summary refs log tree commit diff
path: root/synapse/api
diff options
context:
space:
mode:
authorEric Eastwood <erice@element.io>2021-07-13 14:12:33 -0500
committerGitHub <noreply@github.com>2021-07-13 14:12:33 -0500
commit0d5b08ac7ac88ae14cf81f0927084edc2c63a15f (patch)
treeeb94222a657dc0ea4c3988841e2deed45aec288a /synapse/api
parentAdd type hints to get_domain_from_id and get_localpart_from_id. (#10385) (diff)
downloadsynapse-0d5b08ac7ac88ae14cf81f0927084edc2c63a15f.tar.xz
Fix messages from multiple senders in historical chunk (MSC2716) (#10276)
Fix messages from multiple senders in historical chunk. This also means that an app service does not need to define `?user_id` when using this endpoint.

Follow-up to https://github.com/matrix-org/synapse/pull/9247

Part of MSC2716: https://github.com/matrix-org/matrix-doc/pull/2716
Diffstat (limited to 'synapse/api')
-rw-r--r--synapse/api/auth.py37
1 files changed, 33 insertions, 4 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 307f5f9a94..42476a18e5 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -240,6 +240,37 @@ class Auth:
         except KeyError:
             raise MissingClientTokenError()
 
+    async def validate_appservice_can_control_user_id(
+        self, app_service: ApplicationService, user_id: str
+    ):
+        """Validates that the app service is allowed to control
+        the given user.
+
+        Args:
+            app_service: The app service that controls the user
+            user_id: The author MXID that the app service is controlling
+
+        Raises:
+            AuthError: If the application service is not allowed to control the user
+                (user namespace regex does not match, wrong homeserver, etc)
+                or if the user has not been registered yet.
+        """
+
+        # It's ok if the app service is trying to use the sender from their registration
+        if app_service.sender == user_id:
+            pass
+        # Check to make sure the app service is allowed to control the user
+        elif not app_service.is_interested_in_user(user_id):
+            raise AuthError(
+                403,
+                "Application service cannot masquerade as this user (%s)." % user_id,
+            )
+        # Check to make sure the user is already registered on the homeserver
+        elif not (await self.store.get_user_by_id(user_id)):
+            raise AuthError(
+                403, "Application service has not registered this user (%s)" % user_id
+            )
+
     async def _get_appservice_user_id(
         self, request: Request
     ) -> Tuple[Optional[str], Optional[ApplicationService]]:
@@ -261,13 +292,11 @@ class Auth:
             return app_service.sender, app_service
 
         user_id = request.args[b"user_id"][0].decode("utf8")
+        await self.validate_appservice_can_control_user_id(app_service, user_id)
+
         if app_service.sender == user_id:
             return app_service.sender, app_service
 
-        if not app_service.is_interested_in_user(user_id):
-            raise AuthError(403, "Application service cannot masquerade as this user.")
-        if not (await self.store.get_user_by_id(user_id)):
-            raise AuthError(403, "Application service has not registered this user")
         return user_id, app_service
 
     async def get_user_by_access_token(