diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2021-06-02 11:31:41 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-06-02 11:31:41 -0400 |
commit | 3cf6b34b4e203dcda803ab3ac88c9dadc591e4a1 (patch) | |
tree | e78c4245fa489820e6697be307d17aa4a0b506c2 | |
parent | Make /sync do less state res (#10102) (diff) | |
download | synapse-3cf6b34b4e203dcda803ab3ac88c9dadc591e4a1.tar.xz |
Do not show invite-only rooms in spaces summary (unless joined/invited). (#10109)
-rw-r--r-- | changelog.d/10109.bugfix | 1 | ||||
-rw-r--r-- | synapse/handlers/space_summary.py | 19 |
2 files changed, 10 insertions, 10 deletions
diff --git a/changelog.d/10109.bugfix b/changelog.d/10109.bugfix new file mode 100644 index 0000000000..bc41bf9e5e --- /dev/null +++ b/changelog.d/10109.bugfix @@ -0,0 +1 @@ +Fix a bug introduced in v1.35.0 where invite-only rooms would be shown to users in a space who were not invited. diff --git a/synapse/handlers/space_summary.py b/synapse/handlers/space_summary.py index abd9ddecca..046dba6fd8 100644 --- a/synapse/handlers/space_summary.py +++ b/synapse/handlers/space_summary.py @@ -26,7 +26,6 @@ from synapse.api.constants import ( HistoryVisibility, Membership, ) -from synapse.api.errors import AuthError from synapse.events import EventBase from synapse.events.utils import format_event_for_client_v2 from synapse.types import JsonDict @@ -456,16 +455,16 @@ class SpaceSummaryHandler: return True # Otherwise, check if they should be allowed access via membership in a space. - try: - await self._event_auth_handler.check_restricted_join_rules( - state_ids, room_version, requester, member_event + if self._event_auth_handler.has_restricted_join_rules( + state_ids, room_version + ): + allowed_spaces = ( + await self._event_auth_handler.get_spaces_that_allow_join(state_ids) ) - except AuthError: - # The user doesn't have access due to spaces, but might have access - # another way. Keep trying. - pass - else: - return True + if await self._event_auth_handler.is_user_in_rooms( + allowed_spaces, requester + ): + return True # If this is a request over federation, check if the host is in the room or # is in one of the spaces specified via the join rules. |