From eddc6d8855b0aa50fe85f85d40bd3ffc24678238 Mon Sep 17 00:00:00 2001
From: Brendan Abolivier <babolivier@matrix.org>
Date: Thu, 5 Sep 2019 16:25:22 +0100
Subject: Forbid changing the name, avatar or topic of a direct room

---
 synapse/third_party_rules/access_rules.py | 50 +++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/synapse/third_party_rules/access_rules.py b/synapse/third_party_rules/access_rules.py
index 1a295ea7ce..41862f6d0b 100644
--- a/synapse/third_party_rules/access_rules.py
+++ b/synapse/third_party_rules/access_rules.py
@@ -237,6 +237,15 @@ class RoomAccessRules(object):
         if event.type == EventTypes.JoinRules:
             return self._on_join_rule_change(event, rule)
 
+        if event.type == EventTypes.RoomAvatar:
+            return self._on_room_avatar_change(event, rule)
+
+        if event.type == EventTypes.Name:
+            return self._on_room_name_change(event, rule)
+
+        if event.type == EventTypes.Topic:
+            return self._on_room_topic_change(event, rule)
+
         return True
 
     def _on_rules_change(self, event, state_events):
@@ -461,6 +470,47 @@ class RoomAccessRules(object):
 
         return True
 
+    def _on_room_avatar_change(self, event, rule):
+        """Check whether a change of room avatar is allowed.
+        The current rule is to forbid such a change in direct chats but allow it
+        everywhere else.
+
+        Args:
+            event (synapse.events.EventBase): The event to check.
+            rule (str): The name of the rule to apply.
+        Returns:
+            bool, True if the event can be allowed, False otherwise.
+        """
+        return rule != ACCESS_RULE_DIRECT
+
+
+    def _on_room_name_change(self, event, rule):
+        """Check whether a change of room name is allowed.
+        The current rule is to forbid such a change in direct chats but allow it
+        everywhere else.
+
+        Args:
+            event (synapse.events.EventBase): The event to check.
+            rule (str): The name of the rule to apply.
+        Returns:
+            bool, True if the event can be allowed, False otherwise.
+        """
+        return rule != ACCESS_RULE_DIRECT
+
+
+    def _on_room_topic_change(self, event, rule):
+        """Check whether a change of room topic is allowed.
+        The current rule is to forbid such a change in direct chats but allow it
+        everywhere else.
+
+        Args:
+            event (synapse.events.EventBase): The event to check.
+            rule (str): The name of the rule to apply.
+        Returns:
+            bool, True if the event can be allowed, False otherwise.
+        """
+        return rule != ACCESS_RULE_DIRECT
+
     @staticmethod
     def _get_rule_from_state(state_events):
         """Extract the rule to be applied from the given set of state events.
-- 
cgit 1.5.1


From 2477f1f7aa8db44a8a74d622dcea31ba9ae85a37 Mon Sep 17 00:00:00 2001
From: Brendan Abolivier <babolivier@matrix.org>
Date: Thu, 5 Sep 2019 16:25:37 +0100
Subject: Add tests

---
 tests/rest/client/test_room_access_rules.py | 105 ++++++++++++++++++++++++++++
 1 file changed, 105 insertions(+)

diff --git a/tests/rest/client/test_room_access_rules.py b/tests/rest/client/test_room_access_rules.py
index 7e23add6b7..28e07b3928 100644
--- a/tests/rest/client/test_room_access_rules.py
+++ b/tests/rest/client/test_room_access_rules.py
@@ -483,6 +483,111 @@ class RoomAccessTestCase(unittest.HomeserverTestCase):
             expected_code=403,
         )
 
+    def test_change_room_avatar(self):
+        """Tests that changing the room avatar is always allowed unless the room is a
+        direct chat, in which case it's forbidden.
+        """
+
+        avatar_content = {
+            "info": {
+                "h": 398,
+                "mimetype": "image/jpeg",
+                "size": 31037,
+                "w": 394
+            },
+            "url": "mxc://example.org/JWEIFJgwEIhweiWJE",
+        }
+
+        self.helper.send_state(
+            room_id=self.restricted_room,
+            event_type=EventTypes.RoomAvatar,
+            body=avatar_content,
+            tok=self.tok,
+            expect_code=200,
+        )
+
+        self.helper.send_state(
+            room_id=self.unrestricted_room,
+            event_type=EventTypes.RoomAvatar,
+            body=avatar_content,
+            tok=self.tok,
+            expect_code=200,
+        )
+
+        self.helper.send_state(
+            room_id=self.direct_rooms[0],
+            event_type=EventTypes.RoomAvatar,
+            body=avatar_content,
+            tok=self.tok,
+            expect_code=403,
+        )
+
+    def test_change_room_name(self):
+        """Tests that changing the room name is always allowed unless the room is a direct
+        chat, in which case it's forbidden.
+        """
+
+        name_content = {
+            "name": "My super room",
+        }
+
+        self.helper.send_state(
+            room_id=self.restricted_room,
+            event_type=EventTypes.Name,
+            body=name_content,
+            tok=self.tok,
+            expect_code=200,
+        )
+
+        self.helper.send_state(
+            room_id=self.unrestricted_room,
+            event_type=EventTypes.Name,
+            body=name_content,
+            tok=self.tok,
+            expect_code=200,
+        )
+
+        self.helper.send_state(
+            room_id=self.direct_rooms[0],
+            event_type=EventTypes.Name,
+            body=name_content,
+            tok=self.tok,
+            expect_code=403,
+        )
+
+    def test_change_room_topic(self):
+        """Tests that changing the room topic is always allowed unless the room is a
+        direct chat, in which case it's forbidden.
+        """
+
+        topic_content = {
+            "topic": "Welcome to this room",
+        }
+
+        self.helper.send_state(
+            room_id=self.restricted_room,
+            event_type=EventTypes.Topic,
+            body=topic_content,
+            tok=self.tok,
+            expect_code=200,
+        )
+
+        self.helper.send_state(
+            room_id=self.unrestricted_room,
+            event_type=EventTypes.Topic,
+            body=topic_content,
+            tok=self.tok,
+            expect_code=200,
+        )
+
+        self.helper.send_state(
+            room_id=self.direct_rooms[0],
+            event_type=EventTypes.Topic,
+            body=topic_content,
+            tok=self.tok,
+            expect_code=403,
+        )
+
     def create_room(
         self, direct=False, rule=None, preset=RoomCreationPreset.TRUSTED_PRIVATE_CHAT,
         initial_state=None, expected_code=200,
-- 
cgit 1.5.1


