diff options
| author | Steven Hammerton <steven.hammerton@openmarket.com> | 2015-11-17 10:55:41 +0000 |
|---|---|---|
| committer | Steven Hammerton <steven.hammerton@openmarket.com> | 2015-11-17 10:55:41 +0000 |
| commit | f5e25c5f358de93f8bbba83496a44cf217ce086a (patch) | |
| tree | c01c8462aa3a004e103de4befc45b7f9206439b1 /synapse/handlers/_base.py | |
| parent | Snakes not camels (diff) | |
| parent | Merge pull request #376 from matrix-org/daniel/jenkins (diff) | |
| download | synapse-f5e25c5f358de93f8bbba83496a44cf217ce086a.tar.xz | |
Merge branch 'develop' into sh-cas-auth-via-homeserver
Diffstat (limited to 'synapse/handlers/_base.py')
| -rw-r--r-- | synapse/handlers/_base.py | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/synapse/handlers/_base.py b/synapse/handlers/_base.py index eef325a94b..6519f183df 100644 --- a/synapse/handlers/_base.py +++ b/synapse/handlers/_base.py @@ -29,6 +29,12 @@ logger = logging.getLogger(__name__) class BaseHandler(object): + """ + Common base class for the event handlers. + + :type store: synapse.storage.events.StateStore + :type state_handler: synapse.state.StateHandler + """ def __init__(self, hs): self.store = hs.get_datastore() @@ -175,6 +181,8 @@ class BaseHandler(object): if not suppress_auth: self.auth.check(event, auth_events=context.current_state) + yield self.maybe_kick_guest_users(event, context.current_state.values()) + if event.type == EventTypes.CanonicalAlias: # Check the alias is acually valid (at this time at least) room_alias_str = event.content.get("alias", None) @@ -282,3 +290,58 @@ class BaseHandler(object): federation_handler.handle_new_event( event, destinations=destinations, ) + + @defer.inlineCallbacks + def maybe_kick_guest_users(self, event, current_state): + # Technically this function invalidates current_state by changing it. + # Hopefully this isn't that important to the caller. + if event.type == EventTypes.GuestAccess: + guest_access = event.content.get("guest_access", "forbidden") + if guest_access != "can_join": + yield self.kick_guest_users(current_state) + + @defer.inlineCallbacks + def kick_guest_users(self, current_state): + for member_event in current_state: + try: + if member_event.type != EventTypes.Member: + continue + + if not self.hs.is_mine(UserID.from_string(member_event.state_key)): + continue + + if member_event.content["membership"] not in { + Membership.JOIN, + Membership.INVITE + }: + continue + + if ( + "kind" not in member_event.content + or member_event.content["kind"] != "guest" + ): + continue + + # We make the user choose to leave, rather than have the + # event-sender kick them. This is partially because we don't + # need to worry about power levels, and partially because guest + # users are a concept which doesn't hugely work over federation, + # and having homeservers have their own users leave keeps more + # of that decision-making and control local to the guest-having + # homeserver. + message_handler = self.hs.get_handlers().message_handler + yield message_handler.create_and_send_event( + { + "type": EventTypes.Member, + "state_key": member_event.state_key, + "content": { + "membership": Membership.LEAVE, + "kind": "guest" + }, + "room_id": member_event.room_id, + "sender": member_event.state_key + }, + ratelimit=False, + ) + except Exception as e: + logger.warn("Error kicking guest user: %s" % (e,)) |