lets kick everyone out of it
2019-06-20 11:32:02 +02:00
users = yield self.store.get_users_in_group(group_id, include_private=True)
2019-04-03 17:00:44 +02:00
@defer.inlineCallbacks
def _kick_user_from_group(user_id):
if self.hs.is_mine_id(user_id):
groups_local = self.hs.get_groups_local_handler()
yield groups_local.user_removed_from_group(group_id, user_id, {})
else:
yield self.transport_client.remove_user_from_group_notification(
get_domain_from_id(user_id), group_id, user_id, {}
)
yield self.store.maybe_delete_remote_profile_cache(user_id)
# We kick users out in the order of:
# 1. Non-admins
# 2. Other admins
# 3. The requester
#
# This is so that if the deletion fails for some reason other admins or
# the requester still has auth to retry.
non_admins = []
admins = []
for u in users:
if u["user_id"] == requester_user_id:
continue
if u["is_admin"]:
admins.append(u["user_id"])
else:
non_admins.append(u["user_id"])
yield concurrently_execute(_kick_user_from_group, non_admins, 10)
yield concurrently_execute(_kick_user_from_group, admins, 10)
yield _kick_user_from_group(requester_user_id)
yield self.store.delete_group(group_id)
2017-07-11 12:44:08 +02:00
def _parse_join_policy_from_contents(content):
"""Given a content for a request, return the specified join policy or None
"""
join_policy_dict = content.get("m.join_policy")
if join_policy_dict:
return _parse_join_policy_dict(join_policy_dict)
else:
return None
def _parse_join_policy_dict(join_policy_dict):
"""Given a dict for the "m.join_policy" config return the join policy specified
"""
join_policy_type = join_policy_dict.get("type")
if not join_policy_type:
2018-04-06 12:44:18 +02:00
return "invite"
if join_policy_type not in ("invite", "open"):
2019-06-20 11:32:02 +02:00
raise SynapseError(400, "Synapse only supports 'invite'/'open' join rule")
return join_policy_type
2017-07-11 12:44:08 +02:00
def _parse_visibility_from_contents(content):
"""Given a content for a request parse out whether the entity should be
public or not
"""
visibility = content.get("m.visibility")
2017-07-11 12:44:08 +02:00
if visibility:
return _parse_visibility_dict(visibility)
2017-07-11 12:44:08 +02:00
else:
is_public = True
return is_public
def _parse_visibility_dict(visibility):
"""Given a dict for the "m.visibility" config return if the entity should
be public or not
"""
vis_type = visibility.get("type")
if not vis_type:
return True
if vis_type not in ("public", "private"):
2019-06-20 11:32:02 +02:00
raise SynapseError(400, "Synapse only supports 'public'/'private' visibility")
return vis_type == "public"