diff options
| author | Erik Johnston <erik@matrix.org> | 2014-09-25 17:02:53 +0100 |
|---|---|---|
| committer | Erik Johnston <erik@matrix.org> | 2014-09-25 17:02:53 +0100 |
| commit | 37bfe44046d46effba5f86b65ab37fa0d0c505b0 (patch) | |
| tree | 9524fd5e5ac1637982549030a2759aaf538e8ac2 /synapse/api | |
| parent | fix rst warnings (diff) | |
| parent | Don't strip out null's in serialized events, as that is not need anymore and ... (diff) | |
| download | synapse-37bfe44046d46effba5f86b65ab37fa0d0c505b0.tar.xz | |
Merge branch 'deletions' of github.com:matrix-org/synapse into develop
Diffstat (limited to 'synapse/api')
| -rw-r--r-- | synapse/api/auth.py | 34 | ||||
| -rw-r--r-- | synapse/api/events/__init__.py | 7 | ||||
| -rw-r--r-- | synapse/api/events/factory.py | 4 | ||||
| -rw-r--r-- | synapse/api/events/room.py | 9 | ||||
| -rw-r--r-- | synapse/api/events/utils.py | 64 |
5 files changed, 112 insertions, 6 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py index 5321864d51..9bfd25c86e 100644 --- a/synapse/api/auth.py +++ b/synapse/api/auth.py @@ -19,7 +19,9 @@ from twisted.internet import defer from synapse.api.constants import Membership, JoinRules from synapse.api.errors import AuthError, StoreError, Codes, SynapseError -from synapse.api.events.room import RoomMemberEvent, RoomPowerLevelsEvent +from synapse.api.events.room import ( + RoomMemberEvent, RoomPowerLevelsEvent, RoomRedactionEvent, +) from synapse.util.logutils import log_function import logging @@ -70,6 +72,9 @@ class Auth(object): if event.type == RoomPowerLevelsEvent.TYPE: yield self._check_power_levels(event) + if event.type == RoomRedactionEvent.TYPE: + yield self._check_redaction(event) + defer.returnValue(True) else: raise AuthError(500, "Unknown event: %s" % event) @@ -170,7 +175,7 @@ class Auth(object): event.room_id, event.user_id, ) - _, kick_level = yield self.store.get_ops_levels(event.room_id) + _, kick_level, _ = yield self.store.get_ops_levels(event.room_id) if kick_level: kick_level = int(kick_level) @@ -187,7 +192,7 @@ class Auth(object): event.user_id, ) - ban_level, _ = yield self.store.get_ops_levels(event.room_id) + ban_level, _, _ = yield self.store.get_ops_levels(event.room_id) if ban_level: ban_level = int(ban_level) @@ -322,6 +327,29 @@ class Auth(object): ) @defer.inlineCallbacks + def _check_redaction(self, event): + user_level = yield self.store.get_power_level( + event.room_id, + event.user_id, + ) + + if user_level: + user_level = int(user_level) + else: + user_level = 0 + + _, _, redact_level = yield self.store.get_ops_levels(event.room_id) + + if not redact_level: + redact_level = 50 + + if user_level < redact_level: + raise AuthError( + 403, + "You don't have permission to redact events" + ) + + @defer.inlineCallbacks def _check_power_levels(self, event): for k, v in event.content.items(): if k == "default": diff --git a/synapse/api/events/__init__.py b/synapse/api/events/__init__.py index 0cee196851..f66fea2904 100644 --- a/synapse/api/events/__init__.py +++ b/synapse/api/events/__init__.py @@ -22,7 +22,8 @@ def serialize_event(hs, e): if not isinstance(e, SynapseEvent): return e - d = e.get_dict() + # Should this strip out None's? + d = {k: v for k, v in e.get_dict().items()} if "age_ts" in d: d["age"] = int(hs.get_clock().time_msec()) - d["age_ts"] del d["age_ts"] @@ -58,17 +59,19 @@ class