diff options
author | Erik Johnston <erik@matrix.org> | 2018-10-03 14:13:07 +0100 |
---|---|---|
committer | Erik Johnston <erik@matrix.org> | 2018-10-03 14:13:07 +0100 |
commit | 52e6e815bef4379773fde257c85c4fc4d11cd181 (patch) | |
tree | 645e3435ef69cd878d0572977e3189aafe04fd7d | |
parent | Newsfile (diff) | |
download | synapse-52e6e815bef4379773fde257c85c4fc4d11cd181.tar.xz |
Sanitise error messages when user doesn't have permission to invite
-rw-r--r-- | synapse/event_auth.py | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py index c6c011b6b6..af3eee95b9 100644 --- a/synapse/event_auth.py +++ b/synapse/event_auth.py @@ -155,10 +155,7 @@ def check(event, auth_events, do_sig_check=True, do_size_check=True): if user_level < invite_level: raise AuthError( - 403, ( - "You cannot issue a third party invite for %s." % - (event.content.get("display_name", "<Unknown>"),) - ) + 403, "You don't have permission to invite users", ) else: logger.debug("Allowing! %s", event) @@ -305,7 +302,7 @@ def _is_membership_change_allowed(event, auth_events): if user_level < invite_level: raise AuthError( - 403, "You cannot invite user %s." % target_user_id + 403, "You don't have permission to invite users", ) elif Membership.JOIN == membership: # Joins are valid iff caller == target and they were: |