Fix joining over federation
parent
8b0e96474b
commit
49948d72f3
|
@ -24,6 +24,7 @@ from synapse.api.events.room import (
|
||||||
RoomJoinRulesEvent, RoomCreateEvent,
|
RoomJoinRulesEvent, RoomCreateEvent,
|
||||||
)
|
)
|
||||||
from synapse.util.logutils import log_function
|
from synapse.util.logutils import log_function
|
||||||
|
from syutil.base64util import encode_base64
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
@ -61,8 +62,6 @@ class Auth(object):
|
||||||
# FIXME
|
# FIXME
|
||||||
return True
|
return True
|
||||||
|
|
||||||
self._can_send_event(event)
|
|
||||||
|
|
||||||
if event.type == RoomMemberEvent.TYPE:
|
if event.type == RoomMemberEvent.TYPE:
|
||||||
allowed = self.is_membership_change_allowed(event)
|
allowed = self.is_membership_change_allowed(event)
|
||||||
if allowed:
|
if allowed:
|
||||||
|
@ -71,6 +70,8 @@ class Auth(object):
|
||||||
logger.debug("Denying! %s", event)
|
logger.debug("Denying! %s", event)
|
||||||
return allowed
|
return allowed
|
||||||
|
|
||||||
|
self._can_send_event(event)
|
||||||
|
|
||||||
if event.type == RoomPowerLevelsEvent.TYPE:
|
if event.type == RoomPowerLevelsEvent.TYPE:
|
||||||
self._check_power_levels(event)
|
self._check_power_levels(event)
|
||||||
|
|
||||||
|
@ -311,6 +312,54 @@ class Auth(object):
|
||||||
def is_server_admin(self, user):
|
def is_server_admin(self, user):
|
||||||
return self.store.is_server_admin(user)
|
return self.store.is_server_admin(user)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def add_auth_events(self, event):
|
||||||
|
if event.type == RoomCreateEvent.TYPE:
|
||||||
|
event.auth_events = []
|
||||||
|
return
|
||||||
|
|
||||||
|
auth_events = []
|
||||||
|
|
||||||
|
key = (RoomPowerLevelsEvent.TYPE, "", )
|
||||||
|
power_level_event = event.old_state_events.get(key)
|
||||||
|
|
||||||
|
if power_level_event:
|
||||||
|
auth_events.append(power_level_event.event_id)
|
||||||
|
|
||||||
|
key = (RoomJoinRulesEvent.TYPE, "", )
|
||||||
|
join_rule_event = event.old_state_events.get(key)
|
||||||
|
|
||||||
|
key = (RoomMemberEvent.TYPE, event.user_id, )
|
||||||
|
member_event = event.old_state_events.get(key)
|
||||||
|
|
||||||
|
if join_rule_event:
|
||||||
|
join_rule = join_rule_event.content.get("join_rule")
|
||||||
|
is_public = join_rule == JoinRules.PUBLIC if join_rule else False
|
||||||
|
|
||||||
|
if event.type == RoomMemberEvent.TYPE:
|
||||||
|
if event.content["membership"] == Membership.JOIN:
|
||||||
|
if is_public:
|
||||||
|
auth_events.append(join_rule_event.event_id)
|
||||||
|
elif member_event:
|
||||||
|
auth_events.append(member_event.event_id)
|
||||||
|
|
||||||
|
if member_event:
|
||||||
|
if member_event.content["membership"] == Membership.JOIN:
|
||||||
|
auth_events.append(member_event.event_id)
|
||||||
|
|
||||||
|
hashes = yield self.store.get_event_reference_hashes(
|
||||||
|
auth_events
|
||||||
|
)
|
||||||
|
hashes = [
|
||||||
|
{
|
||||||
|
k: encode_base64(v) for k, v in h.items()
|
||||||
|
if k == "sha256"
|
||||||
|
}
|
||||||
|
for h in hashes
|
||||||
|
]
|
||||||
|
event.auth_events = zip(auth_events, hashes)
|
||||||
|
|
||||||
|
|
||||||
@log_function
|
@log_function
|
||||||
def _can_send_event(self, event):
|
def _can_send_event(self, event):
|
||||||
key = (RoomPowerLevelsEvent.TYPE, "", )
|
key = (RoomPowerLevelsEvent.TYPE, "", )
|
||||||
|
|
|
@ -61,7 +61,6 @@ class SynapseEvent(JsonEncodedObject):
|
||||||
"replaces_state",
|
"replaces_state",
|
||||||
"redacted_because",
|
"redacted_because",
|
||||||
"origin_server_ts",
|
"origin_server_ts",
|
||||||
"auth_events",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
internal_keys = [
|
internal_keys = [
|
||||||
|
@ -75,6 +74,7 @@ class SynapseEvent(JsonEncodedObject):
|
||||||
"hashes",
|
"hashes",
|
||||||
"signatures",
|
"signatures",
|
||||||
"prev_state",
|
"prev_state",
|
||||||
|
"auth_events",
|
||||||
]
|
]
|
||||||
|
|
||||||
required_keys = [
|
required_keys = [
|
||||||
|
|
|
@ -18,11 +18,6 @@ from twisted.internet import defer
|
||||||
from synapse.api.errors import LimitExceededError
