diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2020-02-21 07:18:33 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-02-21 07:18:33 -0500 |
commit | 7936d2a96e4781ad7d1ae27f78b65c8eb8d5c3f5 (patch) | |
tree | 1f23baeff55d4e427110a643a80726eb91c0ae35 | |
parent | Clarify list/set/dict/tuple comprehensions and enforce via flake8 (#6957) (diff) | |
download | synapse-7936d2a96e4781ad7d1ae27f78b65c8eb8d5c3f5.tar.xz |
Publishing/removing from the directory requires a power level greater than canonical aliases.
-rw-r--r-- | changelog.d/6965.feature | 1 | ||||
-rw-r--r-- | synapse/api/auth.py | 10 |
2 files changed, 6 insertions, 5 deletions
diff --git a/changelog.d/6965.feature b/changelog.d/6965.feature new file mode 100644 index 0000000000..6ad9956e40 --- /dev/null +++ b/changelog.d/6965.feature @@ -0,0 +1 @@ +Publishing/removing a room from the room directory now requires the user to have a power level capable of modifying the canonical alias, instead of the room aliases. diff --git a/synapse/api/auth.py b/synapse/api/auth.py index f576d65388..5ca18b4301 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -538,13 +538,13 @@ class Auth(object): return defer.succeed(auth_ids) @defer.inlineCallbacks - def check_can_change_room_list(self, room_id, user): + def check_can_change_room_list(self, room_id: str, user: UserID): """Check if the user is allowed to edit the room's entry in the published room list. Args: - room_id (str) - user (UserID) + room_id + user """ is_admin = yield self.is_server_admin(user) @@ -556,7 +556,7 @@ class Auth(object): # We currently require the user is a "moderator" in the room. We do this # by checking if they would (theoretically) be able to change the - # m.room.aliases events + # m.room.canonical_alias events power_level_event = yield self.state.get_current_state( room_id, EventTypes.PowerLevels, "" ) @@ -566,7 +566,7 @@ class Auth(object): auth_events[(EventTypes.PowerLevels, "")] = power_level_event send_level = event_auth.get_send_level( - EventTypes.Aliases, "", power_level_event + EventTypes.CanonicalAlias, "", power_level_event ) user_level = event_auth.get_user_power_level(user_id, auth_events) |