summary refs log tree commit diff
diff options
context:
space:
mode:
authorBrendan Abolivier <babolivier@matrix.org>2019-07-03 15:44:22 +0100
committerBrendan Abolivier <babolivier@matrix.org>2019-07-03 15:44:22 +0100
commitd085e0df2a96e2b300ebfa428c95f3827d2c0455 (patch)
treeea44148e521cd5240da7741fe20a0561996eddb1
parentAdd tests (diff)
downloadsynapse-d085e0df2a96e2b300ebfa428c95f3827d2c0455.tar.xz
Change the rule for applying PL restrictions
-rw-r--r--synapse/third_party_rules/access_rules.py10
1 files changed, 7 insertions, 3 deletions
diff --git a/synapse/third_party_rules/access_rules.py b/synapse/third_party_rules/access_rules.py
index 5307a15097..ba24c701a5 100644
--- a/synapse/third_party_rules/access_rules.py
+++ b/synapse/third_party_rules/access_rules.py
@@ -33,6 +33,11 @@ VALID_ACCESS_RULES = (
     ACCESS_RULE_UNRESTRICTED,
 )
 
+# Rules to which we need to apply the power levels restrictions.
+RULES_WITH_RESTRICTED_POWER_LEVELS = (
+    ACCESS_RULE_UNRESTRICTED,
+)
+
 
 class RoomAccessRules(object):
     """Implementation of the ThirdPartyEventRules module API that allows federation admins
@@ -369,9 +374,8 @@ class RoomAccessRules(object):
             bool, True if the event can be allowed, False otherwise.
 
         """
-        # Blacklisted servers shouldn't have any restriction in "direct" mode, so always
-        # accept the event.
-        if access_rule == ACCESS_RULE_DIRECT:
+        # Check if we need to apply the restrictions with the current rule.
+        if access_rule not in RULES_WITH_RESTRICTED_POWER_LEVELS:
             return True
 
         # If users_default is explicitly set to a non-0 value, deny the event.