Commit Graph

113 Commits (7dec0b2beeca1d1b7d298dc814fcfc5aff52340c)

Author SHA1 Message Date
Erik Johnston 016c089f13 Merge branch 'develop' of github.com:matrix-org/synapse into erikj/power_level_sanity 2015-07-13 13:48:13 +01:00
Erik Johnston a5ea22d468 Sanitize power level checks 2015-07-10 14:05:38 +01:00
Erik Johnston 7e3b14fe78 You shouldn't be able to ban/kick users with higher power levels 2015-07-10 14:05:38 +01:00
Erik Johnston 1a3255b507 Add m.room.history_visibility to newly created rooms' m.room.power_levels 2015-07-06 13:25:35 +01:00
Erik Johnston 00ab882ed6 Add m.room.history_visibility to list of auth events 2015-07-03 10:31:24 +01:00
Erik Johnston cee69441d3 Log more when we have processed the request 2015-06-15 17:11:44 +01:00
Erik Johnston 22c7c5eb8f Typo 2015-05-01 14:41:25 +01:00
Erik Johnston 42c12c04f6 Remove some run_on_reactors 2015-05-01 14:41:25 +01:00
Erik Johnston adb5b76ff5 Don't log all auth events every time we call auth.check 2015-05-01 14:41:25 +01:00
Erik Johnston 80b4119279 Don't wait for storage of access_token 2015-05-01 13:14:05 +01:00
Mark Haines 9182f87664 Merge pull request #126 from matrix-org/csauth
Client / Server Auth Refactor
2015-04-28 11:00:27 +01:00
Paul "LeoNerd" Evans 38432d8c25 Merge branch 'develop' into invite_power_level 2015-04-27 17:09:25 +01:00
David Baker 6532b6e607 Merge branch 'develop' into csauth
Conflicts:
	synapse/http/server.py
2015-04-24 09:37:54 +01:00
David Baker a2c10d37d7 Add an error code to 'missing token' response. 2015-04-23 13:23:44 +01:00
Paul "LeoNerd" Evans a16eaa0c33 Neater fetching of user's auth level in a room - squash to int() at access time (SYN-353) 2015-04-22 14:20:04 +01:00
Paul "LeoNerd" Evans f43063158a Appease pep8 2015-04-22 13:12:11 +01:00
Paul "LeoNerd" Evans 2808c040ef Also remember to check 'invite' level for changes 2015-04-21 21:13:14 +01:00
Paul "LeoNerd" Evans bc41f0398f Initial implementation of an 'invite' power_level 2015-04-21 20:56:08 +01:00
Paul "LeoNerd" Evans d3309933f5 Much neater fetching of defined powerlevels from m.room.power_levels state event 2015-04-21 20:53:23 +01:00
Paul "LeoNerd" Evans b568c0231c Remove debugging print statement accidentally committed 2015-04-21 20:21:14 +01:00
Paul "LeoNerd" Evans 3a7d7a3f22 Sanitise a user's powerlevel to an int() before numerical comparison, because otherwise Python is "helpful" with it (SYN-351) 2015-04-21 20:18:29 +01:00
David Baker cb03fafdf1 Merge branch 'develop' into csauth 2015-04-17 13:51:10 +01:00
Paul "LeoNerd" Evans 399b5add58 Neater implementation of membership change auth checks, ensuring we can't forget to check if the calling user is a member of the room 2015-04-15 18:40:23 +01:00
Paul "LeoNerd" Evans e6e130b9ba Ensure that non-room-members cannot ban others, even if they do have enough powerlevel (SYN-343) 2015-04-15 18:07:33 +01:00
Kegan Dougal ae8ff92e05 Fix a bug which causes a send event level of 0 to not be honoured.
Caused by a bad if check, which incorrectly executes for both 0 and None,
when None was the original intent.
2015-04-07 15:48:20 +01:00
David Baker 9aa0224cdf unused import 2015-03-24 17:25:59 +00:00
David Baker c7023f2155 1) Pushers are now associated with an access token
2) Change places where we mean unauthenticated to 401, not 403, in C/S v2: hack so it stays as 403 in v1 because web client relies on it.
