Implement auth for kicking.

author: Erik Johnston <erik@matrix.org> 2014-09-02 10:52:49 +0100
committer: Erik Johnston <erik@matrix.org> 2014-09-02 10:58:33 +0100
commit: db02021aba223db4ed37972f6c676c8e64ddb49f (patch)
tree: 77a5a4ac9ef0fb36da5cfddf14bb3ae7a451e577 /synapse/api
parent: Add message to assertion (diff)
download: synapse-db02021aba223db4ed37972f6c676c8e64ddb49f.tar.xz
1 files changed, 10 insertions, 3 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index abd7d73b0a..e9e3279b9a 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -163,9 +163,16 @@ class Auth(object):
             if not caller_in_room:  # trying to leave a room you aren't joined
                 raise AuthError(403, "You are not in room %s." % event.room_id)
             elif target_user_id != event.user_id:
-                # trying to force another user to leave
-                raise AuthError(403, "Cannot force %s to leave." %
-                                target_user_id)
+                user_level = yield self.store.get_power_level(
+                    event.room_id,
+                    event.user_id,
+                )
+                _, kick_level = yield self.store.get_ops_levels(event.room_id)
+
+                if user_level < kick_level:
+                    raise AuthError(
+                        403, "You cannot kick user %s." % target_user_id
+                    )
         elif Membership.BAN == membership:
             user_level = yield self.store.get_power_level(
                 event.room_id,
author	Erik Johnston <erik@matrix.org>	2014-09-02 10:52:49 +0100
committer	Erik Johnston <erik@matrix.org>	2014-09-02 10:58:33 +0100
commit	db02021aba223db4ed37972f6c676c8e64ddb49f (patch)
tree	77a5a4ac9ef0fb36da5cfddf14bb3ae7a451e577 /synapse/api
parent	Add message to assertion (diff)
download	synapse-db02021aba223db4ed37972f6c676c8e64ddb49f.tar.xz