Strip "join_authorised_via_users_server" from join events which do not need it. (#10933)

This fixes a "Event not signed by authorising server" error when transition room member from join -> join, e.g. when updating a display name or avatar URL for restricted rooms.
author: Patrick Cloke <clokep@users.noreply.github.com> 2021-09-30 11:13:59 -0400
committer: GitHub <noreply@github.com> 2021-09-30 11:13:59 -0400
commit: d1bf5f7c9d669fcf60aadc2c6527447adef2c43c (patch)
tree: f6d7542295976dfab5be1c7759b7a8b917eefe34 /synapse/event_auth.py
parent: Fix errors in Synapse logs from unit tests. (#10939) (diff)
download: synapse-d1bf5f7c9d669fcf60aadc2c6527447adef2c43c.tar.xz
1 files changed, 7 insertions, 5 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py
index eef354de6e..7a1adc2750 100644
--- a/synapse/event_auth.py
+++ b/synapse/event_auth.py
@@ -102,11 +102,11 @@ def validate_event_for_room_version(
         room_version_obj.msc3083_join_rules
         and event.type == EventTypes.Member
         and event.membership == Membership.JOIN
-        and "join_authorised_via_users_server" in event.content
+        and EventContentFields.AUTHORISING_USER in event.content
     )
     if is_invite_via_allow_rule:
         authoriser_domain = get_domain_from_id(
-            event.content["join_authorised_via_users_server"]
+            event.content[EventContentFields.AUTHORISING_USER]
         )
         if not event.signatures.get(authoriser_domain):
             raise AuthError(403, "Event not signed by authorising server")
@@ -413,7 +413,9 @@ def _is_membership_change_allowed(
             # Note that if the caller is in the room or invited, then they do
             # not need to meet the allow rules.
             if not caller_in_room and not caller_invited:
-                authorising_user = event.content.get("join_authorised_via_users_server")
+                authorising_user = event.content.get(
+                    EventContentFields.AUTHORISING_USER
+                )
 
                 if authorising_user is None:
                     raise AuthError(403, "Join event is missing authorising user.")
@@ -868,10 +870,10 @@ def auth_types_for_event(
                 auth_types.add(key)
 
         if room_version.msc3083_join_rules and membership == Membership.JOIN:
-            if "join_authorised_via_users_server" in event.content:
+            if EventContentFields.AUTHORISING_USER in event.content:
                 key = (
                     EventTypes.Member,
-                    event.content["join_authorised_via_users_server"],
+                    event.content[EventContentFields.AUTHORISING_USER],
                 )
                 auth_types.add(key)
author	Patrick Cloke <clokep@users.noreply.github.com>	2021-09-30 11:13:59 -0400
committer	GitHub <noreply@github.com>	2021-09-30 11:13:59 -0400
commit	d1bf5f7c9d669fcf60aadc2c6527447adef2c43c (patch)
tree	f6d7542295976dfab5be1c7759b7a8b917eefe34 /synapse/event_auth.py
parent	Fix errors in Synapse logs from unit tests. (#10939) (diff)
download	synapse-d1bf5f7c9d669fcf60aadc2c6527447adef2c43c.tar.xz