diff options
| author | David Robertson <davidr@element.io> | 2023-01-31 10:57:02 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-31 10:57:02 +0000 |
| commit | a134e626e43e9c31a4618d4164ba7d6242c0f803 (patch) | |
| tree | 186eefe970b8f7d493566ec1066672c48928a590 /synapse/event_auth.py | |
| parent | Prefer `type(x) is int` to `isinstance(x, int)` (#14945) (diff) | |
| download | synapse-a134e626e43e9c31a4618d4164ba7d6242c0f803.tar.xz | |
Reject boolean power levels (#14944)
* Better test for bad values in power levels events The previous test only checked that Synapse didn't raise an exception, but didn't check that we had correctly interpreted the value of the dodgy power level. It also conflated two things: bad room notification levels, and bad user levels. There _is_ logic for converting the latter to integers, but we should test it separately. * Check we ignore types that don't convert to int * Handle `None` values in `notifications.room` * Changelog * Also test that bad values are rejected by event auth * Docstring * linter scripttttttttt * Test boolean values in PL content * Reject boolean power levels * Changelog
Diffstat (limited to 'synapse/event_auth.py')
| -rw-r--r-- | synapse/event_auth.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/synapse/event_auth.py b/synapse/event_auth.py index c4a7b16413..e0be9f88cc 100644 --- a/synapse/event_auth.py +++ b/synapse/event_auth.py @@ -875,11 +875,11 @@ def _check_power_levels( "kick", "invite", }: - if not isinstance(v, int): + if type(v) is not int: raise SynapseError(400, f"{v!r} must be an integer.") if k in {"events", "notifications", "users"}: if not isinstance(v, collections.abc.Mapping) or not all( - isinstance(v, int) for v in v.values() + type(v) is int for v in v.values() ): raise SynapseError( 400, |