summary refs log tree commit diff
path: root/synapse/api
diff options
context:
space:
mode:
authorPatrick Cloke <clokep@users.noreply.github.com>2021-04-23 07:05:51 -0400
committerGitHub <noreply@github.com>2021-04-23 07:05:51 -0400
commitd924827da1db5d210eb06db2247a1403ed4c8b9a (patch)
treece0b2405dedde4caa7107a15991b31d1c9b18eee /synapse/api
parentOnly store data in caches, not "smart" objects (#9845) (diff)
downloadsynapse-d924827da1db5d210eb06db2247a1403ed4c8b9a.tar.xz
Check for space membership during a remote join of a restricted room (#9814)
When receiving a /send_join request for a room with join rules set to 'restricted',
check if the user is a member of the spaces defined in the 'allow' key of the join rules.

This only applies to an experimental room version, as defined in MSC3083.
Diffstat (limited to 'synapse/api')
-rw-r--r--synapse/api/auth.py1
1 files changed, 1 insertions, 0 deletions
diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 872fd100cd..2d845d0d5c 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -65,6 +65,7 @@ class Auth:
     """
     FIXME: This class contains a mix of functions for authenticating users
     of our client-server API and authenticating events added to room graphs.
+    The latter should be moved to synapse.handlers.event_auth.EventAuthHandler.
     """
 
     def __init__(self, hs):