|
from synapse.api.errors import LimitExceededError
|
||||||
from synapse.util.async import run_on_reactor
|
from synapse.util.async import run_on_reactor
|
||||||
from synapse.crypto.event_signing import add_hashes_and_signatures
|
from synapse.crypto.event_signing import add_hashes_and_signatures
|
||||||
from synapse.api.events.room import (
|
|
||||||
RoomCreateEvent, RoomMemberEvent, RoomPowerLevelsEvent, RoomJoinRulesEvent,
|
|
||||||
)
|
|
||||||
from synapse.api.constants import Membership, JoinRules
|
|
||||||
from syutil.base64util import encode_base64
|
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
@ -59,53 +54,6 @@ class BaseHandler(object):
|
||||||
retry_after_ms=int(1000*(time_allowed - time_now)),
|
retry_after_ms=int(1000*(time_allowed - time_now)),
|
||||||
)
|
)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
|
||||||
def _add_auth(self, event):
|
|
||||||
if event.type == RoomCreateEvent.TYPE:
|
|
||||||
event.auth_events = []
|
|
||||||
return
|
|
||||||
|
|
||||||
auth_events = []
|
|
||||||
|
|
||||||
key = (RoomPowerLevelsEvent.TYPE, "", )
|
|
||||||
power_level_event = event.old_state_events.get(key)
|
|
||||||
|
|
||||||
if power_level_event:
|
|
||||||
auth_events.append(power_level_event.event_id)
|
|
||||||
|
|
||||||
key = (RoomJoinRulesEvent.TYPE, "", )
|
|
||||||
join_rule_event = event.old_state_events.get(key)
|
|
||||||
|
|
||||||
key = (RoomMemberEvent.TYPE, event.user_id, )
|
|
||||||
member_event = event.old_state_events.get(key)
|
|
||||||
|
|
||||||
if join_rule_event:
|
|
||||||
join_rule = join_rule_event.content.get("join_rule")
|
|
||||||
is_public = join_rule == JoinRules.PUBLIC if join_rule else False
|
|
||||||
|
|
||||||
if event.type == RoomMemberEvent.TYPE:
|
|
||||||
if event.content["membership"] == Membership.JOIN:
|
|
||||||
if is_public:
|
|
||||||
auth_events.append(join_rule_event.event_id)
|
|
||||||
elif member_event:
|
|
||||||
auth_events.append(member_event.event_id)
|
|
||||||
|
|
||||||
if member_event:
|
|
||||||
if member_event.content["membership"] == Membership.JOIN:
|
|
||||||
auth_events.append(member_event.event_id)
|
|
||||||
|
|
||||||
hashes = yield self.store.get_event_reference_hashes(
|
|
||||||
auth_events
|
|
||||||
)
|
|
||||||
hashes = [
|
|
||||||
{
|
|
||||||
k: encode_base64(v) for k, v in h.items()
|
|
||||||
if k == "sha256"
|
|
||||||
}
|
|
||||||
for h in hashes
|
|
||||||
]
|
|
||||||
event.auth_events = zip(auth_events, hashes)
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _on_new_room_event(self, event, snapshot, extra_destinations=[],
|
def _on_new_room_event(self, event, snapshot, extra_destinations=[],
|
||||||
extra_users=[], suppress_auth=False):
|
extra_users=[], suppress_auth=False):
|
||||||
|
@ -115,7 +63,7 @@ class BaseHandler(object):
|
||||||
|
|
||||||
yield self.state_handler.annotate_state_groups(event)
|
yield self.state_handler.annotate_state_groups(event)
|
||||||
|
|
||||||
yield self._add_auth(event)
|
yield self.auth.add_auth_events(event)
|
||||||
|
|
||||||
logger.debug("Signing event...")
|
logger.debug("Signing event...")
|
||||||
|
|
||||||
|
|
|
@ -317,6 +317,7 @@ class FederationHandler(BaseHandler):
|
||||||
snapshot.fill_out_prev_events(event)
|
snapshot.fill_out_prev_events(event)
|
||||||
|
|
||||||
yield self.state_handler.annotate_state_groups(event)
|
yield self.state_handler.annotate_state_groups(event)
|
||||||
|
yield self.auth.add_auth_events(event)
|
||||||
self.auth.check(event, raises=True)
|
self.auth.check(event, raises=True)
|
||||||
|
|
||||||
pdu = self.pdu_codec.pdu_from_event(event)
|
pdu = self.pdu_codec.pdu_from_event(event)
|
||||||
|
|
|
@ -310,6 +310,7 @@ class DataStore(RoomMemberStore, RoomStore,
|
||||||
"room_id": event.room_id,
|
"room_id": event.room_id,
|
||||||
"auth_id": auth_id,
|
"auth_id": auth_id,
|
||||||
},
|
},
|
||||||
|
or_ignore=True,
|
||||||
)
|
)
|
||||||
|
|
||||||
(ref_alg, ref_hash_bytes) = compute_event_reference_hash(event)
|
(ref_alg, ref_hash_bytes) = compute_event_reference_hash(event)
|
||||||
|
|
Loading…
Reference in New Issue