summary refs log tree commit diff
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2018-05-31 18:17:11 +0100
committerRichard van der Hoff <richard@matrix.org>2018-05-31 18:17:11 +0100
commit7e15410f0269aaea204b59fb3f7891e2437331ec (patch)
treeaeeb82e4d1bbdc4acdaf83b1605bfd4e7980e3e2
parentUpdate some comments and docstrings in SyncHandler (diff)
downloadsynapse-7e15410f0269aaea204b59fb3f7891e2437331ec.tar.xz
Enforce the specified API for report_event
as per
https://matrix.org/docs/spec/client_server/unstable.html#post-matrix-client-r0-rooms-roomid-report-eventid
-rw-r--r--synapse/rest/client/v2_alpha/report_event.py25
1 files changed, 23 insertions, 2 deletions
diff --git a/synapse/rest/client/v2_alpha/report_event.py b/synapse/rest/client/v2_alpha/report_event.py
index 8903e12405..8a38be6482 100644
--- a/synapse/rest/client/v2_alpha/report_event.py
+++ b/synapse/rest/client/v2_alpha/report_event.py
@@ -13,9 +13,16 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+from six import string_types
+from six.moves import http_client
+
 from twisted.internet import defer
 
-from synapse.http.servlet import RestServlet, parse_json_object_from_request
+from synapse.api.errors import SynapseError, Codes
+from synapse.http.servlet import (
+    RestServlet, parse_json_object_from_request,
+    assert_params_in_request,
+)
 from ._base import client_v2_patterns
 
 import logging
@@ -42,12 +49,26 @@ class ReportEventRestServlet(RestServlet):
         user_id = requester.user.to_string()
 
         body = parse_json_object_from_request(request)
+        assert_params_in_request(body, ("reason", "score"))
+
+        if not isinstance(body["reason"], string_types):
+            raise SynapseError(
+                http_client.BAD_REQUEST,
+                "Param 'reason' must be a string",
+                Codes.BAD_JSON,
+            )
+        if not isinstance(body["score"], int):
+            raise SynapseError(
+                http_client.BAD_REQUEST,
+                "Param 'score' must be an integer",
+                Codes.BAD_JSON,
+            )
 
         yield self.store.add_event_report(
             room_id=room_id,
             event_id=event_id,
             user_id=user_id,
-            reason=body.get("reason"),
+            reason=body["reason"],
             content=body,
             received_ts=self.clock.time_msec(),
         )