2015-03-24 17:24:15 +00:00
Paul "LeoNerd" Evans 93978c5e2b @cached() annotate get_user_by_token() - achieves a minor DB performance improvement 2015-03-17 17:24:51 +00:00
Erik Johnston b2e6ee5b43 Remove concept of context.auth_events, instead use context.current_state 2015-03-16 13:06:23 +00:00
Erik Johnston ea8590cf66 Make context.auth_events grap auth events from current state. Otherwise auth is wrong. 2015-03-16 00:18:08 +00:00
Erik Johnston ab8229479b Respect ban membership 2015-03-16 00:17:25 +00:00
Kegan Dougal 9978c5c103 Merge branch 'develop' into application-services 2015-02-11 10:03:24 +00:00
Erik Johnston d94f682a4c During room intial sync, only calculate current state once. 2015-02-09 17:41:29 +00:00
Kegan Dougal 5a7dd05818 Modify auth.get_user_by_req for authing appservices directly.
Add logic to map the appservice token to the autogenned appservice user ID.
Add unit tests for all forms of get_user_by_req (user/appservice,
valid/bad/missing tokens)
2015-02-09 14:14:15 +00:00
Kegan Dougal e426df8e10 Grant ASes the ability to create alias in their own namespace.
Add a new errcode type M_EXCLUSIVE when users try to create aliases inside
AS namespaces, and when ASes try to create aliases outside their own
namespace.
2015-02-06 10:57:14 +00:00
Kegan Dougal 5b99b471b2 Fix unit tests. 2015-02-05 15:12:36 +00:00
Kegan Dougal c163357f38 Add CS extension for masquerading as users within the namespaces specified by the AS. 2015-02-05 15:00:33 +00:00
Erik Johnston 650e32d455 Change context.auth_events to what the auth_events would be bases on context.current_state, rather than based on the auth_events from the event. 2015-02-04 14:06:46 +00:00
Erik Johnston 0dd3aea319 Keep around the old (buggy) version of the prune_event function so that we can use it to check signatures for events on old servers 2015-02-03 14:58:30 +00:00
Erik Johnston a70a801184 Fix bug where we superfluously asked for current state. Change API of /query_auth/ so that we don't duplicate events in the response. 2015-01-30 13:34:01 +00:00
Erik Johnston 2ebf795c0a Merge branch 'develop' of github.com:matrix-org/synapse into rejections
Conflicts:
	synapse/storage/__init__.py
	synapse/storage/schema/delta/v12.sql
2015-01-30 11:10:37 +00:00
Mark Haines 3cca61e006 Rename ClientID to ClientInfo since it is a pair of IDs rather than a single identifier 2015-01-28 17:16:12 +00:00
Mark Haines c18e551640 Add a : to the doc string after the type of the return value 2015-01-28 17:08:53 +00:00
Mark Haines 388581e087 Extract the id token of the token when authing users, include the token and device_id in the internal meta data for the event along with the transaction id when sending events 2015-01-28 16:58:23 +00:00
Erik Johnston 0ef5bfd6a9 Start implementing auth conflict res 2015-01-28 16:16:53 +00:00
Mark Haines c59bcabf0b Return the device_id from get_auth_by_req 2015-01-28 15:43:41 +00:00
Mark Haines 5759bec43c Replace hs.parse_userid with UserID.from_string 2015-01-23 11:47:15 +00:00
Kegan Dougal 4c68460392 SYN-154: Tweak how the m.room.create check is done.
Don't perform the check in auth.is_host_in_room but instead do it in _do_join
and also assert that there are no m.room.members in the room before doing so.
2015-01-07 16:09:00 +00:00
Kegan Dougal 9cb4f75d53 SYN-154: Better error messages when joining an unknown room by ID.
The simple fix doesn't work here because room creation also involves
unknown room IDs. The check relies on the presence of m.room.create for
rooms being created, whereas bogus room IDs have no state events at all.
2015-01-07 15:21:48 +00:00
Mark Haines adb04b1e57 Update copyright notices 2015-01-06 13:21:39 +00:00