diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 87f19a96d6..635571d2b6 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -21,7 +21,7 @@ from synapse.api.constants import Membership, JoinRules
from synapse.api.errors import AuthError, StoreError, Codes, SynapseError
from synapse.api.events.room import (
RoomMemberEvent, RoomPowerLevelsEvent, RoomRedactionEvent,
- RoomJoinRulesEvent, RoomCreateEvent,
+ RoomJoinRulesEvent, RoomCreateEvent, RoomAliasesEvent,
)
from synapse.util.logutils import log_function
from syutil.base64util import encode_base64
@@ -63,6 +63,10 @@ class Auth(object):
# FIXME
return True
+ # FIXME: Temp hack
+ if event.type == RoomAliasesEvent.TYPE:
+ return True
+
if event.type == RoomMemberEvent.TYPE:
allowed = self.is_membership_change_allowed(event)
if allowed:
@@ -144,6 +148,17 @@ class Auth(object):
@log_function
def is_membership_change_allowed(self, event):
+ membership = event.content["membership"]
+
+ # Check if this is the room creator joining:
+ if len(event.prev_events) == 1 and Membership.JOIN == membership:
+ # Get room creation event:
+ key = (RoomCreateEvent.TYPE, "", )
+ create = event.old_state_events.get(key)
+ if event.prev_events[0][0] == create.event_id:
+ if create.content["creator"] == event.state_key:
+ return True
+
target_user_id = event.state_key
# get info about the caller
@@ -159,8 +174,6 @@ class Auth(object):
target_in_room = target and target.membership == Membership.JOIN
- membership = event.content["membership"]
-
key = (RoomJoinRulesEvent.TYPE, "", )
join_rule_event = event.old_state_events.get(key)
if join_rule_event:
@@ -255,6 +268,11 @@ class Auth(object):
level = power_level_event.content.get("users", {}).get(user_id)
if not level:
level = power_level_event.content.get("users_default", 0)
+ else:
+ key = (RoomCreateEvent.TYPE, "", )
+ create_event = event.old_state_events.get(key)
+ if create_event.content["creator"] == user_id:
+ return 100
return level
|
