summary refs log tree commit diff
path: root/synapse/event_auth.py
diff options
context:
space:
mode:
authorAndrew Morgan <andrew@amorgan.xyz>2020-08-03 17:23:16 -0700
committerAndrew Morgan <andrew@amorgan.xyz>2020-08-03 17:23:16 -0700
commit80506e8081194e13cb8eaddbf14ccd02620fb860 (patch)
tree7810df0798828be99420d1f9927b0f584e0aae95 /synapse/event_auth.py
parentMerge commit 'c9f7c683a' into anoa/dinsic_release_1_18_x (diff)
parentFix recursion error when fetching auth chain over federation (#7817) (diff)
downloadsynapse-80506e8081194e13cb8eaddbf14ccd02620fb860.tar.xz
Merge commit 'e29c44340' into anoa/dinsic_release_1_18_x
* commit 'e29c44340':
  Fix recursion error when fetching auth chain over federation (#7817)
Diffstat (limited to 'synapse/event_auth.py')
-rw-r--r--synapse/event_auth.py10
1 files changed, 6 insertions, 4 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py

index c582355146..c0981eee62 100644
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -65,14 +65,16 @@ def check(
 
     room_id = event.room_id
 
-    # I'm not really expecting to get auth events in the wrong room, but let's
-    # sanity-check it
+    # We need to ensure that the auth events are actually for the same room, to
+    # stop people from using powers they've been granted in other rooms for
+    # example.
     for auth_event in auth_events.values():
         if auth_event.room_id != room_id:
-            raise Exception(
+            raise AuthError(
+                403,
                 "During auth for event %s in room %s, found event %s in the state "
                 "which is in room %s"
-                % (event.event_id, room_id, auth_event.event_id, auth_event.room_id)
+                % (event.event_id, room_id, auth_event.event_id, auth_event.room_id),
             )
 
     if do_sig_check:
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-02 09:40:18 +0000