From c65306f8779d480a10b6ce318e73b458538e1eef Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Mon, 29 Sep 2014 13:35:38 +0100 Subject: [PATCH] Add auth check to test if a user is an admin or not. --- synapse/api/auth.py | 3 +++ synapse/storage/registration.py | 8 ++++++++ 2 files changed, 11 insertions(+) diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 739f77afd4..5e3ea5b8c5 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -259,6 +259,9 @@ class Auth(object): raise AuthError(403, "Unrecognised access token.", errcode=Codes.UNKNOWN_TOKEN) + def is_server_admin(self, user): + return self.store.is_server_admin(user) + @defer.inlineCallbacks @log_function def _can_send_event(self, event): diff --git a/synapse/storage/registration.py b/synapse/storage/registration.py index db20b1daa0..f32b000cb6 100644 --- a/synapse/storage/registration.py +++ b/synapse/storage/registration.py @@ -103,6 +103,14 @@ class RegistrationStore(SQLBaseStore): token) defer.returnValue(user_id) + @defer.inlineCallbacks + def is_server_admin(self, user): + return self._simple_select_one_onecol( + table="users", + keyvalues={"name": user.to_string()}, + retcol="admin", + ) + def _query_for_auth(self, txn, token): txn.execute("SELECT users.name FROM access_tokens LEFT JOIN users" + " ON users.id = access_tokens.user_id WHERE token = ?",