SynapseEvent(JsonEncodedObject): "required_power_level", "age_ts", "prev_content", + "prev_state", + "redacted_because", ] internal_keys = [ "is_state", "prev_events", - "prev_state", "depth", "destinations", "origin", "outlier", "power_level", + "redacted", ] required_keys = [ diff --git a/synapse/api/events/factory.py b/synapse/api/events/factory.py index d3d96d73eb..0d94850cec 100644 --- a/synapse/api/events/factory.py +++ b/synapse/api/events/factory.py @@ -17,7 +17,8 @@ from synapse.api.events.room import ( RoomTopicEvent, MessageEvent, RoomMemberEvent, FeedbackEvent, InviteJoinEvent, RoomConfigEvent, RoomNameEvent, GenericEvent, RoomPowerLevelsEvent, RoomJoinRulesEvent, RoomOpsPowerLevelsEvent, - RoomCreateEvent, RoomAddStateLevelEvent, RoomSendEventLevelEvent + RoomCreateEvent, RoomAddStateLevelEvent, RoomSendEventLevelEvent, + RoomRedactionEvent, ) from synapse.util.stringutils import random_string @@ -39,6 +40,7 @@ class EventFactory(object): RoomAddStateLevelEvent, RoomSendEventLevelEvent, RoomOpsPowerLevelsEvent, + RoomRedactionEvent, ] def __init__(self, hs): diff --git a/synapse/api/events/room.py b/synapse/api/events/room.py index 3a4dbc58ce..cd936074fc 100644 --- a/synapse/api/events/room.py +++ b/synapse/api/events/room.py @@ -180,3 +180,12 @@ class RoomAliasesEvent(SynapseStateEvent): def get_content_template(self): return {} + + +class RoomRedactionEvent(SynapseEvent): + TYPE = "m.room.redaction" + + valid_keys = SynapseEvent.valid_keys + ["redacts"] + + def get_content_template(self): + return {} diff --git a/synapse/api/events/utils.py b/synapse/api/events/utils.py new file mode 100644 index 0000000000..c3a32be8c1 --- /dev/null +++ b/synapse/api/events/utils.py @@ -0,0 +1,64 @@ +# -*- coding: utf-8 -*- +# Copyright 2014 OpenMarket Ltd +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from .room import ( + RoomMemberEvent, RoomJoinRulesEvent, RoomPowerLevelsEvent, + RoomAddStateLevelEvent, RoomSendEventLevelEvent, RoomOpsPowerLevelsEvent, + RoomAliasesEvent, RoomCreateEvent, +) + +def prune_event(event): + """ Prunes the given event of all keys we don't know about or think could + potentially be dodgy. + + This is used when we "redact" an event. We want to remove all fields that + the user has specified, but we do want to keep necessary information like + type, state_key etc. + """ + + # Remove all extraneous fields. + event.unrecognized_keys = {} + + new_content = {} + + def add_fields(*fields): + for field in fields: + if field in event.content: + new_content[field] = event.content[field] + + if event.type == RoomMemberEvent.TYPE: + add_fields("membership") + elif event.type == RoomCreateEvent.TYPE: + add_fields("creator") + elif event.type == RoomJoinRulesEvent.TYPE: + add_fields("join_rule") + elif event.type == RoomPowerLevelsEvent.TYPE: + # TODO: Actually check these are valid user_ids etc. + add_fields("default") + for k, v in event.content.items(): + if k.startswith("@") and isinstance(v, (int, long)): + new_content[k] = v + elif event.type == RoomAddStateLevelEvent.TYPE: + add_fields("level") + elif event.type == RoomSendEventLevelEvent.TYPE: + add_fields("level") + elif event.type == RoomOpsPowerLevelsEvent.TYPE: + add_fields("kick_level", "ban_level", "redact_level") + elif event.type == RoomAliasesEvent.TYPE: + add_fields("aliases") + + event.content = new_content + + return event |