From 8256a8ece7e228bf69fcd352f1b4adfa2138719a Mon Sep 17 00:00:00 2001
From: Daniel Wagner-Hall <daniel@matrix.org>
Date: Fri, 28 Aug 2015 15:31:49 +0100
Subject: [PATCH 1/2] Allow users to redact their own events

---
 synapse/api/auth.py       | 33 +++++++++++++++++++++++++--------
 synapse/handlers/_base.py | 19 +++++++++++++++++--
 2 files changed, 42 insertions(+), 10 deletions(-)

diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 65ee1452ce..f63d2daad8 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -20,7 +20,7 @@ from twisted.internet import defer
 from synapse.api.constants import EventTypes, Membership, JoinRules
 from synapse.api.errors import AuthError, Codes, SynapseError
 from synapse.util.logutils import log_function
-from synapse.types import UserID
+from synapse.types import UserID, EventID
 
 import logging
 
@@ -91,7 +91,7 @@ class Auth(object):
                 self._check_power_levels(event, auth_events)
 
             if event.type == EventTypes.Redaction:
-                self._check_redaction(event, auth_events)
+                self.check_redaction(event, auth_events)
 
             logger.debug("Allowing! %s", event)
         except AuthError as e:
@@ -541,16 +541,33 @@ class Auth(object):
 
         return True
 
-    def _check_redaction(self, event, auth_events):
+    def check_redaction(self, event, auth_events):
+        """Check whether the event sender is allowed to redact the target event.
+
+        Returns:
+            True if the the sender is allowed to redact the target event if the
+            target event was created by them.
+            False if the sender is allowed to redact the target event with no
+            further checks.
+
+        Raises:
+            AuthError if the event sender is definitely not allowed to redact
+            the target event.
+        """
         user_level = self._get_user_power_level(event.user_id, auth_events)
 
         redact_level = self._get_named_level(auth_events, "redact", 50)
 
-        if user_level < redact_level:
-            raise AuthError(
-                403,
-                "You don't have permission to redact events"
-            )
+        if user_level > redact_level:
+            return False
+
+        if EventID.from_string(event.redacts).domain == self.hs.get_config().server_name:
+            return True
+
+        raise AuthError(
+            403,
+            "You don't have permission to redact events"
+        )
 
     def _check_power_levels(self, event, auth_events):
         user_list = event.content.get("users", {})
diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py
index e91f1129db..9d36e3b6d2 100644
--- a/synapse/handlers/_base.py
+++ b/synapse/handlers/_base.py
@@ -15,7 +15,7 @@
 
 from twisted.internet import defer
 
-from synapse.api.errors import LimitExceededError, SynapseError
+from synapse.api.errors import LimitExceededError, SynapseError, AuthError
 from synapse.crypto.event_signing import add_hashes_and_signatures
 from synapse.api.constants import Membership, EventTypes
 from synapse.types import UserID, RoomAlias
@@ -131,7 +131,7 @@ class BaseHandler(object):
                     )
 
         if event.type == EventTypes.CanonicalAlias:
-            # Check the alias is acually valid (at this time at least)
+            # Check the alias is actually valid (at this time at least)
             room_alias_str = event.content.get("alias", None)
             if room_alias_str:
                 room_alias = RoomAlias.from_string(room_alias_str)
@@ -146,6 +146,21 @@ class BaseHandler(object):
                         )
                     )
 
+        if event.type == EventTypes.Redaction:
+            if self.auth.check_redaction(event, auth_events=context.current_state):
+                original_event = yield self.store.get_event(
+                    event.redacts,
+                    check_redacted=False,
+                    get_prev_content=False,
+                    allow_rejected=False,
+                    allow_none=False
+                )
+                if event.user_id != original_event.user_id:
+                    raise AuthError(
+                        403,
+                        "You don't have permission to redact events"
+                    )
+
         destinations = set(extra_destinations)
         for k, s in context.current_state.items():
             try:

From b854a375b0a859f8c4e16adf9f2fcec75b5a6816 Mon Sep 17 00:00:00 2001
From: Daniel Wagner-Hall <daniel@matrix.org>
Date: Tue, 1 Sep 2015 11:53:31 +0100
Subject: [PATCH 2/2] Check domain of events properly

Federated servers still need to delegate authority to owning servers
---
 synapse/api/auth.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index f63d2daad8..0c0d678562 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -561,7 +561,9 @@ class Auth(object):
         if user_level > redact_level:
             return False
 
-        if EventID.from_string(event.redacts).domain == self.hs.get_config().server_name:
+        redacter_domain = EventID.from_string(event.event_id).domain
+        redactee_domain = EventID.from_string(event.redacts).domain
+        if redacter_domain == redactee_domain:
             return True
 
         raise AuthError(