Check for space membership during a remote join of a restricted room (#9814)

When receiving a /send_join request for a room with join rules set to 'restricted', check if the user is a member of the spaces defined in the 'allow' key of the join rules. This only applies to an experimental room version, as defined in MSC3083.
author: Patrick Cloke <clokep@users.noreply.github.com> 2021-04-23 07:05:51 -0400
committer: GitHub <noreply@github.com> 2021-04-23 07:05:51 -0400
commit: d924827da1db5d210eb06db2247a1403ed4c8b9a (patch)
tree: ce0b2405dedde4caa7107a15991b31d1c9b18eee /synapse/api/auth.py
parent: Only store data in caches, not "smart" objects (#9845) (diff)
download: synapse-d924827da1db5d210eb06db2247a1403ed4c8b9a.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 872fd100cd..2d845d0d5c 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -65,6 +65,7 @@ class Auth:
     """
     FIXME: This class contains a mix of functions for authenticating users
     of our client-server API and authenticating events added to room graphs.
+    The latter should be moved to synapse.handlers.event_auth.EventAuthHandler.
     """
 
     def __init__(self, hs):
author	Patrick Cloke <clokep@users.noreply.github.com>	2021-04-23 07:05:51 -0400
committer	GitHub <noreply@github.com>	2021-04-23 07:05:51 -0400
commit	d924827da1db5d210eb06db2247a1403ed4c8b9a (patch)
tree	ce0b2405dedde4caa7107a15991b31d1c9b18eee /synapse/api/auth.py
parent	Only store data in caches, not "smart" objects (#9845) (diff)
download	synapse-d924827da1db5d210eb06db2247a1403ed4c8b9a.tar.xz