From 9ef4e90be73ef61212a548f61c738882c7878462 Mon Sep 17 00:00:00 2001
From: Brendan Abolivier <babolivier@matrix.org>
Date: Thu, 5 Sep 2019 16:35:00 +0100
Subject: Changelog

---
 changelog.d/1.feature | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/1.feature

diff --git a/changelog.d/1.feature b/changelog.d/1.feature
new file mode 100644
index 0000000000..845642e445
--- /dev/null
+++ b/changelog.d/1.feature
@@ -0,0 +1 @@
+Forbid changing the name, avatar or topic of a direct room.
-- 
cgit 1.5.1


From d1d464388acff70b75b61bd1ec6b9d33999c5924 Mon Sep 17 00:00:00 2001
From: Brendan Abolivier <babolivier@matrix.org>
Date: Thu, 5 Sep 2019 16:35:13 +0100
Subject: Lint

---
 synapse/third_party_rules/access_rules.py | 2 --
 1 file changed, 2 deletions(-)

diff --git a/synapse/third_party_rules/access_rules.py b/synapse/third_party_rules/access_rules.py
index 41862f6d0b..f564c0484c 100644
--- a/synapse/third_party_rules/access_rules.py
+++ b/synapse/third_party_rules/access_rules.py
@@ -483,7 +483,6 @@ class RoomAccessRules(object):
         """
         return rule != ACCESS_RULE_DIRECT
 
-
     def _on_room_name_change(self, event, rule):
         """Check whether a change of room name is allowed.
         The current rule is to forbid such a change in direct chats but allow it
@@ -497,7 +496,6 @@ class RoomAccessRules(object):
         """
         return rule != ACCESS_RULE_DIRECT
 
-
     def _on_room_topic_change(self, event, rule):
         """Check whether a change of room topic is allowed.
         The current rule is to forbid such a change in direct chats but allow it
-- 
cgit 1.5.1


From 6cf60da6e96f3dfbd58435b0390da91db04901c0 Mon Sep 17 00:00:00 2001
From: Brendan Abolivier <babolivier@matrix.org>
Date: Thu, 5 Sep 2019 16:38:20 +0100
Subject: Fix CI

---
 .circleci/merge_base_branch.sh | 2 +-
 scripts-dev/check-newsfragment | 6 +++---
 tox.ini                        | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.circleci/merge_base_branch.sh b/.circleci/merge_base_branch.sh
index 56895284ba..3a6476a96c 100755
--- a/.circleci/merge_base_branch.sh
+++ b/.circleci/merge_base_branch.sh
@@ -17,7 +17,7 @@ then
     GITBASE="dinsic"
 else
     # Get the reference, using the GitHub API
-    GITBASE=`wget -O- https://api.github.com/repos/matrix-org/synapse/pulls/${CIRCLE_PR_NUMBER} | jq -r '.base.ref'`
+    GITBASE=`wget -O- https://api.github.com/repos/matrix-org/synapse-dinsic/pulls/${CIRCLE_PR_NUMBER} | jq -r '.base.ref'`
 fi
 
 # Show what we are before
diff --git a/scripts-dev/check-newsfragment b/scripts-dev/check-newsfragment
index 0ec5075e79..b8a85abe18 100755
--- a/scripts-dev/check-newsfragment
+++ b/scripts-dev/check-newsfragment
@@ -5,9 +5,9 @@
 
 set -e
 
-# make sure that origin/develop is up to date
-git remote set-branches --add origin develop
-git fetch origin develop
+# make sure that origin/dinsic is up to date
+git remote set-branches --add origin dinsic
+git fetch origin dinsic
 
 # if there are changes in the debian directory, check that the debian changelog
 # has been updated
diff --git a/tox.ini b/tox.ini
index 543b232ae7..b702cf670b 100644
--- a/tox.ini
+++ b/tox.ini
@@ -128,7 +128,7 @@ commands = /bin/sh -c "isort -c -df -sp setup.cfg -rc synapse tests"
 skip_install = True
 deps = towncrier>=18.6.0rc1
 commands =
-   python -m towncrier.check --compare-with=origin/develop
+   python -m towncrier.check --compare-with=origin/dinsic
 basepython = python3.6
 
 [testenv:check-sampleconfig]
-- 
cgit 1.5.1