OpenCloud
/
MatrixSynapse
mirror of https://github.com/matrix-org/synapse
1
0
Fork 0
Code Issues Releases Wiki Activity

Use real AS object by passing it through the requester 

This means synapse does not have to check if the AS is interested, but instead it effectively re-uses what it already knew about the requesting user
pull/1175/head
Luke Barnard 2016-10-20 11:43:05 +01:00
parent 5b54d51d1e
commit 1b17d1a106
3 changed files with 15 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
synapse/api/auth.py
View File

@ -603,10 +603,10 @@ class Auth(object):
"""
# Can optionally look elsewhere in the request (e.g. headers)
try:
user_id = yield self._get_appservice_user_id(request)
user_id, as_user = yield self._get_appservice_user_id(request)
if user_id:
request.authenticated_entity = user_id
defer.returnValue(synapse.types.create_requester(user_id))
defer.returnValue(synapse.types.create_requester(user_id, as_user=as_user))
access_token = get_access_token_from_request(
request, self.TOKEN_NOT_FOUND_HTTP_STATUS
@ -644,7 +644,7 @@ class Auth(object):
request.authenticated_entity = user.to_string()
defer.returnValue(synapse.types.create_requester(
user, token_id, is_guest, device_id))
user, token_id, is_guest, device_id, as_user=as_user))
except KeyError:
raise AuthError(
self.TOKEN_NOT_FOUND_HTTP_STATUS, "Missing access token.",
@ -659,14 +659,14 @@ class Auth(object):
)
)
if app_service is None:
defer.returnValue(None)
defer.returnValue((None, None))
if "user_id" not in request.args:
defer.returnValue(app_service.sender)
defer.returnValue((app_service.sender, app_service))
user_id = request.args["user_id"][0]
if app_service.sender == user_id:
defer.returnValue(app_service.sender)
defer.returnValue((app_service.sender, app_service))
if not app_service.is_interested_in_user(user_id):
raise AuthError(
@ -678,7 +678,7 @@ class Auth(object):
403,
"Application service has not registered this user"
)
defer.returnValue(user_id)
defer.returnValue((user_id, app_service))
@defer.inlineCallbacks
def get_user_by_access_token(self, token, rights="access"):

11
synapse/handlers/_base.py
View File

@ -65,14 +65,9 @@ class BaseHandler(object):
if app_service is not None:
return # do not ratelimit app service senders
should_rate_limit = True
for service in self.store.get_app_services():
if service.is_interested_in_user(user_id):
should_rate_limit = service.is_rate_limited()
break
if not should_rate_limit:
if requester.as_user and not requester.as_user.is_rate_limited():
# do not ratelimit users of which a non-rate-limited AS is
# acting on behalf
return
allowed, time_allowed = self.ratelimiter.send_message(

8
synapse/types.py
View File

@ -19,7 +19,7 @@ from collections import namedtuple
Requester = namedtuple("Requester",
["user", "access_token_id", "is_guest", "device_id"])
["user", "access_token_id", "is_guest", "device_id", "as_user"])
"""
Represents the user making a request
@ -29,11 +29,12 @@ Attributes:
request, or None if it came via the appservice API or similar
is_guest (bool): True if the user making this request is a guest user
device_id (str|None): device_id which was set at authentication time
as_user (ApplicationService|None): the AS requesting on behalf of the user
"""
def create_requester(user_id, access_token_id=None, is_guest=False,
device_id=None):
device_id=None, as_user=None):
"""
Create a new ``Requester`` object
@ -43,13 +44,14 @@ def create_requester(user_id, access_token_id=None, is_guest=False,
request, or None if it came via the appservice API or similar
is_guest (bool): True if the user making this request is a guest user
device_id (str|None): device_id which was set at authentication time
as_user (ApplicationService|None): the AS requesting on behalf of the user
Returns:
Requester
"""
if not isinstance(user_id, UserID):
user_id = UserID.from_string(user_id)
return Requester(user_id, access_token_id, is_guest, device_id)
return Requester(user_id, access_token_id, is_guest, device_id, as_user)
def get_domain_from_id(string):