diff --git a/synapse/api/auth.py b/synapse/api/auth.py index c77f52dc30..0e8973e823 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -57,6 +57,8 @@ class Auth(object): ) if hasattr(event, "state_key"): + # TODO (erikj): This really only should be called for *new* + # state yield self._can_add_state(event) else: yield self._can_send_event(event) @@ -152,12 +154,29 @@ class Auth(object): # TODO (erikj): private rooms raise AuthError(403, "You are not allowed to join this room") elif Membership.LEAVE == membership: + # TODO (erikj): Implement kicks. + if not caller_in_room: # trying to leave a room you aren't joined raise AuthError(403, "You are not in room %s." % event.room_id) elif target_user_id != event.user_id: # trying to force another user to leave raise AuthError(403, "Cannot force %s to leave." % target_user_id) + elif Membership.BAN == membership: + user_level = yield self.store.get_power_level( + event.room_id, + event.user_id, + ) + + ban_level, _ = yield self.store.get_ops_levels(event.room_id) + + if ban_level: + ban_level = int(ban_level) + else: + ban_level = 5 # FIXME (erikj): What should we do here? + + if ban_level < user_level: + raise AuthError(403, "You don't have permission to ban") else: raise AuthError(500, "Unknown membership %s" % membership) diff --git a/synapse/api/constants.py b/synapse/api/constants.py index 9b5b9f5936..668ffa07ca 100644 --- a/synapse/api/constants.py +++ b/synapse/api/constants.py @@ -23,7 +23,8 @@ class Membership(object): JOIN = u"join" KNOCK = u"knock" LEAVE = u"leave" - LIST = (INVITE, JOIN, KNOCK, LEAVE) + BAN = u"ban" + LIST = (INVITE, JOIN, KNOCK, LEAVE, BAN) class Feedback(object): diff --git a/synapse/api/events/factory.py b/synapse/api/events/factory.py index 56180899b2..159728b2d2 100644 --- a/synapse/api/events/factory.py +++ b/synapse/api/events/factory.py @@ -16,7 +16,7 @@ from synapse.api.events.room import ( RoomTopicEvent, MessageEvent, RoomMemberEvent, FeedbackEvent, InviteJoinEvent, RoomConfigEvent, RoomNameEvent, GenericEvent, - RoomPowerLevelsEvent, RoomJoinRulesEvent, + RoomPowerLevelsEvent, RoomJoinRulesEvent, RoomOpsPowerLevelsEvent, RoomCreateEvent, RoomAddStateLevelEvent, RoomSendEventLevelEvent ) @@ -38,6 +38,7 @@ class EventFactory(object): RoomCreateEvent, RoomAddStateLevelEvent, RoomSendEventLevelEvent, + RoomOpsPowerLevelsEvent, ] def __init__(self, hs): diff --git a/synapse/api/events/room.py b/synapse/api/events/room.py index 6b431e24ea..f6d3c59a9a 100644 --- a/synapse/api/events/room.py +++ b/synapse/api/events/room.py @@ -167,3 +167,10 @@ class RoomSendEventLevelEvent(SynapseStateEvent): def get_content_template(self): return {} + + +class RoomOpsPowerLevelsEvent(SynapseStateEvent): + TYPE = "m.room.ops_levels" + + def get_content_template(self): + return {} diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py index dace364eae..9262afb474 100644 --- a/synapse/handlers/room.py +++ b/synapse/handlers/room.py @@ -22,7 +22,7 @@ from synapse.api.errors import StoreError, SynapseError from synapse.api.events.room import ( RoomMemberEvent, RoomCreateEvent, RoomPowerLevelsEvent, RoomJoinRulesEvent, RoomAddStateLevelEvent, - RoomSendEventLevelEvent, + RoomSendEventLevelEvent, RoomOpsPowerLevelsEvent, ) from synapse.util import stringutils from ._base import BaseRoomHandler @@ -151,35 +151,44 @@ class RoomCreationHandler(BaseRoomHandler): "user_id": creator.to_string(), } - creation_event = self.event_factory.create_event( + def create(etype, **content): + return self.event_factory.create_event( + etype=etype, + content=content, + **event_keys + ) + + creation_event = create( etype=RoomCreateEvent.TYPE, - content={"creator": creator.to_string(), "default": 0}, - **event_keys + creator=creator.to_string(), + default=0, ) - power_levels_event = self.event_factory.create_event( + power_levels_event = create( etype=RoomPowerLevelsEvent.TYPE, - content={creator.to_string(): 10}, - **event_keys + **{creator.to_string(): 10} ) join_rule = JoinRules.PUBLIC if is_public else JoinRules.INVITE - join_rules_event = self.event_factory.create_event( + join_rules_event = create( etype=RoomJoinRulesEvent.TYPE, - content={"join_rule": join_rule}, - **event_keys + join_rule=join_rule, ) - add_state_event = self.event_factory.create_event( + add_state_event = create( etype=RoomAddStateLevelEvent.TYPE, - content={"level": 10}, - **event_keys + level=10, ) - send_event = self.event_factory.create_event( + send_event = create( etype=RoomSendEventLevelEvent.TYPE, - content={"level": 0}, - **event_keys + level=0, + ) + + ops = create( + etype=RoomOpsPowerLevelsEvent.TYPE, + ban_level=5, + kick_level=5, ) return [ @@ -188,6 +197,7 @@ class RoomCreationHandler(BaseRoomHandler): join_rules_event, add_state_event, send_event, + ops, ] @@ -493,10 +503,9 @@ class RoomMemberHandler(BaseRoomHandler): host = target_user.domain destinations.append(host) - # If we are joining a remote HS, include that. - if membership == Membership.JOIN: - host = target_user.domain - destinations.append(host) + # Always include target domain + host = target_user.domain + destinations.append(host) return self._on_new_room_event( event, snapshot, extra_destinations=destinations, diff --git a/synapse/storage/__init__.py b/synapse/storage/__init__.py index 3d5e5049fa..cc8b59f8da 100644 --- a/synapse/storage/__init__.py +++ b/synapse/storage/__init__.py @@ -127,8 +127,6 @@ class DataStore(RoomMemberStore, RoomStore, self._store_room_member_txn(txn, event) elif event.type == FeedbackEvent.TYPE: self._store_feedback_txn(txn, event) -# elif event.type == RoomConfigEvent.TYPE: -# self._store_room_config_txn(txn, event) elif event.type == RoomNameEvent.TYPE: self._store_room_name_txn(txn, event) elif event.type == RoomTopicEvent.TYPE: diff --git a/synapse/storage/room.py b/synapse/storage/room.py index f8aa8bd2a1..3b2d1a8ecd 100644 --- a/synapse/storage/room.py +++ b/synapse/storage/room.py @@ -27,6 +27,9 @@ import logging logger = logging.getLogger(__name__) +OpsLevel = collections.namedtuple("OpsLevel", ("ban_level", "kick_level")) + + class RoomStore(SQLBaseStore): @defer.inlineCallbacks @@ -145,8 +148,13 @@ class RoomStore(SQLBaseStore): else: defer.returnValue(None) - @defer.inlineCallbacks def get_power_level(self, room_id, user_id): + return self._db_pool.runInteraction( + self._get_power_level, + room_id, user_id, + ) + + def _get_power_level(self, txn, room_id, user_id): sql = ( "SELECT level FROM room_power_levels as r " "INNER JOIN current_state_events as c " @@ -154,7 +162,7 @@ class RoomStore(SQLBaseStore): "WHERE c.room_id = ? AND r.user_id = ? " ) - rows = yield self._execute(None, sql, room_id, user_id) + rows = txn.execute(sql, (room_id, user_id,)).fetchall() if len(rows) == 1: defer.returnValue(rows[0][0]) @@ -167,12 +175,33 @@ class RoomStore(SQLBaseStore): "WHERE c.room_id = ? " ) - rows = yield self._execute(None, sql, room_id) + rows = txn.execute(sql, (room_id,)).fetchall() if len(rows) == 1: - defer.returnValue(rows[0][0]) + return rows[0][0] else: - defer.returnValue(None) + return None + + def get_ops_levels(self, room_id): + return self._db_pool.runInteraction( + self._get_ops_levels, + room_id, + ) + + def _get_ops_levels(self, txn, room_id): + sql = ( + "SELECT ban_level, kick_level FROM room_ops_levels as r " + "INNER JOIN current_state_events as c " + "ON r.event_id = c.event_id " + "WHERE c.room_id = ? " + ) + + rows = txn.execute(sql, (room_id,)).fetchall() + + if len(rows) == 1: + return OpsLevel(rows[0][0], rows[0][1]) + else: + return OpsLevel(None, None) def get_add_state_level(self, room_id): return self._get_level_from_table("room_add_state_levels", room_id) @@ -286,6 +315,24 @@ class RoomStore(SQLBaseStore): }, ) + def _store_ops_level(self, txn, event): + content = { + "event_id": event.event_id, + "room_id": event.room_id, + } + + if "kick_level" in event.content: + content["kick_level"] = event.content["kick_level"] + + if "ban_level" in event.content: + content["ban_level"] = event.content["ban_level"] + + self._simple_insert_txn( + txn, + "room_send_event_levels", + content, + ) + class RoomsTable(Table): table_name = "rooms" diff --git a/synapse/storage/schema/im.sql b/synapse/storage/schema/im.sql index 447c1d29a2..1de0d59066 100644 --- a/synapse/storage/schema/im.sql +++ b/synapse/storage/schema/im.sql @@ -146,6 +146,17 @@ CREATE INDEX IF NOT EXISTS room_send_event_levels_event_id ON room_send_event_le CREATE INDEX IF NOT EXISTS room_send_event_levels_room_id ON room_send_event_levels(room_id); +CREATE TABLE IF NOT EXISTS room_ops_levels( + event_id TEXT NOT NULL, + room_id TEXT NOT NULL, + ban_level INTEGER, + kick_level INTEGER, +); + +CREATE INDEX IF NOT EXISTS room_ops_levels_event_id ON room_ops_levels(event_id); +CREATE INDEX IF NOT EXISTS room_ops_levels_room_id ON room_ops_levels(room_id); + + CREATE TABLE IF NOT EXISTS room_hosts( room_id TEXT NOT NULL, host TEXT NOT NULL,