Only require consent for events with an associated request - matrix/thirdparty/synapse.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Erik Johnston <erik@matrix.org>	2019-03-20 16:50:23 +0000
committer	Erik Johnston <erik@matrix.org>	2019-03-20 16:50:23 +0000
commit	74c46d81fa7c3e4f1cfc3688d9ce3f46d35ee5a5 (patch)
tree	dfad554d20acef7891e79c10f61c6153f7df459d /CHANGES.md
parent	Allow blocking a room multiple times (diff)
download	synapse-74c46d81fa7c3e4f1cfc3688d9ce3f46d35ee5a5.tar.xz

Only require consent for events with an associated request

There are a number of instances where a server or admin may puppet a
user to join/leave rooms, which we don't want to fail if the user has
not consented to the privacy policy. We fix this by adding a check to
test if the requester has an associated access_token, which is used as a
proxy to answer the question of whether the action is being done on
behalf of a real request from the user.

Diffstat (limited to 'CHANGES.md')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: