diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index bb25c4ec55..e1302553d7 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -21,8 +21,7 @@ from synapse.api.constants import Membership, JoinRules
from synapse.api.errors import AuthError, StoreError, Codes, SynapseError
from synapse.api.events.room import (
RoomMemberEvent, RoomPowerLevelsEvent, RoomRedactionEvent,
- RoomJoinRulesEvent, InviteJoinEvent,
- RoomCreateEvent,
+ RoomJoinRulesEvent, RoomCreateEvent,
)
from synapse.util.logutils import log_function
diff --git a/synapse/api/events/__init__.py b/synapse/api/events/__init__.py
index 84d3a98365..513a48f568 100644
--- a/synapse/api/events/__init__.py
+++ b/synapse/api/events/__init__.py
@@ -61,7 +61,7 @@ class SynapseEvent(JsonEncodedObject):
"replaces_state",
"redacted_because",
"origin_server_ts",
- "auth_chains",
+ "auth_events",
]
internal_keys = [
diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py
index 509f7b550c..2613fa7fce 100644
--- a/synapse/handlers/_base.py
+++ b/synapse/handlers/_base.py
@@ -14,11 +14,15 @@
# limitations under the License.
from twisted.internet import defer
-from synapse.api.errors import LimitExceededError
+from synapse.api.errors import LimitExceededError
from synapse.util.async import run_on_reactor
-
from synapse.crypto.event_signing import add_hashes_and_signatures
+from synapse.api.events.room import (
+ RoomCreateEvent, RoomMemberEvent, RoomPowerLevelsEvent, RoomJoinRulesEvent,
+)
+from synapse.api.constants import Membership, JoinRules
+from syutil.base64util import encode_base64
import logging
@@ -56,6 +60,53 @@ class BaseHandler(object):
)
@defer.inlineCallbacks
+ def _add_auth(self, event):
+ if event.type == RoomCreateEvent.TYPE:
+ event.auth_events = []
+ return
+
+ auth_events = []
+
+ key = (RoomPowerLevelsEvent.TYPE, "", )
+ power_level_event = event.old_state_events.get(key)
+
+ if power_level_event:
+ auth_events.append(power_level_event.event_id)
+
+ key = (RoomJoinRulesEvent.TYPE, "", )
+ join_rule_event = event.old_state_events.get(key)
+
+ key = (RoomMemberEvent.TYPE, event.user_id, )
+ member_event = event.old_state_events.get(key)
+
+ if join_rule_event:
+ join_rule = join_rule_event.content.get("join_rule")
+ is_public = join_rule == JoinRules.PUBLIC if join_rule else False
+
+ if event.type == RoomMemberEvent.TYPE:
+ if event.content["membership"] == Membership.JOIN:
+ if is_public:
+ auth_events.append(join_rule_event.event_id)
+ elif member_event:
+ auth_events.append(member_event.event_id)
+
+ if member_event:
+ if member_event.content["membership"] == Membership.JOIN:
+ auth_events.append(member_event.event_id)
+
+ hashes = yield self.store.get_event_reference_hashes(
+ auth_events
+ )
+ hashes = [
+ {
+ k: encode_base64(v) for k, v in h.items()
+ if k == "sha256"
+ }
+ for h in hashes
+ ]
+ event.auth_events = zip(auth_events, hashes)
+
+ @defer.inlineCallbacks
def _on_new_room_event(self, event, snapshot, extra_destinations=[],
extra_users=[], suppress_auth=False):
yield run_on_reactor()
@@ -64,6 +115,8 @@ class BaseHandler(object):
yield self.state_handler.annotate_state_groups(event)
+ yield self._add_auth(event)
+
logger.debug("Signing event...")
add_hashes_and_signatures(
@@ -76,6 +129,8 @@ class BaseHandler(object):
logger.debug("Authing...")
self.auth.check(event, raises=True)
logger.debug("Authed")
+ else:
+ logger.debug("Suppressed auth.")
