diff options
author | Kegan Dougal <kegan@matrix.org> | 2015-02-05 16:46:56 +0000 |
---|---|---|
committer | Kegan Dougal <kegan@matrix.org> | 2015-02-05 16:46:56 +0000 |
commit | cab4c730885dcb5c95a50d425d6b6f655154a173 (patch) | |
tree | bbe7a2e6b558c08700c3640ce3640a83c97cd0bf | |
parent | Prevent aliases in AS namespaces being created/deleted by users. Check with A... (diff) | |
download | synapse-cab4c730885dcb5c95a50d425d6b6f655154a173.tar.xz |
Prevent user IDs in AS namespaces being created/deleted by humans.
Diffstat (limited to '')
-rw-r--r-- | synapse/handlers/register.py | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index 08cd5fd720..b6e19d498c 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -65,6 +65,8 @@ class RegistrationHandler(BaseHandler): user = UserID(localpart, self.hs.hostname) user_id = user.to_string() + yield self.check_user_id_is_valid(user_id) + token = self._generate_token(user_id) yield self.store.register( user_id=user_id, @@ -83,6 +85,7 @@ class RegistrationHandler(BaseHandler): localpart = self._generate_user_id() user = UserID(localpart, self.hs.hostname) user_id = user.to_string() + yield self.check_user_id_is_valid(user_id) token = self._generate_token(user_id) yield self.store.register( @@ -148,6 +151,19 @@ class RegistrationHandler(BaseHandler): # XXX: This should be a deferred list, shouldn't it? yield self._bind_threepid(c, user_id) + @defer.inlineCallbacks + def check_user_id_is_valid(self, user_id): + # valid user IDs must not clash with any user ID namespaces claimed by + # application services. + services = yield self.store.get_app_services() + interested_services = [ + s for s in services if s.is_interested_in_user(user_id) + ] + if len(interested_services) > 0: + raise SynapseError( + 400, "This user ID is reserved by an application service." + ) + def _generate_token(self, user_id): # urlsafe variant uses _ and - so use . as the separator and replace # all =s with .s so http clients don't quote =s when it is used as |