Merge pull request #363 from matrix-org/daniel/guestscanjoin

Consider joined guest users as joined users Otherwise they're inconveniently allowed to write events to the room but not to read them from the room.
author: Daniel Wagner-Hall <dawagner@gmail.com> 2015-11-12 13:37:09 +0000
committer: Daniel Wagner-Hall <dawagner@gmail.com> 2015-11-12 13:37:09 +0000
commit: 8ea5dccea17b3f50dd6d1e6fabfa8eacbdbc5da9 (patch)
tree: cf20ecd9688c170889bc164a349092c9ece884bd
parent: Merge pull request #362 from matrix-org/daniel/raceyraceyfunfun (diff)
parent: Consider joined guest users as joined users (diff)
download: synapse-8ea5dccea17b3f50dd6d1e6fabfa8eacbdbc5da9.tar.xz
1 files changed, 21 insertions, 12 deletions
diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index 7d31ff8d46..92e1180262 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -258,20 +258,29 @@ class MessageHandler(BaseHandler):
 
     @defer.inlineCallbacks
     def _check_in_room_or_world_readable(self, room_id, user_id, is_guest):
-        if is_guest:
-            visibility = yield self.state_handler.get_current_state(
-                room_id, EventTypes.RoomHistoryVisibility, ""
-            )
-            if visibility.content["history_visibility"] == "world_readable":
-                defer.returnValue((Membership.JOIN, None))
-                return
-            else:
-                raise AuthError(
-                    403, "Guest access not allowed", errcode=Codes.GUEST_ACCESS_FORBIDDEN
-                )
-        else:
+        try:
+            # check_user_was_in_room will return the most recent membership
+            # event for the user if:
+            #  * The user is a non-guest user, and was ever in the room
+            #  * The user is a guest user, and has joined the room
+            # else it will throw.
             member_event = yield self.auth.check_user_was_in_room(room_id, user_id)
             defer.returnValue((member_event.membership, member_event.event_id))
+            return
+        except AuthError:
+            if not is_guest:
+                raise
+
+        visibility = yield self.state_handler.get_current_state(
+            room_id, EventTypes.RoomHistoryVisibility, ""
+        )
+        if visibility.content["history_visibility"] == "world_readable":
+            defer.returnValue((Membership.JOIN, None))
+            return
+        else:
+            raise AuthError(
+                403, "Guest access not allowed", errcode=Codes.GUEST_ACCESS_FORBIDDEN
+            )
 
     @defer.inlineCallbacks
     def get_state_events(self, user_id, room_id, is_guest=False):
author	Daniel Wagner-Hall <dawagner@gmail.com>	2015-11-12 13:37:09 +0000
committer	Daniel Wagner-Hall <dawagner@gmail.com>	2015-11-12 13:37:09 +0000
commit	8ea5dccea17b3f50dd6d1e6fabfa8eacbdbc5da9 (patch)
tree	cf20ecd9688c170889bc164a349092c9ece884bd
parent	Merge pull request #362 from matrix-org/daniel/raceyraceyfunfun (diff)
parent	Consider joined guest users as joined users (diff)
download	synapse-8ea5dccea17b3f50dd6d1e6fabfa8eacbdbc5da9.tar.xz