yield self.store.persist_event(event)
diff --git a/synapse/storage/__init__.py b/synapse/storage/__init__.py
index 2a1970914f..48ad4d864f 100644
--- a/synapse/storage/__init__.py
+++ b/synapse/storage/__init__.py
@@ -19,7 +19,6 @@ from synapse.api.events.room import (
RoomMemberEvent, RoomTopicEvent, FeedbackEvent,
RoomNameEvent,
RoomJoinRulesEvent,
- RoomPowerLevelsEvent,
RoomRedactionEvent,
)
@@ -302,6 +301,17 @@ class DataStore(RoomMemberStore, RoomStore,
txn, event.event_id, prev_event_id, alg, hash_bytes
)
+ for auth_id, _ in event.auth_events:
+ self._simple_insert_txn(
+ txn,
+ table="event_auth",
+ values={
+ "event_id": event.event_id,
+ "room_id": event.room_id,
+ "auth_id": auth_id,
+ },
+ )
+
(ref_alg, ref_hash_bytes) = compute_event_reference_hash(event)
self._store_event_reference_hash_txn(
txn, event.event_id, ref_alg, ref_hash_bytes
diff --git a/synapse/storage/_base.py b/synapse/storage/_base.py
index 7821fc4726..9aa404695d 100644
--- a/synapse/storage/_base.py
+++ b/synapse/storage/_base.py
@@ -474,6 +474,8 @@ class SQLBaseStore(object):
if is_state == 0
]
+ ev.auth_events = self._get_auth_events(txn, ev.event_id)
+
if hasattr(ev, "state_key"):
ev.prev_state = [
(e_id, h)
diff --git a/synapse/storage/event_federation.py b/synapse/storage/event_federation.py
index 180a764134..86c68ebf87 100644
--- a/synapse/storage/event_federation.py
+++ b/synapse/storage/event_federation.py
@@ -139,6 +139,27 @@ class EventFederationStore(SQLBaseStore):
return results
+ def _get_auth_events(self, txn, event_id):
+ auth_ids = self._simple_select_onecol_txn(
+ txn,
+ table="event_auth",
+ keyvalues={
+ "event_id": event_id,
+ },
+ retcol="auth_id",
+ )
+
+ results = []
+ for auth_id in auth_ids:
+ hashes = self._get_event_reference_hashes_txn(txn, auth_id)
+ prev_hashes = {
+ k: encode_base64(v) for k, v in hashes.items()
+ if k == "sha256"
+ }
+ results.append((auth_id, prev_hashes))
+
+ return results
+
def get_min_depth(self, room_id):
return self.runInteraction(
"get_min_depth",
diff --git a/synapse/storage/schema/event_edges.sql b/synapse/storage/schema/event_edges.sql
index 51695826a8..be1c72a775 100644
--- a/synapse/storage/schema/event_edges.sql
+++ b/synapse/storage/schema/event_edges.sql
@@ -63,3 +63,13 @@ CREATE INDEX IF NOT EXISTS st_extrem_keys ON state_forward_extremities(
);
CREATE INDEX IF NOT EXISTS st_extrem_id ON state_forward_extremities(event_id);
+
+CREATE TABLE IF NOT EXISTS event_auth(
+ event_id TEXT NOT NULL,
+ auth_id TEXT NOT NULL,
+ room_id TEXT NOT NULL,
+ CONSTRAINT uniqueness UNIQUE (event_id, auth_id, room_id)
+);
+
+CREATE INDEX IF NOT EXISTS evauth_edges_id ON event_auth(event_id);
+CREATE INDEX IF NOT EXISTS evauth_edges_auth_id ON event_auth(auth_id);
\ No newline at end of file
diff --git a/synapse/storage/signatures.py b/synapse/storage/signatures.py
index b4b3d5d7ea..84a49088a2 100644
--- a/synapse/storage/signatures.py
+++ b/synapse/storage/signatures.py
@@ -55,6 +55,18 @@ class SignatureStore(SQLBaseStore):
or_ignore=True,
)
+ def get_event_reference_hashes(self, event_ids):
+ def f(txn):
+ return [
+ self._get_event_reference_hashes_txn(txn, ev)
+ for ev in event_ids
+ ]
+
+ return self.runInteraction(
+ "get_event_reference_hashes",
+ f
+ )
+
def _get_event_reference_hashes_txn(self, txn, event_id):
"""Get all the hashes for a given PDU.
Args:
|
