Add `allow_departed_users` param to `check_in_room_or_world_readable`

... and set it everywhere it's called. while we're here, rename it for consistency with `check_user_in_room` (and to help check that I haven't missed any instances)
author: Richard van der Hoff <richard@matrix.org> 2020-02-18 23:14:57 +0000
committer: Richard van der Hoff <richard@matrix.org> 2020-02-19 08:52:51 +0000
commit: a0a1fd0bec5cb596cc41c8f052a4aa0e8c01cf08 (patch)
tree: aabbdd6e13848ab8bc4b263dfce1df3e19efc65d /synapse/api
parent: Refactor the membership check methods in Auth (diff)
download: synapse-a0a1fd0bec5cb596cc41c8f052a4aa0e8c01cf08.tar.xz
1 files changed, 13 insertions, 3 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index de7b75ca36..f576d65388 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -625,10 +625,18 @@ class Auth(object):
             return query_params[0].decode("ascii")
 
     @defer.inlineCallbacks
-    def check_in_room_or_world_readable(self, room_id, user_id):
+    def check_user_in_room_or_world_readable(
+        self, room_id: str, user_id: str, allow_departed_users: bool = False
+    ):
         """Checks that the user is or was in the room or the room is world
         readable. If it isn't then an exception is raised.
 
+        Args:
+            room_id: room to check
+            user_id: user to check
+            allow_departed_users: if True, accept users that were previously
+                members but have now departed
+
         Returns:
             Deferred[tuple[str, str|None]]: Resolves to the current membership of
                 the user in the room and the membership event ID of the user. If
@@ -643,7 +651,7 @@ class Auth(object):
             #  * The user is a guest user, and has joined the room
             # else it will throw.
             member_event = yield self.check_user_in_room(
-                room_id, user_id, allow_departed_users=True
+                room_id, user_id, allow_departed_users=allow_departed_users
             )
             return member_event.membership, member_event.event_id
         except AuthError:
@@ -656,7 +664,9 @@ class Auth(object):
             ):
                 return Membership.JOIN, None
             raise AuthError(
-                403, "Guest access not allowed", errcode=Codes.GUEST_ACCESS_FORBIDDEN
+                403,
+                "User %s not in room %s, and room previews are disabled"
+                % (user_id, room_id),
             )
 
     @defer.inlineCallbacks
author	Richard van der Hoff <richard@matrix.org>	2020-02-18 23:14:57 +0000
committer	Richard van der Hoff <richard@matrix.org>	2020-02-19 08:52:51 +0000
commit	a0a1fd0bec5cb596cc41c8f052a4aa0e8c01cf08 (patch)
tree	aabbdd6e13848ab8bc4b263dfce1df3e19efc65d /synapse/api
parent	Refactor the membership check methods in Auth (diff)
download	synapse-a0a1fd0bec5cb596cc41c8f052a4aa0e8c01cf08.tar.xz