Add some better comments on what we're trying to check for
Eric Eastwood
parent
8c205e55a9
commit
7b8b2d1b7b
|
|
@ -29,8 +29,6 @@ from synapse.api.errors import (
|
||||||
SynapseError,
|
SynapseError,
|
||||||
)
|
)
|
||||||
from synapse.api.filtering import Filter
|
from synapse.api.filtering import Filter
|
||||||
|
|
||||||
|
|
||||||
from synapse.appservice import ApplicationService
|
from synapse.appservice import ApplicationService
|
||||||
from synapse.events.utils import format_event_for_client_v2
|
from synapse.events.utils import format_event_for_client_v2
|
||||||
from synapse.http.servlet import (
|
from synapse.http.servlet import (
|
||||||
|
|
@ -398,13 +396,16 @@ class RoomBatchSendEventRestServlet(TransactionRestServlet):
|
||||||
Requester object
|
Requester object
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
# It's ok if the app service is trying to use the sender from their registration
|
||||||
if app_service.sender == user_id:
|
if app_service.sender == user_id:
|
||||||
pass
|
pass
|
||||||
|
# Check to make sure the app service is allowed to control the user
|
||||||
elif not app_service.is_interested_in_user(user_id):
|
elif not app_service.is_interested_in_user(user_id):
|
||||||
raise AuthError(
|
raise AuthError(
|
||||||
403,
|
403,
|
||||||
"Application service cannot masquerade as this user (%s)." % user_id,
|
"Application service cannot masquerade as this user (%s)." % user_id,
|
||||||
)
|
)
|
||||||
|
# Check to make sure the user is already registered on the homeserver
|
||||||
elif not (await self.store.get_user_by_id(user_id)):
|
elif not (await self.store.get_user_by_id(user_id)):
|
||||||
raise AuthError(
|
raise AuthError(
|
||||||
403, "Application service has not registered this user (%s)" % user_id
|
403, "Application service has not registered this user (%s)" % user_id
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue